Scribd
Upload
37 views17 pages

IPv6-Only Data Center - Introduction

The document discusses the transition to IPv6-only data centers, highlighting the importance of IPv6 for content delivery and the challenges posed by NAT. It features insights from experts Tore Anderson and Ivan Pepelnjak, who emphasize the readiness of major content providers for IPv6 and the need for businesses to adopt IPv6 to avoid performance issues. The document also outlines typical migration steps and the advantages of an IPv6-only architecture, including improved scalability and end-to-end visibility.

Uploaded by

Jokebed Grace Ebenezer
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
37 views17 pages

IPv6-Only Data Center - Introduction

The document discusses the transition to IPv6-only data centers, highlighting the importance of IPv6 for content delivery and the challenges posed by NAT. It features insights from experts Tore Anderson and Ivan Pepelnjak, who emphasize the readiness of major content providers for IPv6 and the need for businesses to adopt IPv6 to avoid performance issues. The document also outlines typical migration steps and the advantages of an IPv6-only architecture, including improved scalability and end-to-end visibility.

Uploaded by

Jokebed Grace Ebenezer
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

IPv6-Only Data Centers

Tore Anderson (tore@[Link])


Redpill Linpro

Ivan Pepelnjak (ip@[Link])


NIL Data Communications
Who Is Tore Anderson (@toreanderson)
• UNIX systems administrator and network
engineer since 2001
• Infrastructure Manager at Redpill Linpro –
open source focused Managed Services
Provider operating in the Nordic countries
• Main responsibilities at work include:
– Data centre and backbone network architecture
and operations
– RIPE LIR operations
– Data centre design and site management (not just networking)
– Server/blade infrastructure and automation
– IP/FC networked block and file storage system
• Tech hobbies and affiliations:
– IPv6 evangelist since 2008
– Participant in RIPE, IETF, the Norwegian IPv6 Forum, and a bunch of other
network operator and open-source communities * Living in Oslo, Norway

2 © [Link] / NIL Data Communications 2013 IPv6-Only Data Centers


Who Is Ivan Pepelnjak (@ioshints)
• Networking engineer since 1985
• Technical director, later Chief Technology Advisor
@ NIL Data Communications
• Consultant, blogger ([Link]), book
and webinar author
• Currently teaching “Scalable Web Application
Design” at University of Ljubljana

Focus:
• Large-scale data centers and network virtualization
• Networking solutions for cloud computing
• Scalable application design
• Core IP routing/MPLS, IPv6, VPN

3 © [Link] / NIL Data Communications 2013 IPv6-Only Data Centers


The Bigger Picture: IPv6 Webinars on [Link]

IPv6-Only Data Centers

IPv6 Transition Mechanisms IPv6 Security

Building Large IPv6 Service Provider Networks

Service Provider IPv6


Enterprise IPv6 – First Steps
Introduction

Availability Other options


• Live sessions • Customized webinars
• Recordings of individual webinars • ExpertExpress
• Yearly subscription • On-site workshops

4 More information
© [Link] @2013[Link]
/ NIL Data Communications IPv6-Only Data Centers
Past Predictions

• We’ll run out of IPv4 addresses 


Special thanks to
• IPv6-only mobile devices 

• Majority of the content will be on IPv6 

• CGN will be expensive and thus


avoided and/or neglected

You must take control of your content


5 © [Link] / NIL Data Communications 2013 IPv6-Only Data Centers
IPv6 Is Enticing for ISPs
Source: [Link]
[Link]

Source: [Link]/ipv6/statistics

16 © [Link] / NIL Data Communications 2013 IPv6-Only Data Centers


Major Content Providers Are Ready

Source: [Link]

7 Content:
© [Link] / weighted
NIL Data Communicationsreadiness
2013 (by pageviews)
IPv6-Only Data Centers of top-500 Alexa web sites
The Harsh Reality
Content and CDN providers are ready
• Google, Facebook, Yahoo, Wikipedia, Netflix (1)
• Akamai, Limelight, Edgecast, Cloudflare (2)

NAT will break things


• Limited number of connections per client
• NAT64 breaks IPv4 URL literals
• uPnP and peer-to-peer applications have problems with NAT444

Customers will not tolerate broken content, they will move on to


content that works.
(1)
T-mobile USA
Source: [Link]
(2) [Link]

8 It’s ©in your


[Link] best
/ NIL Data interest
Communications 2013 to make your
IPv6-Only content available on IPv6
Data Centers
IPv6-Enabling a “Typical” Application Stack

Outside

NAT-PT
Web servers App servers DB servers

Typical “reasoning”
• Someone high enough asked us to make content available on IPv6
• We don’t know a thing about this new protocol
• Deploying IPv6 on load balancers or firewalls is too risky

Don’t even think about doing this!


9 © [Link] / NIL Data Communications 2013 IPv6-Only Data Centers
Typical Steps
• IPv4 only Losing control of user experience

• NAT64 Why are we having performance issues?

• SLB64 Darn, we lost client IP addresses

• Dual-stack servers Ouch, this is complex

• IPv6-only servers with SLB46


• IPv6-only data center with NAT46
• No IPv4 ... in a universe far far away

610 © [Link] / NIL Data Communications 2013 IPv6-Only Data Centers


Let Me Recap

IPv4 only

NAT64 in DMZ

SLB64, IPv4-only servers


SLB44, SLB66, dual-stack servers
SLB46, IPv6-only servers
NAT46, SLB66, IPv6-only servers

IPv6 only

How many migrations do you want to do in the next 5 years?


111 © [Link] / NIL Data Communications 2013 IPv6-Only Data Centers
Skip the Migrations: IPv6-Only Data Center

Outside

NAT46
Web servers App servers DB servers

• IPv6-only data center, NAT46 on the edge


• Source IPv4 address mapped into source IPv6 address
• Stateless L3-only translation (easy scaling and redundancy)
• End-to-end visibility is retained, no problems with SSL termination

Can we do it?
12 © [Link] / NIL Data Communications 2013 IPv6-Only Data Centers
Most Applications Are Ready For IPv6

• Some applications will never be IPv6- Component IPv6-ready?


ready (ex: SNA applications in
COBOL) Operating system 
• Check back-end use of IP addresses Web servers 
• Make sure you’re using DNS names Programming 
not IP addresses in your code languages
• Check IPv4 literals in your URLs Databases 
Clusters 
Proxy servers 
Caching servers 
Load balancers 

You’re running out of excuses ;)


13 © [Link] / NIL Data Communications 2013 IPv6-Only Data Centers
State of Data Center Infrastructure

Component Cisco Juniper HP Arista Brocade F5


Firewalls   
Load   
balancers
Core switches     Not on
VDX
ToR switches     

Don’t trust me (or the vendors) – do your own performance tests

Big offenders: major virtualization vendors


• Juniper’s vGW has full IPv6 support in release 5.5
• Hyper-V 3.0 Network Virtualization has full IPv6 support
• No IPv6 support in VMware’s or Cisco’s virtual security products

Hint:
14 Microsoft
© [Link] warns
/ NIL Data Communications 2013 against IPv6-Only
disablingData Centers IPv6 on Windows 2008 servers
Do We Have the Magic NAT46 Box?

Short answer: not yet


Outside Data center

Implementation options:
• Stateless NAT64  routing challenges
• SLB46 with custom NAT rules 
NAT46

per-session state
• TAYGA on Linux

15 © [Link] / NIL Data Communications 2013 IPv6-Only Data Centers


Sample IPv6-Only Web Site

16 © [Link] / NIL Data Communications 2013 IPv6-Only Data Centers


Questions?

Paperwork issues
• Follow-up email
• Please fill in the evaluation form (waiting in your
browser)
• Recording available within 24 hours
• PDF materials always available for download
• Please spread the word!

Send them to ip@[Link] or @ioshints

17 © [Link] / NIL Data Communications 2013 IPv6-Only Data Centers

You might also like