Post on 16-Aug-2020
Indonesia IPv6 Update
APAN Meeting Hanoi APAN Meeting Hanoi
2010Affan Basalamahaffan@itb.ac.id
Outline
• History of IPv6 in Indonesia REN• IPv6 Adoption in ITB• Plan on IPv6 Adoption in INHERENT
HISTORY OF IPV6 ON INDONESIA
REN
History of IPv6 on Indonesia REN
(1)• 1998:
� IPv6 Experiment in ITB using FreeBSD and INRIA IPv6 stack,
� pTLA 3ffe:0501::/32, sTLA 2001:200:0830::/48� pTLA 3ffe:0501::/32, sTLA 2001:200:0830::/48
• 2000: � Connect to AI3-JP with FreeBSD and KAME
IPv6 stack, 2001:d30:3::/48
• 2002:� First IPv6 Books in Indonesia by ITB students
• 2003:� Start of IPv6 deployment on ITB campus
after Advanced Network Course by SOI-ASIA
History of IPv6 on Indonesia REN
(2)
ASIA
• 2005: � IPv6 Multicast video conference & e-
learning with SOI-ASIA
• 2007:� ITB get 2403:8000::/32 address from
APNIC� TEIN2 IPv6 Connectivity
History of IPv6 on Indonesia REN
(3)
� TEIN2 IPv6 Connectivity
• 2008 - 2010:� ITB IPv6 connection to multiple networks
(AI3, OpenIXP, TEIN3, tunnel to he.net)
Current Indonesia IPv6
Allocation• Indonesian IPv6 allocation
� http://www.sixxs.net/tools/grh/dfp/all/?country=id
• 31 visible, 85 assigned per 11 Aug 2010• 31 visible, 85 assigned per 11 Aug 2010• 12 universities
� 3 /32 allocation, 9 /48 allocation
IPV6 ADOPTION IN ITB CAMPUS
Campus Network
IPv6 on Access Network
• 802.1Q Trunk VLAN to distribute IPv6 subnet via Router Advertisement (RA)
IPv4-only
Layer 2 Switch
Layer 2 Switch
Layer 2 Switch
IPv4-only
Layer 3 SwitchPC
PC
PC802.1Q Trunk
IPv4-only
Layer 3 Switch
IPv6
PC Router
IPv6 on Core Network
• PC Router with VLAN interface• OSPFv3
IPv4-only
Layer 3 Switch
IPv6
PC Router-1
IPv4-only
Layer 3 Switch
IPv4-only
Layer 3 Switch
IPv6
PC Router-2IPv6
PC Router-3
Tunnel & VLAN
IPv6 on Edge Network
• PC Router with IPv4-only Layer 3 Switch
IPv6 Gateway
IPv6
Network
IPv4-only
Layer 3 Switch
IPv6
PC Router-1
IPv6 Gateway
PC Router
• IPv6 address-family to all eBGP peers
IPv6 External Connection
Internet
he.net
Hong Kong
IPv6 BGP
Tunnel
INHERENT
AS18007ITB
AS4796
TEIN3
AS24489
Internet
via
LintasArta
AS4800
OpenIXP
AS7717
IPv6 Routing Implementation
• FreeBSD/Linux-based PC Router (pre-2010)� Quagga Routing Suite� RIPng � OSPFv3� RIPng � OSPFv3� BGP
• Dedicated Core Router/Switches (2010)� Cisco Catalyst 6500 w/ Sup720-3B &
Sup32� Juniper SRX650
IPv6 Application in ITB
• Operating System • DNS• WWW & FTP Server• Mail Exchange Server• Mail Exchange Server• Web Cache Proxy• Multicast Stream
Operating System for Server
• FreeBSD 8.x, 7.x, dan 6.x• CentOS Linux 5.x• OpenSolaris 2009.x• Windows Server 2003• Windows Server 2003
Domain Name System (DNS)
• BIND 9.6.x• Forward zone
� AAAA record for MX & selected Server
• Reverse zone• Reverse zone� PTR record for 2403:8000::/32 delegated
from APNIC
Web Server
• Apache Web Server 2.2.x� Serve IPv4 and IPv6 at the same time
• IPv6 PHP script to detect v6 client• Website IPv6 ITB• Website IPv6 ITB
� http://www.itb.ac.id� http://ipv6.itb.ac.id
ITB Official Website
Mail Exchange (MX) Server
• Postfix 2.7• mx[1-4].itb.ac.id • http://www.postfix.org/IPV6_README.h
tmltml
Web Cache Proxy Server
• Squid 3.1• Web Cache Parenting over IPv6
� to WIDE Project Japan
• Some IPv6 content observed• Some IPv6 content observed� Google IPv6� Youtube IPv6
• Serving IPv6 client in ITB• User Authentication with LDAP
Access.log Squid IPv6
Multicast Stream
• VLC � IPv6 Unicast� IPv6 Multicast
• Dokodemo SOI-ASIA • Dokodemo SOI-ASIA (http://dokodemo.soi.asia)� Allows regular IPv4 desktop to do VPN
dial and access IPv6 multicast video conference
Dokodemo
PLAN ON IPV6 ADOPTION IN
INHERENT
Plans for IPv6 Adoption
• IPv6 Forum Indonesia• IPv6 Apps Delivery Controller
Evaluation• IPv6 Deployment on INHERENT• IPv6 Deployment on INHERENT
IPv6 Forum Indonesia
• Initiated in IPv6 Summit June 2010, Bali• I’m working as VP Research &
Application• http://www.ipv6forum.or.id• http://www.ipv6forum.or.id
IPv6 Summit 2010 Bali
IPv6 SLB Evaluation
• ITB has just bought ServerIron ADX1000
• IPv6 SLB that can translate:� v6 client – v6 server� v6 client – v6 server� v6 client – v6/v4 server� v6 client – v4 server
Why evaluate IPv6 SLB?
• Hoping to solve questions:� Which is comes first, network or application?� What is IPv6 killer apps?
• How it’s going to solve:• How it’s going to solve:� IPv4 killer apps can directly migrated to IPv6� No apps rewrite or migration
• At least in the theory� Evaluation in the real world will tell you
IPv6 Deployment in
INHERENT
INHERENT Network Status (1)
• 32 major sites (local nodes) in each province in Public University
• Inter-university connection � 1 Gbps metro, STM-1, LC and satellite� 1 Gbps metro, STM-1, LC and satellite
• Other public/private universities in the province connected to local node� 1 Gbps metro or 512k DSL
INHERENT Network Status (2)
• IPv4-only network• BGP Private AS in each major sites• Grouped together with BGP
ConfederationConfederation� become AS18007
• BGP peering with:� Universities which has Public IP/ASN� Advertising prefixes to TEIN3
Plan on INHERENT IPv6 (1)
• Will use temporary /35 address from ITB� 2403:8000:8000::/35� /40 to each local node� /40 to each local node� /48 to each university
• Will ask for permanent IPv6 address from IDNIC
Plan on INHERENT IPv6 (2)
• 6 – 12 month timeframe• Plans:
� Human Resources Development� Address allocation design� Address allocation design� Network Deployment plan� Application Deployment plan� Human Resources Development (again)
Network Deployment Plan
• Get address allocation• Enabling IPv6 on router• Configure IPv6 on network interface
� Loopback + WAN+LAN Interface� Loopback + WAN+LAN Interface
• Configure IPv6 routing� Static, OSPF, BGP� Tunneling if necessary
• IPv6 network verification
Application Deployment Plan
• Basic application deployment� DNS� IPv6 Tunneling to external network� Web Server� Web Server
• Advanced application deployment� Proxy cache network over IPv6� IPv6 Multicast
Human Resource
Development• Make people aware about IPv6• Before & after deployment plan
� Hold the momentum after deployment• To answer the question “now what?”• To answer the question “now what?”
• Plans:� Give information about IPv6 in Indonesian• Books, blogs, tutorials
• I think it’s much harder than to setup the IPv6 network itself ☺
Thanks!Thanks!