IPv6 at Facebook
16
World IPv6 Day and IPv6 at Facebook Diego Veca - [email protected] Network Engineering Team - Facebook May 2011 LACNIC XV - Latin American IPv6 Forum – FLIP6
Transcript of IPv6 at Facebook
World IPv6 Day andIPv6 at Facebook
Diego Veca - [email protected] Engineering Team - FacebookMay 2011LACNIC XV - Latin American IPv6 Forum – FLIP6
World IPv6 Day: 8 June 2011▪ Open to everyone
▪ Encouraged by ISPs, mobile companies, websites, content providers
▪ Global awareness for users, ISPs
▪ First, global test-flight of v6
▪ Synchronized operations, controlled environment
▪ Breaks chicken-and-egg situation
▪ Opportunity to fix hardware/software bugs before June-8
Announced by Facebook, Google, Yahoo!, Akamai, Limelight
Direct v4 connection
Credit: L. Colitti, “The path to IPv6”, Google
v4 with LSN
Credit: L. Colitti, “The path to IPv6”, Google
LSNNAT44
LSNNAT64
New v4 users New v6 usersLegacy v4
users
www.facebook.com
IPv4 IPv6
Large scale NAT
LSN IPv6
Adds a device between user and websites
Provides direct, native http connection like today
Off-path detour and load on translator adds latency
Shortest path, No added latency
1000s of users share one IP address One address per user (or household)
Single attacker can poison an address shared by 1000s of users, Attackers can hide easily
Same security model as today
Unknown location and uptime of LSN devices
Same SLA model as today
Comparison: Large Scale NAT vs. End-to-end IPv6
Goals for Facebook’s IPv6 implementation▪ Serve Facebook application to
v6 users
▪ Deploy IS-IS early
▪ Go dual-stack on routers
▪ Make no changes to servers
▪ Start with two projects
▪ Chicago: Native v6
▪ Cakewalk: LISP for v6
Data center
Production network
EdgeFB Backbone
Edge
Data centerData center
Data centerData center
ServersLoad
BalancersSwitches
Solutions deployed
Data centerEdgeFB Backbone
Edge
Data centerData center
Data centerData center
ServersLoad
BalancersSwitches
v6 transit,peers
v6 LB, addresstranslation
Dual-stackIS-IS, BGP
Dual-stackclusters
Dual-stackservers
v6-enabledapplications
LB address translation
Public v4 Public v6
FB BBdual-stack v4+v6
v4 hosts(for now)
Data center
LB
v6v6 → v4 address translation
2620:0:1c08:0:face:b00c::1 → 10.1.1.1
v6 from a network engineer viewNetworkHierarchy
Devices Solutions Deployment
Edge Routers Transit, peering Day 1, then organic
Backbone Routers Routing protocols Organic
Data center Switches, load balancers (LB)
Address translation Enough for W6D and initial v6 use
Host Servers No change in most cases, dual-stack for development
Minimal (development hosts and apps)
Opening the floodgates
Opening the floodgates▪ Understanding the blast radius
of AAAA on broken clients
▪ Good instrumentation of user experience
▪ Testing
▪ Communication
▪ Taking the leap in doses
▪ Analysis
▪ Iteration
World IPv6 Day8 June 2011
Ongoing and future initiatives▪ Code
▪ Logging
▪ Geo-location
▪ Tools
▪ CDN
▪ Broken clients
▪ Detection
▪ Repair
www.v6.facebook.comm.v6.facebook.com
www.lisp6.facebook.comm.lisp6.facebook.com
Experimental, non-production
Make your next status update over IPv6
Good report: http://fud.no/ipv6 (Tore Anderson, Oct-2010)
(c) 2009 Facebook, Inc. or its licensors. "Facebook" is a registered trademark of Facebook, Inc.. All rights reserved. 1.0
