INTERNET DRAFT Cleve Mickles(Co-Author/Editor) Document: draft-mickles-v6ops-isp-analysis-00.txt AOL Time Warner Expires: Aug 2003 February 2003 Transition Analysis for ISP Networks Status of this Memo This document is an Internet-Draft and is subject to all Provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Abstract This document provides analysis of how to transition the different types of Internet Service Provider (ISP) networks to IPv6. It will provide design recommendations which may be followed to successfully deploy IPv6 services on a network that began as an IPv4 network. This is the companion document to draft-mickles-v6ops-isp-scenarios-04.txt which provides detailed background information on all scenarios. mail list for the design team: IPV6@LISTSERV.SUP.AOL.COM Mickles, et al. Expires - Aug 2003 [Page 1] Transition Analysis for ISP Networks Feb. 2003 Table of Contents 1. Introduction................................................3 2. Scope of the document.......................................3 3. Core/Backbone Networks......................................4 3.1 IPv6 Routing Considerations..........................4 3.2 IPv6 Peering Considerations..........................5 3.3 IPv6 Transition Mechanisms...........................5 3.4 Security Considerations..............................6 3.5 Network Management...................................6 4. Broadband HFC/Coax Networks...............................7 4.1 IPv6 Routing Considerations..........................7 4.2 IPv6 Transition Mechanisms...........................7 4.3 Security Considerations..............................7 4.4 Network Management...................................7 5. Broadband DSL Networks.....................................8 5.1 IPv6 Routing Considerations..........................8 5.2 IPv6 Transition Mechanisms...........................8 5.3 Security Considerations..............................8 5.4 Network Management...................................8 6. Narrowband Dialup Networks.................................9 6.1 IPv6 Routing Considerations..........................9 6.2 IPv6 Transition Mechanisms..........................10 6.3 Security Considerations.............................10 6.4 Network Management..................................10 7. Public Wireless LAN.......................................11 7.1 IPv6 Routing Considerations.........................11 7.2 IPv6 Transition Mechanisms..........................11 7.3 Security Considerations.............................11 7.4 Network Management..................................11 8. Broadband Ethernet .......................................12 8.1 IPv6 Routing Considerations.........................12 8.2 IPv6 Transition Mechanisms..........................12 8.3 Security Considerations.............................12 8.4 Network Management..................................12 9. Internet Exchange Point...................................13 9.1 IPv6 Routing Considerations.........................13 9.2 IPv6 Transition Mechanisms..........................13 9.3 Security Considerations.............................13 9.4 Network Management..................................13 10.0 Security Considerations...................................14 11.0 Network Management Considerations.........................14 Acknowledgements..................................................14 References........................................................14 Terminology.......................................................14 Author's Addresses................................................15 Copyright (C) The Internet Society (2003). All Rights Reserved. Mickles, et al. Expires - Aug 2003 [Page 2] Transition Analysis for ISP Networks Feb. 2003 1. Introduction This document will provide analysis and recommendations for ISPs to use in transitioning their existing IPv4 networks to IPv6. It will show how existing mechanisms can be used to enable IPv6 capabilities over IP networking components and highlight any known challenges that may arise during a network transition. 2. Scope of the document The scope of this document is to cover the major topics ISPs must consider in transitioning their IP networks to IPv6. It is not meant to address every detail provided in the scenario document, but will highlight those details which are most important to the transition. Mickles, et al. Expires - Aug 2003 [Page 3] Transition Analysis for ISP Networks Feb. 2003 3. Core/Backbone Networks Transition to IPv6 in the Core network can be done in multiple ways. The mechanisms discussed below are well known and the discussion will be scoped based on the general topology below in figure 3.1 Trunks to remote sites ^ ^ | | / / / / /\/ / / /\/ / / ____/____ ____/____ | | | | | CORE1 | | CORE2 | |_________| |_________| ____________/ | \ | | | / | \ | | | / +===========|===\=========+ | | | / | +=\==========+ | ___|_/_ ___|_/_ \ _____|_ | | | | \____| | | BDR1 | | BDR2 | | BDR(n)| |_______| |_______| |_______|\ | | | \ | | | \ | | | \_Peering( Direct & IX ) | | | ___|___ ___|__ ___|___ | | | | | | | CPE1 | | CPE2 | | CPE(n)| |_______| |______| |_______| Figure 3.1 3.1 IPv6 Routing Considerations In this section we will discuss considerations for the IPv6 in the internal network as well as the external networking issues. Since IPv4 exists in the Core IGP, IPv6 capabilities must be added Mickles, et al. Expires - Aug 2003 [Page 4] Transition Analysis for ISP Networks Feb. 2003 while maintaining IPv4 reachability. In essence two IGP protocols will exist in one routing domain. This mode is generally referred to as dual-stack mode or "ships in the night" mode. This is not an entirely new function of routers since running multiple routing protocols on routers has been a fairly common practice. The limitations for this practice include CPU power and memory. To add IPv6 capability to the core network, IPv6 routes must be present in the IGP. The choices of IGP for IPv6 networking include ISIS and RIPv2. Ripv2 is the simplest solution. ISIS has the advantage of being able to carry both IPv4 and IPv6 routes in one IGP. OSPFv3 is a potential solution but is not currently available and similar to RIPv2 in that it is not backward compatible with OSPFv1 which supports IPv4 routes. For networks which use OSPF as its IGP for IPv4 routes, the recommendation is to continue carrying IPv4 routes in OSPFv1 and configure IPv6 routes in ISIS. For networks which use ISIS, the recommendation is to add IPv6 routes to the existing IGP and run IPv4 and IPv6 integrated within ISIS. As the IPv6 network grows, there will exist routers which are only reachable via IPv6. 3.2 IPv6 Peering Considerations Generally peering is done on border routers. The two choices for IPv6 peering include deploying a separate border router for external IPv6 peering or converting existing IPv4 peering routers to support IPv6 and IPv4 peering. In both cases the border routers will exchange IPv6 reachability information using its IGP. To exchange IPv6 traffic over an EGP boundary, the routing protocol of choice remains BGP. The EGP boundary can be established using either physical circuits or tunneled circuits which are discussed below. The routing table for IPv6 routes is separate from the table for Ipv4 routes. 3.3 IPv6 Transition Mechanisms Once basic decisions about deploying IPv6 services have been determined how to establish connectivity between IPv6 nodes is the next step. Since the transition assumes an IPv4 network exists, there will be transitional nodes which operate in dual stack mode. There are two choices that may be used to inteconnect IPv6 capable nodes. The first is to use physical links between nodes. Mickles, et al. Expires - Aug 2003 [Page 5] Transition Analysis for ISP Networks Feb. 2003 This has been standard procedure in networking. Point-to-point or LAN media may be used to establish connectivity and IPv6 addressing is configured over the link. The second choice is to use "IPv4 over IPv4" tunneling mechanisms to route IPv6 traffic over IPv4 networks. 3.4 Network Management Since NM systems are used to monitor and configure networks, the ability for NM systems to manage IPv6 capable routers must be maintained. While NM systems will reach dual stack routers over the IPv4 path, there will be routers which are only reacheable via IPv6 and therefore NM systems must have an IPv6 presence to manage those devices 3.5 Security Considerations Route filtering techniques should continue to be done for IPv6. IPv6 networks are open to hacking attempts just as IPv4 networks, but the number of potential devices on a network make random port scaning less effective. Mickles, et al. Expires - Aug 2003 [Page 6] Transition Analysis for ISP Networks Feb. 2003 4. Broadband HFC/Coax Networks This section describes the infrastructure that exists in today's HFC cable networks that support cable modem services to the home. Since many cable providers are regional they generally have used the backbone ISP networks for transit IP services beyond their region. +-----------+ | | | | /-----+ | +--------+ WAN <------+ CMTS |<========>| Modem |<===> CPE \-----+ | Cable +--------+ | | | | Network | | | | | | +-----------+ | | | +-------------------+------------------+ | "Transparent IP Traffic Through the System" Figure 4.2.2 4.1 IPv6 Routing Considerations 4.2 IPv6 Transition Mechanisms 4.2.1 Dual Stack Mode 4.2.2 Tunneling 4.2.3 Physical 4.3 Network Management 4.4 Security Considerations Mickles, et al. Expires - Aug 2003 [Page 7] Transition Analysis for ISP Networks Feb. 2003 5. Broadband DSL Networks This section describes the infrastructure that exists in todays High Speed DSL Networks. Customer Premises | Network Access Provider | Network Service Provider CP NAP NSP +-----+ +-----+ +-----+ |Hosts|--| DSL +-------+DSLAM| +-----+ |Modem| | +----+ +-----+ +-----+ | | +-----+ +------+ | +-----+ +-------+ |Hosts|--|Router| +--+ BAS +----+ ISP | ISP +-----+ +--+---+ +--+ | | Edge +===> Network | | +-----+ | Router| +--+--+ | +-------+ | DSL +---+ | |Modem| | | +-----+ | | | +-----+ | +-----+ +------+ +---+DSLAM+----+ |Hosts|--|Router| +---+ | +-----+ +--+---+ | +-----+ | | +--+--+ | | DSL +---+ |Modem| +-----+ Figure 5.1 5.1 IPv6 Routing Considerations 5.2 IPv6 Transition Mechanisms 5.2.1 Dual Stack Mode 5.2.2 Tunneling 5.3 Network Management 5.4 Security Considerations Mickles, et al. Expires - Aug 2003 [Page 8] Transition Analysis for ISP Networks Feb. 2003 6. Narrowband Dialup Networks Transitioning the dial up ISP to IPv6 is somewhat straight forward since the major network devices in this model reside on a single LAN. +-----+ +------+ +------+ |Hosts|--| 56K +-------+Modem | +----------+ +-----+ |Modem | |Bank +----------+ ISP 1 | NSP 1 +------+ +------+ | Edge +=====> Network | | | Router | | | +----------+ | | | | +----------+ +-------+ +----------+ ISP 2 | NSP 2 |Radius | | | Edge +=====> Network |Server | | | Router | +-------+ | +----------+ | | +----------+ +----------+ ISP 3 | NSP 3 | Edge +=====> Network | Router | +----------+ Figure 6.1 6.1 IPv6 Routing Considerations To establish IPv6 connectivity in the dial up environment, the devices between the end user host and NSP Network router must be IPv6 capable. The ISP edge router must be a dual-stack router. The ISP edge router should have an IPv6 default route for global IPv6 reachability. This can be accomplished via the existing physical circuit to the NSP router if the NSP supports IPv6 or to a separate NSP' which supports IPv6. An additional alternative is for the ISP router to tunnel IPv6 traffic over IPv4 to an IPv6 router with global IPv6 reachability. Mickles, et al. Expires - Aug 2003 [Page 9] Transition Analysis for ISP Networks Feb. 2003 6.2 IPv6 Transition Mechanisms In the dial up ISP environment the devices between the ISP router and host appear to reside on the same LAN. Therefore the devices on the LAN must support IPv6. 6.3 Network Management Since NM systems are used to monitor and configure networks, the ability for NM systems to manage IPv6 capable devices must be maintained. While NM systems will reach dual stack devices over the IPv4 path, there will be devices which are only reacheable via IPv6 and therefore NM systems must have an IPv6 presence to manage those devices. 6.4 Security Considerations Route filtering techniques should continue to be done for IPv6. IPv6 networks are open to hacking attempts just as IPv4 networks, but the number of potential devices on a network make random port scaning less effective. Mickles, et al. Expires - Aug 2003 [Page 10] Transition Analysis for ISP Networks Feb. 2003 7. Public Wireless LAN This section describes the infrastructure that exists in today's public wireless LAN services. +-------+ | AAA | | Radius| | TACACS| '---' +-------+ ( ) | +-----+ (Wireless) +----+ /------------\ +-------+ |Hosts+--( LAN )---| AP |----| Underlying \--- | ISP |=>Core +-----+ ( ) +----+ \ technology | | Edge | ( ) \-----------/ | Router| '---' +-------+ Figure 7.1.1. Physical architecture of WLAN model. 7.1 IPv6 Routing Considerations 7.2 IPv6 Transition Mechanisms 7.2.1 Dual Stack Mode 7.2.2 Tunneling 7.3 Network Management 7.4 Security Considerations Mickles, et al. Expires - Aug 2003 [Page 11] Transition Analysis for ISP Networks Feb. 2003 8.0 Broadband Ethernet This section provides recommendations on how to transition Ethernet based residential access networks to IPv6. 8.1 IPv6 Routing Considerations 8.2 IPv6 Transition Mechanisms 8.2.1 Dual Stack Mode 8.2.2 Tunneling 8.3 Network Management 8.4 Security Considerations Mickles, et al. Expires - Aug 2003 [Page 12] Transition Analysis for ISP Networks Feb. 2003 9.0 Internet Exchange (IX) This section provides recommendations on how to transition IPv4 Internet exchanges (IX) to IPv6 exchanges. ______________ ____________ +----+ / \ / \ / | +-( LHP2 router ) ( LHP1 router )+ +--+----+ / \______________/ \____________/ | |----+ +---| L2 SW | ______________ / | |-+ ______________ / \+ +---+---+ \ / \ ( LHP3 router ) | +( LHP4 router ) \______________/ | \______________/ +---+----+ | | ____________ | IX | / \ | router +------(IX subscriber ) | | \____________/ +--------+ Figure 9.1 9.1 IPv6 Routing Considerations 9.2 IPv6 Transition Mechanisms 9.2.1 Dual Stack Mode 9.2.2 Tunneling 9.3 Network Management 9.4 Security Considerations Mickles, et al. Expires - Aug 2003 [Page 13] Transition Analysis for ISP Networks Feb. 2003 10. SECURITY CONSIDERATIONS Security concerns will be described within the context of each scenario. After the various scenarios are documented, a summarized section including all of the security considerations may be provided. 11. NETWORK MANAGEMENT CONSIDERATIONS Network Management concerns will be described within the context of each scenario. After the various scenarios are documented, a summarized section including all of the Network Management considerations may be provided. ACKNOWLEDGEMENTS [1] The comments from the V6OPS working group are appreciated. REFERENCES [ISP Scenarios] Mickles, C., et al: "Transition Scenarios for ISP Networks", February 2003, draft-mickles-v6ops-isp-scenario-04.txt, work in progress. [3gpp analysis] Wiljakka, J., et al: "Analysis on IPv6 Transition in 3GPP Networks", January 2003, draft-ietf-v6ops-3gpp-analysis-01.txt, work in progress. [Unman Scenarios] Huitema, C., et al: "Unmanaged Networks IPv6 Transition Scenarios", January 2003, draft-ietf-v6ops-unman-scenarios-00.txt, work in progress. TERMS AND ACRONYMS Mickles, et al. Expires - Aug 2003 [Page 14] Transition Analysis for ISP Networks Feb. 2003 Author's Addresses Vladimir Ksinant 6Wind 1 place Charles de Gaulle - 78180 Phone: +33139309236 Montigny Le Bretonneux - France Email:vladimir.ksinant@6wind.com Jae-Hwoon Lee Dongguk Univ. 26, 3 Pil-Dong, Chung-gu, Phone: +82 2 2260 3849 Seoul 100-715, Korea Email: jaehwoon@dgu.ac.kr Myung-Ki Shin ETRI PEC 161 Kajong-Dong, Yusong-Gu, Phone: +82 42 860 4847 Taejon 305-350, Korea Email: mkshin@pec.etri.re.kr Aidan Williams Motorola Australian Research Centre Locked Bag 5028 Phone: +61 2 9666 0500 Botany, NSW 1455 Email: Aidan.Williams@motorola.com Australia URI: http://www.motorola.com.au/marc/ Alain Baudot France Telecom R&D 42, rue des coutures Phone: +33 2.31.75.94.27 BP 6243 Email: alain.baudot@rd.francetelecom.com 14066 Caen, FRANCE Mikael Lind Telia Research Vitsandsgatan 9B 123 86 Farsta Phone: +46 70 2406140 Sweden Email: Mikael.e.lind@telia.se Cleveland Mickles America Online, Inc (owned by AOL Time Warner) 12100 Sunrise Valley Drive. Phone: +1 703-265-5618 Reston, VA 20191, USA Email: micklesc@aol.net Mickles, et al. Expires - Aug 2003 [Page 15]