Tutorial - IPv6 Address Management
Paul Wilson Director General, APNIC pwilson@apnic.net
1 Tutorial Overview
• Introduction to IP Address Management • Rationale for IPv6 • IPv6 Addressing • IPv6 Policies & Procedures • References
2 IP Address Management
3 The early years: 1981 – 1992
1981: “The assignment of numbers is also handled by Jon. If you are developing a protocol or application that will require the use of a link, socket, port, protocol, or network number please contact Jon to receive a number assignment.” (RFC 790) 4 IANA Address Consumption
16
14
12
10
8
6
4
2
0 1983 1984 1985 1986 1987 1988 1989 1990 1991
5 Global Routing Table: ’88 - ’92
9000
8000
7000
6000
5000
4000
3000
2000
1000
0 Jul-88 Jan-89 Jul-89 Jan-90 Jul-90 Jan-91 Jul-91 Jan-92 Jul-92 6 Global Routing Table: ’88 - ’92
100000
90000
80000
70000
60000
50000
40000
30000
20000
10000
0 Jan-89 Jan-90 Jan-91 Jan-92 Jan-93 Jan-94 Jan-95 Jan-96 7 The boom years: 1992 – 2001
1992: “It has become clear that … these problems are likely to become critical within the next one to three years.” (RFC1366)
“…it is [now] desirable to consider delegating the registration function to an organization in each of those geographic areas.” (RFC 1338) 8 IANA Address Consumption
16 16
14 14
12
10 various assigned 88 ripencc lacnic 66 arin apnic 44
22
00
1983 1984 1983
1984 1985 1985 1986
1987 1986 1988 1989 1990
1991 1987 1992 1993
1994 1988 1995
1996 1989 1997 1998
1999 1990 2000 2001
2002 1991 2003 2004 2005 9 Global routing table
Sustainable growth?
“Dot-Com” boom
Projected routing table growth without CIDR
CIDR deployment
10 http://bgp.potaroo.net/as1221/bgp-active.html Recent years: 2002 – 2005
2004: Establishment of the Number Resource Organisation
11 IPv4 Distribution – Global
Reserved APNIC Historical 36 16 ARIN 14% 89 6% 22 LACNIC 35% 9% 2 1%
RIPENCC 16 6%
Unused 75 29%
12 IPv4 Distribution – Regional
3.00
2.50
2.00 apnic 1.50 arin lacnic ripencc 1.00 afrinic
0.50
0.00 1999 2000 2001 2002 2003 2004 13 2005 IPv4 Allocations – Global top 10
5 4.5
4 ES 3.5 NL CA 3 FR 2.5 DE 2 KR 1.5 UK CN 1 JP 0.5 US 0 1993 199419951996 1997 1998 1999 2000 2001 2002 2003 14 2004 2005 Regional Internet Registries
15 What are RIRs?
• Regional Internet Registries • Service organisations – Industry self-regulatory structures – Non-profit, neutral and independent – Open membership-based bodies – Representative of ISPs globally • First established in early 1990’s – Voluntarily by consensus of community – To satisfy emerging technical/admin needs • In the “Internet Tradition” – Consensus-based, open and transparent
16 What do RIRs do?
• Internet resource allocation – Primarily, IP addresses – IPv4 and IPv6 – Receive resources from IANA/ICANN, and redistribute to ISPs on a regional basis – Registration services (“whois”) • Policy development and coordination – Open Policy Meetings and processes • Training and outreach – Training courses, seminars, conferences… – Liaison: IETF, ITU, APT, PITA, APEC… • Publications – Newsletters, reports, web site…
17 How do RIRs do it?
• Open and transparent processes – Decision-making – Policy development • Open participation – Democratic, bottom-up processes • Membership structure – 100% self-funded through membership fees – National Internet Registries (APNIC) • Community support (APNIC) – Training – R&D fund – Fellowships – funding received and given – Open source software contribution (GPL)
18 RIR Policy Coordination
Need Anyone can participate OPEN
Evaluate Discuss
‘BOTTOM UP’ TRANSPARENT
Implement Consensus
Internet community proposes All decisions & policies documented and approves policy & freely available to anyone 19 Rationale for IPv6
20 IPv4 Lifetime
IANA allocations RIR allocations Addresses routed
Reclamation?
Historical Data Projection
21 http://bgp.potaroo.net/ipv4 Rationale for IPv6
• IPv4 address space consumption – Now ~10 years free space remaining – Up to 17 if unused addresses reclaimed – These are today’s projections – reality will be different • Loss of “end to end” connectivity – Widespread use of NAT due to ISP policies and marketing – Additional complexity and performance degradation
22 The NAT “Problem”
The Internet
ISP 61.100.0.0/16
61.100.32.0/25 61.100.32.128 R NAT*
61.100.32.1 ..2 ..3 ..4 10.0.0.1 ..2 ..3 ..4
23 *AKA home router, ICS, firewall The NAT “Problem”
Phone Internet Network
NAT PABX 61.100.32.128 10 4567 9876 ?
10.0.0.1 Extn 10
24 NAT implications
• Breaks end-to-end network model – Some applications cannot work through NATs – Breaks end-end security (IPsec) • Requires application-level gateway (ALG) – When new application is not NAT-aware, ALG device must be upgraded – ALGs are slow and do not scale • Merging of separate private networks is difficult – Due to address clashes • See RFC2993 – Architectural Implications of NAT
25 Features of IPv6
26 IPv6 feature summary
• Increased size of address space • Header simplification • Autoconfiguration – Stateless (RFC 2462) or stateful (DHCPv6) – Facilitates renumbering • QoS – Integrated services (int-serv), Differentiated services (diff- serv and RFC2998) – RFC 3697 • IPSec – As for IPv4 • Transition techniques – Dual stack – Tunnelling
27 IPv6 addressing model
• Unicast – Single interface
• Anycast – Any one of several
• Multicast – All of a group of interfaces – Replaces IPv4 “broadcast”
• See RFC 3513
28 IPv4 vs IPv6
IPv4: 32 bits • 232 addresses = 4,294,967,296 addresses = 4 billion addresses
IPv6: 128 bits • 2128 addresses? = 340,282,366,920,938,463,463,374,607,431,770,000,000 = 340 billion billion billion billion addresses?
• No, due to IPv6 address structure…
29 IPv6 header
• IPv6 header is simpler than IPv4 – IPv4: 14 fields, variable length (20 bytes +) – IPv6: 8 fields, fixed length (40 bytes) • Header fields eliminated in IPv6 – Header Length – Identification – Flag – Fragmentation Offset – Checksum • Header fields enhanced in IPv6 – Traffic Class – Flow Label
30 IPv6 transition
• Dual stack hosts – Two TCP/IP stacks co-exists on one host – Supporting IPv4 and IPv6 – Client uses whichever protocol it wishes
? ? www.apnic.net
IPv4 Application IPv6 TCP/UDP IPv4 IPv6 Link
31 IPv6 transition
• IPv6 tunnel over IPv4
IPv4 Network IPv6 IPv6 tunnel
IPv4 Header IPv6 Header Data
IPv6 Header Data IPv6 Header Data
32 IPv6 Addressing
33 How much IPv6?
/0 /64 /128 Topological 128 bits Interface
Infrastructure Site
/0 /48 /64
• 264 “subnet” addresses = 18,446,744,073,709,551,616 = 18 billion billion subnet addresses
• 248 site addresses = 281,474,976,710,656 = 281 thousand billion site addresses
34 IPv6 address format
2001:0DA8:E800:0010208: 0b2it6s0:3EFF:FE47:0001
• 8 groups of 4 hexadecimal digits – Each group represents 16 bits – Separator is “:” – Case-independent
35 IPv6 address format
2001:0DA8:E800:0000:0260:3EFF:FE47:0000011
2001:DA8:E800:0:260:3EFF:FE47:1
2001:0DA8:E800:0000:0000:0000:0000:0001
2001:DA8:E800::1
36 IPv6 Address Structure
37 IPv6 address structure
/0 /48 /64
Infrastructure Site
InfrastructureISP Customer
/0 /32 /48
• Current ISP allocation (min) is /32 • Providing 216 = 65,536 customer site addresses • ISP allocation can be larger and can increase
• Each site address is /48 • Providing 216 = 65,536 subnet addresses
38 IPv6 – ISP addressing
• Every ISP receives a /32 (or more) – Providing 65,536 site addresses (/48)
/32
/32
/32
39 IPv6 – Site addressing
• Every “site” receives a /48 – Providing 65,536 /64 (LAN) addresses
/48
40 IPv6 – LAN addressing
• Every LAN segment receives a /64 – Providing 264 interface addresses per LAN
/64
41 IPv6 – Device addressing
• Every device interface receives a /128 – May be EUI-64 (derived from interface MAC address), random number (RFC 3041), autoconfiguration, or manual configuration
/128
/128 /128
/128
42 IPv6 Policy
43 IPv6 policy – Overview
• Policy background • Addressing structure • IPv6 utilisation – HD ratio • Initial allocation criteria • Subsequent allocation criteria • Address assignment policies • Other allocation conditions • Other policies
44 IPv6 policy – History
• IPv6 policy is “Common Policy” of all RIRs – The same policy has been adopted by all – Regional adjustment is possible • First policy published in 1999 – “Provisional IPv6 Policy” adopted by all RIRs • Policy revised in 2002 – After extensive review by all RIRs • Next policy review – Currently under discussion • Public mailing lists and documentation – See http://www.apnic.net
45 IPv6 address space management
• RIR receives allocations from IANA – Currently in /23 units (/16 proposed) • RIR makes allocation to “ISP” (or “LIR”) – ISP must demonstrate need for addresses – Policies dictate how need can be demonstrated – First allocation minimum is /32 – Subsequent allocations as needed, when current allocation is fully utilised • ISP makes assignment to customers – Including downstream ISPs • Provider-based addressing – ISP should aggregate address announcement – Customer addresses are not portable
46 IPv6 address structure
0 /64 127
Topological Interface
001 Infrastructure End Site
0 /3 /32 /48 /64
001 TLA Sub-TLA NLA SLA
47 IPv6 utilisation – HD Ratio
䇻 㻸㼑㼇㼈㼕㻃㻬㻳㼙㻗 㻏㻃㼄㼇㼇㼕㼈㼖㼖㻃㼖㼓㼄㼆㼈㻃㼘㼗㼌㼏㼌㼖㼄㼗㼌㼒㼑 㼐 㼈㼄㼖㼘㼕㼈㼇㻃㼄㼖㻃㼖㼌㼐 㼓㼏㼈㻃㼓㼈㼕㼆㼈㼑㼗㼄㼊 㼈㻝 assigned Utilisation = available
䇻 㻬㻳㼙㻗 㻃㼘㼗㼌㼏㼌㼖㼄㼗㼌㼒㼑㻃㼕㼈㼔㼘㼌㼕㼈㼐 㼈㼑㼗㻃㼌㼖㻃㻛 㻓 㻈 – 㻺 㼋㼈㼑㻃㻛 㻓 㻈 㻃㼒㼉㻃㼄㼇㼇㼕㼈㼖㼖㻃㼖㼓㼄㼆㼈㻃㼋㼄㼖㻃㼅㼈㼈㼑 㼄㼖㼖㼌㼊 㼑㼈㼇㻃㼒㼕㻃㼄㼏㼏㼒㼆㼄㼗㼈㼇㻏㻃㻯㻬㻵㻃㼐 㼄㼜㻃㼕㼈㼆㼈㼌㼙㼈㻃㼐 㼒㼕㼈 – 㻨㻑㼊 㻑㻃㻬㻶㻳㻃㼋㼄㼖㻃㼄㼖㼖㼌㼊 㼑㼈㼇㻃㻘 㻘 㻏㻓 㻓 㻓 㻃㼄㼇㼇㼕㼈㼖㼖㼈㼖㻃㼉㼕㼒㼐 㻒㻔 㻙 assigned 55,000 available = 65,536 = 84%
48 IPv6 utilisation – HD Ratio
䇻 㻸㼑㼇㼈㼕㻃㼑㼈㼚 㻃㻬㻳㼙㻙 㻃㼓㼒㼏㼌㼆㼜㻃㼘㼗㼌㼏㼌㼖㼄㼗㼌㼒㼑㻃㼌㼖 㼇㼈㼗㼈㼕㼐 㼌㼑㼈㼇㻃㼅㼜㻃㻫㻧㻐㻵㼄㼗㼌㼒㻃㻋 㻵㻩㻦㻃㻖 㻔 㻜 㻗 㻌 㻝 log(assigned ) UtilisationHD = log(available)
䇻 㻬㻳㼙㻙 㻃㼘㼗㼌㼏㼌㼖㼄㼗㼌㼒㼑㻃㼕㼈㼔㼘㼌㼕㼈㼐 㼈㼑㼗㻃㼌㼖㻃㻫㻧㻠 㻓 㻑㻛 㻓 – 㻰㼈㼄㼖㼘㼕㼈㼇㻃㼄㼆㼆㼒㼕㼇㼌㼑㼊 㻃㼗㼒㻃㼈㼑㼇㻐㼖㼌㼗㼈㻃㼄㼖㼖㼌㼊 㼑㼐 㼈㼑㼗㼖 㼒㼑㼏㼜㻃㻋 㼌㼑㼗㼈㼕㼐 㼈㼇㼌㼄㼗㼈㻃㼄㼏㼏㼒㼆㼄㼗㼌㼒㼑㼖㻃㼄㼕㼈㻃㼌㼊 㼑㼒㼕㼈㼇㻌 – 㻨㻑㼊 㻑㻃㻬㻶㻳㻃㼋㼄㼖㻃㼄㼖㼖㼌㼊 㼑㼈㼇㻃㻔 㻓 㻏㻓 㻓 㻓 㻃㼄㼇㼇㼕㼈㼖㼖㼈㼖㻃㼉㼕㼒㼐 㻒㻖 㻕 log(assigned ) log(10,000) log(available) = log(65,536) = 0.83
49 IPv6 utilisation (HD = 0.80)
100%
90%
80%
70% log(utilised ) 0.80 60% log(total ) =
50% /32
40% /16
30%
20% 10.9% 10% 1.18%
0% 48 44 40 36 32 28 24 20 16 12 8 4 0
RFC3194 “The Host-Density Ratio for Address Assignment Efficiency”
50 IPv6 utilisation (HD = 0.80)
• Percentage utilisation calculation
IPv6 Site Address Total site address Threshold Utilisation Prefix Bits in /48s (HD ratio 0.8) % /42 6 64 28 43.5 % /36 12 4096 776 18.9 % /35 13 8192 1351 16.5 % /32 16 65536 7132 10.9 % /29 19 524288 37641 7.3 % /24 24 16777216 602249 3.6 % /16 32 4294967296 50859008 1.2 % /8 40 1099511627776 4294967296 0.4 % /3 45 35184372088832 68719476736 0.4 %
51 IPv6 initial allocation criteria
• Initial allocation size is /32 – Allocated to any IPv6 LIR (ISP) planning to connect 200 End Sites within 2 years – Need not be connected to the Internet – This is the default initial allocation to “new” ISPs (“slow start” policy) • Larger initial allocations can be made if justified according to: – IPv6 network infrastructure plan – Existing IPv4 infrastructure and customer base
52 IPv6 allocation to existing network
• Existing ISP infrastructure (IPv4) – Policy assumes that transition is inevitable – Large IPv4 ISPs will receive IPv6 allocations consistent with the scale of existing networks
IPv4 IPv6
53 IPv6 allocation to existing network
• Allocation size calculated from existing IPv4 network infrastructure and customers: – 1 IPv6 /48 per customer – 1 IPv6 /48 per POP • Total allocation according to HD-ratio utilisation requirement – Eg if 500,000 /48s are required then /24 can be allocated
54 IPv6 assignments
• Default assignment /48 for all “End Sites” – Providing /16 bits of space for subnets – Each end site can have 65,536 subnets • “End Site” defined as an end user of an ISP where: • The ISP assigns address space to the end user • The ISP provides Internet transit service to the end user • The ISP advertises an aggregate prefix route that contains the end user's assignment • Multiple subnets are required • Examples – Home, small office, large office, mobile devices? – ISP POPs are also defined as End Sites
55 IPv6 assignments
• Larger assignments: Multiple /48s – Some end sites will need more than one /48 – Requests to be reviewed at RIR level • Smaller assignments: /64 – Single subnet devices should receive /64 only – e.g. simple mobile phone • Smaller assignments: /128 – Devices with no subnets should receive /128 only – E.g. remote sensor • See RFC3177 (Sep 2001)
56 IPv6 assignments
• IPv6 assignments to End Sites are used to determine utilisation of IPv6 address blocks – According to HD-Ratio – Intermediate allocation hierarchy (ie downstream ISP) not considered – All assignments must be registered – Utilisation is determined from total number of registrations • Intermediate allocation and assignment practices are the responsibility of the LIR – Downstream ISPs must be carefully managed
57 IPv6 registration
• LIR is responsible for all registrations
Registration RIR/NIR
Allocation
LIR/NIR Allocation
ISP Assignment
Assignment
58 Subsequent IPv6 allocation
• Subsequent allocation can be made when ISP’s existing address space reaches required utilisation level – i.e. HD >= 0.80 • Other address management policies must also be met – Correct registrations – Correct assignment practices etc (eg RFC 3177) • Subsequent allocation size is at least double – Resulting IPv6 Prefix is at least 1 bit shorter – Or sufficient for at least 2 years requirement
59 Other allocation conditions
• License model of allocation – Allocations are not considered permanent, but always subject to review and reclamation – Licenses renewed automatically while addresses in use, consistent with policies • Existing /35 allocations – A number of /35s have been assigned under previous “provisional” IPv6 policy – Holders of /35s are eligible to request /32
60 IPv6 IXP assignments
• Available to Internet Exchange Points as defined – Must demonstrate ‘open peering policy’ – 3 or more peers • Portable assignment size: /48 – Not to be announced – All other needs should be met through normal processes – Previous /64 holders can “upgrade” to /48
61 IPv6 critical infrastructure
• Available to facilities defined as “critical infrastructure” – Root servers – RIRs and NIRs – ccTLD registries
• Assignment size: /32
62 IPv6 experimental allocation
• Available for experimental purposes – Public experiments only – Legitimate experiments documented by RFC, I-D or other formal process – APNIC may seek independent expert advice
• Allocation size: /32 – May be larger if required – Address space must be returned after 1 year
63 IPv6 policy – Current issues
• Size of IANA allocation to RIRs – Currently under review • Size of initial allocation – /32 for normal allocations – HD-ratio applied for allocation to existing IPv4 infrastructure • HD-ratio – Is 0.8 the appropriate value? • Assignments under RFC 3177 – No experience yet • All issues can be reviewed through APNIC open policy process
64 IPv6 Policy – Summary
• IPv6 address space is easily available – Criteria may be hardened in future • Policy is subject to review – Policies evolve as experience is gained – Any member of the community may propose changes, alternatives • Public mailing lists and documentation – http://www.apnic.net/
65 References
66 APNIC References
• APNIC website – http://www.apnic.net
• APNIC IPv6 Resource Guide – http://www.apnic.net/services/ipv6_guide.html • Includes: – Policy documents – Request forms – FAQs
67 Other References
• IPv6 Forum – http://www.ipv6forum.org
• 6Bone – http://www.6bone.net
• “The case for IPv6” – http://www.6bone.net/misc/case-for-ipv6.html
68 Questions?
Paul Wilson Director General, APNIC [email protected]
69