1 APNIC26 Network Jonny Martin [email protected] 1.
-
Upload
vivien-jocelin-howard -
Category
Documents
-
view
226 -
download
1
Transcript of 1 APNIC26 Network Jonny Martin [email protected] 1.
![Page 2: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/2.jpg)
2
Network Details
Dark fibre:§ 1Gbit/s from FX Networks’ Christchurch POP to Convention
Centre
§ 1Gbit/s from Convention Centre to Crowne Plaza
Transit:§ 20Mbit/s domestically
§ 10Mbit/s international
Hardware:§ 7204VXR conference trouter
Force10 S50 main switch, Cisco 2950 distribution switches
2
![Page 3: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/3.jpg)
3
What went wrong?!
Rogue IPv6 RA
IPv6 RA leakage
IPv6 MTU/Fragmentation
IPv6 prefix reach-ability not so good in Europe
Wireless Interference
Venue coffee not up to scratch
3
![Page 4: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/4.jpg)
4
IPv6 Rogue RA
During the first day, a rogue RA was noticed. § Sharing both a 6to4 tunnel, and their own 6over4 tunnel.
§ It appeared to all clients to be native connectivity.
§ Clients were preferring these routes over the conference network due to the route selection.
To fix this issue, we had to;§ Track down the MAC address.
• tcpdump/wireshark are helpful.
§ Filter the offending MAC address from the Xirrus Radio.
Filter the offending MAC address from the Mikrotik Radio.
4
![Page 5: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/5.jpg)
5
IPv6 RA Leakage
Router Switch
Xirrus
Trunk
Trunk
APNIC26APNIC26-v6-XP APNIC26-v6
![Page 6: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/6.jpg)
6
IPv6 RA Leakage
IPv6 RA leakage§ The Xirrus radio was leaking IPv6 RA between the VLANs
• This caused issues with machines having three subnets locally connected, and were not always sourcing the IPv6 traffic from the correct interface.
§ Upgraded the radio software to allow “IPv6 passthrough”
§ Ultimately, ran a single IPv6 network through the radio.
6
![Page 7: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/7.jpg)
7
IPv6 MTU/Fragmentation
During the test, some sites didn’t work, such as www.kame.net.§ This was due to the internal IPv6 network being configured
with a 1500 Byte MTU, and a tunnel that had an encapsulated size of the same. Not going to work without fragmentation.
Solutions§ Native IPv6 connectivity.
§ Change the internal network to a IPv6 MTU that will fit down a tunnel.
• We went with this one, it was simpler.
7
![Page 8: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/8.jpg)
8
Wireless Hardware
Main Conference room § Xirrus XS8 Wireless Array “UFO”
§ One giant array, eight radios managed as a whole
§ 4x 802.11a/b/g radios
§ 4x 802.11a radios
§ Coverage from many non-overlapping channels
§ It should work well for several hundred users!
§ Thanks to CityLink for the hardware
8
![Page 9: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/9.jpg)
9
Wireless Hardware
![Page 10: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/10.jpg)
10
Xirrus Radio‘APNIC’ v4 only SSID being turned OFF!
Mikrotik Radios‘APNIC’ v4 only SSID
Initial Configuration
10
![Page 11: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/11.jpg)
11
Wireless Interference
What was observed?§ Intermittent connectivity, but aren’t all the best problems?)
§ Huge latency spikes; 2000ms+ RTT to the router.
§ Generally rubbish performance.
How did we debug this?§ WiSPY USB dongle and EaKiu software
• http://www.metageek.net/
http://www.cookwareinc.com/EaKiu/
§ Lots of pinging.
§ Lots of coffee.
§ Not much sleep.
§ Trial and error.11
![Page 12: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/12.jpg)
12
Wireless Interference
802.11a 5GHz spectrum performing much better than 2.4GHz§ SSID APNIC26 = 802.11b/g only
§ SSID AAPNIC26 = 802.11a only
§ many clients seem to prefer an 802.11b/g signal over 802.11a - the different SSIDs allow users to explicitly select the 802.11a signal
2.4GHz performance§ Sat - good
§ Sun - no good... Mon - worse
§ Tue/Wed/Thur - not too bad
Fri - bad again :(12
![Page 13: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/13.jpg)
13
Wireless Interference - bad
![Page 14: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/14.jpg)
14
Wireless Interference - bad
![Page 15: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/15.jpg)
15
Wireless Interference - ok
![Page 16: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/16.jpg)
16
Xirrus Radio‘APNIC’ v4 only SSID being turned OFF!Mikrotik‘APNIC’ v4 only SSID being left on
Current Deployment
16
![Page 17: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/17.jpg)
17
Network Stats
100 - 130 stations attached to AP here in Hall C§ I counted only around 75 laptops out - presumably the rest are
iPhones etc.
§ ~60% 802.11a
§ ~40% 802.11b/g
Peaks of 10.5Mbit/s downstream§ ~90% international
§ ~10% domestic
Surprisingly large amounts of IPv6 trafficaround 25% of all traffic has been IPv6 since the IPv6 sessions
§ what was it? was it you?17
![Page 18: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/18.jpg)
18
Graphs
http://kiwi.apnic.net/mrtg
18
![Page 19: 1 APNIC26 Network Jonny Martin jonny@jonnynet.net 1.](https://reader038.fdocuments.net/reader038/viewer/2022110209/56649e245503460f94b12585/html5/thumbnails/19.jpg)
19
Things to think about
Need a backup plan for wireless-fail§ back to cat-5 drops?
Will we reach a point were 802.11abg is completely unusable at large meetings?
Having consistent equipment and setup from meeting to meeting would be a mighty good thing§ router setup and IP ranges
§ conference noc server - lots of useful tools, mrtg, nfsen
§ switches and APs
§ wireless tools
19