CNGI-CERNET2€¦ · Problems IPv6 flow analysis (netflow v9) Some equipments can’t support...
58
CNGI-CERNET2 Wang Jilong, Tsinghua University 2009-07-23
Transcript of CNGI-CERNET2€¦ · Problems IPv6 flow analysis (netflow v9) Some equipments can’t support...
CNGI-CERNET2
Wang Jilong, Tsinghua University
2009-07-23
Contents
CNGI-CERNET2 Overview
CNGI-CERNET2 Backbone
CNGI-CERNET2 IXP
CNGI-CERNET2 CPN
High level services and platform
Challenges
CNGI-CERNET2 Overview
CNGI-CERNET2 Overview
CNGI-CERNET2 Backbone
6
西安-西交
武汉-华中科大
合肥-中科大
上海-上交
广州-华南理工
成都-电子科大
沈阳-东大
天津-天大
重庆-重大
厦门-厦大
南京-东南大
兰州-兰大
大连-大工
哈尔滨-哈工大
长春-吉大
济南-山大
杭州-浙大长沙-
中南大
郑州-郑大
北京-北大
北京-北邮
北京-北航
上海-复旦
上海-同济
北京-清华
CNGI-CERNET2 Backbone
北京-武汉线路监控北京核心节点监控
Be unique, be different
Protocol selection Rest of the world: Dual stack CERNET2: Pure IPv6
Equipment Rest of the world: Single vendor CERNET2: Multiple vendors
Complexity Rest of the world: Single AS CERNET2: Multiple AS
Transition Rest of the world: IPv6 over IPv4 CERNET2: IPv4 over IPv6 (IETF)
Architecture Rest of the world: HOPI/GENI/etc CERNET2: Authentic IPv6 address (IETF)
CERNET2 NOC
CNGI-CERNET2 Traffic
CNGI-CERNET2
15G
200920082007
IPv6 Address Allocation
CNGI-CERNET2 IXP
12
CNGI-6IX
欧盟 GEANT2 美国Internet2亚太 TEIN22.5Gbps
1Gbps2.5Gbps
CERNET2 中国电信 中国联通 中国网通 中国移动 中国铁通
CNGI 六大主干网 1G/2.5/10Gbps
CNGI-6IX
高速交换路由器
高速交换路由器
高速路由交换机
高速路由交换机
CNGI participants
CERNET2 (AS23910)
China Telecom (AS4134)
China Unicom (AS9800)
China Netcom (AS18344)
China Mobile (AS24311)
China Tailcom (AS24425)
Domestic peers
CERNET (AS4538)
NSFCNet (AS9406)
CJ-IPv6 (AS23912)
Google-China (AS24424)
…
External peers
TEIN-North (AS24489)
APAN-JP (AS7660)
KREONet2 (AS17579)
HK-IX2 (AS4635)
CUHK (AS3661)
Google (AS15169)
Cable & Wireless (AS1273)
Hurricane (AS6939)
…
Equipments (Beijing)
Equipments (Hong Kong)
CNGI-6IX core router
Cisco GSR-12410
Addressing and Routing
IPv6 block
2001:252::/32
2001:7fa:5::/48 (obsolete)
IPv4 block
210.25.189.0/24
Just for MPLS/L2VPN service provisioning
Policy
Principle of IPv6 peering policy
Open to receive all the IPv6 prefixes from CNGI participants and external peers
Conservative to advertise IPv6 prefixes based on agreed peering policy
No transit service for external peers
Community-based
Common Routing Policy
BOGON filters
Private AS number filtering
Prefix length filtering
Flexible among CNGI participants and domestic peers
Authenticated BGP sessions
On demand
Specific Routing Policy
CNGI participant Accept all IPv6 prefixes Advertise all IPv6 prefixes
Domestic peer Accept all IPv6 prefixes Advertise all IPv6 prefixes
External peer Accept all IPv6 prefixes
Lower local-preference for routes learned from commercial peers
Advertise all IPv6 prefixes of CNGI participants and domestic peers
Service
Primary service IPv6 exchange center
CNGI participants
Domestic peers R&E
Commercial
External peers R&E
Commercial
Advanced service IPv6 Multicast
MPLS/L2VPN (IPv4-based)
Multicast
IPv6 Multicast BGP peering can be enabled on demand
IPv6 ASM (embedded-rp) and SSM are all supported
MPLS
Intra-AS
MPLS/LDP is activated inside CNGI-6IX domain
Inter-AS
Option-C is preferred solution
IPv4 /32 Labeled-unicast routes are exchanged among CNGI-6IX, CERNET2 and TEIN2
LSP swtching might be another solution
Especially for inter-AS MPLS L2VPN
MPLS
MPLS/L2VPN service statistics
2.5G virtual link: 1
1G virtual link
Native: 2
VLAN: 15
Traffic
26
CNGI-6IX
1G
200920082007
Problems
IPv6 flow analysis (netflow v9) Some equipments can’t support netflow-based IPv6
flow data collecting/exporting
IPv6 prefix length filtering Quite a number of organizations have applied small
IPv6 block (/36-/48), which should not be globally routable according to certain historical document.
Should we accept such IPv6 prefixes from external peers?
IPv6 R&E routes vs. IPv6 commercial routes How to distinguish IPv6 R&E routes from IPv6
commercial routes?
CNGI-CERNET2 CPN
独立ipv6访问数范围统计
7%
15%
75%
3%
>10000
5000-10000
1000-5000
<1000
填写验证码的独立ipv6访问范围统计
3% 5%
87%
5%
>8000
4000-8000
1000-4000
<1000
Distribution of all different IPv6addresses
Distribution of all authenticated different IPv6 addresses
6TUNET
2Gbps up-link to CNGI-CERNET2
10Gbps backbone
120 Native IPv6 LANs,25000 native IPv6 Ports
IPv6 wireless network
/32 IPv6 address space
IPv6 DNS, NMS, website, IPTV
More than 1k concurrent IPv6 on-line users
Technology Roadmap
Dual-Stack, currently no pure IPv6 LAN
Provide ISATAP and tunnel broker
services to users in pure IPv4 LAN
Backbone use dynamic routing protocols
OSPFv3
Interconnect with CNGI-CERNET2 by
static routing (will run BGP, as45576)
IPv6 DNS
DNS is a troublemaker
The software of IPv6 DNS is BIND9
The domain server of tsinghua6.edu.cn is dual-
stack
166.111.8.30
2001:250:c006::8
The resolution server is dual-stack
166.111.8.28
2001:da8:200:100::28
IPv6 Websites
Most of major websits support IPv6 http://www.tsinghua.edu.cn
http://ipv6.tsinghua.edu.cn
http://y.tsinghua.edu.cn
http://news.tsinghua.edu.cn/new/
http://redweb.tsinghua.edu.cn/
http://iptv.tsinghua.edu.cn
http://ngmylife.wirelesslan.edu.cn/ipv6index.html
……
Traffic
Recent Focus
Full coverage of IPv6
Pure IPv6 service
Strengthen the building of IPv6 resources
Promotion of IPv6 service
High level services and
platform
DRAGON-Lab
Distance and visual Lab
GPERF
6PlanetLab
IPv6 IMS
Large Scale IPv6 Virtual Reality
IPv6 Remote Education System
清华大学
上海交通大学
西安交通大学
华南理工大学
北京大学
CNGI-CERNET2主干网
在8所高校建立智能远程教室通过IPv6网络进行远程切换
北京邮电大学
重庆大学
浙江大学
激光笔书写支持激光笔操作及远程书写标注功能。
运动跟踪采用运动人脸识别技术让摄像头自动跟踪定位教师所在位置
教师授课支持各种形式的教案 (Word, PPT), 手写板书与鼠标轨迹
反馈交互和远程学生交互、包括文本、短信息及投票反馈等。
学生状态监控自动检测学生状态、如果注意力不集中,给与适当提醒。
IPv6 based Access Grid
图像处理 生物计
算 海量数据访问网格
计算力学
远程教育
CNGI-CERNET2
计算资源:• 聚合计算能力20万亿次• 存储容量200TB
网格平台
高性能应用
ChinaGrid: 覆盖分布在全国的22所高校
Portal
网格开发环境
信息中心
统一管理层
计算节点层
网格安
全
IPv6 P2P Sharing Content Deliver
P2P文件共享系统ngMaze
P2P直播流媒体系统AnySee
清华大学 836
北京大学 7695
华南理工大学 3552
华中科技大学 1799
浙江大学 8790
上海交通大学 20
北京邮电大学 582
西安交通大学 26
兰州大学 176
重庆大学 18
中南大学 2
东南大学 39
中国科技大学 3419
山东大学 2372
复旦大学 13
同济大学 7
厦门大学 3
东北大学 102
吉林大学 5图1:CNGI04-12-2A项目IPv6用户发展情况
0
200
400
600
800
1000
1200
1400
2006年10月29日至2007年1月22日
不同的
IPv6地址个数
峰值在线人数
用户数
IPv6 Sensor Networks
作物类型
数据收集模块
网络管理模块
信息发布模块
Cernet2
终端用户
参数调整
实时数据
天气信息
实时土壤监测信息
业务处理
模块
决策模块
决策信息
网络状态信息
数据库
预警机制
动态信息显示
网络拓扑及状态显示
河道水情监测 入河水质监测
精准农业灌溉监测
传感器部署
WiFi/WiMax and SIP based IPv6
Mobile Communication
校园无线网络覆盖无线接入校园网方式
校园无线AP的部署
WLAN 单模手机/PDA
WLAN手机移动通信
无线接入的IPTV/VOD
IPv6 Digital Home Network
FTTH
Home Gateway
Agent
UPnP UPnP
Agent Agent Agent Agent Agent
CNGI-CERNET2(IPv6)
基于IPv6家庭网关,支持多种异构网络家电的统一控制,实现数字化生活。
IPv6 Transportation Monitoring
感应线圈车流量采集 流动车辆GPS数据采集 视频采集
传感器采集数据
南北高架
内环线高架
交叉口线圈位置
线圈采集监控窗口
视频采集
流动车辆采集数据
GPS发射装置 GPS位置地图显示
GPS实时监控窗口
NMS
Challenges
IPv6 Developing Problems
Maturity issues of IPv6 products and
technology
Problems of pure IPv6 service
IPv4/IPv6 transition
Promotion of IPv6
IPv6 network management
Maturity issues of IPv6 products
and technology
Some of the IPv6 routers we ever used
Juniper T640/T320/M20/M10
Huawei NE80/NE5000e
Bitway BE12K
Cisco CRS-16/8,CISCO 7609/6509
Hitachi GR4000
In comparison, it is some weak for IPv6 on the hardware/software maturity and after-sale technical support
Network Management Support
Issues
It is hard to measure IPv6 traffic because most of current router product don’t support netflow v9
It is hard to acquire IPv6 MIB in pure IPv6 network because most of current router product don’t support SNMP over IPv6
Understanding of IPv6
Although Innovative/killer Application is important to the development of IPv6, it is not the reason we choose IPv6
The core value of IPv6 is to solve the scalability problem of Internet——lack of address
One day in the future, perhaps in addition to the use of IPv6, we have no choice
At present, the clever usage of IPv6 networks can solve some critical problems of Internet
Thanks!
