What's next for Opisboy - IPv6, FreeBSD and Software Defined Network
-
Upload
affan-basalamah -
Category
Technology
-
view
2.139 -
download
2
description
Transcript of What's next for Opisboy - IPv6, FreeBSD and Software Defined Network
![Page 1: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/1.jpg)
What’s next for Opisboy?
IPv6, FreeBSD and
Software Defined Networks Affan Basalamah
Traceroute Party 2013
![Page 2: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/2.jpg)
# whoami
• Affan Basalamah
• IT Infra Manager
• Unit Sumber Daya
Informasi ITB
• @affanzbasalamah
![Page 3: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/3.jpg)
Outline
• Some status on IPv6 and FreeBSD
• Eye opening: Paradigma Masa Depan
• SDN – Software Defined Networking
![Page 4: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/4.jpg)
IPV6
![Page 5: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/5.jpg)
Status (1)
• IPv6 stack mulai stabil di berbagai OS dan
firmware (yg pernah saya dengar atau saya
coba)
– Router: Linux/BSD, Cisco, Juniper, Brocade, HP,
Huawei, Mikrotik, Force10, dsb
– Switch: Cisco Catalyst/Nexus, Juniper, Brocade,
HP, Huawei, Force10, dsb
![Page 6: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/6.jpg)
Status (2)
– Firewall: Cisco ASA, Juniper, Mikrotik
– Load Balancer: F5, Brocade ADX, Apache
Traffic Server, Nginx, Varnish, Apache
mod_proxy module
– OS: Windows 7/8, Server 2008R2/2012, Mac
OS X, Linux/BSD
– Hypervisor: vSphere 5.x, RHEV, Hyper-V
![Page 7: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/7.jpg)
Status (3)
• Koneksi: native backbone
• OpenIXP sudah IPv6
• ISP lain? Indosat? Telkom? Anyone?
• Temporary (permanently) solutions:
www.tunnelbroker.net
– bisa tunnel + peering BGP juga
![Page 8: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/8.jpg)
And then...
Saat ini semuanya berjalan, namun ada
beberapa hal yang menjadi penghalang:
![Page 9: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/9.jpg)
IPv6 tanpa DNS =~ sakit kepala
• Anda mau menghafal IP seperti ini?
– 2403:8000:2e3b:6738:a573:c1bd:4b6c:31b7
• Especially IN PTR
• Untuk melihat IP address packet yg disniff
• Untuk melihat access_log apache/squid
• Untuk melihat awstat/webalizer
• IN PTR creation harus diotomasi
![Page 10: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/10.jpg)
Happy Eyeball (1)
• Kasus dimana IPv6 dual stack yg broken
bisa bikin user experience jadi juelek
– https://ripe64.ripe.net/presentations/78-2012-
04-16-ripe64.pdf dari Geoff Huston
![Page 11: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/11.jpg)
Happy Eyeball (2)
• Musti nunggu sampai semua browser
beres implementasinya
• Selama itu belum beres, mending disable
IPv6 utk end-user
• Atau IPv6 only aja sekalian, jalanin
NAT64/DNS64
– Aplikasi yg pakai literal IPv4 nggak akan jalan
![Page 12: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/12.jpg)
Slide happy eyeball
![Page 13: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/13.jpg)
Skema addressing IPv6
• Mau bikin baru?
• Atau ikut IPv4 addressing scheme
– biar gampang ingetnya
• IPv6 address cantik utk host berisi content:
– face:b00c (www.facebook.com)
– dead:beef
• Wajib pasang IPAM:
– GestioIP www.gestioip.net
– phpIPAM www.phpipam.net
![Page 14: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/14.jpg)
Orang aplikasi nggak mau tahu
• Gak peduli tentang IPv6, tahunya bisa
dibuka di mana saja
– Responsive web aja sudah repot, ngurus CSS
nya IE aja sudah repot, jangan disuruh
ngomong IPv6 ya
• Pasang web server di belakang LB
– LB dual stack IPv6, web server IPv4 only
• Test your apps
– Apps behavior behind LB
![Page 15: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/15.jpg)
Security Issues
• Beberapa issue yang muncul
• Bagaimana snort/IDS/IPS di IPv6?
• Port scanning is impossible
– mau coba nmap -sP subnet/64 ? :P
• Fragmentation attack
• RH0, source route
• Security compliance additional checklist
![Page 16: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/16.jpg)
Bandwidth accounting
• Torrent jalan di IPv6 lho, gimana inspectnya?
• Proxy cache squid?
– Stable version 2.7 tidak support IPv6,
– Version 3.2 dgn IPv6 tidak sestabil 2.7
• Squid bisa ditaruh di belakang SLB
– Tapi log cache nya gimana?
• Ini di enterprise sih, entah di telco urusan
charging/billing nya gimana
![Page 17: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/17.jpg)
User/client Provisioning
• DHCPv4 belum betul2 digantikan oleh
DHCPv6
• Mau pakai apa?
– IPv6 RA (ICMPv6) atau DHCPv6?
• IPv6 RA gak ada DNS record nya
– (you don't say?)
• Security issue di ICMPv6
– Solusinya: SEND = Secure ND
![Page 18: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/18.jpg)
Itulah PR bagai opisboy
![Page 19: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/19.jpg)
FREEBSD
![Page 20: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/20.jpg)
FreeBSD buat yg belum tahu
• Keluarga BSD OS:
![Page 21: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/21.jpg)
Sejarah FreeBSD di ITB
• 1995? Saya juga agak lupa
• FreeBSD pertama saya: 2.2.1-RELEASE
• Sampai sekarang 9.1-RELEASE
![Page 22: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/22.jpg)
Dipakai untuk apa?
(dahulu & sekarang) • Core router -> router/switch branded
• Firewall/Gateway -> FW/gateway branded
• DNS server
• DHCP server
• MX server
• Web server
• Mailbox server
• Proxy cache server
![Page 23: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/23.jpg)
Kenapa pakai FreeBSD?
• Handal utk appliance, nggak mati-mati
• Banyak fitur2 bagus dimasukkan ke sini
– ZFS, DTrace, fitur security OpenBSD
– Lebih mudah pakai ZFS di FreeBSD daripada di
OpenSolaris/OpenIndiana
• Konfigurasi sederhana (jika sudah tahu)
• Packaging dgn Ports itu sebenarnya paling
konsisten (namun bukan paling mudah)
• Performa (ini subjective sih)
![Page 24: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/24.jpg)
Kapan FreeBSD tidak dipakai?
• Aplikasi yang lebih mudah diinstall di
Linux
• Prefer RHEL/CentOS family (YMMV)
– RHEL, CentOS, Fedora, Scientific Linux, Oracle
Linux
• Use Case:
– Application server
– HPC cluster, MPI, etc.
– Mailbox server (Zimbra)
– NMS server (Nagios/Cacti custom)
![Page 25: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/25.jpg)
Perkembangan FreeBSD ke depan
https://wiki.freebsd.org/WhatsNew/FreeBSD10
– Cloud computing
• VirtIO support di KVM, BSD Hypervisor
– High performance Network
• SMP firewall
• Netmap 10Gbps throughput on FreeBSD
– Storage
• ZFS berkembang terus, support TRIM SSD
– Appliances
• ARM, RaspPi
![Page 26: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/26.jpg)
Dan akhirnya saya mau cerita rencana ITB ke
depan
![Page 27: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/27.jpg)
• Saat ini orang nggak terlalu peduli dgn
IPv6, FreeBSD, dan hal-hal lainnya
• Mereka lebih peduli bagaimana
– aplikasi saya segera running in minutes
– Startup saya bisa jalan
– Revenue masuk
• Maka dari itu redefinisi strategi IT
strategi infrastruktur IT
![Page 28: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/28.jpg)
Karakteristik infrastruktur
masa depan
Flexible
Agile
Elastic
Scale
![Page 29: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/29.jpg)
Itu namanya:
CLOUD COMPUTING
![Page 30: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/30.jpg)
Tapi cloud computing yang seperti apa?
Cloud yang mana?
![Page 31: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/31.jpg)
Bahkan Awan pun ada
bermacam-macam
![Page 32: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/32.jpg)
Apakah anda mau cloud anda adalah cloud
yang ini?
![Page 33: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/33.jpg)
Apakah install vSphere + vCloud Director itu
sudah bisa disebut cloud computing?
Atau install Proxmox VE itu sudah bisa
disebut cloud computing?
![Page 34: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/34.jpg)
Definisi Cloud Computing
NIST Definition of Cloud Computing
http://csrc.nist.gov/publications/nistpubs/80
0-145/SP800-145.pdf
![Page 35: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/35.jpg)
Essential Characteristics
• On-demand self-service
• Broad network access
• Resource pooling
• Rapid elasticity
• Measured service
![Page 36: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/36.jpg)
Layanan Cloud Computing
SaaS – Software as a Service
PaaS – Platform as a Service
IaaS – Infrastructure as a Service
![Page 37: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/37.jpg)
Suka tidak suka, inilah karakteristik layanan
yang harus disediakan oleh infrastruktur
yang harus dibuat oleh opisboy
![Page 38: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/38.jpg)
Sudah bukan jamannya ngomong OS wars,
orang nggak peduli
Sudah bukan jamannya cuma mikir network
sebagai network saja
![Page 39: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/39.jpg)
“Datacenter Networks are in my way”
James Hamilton, AWS
![Page 40: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/40.jpg)
Infrastruktur harus didesain ulang untuk
mengakomodir itu semua keperluan itu
![Page 41: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/41.jpg)
IPv6, FreeBSD adalah merupakan bagian
kecil dari itu semua
![Page 42: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/42.jpg)
Apakah anda siap berpindah paradigma?
![Page 43: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/43.jpg)
PARADIGMA MASA DEPAN
![Page 44: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/44.jpg)
Roadmaps
IT
Cluster
BigData
Cluster
HPC
Cluster
Compute Cluster
Mgmt Inter
connect
Core
Routing
Network Cluster
Live
Storage
Repo
Storage
Archive
Storage
Storage Cluster
I/O Inter
connect Disk Storage Memory Processor
Infrastructure
as a Service
Software as
a Service
Platform as
a Service
Email File
Sharing HPC
Web
Hosting Identity
Provider
Online
Learning IS BigData
Telepres
ence
Self service
Portal OS/Hypervisor
Cloud
Orchestration
![Page 45: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/45.jpg)
Network Blueprint
![Page 46: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/46.jpg)
IT Cloud Clusters
• IaaS: Hypervisor:
– VMware, RedHat, Citrix, OpenStack, etc
• PaaS: hosted Paas:
– OpenShift Enterprise, AppFrog, etc.
• SaaS: hosting platform, email hosting, etc.
• Cloud orchestration platform:
– vCloud Director, CloudForms, OpenStack
![Page 47: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/47.jpg)
Storage Clusters
• Scale out storage
– Large data scaling without interruption
• Automatic storage tiering
– SSD, SAS, SATA for high performance storage
• Network RAID for high availability
![Page 48: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/48.jpg)
Campus 1
Campus 2
DRC
IT Compute Cluster
& Storage Cluster
![Page 49: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/49.jpg)
Network Clusters
• Datacenter fabric
– 10 Gigabit Ethernet port curah
– TRILL/SPB – eliminate spanning tree
– Integrasi dgn hypervisor/cloud orchestration
• Core network: IP/MPLS/SDN
• Access network:
– virtual chassis LAN switching
– wireless mesh Wifi
![Page 50: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/50.jpg)
Campus 1
Campus 2
DRC
Network
Cluster
![Page 51: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/51.jpg)
Wa bil khusus networking
• Basic IP routing
– IPv4/v6 uni/multicast
• Advanced: MPLS on enterprise
– L3VPN, L2VPN, VPLS w/ TE/FRR
• Next generation network
– Ethernet fabric
– SDN: Software Defined Network
(programmable network) OpenFlow
![Page 52: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/52.jpg)
Why all this complexity?
Technical Motives
Business Motives
![Page 53: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/53.jpg)
Technical Motives
• Orang ingin network yg flexible
• Derajat perubahan terlalu tinggi di cloud
computing
• Network harus mampu mengikuti perubahan
• Tidak bisa dikonfigurasi manual lagi
– Automation on single device
– Orchestration on multiple devices
![Page 54: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/54.jpg)
Business Motives
• Orang mulai familiar dgn public cloud
– Bikin layanan di VPS -> no, bikin di EC2
Amazon Web Services (AWS)
– Pesan server virtual di Softlayer, bisa milih
mau spek seperti apa
– Masukin storagenya di S3 nya AWS (block
storage)
![Page 55: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/55.jpg)
Business Motives (2)
• Tapi begitu ngelihat invoice
bulanannya langsung manyun
– Ffffuuuu that's expensive, dolar
cuy
• Gak ada yg bikin ginian di
Indonesia?
– Enterprise ingin punya beginian
tanpa kena recurring cost
![Page 56: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/56.jpg)
OK, sekarang apaan sih yang tadi diomongin
itu?
![Page 57: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/57.jpg)
Basic IP Routing
• Makanan harian opisboy
• IPv4/v6 unicast/multicast routing
• Policy/Filter-based Forwarding
• Namun ada keterbatasannya
![Page 58: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/58.jpg)
MPLS on Enterprise
• Enterprise ingin punya network yg flexible
seperti Telco
• Namun nggak mau mengurusi
kompleksitasnya
![Page 59: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/59.jpg)
L3VPN
• Saya punya IP camera di kampus, punya
RFID utk e-cash transaction, gimana agar
gak disniff, diportscan ama mahasiswa? Ya
bikin VRF sendiri
• Saya pengen jualan bandwidth ke
fakultas/lab dari ISP/provider, gimana agar
ISP gak tarik kabel satu-satu ke
fakultas/lab? Ya bikin VRF sendiri
• Itulah use case nya
• Dan njahit GRE tunnel itu malesin
![Page 60: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/60.jpg)
Campus 1
Campus 2
DRC
![Page 61: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/61.jpg)
L2VPN
• Tiba-tiba ada acara di Aula, ada
ISP/provider mau tarik kabel ke situ, perlu?
Nggak perlu pusing, ISP cukup terminasi
di datacenter, tembak L2VPN ke site. Beres.
![Page 62: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/62.jpg)
Campus 1
Campus 2
DRC
![Page 63: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/63.jpg)
VPLS
• Network ITB banyak subnetnya (~ 400
prefix)
• Datacenter (DC) ada di beberapa tempat
terpisah, gimana caranya mau bikin
Vmotion antar DC? Ya bikin VPLS di semua
DC
• AP Wireless network di ITB sekarang
terpisah-pisah controllernya, gimana
caranya mau dijadikan satu controller saja
utk simplify config? Ya bikin VPLS
![Page 64: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/64.jpg)
Campus 1
Campus 2
DRC
![Page 65: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/65.jpg)
Datacenter Fabric Ethernet
• Compute cluster & storage cluster perlu
10 gigabit port curah yg low latency
• Full utilization w/ high availability without
spanning tree
• Logically flattened the network
• Terkoneksi dgn hypervisor/cloud
orchestration for VM visibility
![Page 66: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/66.jpg)
Campus 1
Campus 2
DRC
Datacenter
Fabric
![Page 67: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/67.jpg)
Dan masuklah sebuah era baru yang
bernama:
Software Defined Networking
![Page 68: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/68.jpg)
Software Defined Networking
(SDN) • Teknologi yg berjalan bersamaan dengan
cloud computing
• Implementasi ada beberapa
• Yg terpopuler saat ini: OpenFlow
![Page 69: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/69.jpg)
OpenFlow (1)
• Traditionally, control plane & forwarding
plane itu ada di satu box yg sama
– Control plane: ngurus management, routing
protocol (OSPF, BGP) -> routing table
– Forwarding plane: packet forwarding -> FIB,
forwarding table
• Sekarang control plane ini dipindahkan ke
satu controller
![Page 70: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/70.jpg)
OpenFlow (2)
• Decision routing diputuskan di controller ini
• Forwarding plane menerima perintah dari
controller ini, packet yg masuk itu harus
diapakan
– Forward, drop, kirim ke controller, dsb
• Beberapa router menawarkan fitur
OpenFlow Hybrid Port
– Satu port bisa punya beberapa VLAN trunk
– Ada VLAN yg dimanage oleh router (tradisional),
ada yg dimanage oleh OpenFlow
![Page 71: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/71.jpg)
Control/Data Plane Separation
•Control / Management plane in a dedicated controller
•Networking devices perform forwarding and maintenance functions
•IP / SSL connectivity between controller and OpenFlow switch
•OpenFlow = Forwarding table (TCAM) download protocol
![Page 72: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/72.jpg)
Controller & Agents
![Page 73: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/73.jpg)
Apa hal menarik dari SDN?
• Opisboy bisa memutuskan network itu
dikonfigurasi seperti apa tanpa perlu
mengatur satu persatu devices secara
manual
• Opisboy bahkan bisa memprogram
network itu seperti apa, baik secara
manual decision, maupun automated
decision (misal dari sistem cloud
computing: OpenStack, VMware)
• Setidaknya itu janji-janjinya sih
![Page 74: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/74.jpg)
Tantangannya apa? (1)
• Opisboy musti familiar dgn programming,
minimal mulai belajar
• Minimal coba install platform virtual
network
– OpenFlow Controller
– Open vSwitch
• Things can fail massively
![Page 75: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/75.jpg)
Tantangannya apa lagi?
• Troubleshoot tidak segampang tradisional
– Ada routing IGP/EGP -> RIB table
– Ada label MPLS -> MPLS label table, VPN
table
– Belum bicara troubleshooting VPLS yg susah
– Ada OpenFlow controller
![Page 76: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/76.jpg)
What’s the point of this?
• Apakah FreeBSD masih relevan? Masih!
– Menempatkan kemampuannya di tempat yg
tepat
• Apakah IPv6 masih relevan? Masih!
– Kompleksitasnya memerlukan inovasi dalam
pengelolaan IT
• Namun mereka harus dimasukkan dalam
big picture ini agar tetap relevan
![Page 77: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/77.jpg)
Jadi kita mau ngapain
sekarang? • Melihat networks & IT dengan paradigma
baru
• Big picture: cloud computing, IT service, IT
as Innovation Enabler
• Arahkan pengembangan menuju
paradigma baru
• Let's innovate!
![Page 78: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/78.jpg)
Terima kasih!
![Page 79: What's next for Opisboy - IPv6, FreeBSD and Software Defined Network](https://reader034.fdocuments.net/reader034/viewer/2022042700/554bae78b4c905ae618b56b3/html5/thumbnails/79.jpg)
Reference
• Analysing Dual Stack Behaviour and IPv6 Quality – Geoff Huston &
George Michaelson - https://ripe64.ripe.net/presentations/78-2012-
04-16-ripe64.pdf
• OpenFlow and SDN: hype, useful tools or panacea? – Ivan Pepelnjak
- https://ripe65.ripe.net/presentations/19-
OpenFlow_and_SDN_(RIPE).pdf
• IPv6 Security – Scott Hogg & Eric Vyncke, Cisco Press -
http://www.amazon.com/IPv6-Security-Scott-Hogg/dp/1587055945
• NIST Definition of Cloud Computing -
http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf