Beyond Dual-Stack: Using IPv6 like You’ve Never … · the latest trends and insights of IPv6 deployment on the ... Reliance JIO India 160 Million Subscribers BSkyB ... VM Container

Beyond Dual-Stack: Using IPv6 like You’ve Never Imagined

W. Mark Townsley, Cisco Fellow

BRKIP6-2616

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Cisco Spark

Questions? Use Cisco Spark to communicate with the speaker after the session

1. Find this session in the Cisco Live Mobile App

2. Click “Join the Discussion”

3. Install Spark or go directly to the space

4. Enter messages/questions in the space

How

cs.co/ciscolivebot#BRKIP6-2616

In this high-paced and forward-looking session, we will review

the latest trends and insights of IPv6 deployment on the

Internet and Enterprise, followed by an overview of the latest

innovations Cisco has been developing alongside leading IPv6

network operators, industry partners, and researchers around

the world. With the barriers of IPv4 no longer present, we will

illustrate the results of our rethinking of the role of IP and how

we believe the massive increase in scale and extensibility of

IPv6 can be used to provide services and support to

applications in entirely new ways: from content delivery and

container networking, to distributed storage and applications.

Intended audience for this session is Network Designers and

Architects from Enterprise, Service Provider and Data Center.

Prerequisite for this session is a basic understanding of IPv4

and IPv6 Technologies, and interest in forward-looking

networking innovation and research.

In this high-paced and forward-looking session, we will review

the latest trends and insights of IPv6 deployment on the

Internet and Enterprise, followed by an overview of the latest

innovations Cisco has been developing alongside leading IPv6

network operators, industry partners, and researchers around

the world. With the barriers of IPv4 no longer present, we will

illustrate the results of our rethinking of the role of IP and how

we believe the massive increase in scale and extensibility of

IPv6 can be used to provide services and support to

applications in entirely new ways: from content delivery and

container networking, to distributed storage and applications.

Intended audience for this session is Network Designers and

Architects from Enterprise, Service Provider and Data Center.

Prerequisite for this session is a basic understanding of IPv4

and IPv6 Technologies, and interest in forward-looking

networking innovation and research.

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 6BRKIP6-2616

https://blogs.cisco.com/enterprise/ipv6_history_first_youtube_videos_streamed_on_ipv6_at_cisco_live_barcelona

https://youtube.googleblog.com/2010/02/youtube-calls-on-ipv6.html

https://blogs.cisco.com/enterprise/ipv6_history_first_youtube_videos_streamed_on_ipv6_at_cisco_live_barcelona

https://youtube.googleblog.com/2010/02/youtube-calls-on-ipv6.html


IPv6 Deployment as seen by Google in Feb 2010

BRKIP6-2616 7


6to4 (RFC 3056) Failure Rate

https://labs.ripe.net/Members/emileaben/6to4-how-bad-is-it-really

BRKIP6-2616 8


1. Disabling 6to4 wherever possible

2. Implementing “Happy Eyeballs”

By Feb 2012: Progress! Green is up, Red is down

Source: Google

World IPv6 Day

June 8 2011

BRKIP6-2616 9


Today: Jan 27, 2018 – 22% IPv6 and Still Growing

World IPv6 Launch

June 6 2012

BRKIP6-2616 10

BRKIP6-2616 11

%IPv6 in Spain

2.25% Now


12BRKIP6-2616

%IPv6 in France

40% next year

23% now


%IPv6 in Belgium

62% next year

53% now

BRKIP6-2616 13© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

%IPv6 in Germany

42% next year

35% now

BRKIP6-2616 14© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public


50% in Feb 2019

~40% Feb 2018

15BRKIP6-2616

%IPv6 in the USA

T-Mobile USA

70+ Million Subscribers

Reliance JIO India

160 Million Subscribers

BSkyB (UK, Ireland...)

22.5 Million Subscribers

Verizon Wireless

150 Million Subscribers

http://www.worldipv6launch.org/measurements/

% Composite based on measurements from Google, Yahoo!, Facebook, Akamai, LinkedIn, APNIC

Networks where IPv4 is less than 10% & 20%

16BRKIP6-2616 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public


Mar-

2014

Sep-2

014

Mar-

2015

Sep-2

015

Mar-

2016

Sep-2

016

May

-2017

Sep-2

0170.0

500.0 M

1.0 B

1.5 B

2.0 B

2.5 B

3.0 B

3.5 B

4.0 B

4.5 B

5.0 B

5.5 B

6 B

"Native" IPv6 addresses (Other)

/64 prefixes

2.61 B

1.80 B

1.17 B833 M

417 M307 M207 M157 M

2.82 B

438 M

3.58 B

593 M

4.39 B

778 M

5.54 B

1.06 B

17BRKIP6-2616

Unique IPv6 Addresses seen in a Week

More /64s than

unique IPv4 /32s

More than all of

IPv4 space

https://datatracker.ietf.org/meeting/100/materials/slides-100-maprg-a-continuing-study-of-the-active-ipv6-www-client-address-space-kyle-rose/


https://datatracker.ietf.org/meeting/100/materials/slides-100-maprg-a-continuing-study-of-the-active-ipv6-www-client-address-space-kyle-rose/


IPv6 Source Address (128 bits)

10011010001100111001101000110011100110100011001110011010001100111001101000110011100110100011001110011010001100111001101000110011


10011010001100111001101000110011100110100011001110011010001100111001101000110011100110100011001110011010001100111001101000110011


10011010001100111001101000110011100110100011001110011010001100111001101000110011100110100011001110011010001100111001101000110011

IPv6 Destination Address (128 bits)

10011010001100111001101000110011100110100011001110011010001100111001101000110011100110100011001110011010001100111001101000110011


10011010001100111001101000110011100110100011001110011010001100111001101000110011100110100011001110011010001100111001101000110011


10011010001100111001101000110011100110100011001110011010001100111001101000110011100110100011001110011010001100111001101000110011

IPv6 Segment Routing ID (128 bits)

10011010001100111001101000110011100110100011001110011010001100111001101000110011100110100011001110011010001100111001101000110011


10011010001100111001101000110011100110100011001110011010001100111001101000110011100110100011001110011010001100111001101000110011


10011010001100111001101000110011100110100011001110011010001100111001101000110011100110100011001110011010001100111001101000110011


10011010001100111001101000110011100110100011001110011010001100111001101000110011100110100011001110011010001100111001101000110011


10011010001100111001101000110011100110100011001110011010001100111001101000110011100110100011001110011010001100111001101000110011


10011010001100111001101000110011100110100011001110011010001100111001101000110011100110100011001110011010001100111001101000110011

IPv4 Destination Address (32 bits)10011010001100111001101000110011

…

…

… … …

Multiprefix…S

egm

ent

Routing

BRKIP6-2616 18

Agenda

“256 bits of opportunity”

IPv6-Only

ISP

B

Multilple Prefixes &

Policies in IPv6

Platform for Innovation

IPv6 Segment Routing

iOAM, 6CN…

ISP

A

Service

C

1 2 3


IPv6-Only

ISP

B


Policies in IPv6


Network is the Computer

IPv6 SR, 6CN…

ISP

A

Service

C

#1 To take advantage of IPv6, we must stop using IPv4

1 2 3

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 21Presentation ID

IPv6 @ #CLEUR

WPA2-PSK: “cl-nat64”

SSID: “CL-NAT64”

5GHz only

IPv6-Only Case Study: Facebook MSDC


IPv6 @ Facebook

Source: Dec 2017 UK IPv6 Council Presentation by Mikel Jimenez, Facebook Network Engineer

50% of US Mobile Traffic,

16% Total Traffic, is IPv6

99.99% IPv6


• Dual Stacked

• Separate BGP4 and BGP6 sessions

• /64 per Rack

• /59 per Pod

• /52 per Cluster (group of pods)

• /48 per Metro

• All Edge IPv4 traffic is proxied to IPv6

Facebook DC Fabric


Killer app for IPv6 only - Containers @ Facebook

• Every Server (Host) gets a /64

• Unique IPv6 Address per task

• Each task gets its own IPv6 /128

• Each task gets its own port space

• No more port collisions (!!!)

• Simpler scheduling and accounting

• /54 per Rack

• /44 per Cluster (/48 in edge)

• /37 DC Fabric

• No NATs!

BRKIP6-2616 25

Speaking of Containers…


Containers and Virtual Machines

App A

Bins/Libs

Hypervisor (Type 2)

Host OS

Server

Host OS

Server

App A’

Bins/Libs

Guest OS

App B

Bins/Libs

Guest OS

Bins/Libs Bins/Libs Co

nta

iner

Co

ntr

ol

App A

App A’

App B

App B’

App C’

App C’

VM

Container

Containers are isolated but share OS and where

appropriate bins/libraries

Guest OS

BRKSDN-2115 27

BRKSDN-2115

Thursday, 9:00 am


The Universal Dataplane - FD.ioVector Packet Processor (VPP)

• VPP is a rapid packet processing development platform for highly performing network applications

• 18+ MPPS, single core

• Multimillion entry FIBs

• 480Gbps bi-dir on 24 cores

• Runs on commodity CPUs and leverages DPDK

• Creates a vector of packet indices and processes them using a directed graph of nodes – resulting in a highly performant solution.

• Runs as a Linux user-space application

• Ships as part of both embedded & server products, in volume; Active development since 2002

• FD.IO (The Fast Data Project) Network IO

Packet Processing: VPP

Management Agent

NC/Y REST ...

BRKSDN-2115 28

https://fd.io/

Universal Dataplane: Features FD.io Foundation

Tunnels/Encaps

GRE/VXLAN/VXLAN-GPE/LISP-GPE/NSHIPSEC

Including HW offload when available

Interfaces

DPDK/Netmap/AF_Packet/TunTapVhost-user - multi-queue, reconnect,Jumbo Frame Support

MPLS

MPLS over Ethernet/GREDeep label stacks supported

Segment Routing

SR MPLS/IPv6Including Multicast

Inband iOAM

Telemetry export infra (raw IPFIX)iOAM for VXLAN-GPE (NGENA)SRv6 and iOAM co-existenceiOAM proxy mode / cachingiOAM probe and responder

LISP

LISP xTR/RTRL2 Overlays over LISP and GRE encapsMultitenancyMultihomeMap/Resolver FailoverSource/Dest control plane supportMap-Register/Map-Notify/RLOC-probing

Language Bindings

C/Java/Python/Lua

Hardware Platforms

Pure Userspace - X86,ARM 32/64,PowerRaspberry Pi

Routing

IPv4/IPv614+ MPPS, single coreHierarchical FIBsMultimillion FIB entriesSource RPFThousands of VRFs

Controlled cross-VRF lookupsMultipath – ECMP and Unequal Cost

Network Services

DHCPv4 client/proxyDHCPv6 ProxyMAP/LW46 – IPv4aasMagLev-like LoadIdentifier Locator AddressingNSH SFC SFF’s & NSH ProxyLLDPBFDPolicerMultiple million Classifiers –

Arbitrary N-tuple

Switching

VLAN SupportSingle/ Double tagL2 forwd w/EFP/BridgeDomain concepts

VTR – push/pop/Translate (1:1,1:2, 2:1,2:2)Mac Learning – default limit of 50k addrBridging

Split-horizon group support/EFP FilteringProxy ArpArp terminationIRB - BVI Support with RouterMac assigmtFloodingInput ACLsInterface cross-connectL2 GRE over IPSec tunnels

Monitoring

Simple Port Analyzer (SPAN)IP Flow Export (IPFIX)Counters for everythingLawful Intercept

Security

Mandatory Input Checks:TTL expirationheader checksumL2 length < IP lengthARP resolution/snoopingARP proxy

SNATIngress Port Range FilteringPer interface whitelistsPolicy/Security Groups/GBP (Classifier)

30

16-09Release:VPP, Honeycomb, NSH_SFC, ONE


16-09 New Features

Enhanced LISP support forL2 overlaysMultitenancyMultihomingRe-encapsulating Tunnel Routers (RTR) supportMap-Resolver failover algorithm

New plugins forSNATMagLev-like LoadIdentifier Locator AddressingNSH SFC SFF’s & NSH Proxy

Port range ingress filteringDynamically ordered subgraphs

17-01 New Features

Hierarchical FIBPerformance Improvements

DPDK input and output nodesL2 PathIPv4 lookup node

IPSEC PerformanceSW and HW Crypto Support

HQoS supportSimple Port Analyzer (SPAN)BFD, ACL, IPFIX, SNATL2 GRE over IPSec tunnelsLLDPLISP Enhancements

Source/Dest control planeL2 over LISP and GREMap-Register/Map-NotifyRLOC-probing

Flow Per Packet

17-04 New Features

VPP Userspace Host StackTCP stackDHCPv4 & DHCPv6 relay/proxyND Proxy

SNATCGN: port allocation & address poolCPE: External interface NAT64, LW46

Segment RoutingSRv6 Network ProgrammingSR Traffic EngineeringSR LocalSIDsFramework to expand LocalSIDs w/ plugins

iOAMUDP PingerIOAM as type 2 metadata in NSHAnycast active server selection

IPFIX Improvements (IPv6)

17-04Release:VPP, Honeycomb, NSH_SFC, ONE…

17-07 New Features

VPP Userspace Host StackImproved Linux Host Stack CompatibilityImproved loss recovery (RFC5681, RFC6582, RF6675)Basic implementation of Eifel detection algorithm (RFC3522)

Interfacesmemif: IP mode, jumbo frames, multi queue

Network FeaturesMPLS Multicast FIBBFD FIB integrationNAT64 supportGRE over IPv6LISP

- NSH support- L2 ARP

ACL multi-core suuportGTP-U support


Rapid Release Cadence – ~3 months FD.io Foundation


Host

Kubelet

CN

I

KubeProxy

vet

h

Contiv-VPP Netplugin

VPP Agent

…

LD_PRELOAD

PodPodPod

PodPodPod

VPP

TCP

VPP

Host

Kubelet

CN

I

KubeProxy

vet

h

Contiv-VPP Netplugin

VPP Agent

…

LD_PRELOAD

PodPodPod

PodPodPod

VPP

TCP

VPP

…

Contiv-VPP Netmaster

Contiv-VPPEtcd

K8s policy & state

distribution

K8s Master

vswitch CNF Podvswitch CNF Pod

SRv6 Network

Kubernetes High-speed Networking with Contiv-VPP

• With Kubernetes and Contiv-VPP, we can deliver a complete container networking solution entirely from userspace.

• Replace all eth/kernel interfaces with memif/userspace interfaces.

BRKIP6-2616 31

IPv6 Only Case Study: Cisco IT


Cisco at a Glance

13,632UCS Servers

60,914Virtual Machines

28.8MW

Data Center

Capacity

74,807Employees

458Offices

93Countries

32,763CVO Routers

12,309Network Devices

136,502Connected

Stakeholders

201,023Connected

User Devices

98

Services

5.8 Billion

DNS Requests

per day

Data as of June 2017

3360Business Applications



34BRKIP6-2616

IPv6 Traffic from Cisco AS 109

Cisco 54.53%


2010-2015 2016-2022

IPv4 / IPv6 Co-existence

IPv6 Transition Technologies

IPv4 Prevalence Dual Stack

IPv6 Prevalence

IPv4 as a Service

IPv6-Only

IPv4-Only

59BRKIP6-2616

IPv6 Multi-Year Strategy

Address Exhaustion / Reclamation Plan


SJC23 - IPv6 Only Building at Cisco


IPv6 Only DC (Cisco IT PoC)

NAT64

ASR1K

IPv6-Only Case Study: Turn IPv6 into a distributed IPv4 CGN


IPv6 Only

Network

39BRKIP6-2616

MAP: Routing IPv4 addresses and ports inside IPv6

> 0130.67.1 /24 +01010101 111000

IPv4 Address Port

IPv6 Prefix

Interface IDSubnet-ID2001:0DB8:00 /42 01010101 111000

IPv4

IPv6

MAP

“Distributed IPv4 CGN as a service”

MAP uses IPv6 Routing to provide

a stateless, distributed, highly

scalable, IPv4 CGN service

MAP

MAP

Anycast


http://6lab.cisco.com/map

http://6lab.cisco.com/map


MAP on ASR 9K

• MAP does not route traffic through the VSM

Blade, yielding line rate performance.

• Using A9K and 100G line cards, over 1 Tbps

• 20 x 1T = 20 Tbps on a 9922 chassis.

• “DS-Lite” is a centralized solution which routes

traffic through the VSM Blade• 14 Gbps per slot


Free Telecom goes IPv6 only

April 2017:

Free a commencé le déploiement

depuis quelques jours de ses

premiers DSLAM entièrement IPV6.

https://www.universfreebox.com/article2252.html


Bouygues steps up with IPv6 Only Mobile

April 2017:

“En effet, selon les informations

d’Univers Freebox, Free a commencé

le déploiement depuis quelques jours

de ses premiers DSLAM entièrement

IPV6. Ces derniers ne gèrent plus que

ce protocole et plus du tout l’IPV4.”

https://www.universfreebox.com/article2252.html

IPv6-Only Case Study: T-Mobile USA


IPv6 Only at T-Mobile – 90.39% IPv6

NAT64

DNS64

IPv6 Only for

Apple IOS 10.3+

464xlat for

Android 4.3+

What’s in the trailing 9.61% IPv4?

• Really old handsets

• Tethering

• MVNOs (Virtual Operators)

• Some IOT/M2M Devices

• Some Tablets

Source: Stephan Lagerholm, Tmobile,

RM Task Force Meeting, April 2017


IPv6-Only Mobile ISP, “464 xlat” (RFC 6877)

#1: IPv6 Application to IPv6 Internet



IPv6

APP

IPv4

APP

4IPv6

APP

6

4


IPv6 Only InternetIPv6 Only Network

IPv6

APP

IPv6

APP IPv6

IPv6IPv6

APP

IPv6

APP

Got a AAAA Record?

Yes I do!IPv6

Only

Stack

IPv6

APPIPv6

APP

DNS

6Great! Let’s Talk IPv6!

IPv6 Only Device

47BRKIP6-2616

#1: IPv6 Application to and from IPv6 Internet


Got a AAAA Record?

No, but I can create one

OK, Let’s Talk IPv6NAT

64

(Stateful)

Synthesized AAAA with ISP NAT64 Prefix + IPv4 Destination

48BRKIP6-2616


“464 xlat”, RFC 6877

DNS

DNS64

+

IPv6

APP

IPv6

APP IPv6

IPv6IPv6

APP

IPv6

APPIPv6

Only

Stack

IPv6

APPIPv6

APP

IPv6 Only Device (Apple)

4

IPv4 InternetIPv6 Only Network


Got an A Record?

Yes, here is an A Record

OK, Let’s Talk “464”NAT

64

(Stateful)

NAT64 Prefix configured or discovered in advance + IPv4 Destination

49BRKIP6-2616


“464 xlat”, RFC 6877

DNS

IPv6

APP

IPv6

APP IPv6

IPv6IPv6

APP

IPv6

APP IPv6

Only

Stack

IPv6 Only Device (Android)

4

IPv4 InternetIPv6 Only Network

IPv4

APP

IPv4

APP

“CLAT “

IPv4 to IPv6


• ISATAP

• Manual Static GRE Tunnels

Some “Classic” IPv6 Transition methods

50

• Teredo

• 6to4

BRKIP6-2616 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 51

Auto IPv6 – Progressive IPv6 Phase

IPv4

IPv6

BRKIP6-2616


Auto IPv6 – IPv4 Sunset Phase

IPv4

IPv6

Auto IPv6 – Dual Stack Reached


Auto IPv6 – Both Phases Together

IPv4

IPv6

BRKIP6-2616


Example IOS configuration

interface Virtual-Template0

tunnel mode gre auto-ipv6

tunnel source Loopback0

ipv6 enable

ipv6 ospf enable

!

router ospf 1

auto-ipv6 virtual-template0

!

BRKIP6-2616


• Works with your actual IPv6 address plan

• Fully Automatic, “just turn it on”

• Completely transparent to hosts

• Full Lifecycle Transition to IPv6-only

Auto-IPv6: “The end of IPv4 in your Network”

55


IPv6-Only

ISP

B


Policies in IPv6


Network is the Computer

IPv6 SR, 6CN…

ISP

A

Service

C

1 2 3

#2 Multiple Prefixes and Addresses per Host (Client or Server)


Multihoming with Multiple IPv6 Prefixes

ISP A

ISP B

A

B

app

Source + Destination RoutingBRKIP6-2616


Multihoming with Multiple IPv6 Prefixes

ISP A

ISP B

Prefix A

Prefix B

src addr from B

src addr from A

AB

app

Source + Destination RoutingBRKIP6-2616


Source: Marcus Kean, Microsoft IT, at V6OPS IETF-99

59

Enterprise IPv6 Multihoming

Default IPv6 Source Selection

rules in RFC 6724 combined

with destination based IP

routing and BCP 38 filtering

leads to dropped traffic

BRKIP6-2616


• All FIB entries are associated with a source prefix

• ::/0 for entries without a source prefix

• draft-ietf-rtgwg-dst-src-routing

• Algorithm1. PotentialRoutes :=Longest match(es) on destination prefix

2. SourceRoute := longest match on the packet source in the

PotentialRoutes

3. If not found, then back to 1) with a shorter match

• Other implementations are possible

Source And Destination Routing (SADR)

60BRKIP6-2616


• Packet SRC = 2001:db8:1::1 to DST = 2001:db8:face::b00c via R1

• Packet SRC = 2001:db8:2::1 to DST = 2001:db8:face::b00c via R2

• Packet SRC = 2001:db8:2:1::1 to DST = 2001:db8:face::b00c via R3

SADR Example

Source Destination Next - Hop

::/0 ::/0 R1

2001:db8:1::/56 ::/0 R1

2001:db8:2::/56 ::/0 R2

2001:db8:2:1::/64 ::/0 R3

61

“ISP A”

“ISP B”

“VPN”

BRKIP6-2616


Selecting a Better Source Address

Provisioning Domain “PvD” ID Router Advertisement Option

- At most one occurrence in each RA.

- PvD ID is an FQDN associated with options in the RA.

- H bit to indicate Additional Information is available with HTTPS.

- L bit to indicate the PvD has DHCPv4 on the link.

- Seq. number used for push-based refresh.

62BRKIP6-2616


Additional (application specific) Information about the Network

RA

When the H bit is set:

GET https://<pvd-id>/.well-known/pvd

HTTP/TLS

63

RA contains a pointer to “Additional Information” about the PVD

BRKIP6-2616


A New, Evolutive API and Transport-Layer Architecture for the Internet: https://www.neat-project.org/

10 partners (Cisco, Mozilla, EMC, Celerway…)

“taps” IETF group formed, including Apple, Google, Cisco

Integration to NEAT open source code: https://github.com/NEAT-project/neat/pull/80

Plenary session in Oslo

IPv6 Multiprefix NEAT Integration

Asking the user to choose with relevant criteria and simple UI

64BRKIP6-2616

https://www.neat-project.org/

https://github.com/NEAT-project/neat/pull/80


6CN - Routing beyond the network interface

IPv6


Routing directly to IPv6 Content

• Identify each video chunk with a unique IPv6 address.

• http://[2001:420:44f1:201a:c004:421:531:1]/

• Instead of: http://cdn.example.com/video?cid=1af429fac&profile=12&[...]


The Universal Resource (Locator) Identifier

IPv6 increases this part by 30 orders of magnitude. 6CN uses it.


Accessing content today

Content Name

Service

68BRKIP6-2616


Accessing Content with IPv6-Centric Networking

Content Name

Service

69BRKIP6-2616


https://www.ietf.org/proceedings/96/slides/slides-96-dispatch-1.pdf

70BRKIP6-2616

6CN Content Packaging

Cisco, NBC Universal,

Drexel University


6CN Encoded Content

IPv6: Service Prefix

IPv6: Object ID

BRKIP6-2616 71


- Extract 6CN metadata

- Determine video chunk boundary

- Produce aggregate chunck records

{

"version”,

"ingressInterface”,

"egressInterface”,

"flowStartNanoseconds”,

"dataLinkFrameSize”,

"sourceIPv6Address”,

"destinationIPv6Address”,

"protocolIdentifier”,

"ipClassOfService”,

}

IPFIX records

stream_type,

service_id,

show_id,

episod_id,

profile,

duration,

chunk_nr

6CN Format in JSON

+

6CN pre-processor

Network-Native and Content Analytics

KafkaLogstash +

BRKRST-2616 72


Gig

abyte

s

Bytes vs. Hours for a given video (in HD or SD)

73BRKIP6-2616

Cumulative Gigabytes of Video Cumulative Hours of Video Delivered

Hours

14 hour test period, using IPFIX records sent to PNDA (logstash & Kafka)

HD

SD

HD

SD


Cisco Open Media Distribution (OMD) v3.5

If you would like to try 6CN, please

contact us:

Eric Vyncke [email protected]

Mark Townsley [email protected]

https://www.cisco.com/c/en/us/products/video/open-

media-distribution/index.html

6CN documentation at 6cn.io/6cn-doc.pdf

Apache Traffic Control 6CN Configuration

BRKIP6-2616 74

mailto:[email protected]

mailto:[email protected]

https://www.cisco.com/c/en/us/products/video/open-media-distribution/index.html

http://6cn.io/6cn-doc.pdf


IPv6-Only

ISP

B


Policies in IPv6



iOAM, 6CN…

ISP

A

Service

C

1 2 3

#3 IPv6 Extensions – The Network truly is the Computer!


MPLS and IPv6 Segment Routing

Payload

MPLS

Segment

Routing

20 Bit

20 Bit

20 Bit

20 Bit

128 Bit

128 Bit

128 Bit

128 Bit

IP

For more information on Segment Routing, see: http://www.segment-routing.net/



Payload


IPv6

Segment

Routing

128 Bit

128 Bit

128 Bit

128 Bit

IP



Payload

MPLS

Segment

Routing

20 Bit

20 Bit

20 Bit

20 Bit

IP


IPv6

Segment

Routing

128 Bit

128 Bit

128 Bit

128 Bit

IP

Payload


IPv6 Segment Routing in Action

Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DCSR SRBSRA IPv6IPv6IPv6IPv6

“Last Segment” “Current Segment”



Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

A

SRBSRA IPv6IPv6IPv6IPv6




Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

A





Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

Segment D

Segment C

Segment B

Segment A

Source S

Dest B

Payload

BA





Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

Segment D

Segment C

Segment B

Segment A

Source S

Dest B

Payload

BA





Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

Segment D

Segment C

Segment B

Segment A

Source S

Dest B

Payload

Segment D

Segment C

Segment B

Segment A

Source S

Dest C

Payload

B CA





Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

Segment D

Segment C

Segment B

Segment A

Source S

Dest B

Payload

Segment D

Segment C

Segment B

Segment A

Source S

Dest C

Payload

B CA





Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

Segment D

Segment C

Segment B

Segment A

Source S

Dest B

Payload

Segment D

Segment C

Segment B

Segment A

Source S

Dest C

Payload

B

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

C DA




Apps, DataServices and FunctionsNetwork

87BRKIP6-2616


IP is routed through a set of network nodes or services represented by a list of IPv6 addresses


6CN Service Hunting

Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload



6CN Service Hunting

Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

A


?


6CN Service Hunting

Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

A


?


6CN Service Hunting

Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

Segment D

Segment C

Segment B

Segment A

Source S

Dest B

Payload

BA


?

?


6CN Service Hunting

Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

Segment D

Segment C

Segment B

Segment A

Source S

Dest B

Payload

BA


?

?


6CN Service Hunting

Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

Segment D

Segment C

Segment B

Segment A

Source S

Dest B

Payload

Segment D

Segment C

Segment B

Segment A

Source S

Dest C

Payload

B CA


?

?

?


6CN Service Hunting

Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

Segment D

Segment C

Segment B

Segment A

Source S

Dest B

Payload

Segment D

Segment C

Segment B

Segment A

Source S

Dest C

Payload

B CA


?

?

?


6CN Service Hunting

Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

Segment D

Segment C

Segment B

Segment A

Source S

Dest B

Payload

Segment D

Segment C

Segment B

Segment A

Source S

Dest C

Payload

B

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

C DA


?

?

?


6CN Service Hunting

Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload


Copy of DCopy of D


6CN Service Hunting

Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

A


?

Copy of DCopy of D


6CN Service Hunting

Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

A


?

Copy of DCopy of D


6CN Service Hunting

Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

Segment D

Segment C

Segment B

Segment A

Source S

Dest B

Payload

B CA


?

?

Copy of DCopy of D


6CN Service Hunting

Source, S

Segment D

Segment C

Segment B

Segment A

Source S

Dest D

Payload

Target Dest, DC

Segment D

Segment C

Segment B

Segment A

Source S

Dest A

Payload

SR

Segment D

Segment C

Segment B

Segment A

Source S

Dest B

Payload

B CA


?

?

Copy of DCopy of D


Application Service “Hunting” with SRv6

• Assume we want to probe 3 replicas of VIP:: hosted in S1::, S2::, S3::

A::

S1:: S2:: S3::

VIP:: VIP:: VIP::

vRouter

VM/container

IETF draft-filsfils-spring-srv6-network-programming-00, “END.S” function

physical machine

BRKIP6-2616 101



• Define SR search function [2] to accept/forward based on target app load

SR

Hdr

IPv6

Hdr

SA = A::

DA = S1::

VIP::

S3::

S2::

S1::

SL=3

A::

S1:: S2:: S3::

VIP:: VIP:: VIP::

BRKIP6-2616 102IETF draft-filsfils-spring-srv6-network-programming-00, “END.S” function


SR

Hdr

IPv6

Hdr

SA = A::

DA = S2::

VIP::

S3::

S2::

S1::

SL=2



A::

S1:: S2:: S3::

VIP:: VIP:: VIP::



SR

Hdr

IPv6

Hdr

SA = A::

DA = VIP::

VIP::

S3::

S2::

S1::

SL=0



A::

S1:: S2:: S3::

VIP:: VIP:: VIP::



SRv6LB: Application Load Balancing without the Load Balancer

• No out-of-band monitoring

• Operates at Network Level

• Balancing among a set of servers (where applications actually reside)

SYN

SYN

Select a set of

candidate servers

accept or forward to

next candidate based

on local application

metric (e.g., load)

Application

Servers

BRKIP6-2616 105


SRv6LB: Application Load Balancing without the Load Balancer

• No out-of-band monitoring

• Operates at Network Level

• Balancing among a set of servers (where applications actually reside)

SYN

SYN

Select a set of

candidate servers




metric (e.g., load)

Application

Servers

BRKIP6-2616 106




metric (e.g., load)


SRv6LB Flow Setup and Teardown

LB Router(s) S1 “not busy” S2Client

“SYN”

“SYN-ACK”

“ACK”

“FIN”

Search (Insert 2 SIDs)

Record (Process SID w/arg)

Steer (Insert 1 SID)

LB Functions (per Fow):

Withdraw (Process 1 SID)


SRv6LB Flow Setup and Teardown

LB Router(s) S1 “busy” S2Client

“SYN”

“SYN-ACK”

“ACK”

“FIN”

Search (Insert 2 SIDs)

Record (Process SID w/arg)

Steer (Insert 1 SID)

LB Functions (per Fow):

Withdraw (Process 1 SID)


The Power of Two Choices

• Select two servers at random, build IPv6 SR List accordingly

1st choice2nd choice

M. Mitzenmacher, “The power of two choices in randomized load balancing,” IEEE

Transactions on Parallel and Distributed Systems, vol. 12, no. 10, pp. 1094–1104,

2001.BRKIP6-2616 109


Experimentation: Improved page-load time under load

Maglev

IPv6 SRLB

2x

1.5x

2.6x

20000 requests, X=4

Page Load Time Improvement Factor

BRKIP6-2616 110


And one more thing…v6

v6

v6

v6

v6

v6v6

v6

v6

v6

v6v6 v6

v6 v6v6 v6

v6 v6v6 v6

v6

v6v6v6v6

v6v6

v6v6

v6v6

v6v6

v6v6

v6

v6

v6

v6

v6v6

v6

v6

v6

v6

v6

v6

v6

v6

v6

v6v6 v6

v6v6

v6

v6

v6

v6

v6v6

v6v6

v6 v6

v6v6

v6

v6 v6

v6

v6 v6

v6 v6

v6 v6

v6 v6

v6v6 v6

v6 v6v6 v6

v6 v6

v6 v6v6

v6 v6v6 v6

v6 v6v6v6 v6v6 v6

v6 v6

v6 v6

v6 v6

v6 v6

v6 v6

v6 v6

v6 v6

v6 v6

v6 v6

v6v6v6 v6

v6 v6

v6

• Storage routed directly to disk

• No SCSI

• No RAID

• No File Systems

• No Web Servers, no HTTP

BRKIP6-2616 111


2001:DB8:1: 1:3: 0123:4567:89ab

112BRKIP6-2616

Network Native IPv6 Storage


But won’t we run

out of Addresses

if we use them

like this?

113BRKIP6-2616

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco PublicHilbert Map by Vasco Asturiano and Dave Plonka (Akamai)

http://bl.ocks.org/vasturiano

114BRKIP6-2616

http://bl.ocks.org/vasturiano

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco PublicHilbert Map by Vasco Asturiano and Dave Plonka (Akamai) 115BRKIP6-2616











How much IPv4 can fit into IPv6?

1. Begin with 4 billion Global IPv4 addresses

2. NAT each address from #1 into 65535 more Private addresses

3. NAT each individual address from #2 into 65535 more Private addresses

4. Repeat a total of 5 times

5. Finally, assign an address to a host.

6. How much IPv6 space would that be?

• 50% Tipping Point is coming soon

• IPv6 has the scale and capability to reconsider what the network can do

• Dual-Stack is Difficult and some of the world’s largest networks are already IPv6 Only – MAP and NAT64 can help

IPv6 Centric Networking


IPv6 this week in Barcelona

• BRKSEC-3200 - Advanced IPv6 Security Threats and Mitigation – 30 Jan. 14:15

• BRKIP6-2616 - Beyond Dual-Stack: Using IPv6 like you’ve never imagined – 30 Jan. 16:45

• BRKRST-3304 - Hitchhiker's Guide to Troubleshooting IPv6 - Advanced – 31 Jan. 9:00

• BRKSPG-2602 - IPv4 Exhaustion: NAT and Transition to IPv6 for Service Providers – 31 Jan. 9:00

• BRKIP6-2301 - Enterprise IPv6 Deployment – 31 Jan. 11:30

• LABSPG-3122 - Advanced IPv6 Routing and services lab – 31 Jan 14:00 & 1 Feb. 14:00

• BRKCOL-2020 - IPv6 in Enterprise Unified Communications Networks – 31 Jan. 16:30

• BRKCOC-2388 - Inside Cisco IT: A Tale of Two Protocols – 2 Feb. 9:00

• BRKIP6-2002 - IPv6 for the World of IoT – 2 Feb. 11:30

BRKIP6-2616


Cisco Spark

Questions? Use Cisco Spark to communicate with the speaker after the session

1. Find this session in the Cisco Live Mobile App

2. Click “Join the Discussion”

3. Install Spark or go directly to the space

4. Enter messages/questions in the space

How

cs.co/ciscolivebot#BRKIP6-2616


• Please complete your Online Session Evaluations after each session

• Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt

• All surveys can be completed via the Cisco Live Mobile App or the Communication Stations

Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at www.ciscolive.com/global/on-demand-library/.

Complete Your Online Session Evaluation

http://ciscolive.com/Online

http://www.ciscolive.com/global/on-demand-library/


Continue Your Education

• Demos in the Cisco campus

• Walk-in Self-Paced Labs

• Tech Circle

• Meet the Engineer 1:1 meetings

• Related sessions

130BRKIP6-2616

Thank you

Documents

Beyond Dual-Stack: Using IPv6 like You’ve Never … · the latest trends and insights of IPv6 deployment on the ... Reliance JIO India 160 Million Subscribers BSkyB ... VM Container