• Home

    • Welcome to the next step of Collaboration within the Cisco technical community in Belgium and Luxembourg
  • Categories

  • Archives

  • Cisco Belgium Tweets

  • Advertisements

The IPv6 Implementation Action Plan (by TechWiseTV)

Isn’t real time to think about your company’s (and personal)  network migration to IPv6? 

That’s why today I want to share this (quite long but) very interesting video produced by our  TechWiseTV friends Robb Boyd & Jimmy Ray.

They have interviewed Cisco’s IPv6 experts around the world and walk us thru the key steps to successful implementation. The security implication are of course covered as well as co-existence mechanisms such as NAT64.

And not to forget Cisco’s own real-world experiences with IPv6, from the backstage of World IPv6 day last June ’11. See more links below.

If you wish to attend a deep dive workshop on this topic, feel free to contact me at jpa@cisco.com

World IPv6 Day: A Watershed Moment Towards a New Internet Protocol

Cisco.com users on World IPv6 Day 5 to 10 times more likely to use IPv6 than visitors to other websites

Advertisements

Fosdem 2011, IPv6 on Cisco’s Wireless

Over the last week-end, a group of Cisco’s volunteers, assisted the FOSDEM to get a proper network up and running; this is our story !

What is FOSDEM ?

FOSDEM, the Free and Open Source Developers’ European Meeting, is the biggest free and non-commercial event organized by and for the community. It’s taking place in Brussels for the last 11 years.

The event has been growing over the years and now welcome ~5000 visitors for two days of keynotes, speeches, lightning talks covering many many FOSS projects.

A group of volunteers from Cisco Belgium is helping FOSDEM to build the Internet access network, using Wireless.

What is special with this network ?

The audience you have at FOSDEM is very fund of network access, and also pretty knowledgeable, so not the common user base you’d find in an enterprise or another event. So pressure on getting it right and highly secure on the infrastructure side is key. An example of this was being able to detect and react nearly instantly to rogue DHCP/DNS server trying to poison the network. The Cisco Security toolkit embedded  in the Catalyst switches prevented this to be possible.

What was deployed and how was it configured ?

WAN Edge

We were provided by Belnet with a one Gigabit uplink within the Internet Exchange located on the ULB campus in Ixelles. The peering was done using an ASR 1004 running IOS-XE 3.1(2) and fiber uplink.

Campus

From the ASR a fiber, provisioned on the ULB underground fiber path, is going to our main comm’s room and terminated on a 12 ports 10Gig  fiber switch, a Catalyst 3560E-12D. And from the comm’s room, all 4 access switches, being a mix of 24 and 48 10/100/1000 PoE+ switches (3560-X series)

The Access-points were a mix of 1142 and 1252 abgn, depending of the site-specific needs.

Management and monitoring

On the Wireless, we were using the combined ULB and FOSDEM WLAN’s into one single WLAN. Maintaining full benefit of centralized wireless controllers for management, monitoring and reporting.

Reporting of network statitics and monitoring was done using Munin and Cisco WCS. We were also serving our own DNSv6 (& v4) server for local users.

Lastly we tested IPv6 only connection using DNS64 and NAT64 built on FreeBSD kernel. This has be proven to work really well and as such we are thinking of providing only IPv6 addresses at next year conference, but  🙂

Config:

The complete config used for the main router has been published at the Support Community website

Finally let’s the results speak for themselves:

Over the w-e, we had 4171 unique users on the WLAN and a peak at 1672 concurrent users on Saturday around 16.00 CET

Interesting to note is that amongst those 4171 unique devices on the FOSDEM network,  595 were Mac/iPhone/iPad, 452 were HTC devices, 341 Nokia, 56 Samsung, 23 RIM (Blackberry) and 806 were using an Intel chipset…

What about IPv4 to IPv6 ratio ?

We have seen about 1.85k IPv6 link-locals (==total devices whith IPv6 enabled) while 2.18k IPv4 addresses were cached at the router; which means 84% devices had IPv6 enabled !!

And a total of 1.08K global IPv6 addresses( == IPv6 used); that is 49.5% actually went to the v6 Internet.

So would said IPv6 was lagging adoption ?

If you want to have a look at how it was last week-end, check the video below:

IPv6 Unified Communications

Hello,

In this post I want to update you with what is available today when implementing Unified Communications on an IPv6 network.

What you need to retain from this post, is that IPv6 is available today when deploying Cisco Unified Communications, and it can be enable in a few easy steps. (Let’s agree that this would be first done in a lab though 😉

Configuring the UC server

The Ethernet interfaces of the UC server can be configured both in CLI and GUI [fig. 1]. This configuration is at OS level. An important note here is that Cisco UC-OS is a Common Application Run-time for most existing Cisco UC products, meaning that once a feature is available in it, it can be exposed and used by any UC applications.

with CLI, enable IPv6 :

set network ipv6 service enable

set a static IPv6 server address :

set network ipv6 static_address <addr> <mask>

review IPv6 address settings :

show network ipv6 settings

Or using the UCOS GUI, as showed below. This is done in OS administration; under Settings > IP > Ethernet IPv6

ucv6_srv_cfg

Configuring the CUCM, at the application level for phone and intra-cluster communications

The IPv6 address can be used for both phone to UC server and between server communications [fig. 2]. This is required configuration for every server in the cluster where you wish to use IPv6.

Either a AAAA record or IPv6 address can be used for the IPv6 name. In case of AAAA, your DNS (v4 and v6) will need to provide resolution for it.

under System > server

ucv6_ucm_cfg

Enabling IPv6 for IP Phones to Server communications

You will first need to enable IPv6 cluster-wide, and then have the option of setting your signaling and media preference parameters either cluster-wide [fig. 3] or per group of phone [fig. 4]

under System > Enterprise Parameters

ucv6_ent_param_cfg

under Device > Device Settings > Common Phone Profile

ucv6_common_device_profile


SIP trunking

SIP trunk can be configured directly on CUCM or on an IOS VoIP gateway or SBC (like CUBE). More details on SIP trunks are covered in this previous post.

SIP trunking is fully supported in both IPv6 only and dual-stack depending of your needs. Both SIP Early Offer or Delayed Offer with ANAT or without ANAT are supported.

Today the recommended addressing mode would be dual-stack leaving the option to select one or the other thru ANAT.

IPv6 destination address and SRV records can be used in configuration.

A few work on ANAT:  Alternative Network Address Types (RFC 4091)

ANAT is an application layer mechanism that permit the offer of both IPv4 and IPv6 address in the SIP invite (mid:1 and mid:2) as well as indicating a preference (group:ANAT 2 1) where here mid:2 is the preferred choice.

SIP INVITE with SDP ( Early Offer)

a=group:ANAT 2 1
m=audio 18356 RTP/AVP 0
c=IN IP4 192.0.2.1
a=mid:1
m=audio 16462 RTP/AVP 0
c=IN IP6 2001:db8:aaaa::987:65ff:fe01:234b
a=mid:2

Then in the SIP answer  200 (OK) with SDP, shown below, the remote end replied saying, ok I can do IPv6, as group:ANAT 2 indicate. And to further indicate this, the UDP port number for IPv4 is set to zero.

a=group:ANAT 2
m=audio 0 RTP/AVP 0
c=IN IP4 192.168.1.1
a=mid:1
m=audio 16462 RTP/AVP 0
c=IN IP6 2001:db8:bbbb::123:45ff:fe32:191d
a=mid:2

So ANAT gives us an application aware, very flexible way to inter-connect multiple call-agents (could be both in your enterprise or between you and a service provider or another enterprise)

In conclusion

UCv6 is available today, and despite full feature set are not fully available yet, you can already start testing and validating this deployment. IPv6 only IP phones can be deployed today and be a starting point to help you save your IPv4 addresses.

Cisco has about 10 customers using it in production environment today. And we expect to provide a full featured UCv6 solution within the next 2 years.

Jerome

IPv6 – the next generation challenge for Service Providers

John Chambers on IPv6 at Google Conference :

As we near 2012 when the last IPv4 address is assigned to a new subscriber, SPs must maintain and continue to accelerate growth. Billions of new devices such as mobile phones, portable multimedia devices, sensors, and controllers will demand Internet connectivity in the next five years. SPs need a solution that supports unconstrained global accessibility.

CGv6 is designed to help SPs deal with these challenges. With CGv6, SPs can:

  • Preserve investments in IPv4 infrastructure, assets, and delivery models through the use of Large-Scale Network Address Translation, along with private IP addressing.
  • Prepare for the smooth, incremental transition to IPv6 services that are interoperable with IPv4 using high-performance Tunneling technologies, combined with Large-Scale Address Family Translation.
  • Prosper through accelerated subscriber, device, and service growth enabled by private IP and IPv6.

CGv6 extends the already wide array of IPv6 platforms, solutions, and services. We’re introducing a Carrier-Grade Services Engine (CGSE) for the CRS-1 family, as well as supporting new features for the ASR family. Cisco CGv6 helps you build a bridge to the future of the Internet with IPv6.

For more IPv6 related information, make sure to visit :

http://www.cisco.com/go/ipv6

John Chambers on IPv6 at Google Conference

It’s lab time

When you receive your phone bill today and are surprised by the amount you have to pay. You immediately start inspecting the details about your telephone conversations. In there you can find all kinds of interesting information: telephone number called, duration of call, start and end time, cost,… After a thorough analysis you realise that you should be calling more from your IP phone and stop taking your cellular for making those long distance calls. But that is not the main point of todays topic.

If you think about it, the same principle applies to your network utilization. Consumption of network resourses costs money and it is sometimes difficult to do capacity planning. The same information that is on your telephone bill is available through Flexible Netflow on traffic flowing over your network infrastructure. It gives you detailed information on the packets travelling from source to destination.

Are you ever wondering what kind of traffic is running on your network, what applications are consuming more bandwidth, who are the top talkers?

Take a look at this video, enable Flexible Netflow and find out.

More information on:
Cisco IOS Flexible Netflow Technology White Paper

Borderless Power Management with Cisco EnergyWise

Cisco EnergyWise was first introduced in February 2009 (Best of InterOp 2009 Green Award) and is basically a response to the very high demand from businesses to monitor, control and manage energy.

“Green” is a hot topic nowadays. Not only will it save businesses a lot of money instantly but having a green image as a business is also of not to be underestimated value in terms of marketing.

Think about the environmental concerns and government directives, there is an increased need for sustainable and “green” business IT operations.
Methods to measure power consumption and control energy output are now the focus of businesses worldwide, with customers looking for consolidated energy management across different device and communications media.

So what exactly is Cisco EnergyWise ?

Cisco EnergyWise is an innovative architecture, available “free of charge” in our existing Cisco Catalyst switches and Integrated Services Routers.

EnergyWise enables companies to measure the power consumption of their network infrastructure and network-attached devices, and to manage the power consumption using specific policies leading to reduced power consumption and important cost savings, and this potentially for any powered device.

How does it all work? Well I can’t explain it better then Robb Boyd:
Fundamentals of Cisco EnergyWise


Cisco’s vision for EnergyWise consists out of 3 phases:

Phase 1: ‘Network Control’, is the management of the energy consumption of IP enabled Power over Ethernet devices like IP-phones, physical security cameras and wireless access points through EnergyWise.

In my next blog I’ll talk more about Phase 2!

Learn more: http://www.cisco.com/en/US/products/ps10195/index.html

Estimate your potential savings with this green calculator: http://www.cisco.com/assets/cdc_content_elements/flash/netsys/calc/demo.html Continue reading

The Power of Participation

Today, Cisco launched the “Power of Participation”, an important extension to both Cisco’s Borderless Networks architecture and Cisco’s Data Center Business Advantage architectural framework.

Why the “Power of Participation”? Because we are right in front of the third wave of the Internet Evolution. Wave 1 (1990s) was all about connectivity and transforming transactions (E-commerce, B2B, B2C). Wave 2 (2000s) was about driving inclusion and transforming interactions through social media and the consumerization of IT. Last week, in this blog, I mentioned some future trends: mobility, internet of things, cloud and collaboration/video. As these trends take full scale, they will fundamentally transform organizations and we will be entering Wave 3 of the Internet Evolution: an era of changed business interactions and new user expectations. In this era, end users will expect their collaborative, video-rich work environment virtually and securely Anywhere, Anytime on Any Device of their choice (the New Normal). They will demand a Borderless Experience giving them the Power to Participate optimally to business. In this new era, businesses will also demand to IT the Power to Participate and transform in an agile way into new and changing business models.

How will we enable this Borderless Experience and these new business models? Through an architectural Borderless Networks approach delivering uniform network services. In previous Borderless Networks launches, we already delivered network services such as Motion (driving Anywhere mobility capabilities); Medianet (supporting media-rich video collaboration), EnergyWise (driving energy control and building management) and TrustSec (driving secure support for Any Device and controlled access for Anyone).

In today’s announcement, we take an important next step in delivering Anywhere – Any Device capability with the launch of AnyConnect 3.0. The Cisco AnyConnect Secure Mobility Client provides a single 802.1x authentication framework, allowing smooth and transparent wired or wireless access and delivering a seamless Always-On secure (IPSec VPN, SSLVPN, MacSec, …) borderless connectivity experience  across a broad set of PC- and Smartphone-based mobile devices (windows, Apple iPhone, …) (http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/data_sheet_c78-527494_ps10884_Products_Data_Sheet.html). Advantage for the end user: the ability to access and use his business applications seamlessly and securely – without any technology complexity – whether on the wired network at work, on the wireless network in a meeting room, on a wireless guest net, on the road or at home. Advantage for the IT department: being able to open up the access policy to a broad set of devices while still guaranteeing security compliance. This solution also allows to take advantage of cloud-based services while maintaining consistent security policies towards the applications, whether in the on-premise datacenter or in the cloud (www.cisco.com/go/anyconnect).

A Borderless Experience also requires a perfect end-to-end application experience. To enable this, Cisco announced the Application Velocity network service. This network service delivers a network that is application aware, has application visibility and monitoring capabilities, can accelerate applications (WAAS express, WAAS on the Integrated Services Routers ISR-G2’ Services Ready Engine (SRE) (www.cisco.com/go/appvelocity) and can deliver application agility and extend application virtualization up to the branch office (Unified Computing System (UCS) on the ISR-G2 Services Ready Engine (www.cisco.com/go/ucse)).

The launch also considerably expands the network infrastructure in terms of high density and high performance through new announcements in the wireless offering (1040 access points), the Catalyst 4500 platform, the high-end ASR routing platform, the new high-end ASA5585 firewall, the LMS4.0 management platform and EnergyWise.

To enable you to take a fast start in this important network transformation to a Borderless Networks architecture, Cisco has created detailed Validated Design Guides that can help you on your journey: the Smart Business Architecture for mid-sized networks and enterprises  (http://www.cisco.com/en/US/solutions/ns340/ns414/ns742/ns982/landing_sBus_archit.html).

So, who is the person on the picture above? Well, meet Ike Theodore (IT) Willis and follow him towards the Borderless Networks challenge, Oct 5th – Oct 8th and take the chance to win a trip to see Your Wonder of the World: www.cisco.com/go/challenge.

For more info on the announcements, please go to www.cisco.com/go/borderless.

%d bloggers like this: