IPv6 Adress Policy for German Bundeswehr LTC Jörg Wellbrink, Ph.D. BMVg M II / IT 4
Current Missions German Armed Forces
Network Centric Operations
Networking Responsibilities Mbit Mbit Mbit Washington Aurich Lingen Diepholz D dorf Euskirchen Bonn Gelsdorf Rheinbach WHVRz Karlsruhe WHV4.Einf. Wahn Gerolstein Wiesbaden Mainz Veitsh. Kastellaun Germersheim Sigmaringen Garlstedt Münster Stuttgart Husum Augustd. Fritzlar Gießen Skt. Augustin Koblenz Ulm Kiel Hamburg Rostock Potsdam Munster Bayreuth Hannover Erfurt NOC Erding München Sonthofen Rostock Seehhafen Leipzig Regensburg BWI IT Service (Contractor) SATCOMBw Neubrandbġ Berlin Strausberg Dresden -Rollout NWM deployable access networks, CCIS MobKommSysBw cable & radio links Digital radios TETRAPOL IP Bundeswehr future IP based networks e.g. MANETs, SDR - - wide area networks/ - core level Gateways TDM, ISDN local area networks /access level
Mobile Communication System Bundeswehr MobKommSysBw is a complete deployable network solution, which is the central element and enables network-centric operations of mobile, tactical networks to be carried out at all command levels, using links with the home country, allies and partners. Nowadays, the MobKommSysBw solution is extremely important for Bundeswehr abroad missions. In a theater of military operation MobKommSysBw provides with services which are usually delivered by ISPs in civilian and industrial sectors. Consequently, this military solution is for the first time relying entirely on IP-based civil communications standards, e.g: IPv4, IPv6 (dual dual stack approach) ISIS, BGP MPLS ( 6VPE, VPLS) VoIP (SIP, SRTP, CUBE)
MobKommSysBw - Overview NOC Home Backbone of the Bundeswehr Transmission Networks e.g. satellite-, radio-based, cables links MobKommSysBw in a theater of military operations 6VPE System Unit System Unit Access Networks Network Management Unit Master VANx VANy Network Management Unit Slave
Address Concepts 1(3) Basic Requirements for Deployment at least 8 strategic missions (theaters of military operations) long-term coexistence (dual stack) centralized and concurrent management from the NOC in the Homeland no NAT on Edge/Peers Special Access Networks numbers of Access Networks is not specified (>>10) Scalability and Transparency varying amount of addressable end-devices (up to 4000 in one Access Network) varying amount of addressable sensor- and special-segments (small independent networks) autarchy as fallback each Access Network could demand an own (MPLS-)VPN
Dr. A. Tarhanjan (contractor) Network Solution Architect MobKommSysBw CCIE/CCDP/CCIP/CCNP/FNCNP/JNCIS-E/JNCIS-M System-Unit E1 / nx E1 / E3 FastEthernet mpls-vpn multi-vrf A B Interne Links GigabitEthernet LER C D E1 / S 2m / S 0 FastEthernet
Address Concepts 2(3) Landmark decisions Reserved BGP 2-Byte-AS # 64500 + Mi Mi*100 (Mi = 1..8) 6xN01-6xN59 Access Networks German Army 6xN60-6xN89 Access Networks & Peering partners 6xN90-6xN99 reserved IPv4 from RFC1918 10.x/12 for KommSysBwEins Mi 10.128+Mi.0.0/16 for each mission MobKommSysBw Mi 10.128+Mi.x.x/20 for internal / core structures Mi 10.128+Mi.y.y/20 or /22 for each Access Network
IPv4 to IPv6 1:1 Transition & Translation ipv6 general-prefix GenPref xxxx:xxxx::/32 ipv6 general-prefix Mission xxxx:xxxx::/40! P2P Dual-Link /64 /128 ipv6 address Mission:: ipv4-net ::xxxx! P2P IPv6 only ipv6 address Mission:: ipv6net ::x/126! Loopbacks ipv6 address Mission:: ipv4 :: identity /128! Populated segments (e.g. VLANs) ipv6 address Mission:: ipv4-net ::/64 eui-64 SLAAC + DHCP! static addresses for SERVERS only (analog ipv4)
General (hierarchical) IPv6-structure KommSysBwEins /32 autarky /36 /40 /48 KommSysBwEins MobKommSysBw Access Networks addressable units (e.g. Access Networks) addressable units (e.g. SiaS) (w/o MobKommSysBw) ad-hoc networks /etc/ SUBNETS Per UNIT /64 65536 subnets 256 subnets /56
Address Concepts 3(3) VANBw example IPv6 Global Unique Prefix /32 for KommSysBwEins /36 for MobKommSysBw /40 for each mission /48 for each Access Network e.g. VANBw Global Unique Prefix Mission VANBw#1 16bits for subnets HEX 8 EL 4 0 0 0 0 0... KommSysBw Eins 0 BITS 1000 xxxx 0100 0000 0000 0000 0000 0000... 0000 /32 /48 /64 min. 24bits (16M) for hosts HEX 8 EL B 0 0 0 0 0... 0 KommSysBw Eins BITS 1000 xxxx 1011 0000 0000 0000 0000 0000... 0000 HEX 8 EL C 0 0 0 0 0... 0 KommSysBw Eins BITS 1000 xxxx 1100 0000 0000 0000 0000 0000... 0000 HEX 8 EL C 4 0 0 0 0... 0 KommSysBw Eins - - - - - - VANBw#8 VANBw#9 VANBw#10 BITS 1000 xxxx 1100 0100 0000 0000 0000 0000... 0000
Question and Answer