Minutes

SIG: IPv6 technical

Wednesday 7 September 2005, Melia Hotel, Hanoi, Vietnam

Meeting commenced: 11:00 am

Chair: Kazu Yamamoto

Co-chairs: Tao Chen and Tomohiro Fujisaki

The Chair introduced the session and thanked the sponsors. He then introduced Co-chair Tomohiro Fujisaki, and noted that the other Co-chair, Tao Chen, was not able to attend as he was making a presentation at the concurrent NIR SIG meeting.

Contents

  1. Review of previous open action items
  2. IPv6 allocation status report
  3. Current activity on research and development of IPv6 products in Japan
  4. IPv6 distributed security
  5. IPv6 auto-transition
  6. JPNIC IPv6 registry service experience
  1. Review of previous open action items

    • None.

    Top

  2. IPv6 allocation status report

  3. Sunny Chendi, APNIC

    Presentation [ppt | pdf]

    This presentation discussed the IPv6 routing table and IPv6 assignments and allocations made by APNIC. It was noted that as of July 2005, APNIC had made 213 IPv6 assignments, the second largest number of assignments among the RIRs. In terms of total assignment size, both RIPE NCC and APNIC have assigned over 1000 /48s. As of August 2005, APNIC had received 36 /23s from IANA. The presentation looked at the distribution of APNIC's IPv6 allocations throughout the region in terms of economies and organisations.

    The speaker noted that APNIC has implemented a new fee structure for NIRs and confederations, with a 90% discount on per address fees for NIR members and a waiver of the per address fee for allocations to confederation members that maintain a single pool. Experimental, IXP, and Critical Infrastructure assignments were also examined, as well as the IPv6 routing table and the size of allocations made by APNIC.

    Questions and discussion

    • There was a question about the IX assignment graph, noting an inconsistency in the number of assignments to Japan and Korea. The speaker clarified that it was an error in the slide.
    • It was asked whether the speaker could elaborate on the IPv6 routing table and whether the global routing table should include /35s. It was noted that there is no routing restriction saying that prefixes cannot be longer than /35. It was noted that APNIC can provide a fuller version of the routing table.

    Action items

    • None.

    Top

  4. Current activity on research and development of IPv6 products in Japan

  5. Naota Sawabe, IPv6 Promotion Council of Japan

    Presentation [pdf]

    This presentation described the current state of IPv6 product development in Japan. The speaker introduced the IPv6 Promotion Council of Japan (IPv6 PC), a non-profit, non-governmental organisation established in 2000. At this stage, the IPv6 PC has 359 members. The speaker noted the PC's relationships with various government and business bodies in Japan.

    The speaker outlined some of the products on display in the IPv6 PC showroom, located in Tokyo. These included products from Sanyo (digital camera and home gateway), Canon ( web camera system), Yokogawa (remote controller, voice navigator, field information server, and network solution controller), Dentsu (digital video distribution system), NEC (video conference system), Panasonic (Internet Printing Protocol, web camera, IP phone), Toshiba (video chat system), HIC (video chat system, using m2m-x protocol), Freebit (IP phone terminal), and Fujitsu (intelligent mobile IP terminal), some of which are already in commercial production.

    The speaker then looked at recent research and development activity, including the Facility Networking working group, whose goal is to reduce the life cycle cost (LCC) of buildings through the use of IPv6 network technology. This working group staged an interconnection experiment in July 2005. The speaker also discussed the VoIP System Interoperability Task Force, whose the goal is to ensure interoperability between different VoIP systems using SIP, and to prepare the environment for testing this interoperability. This task force has conducted four interoperability tests to date, and has reached agreements with a range of vendors and providers.

    The speaker noted the Live E! project, which is working on a system that allows the distribution of weather and environmental information using a Digital Weather Station. He also mentioned the IPv6 Ready Logo program, which is aiming at a certification program for IPv6 products �V this is currently moving into phase 2, with 180 products already having received a phase 1 logo. The IPv6 Transition Field Trial is also in progress.

    The speaker concluded with a prediction that IP telephone and information appliances will spread gradually, while building maintenance and security applications will spread more rapidly.

    Questions and discussion

    • There was a question about the commercial availability of the products discussed. It was noted that a number of them, including the web camera and VoIP system, were already available.
    • It was asked whether the speaker had any of the products discussed in the presentation on hand. The speaker noted that people would have to visit the showroom in Tokyo to see many of the products, but that there were also showrooms in Korea, China, and Taiwan.

    Action items

    • None.

    Top

  6. IPv6 distributed security

  7. Jordi Palet, Consulintel

    Presentation [pdf]

    This presentation is related to a European Commission project that has recently concluded, looking at how the deployment of IPv6 will affect the security of the network. The speaker noted that IPv6 has IPsec already in the stack, and that there will be an increased number of devices, many of which are "nomadic".

    The speaker noted that in this case the definition of "security" included viruses, spam, etc. The speaker noted that there is an assumption that attacks come mainly from outside, that everyone within the same LAN is trusted, that nodes would not go outside the network, that there are no backdoors, and that the hosts will not be directly accessible from outside the network. The speaker suggested that this model is accepted because it is simple and requires a minimum of configuration.

    There are a number of drawbacks with the use of the current, centralised security model, however, including the fact that it does not address internal threats, and the lack of end-to-end connection (as the firewall acts as a NAT), all of which prevents innovation. A host-based security model is recommended, which will address these drawbacks. In this model, the security policy would be centrally defined and distributed to all nodes.

    The speaker requested that questions be held until the end of his second presentation.

    Questions and discussion

    • None.

    Action items

    • None.

    Top

  8. IPv6 auto-transition

  9. Jordi Palet, Consulintel

    Presentation [pdf]

    This presentation describes a project to ensure that all devices can access IPv6, even if only connected to the Internet using IPv4. This includes looking at transition systems and overcoming firewalls and NATs. The speaker noted that there are a range of transition methods, but that these methods are not working efficiently.

    The project includes an algorithm that can be integrated into the IPv6 stack and will act as a "wizard". The algorithm will prefer native IPv6, but will allow users to use a transition mechanism, the selection of which will be based on connection performance. The algorithm is designed to make the process as easy as possible for users, and will be open to as wide a range of transition mechanisms as possible (including new or emerging mechanisms).

    The project has also examined the various means of discovery, and has concluded that DNS SRV and A/CNAME RR Unicast methods are the most applicable.

    Questions and discussion

    • There was a question about the host-based security model, noting that it had existed for many years prior to IPv6. The speaker noted that this was a model that had not been deployed globally, and that with the emergence of IPv6 there was a chance to facilitate this. He also noted that with 80% of attacks coming from internal sources, there was a need to change the fundamental way of thinking.
    • There was a question as to whether the subject addressed by the speaker was specifically related to IPv6. The speaker noted that with the extra bits provided by IPv6, end-to-end communication would now be universally possible, and this would have implications for security. The speaker also noted that innovation in the network was a priority, and end-to-end communication would allow this.
    • The speaker was asked if he had actually implemented a host-based model. The speaker noted that the project team had run some test models, but that at this point they were not ready to be tested outside the lab. The speaker also noted that there would be a BoF on distributed security at the next IETF, with the goal of establishing a new working group. He also noted that two free publications examining IPv6 issues are downloadable at the IPv6 Portal website.

    Action items

    • None.

    Top

  10. JPNIC IPv6 registry service experience

  11. Toshiyuki Hosaka, JPNIC

    Presentation [ppt | pdf]

    This presentation discussed the experience of JPNIC in establishing an IPv6 registry service. JPNIC's request agent service was launched in 2000, and in 2005, JPNIC launched its own IPv6 registry system. This service works in the same way as the JPNIC IPv4 registry, and includes reverse DNS requests and a public whois service. This means that registration can be done in Japanese, while the network information is publicly available in both English and Japanese. The speaker outlined the steps taken in establishing the JPNIC IPv6 registry service, including the method employed for replacing registered objects in the APNIC Whois Database. The transfer of objects was completed on 9 August 2005.

    The speaker offered an overview of the registry system and how it relates to the APNIC Whois Database, including some before and after examples of JPNIC IPv6 objects in the APNIC and JPNIC databases. The speaker also shared before/after statistics relating to the implementation of the new system, and noted that a specific ISP only began registering IPv6 objects after this point, which has resulted in a massive growth in the number of registrations.

    Questions and discussion

    • There was a question about the Japanese IPv6 assignments in the APNIC Whois Database discussed at the last APNIC meeting, and whether these assignments had all been moved to the JPNIC Database. The speaker reported that they had.
    • There was a question on whether JPNIC had any specific advice for other NIRs considering launching their own IPv6 registry services. The speaker noted simply that if other NIRs felt that they needed their own IPv6 registry service, then JPNIC would recommend it.
    • There was a request that the output from various NIR registries be standardised to facilitate bulk enquiries. The speaker noted that this was a worthwhile comment, and that everyone in the community used whois enquiries.
    • There was a further question asking for clarification of what should be standardised �V the original questioner noted that he wished to be able to customise scripts and that a standardised format is necessary for this. It was noted that people in the community were working toward CRISP, which would provide a solution to the problem of consistency in whois data.

    Action items

    • None.

Meeting closed: 12:28 pm

Minuted by: Chris Buckridge

Open action items

  • None.

Minutes | IPv6 technical SIG

Top

Last modified: | © 1999 - APNIC Pty. Ltd.
Contact us | Privacy statement