VIEWS: 33 PAGES: 12 POSTED ON: 4/9/2011
Problem Statement of China Telecom Guoliang YANG firstname.lastname@example.org 2011/4/9 Problems and Challenges for China Telecom 1. Address Pool Exhaustion 2. Protocol Incompatibility Predicted extinction date Different protocol Packet format Worldwide 2010.10 Different treatment for software Asia 2012.8 China Telecom 2013.3 CT status quo ( Unit: million ) 1 2 Motivation Technology Total Space 91 Exhausting speed 17per yr 4. Lack of transition experience 3. Inactive Industry Chain 4 3 Giant network scope and large Deployment Government Environment numbers of service platforms need ICP Network Customer Considerable human and material resources No practical criteria referenced No clear guidelines from government for IPv6 transition No drivers for ICP Users do not care For network management, product development Long Life cycle of ROI and service flow, no mature experiences and (ROI, Return on Investment) examples can be learned from. 2011/4/9 Contents application IPv4 Contents Transition Transition Technology Selection Problems in deploying Dual Stack NAT444 authentication network User tracing Impact on internet application Problems in deploying tunnels incapable multicast service in Ds-lite Problems in deploying protocol translation Infeasible fixed range port in DIVI Address planning strategy 2011/4/9 users Unavailable PPPoEv6 in Windows XP Transition Technology Selection Considerations which need to be made when applying various transition technologies to existing networks. Various transition technologies may have different impacts to the services: Dual Stack with Carrier Grade NAT444 Tunnel technologies Protocol Translation 2011/4/9 Problems in deploying Dual Stack Carrier Grade NAT444: Authentication Single-Sign-On of the website： The user’s IPv4 private address is allocated by BRAS after AAA process, so, only user's private ipv4 address is mapped with the user account in AAA system. In some cases, website may make SSO authentication with user’s IP address via carrier’s AAA server. User accesses the Internet website with public address, while the address in the carrier’s AAA Server is private address. So the user can not be authorized. VPN authentication In L2TP and NAT444 environments with user creating VPN itself, if the user wants to access the enterprise internal network via VPN, some authentication protocol such as EAP, may not be supported in these two environments. AAA authentication In some cases, dual stack users may establish dial-up sessions to BRAS to get IPv4 and IPv6 address separately. BRAS may probably send different radius authentication request packets to AAA. According to current anti-attack policies in AAA server, the AAA server will deal with the first request packet and ignore the other ones. 2011/4/9 Problems in deploying Dual Stack Carrier Grade NAT444: User tracing Flow Analysis System and Behavior Analysis System The existing Flow Analysis and Behavior Analysis System of Carrier is centralized and deployed in backbone. In NAT444 environment, they both need to be placed before NAT device, in order to collect users’ data and analysis their behavior accurately by their IPv4 address. 2011/4/9 Problems in deploying Dual Stack Carrier Grade NAT444: Others Internet user access the private network users initiatively. Currently two access methods are considered in the metropolitan area network: Communication between Private IP host, the traffic will not go through NAT444 device. Communication between Private IP host and Public one, the traffic will go through NAT444 device. For the user who wants to visit a website which is provided by private address host, it is not accessible. NAT444 doesn’t support the current PPTP VPN. 2011/4/9 Problems in deploying tunnel What is the sequence of deployment for tunnel technologies: 6RD、DS-lite and L2TP, etc 6RDDS-lite or directly to DS-lite? Incapable multicast service in DS-Lite: For China Telecom, the IPTV multicast replication point is located in BRAS. There is a trend to move down the replication point to access node. In the DS-Lite scenario, the IPTV multicast replication point will be at AFTR which will lead some performance problems and conflict with the above trend. What is the investment benefit and maintenance cost of different tunnel technology? 2011/4/9 Problems in deploying protocol translation Infeasible fixed range port in DIVI DIVI assigns a fixed range of ports to the HG, for users sake, it is infeasible and unfair for customers. Much larger traffic will pass the DIVI gateway than other technology 2011/4/9 Address Planning Strategy When IPv6 is deployed, how to plan the IP address pool in a large scale network is a problem. 2011/4/9 IPv4 Contents Transition Lacking business driven and technology driven for IPv4 Internet contents Providers (ICP) to provide IPv6 contents. For example, the lifecycle of online games is short and deploying IPv6 has long lifecycle of ROI. (Return on Investment) ICPs need carriers’ guidelines or solutions about the IPv4 contents transition. How ICP can provide IPv6 services with the least changes? 2011/4/9 Thank you 2011/4/9
"Problems in China Telecom (PowerPoint)"