V6ops Working Group Enterprise Design Team INTERNET-DRAFT: draft-pouffary-v6ops-ent-v6net-00.txt Yanick Pouffary (Chair) Jim Bound (Editor) Hewlett Packard Yurie Rich Native6 Group Marc Blanchet Viagenie Tony Hain Paul Gilbert Cisco Scott Hahn Intel Margaret Wasserman Wind River Jason Goldschmidt Sun Microsystems Mathew Lehman Microsoft Aldrin Isaac Bloomberg September 2002 IPv6 Enterprise Networks Scenarios Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. draft-pouffary-v6ops-ent-v6net-00.txt Expires March 2003 [Page 1] INTERNET-DRAFT draft-pouffary-v6ops-ent-v6net-00.txt September 2002 Abstract IPv6 will be deployed in Enterprise networks. This scenario has requirements for the adoption of IPv6. This document will focus upon and define: a set of technology scenarios that shall exist for the Enterprise network, the set of transition mechanisms needed by different scenarios, and the set of tools that shall be needed for IPv6 deployment. draft-pouffary-v6ops-ent-v6net-00.txt Expires March 2003 [Page 2] INTERNET-DRAFT draft-pouffary-v6ops-ent-v6net-00.txt September 2002 Table of Contents: 1. Introduction.................................................4 2. Requirements.................................................4 3. Terminology..................................................5 4. Design Team Assumptions......................................6 5. Enterprise Network Scenarios.................................6 6. Enterprise Points of Transition..............................8 6.1 Nodes Accessing IPv6 thru IPv4 Tunnels......................8 6.2 Nodes Accessing IPv6 thru NAT...............................8 6.3 Nodes Accessing IPv4 Services within IPv6 Network...........8 6.4 Nodes Accessing IPv6 Islands within IPv4 Network............8 6.5 Nodes Accessing IPv4 Islands within IPv6 Network............8 6.6 Mobile Nodes using the above Points of Transition...........8 6.6.1 Mobile Nodes on the Enterprise Intranet...................8 6.6.2 Mobile Nodes Accessing the Enterprise from the Internet...8 7. Software Points of Transition................................8 7.1 DNS.........................................................8 7.2 Routing.....................................................9 7.3 Autoconfiguration...........................................9 7.4 Security....................................................9 7.5 Applications and APIs.......................................9 7.6 IPv6 Address Scoping........................................9 7.7 Network Management..........................................9 7.8 Address Planning............................................9 7.9 Tools for Configuration.....................................9 7.9.1 Routing Configuration.....................................9 7.9.2 DNS Configuration.........................................9 7.9.3 IPv6 Address Allocation and Configuration.................9 7.9.4 IPv4 Address Allocation and Configuration.................9 7.9.5 VPN/Tunnel Configuration..................................9 7.9.5 Mobile Node IPv4/IPv6 Interoperation Configuration........9 8. Network Operational Issues for the Enterprise...............10 9. Applicability Statement.....................................10 10. Security Section...........................................10 Acknowledgments................................................10 References.....................................................10 Authors' Addresses.............................................10 draft-pouffary-v6ops-ent-v6net-00.txt Expires March 2003 [Page 3] INTERNET-DRAFT draft-pouffary-v6ops-ent-v6net-00.txt September 2002 1. Introduction IPv6 will be deployed in Enterprise networks. This scenario has requirements for the adoption of IPv6. This document will focus upon and define: a set of technology scenarios that shall exist for the Enterprise network, the set of transition mechanisms needed by different scenarios, and the set of tools that shall be needed for IPv6 deployment. An Enterprise network for this document is a user network connected to an Internet Service Provider (ISP), is actively managed by the users of that network, and has multiple independent networks within the Enterprise. It may also have mobile IP users accessing the Enterprise Network within the Enterprise (within the Enterprise Intranet) or from the public Internet into the Enterprise (to the Enterprise Extranet). An Enterprise could be a Fortune 100 company large business (e.g. Manufacturing, Financial, Government) or a small office business (e.g. Law Firm, Stock Brokerage, Discrete Engineering Parts Supplier, Office of 30 users). The Enterprise network rate and methods for the adoption of IPv6 will vary and the only constant we can hope to define are the transition and tools requirements based on what we have learned currently from existing work on IPv6 transition mechanisms, current early adopter deployment, and the work we propose to do with this document. This document will not declare specific transition mechanisms or tools for this scenario, but rather provide a template that users, implementors, and IETF specifications can use to apply or define such mechanisms and tools. One of the documents goals is to have this work be a template for how existing transition mechanism and tools could be used in the Enterprise network scenario. 2. Requirements The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119. draft-pouffary-v6ops-ent-v6net-00.txt Expires March 2003 [Page 4] INTERNET-DRAFT draft-pouffary-v6ops-ent-v6net-00.txt September 2002 3. Terminology Enterprise Network (EN) - TBD Definition Enterprise Network Edge (ENE) - TBD Definition Enterprise Router (ER) - TBD Definition Enterprise Mobile Provider (EMP) - TBD Definition Enterprise Mobile Node (EMN) - TBD Definition Enterprise Extranet (EEX) - TBD Definition Design Team will need to make sure our terminology is well defined. The above will be needed as examples. draft-pouffary-v6ops-ent-v6net-00.txt Expires March 2003 [Page 5] INTERNET-DRAFT draft-pouffary-v6ops-ent-v6net-00.txt September 2002 4. Design Team Assumptions In this section we will list our assumptions for this work. Such as no one can tell users how to transition they will all do it differently. Some users will move right to IPv6 not later simply because it is easier especially those using 802.11 technology with Mobile IP. Some users have hardly any IPv4 address space while others have plenty of IPv4 address space. Global Address space vs private is a point of contention. For peer to peer applications out of the Enterprise to another part of the Enterprise across the public Internet will require global addresses for peer to peer. There are really two approaches here, simple point-to-point which would require global addresses, and site-to-site vpn across the Internet which could get away with site-local. The design team will spend time on this within each scenario and describe the consequences of each choice. We will discuss different deployment scenarios about cases that are known and show different perspectives. We also need to state our assumptions about our work vs ISP, Unmanaged, and 3GPP though these will apply to the Enterprise too. This will be one of our challenges. We will stay focused on transition and tools and the V6ops Charter. We will note mechanisms and tools that are needed within the scenarios. These are examples and discussions the design team is having currently. 5. Enterprise Network Scenarios We have begun discussions of the paradigms for the scenarios here are some examples of what we have determined given we just got started. Our initial consensus strategy is to discuss the scenarios first then enter the technical and transitional details below the scenarios. This will provide a point of reference to the technical and analysis sections below and provide the reader a context when reading the resolutions for this document. 1) A large (20,000+ node) enterprise has an existing IPv4 network and wishes to turn on IPv6 for an engineering development group of ~100 clients that exist at two geographic sites. Each engineering group is on its own switched subnet. The IPv6 clients need to communicate with each other, but still need access to IPv4 based services provided by the corporation. What needs to be done to enable this deployment and where? 2) An enterprise decides to deploy wireless services across their network, and for reasons of geography and topology groups of access points end up on different subnets. To optimize their support for IP draft-pouffary-v6ops-ent-v6net-00.txt Expires March 2003 [Page 6] INTERNET-DRAFT draft-pouffary-v6ops-ent-v6net-00.txt September 2002 mobility, they choose to make this service IPv6-only, while to secure the air link they choose to have all connections use a VPN access technology. These mobile IPv6-only nodes will still need access to legacy IPv4-only applications. 3) A modest sized (<10,0000 nodes) multi-site enterprise has deployed IPv4-NAT with overlapping private address ranges between the sites. They are looking to improve productivity through a peer-to-peer conferencing application, that will need to work between sites. They are willing to update the operating systems running that application to support both IPv4 & IPv6, and over time will do the same for other services on the network. Which transition technologies are applicable initially as they begin using the application? What changes or additional technologies are applicable when the ISP for some, but not all sites, offers native IPv6 service? What transition technologies are applicable when all ISPs offer IPv6 services, but some of the internal nodes remain IPv4-only? 4) A very large global enterprise interacts with the public Internet as a cohesive unit, but is composed of several administratively distinct business units. Some of the business units want to deploy a substantial number of stationary nodes (>10,000) in a single subnet, while having those subnets accessible by all the business units. To accomplish this as well as support wireless mobility and peer-to-peer conferencing, they choose to enable these new services as IPv6-only. At the same time there is need to support legacy IPv4-only applications, and access the public Internet from the wireless mobile nodes. What transition technologies are applicable when only parts of a geographically disperse business unit are capable of IPv6 packet forwarding? What transition technologies become applicable when an entire business unit is capable, but other business units are not fully capable? What transition technologies apply at the boundary to the public Internet? 5) Two large enterprises using IPv4-NAT merge with the consequence that large segments of private network address space overlap. To allow the network operations to merge they decide to deploy IPv6 across the network core and support infrastructure first. What transition mechanisms apply to the process of migrating and managing the network core? What transition technologies apply to the support infrastructure? To further integrate the systems, what transition technologies are applicable to the end nodes? We will attempt to specify and define the scenarios in an incremental fashion. Here are some current examples in our thinking. 1. Small network/single building/single location 2. Medium network/campus environment/single location 3. Large network/campus environment/multiple locations 4. Wireless/Mobility incorporation (which fits into any of the previous cases) draft-pouffary-v6ops-ent-v6net-00.txt Expires March 2003 [Page 7] INTERNET-DRAFT draft-pouffary-v6ops-ent-v6net-00.txt September 2002 6. Enterprise Points of Transition The Enterprise network will have varying points of transition that will require different points of integration with IPv6 and IPv4. These points of transition are the fulcrum of the template to define what is required for Enterprise networks within the focus of this document. Each subsection below this section will depict issues and deployment requirements for these Points of Transition. At each point all the various sub-points from the client to the router to the Internet will be discussed. 6.1 Nodes Accessing IPv6 thru IPv4 Tunnels 6.2 Nodes Accessing IPv6 thru NAT 6.3 Nodes Accessing IPv4 Services within IPv6 Network 6.4 Nodes Accessing IPv6 Islands within IPv4 Network 6.5 Nodes Accessing IPv4 Islands within IPv6 Network 6.6 Mobile Nodes using the above Points of Transition 6.6.1 Mobile Nodes on the Enterprise Intranet 6.6.2 Mobile Nodes Accessing the Enterprise from the Internet 7. Software Points of Transition The Enterprise will be required to determine what software will be extended or affected by transtion and must be managed which will define the policy for the Enterprise. 7.1 DNS draft-pouffary-v6ops-ent-v6net-00.txt Expires March 2003 [Page 8] INTERNET-DRAFT draft-pouffary-v6ops-ent-v6net-00.txt September 2002 7.2 Routing 7.3 Autoconfiguration 7.4 Security 7.5 Applications and APIs 7.6 IPv6 Address Scoping 7.7 Network Management 7.8 Address Planning 7.9 Tools for Configuration 7.9.1 Routing Configuration 7.9.2 DNS Configuration 7.9.3 IPv6 Address Allocation and Configuration 7.9.4 IPv4 Address Allocation and Configuration 7.9.5 VPN/Tunnel Configuration 7.9.5 Mobile Node IPv4/IPv6 Interoperation Configuration draft-pouffary-v6ops-ent-v6net-00.txt Expires March 2003 [Page 9] INTERNET-DRAFT draft-pouffary-v6ops-ent-v6net-00.txt September 2002 8. Network Operational Issues for the Enterprise 9. Applicability Statement 10. Security Section Acknowledgments References Authors' Addresses Send email to ent-v6net@viagenie.qc.ca to contact the design team and send comments on the draft to v6ops@ops.ietf.org. Authors contact info will be provided in the next draft. draft-pouffary-v6ops-ent-v6net-00.txt Expires March 2003 [Page 10]