The construction of university campus network based on the combination of IPv4 and IPv6 technology

The construction of university campus network based on the combination of IPv4 and IPv6 technology

The campus network of colleges and universities represents the domestic Internet development level. In July 1994, the CERNET demonstration project of the China Education and Research Computer Network was launched. In the same year, top universities such as Tsinghua Peking University built their own campus networks. These networks were the beginning of China's Internet. At present, the campus network mainly uses IPv4 technology as the core, and IPv4 has inherent deficiencies and there are many problems. Many school campus networks are facing IP address theft, IP address conflicts, poor mobile performance, poor security, complex configuration, and routing table expansion. , Lack of end-to-end business model and other issues. In order to overcome the deficiencies of IPv4 technology, many colleges and universities have proposed the use of IPv6 technology to build campus networks. It is reported that the IPv6 campus network of Hainan Normal University all uses the standardized IPv6 network equipment provided by Digital China, based on the IPv6 / IPv4 dual-stack mode, and accesses the CERNETIPv6 test bed through tunnel technology to provide IPv6 access services for all users within the school . As of now, the network has been running steadily for half a year and has undertaken CERNET2 Hainan nodes. The IPv6 campus network provides IPv6 access services for other colleges in the province.

Today, colleges and universities generally have both new and old campuses. The new campus generally uses IPv6 technology, and the old campus uses IPv4 technology. As a result, there are many difficulties between the data transmission between the two campuses and the network connection. Using the new IPv6 technology in the old campus and building a full dual-stack network can solve this problem, but the original network equipment must be eliminated and discarded, the investment is too large, and there are different levels of waste of equipment resources. In fact, this model is only suitable for new networks, not all situations. Therefore, starting from reality, it is proposed to carry out the campus network construction combining IPv4 and IPv6 technology in colleges and universities.

1 IPv4 technology

IPv4 (Internet Protocol version 4) is the fourth version of the Internet Protocol (IP) and the first widely used protocol that forms the cornerstone of today's Internet technology. IPv4 can run on a variety of low-level networks, such as end-to-end serial data links (PPP and SLIP), satellite links, etc. The most commonly used in LAN is Ethernet.

2 IPv6 technology

IPv6 (Internet Protocol version 6), which was generated and developed by the IP address crisis, has been recognized by all parties as the next generation Internet protocol. In response to the shortcomings of IPv4, IPv6 has made great changes at the network layer, except for the use of 128-bit addresses In addition to addressing the shortage of IPv4 address resources, the header has been greatly improved to make it more flexible than IPv4 addressing, improve the efficiency and performance of routing, and make it move. There has been a great improvement in terms of sex and scalability. IPv6 only made few modifications to the TCP, UDP and lower data link layer of the transport layer, which is very important in the engineering process, because the experience of deploying pure IPv6 can follow IPv4, even simpler than IPv4 .

3 Coexistence and transition between IPv6 and IPv4

During a long transition period, IPv6 and IPv4 must coexist, and IPv6 addresses and IPv4 addresses must also coexist. At the same time, the newly installed IPv6 system must be backward compatible. This means that the IPv6 system can receive and forward IPv4 packets, and can route IPv4 packets.

There are two main strategies for the transition to IPv6, namely the use of dual protocol stacks and tunneling technology. Dual protocol stack means that before a complete transition to IPv6, some hosts or routers are equipped with two protocol stacks, one IPv4 and one IPv6, as shown in Figure 1. The dual-stack host or router can communicate with both the IPv6 system and the IPv4 system. When communicating with an IPv6 host. Dual protocol stack hosts use IPv6 addresses, and dual protocol stack hosts use IPv4 addresses when communicating with IPv4 hosts. The dual protocol stack host can know which address is used by the destination host in the dual protocol stack host by querying the DNS of the domain name system. If DNS returns an IPv4 address. The source host of the dual protocol stack uses an IPv4 address; if DNS returns an IPv6 address, the source host uses an IPv6 address.

Dual stack

Another way to transition to IPv6 is to use tunneling technology. The main point of this method is that when the IPv6 datagram is to enter the IPv4 network, the router that implements the dual protocol stack encapsulates the IPv6 datagram into an IPv4 datagram, so that the entire IPv6 datagram becomes the data part of the IPv4 datagram. The IPv6 datagram is then transmitted in the tunnel of the IPv4 network. When the IPv4 datagram leaves the tunnel in the IPv4 network, the router implements the dual protocol stack to remove its data part. That is, the original IPv6 datagram is handed over to the IPv6 protocol stack.

The deployment of a dual-protocol stack network in the campus network is the most ideal method, as shown in Figure 2. Among them, the IPv4 network part is integrated with the original campus network IPv4 part. In this way, dual-stack users in the new campus network can simultaneously access IPv6 and IPv4 networks. For dual-stack terminals, both IPv4 gateways and IPv6 gateways are deployed on aggregation layer 3 switches. Since all three-layer devices in the campus network are dual-stack devices, it runs both IPv4 routing protocols and IPv6 routing protocols. The data forwarding paths of different protocols may be the same or different. All the three-layer devices of the campus network are IPv4 / IPv6 dual-stack devices. In order to realize the IPv6 campus network, a new IPv6 egress router is added. The IPv6 egress router is connected to the original dual-stack core switch through the GE link.

Deploy dual-stack network

4 Concrete implementation of coexistence and transition between IPv4 and IPv6


The coexistence and transition of IPv6 and IPv4 need to solve the IPv4-IPv4 and IPv6-IPv6 business problems within the campus network; the IPv6-IPv4 business problems within the campus network; the internal IPv6-external IPv4 business problems; the internal IPv6-external IPv6 business problems .

4.1 Solution 1: Upgrade of the existing IPv4 network

4.1.1 Upgrade of the old campus network

Generally speaking, you need to purchase a new dual-stack device, and a few devices can directly support the dual-stack by upgrading the software. If the core equipment can be upgraded, the aforementioned new campus network similar to the service interworking solution is deployed; if new dual-stack equipment is added. Then, the newly created IPv6 network and the original IPv4 network can communicate with each other in their respective networks, and the newly added equipment can be used to communicate with the original IPv4 core equipment through NAT-PT. External IPv4 and IPv6 networks are interoperable.

4.1.2 Upgrade of the old campus network-some new

Old campus network upgrade-partly new (as shown in Figure 2). The IPv4-IPv4 and IPv6-IPv6 services within the campus network use the old and new campus networks to communicate directly.

The IPv6-IPv4 service inside the campus network is connected to the old campus core through the NAT-PT of the newly built IPv6 campus network core dual-stack switch. The internal IPv6-external IPv4 communicates with the external through the NAT-PT of the dual-stack border router. Internal IPv6-external IPv6 can communicate directly with dual-stack border routers or use tunnels to communicate with non-directly connected IPv6 islands.

4.1.3 Some suggestions for upgrading the old campus network

If you want to avoid the modification or addition of the original network lines as much as possible, and hope that the original users can easily access the IPv6 network, you can consider directly replacing the core layer 3 switch with a dual-stack device. Its form will be similar to a new IPv6 campus network. If there are few users in the early stage of IPv6 construction and you want to reduce equipment investment, you can consider using a server to simulate routers as a dual-stack device at the border. Upgrade and replace the core of the old campus network (see Figure 3):

Upgrade and replace the core of the old campus network

It mainly uses tunnel technology. Tunnel (Tunnel) refers to encapsulating one protocol into another protocol. At the tunnel entrance, the encapsulated protocol is encapsulated into the encapsulated protocol, and at the tunnel exit, the encapsulated protocol packet is taken out. In the transmission process of the entire tunnel, the encapsulated protocol is used as the load of the encapsulated protocol. The tunnel technology only needs to be modified at the entrance and exit of the tunnel, and there are no special requirements for the middle part, which is relatively easy to implement.

4.1.4 Other necessary work

Other necessary work includes:

(1) Apply for IPv6 address and domain name;
(2) Construction of IPv6 DNS.

4.2 Solution 2: Solve the communication technology between IPv4 and IPv6 networks

4.2.1 New campus campus network design

It is recommended to use the network equipment that supports IPv6 / IPv4 at the same time for network construction, so that the campus network platform supports the bearing and intercommunication of two service flows at the same time. The core of the campus network adopts a three-layer switch that supports dual stacks, and the aggregation access can use an ordinary IPv4 switch. All the three-layer functions related to IPv6 are handed over to the core and not performed at the aggregation layer. You can also consider the use of dual-stack three-layer switches to form a layered IPv6 network, as shown in Figure 4.

Hierarchical IPv6 network

Business interworking of the new campus network:

The internal IPv6-IPv6 and IPv4-IPv4 services directly communicate through the dual-stack without protocol conversion, similar to the ordinary single-network service forwarding model; the internal IPv6-IPv4 services perform NAT-PT through the dual-stack core switch for intercommunication; the internal IPv6- External IPv4 (or internal IPv4-external IPv6) uses NAT-PT to communicate with the external through the exit; internal IPv6-external IPv6 is directly connected through CERNET2 via the core device.

4.2.2 The key technology to realize the communication between IPv6 network and IPv4 network

(1) Dual stack technology

â‘ The communication node is a dual-protocol stack, and the IPv4 protocol is used for communication with the IPv4 network, and the IPv6 protocol is used for communication with the IPv6 network.
â‘¡Key: DNS provides a parsing library for IPv4 "A" and IPv6 "A6 / AAAA" records, and makes a decision on the type of address returned as needed.

(2) SIIT

SIIT defines a method for translation between IPv4 and IPv6 packet headers. This translation is stateless, so every group must be translated. This mechanism can be combined with other mechanisms (such as NAT-PT) for communication between pure IPv6 sites and pure IPv4 sites, but this technology is not available in environments that use network layer encryption and data integrity protection.

(3) NAT-PT

NAT-PT is to translate the header and semantics (PT) between IPv4 packets and IPv6 packets while performing IPv4 / IPv6 address translation (NAT), so as to apply to the communication between pure IPv4 sites and pure IPv6 sites. For some high-level protocols with embedded address information (such as FTP), NAT-PT needs to cooperate with the application layer gateway to complete the translation. Using port information on the basis of NAT-PT, you can achieve NAPT-PT, which is not essentially different from NAPT-PT under IPv4.

(4) BIA and BIS

BIA technology adds an API translator between the SocketAPI module and TCP / IP module of the dual-stack host. The API translator includes three modules: a domain name resolver, an address mapper, and a function mapper. The host API detects the IPv4 API to perform the corresponding address mapping, and calls the IPv6 API function to communicate with an external IPv6 host. BIS uses SIIT rules for packet header conversion at the network layer, which is suitable for dual-stack host communication.

(5) TRT

The TRT technology uses a transport layer repeater to associate an IPv4 TCP / UDP connection at the transport layer with an IPv6 TCP / UDP connection, and translate the protocol and address at the transport layer.

(6) Other interworking technologies

Several other interworking technologies also enable IPv6 and IPv4 hosts to communicate through address mapping, but the level of mapping, the location where the mapping process occurs, and the mapping mechanism are not the same.

5 Conclusion

The campus network of colleges and universities developed here is practical and feasible, with low cost and short development cycle, and has certain reference value for higher vocational colleges with difficulty in running schools.

1.0nm-8mm Connector

YUEQING WEIMAI ELECTRONICS CO.,LTD , https://www.weimaiwafer.com