Upload File

monitoring ipv4 address utilization/depletion in uninett

  • Home
  • Documents
  • Monitoring IPv4 address utilization/depletion in UNINETT
24
Monitoring IPv4 address utilization/depletion in UNINETT Campus network monitoring and security workshop 24 April 2014, Prague Morten Brekkevold Engineer

Upload: others

Post on 18-Dec-2021

12 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Monitoring IPv4 address utilization/depletion in UNINETT

Monitoring IPv4 address utilization/depletion in

UNINETT

Campus network monitoring and security workshop

24 April 2014, Prague

Morten BrekkevoldEngineer

Page 2: Monitoring IPv4 address utilization/depletion in UNINETT

24. april 2014 SLIDE 2

● A network monitoring system

● Initially built by NTNU in 1999

● Did for them what HP OpenView couldn't

Birth of Network Administration Visualized

Page 3: Monitoring IPv4 address utilization/depletion in UNINETT

24. april 2014 SLIDE 3

● Alerts● Automatic inventory &

topology● Statistics and graphs● Simple port

configuration

NAV

Page 4: Monitoring IPv4 address utilization/depletion in UNINETT

24. april 2014 SLIDE 4

● 2001 – 50% UNINETT funding● 2004 – Open sourced● 2006 – UNINETT takeover

A brief history of NAV

Page 5: Monitoring IPv4 address utilization/depletion in UNINETT

NAV's unique position in Norway

● 94% deployment rate at higher education institutions● Many of these installations are operated by UNINETT

– A result of the 2006-2009 GigaCampus program● Which again inspired the GN3 Campus Best Practices task

● Continued development to meet HE customer's demands– While still remaining all free and open source

24. april 2014 SLIDE 5

Page 6: Monitoring IPv4 address utilization/depletion in UNINETT

Upshots for UNINETT

● An intimately familiar monitoring tool at 94% HE customers

● Can we use this data to improve the research network?

24. april 2014 SLIDE 6

Page 7: Monitoring IPv4 address utilization/depletion in UNINETT

ARP and ND

● Timestamped logs of routers' ARP (IPv4) and ND (IPv6) records– Enables tracking of individual clients

● All routed subnet prefixes collected from routers– Enables usage statistics per subnet/VLAN

24. april 2014 SLIDE 7

Page 8: Monitoring IPv4 address utilization/depletion in UNINETT
Page 9: Monitoring IPv4 address utilization/depletion in UNINETT
Page 10: Monitoring IPv4 address utilization/depletion in UNINETT
Page 11: Monitoring IPv4 address utilization/depletion in UNINETT

24. april 2014 SLIDE 11

● Collected from campus NAV installations since 2009

Stage 1: IPv6 usage stats

Page 12: Monitoring IPv4 address utilization/depletion in UNINETT

Hack hack hack

● The data collection system is less than optimal– Requires installation of extension script– Appends to log file once every 24h– Log files collected nightly over HTTP from all known NAV installs– Log files parsed and data entered into RRD files

24. april 2014 SLIDE 12

Page 13: Monitoring IPv4 address utilization/depletion in UNINETT
Page 14: Monitoring IPv4 address utilization/depletion in UNINETT

Stage 2: IPv4 usage stats

● What about utilization of the existing IPv4 address space?● We have a limited number of subnets to delegate to

customers– Are they using them reasonably?

● Do the right thing™: Build a REST API for NAV, no more hacks

24. april 2014 SLIDE 14

Page 15: Monitoring IPv4 address utilization/depletion in UNINETT

Challenges

● Are customers even routing all the assigned address space?● Are they monitoring them?● Number of IPv6-enabled users might be «gamified»

– But who cares to compete for best utilization of remaining IPv4 space?

24. april 2014 SLIDE 15

Page 16: Monitoring IPv4 address utilization/depletion in UNINETT

Preliminary numbers

● Many sources of errors● Demonstrates the need to measure

coverage

24. april 2014 SLIDE 16

Domain Address Pct

rocketrange.no 0/1088 0.0%

unis.no 0/1896 0.00%

met.no 1988/65632 3.00%

hihm.no 587/16164 3.60%

uninett.no 1596/19880 8.00%

uis.no 12935/65536 19.70%

nmh.no 258/1160 22.20%

khib.no 546/2176 25.10%

hinesna.no 540/1744 31.00%

samiskhs.no 728/2304 31.60%

hive.no 2626/8000 32.80%

himolde.no 1817/5312 34.20%

ntnu.no 32068/87808 36.50%

khio.no 1297/3264 39.70%

hisf.no 3541/8888 39.80%

hint.no 3990/9840 40.50%

hsh.no 2897/6880 42.10%

hih.no 1068/2496 42.80%

hibu.no 4322/9528 45.40%

hials.no 3259/7056 46.20%

hiof.no 3941/8472 46.50%

hin.no 2116/4288 49.30%

hit.no 5997/10952 54.80%

uia.no 11640/20984 55.50%

hivolda.no 3025/5440 55.60%

hist.no 7229/12712 56.90%

aho.no 1216/2088 58.20%

hil.no 3405/5640 60.40%

hioa.no 10436/15864 65.80%

Page 17: Monitoring IPv4 address utilization/depletion in UNINETT

Building an API, v1

● Simple, time-limited, revokeable API access token– We generate one on each NAV install we have access to– Using OAuth2-derived mechanisms

● API calls for– Getting the number of uniquely active addresses on an arbitrary

network prefix– Getting the complete list of routed network prefixes

24. april 2014 SLIDE 17

Page 18: Monitoring IPv4 address utilization/depletion in UNINETT

A simple API query

24. april 2014 SLIDE 18

Page 19: Monitoring IPv4 address utilization/depletion in UNINETT

Another simple API query

24. april 2014 SLIDE 19

Page 20: Monitoring IPv4 address utilization/depletion in UNINETT

Calculating coverage

● Adjoining delegations may be routed as a single prefix– 192.168.86.0/24 + 192.168.87.0/24 delegated to single customer– Customer may route single 192.168.86.0/23 prefix

● Delegations may be split into multiple routed prefixes– 192.168.100.0/20 delegated to customer– Customer routes 192.168.100.0/22 and 192.168.104.0/22 and

reserves the rest for future use

24. april 2014 SLIDE 20

Page 21: Monitoring IPv4 address utilization/depletion in UNINETT

24. april 2014 SLIDE 21

Page 22: Monitoring IPv4 address utilization/depletion in UNINETT

24. april 2014 SLIDE 22

Page 23: Monitoring IPv4 address utilization/depletion in UNINETT

Moving forward

● Front-end still not in production– Maybe add graph of how much free address space is left– Filter non-UNINETT delegated address space

● Encourage customers to not waste precious IPv4 addresses● Maybe (threaten to) reclaim addresses from squatters?

– But better to assist in migration to IPv6

24. april 2014 SLIDE 23

Page 24: Monitoring IPv4 address utilization/depletion in UNINETT

References

● https://nav.uninett.no/● https://stats.uninett.no/ipv6stat● https://openwiki.uninett.no/gigacampus:ipv6status_english

[email protected]

24. april 2014 SLIDE 24

https://nav.uninett.no/
https://stats.uninett.no/ipv6stat
https://openwiki.uninett.no/gigacampus:ipv6status_english
mailto:[email protected]

IPv4 Survival Guide after Depletion

UNINETT IoU - UWAP Prototype

Lessons Learned from IPv4 to IPv6 Migration and …According to the large amount of IPv4 addresses they got in early years of Internet growth, the IPv4 public address depletion is

IPv4 Depletion & IPv6 Adoption John Curran ARIN President & CEO 11 May 2010

VSS v2 - UNINETT Openwiki

THE NATIONAL TELECOMMUNICATIONS REGULATORY …ntrc.vc/docs/newsletters/ICT_Newsletter_May_2015.pdfAllocation ≠ Adoption As the stock of available IPv4 addresses approaches depletion,

IPv4 Depletion & IPv6 Deployment

World IPv6 Launch and IPv4 Depletion

IPv4 Depletion and IPv6 Adoptionteamarin.net/wp-content/uploads/2011/02/v4_deplete... · About IPv4 and IPv6 IP version IPv4 IPv6 Deployed 1981 1999 Address Size 32-bit number 128-bit

Life After IPv4 Depletion Leslie Nobile. Overview ARIN’s current IPv4 inventory Trends and observations Ways to obtain IP addresses post IPv4 depletion

IPv4 depletion & IPv6 deployment in the RIPE NCC service region

IPv4 Depletion and IPv6 Adoption - ARIN · 2019. 2. 1. · Resources through ARIN Online ARIN’s Customer-facing RESTful Web Services Current Status of IPv4 and IPv6 in the ARIN

IPv4 Depletion and IPv6 Adoption Today Community Use Slide Deck Courtesy of ARIN May 2014

Campus Best Practices - Uninett

IPv4 address depletion: A CTO perspective (Detecon Executive Briefing)

Managing the Migration to IPv6 Throughout the Service Provider … · 2018. 5. 10. · Figure 1: Mitigate IPv4 address depletion with CGNAT. IPv4 Address Depletion Solution To mitigate

UNINETT 2010: Webmøter for hele UH sektor

Mobility Update - Uninett

DNS and IPv6 (and some IPv4 depletion stats) DNS DNSSEC IPv6 v8 - Mark Beckett… · DNS and IPv6 (and some IPv4 depletion stats) Mark Beckett, VP Marketing and Product Management

WLAN Network Planning - UNINETT Openwiki

Getting to Grips with CobiT - Uninett

UNINETT WebApp Park

IPv4 - APNIC Theory ! The idea was that we would never “run out” of IPv4 addresses ! Industry would see the impending depletion and gradually and seamlessly fold IPv6

ARIN Update · ARIN Update Leslie Nobile Senior Director, Global Registry Knowledge . Post-IPv4 Depletion Observations • The need for IPv4 is still great – More people seeking

1 IPv4 Depletion and Migration to IPv6 John Curran Chairman American Registry for Internet Numbers (ARIN)

IPv4 Depletion and IPv6 Adoption - ARIN...• Autonomous System Numbers (ASNs) • Directory Services (WHOIS) • Reverse DNS (in- addr) • Transfers • Experimental Assignments

IPv4 Depletion IPv6 Adoption

IPv4 Depletion & IPv6 Adoption John Curran, President & CEO, ARIN Martin Levy, Director IPv6 Strategy, Hurricane Electric Doug Montgomery, Manager Internet

IPv4 Depletion and IPv6 Adoption Today

The Internet Engineering Task Force · INT is responsible for “IP layer (both IPv4 and IPv6), implications of IPv4 address depletion, co-existence between the IP versions, DNS,

IPv4 Free Pool Depletion and IPv6 Adoption

sector - Uninett

IPv4 Depletion IPv6 Adoption 6 August 2010 14 /8s Remaining

OSI Data Link & Network Layer · IPv4 Issues The Need for IPv6 ! IPv6 is designed to be the successor to IPv4 ! Depletion of IPv4 address space has been the motivating factor for

UNINETT IPv6 Test Network UNINETT IPv6 Test Network Trond Skjesol [email protected] NORDUnet 2000 28 - 30 Sep Helsinki