GUUG e.V.
Grube-Nassau-Straße 3
56462 Höhn
kontakt@guug.de
Impressum

Abstracts

IPv6 - Historical Overview and Technical Introduction
by Hans Peter Dittler
Thursday, September 6th 2007 11:30-13:00

More than fifteen years ago first thoughts about a new protocol were discussed, which is now known as IPv6. Numerous rumors are floating around telling stories about the driving reasons for IPv6 development and adoption. The first part of the tutorial talks about the rationale for a new Internet protocol, gives a brief history of the development process and the IETF from the view of a regular participant.

The second part of the talk is devoted to the primary features of the next-generation protocol, the outline of headers and addresses and the benefits and still open areas of IPv6. Twenty-five years of usage and growth of the Internet with IPv4 has yielded a tremendous amount of knowledge and experience around IP. The participants will discover how the crafters of IPv6 have leveraged the lessons learned with IPv4 and tried to build a better protocol. Topics will include detailed examples of differences between IPv4 and IPv6, how the IPv6 packet has been optimized, how the address architecture was defined to meet the growing needs of the Internet, and the many ways by which an interface can obtain an IPv6 address. There will be examples of improvement, but also some at least partial failures are indicated.

To finish up this introduction talks about areas which nobody thought about in the beginning of the standardization and some open points which are still, after all this time, under discussion. These are for example the selection of the optimal address to use, complete setup and automatic configuration and ideas and solutions for multi-homing and redundant network access.

Slides...

About the speaker:

Hans Peter Dittler, born and living in Germany.

  • 1977: Diploma in Computer Science at the University of Karlsruhe
  • 1977 - 1979: X.25 research and development at the University of Karlsruhe
  • 1980 - 1989: Development of communication software and Hardware, bridges and networking software for Conware Computer Consulting Karlsruhe Germany
  • 1990 - 1994: Responsible for all router, bridge, hub and ISDN products and development at Conware as Managing Director
  • 1995 - 1996: Consultant at BRAINTEC Netzwerk-Consulting
  • since 1997: President and owner of BRAINTEC Network-Consulting Karlsruhe Germany

work in standardization bodies:

  • voting member of IEEE 802.3 1989-1997
  • working in several groups (PPP, IPv6, DNS ..) of the IETF since 1991
  • 1991 one of the founding members of DIGI (Deutsche Interessengemeinschaft Internet) which is now ISOC.DE (Internet Society German Chapter)
  • since 1997 member of the board of ISOC.DE
  • since 2001 member of the German IPv6 Taskforce
  • since 2006 member of the Advisory Board of PIR (.org)

Author of several books (IPv6 and VoIP/Asterisk) and papers on protocols and Internet bodies and structures.

IPv6 address distribution and address policy
by Gert Döring
Thursday, September 6th 2007 14:00-14:45

IPv6 not only brings technical differences, but also some more fundamental differences in the way how IP addresses are distributed. In IPv4, very high emphasis is put on "address conservation", while IPv6 brings more flexibility due to the much larger address space - but this can be very confusing for users new to IPv6.

This talk explains the concepts of IPv6 address distribution, and answers typical questions like "Where can my company get IPv6 addresses? How can I, as an Internet Provider, get IPv6 addresses for my customers? Is there Provider Independent (PI) address space for IPv6? What about RFC1918 private address space?"

Furthermore, this talk explains how the rules for IPv6 address distribution are formed in the RIPE region (Europe), and how they can be changed through active participation in the RIPE address policy working group.

Slides...

About the speaker:

Gert Döring was born in 1971 in Munich. After studying Physics at the Technical University in Munich, he went into IP networking in 1993, and has done this since then. Gert's first contact with IPv6 was in 1997, being curious what this new IP protocol was all about. Since January 2003, Gert is chairman of the Adress Policy Task force at RIPE, the body that forms the policy used in deciding how IPv6 addresses should be distributed in Europe.

Planning for the IPv6 Integration
by Patrick Grossetete
Thursday, September 6th 2007 14:45-15:30

Whether driven by impending global addresses exhaustion, estimated to occur by 2010, driven by the limited size of the IP private address space for today's large networks or mandated by governments, the upgrade to the next generation of the IP protocol is becoming a high priority topic. For years people were warned of an impending IP upgrade but, despite significant efforts in generating business cases for it, the expected low Return on Investment (ROI) deterred them from pursuing it. IPv4 seemed good enough. The rapid adoption of IP worldwide and in all aspects of our life, the expansion of IP infrastructures and the penetration of the technology in multiple applications, appliances and services accelerated the consumption of its resources, the IP addresses. The IP upgrade now becomes a necessity and Internet Protocol version 6 should get pushed to the forefront of IT strategy planning and design.

This session will review the business analysis and planning steps that are necessary before beginning the technical integration of IPv6.

Slides...

About the speaker:

Patrick Grossetete, Manager, Product Management at Cisco Systems, is responsible for a suite of Cisco IOS® software technologies including IPv6 and IP Mobility. He is a member of the IPv6 Forum Technical Directorate and manages Cisco’s participation in the Forum. Patrick joined Cisco in 1994 as a consulting engineer. Patrick has more than 20 years experience in the networking industry, which includes the development of multiple protocols.

Patrick has published the books "Deploying IPv6 Networks" and "Global IPv6 Strategies: From Business Analysis to Operational Planning".

IPv6 Networks for different access technologies in different scenarios
by Yuri Grosman
Thursday, September 6th 2007 16:00-16:45

Since the year 2000 the University of Stuttgart has been deploying network testbeds for IPv6 based European research IST projects such as Moby Dick, Daidalos or Akogrimo. All of which have developed purely IPv6 software developed on different OS.

In these past seven years we have learnt lots of important lessons at all levels. From a social level in which developers need to be familiarized with the protocol to the use of tools to monitor the net such as nagios, cacti, smokeping, intrusion detection software, the use of routing protocols, iptables, IPv6 over IPv4 tunnels to solve connectivity issues from partners, windows-linux-cisco interoperability, We also have had experiences with the use of Mobile IPv6 and SIP to provide mobility and nomadicity and IPsec for IPv6 to provide security at network level, in addition to this QoS management for these protocols have been developed, as well as the use of Authentication, Authorization and Accounting (AAA) infrastructures, which play a great role in the commercialization of IP-based networks.

Along the different projects different topologies for different scenarios have been developed according to the needs, additionally different access technologies were used such as fixed networks (ethernet, fiber), wlan, satellite or dvb-t. The goal of this paper will be to review the different projects, explain the different scenarios, the technologies involved, the tools used for the management of these networks, problems that we ran into, our future trends perspective and general advises.

About the speaker:

Yuri Grosman is involved in the integration and implementation of Daidalos II scenario.

Switching a productive Windows LAN to IPv6
by Lutz Donnerhacke, Katrin Hartmann, Klaus Ulitzsch and Dima Levin
Thursday, September 6th 2007 16:45-17:30

Deploying is offering services.

Motivated by Microsoft announcements about IPv6 becoming the default networking technology, we enabled IPv6 to our internal productive LAN environment. Enabling the network was easy. Switching the clients was easy. Setting up the server systems, i.e. Terminal Server, Exchange, SQL, DNS, Sharepoint, Project, CMS, Intranet, Document Manangement, and serveral business software is the hard task.

We like to share your experiences in deploying IPv6 in a (not so) pure Mircosoft enviroment which is used for every day jobs.

Slides...

About the speakers:

Lutz Donnerhacke (37) studied physics and mathemetics. Main interests are Internet deployment (Thüringen Netz e.V., Individual Network e.V.), privacy and free speech (Fitug e.V., Religio), cryptography (i.e. OpenPGP), network security, software safety, and esoterical programming languages. As one of the founders of IKS GmbH he is working for this company since 1996.

Katrin Hartmann (34) studied economics and business administration. Since 2001 Mrs. Hartmann works for IKS GmbH. She is responsible for Windows server adminstration, database development, and troubleshooting of all obscure practical problems.

7 years IPv6 at University and at home (experience report)
by Ignatios Souvatzis
Thursday, September 6th 2007 18:00-18:45

You don't need to run expensive, newest-firmware specialized router hardware to get connected to the global IPv6 network. For the start, a (not too slow) older personal computer running an out-of-the-box Unix-like operating system will do.

Inside CS, Chair IV's experimental laboratory - and some workstations - have been connected via a regular Linux workstation used as another router to get IPv6 connectivity for a Europe-spanning research project. In our own department, all NetBSD, Solaris >=2 and Windows XP workstations have IPv6 connectivity, which is mostly invisible to users.

The author has also IPv6 connectivity at home. Originally this started as occasional configured tunnels to work, later 6to4 was in heavy use, until the author switched to IPv6 via PPPoE to a 2nd DSL-connected provider, who happened to offer an IPv6-only promotional connection without a base fee. Since then, his regular home-work connection is IPv6, only using IPv4 as a fall-back option in case of trouble (like 10 years earlier using a raw teletype over modem connection as fallback for IPv4...).

The lecture will cover configuration hints, performance to expect, software used, etc.

Slides...

About the speaker:

Ignatios Souvatzis is "System Programmer" (in reality, a combination of system administrator, tape operator, kernel hacker, and user advisor) at Chair V ("Algorithms and Distributed Systems ") of the Computer Science Department at the University of Bonn.

He is also a NetBSD key developer. His main tasks have been some device drivers, a new ARP system, and maintaining the Amiga port.

Sometimes, those assignments overlap.

In his free time, he applies the laws of hydrodynamics to sailing (either himself, or teaching children at a sailing club).

He got involved with IPv6 when he was writing an ARCnet board driver for NetBSD, and wanted to support that future networking technology, too. This got him involved into the IETF IPv6 working group (where he suggested the specification that became RFC 2497) and into running IPv6 tunnel routers short-term (at Amiga programmer meetings) and long-term (University, home; later moving the latter to native connectivity).

Some related publications and conference talks:

  • The New Link-Level Independent ARP Subsystem of NetBSD, Daemon News 9/1998
  • Transmission of IPv6 datagrams over ARCnet networks, RFC 2497, IETF Standards Track 1999
  • 6 Jahre IPv6 an der Universität Bonn und zu Hause, DECUS IT-Symposium 2006
IPv6 at the TU-Kaiserslautern
by Jörg Mayer
Thursday, September 6th 2007 18:45-19:30

In 2003, the network of the TU Kaiserslautern consisted of a core router and decentral routers doing decentral routing for most buildings. Those buildings that did not have their own routers were handled by the core router. Securitywise the universities network was connected to the DFN via a single router that filtered out unwanted traffic via stateless access-lists and collected accounting information. That was IPv4 only. In June a *Projektarbeit* was done to implement IPv6: Provide most parts of the campus with IPv6 routing, the necessary services like DNS, NTP and SMTP in a native IPv6 form and to connect the TU Kaiserslautern to the worldwide IPv6 network via the DFN. Access-lists and accounting data needed to be provided once more.

The core router was a Cisco Catalyst 6500 with an MSFC2. The building routers were Enterasys E1 and ExtremeNetworks Summits (both i and non-i models). The screening router was a Cisco 7200. From these devices, only the 7200 was IPv6 capable via a regular image. For the Summit i-series a beta image providing IPv6 was available, all other devices had to remain IPv4 only. The beta image for the i-series ExtremeNetworks devices turned out to have some drawbacks, though, as it turned the device into an IPv4/IPv6 only device, without access-lists. At that time IPX was still used natively in several parts of the campus, so upgrading all i-series devices to IPv6 was not an option. In the end the IPv6 network in Kaiserslautern started out with two IPv6 routers: the Cisco 7200 providing IPv6 internet access and screening and a centralized ExtremeNetworks Summit i-series to provide centralized IPv6 routing for the campus, using protocol based VLANs. Recently, the centralized approach has made way for decentraliezed routing again, as the E1s were replaced by IPv6 capable 3750 L3 switches.

The Cisco 7200 didn't provide everything needed as well: It lacked the netflow accounting for IPv6. So the machine providing IDS services on the internet access had to be used: A service was written that exported IPv6 internet access accounting data.

Finally, a schema for numbering the IPv6 networks and devices had to be designed and integrated into the IPv4 address management application.

Slides...

About the speaker:

Jörg Mayer studied computer science at the University of Kaiserslautern for almost 10 years. As side jobs, he started working as a Unix systems administrator in 1992 and as a network administrator in 1995, where he worked with Routers and network services as news, mail and dns. After getting his Dipoma, he started work in a company providing Router and Firewall support. In 2000 he founded his own company and has been working as a trainer, consultant, network troubleshooter for products from Cisco, Enterasys and ExtremeNetworks.

Deployment of the IPv6-Infrastructure in DFN's Research Network
by Bettina Kauth
Friday, September 7th 2007 9:30-10:15

Since 1996 DFN is dealing with the IPv6. Since then for almost 8 years the JOIN-Project at the University of Münster led IPv6 deployement. In 2001 the JOIN-Group built an IPv6-Backbone, the 6WiN, which used a dedicated infrastructure parallel to the DFN’s B-WiN. The project ended at 2004. The DFN-NOC then took over the administration of the 6WiN and started to integrate IPv6 routing in the existing IPv4-infrastructure, initially as a MPLS-tagged VPN. Finally within DFN’s new Backbone X-WiN IPv6 is routed natively. This paper gives an overview of the development from 6WiN to native IPv6 in XWiN and focuses how IPv6 is configured in the X-WiN.

About the speaker:

Bettina Kauth

  • born 1967
  • 1986 - 1993 studied computer-sience at the Univerity of Erlangen
  • 1993 - 1996 worked at the Computer Centre of the University of Stuttgart
  • since 1997 workes as Network Engineer for DFN

DFN is an association which provides the national research network (X-WiN) in Germany.

Deploying IPv6 - planning, common pitfalls and security-considerations
by Stefan Neufeind
Friday, September 7th 2007 10:15-11:00

Several techniques to get IPv6-connected exist today. Choosing the right one for end-users, your company or hosting your server, however, requires careful planning. This talk will give an overview of existing alternatives, common pitfalls during deployment as well as security-considerations. Also technical aspects regarding servers or routers will be touched on during the session.

As a start this talk will give a quick overview of the IPv6-terminology, what IPv6-addresses are and different ways to get connected. Migration techniques like 6-to-4 or Teredo are mentioned, since they are available easily on modern end-user systems. However this talk will also try to point out their downsides.

In the second part we'll then continue with a clear focus on native or (where needed) tunneled connectivity. Questions like how to get connected, where to obtain adresses or how to plan IPv6-addressing. Included with the basics will also be some hands-on examples to ease configuration on common router-, server- and client-platforms.

As you introduce IPv6 into a company-network you'll probably face topics like DNS, reverse-delegations or, in case of autonomous systems, managing routing-registry objects. This is not all too different from what you might have been doing in the IPv4-world. With some hands-on examples you'll be ready to go.

Once we're through you'll probably be surprised how easy it is to "get your hands wet" with IPv6. But we'll also touch some more aspects to think about when deploying IPv6 - so you don't actually "burn your hands" from the first steps. Topics to consider are deployment-planning, running dual-stack, latency in sub-optimal IPv6-scenarios, monitoring/accounting and -for sure- security-aspects like firewall-setups.

Slides...

About the speaker:

Stefan Neufeind works in consulting, development and administration for SpeedPartner GmbH. They provide complete web solutions for small businesses and actively contribute to various free software projects as well as to the IPv6-community. Besides that Stefan works as peering-manager for the ISP-association OpenCarrier e.G. You may have seen Stefan at a conference, read an article from him or have seen him in several open projects.

Experiences from within a multinational IPv6 & QoS-Project
by Martin Lies
Friday, September 7th 2007 11:30-12:15

This presentation will describe some of the major challenges, and partly solutions (or at least the current approach), from a project between three research institutes concentrating on using DiffServ in an IPv6 network.

We will outline some of the discussions on naming and addressing schemes, how the Service Level Agreements were created, what the requirements on the applications used for testing connectivity and generating traffic with regard to utilizing the QoS-mechanisms are. The applications used range from the normal ping6 for connectivity testing over email to VoIP software.

Finally, we will focus on part of the experimental setup where we integrated a bandwidth-restricted connection between the nodes and what special efforts were taken to fully load this link. The motivation for this is the use of IPv6 in an tactical, mobile environment like Disaster Recovery/Relief, where packet-based communication allows a variety of applications instead of voice-only or data-only.

About the speaker:

Martin Lies is a researcher at the communication department of FGAN/FKIE since 2003. His research interests are computer networks with special emphasis on IPv6, security, QoS and resource restrictions.

Peter Sevenich is a researcher at the communication department of FGAN/FKIE. Since 1998 he is working in the field of Computer Networks with a current focus on QoS, Mobile Networking and Security and the Migration to IPv6.

Mobility in IPv6: Standards and Upcoming Trends
by Thomas Schmidt
Friday, September 7th 2007 14:00-14:45

Mobile environments, devices and applications are one of the major driving forces for technological development today, while deployment is still dominated by non-IP appliances. However, the roadmaps of converged services for Next Generation Networks (NGNs) on the one hand, efficient mobility management within the next generation Internet on the other, lead expectations to the Internet layer as the prevalent tie for mobile access technologies and services.

This talk will give an overview about Mobile IPv6, its problems and standardized extensions. Further on we will present current trends which are on the way in the IETF/IRTF including security aspects.

MIPv6-Project

Slides...

About the speaker:

Thomas teaches Computer Networks & Distributed Systems at HAW Hamburg and manages projects at FHTW Berlin, where he was head of the computer centre for many years. He studied mathematics and physics in Berlin and University of Maryland. He has continuously conducted numerous national and international projects. His current interest lie in next generation Internet (IPv6), mobile multicast and multimedia networking, as well as XML-based hypermedia information processing. Thomas is an active member in the IETF/IRTF.

Applied IPv6 in VoIP technologies
by Kilian Krause
Friday, September 7th 2007 14:45-15:30

Mobility is no longer luxury, it's more and more becoming essential to commercial success - short a necessity. One of the key factors was and is nevertheless to stay in touch with customers, employers etc. - short: with people rather than machines. And with all the new technology at hand, this is all possible in real time! Yet it's more important than ever to unify and simplify human communication. We need to add maintainability to bring the benefit to our users. For a long time now technologies have coexisted and still today VoIP is far from what it's capable of. Let us review what has already happened and where this path may lead us to when IPv6 tears down limitations of well standardised, open protocols allowing telephony to become as cheap and as easy as email and chat. We will look at the client and server sides and round up with a short demo.

Slides...

About the speaker:

Kilian Krause has been an early adoptor ever since. Playing with VoIP and IPv6 since end of last century it just came naturally to combine these two. He is a Debian Developer since 2005, but was already active in the Ekiga development before then. He's member of the Debian VoIP and GNOME teams and enjoys largely scalable setups like his snapshots service Buildserver.NET.

Redundant Network Connectivity Without Provider-Independent Addresses
by Benedikt Stockebrand
Friday, September 7th 2007 16:00-16:45

With more and more small to middle sized sites relying heavily on their Internet connectivity, redundant network connectivity becomes more and more common. With IPv4 redundant connectivity relies entirely on BGP and provider-independent addresses.

With IPv6, a radically different strategy without PI addresses and the subsequent BGP routing information base bloat becomes feasible. The talk explains how to use multiple address prefixes, interior dynamic routing and IP encapsulation to set up redundant network connectivity through multiple uplink ISPs.

Slides...

About the speaker:

Benedikt Stockebrand is a "Diplom-Informatiker" workingas a freelance IT consultant, book author and journalist, specializing in system architecture, security design, Unix and TCP/IP networks. He is the initator of the ECAI6 conference.

Status of open source and commercial IPv6 firewall implementations
by Peter Bieringer
Friday, September 7th 2007 16:45-17:30

IPv6 defines end-to-end communication as a mandatory feature. Network address translation (NAT) was left out by design. Therefore gateway and endpoint security is more important than in IPv4 world today to fulfill a given security policy.

This talk will cover an overview about the current status of some open source and commercial available firewall implementation for IPv6.

It is planned to cover IPv6 capabilities like packet filtering, connection tracking and deep packet inspection of at least following firewall implementations:

  • Open Source based firewall frameworks:
    • Linux netfilter
    • *BSD IPfilter, pf, ipfw
  • Open source operating systems with built-in firewall capabilities:
    • Red Hat Enterprise Linux, Fedora, Debian, ubuntu
    • Sun Solaris and other BSD based OS
  • Open source based firewall products
  • Open source tools for filter generation
  • Commercial firewall products for gateways:
    • Check Point FW-1
    • Fortinet Fortigate
    • Juniper SSG
    • Cisco ASA
  • Commercial products for endpoint security:
    • Microsoft Windows XP built-in firewall
    • Kaspersky Internet Security
    • F-Secure Client Security

Slides...

About the speaker:

Dr. Peter Bieringer, born in 1968, had studied Physics at the TU Munich/Germany (finished 1994) and append a PhD on the University of Federal Army Forces in Munich in semiconductor analysis (finished 1999). During this time, the author got in contact with the Internet by administration of the institute's LAN. A request for designing a course on IPv6 in 1996 was the trigger for his IPv6-related work. After a 15 month job position covering system administration and network consulting, he joined AERAsec Network Services and Security GmbH in September 2000 as security consultant and trainer for several courses including one about IPv6. He is also publisher of several IPv6 related documents on the World Wide Web like the 'IPv6 & Linux - HowTo' and its successor 'Linux IPv6 HOWTO', 'IPv6 & Linux - Current Status'. Also he programs the tool 'ipv6calc' and developed the IPv6 support in 'initscripts', which is used in Red Hat (Enterprise) Linux / Fedora (Core) and clones. In addition he is co-founder and core member of 'Deep Space 6' and a member of the 'German IPv6 Task Force'.

Veranstaltungen
OpenPGP.conf
OpenPGP.conf 2016
08. - 09.09.2016 in Köln
Kalender
28.Juli 2016
KWMoDiMiDoFrSaSo
29  18 19 20 21 22 23 24
30  25 26 27 28 29 30 31
31  1 2 3 4 5 6 7
32  8 9 10 11 12 13 14
33  15 16 17 18 19 20 21
34  22 23 24 25 26 27 28
GUUG News