2016 marked the start of the third and final phase of the China Next Generation Internet (CNGI) IPv6 program.
First launched in 2003 by the Chinese government, the CNGI has funded projects to advance China’s Internet infrastructure, with an emphasis placed on adopting IPv6 to meet its growing demands for Internet resources.
The initiative has, so far, produced six nationwide backbone networks and 39-gigabit point-of-presences, which connect more than 20 major cities.
Importantly, the China Education and Research Network (CERNET) has played an important role in developing and deploying the country’s first IPv6-only backbone network (CERNET2), which connects over 300 academic, industrial, and government research campuses within China.
The IPv6-only hosts in CERNET2 are based on a prefix-specific and stateless transition technology we have developed called IVI Translation (RFC6219), which allows hosts using either IPv4 or IPv6 to communicate with each other, and keeps end-to-end address transparency. Its name originates from the Roman numerals for four (IV) and six (VI).
In the IVI design, subsets of the ISP’s IPv4 addresses are embedded in the ISP’s IPv6 addresses. Hosts using these IPv6 addresses can, therefore, communicate with the global IPv6 Internet directly and can communicate with the global IPv4 Internet via stateless translators. This means it has all the features of stateless technology including scalability, security and end-to-end address transparency. Other benefits are:
- It is the building block of stateful NAT64, stateless double translation MAP-T and stateful double translation 464xlat.
- Public IPv4 addresses can be statelessly shared using PSID (MAP-E/MAP-T).
- IPv4 as a Service (4aaS) can be built on IVI, and when double translation is unnecessary in the future, it will reduce to single translation transparently.
Notably, the CERNET2 network has not experienced any problems when there is a large amount of IPv6 users using IVI to connect with an IPv4 network – it currently supports 80G of IPv6 traffic and 15G of IVI wrapped packets. This is because the stateless technology allows us to add more IVI translators between IPv4 (CERNET) and IPv6 (CERNET2) to increase bandwidth, the same as in the case when we add more bandwidth and router interfaces when dealing with a single address family (IPv4 or IPv6).
Deploying the technology, however, has met several challenges, notably, the lack of experience and knowledge network engineers have with IVI, and legacy OSs and applications, which don’t support IPv6 or have address literals embedded in the application.
To address the knowledge gap, the government is continuing to provide training to network engineers. And in the case of legacy OSs and applications, we successfully use double translation.
IVI technology has been a key outcome from the CNGI and will be used extensively in the coming year to connect another 1,200 academic and research institutes to the CERNET2 network, along with the deployment of source address validation improvements (SAVI) to help enhance the security of IPv6-only networks.
Ultimately, CERNET2 is and will continue to set the standard for the development of new commercial networks in China in the coming years to accommodate the vast number of Chinese users, and things, that have yet to connect to the Internet.
Xing Li is a Professor in the Electronic Engineering Department at Tsinghua University, Beijing, China and deputy director of CERNET.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.
Does any ISP except China use IVI?? I am wondering if IVI is a unique technique used only by CERNET2…