A newcomer’s experience at IETF 

By on 3 Jul 2024

Categories: Community Tech matters

Tags: , , , , ,

1 Comment

Blog home

Photo of Kavya (far left), and fellow Internet Standards Ambassadors at IETF 119.
Kavya (far left), and fellow Internet Standards Ambassadors at IETF 119.

I’m an undergraduate Computer Science and Engineering student at the National Institute of Technology Karnataka (NITK) Surathkal, India, where I’ve had the opportunity to work on highly interesting projects throughout. Networks and security have fascinated me since my sophomore year, so when I had the opportunity to work on real-world networking problems, it was a no-brainer! 

With the guidance of Nalini Elkins and Professor Mohit P. Tahiliani, I began working on IPv6 Neighbor Discovery Enhancements, where we aimed to try and improve the scalability and performance of Neighbor Discovery in enterprise networks. In my final year, I joined the IPv6 deployment project at NITK Surathkal and got hands-on experience with setting up an IPv6-only testbed that ran DHCPv6 and DNS servers too. 

Participating in IETF 118

My first IETF experience was attending IETF 118 in person, with my travel funded by NITK Surathkal through the project grant from ISIF Asia. I was also able to attend IETF 119 as an Internet Standards Ambassador supported by the APNIC Foundation and am grateful to have had both these opportunities to interact with the IETF community.

The IPv6 Operations (v6ops) Working Group side meeting included a presentation on Neighbor Discovery Enhancements, a project on which Nalini Elkins and Priyanka Sinha have mentored the team at NITK. I presented on behalf of the student team, comprising Sudesh Gowda, Advaith Curpod, and myself. We discussed changes implemented in freeRtr, an open source routing simulation software, and future changes to be made to Linux kernel code. This presentation introduced interesting discussions on the topic and pointed out security aspects that we had not considered earlier. Moving forward, we plan to make further changes to ensure that we incorporate suggestions proposed at the side meeting. 

The presentations at the Measurement and Analysis for Protocols (maprg) Research Group were very interesting, and I found the sessions on QUIC, DNS, and IPv6 quite intriguing. The talk on adaptive address selection in dual-stack hosts piqued our group’s interest as it directly relates to the IPv6 deployment project at NITK. 

Talks at the IPv6 Maintenance (6man) Working Group session provided insights about where to direct our focus, especially the discussion on requiring preference for ULAs over IPv4 addresses. We wrapped up the day by attending a fun series of Pecha Kucha talks and were in awe about how much information can be packed into a 20-slide presentation in just under seven minutes!

The social events scheduled throughout the week were a great way for us as newcomers to speak with experienced IETF participants. We greatly enjoyed the New Participants’ Quick Connections and the Welcome Reception, where we got to interact with folk who work on IPv6, network configuration, cryptography, and DNS, just to name a few! As female IETFers, we also had the opportunity to attend the Systers Networking events, a supportive environment where women and non-binary participants shared advice and their experiences. We are grateful to have received the opportunity to discuss our work on IPv6 protocols in person with other IETF attendees, and we got great feedback on how to steer our ongoing projects. 

We attended meetings of the DNS Operations (dnsop) and Post-Quantum use in Protocols (pquip) Working Groups on the last day of IETF 118. The discussions on post-quantum cryptography, DNS notifications and domain control validation were highly interesting, and we hope to explore these topics further in the future. 

We had a great week learning and discussing several interesting topics at IETF 118, and this would not have been possible without the guidance of Mohit P. Tahiliani, Nalini Elkins, Michael Ackermann and Dhruv Dhody. Their mentorship helped us navigate our way through our first in-person IETF meeting, and we are glad for their endless support throughout! We would also like to thank the APNIC Foundation for funding the IPv6 Deployment project at NITK and enabling us to attend IETF 118. 

My involvement in the NITK IPv6 project

I had been working on the IPv6 Neighbor Discovery Enhancements project for about eight months when the IPv6 deployment opportunity came up. It felt like a natural next step to expand from focusing on a single protocol to start exploring broader topics in IPv6. Professor Mohit explained that we would eventually be deploying services such as DHCPv6 on the production network, testing end-user connectivity and debugging issues — the idea of working on a project that also benefitted the college network was enticing. It was to begin with setting up a minimal IPv6-only testbed and honestly, one of the first things that caught my attention was that I would be able to configure a switch myself! Having only read about this stuff before, I jumped at the chance and joined the team.

How we did it

The first thing for anyone starting off with IPv6 is probably to complete the online IPv6 Fundamentals course at APNIC Academy. That provided a solid foundation and enabled me to figure out how to start working on the testbed setup. Our alumni are also part of the project effort and are great mentors to us. With their help, we figured out what topology we could use to ensure that the IPv6 traffic from the testbed remained isolated from the rest of the college network. I then started off with configuring VLANs on an L2-managed switch and setting up the end clients. This was followed by setting up a DNS forwarder and DHCPv6 server on two systems, which responded to the respective queries from the remaining hosts. 

After we had a minimal functioning setup established, we began documenting the process followed and the challenges faced. Alongside, I began exploring Neighbor Discovery snooping, which looked like a useful feature to ensure that the ND cache would not be poisoned by malicious actors within the network. 

Following this, we began migration of our data centre VLAN to IPv6. We enabled IPv6 routing on the core switch and used a test virtual machine to verify routing and perform basic connectivity tests. Once this was done, we set up a DHCPv6 server in a provisioned container and started leasing IPv6 addresses to a couple of subnets in the Central Computing Center (CCC) at NITK.

We conducted an IPv6 Workshop in March 2024, attended by students and faculty from nearby universities. I took two sessions, one discussing DNS modifications for IPv6 and another about the Neighbor Discovery Enhancements project. We also conducted a hands-on lab session for the participants, where we facilitated them to set up a testbed that contained one DHCPv6 server, one DNS forwarder and an end host.

As someone fairly new to IPv6, I definitely spent several hours poring over how certain things were expected to work and figuring out whether the observed behaviours on the testbed matched this. For example, while initially setting up the testbed, we weren’t able to ping the external Internet from any of the end clients. Along with our alumni, we spent a couple of hours debugging this, only to find out eventually that the OPNsense router hadn’t added a default gateway! 

Another problem that comes to mind is how Linux systems do not accept configurations in the Router Advertisements by default — any information specified in the RAs would be ignored by the end client, which we were pretty confused by initially. Such observations were valuable while documenting the entire process and resulted in interesting discussions when we were at the IETF meetings. View the testbed and migration documentation (both PDF).

What next for the project?

On the infrastructure migration side of things, the next steps involve the migration of a couple of VLANs to IPv6. A trusted set of users would test functionality, report issues faced and debug the same. This would then enable us to eventually migrate all the VLANs on the network with minimal disruption. We also seek to profile the working of different protocols and services (such as DNS, DHCPv6) on IPv4 vs IPv6, and document the process.

IRIS is a learning management system at NITK that has over 7,000 daily users and has been migrated entirely to IPv6. The student team at IRIS has worked on application migration to IPv6. While services such as the Rails app, Docker, and GitLab have been migrated, upcoming work includes migrating the existing Moodle Kubernetes deployment and studying migration to IPv6 for other applications such as Big Blue Button (used for sharing recorded lectures). We have obtained some statistics such as the number of hits to IRIS on IPv4 vs IPv6, and further profiling of all other applications is in progress.

I’m looking forward to being involved in both these projects and more opportunities to engage in the standards and Internet operations communities.

Rate this article

The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.

One Comment

  1. Kaboggoza Rajjab

    CONGRATULATIONS upon taking up this opportunity and focusing till the end of the deliverance.
    I have a reason to keep pushing with my studies.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Top