Home | Background | Mapping | Enabling | Awareness | Infrastructure | Standards | Contact
Activity 2.4 EAD Description Document
1.1 PurposeThe Easy Access Device (EAD) has been developed with the purpose of providing a small businesses (leas than 50 employees) with a simple, easy to use IPv6 Internet access device. The system is designed as a small unit that would be installed in a small business, and connects directly into a DSL, cable or wireless broadband termination unit (typically a modem). The unit provides the basic network services normally required at a small office network boundary for both IPv6 and IPv4 networks.
1.2 ScopeThis document covers:
- Capacity of System
- Design Overview
- Description of System
- Logical System
- Routing Design
- Layer 2 Connectivity
- Physical Connections
- Remote Connection
- Computer Platform
- Regulatory Matters
- Other Regulatory Issues
- Future Plans
1.3 DefinitionsThere are many resources for definitions of technical terms in IPv6 and networking, e.g.: Underpinning Infrastructure Glossary, Wikipedia on IPv6, IPv6 Glossary. Terms can also be easily defined by using common search engines like Google Australia.
2. Capacity of SystemThe system is set to operate with no greater than 253 devices connected to its downstream interface. In normal practice, the device will operate with the typically available broadband services within Australia used by small businesses, that is less than or equal to 50Mb/s, however the system theoretically sustain a throughput of 80Mb/s. Theoretically, also, the device could operate with thousands of devices connected downstream, however the standard configuration of the device does not take this into account.
3. Design Overview
3.1 Description of SystemThe typical small business local area network (LAN) will comprise a firewall, a network address translation (NAT) device, a relatively small number of computers (1-80) and a number of peripheral devices, such as printers, scanners, card readers, fax machines etc. All of these devices will typically connect to networking equipment, such as routers, switches and hubs, or directly via connector cables. In turn, these devices are connected to a network termination unit (NTU), the specific type of which will depend on the particular IPv4 Internet access service used by the small business.
The majority of small businesses will not run their own Domain Name Server (DNS), e-mail server or web server. The majority of these services will be outsourced and run either by the Internet Service Provider (ISP) providing the direct Internet access or a third party for application services, web and e-mail hosting.
The IPv6 Easy Access Device (EAD) is designed to connect between the NTU and the small office LAN. The EAD will provide the range of basic Internet services required to ensure an Internet service can operate, ie DNS, IP addresses (via DHCP for IPv4), NAT for IPv4 and IP address configuration for IPv6.
In addition to these services, the EAD constructs a virtual tunnel between itself and a suitable IPv6 Internet tunnel broker, which in this case is Telstra. Thus IPv4 connections are proxied and passed natively to the access provider, and IPv6 connections are passed via the tunnel to the tunnel broker which then connects natively, or via additional tunnels to other IPv6 networks.
3.2 Logical SystemLogically, the EAD is a simple 'tunnel terminator' connecting to an upstream 'tunnel broker'. Alternative versions of the device could operate via an authenticated tunnel, however this has not been examined at this time. The tunnel essentially forwards all IPv6 traffic from the source address to the destination address unchanged.
The EAD proxies IPv4 traffic via NAT to provide the apparent unbroken access to Internet services and uses the existing DNS approach employed by the small business at the time of installation. IPv6 is passed via the tunnel to the upstream IPv6 provider, and uses the AAAA records provided by IPv4 queries to resolve target addresses.
3.3 Routing Design3.3.1 IP Routing
As is usual for a small business connected service, the EAD uses no IP routing protocols and does not participate in the protocols used for receiving dynamic topology updates from Internet routers.
Some small businesses will be connected via ISDN or frame relay and will use a router. In which case routing protocols obtaining dynamic updates of Internet topology will be received. In this case the EAD still will not participate in routing protocols and will rely on the base IPv4 connection to maintain the underlying link.
In the case where the internal LAN is of sufficient complexity to require a router, the EAD could be used, however, this would require the EAD to be located within a demilitarized zone. The EAD would still not participate in routing.
3.3.2 IP Address Plan
Each EAD uses private IPv4 addressing and uses Provider Dependant IPv6 addresses allocated by the IPv6 tunnel broker provider. The particular private address space used is typically 192.168.1.x/24.
All addresses are allocated dynamically, via DHCP in IPv4, and via the router advertisement daemon (RADVD) in IPv6. Each small business LAN host undertakes neighbour discovery in order to locate upstream routers and adjacent services on the LAN. DHCP is not available in IPv6, however RADVD provides all the services previously available via DHCP.
Each LAN host obtains an IPv6 address comprising the hardware address of the device and the upstream address portion provided by the service provider. IPv4 routing is provided via a static route from the host computer to the EAD provided via DHCP.
3.4 Layer 2 ConnectivityThe EAD acts as a network bridge, passing all IPv6 packets from the source to the destination. The EAD is transparent to the IPv6 traffic flowing through, and does not form any broadcast domains, spanning tree components, and acts as a transparent bridge. For IPv4 connections, the EAD acts as a layer 2 termination point, as it comprises a subnetwork boundary.
3.5 Physical ConnectionsThe EAD is connected via a single RJ-45 Category 3 (or above) cable to both the upstream NTU and the downstream router, hub or switch providing the small business LAN connectivity. No additional connectors or cables are required.
3.6 Remote ConnectionThe EAD is installed with a VPN capability in order to create a subsequent IPv6 tunnel to the EAD from any remotely connected IPv4 computer.
3.7 Computer PlatformThe PC computer used is a generic mini ITX based server made by Via Technologies, based in Taiwan. The system uses a 600MHz Via E7 CPU, 512MB RAM, with an 80GB hard drive. The system has dual onboard ethernet, however some units have more than 2 ethernet connections.
The device runs on a generic small-sized personal computer running Ubuntu Linux, currently version 6.06LTS, kernel version 2.6.18. It also runs iptables for firewall services.
4. Regulatory Matters
4.1 InterceptionThe EAD service does not comprise a carriage service, and the provision of an EAD does not constitute a the provision of a carriage service. As a result any interception requirements as defined under the Telecommunications Act will be met by the ISP providing the base IPv4 Internet access.
4.2 Other Regulatory IssuesThis system is not subject to other regulatory constraints, eg content control, and is not subject to any IP performance standards as would be the case in telephony (viz a simple telephone service as defined by ACMA). In the majority of cases, parental controls are exerted by the browser used to view Internet content. These remain unaffected by the form of IP transport chosen, whether it be IPv4 or IPv6.
5. Future PlansThis system is a prototype. As it develops and improves, more detailed documentation will be written. Future aspects to be covered will include:
- Network Management and Monitoring
- Security Considerations
- Growth Strategy
Narelle Clark, Vice-President, Internet Society of Australia
and Dr Kate Lance, Internet Society of Australia.
The IPv6 for e-Business project is supported by the Australian Government through the Information Technology Online (ITOL) Program of the Department of Communications, Information Technology and the Arts.