LACNIC Initiatives Encourage IPv6 Deployment at Universidad Autónoma de Yucatán
Universidad Autónoma de Yucatán (UADY) of Mexico was one of the participants of LACNIC’s IPv6 Challenge. This was the third time that the university participated in the Challenge and the most successful: UADY took the first prize in this edition of the contest organized by LACNIC’s R&D department to promote IPv6 deployment in the countries of Latin America and the Caribbean.
Carmen Denis, Head of IT Infrastructure and Telematics Services for UADY’s university network, is coordinator of MANRS and the IPv6 transition project at this Mexican university.
Members of the winning team Lucía Cab and Diego Aguilar were supported by the entire team working on the IPv6 deployment project for the university network: Enrique Solís, Carlos Rico, Wilberth Pérez, Christian Méndez, Emmanuel Serrano and Carmen Denis.
What are the key lessons learned from this process and the participation of the University in the challenges promoted by LACNIC?
Over the last 18 months, Universidad Autónoma de Yucatán has actively participated in LACNIC events, attending the organization’s annual meetings, through the mailing lists, submitting presentations, and participating in webinars and courses offered through the LACNIC Campus. This participation led to our interest in participating in the last three IPv6 Challenges. We see our learning as a whole. Some of the key aspects we could highlight include the importance of teamwork and collaboration to reach a common goal, respect for process-based work, the adoption of good practices for the operation and management of the university network, the importance of participating and collaborating with different communities in Mexico (ANUIES, CUDI, MEXNOG) and in Latin America and the Caribbean (LACNIC, LACNOG), the importance of continuing education, and last but not least, the recognition of the people who contribute daily to the provision of IT services for the university network.
In the case of LACNIC 30, what did your winning initiative include?
Based on the lab implementations and configurations we had completed for the first two IPv6 Challenges (switching, routing and NAT64), for this latest edition of the challenge we came up with the following initiatives:
- Implementation of an IPS firewall in the IPv6 lab to monitor inbound and outbound traffic to the IPv6 lab network, as well as to manage threats to the network and to future implementations of IPv6 services.
- Implementation of a monitoring platform with IPv6 support, OpenNMS using the centOS operating system platform, for the purpose of monitoring the devices deployed on the IPv6 network.
- Developing the first mobile application with IPv6 support at UADY, using Android Studio IDE. A plan to create an application to monitor future implementations of IPv6 services as part of the university network support team’s visits.
- Implementation of IPv6 Internet on the wireless network in an administrative unit of UADY, using NAT64 Jool to access IPv4 sites and IPv6-only addressing.
- Preparing a project proposal to enable the second IPv6 testing lab to interconnect the data centers of two university campuses.
- Creation of the RPKI and ROA certificate for UADY’s IPv6 address space as part of the process to participate in the global Mutually Agreed Norms for Routing Security (MANRS) initiative supported by ISOC.
How far has this process allowed Universidad de Yucatán to advance its IPv6 deployment?
We can share the IPv6 strategy we are carrying out at UADY as a whole.
We published our own IPv6 block in December 2017. We have structured the IPv6 addressing plan and prepared our configuration to deploy IPv6 in the university’s network. The testing lab has configured the different technologies that support the operation of the university network: switching, routing, IPS firewall, DHCP, DNS, NAT64 Jool, Active Directory INET, WiFi, monitoring system with IPv6 support, developing an application with IPv6 support. At the lab, we use technologies by different manufacturers.
We also implemented IPv6 Internet access in the wireless network of one of UADY’s administrative units, with the following components: NAT64 Jool to access IPv4 sites and only IPv6-only addressing.
We also created the RPKI and ROA certificate for UADY’s IPv6 block.
Many UADY technicians have taken courses offered through the LACNIC Campus: Basic and Advanced IPv6, BGP and RPKI. What can you tell us about this experience? Have these courses helped with your IPv6 deployment?
CATI’s experience with the LACNIC Campus has contributed knowledge and value, not only for the IPv6 project, but also for the adoption of MANRS. Before joining LACNIC as a member, CATI had the opportunity to participate in the Basic IPv6 course free of charge. Then, when UADY became a LACNIC member, CATI decided to incorporate the courses offered through the LACNIC Campus into their employee training program. Between 2017 and September 2018, we successfully participated in 17 courses on the LACNIC Campus, including Basic and Advanced IPv6 as well as BGP/RPKI.
The benefits and achievements of this training include continuous education for the personnel, the creation of a multidisciplinary IPv6 team, an IPv6 testing and configuration lab, participation in three editions of the IPv6 Challenge, and the adoption of MANRS (Mutually Agreed Norms for Routing Security) promoted by the Internet Society.
What administrative and technical difficulties have you encountered when deploying IPv6?
More than difficulties, we’ve had to face several challenges such as time management and prioritizing the IPv6 deployment project. This was possible thanks to the support of our coworkers at the University’s IT Coordination department.
CATI works using a process-based approach and applies risk-based thinking to leverage opportunities and avoid unwanted results. This is the context in which we developed the IPv6 project for the university network, where there are preventative controls in place to minimize the negative effects of IPv4 address exhaustion and maximize the use of IPv6 adoption and deployment opportunities. To achieve this objective, CATI had to implement different strategies for improving collaboration, as well as corrections and continuous improvements to the processes used in our testing and configuration laboratory, all of which have opened the door to innovation.
Click here to watch the announcement of the winners of the IPv6 Challenge