6Sense: Generating New Possibilities in the New Internet.
Produced by: IPv6 Summit, Inc.

IPv6 with an Optical Core
by Dr. Lawrence G. Roberts
CEO, Anagran

Dr. Lawrence G. Roberts

The need to convert our networks to IPv6 has been made quite obvious; we need the address space and the security. However, the issue is how to convert without a very large replacement expense. Given the need to rebuild, perhaps the basic structure of the network should be re-examined in light of current technology to substantially reduce the network cost. A revolutionary design would be to use an all-optical core with the edge based on flow routers. Not only will the cost be vastly reduced but also the network will much more effectively support video, voice and high-speed data.

At the same time that we are faced with the need to replace our current IPv4 network with an IPv6 network, two revolutionary advances in network technology have been taking place; optical switching and flow routing. Both are substantially less expensive than the current technology, the packet routers that I introduced in 1969.

Optical Core – Whole Lambda Paths:
Optical (Photonic) core switches clearly provide the lowest cost core that we can now envision. They do not need to switch rapidly; they only need to be able to rearrange the lambda paths slowly as the traffic patterns shift. This is the way the telephone network evolved, most cities have dedicated capacity to most other major cities and only a fraction needs to be switched to accommodate the daily traffic pattern shifts. Using this concept, the lambdas through the core need only be rearranged weekly or monthly.

Flow Router GR IP Tunnels – Sub-Lambda Paths:
Earlier this year, British Telecom introduced and passed a standard recommendation in the ITU, the concept of Guaranteed Rate IP Tunnels. Such a tunnel is created between two flow routers as a Guaranteed Rate IP flow at any rate and is used to tunnel any number of IP flows between the end points. It is permanent until closed and routers along the path need only switch packets thereafter, not route them. Thus, it can be supported at very low cost compared to packet routing. Using these tunnels, every network node can set up the base capacity it requires to every other node, even when the capacity is less than one lambda. The tunnel capacity can be changed minute by minute as the traffic pattern shifts.

The core network structure is now very inexpensive using optical switching for whole lambdas and flow switching of sub-lambda tunnels. Any remaining sub-minute flux in the traffic pattern can be switched as individual flows through the edge flow routers.

Flow Router IPv6 Edge – Cost Reduction:
The reason for using flow routers at the edge is both lower cost and improved QoS for video and voice. When the first packet of a flow arrives, it is routed much as in a normal packet router. Since only the packets in a flow must stay in order, flows can be routed across any near-equal cost path through the lambdas, tunnels, or other flow routers. The majority of the traffic will only be routed twice per flow (once at each edge) and in-between all the packets will be switched across a light path or tunnel directly to the destination. In some cases, another edge router will be needed to balance the load and extra routing may be required. But the cost saving is still major since the number of routes will be two to three per flow across the whole network rather than all the packets in the flow (>14 average) times the packet hops of perhaps six today, a total of 84 routes vs three.

Routing is the majority of the cost in packet networks today. The cost of lambdas has come way down and the cost of switching is far less than Level 3 routing. The optical switching is the least expensive part. Thus, the total cost of this network structure is dramatically less than today’s designs.

A second cost factor is that flow routers can achieve very high trunk or tunnel utilization because they control the rate of each flow and thus can ensure that the trunk or tunnel is utilized about 85% for bursty traffic and >95% for GR Tunnels. By controlling thousands of flows individually, the standard deviation (SD) of the total is reduced by the square root of the number of flows. Instead of 16 queues, when one controls 1M flows in a 10 Gbps lambda, the SD is reduced by 1000:1 rather than 4:1.This allows very high utilization of the trunk as opposed to the current over-capacity model.

Flow Router Edge – QoS:
The second benefit of the flow router edge is that each flow can be managed to ensure no loss or jitter for streaming media like video and voice. If too many flows arrive that would overload the local loop, the new or lower precedence flows are dropped, rather than adding them in and then having to discard packets from all of them. This is only possible if flow state memory is maintained, something that was uneconomic in the '70s and '80s but is now quite inexpensive.

Thus streaming media can be supported with TDM quality even while mixed with bursty data traffic. Also, by controlling the total load the queuing delay for data is simultaneously reduced from milliseconds to microseconds. Fairness can also be imposed on each class of traffic since each flow is rate controlled. Thus, no one user can hog the whole cable or Wi-Fi mesh with a massive P2P flow while others suffer very low throughput.

Flow Router Edge – Security and IPv6:
Packet routers need additional routing capacity to support IPv6 due to the longer addresses. Flow routers reduce the routing to once per flow so that the larger load of IPv6 is easily handled with no change. Also, security can be improved by checking the source address, an extra route that cannot be afforded in packet routers. Distributed Denial of Service (DDOS) attacks like SYN Floods (all flow starts) are difficult to detect in a packet router, but since the Flow Router is recording all flows, too many new flow starts are easily detected and then quenched with DOS blocking. Thus DDOS attacks are largely eliminated with Flow Routers. The conversion to IPv6 at the edge then completes the security picture creating a much more secure network.

Conclusion:
Instead of looking at the conversion to IPv6 as a huge replacement expense, it is time to use this conversion to restructure the network to use the new, less expensive network components and make the conversion a major operational and capital cost saving while also gaining the benefits of improved QoS and security.