Thoughts - Top of My Mind: January 2014

Document assume reader is familiar with basics of IPv6, so we are directly getting into IPv6 packet flow.

We are going to discuss mainly four packet exchange happening between client and router which is fundamental to all IPv6 addressing. Neighbor Discovery (ND) mechanism contains mainly 4 packet exchange and all of them works based on ICMP v6. We need to make sure ICMP v6 is allowed in controller for IPv6 to work in a Aruba controller.

1. Router Solicitation

2. Router Advertisement

3. Neighbor Solicitation

4. Neighbor Advertisement

RS (Router Solicitation) :-

If a client is IPv6 capable first packet goes out of client will be RS. This is send to ff02::2 (Multicast group for All Routers capable of providing RA). RS is not mandatory in a IPv6 scenario, there is always a possibility to client get an RA before it send a RS to the network.

RA (Router Advertisement) :-

Send from Router which will be send to ff02::1 (Multicast group for all nodes ). There are two purpose for RA

1. Providing the prefix for the client to generate IPv6 address. RA provides first 64 bits in the IPv6 address

2. Gateway for the client. Client gateway will be always link local address of router.

Unsolictated RA :- Router can be configured in such a way that it will send RA periodically. Getting an IP in this mechanism is called Unsolictated RA. Router will not be waiting for RS to come to send an RA in this case.

Solicitated RA :- In this case router respond back only if it gets an RS from client.

DHCP v6

In DHCP v6 (Stateful mechanism) we still need RA as the IPv6 DHCP don’t have the default gateway option. Gateway for the client remains the link local address of the router

In this case there will be a m bit in RA which will be set which says RA is not capable of providing you prefix but only the gateway. Once client see m bit is set it triggers the DHCPv6 process.

Neighbour Solicitation (NS) :-

Mainly 2 type of NS is there for two purposes

1. Duplicated address detection – Same as GARP in IPv4

2. Keep alive – ARP in IPv4

Duplicate Address Detection :

Client send this packet to ff02:1::<last 24 bit of client mac> (Multicast group) where ideally no one else would have joined. If some client gets this packet he will check the target field and verify the IPv6 address in case of duplication. Source address of this packet will be either null or link local address of the client. In case of Aruba we normally flood this packet in air so it will go to all the clients. Response comes to this packet only if someone is already using this

Keep Alive

Send to the link local address of router. If it is reachable it will respond back with an acknowledgement. Which is called “Solicitated NA”. This packet will be periodic to make sure the router is still alive.

Neighbour Advertisement:-

Comes as a response to NS if someone has this IP address. Else keepalive response.

Unsolictated NA:-

Once client gets an IPv6 address he sends an NA packet to ff02::1 (All nodes), this used by other clients to update their ARP table. There is no response for this packet. This NA will be send using both link local address and global unicast address.

Duplicate Address
For statically assigned IP IPv4 dont try for duplicate address detection, but in case of IPv6 it send an NA even for statically assigned IPs. In case of interface address configuration controller mark the duplicate address as "dupe" in braces if controller finds a duplicate address in the network.

EUI-64
EUI-64 is a mechanism used by IPv6 nodes to make the address unique. Aruba controllers also support this. Take an example where 2 nodes are connected there is always a chance by mistake we give same IPv6 in both end statically. To avoid this while giving IPv6 address on interface add EUI-64 to the IPv6 address. In this scenario controller will generate IPv6 address automatically using its mac address. Interface will take only prefix part of the statically configured IP, rest is generated same as the way client generate its IP.

Normally for link local address we append hex form of vlan ID to make 48 bit mac address to 64 bit but in case of global address it append FFFE in the middle of mac address to convert it to 64 bit. The actually configured static IPv6 address wont be displayed anywhere in controller instead the newly generated IPv6 address. Show running config it show the prefix with eui-64 so user need to understand interface IP is configured using the mac address.

Advantages of IPv6 over IPv4

1. No concept of Broadcast in IPv6 most communication is through multicast
2. Introduction of RA, an option for stateless IP addressing
3. DHCP server is not mandatory in the network
4. No fragmentation in intermediate nodes, TCP MSS is enabled by default. This results in a better throughput in the network
5. Header is much simpler compared to IPv4
6. No option field in header and extension header is introduced as replacement. Which result is a 40 bit fixed header.

Aruba IPv6 Best Practices

1. Defaults values would work and apply for majority of use cases.
2. IPv6 should be globally enabled.
3. Ensure “valid user” session acl does not block ipv6 traffic.
4. Enable BCMC optimization: knob under interface VLAN. This knob is recommended to be enabled at most times as it drops a lot of random IPv6 multicast traffic.
5. There must not be any ACLs that drop ICMPv6/DHCPv6 traffic. If the deployment is such that only SLAAC is being used, then it is acceptable to drop DHCPv6 traffic.

6. If controller is used to provide RA
-IPv6 vlan interface address must be configured that maps to the prefixes configured.
-3 prefixes limit is enforced

7. If an external device provides RA:
        - It is not recommended to advertise too many prefixes in RA.
  -The controller supports up to four IPv6 user entries in the user table. If a client uses more than
          four IPv6 addresses at a time, the user table is refreshed with the latest four active entries
          without disrupting the traffic flow. However, this may have some performance impact.

Visiting North East of India was always a dream for me, reading different blogs I was always fascinated about the life in North East. I want to cover north east at the earliest before it become too commercialized but never got the right company to do that. 2013 winter I made a rough plan to visit north east with my wife and started collecting information's to execute my plan. Soon I understood from different sources that it is not going to be easy for a first timer to NE with family considering different dimensions of the place. Even I don’t have any friends NE so I had dropped the plan to go with family and started looking for a friend with similar mind set as the NE trip is more of a cultural experience than visiting places. In the middle of nowhere I got someone who was ready for this fascinated trip and interesting part was he sits next to me in office for past one year and I never realized it J.

Where to Go

NE consist of 7 sister states so we have to decide where to go. We had only 7 days to spend, this was our judgement on 7 sisters

Assam – NO. Safety is a concern lower Assam and other parts are very much Indianized.

Manipur – NO.Again safety concerns, protests going on against non-Manipuri’s. Few blasts were reported in last week targeting only non-Manipuri’s

Tripura – NO. Small state…. not much to see as per our research

Meghalaya – YES. Biggest attraction was visiting living root bridges also we want to spend a day in Asia’s cleanest village Mawllynong.

Nagaland – YES. The hornbill festival happening at Dec first week also we want to see the Naga culture “the real head hunters” !!!!

Mizoram- NO. Same reason as in the case of Tripura

Arunachal Pradesh- YES/NO . We want to visit Tawang but we had only 7 days for the trip so we kept it as backup plan if we wont get entry to Nagaland. Also Arunachal culture is equally fascinating as Nagas. But we rated Nagas slightly above.

In paper the plan looks fine as we have 7 days and need to cover only 2 states . 3 days per state and 1 day in Guwahati to get the feel of Assam. Also we will be travelling across Assam on the way to Nagaland. So all set and the plan was

Day1 – Bangalore – Guwahati in flight. From Guwahati to Shillong and from thereto Mawllynong (Stay)

Day 2 – Back to Shillong Roam Around Shillong (Stay)

Day 3 – Back to Guwahati and catch train to Dimapur. Roam Around Dimapur(Stay)

Day 4 – Dimapur-Kohima . The Hornbill Festival

Day 5- Explore other parts of Kohima + Hornbill

Day 6 – Hornbill and getting back to Guwahati

Day 7- Reaching Guwahati and Roam Around Guwahati. Catch Evening Flight Back to Bangalore

But plans went terribly wrong while executing it J

Rule No 1 :- Never go to NE with a fixed plan you need to be flexible with your plans.

So here we start

Day 1

We reached Guwahati on time but on the way to Mawllynong we got into Crazy Shillong traffic and lost 3 hours. We reached Mawllynong around 8 PM and spend the day in a homestay inside the village. On the way we stopped in one of the typical Khasi Hotel run by a lady to taste the local cuisine. We had a campfire at night in the homestay and got opportunity to taste the local beer. Homestay Owner was very friendly and happy to know that we are from Bangalore.

Day 2

We got the unexpected on 2^nd day, Khasi people (tribal people of Meghalaya) declared general strike in Shillong. Their demand was to impose ILP for outsiders to enter Meghalaya. We have to start early from Mawllynong to Shillong as they announced some rally by 12 PM. On the way we covered the root bridge in Riwai village and it was stunning. We had stopped in Elephant falls as well and reached Shillong by 1 PM. All non Khasi shops were closed in Shillong and CRPF was patrolling everywhere. We roamed through the safe areas of Shillong in the evening but we made sure we never went out of vicinity of a policeman/army. Khasi youth were conducting rallies in between … we took that also as an experience. Due to this strike we lost the chance to experience the Shillong Night Market and other attractions.

Day 3

Plan was to reach Dimapur at the earliest and spend a night there. We want to see 2 places mainly Dimapur Gun market and Kachori Ruins. But we got a lot of negative reviews about Dimapur from Shillong and our taxi drivers, so we dropped our plan of spending a night in Dimapur. Also our train was late so decided to go directly to Kohima after reaching Dimapur. Yes we took the entry to land of festivals and manage to find a home stay near to Naga Heritage village. Kohima we sync with other groups who came for Hornbill festival. Enjoyed the home made Naga food and famous rice beer at night.

Day 4&5

Hornbill festival, it was exactly as I had imagined. A photographers dream I would say. Even I felt like this is a festival mainly targeting Photographers. At first it makes u too excited, tribal dressing, ornaments, weapons everything will be new to you. After few days you may feel repetitive. As they push the festival from 7 days to 10 days I think the content got diluted. Best part is it extremely colourful and gives you a platform to see all tribes together but most of the time it makes you feel you are watching something orchestrated. All together worth a visit even though it is not well organized. We visited other places like Night Market, Dog Market, Keeda Market etc.

Day 6

We spend half day @ hornbill but Another strike was waiting for us, this time in Dimapur (We need to cross Dimapur on the way to Guwahati). Luckily it was only till 6 PM. We started from Kohima to Guwahati just after the strike and reached Guwahati next day morning.

Day 7

Went to famous Khamakya temple and did some shopping in Guwahati before catching our flight back to Bangalore

Things to Keep in Mind while travelling to NE especially Meghalaya and Nagaland

1. Sunset is around 4.30 and sunrise at 5.30 so the day is short (In December)

2. Limited public transport options and you have to depend on share taxies

3. Travelling in the night is not advisable

4. There are no banks or ATMs outside the city so keep cash with you once you travel outside city

5. As it is recommended to travel only in day time buffer enough time for that

6. Roads are not in good condition and it is a hilly area so travel on the road takes much time compared to other parts of India (Average 30KM/Hr)

7. Don’t trust the trains most of them not on time due to single lines

8. Locals are friendly but you need to bargain most of the places (taxi, hotel, food etc)

9. Limited options for vegies especially in Nagaland. Pork, dog, snail, frog they eat almost everything.

10. People normally use taxi, so you have to trust the driver we used to track the car using GPS to make sure he is not cheating us

11. Most of the tourist places close by 4 PM, plan accordingly.

12. Nothing much happens after 8 PM in these area

13. I am a hard core non vegie but never adjusted with Nagaland food, it has a strange smell.

14. Most of the souvenirs’ are expensive in Nagaland/Meghalaya, I will recommend to do some shopping in Guwahati which was much cheaper.

15. A general strike can be declared any moment in NE and it can go up to a week or more, so don’t go the NE with a tight schedule as ours.

16. ILP is required to enter Kohima but they relaxed the rule for Hornbill festival so we manage to get it without ILP

17. Army is everywhere in Nagaland, I would say every 100 mtr there is an armed personal
18. We spend almost 25K for 1 week trip (Dec 2013) which includes accommodation and flight fare, transportation is expensive due to lack of public transport.