1 / 23

IPv6 Introduction and Technical Overview

IPv6 Introduction and Technical Overview. Tim Chown tjc@ecs.soton.ac.uk School of Electronics and Computer Science University of Southampton (UK) IEC 21st Century Conference, 27th March 2006, London. What is IPv6?. An upgrade to the existing Internet Protocol, IPv4 Key enhancement

lorin
Download Presentation

IPv6 Introduction and Technical Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IPv6 Introduction and Technical Overview Tim Chown tjc@ecs.soton.ac.uk School of Electronics and Computer Science University of Southampton (UK) IEC 21st Century Conference, 27th March 2006, London

  2. What is IPv6? • An upgrade to the existing Internet Protocol, IPv4 • Key enhancement • 128-bit address format, vs IPv4’s 32-bit format • Impact: • Enough globally routable address space for all devices • No need to use Network Address Translation (NAT) • All devices directly addressable • Restoration of ‘end-to-end’ principle of Internet • SOHO networks can be providers as well as consumers

  3. Who’s standardising it? • All IPv6 standardisation work is done in the Internet Engineering Task Force (IETF) • http://www.ietf.org • Many related Working Groups (WGs): • IPv6 (now approaching completion) • IPv6 Operations • DNS Extensions and DNS Operations • DHC • And others… • Standards are mature and implemented • Witness vendor implementations

  4. Other benefits of IPv6 • Network plug and play • Stateless Address Autoconfiguration • Mobile IPv6 • Roaming between networks • Explored in more detail later this morning • Wider support for IPsec • Full support for IPv6 IPsec in Windows Vista • Potential for host-to-host IPsec, unimpeded by NATs • Streamlined, extensible IPv6 header • Efficient, and easier to add protocol extensions later

  5. What, no NAT? • NAT has become widely deployed • Has perceived advantages • Simple to deploy for home users • Security (internal addresses unreachable) • Offers internal topology hiding • Easy renumbering • How are features of NAT achieved in IPv6? • See IETF text on IPv6 Network Architecture Protection • http://www.ietf.org/internet-drafts/draft-ietf-v6ops-nap-02.txt • Co-authored by chair of the IETF

  6. Changed Removed The IPv4 header 0 bits 4 8 16 24 31 Ver IHL Service Type Total Length Identifier Flags Fragment Offset Time to Live Protocol Header Checksum 32 bit Source Address 32 bit Destination Address Options and Padding

  7. The IPv6 header 0 4 12 16 24 31 Version Class Flow Label Payload Length Next Header Hop Limit 128 bit Source Address 128 bit Destination Address

  8. IPv6 addresses • Example: • e.g. 2001:0630:00d0:0080:dead:beef:0bad:cafe • which can be written 2001:630:d0:80:dead:beef:bad:cafe • Various scopes of address are defined • Link-local addresses - used on a local subnet/link • Unique Local Addresses (ULAs) - for use within a site • Global addresses - globally unique and routable • Multi-addressed hosts are normal in IPv6 • Source/destination address selection rules are applied • Default subnet size is a /64 (64 host bits) • No need to shrinkwrap subnets for address conservation

  9. How much address space? • Common policy agreed by ARIN, APNIC and RIPE • The three worldwide Regional Internet Registries (RIRs) • “End sites” get a /48 size network prefix allocation • Approximately 65,000 subnets possible, each of size /64 • ISP’s by default get a /32 prefix • Enough for approximately 65,000 customers with a /48 • Can acquire more address space through RIRs • e.g. France Telecom has a /19 prefix allocated • Can use global addressing for own infrastructure • No need to use ‘Net10’ private IP addresses • You can get as much address space as you need

  10. Stateless Autoconfiguration • IPv6 hosts can autoconfigure basic network settings: • IP address • Default gateway (router) • This can be done with Stateless Autoconfiguration • Node builds its address from • An advertised /64 size network prefix • A 64-bit host part generated based on its MAC address • Prefix information is advertised by a router, either • Periodically (typically every 600 seconds) • On request (a node sends a ‘Router Solicitation’ request) • Allows minimal configuration without DHCP

  11. Autoconfiguration example

  12. Some IPv6-specific tricks • Cryptographically Generated Addresses (CGAs) • RFC3972: Hash crypto data into the address’ host part • No room to do this in IPv4 addresses • Privacy addresses • RFC3041: use a “random” host part of the address • Avoid being ‘traceable’ over time • Resilience to external port scanning • 2^64 hosts is a lot to scan on just one /64 size subnet • In IPv4 one port per subnet is 5 minutes (256 addresses) • In IPv6 it is 500 billion years (2^64 is a big number!) • So consider how else attackers may harvest addresses

  13. IPv6 configuration: Win XP

  14. Some IPv6 differences • No fragmentation at routers • Hosts must fragment if required • Minimum MTU is 1280 bytes • No IP layer header checksum • No broadcasts • IPv6 uses multicast on the local link instead • No ARP • IPv6 uses Neighbor Discovery and ICMPv6 • Inherent Duplicate Address Detection (DAD) • Privacy addresses means hosts change IP over time

  15. Many similarities • IPv6 is still IP • QoS methods similar; IPv6 header includes Flow Label • Applications still use socket code • New IP version independent API (RFC 3493, RFC 3542) • Java supports IPv4 and IPv6 since JDK1.4 (Unix) and JDK 1.5 (Windows) • Similar routing protocols • RIPng • IS-IS • BGP4+ • OSPFv3 for IPv6

  16. Adding IPv6 to an IPv4 world • Current Internet is IPv4 • New IPv6 services will be introduced • Might have IPv6-only systems, which implies that • IPv4 systems need to access IPv6 services • IPv6 systems need to access IPv4 services • Need some form of ‘protocol translation’ for these cases • May have ‘islands’ of IPv6 networks deployed • Use IPv4 infrastructure to carry IPv6 data (tunnelling) • Or perhaps support both protocols in the interim • Application/user shouldn’t care

  17. Various approaches/tools • Dual Stack • Servers/devices speaking both protocols • Tunnels (“connecting IPv6 clouds”) • Running IPv6 encapsulated over IPv4 links • IPv6 packet is data payload of IPv4 packet • May be router-to-router or host-to-router • Automatic and manual tunnel setup methods • Translation methods (“IPv4-only to IPv6-only”) • Network layer: Rewriting IP header information • Transport layer: Rewriting TCP headers • Application Layer Gateways (ALGs)

  18. Dual stack systems • Applies to hosts or routers • Run both IPv4 and IPv6 protocols • Need to choose when to use each • Routers need hardware support • Need routing table for each protocol • Implies extra overhead during transition • Assumes enough IPv4 addresses • IPv4 addresses may need to be dynamic not static • Need to firewall both protocols • Otherwise adding IPv6 creates “back doors”

  19. A router-to-router tunnel

  20. Application layer gateways • An IP device running dual-stack • Can access IPv4 and IPv6 services • Uses “natural” proxy-style function • For example: • Web cache • SMTP/MX (mail) gateway • H.323 proxy • SIP proxy • etc… • But: not all services can be handled by an ALG • Sometimes performance may be an issue

  21. Web cache example • Uses dual-stack proxy feature: • Client on IPv6 only network, talks IPv6 to the web cache • Web cache is dual-stack, so can fetch pages over IPv4 or IPv6 and then relay response over IPv6 to the client

  22. Best transition method? • We have a “toolbox” of methods • Some suited to certain scenarios • IPv4 hosts will be around for a long time, with transition ongoing for many years (10+) • Initial focus on dual-stack deployment • Use IPv4 to talk to IPv4 networks • Use IPv6 to talk to IPv6 networks • Avoid using translation, especially at network layer • But remember current predictions • IPv4 allocation shortages by 2010-2012 • http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_8-3/ipv4.html

  23. Summary • IPv6 is defined as the successor to IPv4 • Standards are mature • Implementations largely mature • Windows Vista will have IPv6 enabled by default in 2006 • IPv4’s lifetime is limited • No ‘big bang’ date, but pressure likely before 2010 • Begin planning now; consider in all procurements • Consider transition & integration plans • Consider opportunities with enhanced IPv6 protocol • Potential for new services • More streamlined application development (no NAT)

More Related