there s no place like 1 ipv6 for dummies n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
There’s No Place Like ::1 - IPv6 for Dummies PowerPoint Presentation
Download Presentation
There’s No Place Like ::1 - IPv6 for Dummies

Loading in 2 Seconds...

play fullscreen
1 / 48

There’s No Place Like ::1 - IPv6 for Dummies - PowerPoint PPT Presentation


  • 285 Views
  • Uploaded on

SESSION CODE: WSV328. There’s No Place Like ::1 - IPv6 for Dummies. Marc Michault Technologist Sidem Systems Solutions. WHAT DOES IT ALL MEAN? Feeling like a dummy…. ? ? ? ?. AGENDA. Packet Overview and IPv6 Addresses Configuration (and Auto-Configuration ) Name Resolution

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'There’s No Place Like ::1 - IPv6 for Dummies' - rex


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
there s no place like 1 ipv6 for dummies

SESSION CODE: WSV328

There’s No Place Like ::1 - IPv6 for Dummies

Marc Michault

Technologist

Sidem Systems Solutions

agenda

AGENDA

  • Packet Overview and IPv6 Addresses
  • Configuration (and Auto-Configuration )
  • Name Resolution
  • Transition Technologies
i packet overview and ipv6 addresses

I - Packet Overview and IPv6 Addresses

  • Packet Overview
  • How to Write IPv6 Addresses
  • Subnetting
  • Address Types
    • Unicast
    • Multicast
the ipv6 packet new and improved
THE IPv6 PACKETNew and improved…
  • IPv6 uses 128 bit addresses
  • Reduced header for faster routing
  • Options in Extensions Headers
  • Supports IPSec(specific extension headers)
  • Supports QoS (Flow Label in header)

Extension

x8-byte

Protocol Data Unit (PDU)

Extension

x8-byte

IPv6 Header

40-byte

ipv6 addresses how to write them
IPv6 ADDRESSESHow to write them
  • Use colons to separate 8 blocks of 4 hexadecimal digits
  • Leading zeros removed
  • Block of zeroes compressed
    • Once only…

1111 1101 0000 0000 0000 0000 0000 0000

0000 0000 0000 0000 0000 0000 0010 0001

0000 0000 0000 0001 0000 0000 0000 0000

0000 0000 0000 0000 0101 0001 0100 0011

FD000000000000210001000000005143

FD00:0000:0000:0021:0001:0000:0000:5143

FD00:0:0:21:1:0:0:5143

FD00:0000:0000:0021:0001:0000:0000:5143

FD00:0:0:21:1:0:0:5143

FD00::21:1:0:0:5143

FD00::21:1:0:0:5143

FD00::21:1::5143

FD00::21:1:0:0:5143

subnetting variable length subnet mask is rarely changed from default
SUBNETTINGVariable-length subnet mask is rarely changed from default…
  • By default:
    • 48-bit Network ID
    • 16-bit Subnet ID
    • 64-bit Interface ID
  • Prefix in CIDR notation:
    • Address/Prefix length: FD00::21:1:0:0:5143/96

Subnet 16-bit

Network ID48-bit

Interface ID64-bit

ipv6 address types meet the family
IPv6 ADDRESS TYPESMeet the family
  • A node typically has multiple IPv6 addresses
    • Link-Local Unicast
      • Interface IDs
    • Global Unicast
    • Unique Local Unicast
    • Multicast addresses
      • Solicited Node
      • Link-Layer multicast addresses
    • Tunnel interfaces
  • Special (Reserved)
link local ipv6 addresses welcome to the neighborhood
LINK-LOCAL IPv6 ADDRESSESWelcome to the neighborhood
  • FE80::/64
  • Similar use to APIPA addresses (169.254.0.0)
  • Always present
  • Required for link-local operations
zone scope identifiers which link are we using
ZONE (Scope) IDENTIFIERSWhich link are we using?
  • Local-use addresses can be reused
  • To avoid confusion a ZONE ID indicates the link
    • On Windows represents the interface index
  • Syntax:
    • ADDRESS%ZONE_ID
    • Example:FE80::C582:1680:D349:A6BF%13
global unicast ipv6 addresses public ipv6 internet
GLOBAL UNICAST IPv6 ADDRESSESPublic IPv6 Internet
  • Similar use to public IPv4 addresses
  • 2000::/3 (= 2000-3FFF)
    • 2001 used for Teredo and 2002 for 6to4 IPv4 compatibility solutions
  • 45-bit Global Routing Prefix, 16-bit Subnet ID
unique local ipv6 unicast addresses private ipv6 intranets
UNIQUE LOCAL IPv6 UNICAST ADDRESSESPrivate IPv6 Intranets
  • Similar use to private IPv4 addresses (RFC 1918)
    • Site-Local addresses (FEC0::) deprecated
  • FC::/7
    • but 8th bit defines “local” so FD::

“local”

multicast ipv6 addresses calling on all members
MULTICAST IPv6 ADDRESSESCalling on all members
  • Used for link-local operations
    • No broadcast in IPv6
  • FF followed by 4-bit flags and 4-bit scope

1=Interface-Local

2=Link-Local

5=Site-Local

Scope

Flags

1=All Nodes

2=All Routers

common multicast addresses examples
COMMON MULTICAST ADDRESSESExamples
  • Nodes
    • FF01::1 – Interface-Local All Nodes
    • FF02::1 – Link-Local All Nodes
  • Routers
    • FF01::2 – Interface-Local All Routers
    • FF02::2 – Link-Local All Routers
    • FF05::2 – Site-Local All Aouters
solicited node link local address associated multicast address
SOLICITED NODELink-local address-associated multicast address
  • Nodes registers multicast address associated to their IPv6 addresses
    • Syntax:FF02::1:FF00:0/104 + <last 24 bit of IPv6 address Interface-ID>
  • Used to obtain link-layer address of interface
  • FE80::C582:1680:D349:A6BF
  • FE80::C582:1680:D349:A6BF
  • FF02::1:FF49:A6BF
  • FF02::1:FF49:A6BF
link layer multicast address mac multicast addresses registered by interface
LINK-LAYER MULTICAST ADDRESSMAC multicast addresses registered by interface
  • Nodes also register MAC multicast addresses associated to their IPv6 multicast addresses
    • Syntax:33-33 + <last 32 bit of IPv6 multicast address>
  • Used to respond to associated IPv6 multicasts at the link layer
  • 33-33-FF-49-A6-BF
  • 33-33-00-00-00-01
reserved addresses routing where shall i go
RESERVED ADDRESSES & ROUTINGWhere shall I go?
  • ::1: Localhost
  • :: : Undefined address
  • Routing is similar to IPv4
  • Router
    • Can be defined automatically by advertisement
      • ICMPv6 Router Solicitation and Router Advertisement
ii auto configuration

II – Auto-Configuration

  • Stateful and Stateless Configuration
  • Neighbor Discovery
  • Address Auto-Allocation
  • Router Discovery
ipv6 address allocation how to get them
IPv6 ADDRESS ALLOCATIONHow to get them
  • Stateless
    • Link-Local Neighbor Discovery
    • Router Advertisement
  • Stateful
    • Manual
    • DHCPv6
neighbor discovery keeping up with the joneses
NEIGHBOR DISCOVERYKeeping up with the Joneses…
  • ICMPv6 Options Types:
    • 1-127: Error codes
    • 128-255: Informational codes
  • Neighbor Discovery uses ICMPv6 packets
    • With specific informational options types
    • Sent to multicast
  • Advertisements sent:
    • Routinely (to link-local all nodes multicast)
    • In response to a request (to unicast of requester)
neighbor discovery keeping up with the joneses1

Neighbor Advertisement

ICMPv6 Options Type: 136

MAC

Src:

Dest.

IPv6:

Src:

Dest:

Target:

Option:

NEIGHBOR DISCOVERYKeeping up with the Joneses…

BLUE

IPv6: FE80::2AA:FF:FE11:1111

MAC: 00-AA-00-AA-AA-AA

  • 00-AA-00-BB-BB-BB
  • 00-AA-00-AA-AA-AA
  • FE80::2AA:FF:FE22:2222
  • FE80::2AA:FF:FE11:1111
  • FE80::2AA:FF:FE22:2222
  • 00-AA-00-BB-BB-BB
  • White MAC Addr.
  • Blue MAC Addr.
  • White IPv6 Addr.
  • Blue IPv6 Addr.
  • White IPv6 Addr.
  • White MAC Addr.

Neighbor Solicitation

ICMPv6 Options Type: 135

MAC

Src:

Dest.

IPv6:

Src:

Dest:

Target:

Option:

  • 00-AA-00-AA-AA-AA
  • 33-33-FF-22-22-22
  • FE80::2AA:FF:FE11:1111
  • FF02::1:FF22:2222
  • FE80::2AA:FF:FE22:2222
  • Source Link-Layer Address
  • Blue MAC Addr.
  • White Solicited. Addr.
  • Blue IPv6 Addr.
  • White Solicited Addr.
  • White IPv6 Addr.
  • Source Link-Layer Address

White

IPv6: FE80::2AA:FF:FE22:2222

MAC: 00-AA-00-BB-BB-BB

ipv6 address auto allocation how to get mine
IPv6 ADDRESS AUTO-ALLOCATIONHow to get mine
  • Neighbor Solicitation with auto-assigned address
  • But source is ::(unspecified address)
    • Address is defined as“Tentative”
    • Host still cannot receive unicast packets sent to that address
  • If a conflict exist a Neighbor Advertisement is sent by conflicting machine
  • If not, address is kept
    • Address is defined as “Valid”
    • Host can receive unicast packets sent to that address
router discovery this way out

Router Advertisement

ICMPv6 Options Type: 134

MAC

Src:

Dest.

IPv6:

Src:

Dest:

Target:

Option:

ROUTER DISCOVERYThis way out…

BLUE

  • Router MAC Addr.
  • Nodes Multicast
  • Router IPv6 Addr.
  • Link-Local Nodes Multicast
  • Router IPv6 Addr.
  • Router IPv6 Addr., MTU,
  • Prefixes…
  • 00-AA-00-CC-CC-CC
  • 33-33-00-00-00-01
  • FE80::2AA:FF:FE33:3333
  • FF02::1
  • FE80::2AA:FF:FE33:3333
  • 00-AA-00-CC-CC-CC, MTU,
  • Prefixes…

ROUTER

IPv6: FE80::2AA:FF:FE33:3333

MAC: 00-AA-00-CC-CC-CC

router discovery requested get me out of here

Router Advertisement

ICMPv6 Options Type: 134

MAC

Src:

Dest.

IPv6:

Src:

Dest:

Target:

Option:

ROUTER DISCOVERY (REQUESTED)Get me out of here…

BLUE

IPv6: FE80::2AA:FF:FE11:1111

MAC: 00-AA-00-AA-AA-AA

  • 00-AA-00-CC-CC-CC
  • 00-AA-00-AA-AA-AA
  • FE80::2AA:FF:FE33:3333
  • FE80::2AA:FF:FE11:1111
  • FE80::2AA:FF:FE33:3333
  • 00-AA-00-CC-CC-CC, MTU,
  • Prefixes…
  • Router MAC Addr.
  • Blue MAC Addr.
  • Router IPv6 Addr.
  • Blue IPv6 Addr.
  • Router IPv6 Addr.
  • Router IPv6 AddrC, MTU,
  • Prefixes…

Router Solicitation

ICMPv6 Options Type: 133

MAC

Src:

Dest.

IPv6:

Src:

Dest:

Target:

Option:

  • Blue MAC Addr.
  • Router Multicast
  • Blue IPv6 Addr.
  • Link-Local Router Multicast
  • White IPv6 Addr.
  • Source Link-Layer Address
  • 00-AA-00-AA-AA-AA
  • 33-33-00-00-00-02
  • FE80::2AA:FF:FE11:1111
  • FF02::2
  • FE80::2AA:FF:FE22:2222
  • Source Link-Layer Address

ROUTER

IPv6: FE80::2AA:FF:FE33:3333

MAC: 00-AA-00-CC-CC-CC

ipv6 stateful address allocation managed configuration
IPv6 STATEFUL ADDRESS ALLOCATIONManaged configuration
  • Manual
    • Just say NO!
  • DHCPv6
    • IPv6 Scope
    • Additional IP configuration
      • DNS, etc…
iii name resolution

III – Name Resolution

  • Link-Local Multicast Name Resolution
  • Peer Name Resolution Protocol
  • Domain Name Service
name resolution what s in a name
NAME RESOLUTIONWhat’s in a name?
  • Local subnet
    • Link-Local Multicast Name Resolution
  • Internet
    • Peer Name Resolution Protocol
    • DNSv6
      • Stateful naming
      • AAAA records
      • Reverse pointer
link local multicast name resolution llmnr neighbors names
LINK-LOCAL MULTICAST NAME RESOLUTION (LLMNR)Neighbors’ names
  • DNS-Like packets sent over multicast
    • FF02::1:3 destination on IPv6
      • 224.0.0.252 for IPv4
    • UDP Port 5355(can also use TCP)
  • Replaces the Browser service 
peer name resolution protocol prnp beyond the neighborhood
PEER NAME RESOLUTION PROTOCOL (PRNP)Beyond the neighborhood
  • Name is hashed
  • Defines a proximity based on the hash
  • Each node maintain hashes of neighborhood names:
    • Distributed cache
    • Forms the PRNP “Cloud”
  • Can link with the DNS namespace (PRNP.Net)
  • Used by EasyConnect in Remote Assistance
peer name resolution protocol prnp functioning
PEER NAME RESOLUTION PROTOCOL (PRNP)Functioning

BILL670000

Hash

STATION-1 ?

HOME674000

673456 ?

STATION-1673456

dnsv6 aaaa rating
DNSv6AAAA Rating
  • IPv6 records are registered with AAAA records
  • Reverse records are registered in IP6.IANA namespace
    • Reverse notation per hexadecimal digit
    • For example, pointer to 2001:0DB8:DADA::BEEF:1:

1.0.0.0.F.E.E.B.0.0.0.0.0.0.0.0.0.0.0.0.A:D:A:D.8.B:D.0.1.0.0.2.ip6.arpa. IN PTR

  • Will try to respond with the appropriate record
    • IPv6 or IPv4
summary so what can i do with this stuff
SUMMARYSo, what can I do with this stuff?
  • Peer-to-Peer Name Resolution (PPNR)
    • EasyConnect
  • People Near Me
    • Meeting Space (snif, snif, Vista )
  • HomeGroup
  • DirectAccess
  • Etc…
iv transition technologies

IV – Transition Technologies

  • Tunneling
  • ISATAP
  • 6to4
  • Teredo
tunneling jamming an ipv6 packet into ipv4
TUNNELINGJamming an IPv6 packet into IPv4
  • IPv6 (including header with addresses) is the IPv4 payload
  • Packet type set to 41 to indicate an encapsulated IPv6 packet
  • IPv6Header
  • IPv6Header
  • ExtensionHeader
  • ExtensionHeader
  • ExtensionHeader
  • ExtensionHeader
  • Protocol Data Unit
  • Protocol Data Unit
  • IPv4 Protocol Data Unit
  • IPv4Header
isatap intra site automatic tunnel addressing protocol
ISATAPIntra-Site Automatic Tunnel Addressing Protocol
  • Purpose: Provide applications IPv6 support on an IPv4 network
    • IPv6 addresses for IPv4 hosts
    • IPv4 intranet seen as one link
  • Generates:
    • ::0:5EFE:w.x.y.z (private IPv4 address)
    • ::200:5EFE:w.x.y.z(public IPv4 address)
    • With either
      • FE80::/64 Link-Local
      • ISATAP Router advertised prefix
  • Packets from/to that address are transported via IPv4

IPv4 address

isatap address allocation
ISATAPAddress Allocation

192.168.41.30

192.168.41.30

2001:DB8:0:7:0:5EFE:192.168.41.30

FE80::5EFE:192.168.41.30

Router Advertisement2001:DB8:0:7::/64

IPv6 Network

IPv4 Intranet

ISATAP Router

10.40.1.29

10.40.1.29

FE80::5EFE:10.40.1.29

2001:DB8:0:7:0:5EFE:10.40.1.29

6to4 usage and functioning
6to4Usage and functioning
  • Purpose: Allow IPv6 networks to communicate through the IPv4 Internet
  • Entire IPv4 Internet seen as 2002:WWXX:YYZZ:: range
  • 6to4 Relay offers addresses in the 2002:WWXX:YYZZ::range…
    • To intranet IPv6 hosts
    • From the WW.XX.YY.ZZexternal IPv4 address of the 6to4 Relay
6to4 address generation
6to4Address Generation

2002:836B:1759:5::1

Router Advertisement2002:836B:1759:5::/64

External address:131.107.23.89

IPv6 Network

In hex=836B:1759

6to4 Relay

IPv4 Internet

2002:836B:1759:5::2

teredo usage and functioning
TEREDOUsage and functioning
  • Purpose: Allow IPv6 hosts to communicate through (multiple) IPv4 NATs
    • IPv6 does not like NAT 
    • Used as a last resort…
  • Hosts obtain Teredo addresses that contain:
    • Teredo assigned address range (2001::/32)
    • Public IPv4 address of their Teredo server
    • Obscured public IPv4 address and port for Teredo traffic on their NAT
  • Sends “bubble” packets to port 3544 to derive port mapping for destination:
    • Through destination host‘s Teredo server when initial packet is blocked by NAT
    • Then derive valid port mapping from destination host’s response bubble message
teredo usage and functioning1
TEREDOUsage and functioning

NAT

NAT

Teredo

server

Teredo

server

track resources
Track Resources
  • WWW.Microsoft.Com/IPv6
  • “Introduction to IPv6” & “IPv6 Transition Technologies” white papers

MSPress “Understanding IPv6, Second Edition”, Joseph Davies

  • Wikipedia 
final words

FINAL WORDS

  • IPv6 is meant to be machine-readable…
    • …not human-readable!
  • IPv6 is still work in progress…
    • …things changes with Windows versions
  • Transition technologies are just that…
  • Don’t worry, it’s just zeroes and ones…
resources
Resources

Learning

  • Sessions On-Demand & Community
  • Microsoft Certification & Training Resources

www.microsoft.com/teched

www.microsoft.com/learning

  • Resources for IT Professionals
  • Resources for Developers
  • http://microsoft.com/technet
  • http://microsoft.com/msdn
slide45

Sign up for Tech·Ed 2011 and save $500 starting June 8 – June 31st

http://northamerica.msteched.com/registration

You can also register at the North America 2011 kiosk located at registrationJoin us in Atlanta next year

slide46

© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.