slide1
Download
Skip this Video
Download Presentation
Flat routing infrastructure

Loading in 2 Seconds...

play fullscreen
1 / 35

Flat routing infrastructure - PowerPoint PPT Presentation


  • 83 Views
  • Uploaded on

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Flat routing infrastructure' - zwi


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide2
Limited address space The most visible and urgent problem with using IPv4 on the modern Internet is the rapid depletion of public addresses. Due to the initial address class allocation practices of the early Internet, public IPv4 addresses are becoming scarce. Organizations in the United States hold most public IPv4 address space worldwide. This limited address space has forced the wide deployment of network address translators (NATs)
slide3
Flat routing infrastructure

In the early Internet, address prefixes were not allocated to create a summarizable, hierarchical routing infrastructure. Instead, individual address prefixes were assigned and each address prefix became a new route in the routing tables of the Internet backbone routers. Today’s Internet is a mixture of flat and hierarchical routing, but there are still more than 85,000 routes in the routing tables of Internet backbone routers.

slide4
Configuration

IPv4 must be configured, either manually or through the Dynamic Host Configuration Protocol (DHCP). DHCP allows IPv4 configuration administration to scale to large networks, but you must also configure and manage a DHCP infrastructure.

slide5
Security Securityfor IPv4 is specified by the use of Internet Protocol security (IPsec). However, IPsec is optional for IPv4 implementations. Because an application cannot rely on IPsec being present to secure traffic, an application might resort to other security standards or a proprietary security scheme. The need for built-in security is even more important today, when we face an increasingly hostile environment on the Internet.
slide6
Prioritized delivery Prioritized packet delivery, such as special handling parameters for low delay and low variance in delay for voice or video traffic, is possible with IPv4. However, it relies on a new interpretation of the IPv4 Type Of Service (TOS) field, which is not supported for all the devices on the network. Additionally, identification of the packet flow must be done using an upper layer protocol identifier such as a TCP or User Datagram Protocol (UDP) port. This additional processing of the packet by intermediate routers makes forwarding less efficient.
slide7
Mobility

Mobility is a new requirement for Internet-connected devices, in which a node can change its address as it changes its physical attachment to the Internet and still maintain existing connections. Although there is a specification for IPv4 mobility, due to a lack of infrastructure, communications with an IPv4 mobile node are inefficient.

slide8
Huge address space IPv6 addresses are 128 bits long, creating an address space with 3.4 × 1038 possible addresses. This is plenty of address space for the foreseeable future and allows all manner of devices to connect to the Internet without the use of NATs. Address space can also be allocated internationally in a more equitable manner.
slide9
Hierarchical routing infrastructure IPv6 addresses that are reachable on the IPv6 portion of the Internet, known as global addresses, have enough address space for the hierarchy of Internet service providers (ISPs) that typically exist between an organization or home and the backbone of the Internet. Global addresses are designed to be summarizable and hierarchical, resulting in relatively few routing entries in the routing tables of Internet backbone routers.
slide10
Automatic configuration

IPv6 hosts can automatically configure their own IPv6 addresses and other configuration parameters, even in the absence of an address configuration infrastructure such as DHCP.

slide11
Required support for IPsec headers

Unlike IPv4, IPv6 support for IPsec protocol headers is required. Applications can always rely on industry standard security services for data sent and received. However, the requirement to process IPsec headers does not make IPv6 inherently more secure. IPv6 packets are not required to be protected with Authentication Header (AH) or Encapsulating Security Payload (ESP). For more information about IPsec, AH, and ESP, see Chapter 18, “Internet Protocol Security (IPsec).”

slide12
Better support for prioritized delivery

IPv6 has an equivalent to the IPv4 TOS field that has a single interpretation for nonstandard delivery. Additionally, a Flow Label field in the IPv6 header indicates the packet flow, making the determination of forwarding for nondefault delivery services more efficient at intermediate routers.

slide13
Support for mobility

Rather than attempting to add mobility to an established protocol with an established infrastructure (as with IPv4), IPv6 can support mobility more efficiently.

slide14
The IPv6 address is 128 bits long, creating an address space of almost inconceivable size. With 128 bits you can express more than 3.4 × 1038 combinations. Unlike IPv4 unicast addresses, the structure of an IPv6 unicast address is very simple: The first 64 bits are for a subnet prefix and the last 64 bits are for an interface identifier. Although you can perform variable- length subnetting within the 64 bits of the subnet prefix, the host ID equivalent for IPv6 is always the same size.
slide15
Basics of IPv6 Address Syntax

With such a large address space, expressing an individual IPv6 address became problematic.The designers of IPv6 settled on colon-hexadecimal notation, which divides the 128-bit address into eight 16-bit blocks separated by colons. Each 16-bit block is expressed in hexadecimal format (rather than decimal format for IPv4). The result is the IPv6 address.

slide16
The following are some examples of IPv6 unicast addresses: 2001:DB8:2A:41CD:2AA:FF:FE5F:47D1 FE80:0:0:0:2AA:FF:FE5F:47D1 FD47:2AD1:494E:41CD:2AA:FF:FE5F:47D1
slide17
For example: FE80:0:0:0:2AA:FF:FE5F:47D1 becomes FE80::2AA:FF:FE5F:47D1 FF02:0:0:0:0:0:0:1 (a multicast address) becomes FF02::1
slide18
To express a subnet prefix, a route, or an address range, IPv6 uses the network prefix length notation (also used for Classless Inter-Domain Routing [CIDR] for IPv4). There are no subnet masks in IPv6. For example, 2001:DB8:2A:41CD::/64 is a subnet prefix; 2001:DB8:2A::/48 is a summarized route; and FF00::/8 is an address range (the range of all IPv6 multicast addresses).
slide19
Types of Addresses

IPv6 defines three types of addresses: unicast, multicast, and anycast. Unicast and multicast addresses work in the same way as they do for IPv4. An anycast address, however, is a strange mixture of unicast and multicast. Whereas a unicast address is used for one-to-one delivery and a multicast address is used for one-to-many delivery, an anycast address is used for one-to one- of-many delivery.

slide20
Types of Unicast AddressesJust as there are different types of IPv4 unicast addresses (such as public and private), there are different types of IPv6 unicast addresses. - Global address - Link-Local Addresses - Unique Local Addresses
slide21
Global

Global addresses are the equivalent of IPv4 public addresses. Global addresses are globally reachable on the IPv6 Internet. Unlike public IPv4 address prefixes, which are a combination of flat and summarizable address spaces, IPv6 global addresses are easier to aggregate and summarize at address space boundaries. This results in fewer routes in the various routing domains of the Internet.

slide22
Link-Local Addresses

Link-local addresses, which are used on the same link, are equivalent to Automatic Private IP Addressing (APIPA) IPv4 addresses used by current Microsoft desktop and server operating systems. Link-local addresses are automatically configured and can be used to provide automatic addressing for nodes connected to the same network segment when there is no router present. Link-local addresses always begin with “FE80”.

slide23
Unique Local Addresses

Unique local addresses are defined to be used within the sites of an organization but not on the IPv6 Internet. Unique local addresses are roughly equivalent to private IPv4 addresses except that part of a unique local address prefix is randomly generated to prevent address duplication between sites of an organization and between organizations. Unique local

addresses begin with “FD” or “FC”.

slide24
IPv6 Interface Identifiers
  • The interface identifier, the last 64 bits of an IPv6 unicast address, can be determined in the following ways:
  • Randomly generated to prevent address scans on a link
  • Derived from the MAC address of the network adapter to which the address is assigned
  • Randomly generated to provide IPv4-equivalent anonymity for client-initiated traffic
  • Assigned during a Point-to-Point Protocol (PPP) connection
  • Assigned during DHCP for IPv6 (DHCPv6) configuration
slide25
DNS Support

To resolve domain names to IPv6 addresses, RFC 1886 defines the use of the AAAA (or quad-A) Domain Name System (DNS) resource record to resolve a DNS name to an IPv6 address. The AAAA record is analogous to the address (A) record that exists for resolving a DNS name to an IPv4 address. To obtain an AAAA record in a DNS query response, a querying host must specify either AAAA records or all records in its DNS query.

slide26
For example, for the IPv6 address

2001:DB8:0:41CD:2AA:FF:FE5F:47D1

(fully expressed as

2001:0DB8:0000:41CD:02AA:00FF:FE5F:47D1),

the name in the reverse domain namespace Is 1.D.7.4.F.5.E.F.F.F.0.0.A.A.2.0.D.C.1.4.0.0.0.0.8.B.D.0.1.0.0.2.IP6.ARPA.

slide27
The core protocols of the IPv6 protocol suite consist of the following:
  • IPv6
  • Internet Control Message Protocol for IPv6 (ICMPv6)
  • Neighbor Discovery (ND)
  • Multicast Listener Discovery (MLD)
slide28
IPv6

The IPv6 header is described in RFC 2460. It has a new, streamlined design that removes unneeded fields and moves seldom-used fields to extension headers. Even with addresses that are four times larger than IPv4 addresses, the size of the IPv6 header is only twice as large as the IPv4 header, with a 40-byte fixed size. Although larger, the IPv6 header contains fewer fields and is more efficiently processed by routers. Like IPv4, IPv6 is connectionless and provides a best-effort delivery to the destination.

slide29
ICMPv6
  • ICMPv6, defined in RFC 4443, provides error reporting and diagnostic functions for IPv6. Additionally, ICMPv6 provides a common packet structure for the messages of ND and MLD. Analogous to ICMP for IPv4, ICMPv6 provides the following types of messages:
  • Echo Request
  • Echo Reply
  • Destination Unreachable
  • Time Exceeded
  • Parameter Problem
slide30
Neighbor Discovery
  • ND, defined in RFC 4861, consists of a set of ICMPv6 messages, message options, and defined processes that allow neighboring nodes to discover each other, discover the routers on the link, and provide support for host redirection. ND replaces the following facilities in IPv4:
  • Address Resolution Protocol (ARP)
  • ICMP Router Discovery
  • ICMP Redirect
slide31
ND defines the following processes:
  • Address resolution
  • Duplicate address detection
  • Router discovery
  • Redirect
  • Neighbor unreachability detection
slide32
Multicast Listener Discovery

MLD, defined in RFC 2710, is the IPv6 equivalent to Internet Group Management Protocol (IGMP) version 2 for IPv4. MLD defines ICMPv6 messages that are used by hosts to register group membership, by hosts to leave a group, and by routers to query the subnet for group

membership.

slide35
The IPv6 suite of protocols is a revision of the Internet Layer protocols of the current TCP/IP protocol suite and replaces IP, ICMP, IGMP, and ARP. IPv6 attempts to solve the problems of IPv4 with efficient and plentiful addressing, a streamlined Internet Layer header that is easier for routers to process, and more efficient neighboring node interaction.
ad