0 national dong hwa university director of computer center han-chieh chao 趙涵捷...
TRANSCRIPT
0
National Dong Hwa University
Director of Computer Center
Han-Chieh Chao
趙涵捷中華民國九十年三月三十日
IPv6 簡介
01 2 3 4 5 6
0
Overview
• Limitations of current Internet Protocol (IP)• How many address do we need?• IPv6 addressing• IPv6 header format• IPv6 features• Mobile IPv6• IPv6 v.s. IPv4• Summary
0
IPv4 Addresses
• Example: 203.64.105.100=1100 1011:0100 0000:0110 1001:0110 0100 = CB:40:69:64 (32 bits)
• Maximum = 232 = 4 Billion
• Class A Network: 15 Million nodes
• Class B Network: 64,000 nodes or less
• Class C Network: 250 nodes or less
0
IPv4 Address
• Class A
• Class B
• Class C
• Class D
0 Network Local
10 Network Local
110 Network Local
1110 Host Group (Multicast)
1 17 24
2
8
14
213
16
284
bits
bits
bits
bits
0
IPv4 Address
• Local = Subnet + Host (Variable length)
Router Router
Subnet
0
IPv4 Address Format
• Three all-zero network numbers are reserved• 127 Class A + 16,381 Class B + 2,097,151 Class C
Network = 2,113,659 networks total• Class B is most popular• 20% of Class B were assigned by 7/90 and
doubling every 14 months => Will exhaust by 3/94• Question: Estimate how big will you become?
Answer: more than 256!Class C is too small. Class B is just right.
0
IPv6 Main Features/Functionality
• Expanded Address Space
• Header Format Simplification
• Auto-configuration
• Multi-Homing
• Class of Service/Multimedia support
• Authentication and Privacy Capabilities
• No more broadcast Multicast
• IPv4 IPv6 Transition Strategy
0
How many address?
• 10 Billion people by 2020• Each person will be served by more than one com
puter• Assuming 100 computers per person => 1012 comp
uters
• More addresses maybe required since – Multiple interfaces per node
– Multiple addresses per interfaces
0
How many address?
• Some believe 26 to 28 address per host• Safety margin => 1015 addresses• IPng Requirements => 1012 end systems and 109 n
etworks. Desirable 1012 to 1015 networks
0
Colon-Hex Notation
• Dot-Decimal: 203.64.105.100• Colon-Hex:
FEDC:0000:0000:0000:3243:0000:0000:ABCD – Can skip leading zeros of each word
– Can skip one sequence of zero words, e.g., FEDC::3243:0000:0000:ABCD
– Can leave the last 32 bits in dot-decimal, e.g., ::203.64.105.100
– Can specify a prefix by /length, e.g., 2345:BA23:7::/40
0
IPv6 Addressing Examples
• Global unicast address(es) is :–2001:304:101:1::E0:F726:4E58,
–subnet is 2001:304:101:1::0/64
• link-local address is FE80::E0:F726:4E58
• Unspecified Address is 0:0:0:0:0:0:0:0 or ::
• Loopback Address is 0:0:0:0:0:0:0:1 or ::1
• Group Addresses (Multicast), ie: FF02::9 for RIPv6–Joined group address(es):–FF02:0:0:0:0:1:FF:xxxx (solicited Node Multicast)–Unicast : 4037::01:800:200E:8C6C is FF02::1:FF0E:8C6C
0
IPv6 Address
• 128-bit long. Fixed size • 2128 = 3.4×1038 addresses => 665×1021 addresses p
er m2 of earth surface• If assigned at the rate of 106/s, it would take 20 y
ears • Expected to support 8×1017 to 2×1033 addresses 8×
1017 => 1,564 address per m2 • Allows multiple interfaces per host• Allows multiple addresses per interface
0
IPv6 Address
• Allows unicast, multicast, anycast • Allows provider based, site-local, link-local • 85% of the space is unassigned
0
IPv6 Addressing • IPv6 Addressing rules are covered by multiples RFC’s
–Architecture defined by RFC 2373
• Address Types are :–Unicast : One to One (Global, Link local, Site local, Compatible)
–Anycast : One to Nearest (Allocated from Unicast)
–Multicast : One to Many
–Reserved
• A single interface may be assigned multiple IPv6 addresses of any type (unicast, anycast, multicast)
–No Broadcast Address -> Use Multicast
0
iMac
iMac
iMac
Unicast
Anycast
Multicast
0
IPv6 Addressing
• Prefix Format (PF) Allocation–PF = 0000 0000 : Reserved–PF = 0000 001 : Reserved for OSI NSAP Allocation (see RFC 1888), so far only way to embedded E.164 addresses (VoIP)–PF = 0000 010 : Reserved for IPX Allocation (under Study)–PF = 001 : Aggregatable Global Unicast Address–PF = 1111 1110 10 : Link Local Use Addresses–PF = 1111 1110 11 : Site Local Use Addresses–PF = 1111 1111 : Multicast Addresses–Other values are currently Unassigned (approx. 7/8th of total)
• All Prefix Formats have to have EUI-64 bits Interface ID–But Multicast
0
Global Unicast Addresses (RFC 2374)
• Aggregatable Global Unicast Format - RFC2374
• Address hierarchy matches Internet Service Provider hierarchy
• Terminology:–FP - Format Prefix: Unicast (001), Multicast, Anycast
–TLA - Top Level Aggregator Global ISP
–NLA - Next Level Aggregator ISP
–SLA - Site Level Aggregator “Customer”
–Interface ID - Host
FP TLA ID Reserved NLA ID SLA ID Interface ID
3 bits 64 bits13 bits 8 bits 24 bits 16 bits
0
IPv6 Prefix Allocation
0
IPv6 Addressing Model• Addresses are assigned to interfaces
– No change from IPv4 Model
• Interface can have multiple addresses
• Addresses have scope– Link Local– Site Local– Global
• Addresses have lifetime– Valid and Preferred lifetime
Link-LocalSite-LocalGlobal
0
Local-Use Address
• Link Local: Not forwarded outside the link,
FE80::xxx
• Site Local: Not forwarded outside the site,
FEC0::xxx
1111 1110 10 0 Interface ID 10 n 118-n bits
1111 1110 11 0 Subnet ID Interface IDbitsn10 m 118-n-m
0
Multicast Address
• T=0 => Permanent (well-known) multicast address, T=1 => Transient
• Scope: 1 Node-local, 2 Link-local, 5 Site-local,8 Organization-local, E Global
• Predefined: 1=>All nodes, 2=>Routers, 1:0=>DHCP Servers
1111 1111 Flags Scope Group ID
0 0 0 T
4bits8bits 112bits4bits
0
Multicast Address
• Example: 43 => Network Time Protocol Servers– FF01::43 => All NTP servers on this node – FF02::43 => All NTP servers on this link – FF05::43 => All NTP servers in this site – FF08::43 => All NTP servers in this organization – FF0F::43 => All NTP servers in the Internet
0
• Bootstrap process - RFC2450
• Definitions:–TLA - special TLA 0x0001
–subTLA - Top Level Aggregator Transit ISP
–NLA - Next Level Aggregator ISP
–SLA - Site Level Aggregator “Customer”
–Interface ID - Host
IPv6 AddressesBootstrap phase
FP subTLA ID NLA ID SLA ID Interface ID
3 bits 64 bits13 bits 19 bits 16 bits13 bits
TLA ID
0
IPv6 AddressesBootstrap phase
• Minimum assignment to ISP is a /35• ISP creates own NLA boundary - or -• ISP assigns /48 SLAs to each customer
–16 bits for subnetworks– 65536 subnetworks per site–64 bits for hosts– 18446744073710 million hosts per subnetwork!!
0
IPv6 AddressesBootstrap phase
• subTLA holder ISP allocates SLAs to end-customers
• subTLA holder ISP creates its own NLA boundary for customer ISPs
NLA ID SLA ID Interface ID
64 bits35 bits 16 bits
ISP allocated subTLA
13 bits
site addressesISP addresses
NLA1 SLA ID Interface ID
64 bits35 bits 16 bits
ISP allocated subTLA
6 bits
site addresses
7 bits
NLA2
ISPaddr
ISP2addr
0
IPv6 AddressesBootstrap phase
• Where to get address space?–Real IPv6 address space now allocated by APNIC, ARIN and RIPE NCC– APNIC 2001:0200::/23
– ARIN 2001:0400::/23
– RIPE NCC 2001:0600::/23
–Go to your existing IPv4 address registry...
0
IPv6 Address SpaceCurrent Allocations
• APNIC (whois.apnic.net)–WIDE-JP-199908132001:200::/35–NUS-SG-19990827 2001:208::/35–CONNECT-AU-19990916 2001:210::/35–NTT-JP-19990922 2001:218::/35–KIX-KR-19991006 2001:220::/35–JENS-JP-19991027 2001:228::/35–ETRI-KRNIC-KR-19991124 2001:230::/35–HINET-TW-200002082001:238::/35–IIJ-JPNIC-JP-20000308 2001:240::/35–IMNET-JPNIC-JP-20000314 2001:248::/35–CERNET-CN-20000426 2001:250::/35–INFOWEB-JPNIC-JP-20005022001:258::/35–BIGLOBE-JPNIC-JP-200007192001:260::/35–6DION-JPNIC-JP-20000829 2001:268::/35–DACOM-BORANET-200009082001:270::/35–ODN-JPNIC-JP-20000915 2001:278::/35–KOLNET-KRNIC-KR-200009272001:280::/35–TANET-IPV6-TW 2001:288::/35
This output current as of 16-Oct-2000
• ARIN (whois.arin.net)– ESNET-V6 2001:400::/35– ARIN-001 2001:400::/23– VBNS-IPV6 2001:408::/35– CANET3-IPV6 2001:410::/35– VRIO-IPV6-0
2001:418::/35– CISCO-IPV6-0 2001:420::/35– QWEST-IPV6-0 2001:428::/35– DEFENSENET 2001:430::/35– ABOVENET-IPV6 2001:438::/35– SPRINT-V6 2001:440::/35
0
IPv6 Address SpaceCurrent Allocations
• RIPE (whois.ripe.net)–EU-UUNET-199908102001:600::/35–DE-SPACE-199908122001:608::/35–NL-SURFNET-19990819 2001:610::/35–UK-BT-19990903 2001:618::/35–CH-SWITCH-199909032001:620::/35–AT-ACONET-19990920 2001:628::/35–UK-JANET-199910192001:630::/35–DE-DFN-19991102 2001:638::/35–RU-FREENET-19991115 2001:640::/35–GR-GRNET-199912082001:648::/35–DE-ECRC-199912232001:650::/35
–DE-TRMD-20000317 2001:0658::/35
–FR-RENATER-20000321 2001:0660::/35
–DE-NACAMAR-20000403 2001:0668::/35
–EU-EUNET-20000403 2001:0670::/35
–DE-IPF-20000426 2001:0678::/35
–DE-XLINK-20000510 2001:0680::/35
–FR-TELECOM-20000623 2001:0688::/35
–PT-RCCN-20000623 2001:0690::/35
–SE-SWIPNET-20000828 2001:0698::/35
–PL-ICM-20000905 2001:06A0::/35
This output current as of 16-Oct-2000
0
IPv4 Header20 Octets+Options : 13 fields, include 3 flag bits
0 bits 31
Ver IHL Total Length
Identifier Flags Fragment Offset
32 bit Source Address
32 bit Destination Address
4 8 2416
Service Type
Options and Padding
Time to Live Header ChecksumProtocol
RemovedChanged
0
IPv6 - So what’s really changed ?!
• Defined by RFC 2460
• Address space quadrupled to 16 bytes
• Fixed length– (Optional headers daisy-chained)
• No checksumming – (Done by Link Layer)
• No hop-by-hop segmentation – (Path MTU discovery)
• Flow label/Class (Integrated QoS support)
• Concatenated Extension Headers
IPv4 Header
IPv6 Header
IHLIHL Type of ServiceType of Service
OptionsOptions
Total LengthTotal Length
IdentificationIdentification FlagsFlags Fragment OffsetFragment Offset
ProtocolProtocol Header ChecksumHeader Checksum
Source Address
Destination Address
PaddingPadding
Traffic ClassTraffic Class Flow LabelFlow Label
Payload LengthPayload Length Next HeaderNext Header Hop LimitHop Limit
Source AddressSource Address
Destination AddressDestination Address
VersionVersion
Time to LiveTime to Live
VersionVersion
0
IPv6 Header40 Octets, 8 fields
0 31
Version Class Flow Label
Payload Length Next Header Hop Limit
128 bit Source Address
128 bit Destination Address
4 12 2416
0
Protocol and Header Types
0
IPv6 Header
Next = TCP
TCP Header
IPv6 Header
Next = Routing
TCP HeaderRouting HdrNext = TCP
IPv6 Header
Next = Security
TCP HeaderSecurity HdrNext = Frag
Application Data
Application Data
Fragment HdrNext = TCP
DataFrag
IPv6 Extension Headers• IP options have been moved to a set of optional Extension
Headers
• Extension Headers are chained together
0
Routing Header
Next Header Routing Type Num. Address
Reserved Strict/Loose bit mask
Address 1
Address 2
Next Address
Address n
…..
0
LocalNetworkTrailer
Application DataTCP
HeaderI Pv6 Header
Next Header = TCP
Local NetworkHeader
LocalNetworkTrailer
Application DataTCP
HeaderI Pv6 Header
Next Header = TCP
Local NetworkHeader
LocalNetworkTrailer
Application DataTCP
HeaderRouting Header
Next Header = TCP
I Pv6 HeaderNext Header =
Routing
Local NetworkHeader
LocalNetworkTrailer
Application DataTCP
HeaderRouting Header
Next Header = TCP
I Pv6 HeaderNext Header =
Routing
Local NetworkHeader
LocalNetworkTrailer
Application Data(f ragment)
TCP Header
Routing HeaderNext Header = TCP
Routing HeaderNext Header =
Fragment
I Pv6 HeaderNext Header=
Routing
Local NetworkHeader
LocalNetworkTrailer
Application Data(f ragment)
TCP Header
Routing HeaderNext Header = TCP
Routing HeaderNext Header =
Fragment
I Pv6 HeaderNext Header=
Routing
Local NetworkHeader
Next header and extension headers
0
Routing Header
• Strict => Discard if Address[Next-Address] neighbor
• Type = 0 => Current source routing • Type > 0 => Policy based routing (later) • New Functionality: Provider selection, Host
mobility, Auto-readdressing (route to new address)
0
IPv6 Features
• Larger Addresses• Flexible header format • Improved options • Support for resource allocation • Provision for protocol extension • Built-in Security: Both authentication and
confidentiality
0
Address Autoconfiguration
• Allow plug and play• BOOTP and DHCP are used in IPv4 • DHCPng will be used with IPv6 • Two Methods: Stateless and Stateful• Stateless:
– A system uses link-local address as source and multicasts to "All routers on this link"
– Router replies and provides all the needed prefix info– All prefixes have a associated lifetime – System can use link-local address permanently if no router
0
AA
CC
BBB
RouterOthers hostsHost A
Messages communication of the Stateless Autoconfiguration.
0
Verify uniqueness of tentative address
Creation of Link- Local Address
[Prefix + Interface Identifier]
Creation of Link- Local Address
[Prefix + Interface Identifier]
Transmit Neighbor Solicitation
message With the tentative address as the
Target address
Transmit Neighbor Solicitation
message With the tentative address as the
Target address
Neighbor Advertisement message is returned
existing node is using this address
Neighbor Advertisement message is returned
existing node is using this address
Are Routers present ?
Are Routers present ?
Router Advertisements defines two flags:
(M) Managed Address Configuration
(O) Other Stateful Configuration
Router Advertisements may also contain these options:
Source Link Layer Address
Maximum Transmission Unit (MTU)
Prefix Information
Router Advertisements defines two flags:
(M) Managed Address Configuration
(O) Other Stateful Configuration
Router Advertisements may also contain these options:
Source Link Layer Address
Maximum Transmission Unit (MTU)
Prefix Information
Assume tentative address is unique and available
Assume tentative address is unique and available
Assign tentative address to interface
Connectivity with neighboring nodes in IP- level is now available
Assign tentative address to interface
Connectivity with neighboring nodes in IP- level is now available
Wait for Router Advertisement message or Send Router Solicitation message to the all- routers multicast group address
Wait for Router Advertisement message or Send Router Solicitation message to the all- routers multicast group address
Invoke Stateful Autoconfiguration
(DHCPv6)
Invoke Stateful Autoconfiguration
(DHCPv6)
55
11
3322
44
66 88
77
99
No Response
Response
YesNo
Flow Chart of the Stateless Autoconfiguration.
0
Address Autoconfiguration
• Stateful: – Problem w stateless: Anyone can connect
– Routers ask the new system to go DHCP server (by setting managed configuration bit)
– System multicasts to "All DHCP servers" – DHCP server assigns an address
0
Automatic Renumbering
• Renumbering IPv6 Hosts is easy– Add a new Prefix to the Router
– Reduce the Lifetime of the old prefix
– As nodes depreciate the old prefix the new Prefix will start to be used for new connections
• Renumbering in IPv6 is designed to happen!• An end of ISP “lock in”!
– Improved competition
0
Putting the IT Director back in control
• IPv6 Address Scope– Some addresses are GLOBAL– Others are Link or Site LOCAL – Addressing Plan also controls network access
• Configuration Policy Control– Stateless – Stateful (DHCPv6)
• Routers Dictate the Configuration Policy– Router Managers are “in control” of the network– Routers also dictate MTU size for the Link
0
Mobile IPv6
• IPv6 Mobility is based on core features of IPv6– The base IPv6 was designed to support Mobility
– Mobility is not an “Add-on” features• All IPv6 Networks are IPv6-Mobile Ready
• All IPv6 nodes are IPv6-Mobile Ready
• All IPv6 LANs / Subnets are IPv6 Mobile Ready
• IPv6 Neighbor Discovery and Address Autoconfiguration allow hosts to operate in any location without any special support
0
Mobile IPv6
• No single point of failure (Home Agent)• More Scalable : Better Performance
– Less traffic through Home Link
– Less redirection / re-routing (Traffic Optimisation)
0
Mobile IPv6 Status
• Interactions with IPsec fully worked out
• Mobile IPv6 testing event– Bull, Ericsson, NEC, INRIA
• Internet Draft is ready for Last Call
0
IPv6 - Mandates Security
• Security features are standardized and mandated– All implementations must offer them– No Change to applications
• Authentication (Packet signing)• Encryption (Data Confidentiality)• End-to-End security Model
– Protects DHCP– Protects DNS– Protects IPv6 Mobility– Protects End-to-End traffic over IPv4 networks
0
IPv6 v.s. IPv4
• 1995 v.s. 1975 • IPv6 only twice the size of IPv4 header • Only version number has the same position and m
eaning as in IPv4 • Removed: header length, type of service, identific
ation, flags, fragment offset, header checksum • Datagram length replaced by payload length • Protocol type replaced by next header
0
IPv6 v.s. IPv4
• Time to live replaced by hop limit • Added: Priority and flow label • All fixed size fields• No optional fields. Replaced by extension headers• 8-bit hop limit = 255 hops max (Limits looping) • Next Header = 6 (TCP), 17 (UDP)
0
IPv6 Features and Advantages
• Larger Address Space• Efficient and Extensible IP datagram• Efficient Route Computation and Aggregation• Improved Host and Router Discovery• Mandated New Stateless and Stateful Address A
utoconfiguration• Mandated Security for IP datagrams• Easy renumbering
0
Application Issues
• Most application protocols will have to be upgraded: FTP, SMTP, Telnet, Rlogin
• 27 of 51 Full Internet standards, 6 of 20 draft standards, 25 of 130 proposed standards will be revised for IPv6
• No checksum => checksum at upper layer is mandatory, even in UDP
• non-IETF standards: X-Open, Kerberos, ... will be updated
• Should be able to request and receive new DNS records
0
• Uses same “longest-prefix match” routing as IPv4 CIDR
• Key to scalable routing—hierarchical addressing
• Assignment of production IPv6 Sub-TLA address prefixes obtainable from Registries (RIPE-NCC, APNIC, ARIN) since 1999
• Existing routing protocols require extensions for IPv6
• Neighbor discovery—dynamic host <—> router
• Can use Routing header with anycast addresses to route packets through particular regions
–e.g., for provider selection, policy, performance, etc.
IPv6 Routing
0
IPv6 Routing Protocols
• Update to existing IPv4 routing protocols to handle
bigger addresses–RIPv6 (RFC 2080) - Similar to RIPv2
–BGP4+ - Multi-Protocols Extensions defined in RFC 2283, 2545
–Integrated IS-IS - Large Address support facilitates IPv6 address
–family. Draft-ietf-isis-ipv6-01.
–OSPFv6 (RFC 2740) Packet formats changed to reflect 128 bits
• IPv6 Multicast Routing–PIM, MOSPF, MBGP have IPv6 extensions
–IPv6 Multicast has larger address space removing potential
–IP addresses collision
0
What Will IPv6 Do for Routing?
• Primarily give us a second chance to delegate addresses• Assume:
–~60 Top level addresses–~2000 next level addresses delegated to small ISPs–48 addresses in one TLA for multihoming
• Result: Your route table has –~60 TLAs, –Your customers and subnets, and…–Routes you incorporate by bilateral agreement
0
Type = 134 Code = 0 Checksum
Router lifetimeCur Hop Limit M O Reserved
00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
Source Address
Version Flow Label
Payload Length
Priority
Hop LimitNext Header
Destination Address(FF02::1)
00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
Source Address
Version Flow Label
Payload Length
Priority
Hop LimitNext Header
Destination Address(FF02::1)
Retransmission Timer
Options
Type = 134
Code = 0
Cur Hop Limit is 8- bit field and it specifies the value of the current Limit Hop. Its default value for the Hop Limit field of the IPv6header to be used during packet transmission. If this value is zero means unspecified by this ruter
M Flag: the Managed Address Configuration
0 Flag: Other Stateful Configuration
H Flag: Home Agent (define in Mobile IPv6 draft)
Options can …
•Be Layer- 2 address of the source node, if known.
•Specify the link MTU
•Be the prefix information option that specifies prefix to be used for the address autoconfiguration.
H
Reachable Timer
Router Advertisement
0Router Solicitation
Type = 133 Code = 0 Checksum
Reserved
00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
Source Address
Version Flow Label
Payload Length
Priority
Hop LimitNext Header
Destination Address(FF02::1)
00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
Source Address
Version Flow Label
Payload Length
Priority
Hop LimitNext Header
Destination Address(FF02::1)
Options
Type = 133
Code = 0
Reserved field SHOULD be initialized to all zero
Options field can be the “Source Data Link Layer Address”, if known.
0
IPv6 Standards Status
• IPv6 documents are at various points in the standards process, core documents are done
• Document review for completeness, followed by issues or additional work.
• To know more about IPv6 specifications–www.ietf.org/html.charters/ipngwg-charter.html
• Main covered areas are :
–Architecture, Addressing, Routing, Security, Transition, DNS, Management, Discovery & Auto-Configuration, Mobility, Multicast, Applications API, ...
0
IPv6 Current Status - Standardisation
• Several key components now on Standards Track: Specification (RFC2460) Neighbour Discovery (RFC2461)
ICMPv6 (RFC2463) IPv6 Addresses (RFC2373/4/5)
RIP (RFC2080) BGP (RFC2545)
IGMPv6 (RFC2710) OSPF (RFC2740)
Router Alert (RFC2711) Jumbograms (RFC2675)
Autoconfiguration (RFC2462)
IPv6 over: PPP (RFC2023) Ethernet (RFC2464)
FDDI (RFC2467) Token Ring (RFC2470)
NBMA(RFC2491) ATM (RFC2492)
Frame Relay (RFC2590) ARCnet (RFC2549)
0
IPv6 Current Status - Work in Progress to Standardisation
• Issues remaining openMultihoming Ongoing work at the moment
eg: draft-ietf-ipngwg-ipv6-2260-00.txt
draft-ietf-ipngwg-ipv6multihome-with-aggr-01.txt
ISIS draft-ietf-isis-ipv6-01.txt
DHCPv6 draft-ietf-dhc-dhcpv6-15.txt
0
NGTrans Working Group
• Define the processes by which networks can be transitioned from IPv4 to IPv6
• Define & specify the mandatory and optional mechanism that vendors are to implement in Hosts, Routers and other components of the Internet in order for the Transition.
• Http://www.ietf.org/html.charters/ngtrans-charter.html
0
Transition Philosophy —Requirements
• Let sites and ISPs transition at their own pace– No global coordination– Minimize any dependencies during the transition
• Provide a multitude of “tools”– Different sites might have different constraints– Early adopters different than production users?
• Try to provide IPv6 benefits during transition– Lack of IPv4 address and/ or features will drive transition
• Maintain 100% compatibility with installed base– Protocols as well as applications
0
• Start with name service upgrade– Need DNS AAAA support (BIND 4.9.4 or later)– Need “ipnodes” map/ table in NIS/ NIS+– Upgrade primary server as well as secondaries– Separate zone for IPv6 nodes or same zone?
• Experimental - hosts only• Incremental - one subnet at a time + internal tunnels• Routers first - all routers then hosts
– No need for internal tunnels
Transition Scenarios
0
• Dual stack approach
• Name service support (DNS, NIS, NIS+, LDAP)
• Tunneling across IPv4 routers
• See RFC 1933 and RFC 2529
• Enables communication between IPv6-only devices and dual stack “servers”
Current Transition Tools
0
Transition Mechanisms• Dual-IP Hosts, Routers, Name servers • Tunneling IPv6 over IPv4 • Hosts and Routers can be gradually upgraded to IPv6 • It is better (though not required) to upgrade routers
before upgrading hosts
HITACHI Toolnet6 http://www.hitachi.co.jp/Prod/comp/network/pexv6-e.htm
0
Interoperability
• 6over4– Isolated v6 to isolated v6 node– IPv4 used as link layer
• 6to4– v6 domain to v6 domain– IPv4 used as transport tunnel
• NAT-PT– v6 only to v4 only
• SIIT, AIIH, DTI, BIS, …
0
More Pragmatic than Building New IPv6 Topology
DRIVERDRIVER
IPv4 IPv6IPv4 IPv6
APPLICATIONAPPLICATION
TCP/UDP
IPv4-IPv6 Transition Approach
• Hosts—dual stack
• Networks—tunneling
• Network boundaries IPv4 IPv6 NAT
• Expect combinations of each to be used…
0
Dual-Stack Approach
• When adding IPv6 to a system, do not delete IPv4– this multi-protocol approach is familiar and well-understood (e.g., for AppleT
alk, IPX, etc.)– note: in most cases, IPv6 will be bundled with new OS releases, not an extra-c
ost add-on
• Applications (or libraries) choose IP version to use– when initiating, based on DNS response:– if (dest has AAAA or A6 record) use IPv6, else use IPv4– when responding, based on version of initiating packet
• This allows indefinite co-existence of IPv4 and IPv6, and gradual, app-by-app upgrades to IPv6 usage
DRIVER
IPv4 IPv6IPv4 IPv6
APPLICATION
TCP/UDP
0
• IPv6 hosts and routers support both IPv4 and IPv6– Interoperates with IPv4 and IPv6
• The same applications and transport protocols run on both IP versions
• Upgrading from IPv4 to dual IPv4/ IPv6 does not break anything– As part of regular new OS release
– Enable IPv6 and record IPv6 address in DNS to turn on the IPv6 features
Dual Stack Approach
0
Tunnels to Get ThroughIPv6-Ignorant Routers / Switches
• Encapsulate IPv6 packets inside IPv4 packets(or MPLS frames)
• any methods exist for establishing tunnels:–configured tunnels - manual–automatic tunnels - IPv4 compatible addresses ::<ipv4>–“tunnel brokers” (using web-based service to create a tunnel)–“6-over-4” (intra-domain, using IPv4 multicast as virtual LAN)–“6-to-4” (inter-domain, using IPv4 addr as IPv6 site prefix)
• Can view this as:–IPv6 using IPv4 as a virtual link-layer, or–an IPv6 VPN (virtual public network), over the IPv4 Internet(becoming “less virtual” over time, we hope)
0
IPv6 Tunnelling• Configured tunnels—manual point-2-point links• Automatic tunnels—via 6to4 mechanism
2002::/16 prefix
Mobile Data
Network
Service Provider IPv4 Backbone
Service Provider IPv4 Backbone
IPv6 Tunnel
IPv6 Tunnel
IPv6 Tunnel
IPv6 Network
IPv6 Network
IPv6 HeaderIPv6 Header Transport Layer Header
Transport Layer HeaderIPv4 HeaderIPv4 Header
IPv6 HeaderIPv6 Header Transport Layer Header
Transport Layer Header DataData
DataData
0
Translation
• May prefer to use IPv6-IPv4 protocol translation for:–New kinds of IPv6 devices (e.g., cell phones, cars, appliances) accessing IPv4 servers resources over the Internet–Smoothly deploying IPv6 on a campus network, providing v4-v6 communications
• This is a simple extension to NAT techniques, to translate header format as well as addresses
–IPv6 nodes behind a translator get full IPv6 functionality when talking to other IPv6 nodes located anywhere–Methods used to improve NAT functionality (e.g., ALGs, RSIP) can be used equally to improve IPv6-IPv4 functionality
0
IPv4-IPv6 Translation: NAT-PT
IPv4/v6 NetworkIPv4 Network
NAT-PT
v4-only host, router
v4 + v6 host, router
v4-only linkv4 + v6 linkv6-only tunnel
0
Summary
• IPv6 uses 128-bit addresses • Allows provider-based, site-local, link-local, multi
cast, anycast addresses • Fixed header size. Extension headers instead of op
tions. Extension headers for provider selection, security
• Allows autoconfiguration • Dual IP router and host implementations for transi
tion