0
IPv6 Basics                                                   http://etsy.me/KD4Dru                          Jan Schaumann...
IPv6 Basics                                   What’s the big idea?Friday, June 1, 12
IPv6 Basics                                   What’s the big idea?                           Remember... back in February ...
IPv6 Basics                                 Mommy, where do                             IP addresses come from?           ...
IPv6 Basics                                  Mommy, where do                              IP addresses come from?         ...
IPv6 Basics                                  Mommy, where do                              IP addresses come from?         ...
IPv6 Basics                                 Mommy, where do                             IP addresses come from?           ...
IPv6 Basics                                   Here’s what’s next:                IANA Address Pool Exhaustion:            ...
IPv6 Basics                                   You know what else?                     1. Go out of business.              ...
IPv6 Basics                                   You know what else?                         In December 2011, Borders sold a...
IPv6 Basics                                     What’s the big idea?                     Today:                     ASes r...
IPv6 Basics                            Why don’t we just switch?               IPv6 was formalized in RFC1883 in December ...
IPv6 Basics                              Why don’t we just switch?                     http://etsy.me/KqQZcR   http://etsy...
IPv6 Basics                            Why don’t we just switch?Friday, June 1, 12
IPv6 Basics                              Why don’t we just switch?                     •~ 0.022% of users have            ...
IPv6 Basics                                      June 6th 2012                                   This time it’s for realsi...
IPv6 Basics                                      June 6th 2012                                   This time it’s for realsi...
IPv6 Basics                                      June 6th 2012                                   This time it’s for realsi...
IPv6 Basics                                      June 6th 2012                                   This time it’s for realsi...
IPv6 Basics                                   Let’s rewind...                                   http://etsy.me/KDePjLFrida...
IPv6 Basics                           Yeah, yeah, 32 bits, I know.                       01100000000001111010101000100101F...
IPv6 Basics                           Yeah, yeah, 32 bits, I know.                       01100000000001111010101000100101 ...
IPv6 Basics                           Yeah, yeah, 32 bits, I know.                       01100000000001111010101000100101 ...
IPv6 Basics                            Yeah, yeah, 32 bits, I know.                        0110000000000111101010100010010...
IPv6 Basics                           Remember classful routing?                       01100000000001111010101000100101Fri...
IPv6 Basics                           Remember classful routing?                      01100000 000001111010101000100101Fri...
IPv6 Basics                      That’s silly. Let’s CIDR this mofo!                     01100000.00000111.10101010. 00100...
IPv6 Basics                                     CIDR Cheat Sheet                     A.B.C.D/N                     •N = bi...
IPv6 Basics                                     CIDR Cheat Sheet                     A.B.C.D/N                     •N = bi...
IPv6 Basics                                          IPv4                       01100000000001111010101000100101          ...
IPv6 Basics                                          IPv4                       01100000000001111010101000100101          ...
IPv6 Basics                                           IPv4                       01100000000001111010101000100101         ...
IPv6 Basics                                              IPv4                      The archetypal prototype that escaped i...
IPv6 Basics                                   Repeat after me:                        There’s nothing as                  ...
IPv6 Basics                                           IPv4                       01100000000001111010101000100101         ...
IPv6 Basics                                           IPv6                                   0010000000000001             ...
IPv6 Basics                                          IPv6                                   128 bit address space         ...
IPv6 Basics                                           IPv6                                    128 bit address space       ...
IPv6 Basics                             Hmm. That sure is a lot.                               But is it enough?Friday, Ju...
IPv6 Basics                             Hmm. That sure is a lot.                               But is it enough?Friday, Ju...
IPv6 Basics                             Hmm. That sure is a lot.                               But is it enough?Friday, Ju...
IPv6 Basics                               Hmm. That sure is a lot.                                 But is it enough?      ...
IPv6 Basics                                   IPv6 addresses            •8 16bit words in case insensitive colon          ...
IPv6 Basics                                   IPv6 addresses            •8 16bit words in case insensitive colon          ...
IPv6 Basics                                   IPv6 addresses            •8 16bit words in case insensitive colon          ...
IPv6 Basics                                   IPv6 address oddities             •address may include the interface name:  ...
IPv6 Basics                                    IPv6 address oddities             •address may include the interface name: ...
IPv6 Basics                                    IPv6 address oddities             •address may include the interface name: ...
IPv6 Basics                                     IPv6 address scope             •Link-Local (fe80::e276:63ff:fe72:3900%eth0...
IPv6 Basics                                     IPv6 address scope             •Link-Local (fe80::e276:63ff:fe72:3900%eth0...
IPv6 Basics                                     IPv6 address scope             •Link-Local (fe80::e276:63ff:fe72:3900%eth0...
IPv6 Basics                     Of IPv6 classful routing and CIDRs             •unicast addresses starting with 000 are lo...
IPv6 Basics                     Of IPv6 classful routing and CIDRs             •unicast addresses starting with 000 are lo...
IPv6 Basics                     Of IPv6 classful routing and CIDRs             •unicast addresses starting with 000 are lo...
IPv6 Basics                                      IPv6 Allocations        2001:0db8:0123:4567:89ab:cdef:1234:5678        ||...
IPv6 Basics                           IPv6 transition mechanisms             End goal: native IPv6 / dual-stack           ...
IPv6 Basics                           IPv6 transition mechanisms             •6to4 and 6rdFriday, June 1, 12
IPv6 Basics                           IPv6 transition mechanisms             •NAT64 / DNS64Friday, June 1, 12
IPv6 Basics                           IPv6 transition mechanisms             •6-to-4 load balancerFriday, June 1, 12
IPv6 Basics                     Enough already! Let’s do something!                                   http://test-ipv6.com...
IPv6 Basics                                   EC2 ExampleFriday, June 1, 12
IPv6 Basics                                   EC2 ExampleFriday, June 1, 12
IPv6 Basics                                   EC2 ExampleFriday, June 1, 12
IPv6 Basics                                   EC2 ExampleFriday, June 1, 12
IPv6 Basics                                   EC2 ExampleFriday, June 1, 12
IPv6 Basics                                   EC2 ExampleFriday, June 1, 12
IPv6 Basics                                   EC2 ExampleFriday, June 1, 12
IPv6 Basics                                   EC2 ExampleFriday, June 1, 12
IPv6 Basics                                   EC2 ExampleFriday, June 1, 12
IPv6 Basics                                   EC2 ExampleFriday, June 1, 12
IPv6 Basics                                   EC2 ExampleFriday, June 1, 12
IPv6 Basics                     That was exciting! Let’s move on...Friday, June 1, 12
IPv6 Basics                                   See, IPv6 is hilarious!Friday, June 1, 12
IPv6 Basics                                   Hmmm.Friday, June 1, 12
IPv6 Basics                                   Duh.Friday, June 1, 12
IPv6 Basics                                   Duh.Friday, June 1, 12
IPv6 Basics                                   Duh.Friday, June 1, 12
IPv6 Basics                                     A few notes so far:             •DNS lookup of AAAA records works over IPv...
IPv6 BasicsFriday, June 1, 12
IPv6 BasicsFriday, June 1, 12
IPv6 BasicsFriday, June 1, 12
IPv6 BasicsFriday, June 1, 12
IPv6 BasicsFriday, June 1, 12
IPv6 BasicsFriday, June 1, 12
IPv6 BasicsFriday, June 1, 12
IPv6 Basics                                   Configuring IPv6Friday, June 1, 12
IPv6 Basics                                   Configuring IPv6Friday, June 1, 12
IPv6 Basics                                   Hooray IPv6Friday, June 1, 12
IPv6 Basics                                   Now let’s use it!Friday, June 1, 12
IPv6 Basics                                   Now let’s use it!Friday, June 1, 12
IPv6 Basics                                   Now let’s use it!Friday, June 1, 12
IPv6 Basics                                   Booooooring!Friday, June 1, 12
IPv6 Basics                           Let’s see who’s out there...Friday, June 1, 12
IPv6 Basics                           Let’s see who’s out there...Friday, June 1, 12
IPv6 Basics                         Ah, but IPv6 has no broadcast address.Friday, June 1, 12
IPv6 Basics                        Instead, IPv6 uses multicast to all-hosts.Friday, June 1, 12
IPv6 Basics                                   IPv4 has ARP...Friday, June 1, 12
IPv6 Basics                        IPv6 has the Neighbor Discovery ProtocolFriday, June 1, 12
IPv6 Basics                        IPv6 has the Neighbor Discovery ProtocolFriday, June 1, 12
IPv6 Basics                        IPv6 has the Neighbor Discovery Protocol             •NDP used for:                •rou...
IPv6 Basics                                        ICMPv6                                   ECHO REQUEST / REPLYFriday, Ju...
IPv6 Basics                                        ICMPv6                                   ECHO REQUEST / REPLYFriday, Ju...
IPv6 Basics                                              ICMPv6                               TIME EXCEEDED / DESTINATION ...
IPv6 Basics                                              ICMPv6                               TIME EXCEEDED / DESTINATION ...
IPv6 Basics                                         ICMPv6             •much like ICMP in IPv4                •ECHO REQUES...
IPv6 Basics                                     Sidenote                                   IPv6 Tunnel TrafficFriday, June...
IPv6 Basics                                     Sidenote                                   IPv6 Tunnel TrafficFriday, June...
IPv6 Basics                                     Sidenote                                   IPv6 Tunnel TrafficFriday, June...
IPv6 Basics                                           TCP                                   Nothing to see here...Friday, ...
IPv6 Basics                                           TCP                                   Nothing to see here...Friday, ...
IPv6 Basics                                          UDP                                   Nothing to see here...Friday, J...
IPv6 Basics                                          UDP                                   Nothing to see here...Friday, J...
IPv6 Basics                                          UDP                                   Nothing to see here...Friday, J...
IPv6 Basics                                   Dual Stack Implications              Regardless of transport mechanism to DN...
IPv6 Basics                                         Address Resolution                                                    ...
IPv6 Basics                                    Address Resolution                                              C          ...
IPv6 Basics                                    Address Resolution                                        PHP              ...
IPv6 Basics                                   Address Resolution                                     Python, Perl etc.    ...
IPv6 Basics                                   Beware of IP regexes!               In IPv4, sometimes you can get away with...
IPv6 Basics                                   Beware of IP regexes!               In IPv6... not so much:               /^...
IPv6 Basics                                   Beware of IP regexes!               Better:                          if (ine...
IPv6 Basics                                   So... now what?Friday, June 1, 12
IPv6 Basics                                        So... now what?               •get yourselves a few internets from your...
IPv6 Basics                                   So... now what?               •repeat               •go live               •...
IPv6 Basics                                      Links:               http://www.worldipv6launch.org/               https:...
Upcoming SlideShare
Loading in...5
×

Ipv6 basics

3,878

Published on

There's no place like ::1 -- IPv6 Basics

Given at Etsy during a Lunch'n'Learn session on 2012-06-01.

Published in: Technology
2 Comments
5 Likes
Statistics
Notes
No Downloads
Views
Total Views
3,878
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
300
Comments
2
Likes
5
Embeds 0
No embeds

No notes for slide

Transcript of "Ipv6 basics"

  1. 1. IPv6 Basics http://etsy.me/KD4Dru Jan Schaumann <jschauma@etsy.com> B60D A9F7 0D89 544A 7995 7D25 5A5B 4375 275F 0BB5Friday, June 1, 12
  2. 2. IPv6 Basics What’s the big idea?Friday, June 1, 12
  3. 3. IPv6 Basics What’s the big idea? Remember... back in February 2011:Friday, June 1, 12
  4. 4. IPv6 Basics Mommy, where do IP addresses come from? Well,... when an LIR and an RIR love each other very much...Friday, June 1, 12
  5. 5. IPv6 Basics Mommy, where do IP addresses come from? Internet Assigned Numbers Authority (IANA) oversees global IP address/AS number allocation, root zone management etc.Friday, June 1, 12
  6. 6. IPv6 Basics Mommy, where do IP addresses come from? Regional Internet Registries (RIR) manage the allocation and registration of Internet number resources within a region of the world.Friday, June 1, 12
  7. 7. IPv6 Basics Mommy, where do IP addresses come from? RIRs assign blocks of IP addresses to the Local Internet Registries (LIR). LIRs are either ISPs, enterprises using a lot of addresses, or academic institutions.Friday, June 1, 12
  8. 8. IPv6 Basics Here’s what’s next: IANA Address Pool Exhaustion:             2011-02-03 APNIC reached final /8: 2011-04-15 RIPENCC: 2012-08-08 ARIN: 2013-06-24 LACNIC: 2014-02-04 AFRINIC: 2014-11-09 https://ipv6.he.net/v4ex/sidebar/Friday, June 1, 12
  9. 9. IPv6 Basics You know what else? 1. Go out of business. 2. ??? 3. Profit!Friday, June 1, 12
  10. 10. IPv6 Basics You know what else? In December 2011, Borders sold a /16 for $12 per IP address. $786,432Friday, June 1, 12
  11. 11. IPv6 Basics What’s the big idea? Today: ASes running IPv6: 13.7% Top 1M sites running IPv6: 1.26% Yahoo! users served over IPv6 on World IPv6 Day: >1.85M (0.229%) http://bgp.he.net/ipv6-progress-report.cgiFriday, June 1, 12
  12. 12. IPv6 Basics Why don’t we just switch? IPv6 was formalized in RFC1883 in December 1995.Friday, June 1, 12
  13. 13. IPv6 Basics Why don’t we just switch? http://etsy.me/KqQZcR http://etsy.me/KqRdAKFriday, June 1, 12
  14. 14. IPv6 Basics Why don’t we just switch?Friday, June 1, 12
  15. 15. IPv6 Basics Why don’t we just switch? •~ 0.022% of users have a “broken” configuration •timeout for IPv4 fallbacks worsen user experience •consumers are not demanding IPv6 (see chicken)Friday, June 1, 12
  16. 16. IPv6 Basics June 6th 2012 This time it’s for realsies!Friday, June 1, 12
  17. 17. IPv6 Basics June 6th 2012 This time it’s for realsies! •Google •Facebook •YouTube •Yahoo •Bing •AOL •NetflixFriday, June 1, 12
  18. 18. IPv6 Basics June 6th 2012 This time it’s for realsies! •Google •Facebook •YouTube •Yahoo •Bing •AOL •Netflix •Etsy?Friday, June 1, 12
  19. 19. IPv6 Basics June 6th 2012 This time it’s for realsies! •Google •Facebook •YouTube •Yahoo •Bing •AOL •Netflix •Etsy :-(Friday, June 1, 12
  20. 20. IPv6 Basics Let’s rewind... http://etsy.me/KDePjLFriday, June 1, 12
  21. 21. IPv6 Basics Yeah, yeah, 32 bits, I know. 01100000000001111010101000100101Friday, June 1, 12
  22. 22. IPv6 Basics Yeah, yeah, 32 bits, I know. 01100000000001111010101000100101 96.7.170.37Friday, June 1, 12
  23. 23. IPv6 Basics Yeah, yeah, 32 bits, I know. 01100000000001111010101000100101 96.7.170.37 www.etsy.comFriday, June 1, 12
  24. 24. IPv6 Basics Yeah, yeah, 32 bits, I know. 01100000000001111010101000100101 96.7.170.37 www.etsy.com (mumble.frubmle.something.akamai.com)Friday, June 1, 12
  25. 25. IPv6 Basics Remember classful routing? 01100000000001111010101000100101Friday, June 1, 12
  26. 26. IPv6 Basics Remember classful routing? 01100000 000001111010101000100101Friday, June 1, 12
  27. 27. IPv6 Basics That’s silly. Let’s CIDR this mofo! 01100000.00000111.10101010. 00100101 11111111.11111111.11111111. 00000000 /24Friday, June 1, 12
  28. 28. IPv6 Basics CIDR Cheat Sheet A.B.C.D/N •N = bits describing network portion •M = 32 - N = bits describing host portion •2M = number of addresses on this subnet •2M-2 = number of possible hosts •network address •broadcast address •subnet division need not occur on dotted boundary only (divide a /24 into four /26)Friday, June 1, 12
  29. 29. IPv6 Basics CIDR Cheat Sheet A.B.C.D/N •N = bits describing network portion •M = 32 - N = bits describing host portion •2M = number of addresses on this subnet •2M-2 = number of possible hosts •network address •broadcast address •subnet division need not occur on dotted boundary only (divide a /24 into four /26) The same approach works for IPv6!Friday, June 1, 12
  30. 30. IPv6 Basics IPv4 01100000000001111010101000100101 32 bit address spaceFriday, June 1, 12
  31. 31. IPv6 Basics IPv4 01100000000001111010101000100101 32 bit address space => 232 addressesFriday, June 1, 12
  32. 32. IPv6 Basics IPv4 01100000000001111010101000100101 32 bit address space => 232 addresses => 4,294,967,296 addressesFriday, June 1, 12
  33. 33. IPv6 Basics IPv4 The archetypal prototype that escaped into production. “It’s my fault.” - Vint Cerf 32-bit space thought sufficient for this experiment started in 1976.Friday, June 1, 12
  34. 34. IPv6 Basics Repeat after me: There’s nothing as permanent as a temporary solution.Friday, June 1, 12
  35. 35. IPv6 Basics IPv4 01100000000001111010101000100101 32 bit address space => 232 addresses => 4,294,967,296 addressesFriday, June 1, 12
  36. 36. IPv6 Basics IPv6 0010000000000001 0000000011011011 0000000000000000 0000000000000000 0000011110101011 0000000000000000 0000000000000000 0001001100001011 128 bit address spaceFriday, June 1, 12
  37. 37. IPv6 Basics IPv6 128 bit address space => 2128 addressesFriday, June 1, 12
  38. 38. IPv6 Basics IPv6 128 bit address space => 2128 addresses => 340,282,366,920,938,463,463,374,607,431,768,211,456 addressesFriday, June 1, 12
  39. 39. IPv6 Basics Hmm. That sure is a lot. But is it enough?Friday, June 1, 12
  40. 40. IPv6 Basics Hmm. That sure is a lot. But is it enough?Friday, June 1, 12
  41. 41. IPv6 Basics Hmm. That sure is a lot. But is it enough?Friday, June 1, 12
  42. 42. IPv6 Basics Hmm. That sure is a lot. But is it enough? “"if the earth were made entirely out of 1 cubic millimeter grains of sand, then you could give a unique [IPv6] address to each grain in 300 million planets the size of the earth"Friday, June 1, 12
  43. 43. IPv6 Basics IPv6 addresses •8 16bit words in case insensitive colon hexadecimal representation 2001:00db8:0000:0000:07AB:0000:0000:130BFriday, June 1, 12
  44. 44. IPv6 Basics IPv6 addresses •8 16bit words in case insensitive colon hexadecimal representation 2001:00db8:0000:0000:07AB:0000:0000:130B •Leading zeros in a field are optional: 2001:db8:0:0:7AB:0:0:130BFriday, June 1, 12
  45. 45. IPv6 Basics IPv6 addresses •8 16bit words in case insensitive colon hexadecimal representation 2001:00db8:0000:0000:07AB:0000:0000:130B •Leading zeros in a field are optional: 2001:db8:0:0:7AB:0:0:130B •Successive fields of 0 represented as ::, but only once in an address: 2001:db8::7AB:0:0:130B ok 2001:db8:0:0:7AB::130B ok 2001:db8::7AB::130B not okFriday, June 1, 12
  46. 46. IPv6 Basics IPv6 address oddities •address may include the interface name: fe80::e276:63ff:fe72:3900%eth0Friday, June 1, 12
  47. 47. IPv6 Basics IPv6 address oddities •address may include the interface name: fe80::e276:63ff:fe72:3900%eth0 •IPv4-mapped addresses (dual-stack only): 0:0:0:0:ffff:166.84.7.99 ::ffff:a654:763Friday, June 1, 12
  48. 48. IPv6 Basics IPv6 address oddities •address may include the interface name: fe80::e276:63ff:fe72:3900%eth0 •IPv4-mapped addresses (dual-stack only): 0:0:0:0:ffff:166.84.7.99 ::ffff:a654:763 •brackets are used to separate port from address: IPv4: 166.84.7.99:80 IPv6: [2001:db8::07AB:0:0:130B]:80Friday, June 1, 12
  49. 49. IPv6 Basics IPv6 address scope •Link-Local (fe80::e276:63ff:fe72:3900%eth0): • used on a single link • equivalent of 169.254.0.0/16 •fe80::/64 (usually assigned via SLAAC)Friday, June 1, 12
  50. 50. IPv6 Basics IPv6 address scope •Link-Local (fe80::e276:63ff:fe72:3900%eth0): • used on a single link • equivalent of 169.254.0.0/16 •fe80::/64 (usually assigned via SLAAC) •Unique Local Address (ULA): •equivalent of IPv4 RFC1918 •not globally routable •fc00::/7Friday, June 1, 12
  51. 51. IPv6 Basics IPv6 address scope •Link-Local (fe80::e276:63ff:fe72:3900%eth0): • used on a single link • equivalent of 169.254.0.0/16 •fe80::/64 (usually assigned via SLAAC) •Unique Local Address (ULA): •equivalent of IPv4 RFC1918 •not globally routable •fc00::/7 •Global (Unicast, Anycast, Multicast) •unicast: 2a03:2880:2110:3f01:face:b00c:: •anycast: undistinguishable from unicast •multicast: FF00::/8Friday, June 1, 12
  52. 52. IPv6 Basics Of IPv6 classful routing and CIDRs •unicast addresses starting with 000 are logically divided into two parts: a 64-bit (sub-)network prefix, and a 64-bit interface identifier •the default subnet size is thus /64Friday, June 1, 12
  53. 53. IPv6 Basics Of IPv6 classful routing and CIDRs •unicast addresses starting with 000 are logically divided into two parts: a 64-bit (sub-)network prefix, and a 64-bit interface identifier •the default subnet size is thus /64 Yes, that’s 18,446,744,073,709,551,616 addresses per subnet.Friday, June 1, 12
  54. 54. IPv6 Basics Of IPv6 classful routing and CIDRs •unicast addresses starting with 000 are logically divided into two parts: a 64-bit (sub-)network prefix, and a 64-bit interface identifier •the default subnet size is thus /64 Yes, that’s 232 internets per subnet.Friday, June 1, 12
  55. 55. IPv6 Basics IPv6 Allocations 2001:0db8:0123:4567:89ab:cdef:1234:5678 |||| |||| |||| |||| |||| |||| |||| |||128 Single end-points and loopback |||| |||| |||| |||| |||| |||| |||| ||124 |||| |||| |||| |||| |||| |||| |||| |120 |||| |||| |||| |||| |||| |||| |||| 116 |||| |||| |||| |||| |||| |||| |||112 |||| |||| |||| |||| |||| |||| ||108 |||| |||| |||| |||| |||| |||| |104 |||| |||| |||| |||| |||| |||| 100 |||| |||| |||| |||| |||| |||96 |||| |||| |||| |||| |||| ||92 |||| |||| |||| |||| |||| |88 |||| |||| |||| |||| |||| 84 |||| |||| |||| |||| |||80 |||| |||| |||| |||| ||76 |||| |||| |||| |||| |72 |||| |||| |||| |||| 68 |||| |||| |||| |||64 Single End-user LAN (default prefix size for SLAAC) |||| |||| |||| ||60 |||| |||| |||| |56 Proposed minimal end sites assignment |||| |||| |||| 52 |||| |||| |||48 Default end sites assignment |||| |||| ||44 |||| |||| |40 |||| |||| 36 |||| |||32 Local Internet registry minimum allocations |||| ||28 Local Internet registry medium allocations |||| |24 Local Internet registry large allocations |||| 20 Local Internet registry extra large allocations |||16 ||12 Regional Internet Registry allocations from IANAFriday, June 1, 12
  56. 56. IPv6 Basics IPv6 transition mechanisms End goal: native IPv6 / dual-stack •6to4 •6in4 •6rd •teredo •NAT64/DNS64 •terminate at edge of networkFriday, June 1, 12
  57. 57. IPv6 Basics IPv6 transition mechanisms •6to4 and 6rdFriday, June 1, 12
  58. 58. IPv6 Basics IPv6 transition mechanisms •NAT64 / DNS64Friday, June 1, 12
  59. 59. IPv6 Basics IPv6 transition mechanisms •6-to-4 load balancerFriday, June 1, 12
  60. 60. IPv6 Basics Enough already! Let’s do something! http://test-ipv6.com/Friday, June 1, 12
  61. 61. IPv6 Basics EC2 ExampleFriday, June 1, 12
  62. 62. IPv6 Basics EC2 ExampleFriday, June 1, 12
  63. 63. IPv6 Basics EC2 ExampleFriday, June 1, 12
  64. 64. IPv6 Basics EC2 ExampleFriday, June 1, 12
  65. 65. IPv6 Basics EC2 ExampleFriday, June 1, 12
  66. 66. IPv6 Basics EC2 ExampleFriday, June 1, 12
  67. 67. IPv6 Basics EC2 ExampleFriday, June 1, 12
  68. 68. IPv6 Basics EC2 ExampleFriday, June 1, 12
  69. 69. IPv6 Basics EC2 ExampleFriday, June 1, 12
  70. 70. IPv6 Basics EC2 ExampleFriday, June 1, 12
  71. 71. IPv6 Basics EC2 ExampleFriday, June 1, 12
  72. 72. IPv6 Basics That was exciting! Let’s move on...Friday, June 1, 12
  73. 73. IPv6 Basics See, IPv6 is hilarious!Friday, June 1, 12
  74. 74. IPv6 Basics Hmmm.Friday, June 1, 12
  75. 75. IPv6 Basics Duh.Friday, June 1, 12
  76. 76. IPv6 Basics Duh.Friday, June 1, 12
  77. 77. IPv6 Basics Duh.Friday, June 1, 12
  78. 78. IPv6 Basics A few notes so far: •DNS lookup of AAAA records works over IPv4 •IPv6 may be enabled •your interfaces may already have IPv6 addresses •your host may not be configured for IPv6 •we need different tools for IPv4 and IPv6Friday, June 1, 12
  79. 79. IPv6 BasicsFriday, June 1, 12
  80. 80. IPv6 BasicsFriday, June 1, 12
  81. 81. IPv6 BasicsFriday, June 1, 12
  82. 82. IPv6 BasicsFriday, June 1, 12
  83. 83. IPv6 BasicsFriday, June 1, 12
  84. 84. IPv6 BasicsFriday, June 1, 12
  85. 85. IPv6 BasicsFriday, June 1, 12
  86. 86. IPv6 Basics Configuring IPv6Friday, June 1, 12
  87. 87. IPv6 Basics Configuring IPv6Friday, June 1, 12
  88. 88. IPv6 Basics Hooray IPv6Friday, June 1, 12
  89. 89. IPv6 Basics Now let’s use it!Friday, June 1, 12
  90. 90. IPv6 Basics Now let’s use it!Friday, June 1, 12
  91. 91. IPv6 Basics Now let’s use it!Friday, June 1, 12
  92. 92. IPv6 Basics Booooooring!Friday, June 1, 12
  93. 93. IPv6 Basics Let’s see who’s out there...Friday, June 1, 12
  94. 94. IPv6 Basics Let’s see who’s out there...Friday, June 1, 12
  95. 95. IPv6 Basics Ah, but IPv6 has no broadcast address.Friday, June 1, 12
  96. 96. IPv6 Basics Instead, IPv6 uses multicast to all-hosts.Friday, June 1, 12
  97. 97. IPv6 Basics IPv4 has ARP...Friday, June 1, 12
  98. 98. IPv6 Basics IPv6 has the Neighbor Discovery ProtocolFriday, June 1, 12
  99. 99. IPv6 Basics IPv6 has the Neighbor Discovery ProtocolFriday, June 1, 12
  100. 100. IPv6 Basics IPv6 has the Neighbor Discovery Protocol •NDP used for: •router, prefix and parameter discovery •address autoconfiguration (SLAAC) •address resolution (think ARP) •uses ICMPv6 •operates on the Internet Layer •BSD: ndp(8) •Linux: ip(8), ip-neighbour(8)Friday, June 1, 12
  101. 101. IPv6 Basics ICMPv6 ECHO REQUEST / REPLYFriday, June 1, 12
  102. 102. IPv6 Basics ICMPv6 ECHO REQUEST / REPLYFriday, June 1, 12
  103. 103. IPv6 Basics ICMPv6 TIME EXCEEDED / DESTINATION UNREACHABLEFriday, June 1, 12
  104. 104. IPv6 Basics ICMPv6 TIME EXCEEDED / DESTINATION UNREACHABLEFriday, June 1, 12
  105. 105. IPv6 Basics ICMPv6 •much like ICMP in IPv4 •ECHO REQUEST/REPLY •Destination Unreachable •Time Exceeded •Packet Too Big (PMTU Discovery) •Neighbor Discovery Protocol •ping6(8), traceroute6(8), ...Friday, June 1, 12
  106. 106. IPv6 Basics Sidenote IPv6 Tunnel TrafficFriday, June 1, 12
  107. 107. IPv6 Basics Sidenote IPv6 Tunnel TrafficFriday, June 1, 12
  108. 108. IPv6 Basics Sidenote IPv6 Tunnel TrafficFriday, June 1, 12
  109. 109. IPv6 Basics TCP Nothing to see here...Friday, June 1, 12
  110. 110. IPv6 Basics TCP Nothing to see here...Friday, June 1, 12
  111. 111. IPv6 Basics UDP Nothing to see here...Friday, June 1, 12
  112. 112. IPv6 Basics UDP Nothing to see here...Friday, June 1, 12
  113. 113. IPv6 Basics UDP Nothing to see here...Friday, June 1, 12
  114. 114. IPv6 Basics Dual Stack Implications Regardless of transport mechanism to DNS server: •ask DNS for AAAA •if AAAA exists, assume (and use) IPv6 for the connection •only ask for A if no AAAA was found •if A exists, use IPv4 for the connectFriday, June 1, 12
  115. 115. IPv6 Basics Address Resolution C •replace gethostby* with getaddrinfo(3) •RFC3484 section 6 rule 9 prefix-length based sorting may break DNS round-robin •you may get back multiple results •replace sockaddr_in with struct sockaddr_storage •use sockaddr_storage.ai_addrlen for length •replace inet_ntoa(3)/inet_aton(3) with inet_ntop(3)/inet_pton(3)Friday, June 1, 12
  116. 116. IPv6 Basics Address Resolution C •some OS default their sockets to IPV6_V6ONLY; •check sysctl net.inet6.ip6.v6only if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, (char *)&on, sizeof(on)) == -1) perror("setsockopt IPV6_V6ONLY"); else printf("IPV6_V6ONLY setn"); Without IPV6_V6ONLY, you will get IPv4-mapped addresses (::ffff:192.0.2.128). Other languages mostly follow logically from C.Friday, June 1, 12
  117. 117. IPv6 Basics Address Resolution PHP •use dns_get_record instead of gethostbyname •fsockopen and friends handle IPv6 •you may need to use bracket notation tcp://[2600:809:600::3f50:412]:80Friday, June 1, 12
  118. 118. IPv6 Basics Address Resolution Python, Perl etc. •pretty much depends on the modules used. •some are terrible, some are great NodeJS and all the other new hotness •I have no idea. Sorry.Friday, June 1, 12
  119. 119. IPv6 Basics Beware of IP regexes! In IPv4, sometimes you can get away with: •(d{1,3}.d{1,3}.d{1,3}.d{1,3}) •([0-9]+.){3}[0-9]+) •(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]| [01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?.(25[0-5]|2[0-4] [0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)Friday, June 1, 12
  120. 120. IPv6 Basics Beware of IP regexes! In IPv6... not so much: /^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f] {1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(. (25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((: [0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(. (25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((: [0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1d d|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa- f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}: ((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]? d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((: [0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]| 2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A- Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd| [1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A- Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd| [1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*$/Friday, June 1, 12
  121. 121. IPv6 Basics Beware of IP regexes! Better: if (inet_pton(AF_INET, $ip)) { # AF_INET } elsif (inet_pton(AF_INET6, $ip)) { # AF_INET6 } else { # not an IP address }Friday, June 1, 12
  122. 122. IPv6 Basics So... now what?Friday, June 1, 12
  123. 123. IPv6 Basics So... now what? •get yourselves a few internets from your LIR (/48, /56) •assess your infrastructure •routers/switches usually ok, but verify •verify firewalls, IDS, load balancers, other “appliances” •choose your transition approach •terminate/translate as close to the edge as possible •use a test domain •do a short live test, then •see what broke •review data collection tools (can they cope with 128bit addresses, new format)? •use short TTL for DNS recordsFriday, June 1, 12
  124. 124. IPv6 Basics So... now what? •repeat •go live •Profit!Friday, June 1, 12
  125. 125. IPv6 Basics Links: http://www.worldipv6launch.org/ https://www.google.com/intl/en/ipv6/statistics/ https://en.wikipedia.org/wiki/IPv6 http://pretty-rfc.herokuapp.com/RFC2460 http://www.slideshare.net/IOSHints/getting-ready- for-world-ipv6-day-in-6-days http://tunnelbroker.net/ http://test-ipv6.com https://www.arin.net/policy/nrpm.html http://ipv6friday.org Lists: http://lists.si6networks.com/listinfo/ipv6hackers http://www.nanog.org/mailinglist/ http://lists.cluenet.de/mailman/listinfo/ipv6-opsFriday, June 1, 12
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×