SlideShare a Scribd company logo
IPv6 in 2018
FrOSCon 13 Network Track
Falk Stern, Maximilian Wilhelm
1 / 26
Agenda
1. Who's who
2. History
3. IPv6
1. Addressing
2. Packet Format
3. ICMP, Neighbour Discovery, Autoconfig
4. Transition Technologies
2 / 26
Who's who Falk Stern
Full Stack Infrastructure Engineer
IPv6 fanboy
Runs his own Kubernetes cluster in his basement
Consultant @ Profi Engineering Systems AG
Contact
@wrf42
falk@fourecks.de
3 / 26
Who's who Maximilian Wilhelm
Networker
OpenSource Hacker
Fanboy of
(Debian) Linux
ifupdown2
Occupation:
By day: Senior Infrastructure Architect, Uni Paderborn
By night: Infrastructure Archmage, Freifunk Hochstift
In between: Freelance Solution Architect for hire
Contact
@BarbarossaTM
max@sdn.clinic
4 / 26
Who's who
History
IPv4 allocations have been made
NAT is everywhere, even in your
Fritz!Box
CGN/LSN breaks your applications
Some devices still don't support IPv6
State of the InterNAT
5 / 26
Who's who
History
IPv6 history
Introduced in RFC2460, December 1998
Adressing
Diminishing IPv4 address space
Use of NAT/PAT
Growing routing tables
First deployment was with 6bone, stopped on 6.6.2006
Hurricane Electric, SixXs pushed IPv6 tunnels
Germany has >35% IPv6 adoption per https://google.com/ipv6
Global IPv6 Adoption is at 22%
6 / 26
Who's who
History
IPv6
What's "new"
Different address format
Different header
Stateless autoconfiguration
no need for DHCP
Broadcast replaced by multicast
Global address hierarchy
7 / 26
Who's who
History
IPv6
Address format
Standard form
8 x 16bit hexadecimal
2001:0db8:affe:c0d4:0000:0000:00c0:fffe
Short form
Sequence of 0 replaced by ::, leading 0 can be omitted
2001:db8:affe:c0d4::c0:fffe
8 / 26
Who's who
History
IPv6
Address format
IPv4 compatible addresses
0000:0000:0000:0000:0000:ffff:192.0.2.4
or
::ffff:192.0.2.4
CIDR notation for pre xes
2001:db8:affe:c0d4::/64
9 / 26
Who's who
History
IPv6
Address types
Unicast
Global (everything not specified elsewhere)
unique local (ULA) - FC00::/7
link-local (LLA) - FE80::/10
IPv4 mapped - ::ffff:192.0.2.4
Loopback - ::1/128
unspecified - ::/128
Multicast
FF00::/8
No broadcast
10 / 26
Who's who
History
IPv6
Header format
11 / 26
Who's who
History
IPv6
ICMPv6
Defined in RFC4443
Informational (Type > 127)
Echo Request (128)
Echo Reply (129)
...
Error (Type < 128)
Destination Unreachable (1)
Packet Too Big (2)
Time Exceeded (3)
Parameter Problem (4)
If you really want to filter ICMPv6, please read RFC4890
12 / 26
Who's who
History
IPv6
IPv6 Neighbour Discovery
Protocol over ICMPv6
Router Solicitation / Advertisement
Neighbour Solicitation / Advertisement
Redirect
Replaces ARP and certain ICMPv4 messages
Implemented through Multicast
13 / 26
Who's who
History
IPv6
64-Bit Extended Unique Identifier
First 24, 28 or 36 bit identify the
vendor
Modified EUI-64 is used by IPv6 to
generate an interface identifier
MAC address is split into 24 bit parts,
FFFE inserted in-between
seventh bit from the left is inverted
1st octet 2nd octet 3rd octet 4th octet 5th octet 6th octet
6 octets
or
Organisationally Unique
Identifier (OUI)
Network Interface Controller
(NIC) Specific
3 octets 3 octets
b7 b6 b5 b4 b3 b2 b1 b0
8 bits
0:
1:
unicast
multicast
0:
1:
globally unique (OUI enforced)
locally administered
EUI-64
14 / 26
Who's who
History
IPv6
Stateless Autocon guration (SLAAC)
1. Interface assigns a link-local address w/ interface identifier
2. Interface sends router solicitation
3. Router sends router advertisement, including prefix, default gateway, etc.
4. Interface creates global address from prefix and interface identifier
5. Interface sends a neighbour solicitation for Duplicate Address Detection
Router advertisement can contain:
Prefix
Lifetime
DNS Server
Default Gateway
MTU
15 / 26
Who's who
History
IPv6
Stateful Autocon guration (DHCPv6)
IPv6 can use DHCP to configure all parameters
Required for UEFI netbooting
Only way to configure a nameserver if the router does not support RDNSS
(RFC8106)
Required for Prefix Delegation (DHCPv6-PD)
16 / 26
Who's who
History
IPv6
Stateless Autocon guration with DHCPv6
Address is configured through SLAAC
DNS Server is configured through DHCPv6
Android doesn't support this
17 / 26
Who's who
History
IPv6
Privacy extensions (RFC4941)
As a global IPv6 address can be used to identify a single computer, there is a privacy
issue.
Hosts can generate additional random interface identifiers for outgoing connections.
These addresses expire after a certain amount of time.
A host can have a number of addresses configured at the same time.
18 / 26
Who's who
History
IPv6
Subnetting
Your LAN should have a /64
That's more than 18 quintillion addresses
Deutsche Telekom delegates you a /56
That's 256 times 18 quintillion addresses
A site should use a /48
That's 65536 times 18 quintillion addresses
RIPE delegates a /29
That's 524288 sites with 65536 subnets with 18 quintillion addresses
You can use a /127* on a link, if you want to.
The legacy internet fits in a /96
18 quintillion = 18.446.744.073.709.551.616
* That's 2 addresses 19 / 26
Who's who
History
IPv6
Transition
Getting from 4 to 6
There are a lot of transition technologies to get to IPv6
Tunnelbrokers
Dual Stack
DS-Lite
NAT64/DNS64
464XLAT
20 / 26
Who's who
History
IPv6
Transition
Tunnel Brokers
Tunnelbrokers provide a IPv6 enabled tunnel over IPv4 and route several subnets.
Dual Stack
Nodes have 2 IP stacks and several IP addresses
21 / 26
Who's who
History
IPv6
Transition
DS-Lite
ISP Network
IPv6(IPv4)IPv4
IPv6
IPv6 Internet
IPv4 Internet
IPv6
DS-Lite
CGN
Source: Wikipedia
22 / 26
Who's who
History
IPv6
Transition
NAT64/DNS64
The IPv4 internet is mapped to a well-known prefix
64:FF9B::/96
DNS64 translates A records to AAAA records
NAT64 translates requests to 64:FF9B::/96 to IPv4
23 / 26
Who's who
History
IPv6
Transition
"Happy Eyeballs"
Selection mechanism which protocol to prefer (RFC8305)
Tries both address families in parallel, prefers faster TCP answer
"Happy Eyeballs Version 2: Better Connectivity Through Concurrency"
Implemented in
Chrome, Opera, Firefox
macOS
cURL
24 / 26
Who's who
History
IPv6
Transition
Who is using IPv6?
Heise, Google, Youtube, Facebook, Microsoft
NAT64 support is mandatory for Apple iOS Apps
Microsoft is migrating to IPv6 only internally
https://labs.ripe.net/Members/mirjam/ipv6-only-at-microsoft
25 / 26
Who's who
History
IPv6
Transition
Questions
Questions?
26 / 26

More Related Content

What's hot

Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Maximilan Wilhelm
 
Contemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ngContemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ng
Maximilan Wilhelm
 
Building your own CGN boxes with Linux
Building your own CGN boxes with LinuxBuilding your own CGN boxes with Linux
Building your own CGN boxes with Linux
Maximilan Wilhelm
 
Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...
Maximilan Wilhelm
 
6.Routing
6.Routing6.Routing
6.Routing
phanleson
 
Operationalizing VRF in the Data Center
Operationalizing VRF in the Data CenterOperationalizing VRF in the Data Center
Operationalizing VRF in the Data Center
Cumulus Networks
 
Building your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and pythonBuilding your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and python
Maximilan Wilhelm
 
Contemporary Linux Networking
Contemporary Linux NetworkingContemporary Linux Networking
Contemporary Linux Networking
Maximilan Wilhelm
 
Morphology of Modern Data Center Networks - YaC 2013
Morphology of Modern Data Center Networks - YaC 2013Morphology of Modern Data Center Networks - YaC 2013
Morphology of Modern Data Center Networks - YaC 2013
Cumulus Networks
 
Networking Fundamentals: Local Networks
Networking Fundamentals: Local NetworksNetworking Fundamentals: Local Networks
Networking Fundamentals: Local Networks
Andriy Berestovskyy
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheet
julianlz
 
VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)
Netwax Lab
 
Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_
Jide Akintola JNCIE-M&T/SP #496 CCIE-SP#28552
 
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebula Project
 
Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)
NetProtocol Xpert
 
Networking Fundamentals: Transport Protocols (TCP and UDP)
Networking Fundamentals: Transport Protocols (TCP and UDP)Networking Fundamentals: Transport Protocols (TCP and UDP)
Networking Fundamentals: Transport Protocols (TCP and UDP)
Andriy Berestovskyy
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheet
balamurugan N
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheet
Swarup Hait
 
Internet innovation with Multipath TCP
Internet innovation with Multipath TCPInternet innovation with Multipath TCP
Internet innovation with Multipath TCP
Olivier Bonaventure
 
CCNA 200-120 Exam Quick Notes
CCNA 200-120 Exam Quick NotesCCNA 200-120 Exam Quick Notes
CCNA 200-120 Exam Quick Notes
Eng. Emad Al-Atoum
 

What's hot (20)

Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
 
Contemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ngContemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ng
 
Building your own CGN boxes with Linux
Building your own CGN boxes with LinuxBuilding your own CGN boxes with Linux
Building your own CGN boxes with Linux
 
Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...
 
6.Routing
6.Routing6.Routing
6.Routing
 
Operationalizing VRF in the Data Center
Operationalizing VRF in the Data CenterOperationalizing VRF in the Data Center
Operationalizing VRF in the Data Center
 
Building your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and pythonBuilding your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and python
 
Contemporary Linux Networking
Contemporary Linux NetworkingContemporary Linux Networking
Contemporary Linux Networking
 
Morphology of Modern Data Center Networks - YaC 2013
Morphology of Modern Data Center Networks - YaC 2013Morphology of Modern Data Center Networks - YaC 2013
Morphology of Modern Data Center Networks - YaC 2013
 
Networking Fundamentals: Local Networks
Networking Fundamentals: Local NetworksNetworking Fundamentals: Local Networks
Networking Fundamentals: Local Networks
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheet
 
VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)
 
Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_
 
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
 
Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)
 
Networking Fundamentals: Transport Protocols (TCP and UDP)
Networking Fundamentals: Transport Protocols (TCP and UDP)Networking Fundamentals: Transport Protocols (TCP and UDP)
Networking Fundamentals: Transport Protocols (TCP and UDP)
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheet
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheet
 
Internet innovation with Multipath TCP
Internet innovation with Multipath TCPInternet innovation with Multipath TCP
Internet innovation with Multipath TCP
 
CCNA 200-120 Exam Quick Notes
CCNA 200-120 Exam Quick NotesCCNA 200-120 Exam Quick Notes
CCNA 200-120 Exam Quick Notes
 

Similar to IPv6 im Jahre 2018

Introduction to IPv6-UoN
Introduction to IPv6-UoNIntroduction to IPv6-UoN
Introduction to IPv6-UoN
Mwendwa Kivuva
 
DCN 5th ed. slides ch22 Next Generation IP.pdf
DCN 5th ed. slides ch22 Next Generation IP.pdfDCN 5th ed. slides ch22 Next Generation IP.pdf
DCN 5th ed. slides ch22 Next Generation IP.pdf
Bilal Munir Mughal
 
Network Layer
Network LayerNetwork Layer
Network Layer
Dr Shashikant Athawale
 
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
Mark Smith
 
Gohil-Network layer & Address Resolution Protocol.pptx
Gohil-Network layer & Address Resolution Protocol.pptxGohil-Network layer & Address Resolution Protocol.pptx
Gohil-Network layer & Address Resolution Protocol.pptx
Juvil2
 
Introduction to IPv6
Introduction to IPv6Introduction to IPv6
Introduction to IPv6
Sara Q. Abedulridha
 
IPV6
IPV6 IPV6
Why We Need IPv6
Why We Need IPv6Why We Need IPv6
Why We Need IPv6
Netwax Lab
 
01 Ipv6 Addressing
01 Ipv6 Addressing01 Ipv6 Addressing
01 Ipv6 Addressing
Haris Padinharethil
 
Introduction to IPV6
Introduction to IPV6Introduction to IPV6
Introduction to IPV6
Sean Collins
 
UNIT-2.pptx
UNIT-2.pptxUNIT-2.pptx
UNIT-2.pptx
DhavalPatel104579
 
Cisco presentation2
Cisco presentation2Cisco presentation2
Cisco presentation2
ehsan nazer
 
IPv6
IPv6IPv6
Moushumi Maria (071464056)
Moushumi Maria (071464056)Moushumi Maria (071464056)
Moushumi Maria (071464056)
mashiur
 
AF-23- IPv6 Security_Final
AF-23- IPv6 Security_FinalAF-23- IPv6 Security_Final
AF-23- IPv6 Security_Final
Musa Stephen HONLUE
 
Ipv4 address
Ipv4 addressIpv4 address
Ipv4 address
RomanusKomba
 
IPv6 - The Next next generation protocol
IPv6 - The Next next generation protocolIPv6 - The Next next generation protocol
IPv6 - The Next next generation protocol
Mohit Sharma
 
Lightweight 4-over-6: One step further Dual-Stack Lite Networks (RIPE 76)
Lightweight 4-over-6: One step further Dual-Stack Lite Networks (RIPE 76)Lightweight 4-over-6: One step further Dual-Stack Lite Networks (RIPE 76)
Lightweight 4-over-6: One step further Dual-Stack Lite Networks (RIPE 76)
Igalia
 
CCNA_ITN_Chp5.pptx
CCNA_ITN_Chp5.pptxCCNA_ITN_Chp5.pptx
CCNA_ITN_Chp5.pptx
NguyenLe340487
 
Basic of IPv6
Basic of IPv6Basic of IPv6
Basic of IPv6
Jubin Aghara
 

Similar to IPv6 im Jahre 2018 (20)

Introduction to IPv6-UoN
Introduction to IPv6-UoNIntroduction to IPv6-UoN
Introduction to IPv6-UoN
 
DCN 5th ed. slides ch22 Next Generation IP.pdf
DCN 5th ed. slides ch22 Next Generation IP.pdfDCN 5th ed. slides ch22 Next Generation IP.pdf
DCN 5th ed. slides ch22 Next Generation IP.pdf
 
Network Layer
Network LayerNetwork Layer
Network Layer
 
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
 
Gohil-Network layer & Address Resolution Protocol.pptx
Gohil-Network layer & Address Resolution Protocol.pptxGohil-Network layer & Address Resolution Protocol.pptx
Gohil-Network layer & Address Resolution Protocol.pptx
 
Introduction to IPv6
Introduction to IPv6Introduction to IPv6
Introduction to IPv6
 
IPV6
IPV6 IPV6
IPV6
 
Why We Need IPv6
Why We Need IPv6Why We Need IPv6
Why We Need IPv6
 
01 Ipv6 Addressing
01 Ipv6 Addressing01 Ipv6 Addressing
01 Ipv6 Addressing
 
Introduction to IPV6
Introduction to IPV6Introduction to IPV6
Introduction to IPV6
 
UNIT-2.pptx
UNIT-2.pptxUNIT-2.pptx
UNIT-2.pptx
 
Cisco presentation2
Cisco presentation2Cisco presentation2
Cisco presentation2
 
IPv6
IPv6IPv6
IPv6
 
Moushumi Maria (071464056)
Moushumi Maria (071464056)Moushumi Maria (071464056)
Moushumi Maria (071464056)
 
AF-23- IPv6 Security_Final
AF-23- IPv6 Security_FinalAF-23- IPv6 Security_Final
AF-23- IPv6 Security_Final
 
Ipv4 address
Ipv4 addressIpv4 address
Ipv4 address
 
IPv6 - The Next next generation protocol
IPv6 - The Next next generation protocolIPv6 - The Next next generation protocol
IPv6 - The Next next generation protocol
 
Lightweight 4-over-6: One step further Dual-Stack Lite Networks (RIPE 76)
Lightweight 4-over-6: One step further Dual-Stack Lite Networks (RIPE 76)Lightweight 4-over-6: One step further Dual-Stack Lite Networks (RIPE 76)
Lightweight 4-over-6: One step further Dual-Stack Lite Networks (RIPE 76)
 
CCNA_ITN_Chp5.pptx
CCNA_ITN_Chp5.pptxCCNA_ITN_Chp5.pptx
CCNA_ITN_Chp5.pptx
 
Basic of IPv6
Basic of IPv6Basic of IPv6
Basic of IPv6
 

Recently uploaded

留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
uehowe
 
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
rtunex8r
 
HijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process HollowingHijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process Hollowing
Donato Onofri
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
Paul Walk
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
hackersuli
 
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
3a0sd7z3
 
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
3a0sd7z3
 
Design Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptxDesign Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptx
saathvikreddy2003
 
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
wolfsoftcompanyco
 
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
bseovas
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
ysasp1
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
uehowe
 
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
uehowe
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
Laura Szabó
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
davidjhones387
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
Toptal Tech
 
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
k4ncd0z
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
fovkoyb
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
xjq03c34
 

Recently uploaded (19)

留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
 
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
 
HijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process HollowingHijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process Hollowing
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
 
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
 
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
 
Design Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptxDesign Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptx
 
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
 
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
 
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
 
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
 

IPv6 im Jahre 2018

  • 1. IPv6 in 2018 FrOSCon 13 Network Track Falk Stern, Maximilian Wilhelm 1 / 26
  • 2. Agenda 1. Who's who 2. History 3. IPv6 1. Addressing 2. Packet Format 3. ICMP, Neighbour Discovery, Autoconfig 4. Transition Technologies 2 / 26
  • 3. Who's who Falk Stern Full Stack Infrastructure Engineer IPv6 fanboy Runs his own Kubernetes cluster in his basement Consultant @ Profi Engineering Systems AG Contact @wrf42 falk@fourecks.de 3 / 26
  • 4. Who's who Maximilian Wilhelm Networker OpenSource Hacker Fanboy of (Debian) Linux ifupdown2 Occupation: By day: Senior Infrastructure Architect, Uni Paderborn By night: Infrastructure Archmage, Freifunk Hochstift In between: Freelance Solution Architect for hire Contact @BarbarossaTM max@sdn.clinic 4 / 26
  • 5. Who's who History IPv4 allocations have been made NAT is everywhere, even in your Fritz!Box CGN/LSN breaks your applications Some devices still don't support IPv6 State of the InterNAT 5 / 26
  • 6. Who's who History IPv6 history Introduced in RFC2460, December 1998 Adressing Diminishing IPv4 address space Use of NAT/PAT Growing routing tables First deployment was with 6bone, stopped on 6.6.2006 Hurricane Electric, SixXs pushed IPv6 tunnels Germany has >35% IPv6 adoption per https://google.com/ipv6 Global IPv6 Adoption is at 22% 6 / 26
  • 7. Who's who History IPv6 What's "new" Different address format Different header Stateless autoconfiguration no need for DHCP Broadcast replaced by multicast Global address hierarchy 7 / 26
  • 8. Who's who History IPv6 Address format Standard form 8 x 16bit hexadecimal 2001:0db8:affe:c0d4:0000:0000:00c0:fffe Short form Sequence of 0 replaced by ::, leading 0 can be omitted 2001:db8:affe:c0d4::c0:fffe 8 / 26
  • 9. Who's who History IPv6 Address format IPv4 compatible addresses 0000:0000:0000:0000:0000:ffff:192.0.2.4 or ::ffff:192.0.2.4 CIDR notation for pre xes 2001:db8:affe:c0d4::/64 9 / 26
  • 10. Who's who History IPv6 Address types Unicast Global (everything not specified elsewhere) unique local (ULA) - FC00::/7 link-local (LLA) - FE80::/10 IPv4 mapped - ::ffff:192.0.2.4 Loopback - ::1/128 unspecified - ::/128 Multicast FF00::/8 No broadcast 10 / 26
  • 12. Who's who History IPv6 ICMPv6 Defined in RFC4443 Informational (Type > 127) Echo Request (128) Echo Reply (129) ... Error (Type < 128) Destination Unreachable (1) Packet Too Big (2) Time Exceeded (3) Parameter Problem (4) If you really want to filter ICMPv6, please read RFC4890 12 / 26
  • 13. Who's who History IPv6 IPv6 Neighbour Discovery Protocol over ICMPv6 Router Solicitation / Advertisement Neighbour Solicitation / Advertisement Redirect Replaces ARP and certain ICMPv4 messages Implemented through Multicast 13 / 26
  • 14. Who's who History IPv6 64-Bit Extended Unique Identifier First 24, 28 or 36 bit identify the vendor Modified EUI-64 is used by IPv6 to generate an interface identifier MAC address is split into 24 bit parts, FFFE inserted in-between seventh bit from the left is inverted 1st octet 2nd octet 3rd octet 4th octet 5th octet 6th octet 6 octets or Organisationally Unique Identifier (OUI) Network Interface Controller (NIC) Specific 3 octets 3 octets b7 b6 b5 b4 b3 b2 b1 b0 8 bits 0: 1: unicast multicast 0: 1: globally unique (OUI enforced) locally administered EUI-64 14 / 26
  • 15. Who's who History IPv6 Stateless Autocon guration (SLAAC) 1. Interface assigns a link-local address w/ interface identifier 2. Interface sends router solicitation 3. Router sends router advertisement, including prefix, default gateway, etc. 4. Interface creates global address from prefix and interface identifier 5. Interface sends a neighbour solicitation for Duplicate Address Detection Router advertisement can contain: Prefix Lifetime DNS Server Default Gateway MTU 15 / 26
  • 16. Who's who History IPv6 Stateful Autocon guration (DHCPv6) IPv6 can use DHCP to configure all parameters Required for UEFI netbooting Only way to configure a nameserver if the router does not support RDNSS (RFC8106) Required for Prefix Delegation (DHCPv6-PD) 16 / 26
  • 17. Who's who History IPv6 Stateless Autocon guration with DHCPv6 Address is configured through SLAAC DNS Server is configured through DHCPv6 Android doesn't support this 17 / 26
  • 18. Who's who History IPv6 Privacy extensions (RFC4941) As a global IPv6 address can be used to identify a single computer, there is a privacy issue. Hosts can generate additional random interface identifiers for outgoing connections. These addresses expire after a certain amount of time. A host can have a number of addresses configured at the same time. 18 / 26
  • 19. Who's who History IPv6 Subnetting Your LAN should have a /64 That's more than 18 quintillion addresses Deutsche Telekom delegates you a /56 That's 256 times 18 quintillion addresses A site should use a /48 That's 65536 times 18 quintillion addresses RIPE delegates a /29 That's 524288 sites with 65536 subnets with 18 quintillion addresses You can use a /127* on a link, if you want to. The legacy internet fits in a /96 18 quintillion = 18.446.744.073.709.551.616 * That's 2 addresses 19 / 26
  • 20. Who's who History IPv6 Transition Getting from 4 to 6 There are a lot of transition technologies to get to IPv6 Tunnelbrokers Dual Stack DS-Lite NAT64/DNS64 464XLAT 20 / 26
  • 21. Who's who History IPv6 Transition Tunnel Brokers Tunnelbrokers provide a IPv6 enabled tunnel over IPv4 and route several subnets. Dual Stack Nodes have 2 IP stacks and several IP addresses 21 / 26
  • 22. Who's who History IPv6 Transition DS-Lite ISP Network IPv6(IPv4)IPv4 IPv6 IPv6 Internet IPv4 Internet IPv6 DS-Lite CGN Source: Wikipedia 22 / 26
  • 23. Who's who History IPv6 Transition NAT64/DNS64 The IPv4 internet is mapped to a well-known prefix 64:FF9B::/96 DNS64 translates A records to AAAA records NAT64 translates requests to 64:FF9B::/96 to IPv4 23 / 26
  • 24. Who's who History IPv6 Transition "Happy Eyeballs" Selection mechanism which protocol to prefer (RFC8305) Tries both address families in parallel, prefers faster TCP answer "Happy Eyeballs Version 2: Better Connectivity Through Concurrency" Implemented in Chrome, Opera, Firefox macOS cURL 24 / 26
  • 25. Who's who History IPv6 Transition Who is using IPv6? Heise, Google, Youtube, Facebook, Microsoft NAT64 support is mandatory for Apple iOS Apps Microsoft is migrating to IPv6 only internally https://labs.ripe.net/Members/mirjam/ipv6-only-at-microsoft 25 / 26