IPv6Presented by: ALLAOUI   Mohamed Amine                        ALLAOUI Mohamed Amine – CCNP                             ...
PlanI.      Introduction – TCP/IP modelII.     Limitations of ipv4       1.   Public and private addresses       2.   NAT/...
TCP/IP                                         letter  Application                    Poste / UPS / DHL Host-to-Host     W...
TCP/IP  Application        HTTP – FTP – Telnet – RTP – DNS – SMTP Host-to-Host                            TCP - UDP   Inte...
TCP/IPMy computer                                                                 Google.com192.168.0.100                 ...
TCP/IP                         Router 1                                               Google.com My computer              ...
TCP/IP                        Router 1                                              Google.com My computer                ...
Limitations of ipv41.   Public and private addresses2.   NAT/PAT3.   IPSec                 ALLAOUI Mohamed Amine – CCNP   ...
IPv4 addresses•     32 bits of addresses - 4 Octets ( A.B.C.D)•     Total number of addresses is (2^32-1) = 4.294.967.295•...
Public and Private addresses• 3 ranges of addresses are used as private  addresses           » 192.168.0.0 – 192.168.255.2...
Network Address Translation               Range 192.168.0.0 255.255.255.0192.168.0.1              Private                 ...
Port Address Translation                 Range 192.168.0.0 255.255.255.0192.168.0.1                Private                ...
NAT/PAT•   Uses a lot of processing power and memory•   Hosting limitations•   Provides basic security but not really usef...
IPSec• Security at network layer• More reliable that transport/application layer  security• Consumes less processing power...
IPSec  Application Host-to-Host   InternetNetwork Access                 ALLAOUI Mohamed Amine – CCNP                     ...
Headers                                               IPv4 packet         Host to Host ApplicationTransport Mode :        ...
IPSec•   More overhead•   More processing power•   More bandwidth usage•   More delay                  ALLAOUI Mohamed Ami...
IPv61. Ipv6 concepts and addressing2. Ipv6 routing3. Ipv6 Security                ALLAOUI Mohamed Amine – CCNP            ...
Ipv6 concepts and addressing• New internet layer protocol• 128 bits of addresses =    340.282.366.920.938.463.463.374.607....
IPv6 Header ALLAOUI Mohamed Amine – CCNP                                20     allaoui.amine@gmail.com
Ipv6 concepts and addressing• Address abbreviation  – Ex: 2000:0000:0000:0000:0000:0000:0000:0001    == 2000::1  – 2000:00...
Ipv6 Routing• Static routing• Dynamic routing  – RIPng  – OSPF 3  – EIGRP for IPv6  – Multiprotocol BGP                  A...
Static Routing•   every router only knows it’s directly connected networks•   every router needs to know how to get to all...
Dynamic Routing                           • RIPng                           • OSPF 3                           • EIGRP for...
IPv6 Security• NDP replaced ARP and stateful DHCP• Link local addresses are not routable• No duplicate MAC-Address on a su...
Neighbor Discovery Protocol• Hosts send a Neighbor Sollicitation to verify if  the global unicast address is unique and if...
Migration to IPv6• Every computer supports Ipv6 since 2002• Almost all routers support IPv6• Servers on the Internet has t...
Migration to IPv6• What are we waiting for?  – Some feature on IPv6 are not yet industry    standards  – Internet users ar...
Migration to IPv6• What are we waiting for?  – Some issues with NBMA (frame-relay, ATM, MPLS    …)  – Gouvernements don’t ...
IPv6/IPv4 coexistence1. NAT-PT2. Tunneling3. Dual stacks                 ALLAOUI Mohamed Amine – CCNP                     ...
IPv6/IPv4 coexistence                                                                          ISP                        ...
IPv6/IPv4 coexistence                                                                   ISP                               ...
NAT-PT• Translates IPv6 addresses to IPv4 and IPv4 to  IPv6• Same as classic NAT and PAT             IPv6 address         ...
Tunneling• Point-to-point Tunnels  – Ip6ip  – Generic Router Encapsulation (GRE)• Multipoint Tunnels  – Automatic 6to4  – ...
Dual Stacks• Interfaces that run both IPv4 and IPv6 at the  same time                       192.168.0.1         2001:AA01:...
Thank you for your attention      Any questions ?       ALLAOUI Mohamed Amine – CCNP                                      ...
Upcoming SlideShare
Loading in …5
×

Ipv6

1,645 views

Published on

Introduction to IPv6
ipv6 basics
ipv6/ipv4 coexistance

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,645
On SlideShare
0
From Embeds
0
Number of Embeds
51
Actions
Shares
0
Downloads
65
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Ipv6

  1. 1. IPv6Presented by: ALLAOUI Mohamed Amine ALLAOUI Mohamed Amine – CCNP 1 allaoui.amine@gmail.com
  2. 2. PlanI. Introduction – TCP/IP modelII. Limitations of ipv4 1. Public and private addresses 2. NAT/PAT 3. IPSecIII. Ipv6 1. Ipv6 concepts and addressing 2. Ipv6 routing 3. Ipv6 Security 4. Migration to IPv6IV. Ipv6/ipv4 coexistence 1. NAT-PT 2. Tunneling 3. Dual stacksV. Live Demo ALLAOUI Mohamed Amine – CCNP 2 allaoui.amine@gmail.com
  3. 3. TCP/IP letter Application Poste / UPS / DHL Host-to-Host With/ without acknowledgment of receipt • Addresses Internet • Priority • RoutesNetwork Access Cars, airplanes, ships ALLAOUI Mohamed Amine – CCNP 3 allaoui.amine@gmail.com
  4. 4. TCP/IP Application HTTP – FTP – Telnet – RTP – DNS – SMTP Host-to-Host TCP - UDP Internet IPv4 – IPv6Network Access Ethernet – PPP – HDLC – Metro Ethernet – Frame Relay ALLAOUI Mohamed Amine – CCNP 4 allaoui.amine@gmail.com
  5. 5. TCP/IPMy computer Google.com192.168.0.100 173.194.35.2 Application Application Host-to-Host Host-to-Host Internet Internet Internet InternetNetwork Access Network Access Network Access Network Access ALLAOUI Mohamed Amine – CCNP 5 allaoui.amine@gmail.com
  6. 6. TCP/IP Router 1 Google.com My computer IP: 192.168.0.254 IP: 173.194.35.2 IP: 192.168.0.100 Mac: mac-r1 Mac: mac-pc1 HTTP Request HTTP TCP (source 2655, TCP (source destination 80) 2655, destination 80) IPv4 (source IPv4 (source IPv4 (source192.168.0.100, destina 192.168.0.100, destination 192.168.0.100, destina tion 173.194.35.2) 173.194.35.2 tion 173.194.35.2 Ethernet Ethernet Source mac- PPP / HDLC /Source mac-pc1, pc1, destination PPP / HDLC / ATMdestination mac-r1 mac-r1 ATM ALLAOUI Mohamed Amine – CCNP 6 allaoui.amine@gmail.com
  7. 7. TCP/IP Router 1 Google.com My computer IP: 192.168.0.254 IP: 173.194.35.2 IP: 192.168.0.100 Mac: mac-r1 Mac: mac-pc1 HTTP Reply HTTP TCP (source TCP (source 80,80, destination 2655) destination 2655) IPv4 (source IPv4 (source IPv4 (source 192.168.0.100, 192.168.0.100, 192.168.0.100, destination destination destination 173.194.35.2 173.194.35.2) 173.194.35.2 Ethernet Ethernet Source mac- PPP / HDLC /Source mac-pc1, destination mac- pc1, destination PPP / HDLC / ATM mac-r1 ATMr1 ALLAOUI Mohamed Amine – CCNP 7 allaoui.amine@gmail.com
  8. 8. Limitations of ipv41. Public and private addresses2. NAT/PAT3. IPSec ALLAOUI Mohamed Amine – CCNP 8 allaoui.amine@gmail.com
  9. 9. IPv4 addresses• 32 bits of addresses - 4 Octets ( A.B.C.D)• Total number of addresses is (2^32-1) = 4.294.967.295• Different classes of IP addresses. Class Subnet mask range number 126 networks of A 255.0.0.0 1.0.0.0 126.255.255 16777214 hosts 16320 networks B 255.255.0.0 128.0.0.0 191.255.255.255 of 65534 hosts 2145825 C 255.255.255.0 192.0.0.0 223.255.255.255 networks of 254 hosts All the remaining addresses are reserved for multicast and experimentation Only approximately 3,5 B addresses are usable ALLAOUI Mohamed Amine – CCNP 9 allaoui.amine@gmail.com
  10. 10. Public and Private addresses• 3 ranges of addresses are used as private addresses » 192.168.0.0 – 192.168.255.255 » 172.16.0.0 – 172.31.255.255 » 10.0.0.0 – 10.255.255.255• All other usable addresses are public• Only public addresses are routed in the internet. ALLAOUI Mohamed Amine – CCNP 10 allaoui.amine@gmail.com
  11. 11. Network Address Translation Range 192.168.0.0 255.255.255.0192.168.0.1 Private 192.168.0.254 200.156.24.0 – 200.156.24.255192.168.0.2 Public192.168.0.3 Private Public 192.168.0.1 200.168.24.1 192.168.0.2 200.168.24.2 192.168.0.3 200.168.24.3 ALLAOUI Mohamed Amine – CCNP 11 allaoui.amine@gmail.com
  12. 12. Port Address Translation Range 192.168.0.0 255.255.255.0192.168.0.1 Private 192.168.0.254 200.156.24.4192.168.0.2 Public192.168.0.3 Private Public private:source port Public:source port 192.168.0.1:2233 200.168.24.4:2233 192.168.0.2:1554 200.168.24.4:1554 192.168.0.3:6651 200.168.24.4:6651 ALLAOUI Mohamed Amine – CCNP 12 allaoui.amine@gmail.com
  13. 13. NAT/PAT• Uses a lot of processing power and memory• Hosting limitations• Provides basic security but not really useful• Slows down ip packets• … ALLAOUI Mohamed Amine – CCNP 13 allaoui.amine@gmail.com
  14. 14. IPSec• Security at network layer• More reliable that transport/application layer security• Consumes less processing power• Provides a lot of features• Provides some security to unsecure applications• Provides authentication, protection, encryption and negociation ALLAOUI Mohamed Amine – CCNP 14 allaoui.amine@gmail.com
  15. 15. IPSec Application Host-to-Host InternetNetwork Access ALLAOUI Mohamed Amine – CCNP 15 allaoui.amine@gmail.com
  16. 16. Headers IPv4 packet Host to Host ApplicationTransport Mode : Ipv4 packet AH/ESP Host to Host ApplicationTunnel Mode : IPv4 packet AH/ESP IPv4 packet Host to Host Application ALLAOUI Mohamed Amine – CCNP 16 allaoui.amine@gmail.com
  17. 17. IPSec• More overhead• More processing power• More bandwidth usage• More delay ALLAOUI Mohamed Amine – CCNP 17 allaoui.amine@gmail.com
  18. 18. IPv61. Ipv6 concepts and addressing2. Ipv6 routing3. Ipv6 Security ALLAOUI Mohamed Amine – CCNP 18 allaoui.amine@gmail.com
  19. 19. Ipv6 concepts and addressing• New internet layer protocol• 128 bits of addresses = 340.282.366.920.938.463.463.374.607.431.770.000.000• Ipv6 header is less complex that IPv4.• No private addresses• No broadcasts• Very long addresses: 2000:AD24:114d:aabc:1100:0001:0000:0001 ALLAOUI Mohamed Amine – CCNP 19 allaoui.amine@gmail.com
  20. 20. IPv6 Header ALLAOUI Mohamed Amine – CCNP 20 allaoui.amine@gmail.com
  21. 21. Ipv6 concepts and addressing• Address abbreviation – Ex: 2000:0000:0000:0000:0000:0000:0000:0001 == 2000::1 – 2000:0001::1 == 2000:1::1• 3 types of addresses: – Link Local : FE80:: /10 – Multicast : FF02 :: /8 – Global Unicast : 2000 :: /3 ALLAOUI Mohamed Amine – CCNP 21 allaoui.amine@gmail.com
  22. 22. Ipv6 Routing• Static routing• Dynamic routing – RIPng – OSPF 3 – EIGRP for IPv6 – Multiprotocol BGP ALLAOUI Mohamed Amine – CCNP 22 allaoui.amine@gmail.com
  23. 23. Static Routing• every router only knows it’s directly connected networks• every router needs to know how to get to all networks• Every router had its own routing table• Each route has to be added staticly to every router ALLAOUI Mohamed Amine – CCNP 23 allaoui.amine@gmail.com
  24. 24. Dynamic Routing • RIPng • OSPF 3 • EIGRP for IPv6• All routers has to use the same routing protocol• Each router sends updates to his neighbors to tell them about networksit knows ALLAOUI Mohamed Amine – CCNP 24 allaoui.amine@gmail.com
  25. 25. IPv6 Security• NDP replaced ARP and stateful DHCP• Link local addresses are not routable• No duplicate MAC-Address on a subnet• « the Less we have on the header the more secure the protocol is »• Ipv6 supports IPSec without adding another header. ALLAOUI Mohamed Amine – CCNP 25 allaoui.amine@gmail.com
  26. 26. Neighbor Discovery Protocol• Hosts send a Neighbor Sollicitation to verify if the global unicast address is unique and if it is the the correct subnet (FF02::1)• Hosts send a Neighbor Advertisement to the multicast address of all IPv6 hosts (FF02::1) to tell them about it’s link local address.• Finally, to know how to get to the gateway, hosts send another NS to know the IPv6 address of the gateway (FF02::2) ALLAOUI Mohamed Amine – CCNP 26 allaoui.amine@gmail.com
  27. 27. Migration to IPv6• Every computer supports Ipv6 since 2002• Almost all routers support IPv6• Servers on the Internet has to be configured to use IPv6• Network Operators are not using ipv6 yet.• Some countries in asia are already using IPv6. ALLAOUI Mohamed Amine – CCNP 27 allaoui.amine@gmail.com
  28. 28. Migration to IPv6• What are we waiting for? – Some feature on IPv6 are not yet industry standards – Internet users are afraid of using global unicast addressed – Networks administrators are not confortable with this new suite of protocols – Rare ressources are always more beneficial for Internet Operators ALLAOUI Mohamed Amine – CCNP 28 allaoui.amine@gmail.com
  29. 29. Migration to IPv6• What are we waiting for? – Some issues with NBMA (frame-relay, ATM, MPLS …) – Gouvernements don’t accept changes easily. ALLAOUI Mohamed Amine – CCNP 29 allaoui.amine@gmail.com
  30. 30. IPv6/IPv4 coexistence1. NAT-PT2. Tunneling3. Dual stacks ALLAOUI Mohamed Amine – CCNP 30 allaoui.amine@gmail.com
  31. 31. IPv6/IPv4 coexistence ISP 195.25.111.3 CS Professors2001:AA01:45:3::0/64 NAT -PT 2001:AA01:45:3::0/64 195.25.111.3 ALLAOUI Mohamed Amine – CCNP 31 allaoui.amine@gmail.com
  32. 32. IPv6/IPv4 coexistence ISP 195.25.111.3 CS Professors2001:AA01:45:3::0/64 NAT –PT & Dual Stack Dual stack ALLAOUI Mohamed Amine – CCNP 32 allaoui.amine@gmail.com
  33. 33. NAT-PT• Translates IPv6 addresses to IPv4 and IPv4 to IPv6• Same as classic NAT and PAT IPv6 address IPv4 address 2001:AA01:45:3::1 port 1542 195.25.111.3 port 1542 2001:AA01:45:3::2 port 1598 195.25.111.3 port 1598 2001:AA01:45:3::3 port 4452 195.25.111.3 port 4452 ALLAOUI Mohamed Amine – CCNP 33 allaoui.amine@gmail.com
  34. 34. Tunneling• Point-to-point Tunnels – Ip6ip – Generic Router Encapsulation (GRE)• Multipoint Tunnels – Automatic 6to4 – ISATAP tunnels IPv4 Packet IPv6 Packet Host to Host Application ALLAOUI Mohamed Amine – CCNP 34 allaoui.amine@gmail.com
  35. 35. Dual Stacks• Interfaces that run both IPv4 and IPv6 at the same time 192.168.0.1 2001:AA01:45:9::1/64 192.168.0.254 2001:AA01:45:9::FFFF/64 192.168.0.2 2001:AA01:45:9::2/64 ALLAOUI Mohamed Amine – CCNP 35 allaoui.amine@gmail.com
  36. 36. Thank you for your attention Any questions ? ALLAOUI Mohamed Amine – CCNP 36 allaoui.amine@gmail.com

×