Modulo IPV6

501 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
501
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
12
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Modulo IPV6

  1. 1. Module III Internet Protocol version 6 (IPv6) Profesor Marco Antonio Hernández Vargas 07/03/2013© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 1
  2. 2. Outline   Module II: Internet Protocol version 6 (IPv6) IPv6 introduction An overview of IPv6 new features An examination of the IPv6 packet format An explanation of additional IPv6 functions A description of associated protocols A review of IPv6 mobility applications A projection of new opportunities opened up by IPv6 An explanation of the needs for next generation IPv6 An exploration into IPv4-to-IPv6 transition paths© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 2
  3. 3. IPv6 Introduction IP growth   A principios de los noventa, Internet evoluciona debido a múltiples factores: CRECIMIENTO Usuarios comerciales Nuevos tipos de tráfico (multimedia) Redes de Banda Ancha…   Problemas más acuciantes: Escasez de direcciones Explosión del tamaño tablas encaminamiento Organización: interconexión de SAs ¡Necesidad de Soluciones Inmediatas!© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 3
  4. 4. IPv6 Introduction IP growth The Internet is growing extremely rapidly. The latest Internet Domain Survey1, conducted in January 2006, counted 395 million hosts (374,991,609 hosts to be exact).© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 4
  5. 5. IPv6 Introduction IP growth   Direcciones de 32 bits (más de 4.000 millones en total) Clase Net Host Dirs.# Hosts Asignadas Crecimiento A 1 oct. 3 oct. 126 16.387.064 115 (91%) 0 B 2 oct. 2 oct. 16.383 64.516 8.361 (51%) muy alto C 3 oct. 1 oct. 1.097.151 254 128.709 (6%) alto Direcciones asignadas en Octubre 93   Sistema de asignación basado en clases MUY Clase E (reservado) INEFICIENTE: falta de flexibilidad en la Clase D asignación de rangos de direcciones (multicast)   Consecuencias: Clase C Agotamiento de direcciones clase B (corto Clase A plazo) Clase B Agotamiento del espacio total de direcciones IP (medio plazo)© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 5
  6. 6. IPv6 Introduction IP growth ARPANET ARPANET Host R LAN Host Host R Host Host LAN R LAN SA1 SA2 SA4 Campus Red Backbone Regional Red Campus ARPANET Regional Campus FIX Autonomous System Red Backbone Regional SA3 Backbone R1 Campus Red SA8 CIX RegionalAutonomous R4 R3 R2 SA7 System Red Regional Backbone R4 R5 Campus Campus Campus Campus SA6© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 6
  7. 7. IPv6 Introduction IP growth Conexión privada (private peering) TIER 1 Conexión a través de NAP (public peering) NAP Internacional TIER 2 NAP Nacionales TIER 3 NAP Regionales ISP Locales Clientes© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 7
  8. 8. IPv6 Introduction Router Functional Model ROUTER IP Tablas CPU Encaminamiento + otras informaciones. MEMORIA Cab. IP Datos Cab. IP Datos Subred Subred Enlace Enlace Físico Físico Subred 1 Subred 2 Cab. IP Datos Cab. IP Datos© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 8
  9. 9. IPv6 Introduction Router Functional Model Enlaces Enlaces Entrada Salida QE1 QS1 P1 QE2 QS2 P2 Matriz de ... Conmutación ... QEN QS2 PN Procesador Rutas Router IP Ej: con enlaces de 2,5 Gbps y paquetes de 256 octetos ≈ ¡¡ 1 millón de consultas por segundo !!© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 9
  10. 10. IPv6 Introduction IPv4 Routing   El tamaño de las tablas de encaminamiento de un router central (sin ruta por defecto) supera las 100.000 entradas 100 k BGP Table Size Alto Consumo Recursos: •  CPU = •  Memoria •  Ancho de banda Evolución Tamaño Tablas BGP 2001 Fuente: Geoff Huston   CIDR ha permitido superar la primera gran crisis, pero, ¿será capaz de absorber el crecimiento de los próximos años (móviles, ADSL, etc)? La respuesta es...... ¡¡IPv6!!© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 10
  11. 11. IPv6 Introduction IPv4 restrictions summary   Even with the use of CIDR, routing tables, primarily in the IP backbone routers, are growing too large to be manageable.   Traffic priority, or class of service, is vaguely defined, scarcely used, and not at all enforced in IPv4, but highly desirable for modern real-time applications.   The number of mobile data applications and devices grow quickly, IPv4 has difficulty in managing forwarding addresses and in realizing visitor-location network authentication.   There is no direct security support in IPv4. Various open and proprietary security solutions cause interoperability concerns. As the internet becomes the fabric of every life in the new cyber space, security enhancement to the infrastructure should be placed in the basic IP protocol.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 11
  12. 12. IPv6 Introduction IPng objectives   Solucionar los problemas de direccionamiento y encaminamiento que limitan el crecimiento de Internet, pero además...   ...resolver otros problemas no tan acuciantes como: mejora de prestaciones soporte tráficos multimedia, seguridad, autoconfiguración, encaminamiento, etc   En definitiva, rediseñar el protocolo de red de TCP/IP para entrar con buen pie en el próximo siglo.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 12
  13. 13. IPv6 Introduction IPv6 RFC   Eventually, the specification for Internet Protocol, Version 6 (IPv6) was produced in RFC2460 as the latest version.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 13
  14. 14. IPv6 Introduction IPv6 feature overview   IPv6 es una evolución de IPv4 (no una revolución) Direccionamiento: Direcciones de 128 bits asignadas jerárquicamente Encaminamiento: Jerárquico. Agregación de rutas Prestaciones: Cabecera simple alineada a 64 bits Versatilidad: Formato flexible de opciones. Extensibilidad mejorada Multimedia: Identificador de flujos Multicast: Obligatorio, control de ámbitos Seguridad: Soporte autentificación/cifrado obligatorio (IPSec) Autoconfiguración: 3 métodos PnP Movilidad: Mejora de la eficiencia y seguridad© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 14
  15. 15. IPv6 Introduction IPv6 Note   Note: IPv6 uses the term packet rather than datagram. The meaning is the same, although the formats are different.   IPv6 uses the term node for any system running IPv6, that is, a host or a router.   An IPv6 host is a node that does not forward IPv6 packets that are not explicitly addressed to it.   A router is a node that forwards IP packets not addressed to it.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 15
  16. 16. The IPv6 header format The format of the IPv6 packet header has been simplified from its counterpart in IPv4. The length of the IPv6 header increases to 40 bytes (from 20 bytes) and contains two 16-byte addresses (source and destination), preceded by 8 bytes of control information. The IPv4 header has two 4-byte addresses preceded by 12 bytes of control information and possibly followed by option data. The reduction of the control information and the elimination of options in the header for most IP packets are intended to optimize the processing time per packet in a router. The infrequently used fields that have been removed from the header are moved to optional extension headers when they are required.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 16
  17. 17. The IPv6 header format IPv4 vs. IPv6 Traffic IHL Type of Ver Class Flow Label Ver Service Total Length Next Fragment Payload Length Identification Header Hop Limit Flags Offset 20 bytes Time To40 bytes Protocol Header Checksum Live Source Address Source Address Destination Address Destination Address Options Padding IPv4 32 bits IPv6© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 17
  18. 18. The IPv6 header format 0 4 12 31 47 55 63 Traffic Next Hop Vers Flow Label Payload Length Header Limit Class Source Address40 bytes Destination Address 64 bits © 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 18
  19. 19. The IPv6 header format   Vers: 4-bit Internet Protocol version number: 6.   Traffic class: 8-bit traffic class value.   Flow label: 20-bit field.   Payload length: The length of the packet in bytes (excluding this header) encoded as a 16-bit unsigned integer. If length is greater than 64 KB, this field is 0 and an option header (Jumbo Payload) gives the true length.   Next header: Indicates the type of header immediately following the basic IP header. It can indicate an IP option header or an upper layer protocol. The protocol numbers used are the same as those used in IPv4. The next header field is also used to indicate the presence of extension headers, which provide the mechanism for appending optional information to the IPv6 packet.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 19
  20. 20. The IPv6 header format   Next header (cont.): The following values appear in IPv6 packets, in addition to those mentioned for IPv4: 41 Header 45 Interdomain Routing Protocol 46 Resource Reservation Protocol 58 IPv6 ICMP Packet   The following values are all extension headers: 0 Hop-by-Hop Options Header 43 IPv6 Routing Header 44 IPv6 Fragment Header 50 Encapsulating Security Payload 51 IPv6 Authentication Header 59 No Next Header 60 Destination Options Header© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 20
  21. 21. The IPv6 header format   Hop limit:This is similar to the IPv4 TTL field but it is now measured in hops and not seconds. It was changed for two reasons: IP normally forwards datagrams faster than one hop per second and the TTL field is always decremented on each hop, so, in practice, it is measured in hops and not seconds. Many IP implementations do not expire outstanding datagrams on the basis of elapsed time.   The packet is discarded after the hop limit is decremented to zero.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 21
  22. 22. The IPv6 header format   Source address: A 128-bit address.   Destination address: A 128-bit address.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 22
  23. 23. The IPv6 header format Extension headers   Every IPv6 packet starts with the basic header. In most cases, this will be the only header necessary to deliver the packet. Sometimes, however, it is necessary for additional information to be conveyed along with the packet to the destination or to intermediate systems on route (information that would previously have been carried in the Options field in an IPv4 datagram). Extension headers are used for this purpose.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 23
  24. 24. The IPv6 header format Extension headers   Extension headers are placed immediately after the IPv6 basic packet header and are counted as part of the payload length. Each extension header (with the exception of 59) has its own 8- bit Next Header field as the first byte of the header that identifies the type of the following header. This structure allows IPv6 to chain multiple extension headers together. Base Extension Extension ... Data Header Header 1 Header N© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 24
  25. 25. Basic Header Extension Headers ... Transport Protocol© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 25
  26. 26. The IPv6 header format Extension headers   The length of each header varies, depending on type, but is always a multiple of 8 bytes.   There are a limited number of IPv6 extension headers, any one of which can be present only once in the IPv6 packet (with the exception of the Destination Options Header, 60, which can appear more than once).   IPv6 nodes that originate packets are required to place extension headers in a specific order (numeric order, with the exception of 60), although IPv6 nodes that receive packets are not required to verify that this is the case.   The order is important for efficient processing at intermediate routers.   Routers will generally only be interested in the hop-by- hop options and the routing header.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 26
  27. 27. The IPv6 header format Extension headers   IPv6 allows for encapsulation of IPv6 within IPv6 ( tunneling ). This is done with a Next Header value of 41 (IPv6). The encapsulated IPv6 packet can have its own extension headers.   With the exception of the hop-by-hop header (which must immediately follow the IP header if present), extension headers are not processed by any router on the packets path except the final one© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 27
  28. 28. The IPv6 header format Extension headers 0 Cabecera opcional salto-a-salto 4 Protocolo Internet 6 Protocolo de control de transmisión (TCP) 17 Protocolo datagrama de usuario (UDP) 43 Cabecera de encaminamiento 44 Cabecera de fragmentación 45 Protocolo de encaminamiento interdominio 46 Protocolo de Reserva de Recursos (RSVP) 50 Carga útil de seguridad de encapsulamiento 51 Cabecera de autenticación 58 Protocolo de Control de Mensaje Internet (ICMP) 59 Ninguna cabecera siguiente 60 Cabecera de opciones para el destino© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 28
  29. 29. The IPv6 header format Extension header: Routing Header   The path that a packet takes through the network is normally determined by the network itself. Sometimes, however, the source wants more control over the route taken by the packet. It might want, for example, for certain data to take a slower but more secure route than would normally be taken. The routing header allows a path through the network to be predefined. The routing header is identified by the value 43 in the preceding Next Header field. The only type defined initially is type 0, strict/loose source routing, which operates in a similar way to source routing in IPv4.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 29
  30. 30. The IPv6 header format Extension header: Fragment Header   The source node determines the maximum transmission unit or MTU for a path before sending a packet. If the packet to be sent is larger than the MTU, the packet is divided into pieces, each of which is a multiple of 8 bytes and carries a fragment header.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 30
  31. 31. The IPv6 header format Extension header: Authentication Header   The authentication header is used to ensure that a received packet has not been altered in transit and that it really came from the claimed sender. The authentication header is identified by the value 51 in the preceding Next Header field.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 31
  32. 32. The IPv6 header format Extension header: Encapsulating Security Payload Header   The Encapsulated Security Payload (ESP) is a special extension header, in that it can appear anywhere in a packet between the basic header and the upper layer protocol. All data following the ESP header is encrypted.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 32
  33. 33. The IPv6 header format Extension header: Destination Options Header   This has the same format as the hop-by-hop header, but it is only examined by the destination node or nodes. Normally, the destination options are only intended for the final destination only and the destination options header will be immediately before the upper-layer header. However, destination options can also be intended for intermediate nodes, in which case, they must precede a routing header. A single packet can, therefore, include two destination options headers. The value for the preceding Next Header field is 60.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 33
  34. 34. The IPv6 header format Extension headers: Resumen  Definidas actualmente: Hop-by-Hop Options: Información que debe ser examinada en cada salto Ej: Jumbogram (!paquetes de hasta 4 GB!) Routing: similar a la opción Source Route de IPv4 Fragmentation: Segmentación y Reensamblado Authentication: Firmas digitales Security Encapsulation: Cifrado Destination Options: Información examinada sólo en destino© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 34
  35. 35. The IPv6 header format Extension headers: Examples IPv6 Header TCP Header + DATA NH = TCP IPv6 Header Routing Header NH = Routing NH = TCP TCP Header + DATA IPv6 Header Routing Header Fragment Header NH = Routing NH = Fragment NH = TCP TCP Header + DATA IPv6 Header Fragment Header Security Header NH = Fragment NH = Security NH = TCP TCP Header + DATA© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 35
  36. 36. Calidad de Servicio en IPv6   Existen dos campos en la cabecera de IPv6 relacionados con QoS: Clase de Tráfico (6 bits) Identificador de Flujo (20 bits)   Clase de Tráfico: utilizado en DiffServ (DSCP)   Identificador de Flujo: pensado para identificar flujos de datagramas desde un origen a un destino (unicast o multicast) para los que se solicita una determinada QoS Definido inicialmente como experimental (RFC 2460) Las propuestas de utilización se están definiendo (draft- conta-ipv6-flow-label-02.txt)© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 36
  37. 37. IPv6 Addressing© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 37
  38. 38. IPv6 Addressing   The IPv6 address model is specified in RFC 4291 – IP Version 6 Addressing Architecture. IPv6 uses a 128-bit address instead of the 32-bit address of IPv4.   That theoretically allows for as many as 340,282,366,920,938,463,463,374,607,431,76 8,211,456 addresses.   Even when used with the same efficiency as todays IPv4 address space, that still allows for 50,000 addresses per square meter of land on Earth.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 38
  39. 39. IPv6 Addressing   The IPv6 address provides flexibility and scalability: It allows multilevel subnetting and allocation from a global backbone to an individual subnet within an organization. It improves multicast scalability and efficiency through scope constraints. It adds a new address for server node clusters, where one server can respond to a request to a group of nodes. The large IPv6 address space is organized into a hierarchical structure to reduce the size of backbone routing tables.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 39
  40. 40. IPv6 Address   IPv6 addresses are represented in the form of eight hexadecimal numbers divided by colons, for example: FE80:0000:0000:0000:0001:0800:23E7:F5DB FE80:0:0:0:1:800:23E7:F5DB FE80::1:800:23E7:F5DB© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 40
  41. 41. IPv6 Address   Note: The double colon shortcut can be used only once in the notation of an IPv6 address. If there are more groups of all zeroes that are not consecutive, only one can be substituted by the double colon; the others have to be noted as 0.  The IPv6 address space is organized using format prefixes, similar to telephone country and area codes, that logically divide it in the form of a tree so that a route from one network to another can easily be found.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 41
  42. 42. IPv6: Format prefix allocation© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 42
  43. 43. IPv6: Format prefix allocation© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 43
  44. 44. IPv6: Type of addresses unicast addresses   A unicast address is an identifier assigned to a single interface. Packets sent to that address will only be delivered to that interface. Special purpose unicast addresses are defined as follows: Loopback address (::1): This address is assigned to a virtual interface over which a host can send packets only to itself. It is equivalent to the IPv4 loopback address 127.0.0.1. Unspecified address (::):This address is used as a source address by hosts while performing autoconfiguration. It is equivalent to the IPv4 unspecified address 0.0.0.0.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 44
  45. 45. IPv6: Type of addresses unicast addresses IPv4-compatible address (::<IPv4_address>): Addresses of this kind are used when IPv6 traffic needs to be tunneled across existing IPv4 networks. The endpoint of such tunnels can be either hosts (automatic tunneling), or Routers (configured tunneling). IPv4-compatible addresses are formed by placing 96 bits of zero in front of a valid 32- bit IPv4 address. 1.2.3.4 (hex 01.02.03.04) becomes ::0102:0304.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 45
  46. 46. IPv6: Type of addresses unicast addresses IPv4-mapped address (::FFFF:<IPv4_address>): Addresses of this kind are used when an IPv6 host needs to communicate with an IPv4 host. This requires a dual stack host or router for header translations. For example, if an IPv6 node wants to send data to host with an IPv4 address of 1.2.3.4, it uses a destination address of • ::FFFF:0102:0304.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 46
  47. 47. IPv6: Type of addresses unicast addresses Link-local address: Addresses of this kind can be used only on the physical network that to which a hosts interface is attached. Site-local address: Addresses of this kind cannot be routed into the Internet. They are the equivalent of IPv4 networks for private use (10.0.0.0, 176.16.0.0-176.31.0.0, 192.168.0.0-192.168.255.0).© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 47
  48. 48. IPv6: Global unicast address format   IPv6 unicast addresses are aggregatable with prefixes of arbitrary bit-length, similar to IPv4 addresses under Classless Inter-Domain Routing. The latest global unicast address format, as specified in RFC 3587 – IPv6 Address architecture and RFC 4291 – IPv6 Global Unicast Address Format, is expected to become the predominant format used for IPv6 nodes connected to the Internet.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 48
  49. 49. IPv6: Global unicast address format   Global Routing Prefix. A value assigned to a site for a cluster of subnets/links. The global routing prefix is designed to be structured hierarchically by the RIRs and ISPs.   Subnet ID. An identifier of a subnet within the site. The subnet field is designed to be structured hierarchically by site administrators.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 49
  50. 50. IPv6: Global unicast address format   Interface ID. Interface identifiers in IPv6 unicast addresses are used to identify interfaces on a link. They are required to be unique within a subnet prefix. Do not assign the same interface identifier to different nodes on a link. They can also be unique over a broader scope. In some cases, an interfaces identifier will be. derived directly from that interfaces link layer address (Modified EUI-64 format). The same interface identifier can be used on multiple interfaces on a single node as long as they are attached to different subnets.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 50
  51. 51. IPv6: Type of addresses multicast addresses   A multicast address is an identifier assigned to a set of interfaces on multiple hosts. Packets sent to that address will be delivered to all interfaces corresponding to that address ( Internet Group Management Protocol, IGMP, in IPv4) . There are no broadcast addresses in IPv6, their function being superseded by multicast addresses.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 51
  52. 52. IPv6: Type of addresses multicast addresses   FP Format Prefix: 1111 1111.   Flags: 0000. Permanent address assigned by a numbering authority. 0001. Transient address. Addresses of this kind can be established by applications as required. When the application ends, the address will be released by the application and can be reused.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 52
  53. 53. IPv6: Type of addresses multicast addresses   Scope. 0. Reserved 1. Confined to interfaces on the local node (node-local) 2. Confined to nodes on the local link (link-local) 5. Confined to the local site 8. Confined to the organization E. Global scope F. Reserved© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 53
  54. 54. IPv6: Type of addresses multicast addresses   Group ID. Identifies the multicast group. For example, if the NTP servers group is assigned a permanent multicast address, with a group ID of &hex.101, then: FF02::101 means all NTP servers on the same link as the sender FF05::101 means all NTP servers on the same site as the sender© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 54
  55. 55. IPv6: Type of addresses special purpose multicast addresses   FF01::1 All interfaces node-local   FF02::1 All nodes link-local   FF01::2 All routers node-local   FF02::2 All routers link-local   FF05::2 All routers site-local   FF02::B Mobile agents link-local   FF02::1:2 All DHCP agents link-local   FF05::1:3 All DHCP servers site-local© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 55
  56. 56. IPv6: Type of addresses anycast address   An anycast address is a special type of unicast address that is assigned to interfaces on multiple hosts. Packets sent to such an address will be delivered to the nearest interface with that address. Routers determine the nearest interface based upon their definition of distance, for example, hops in case of RIP or link state in case of OSPF© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 56
  57. 57. IPv6: Type of addresses anycast address   Anycast addresses use the same format as unicast addresses and are indistinguishable from them. However, a node that has been assigned an anycast address must be configured to be aware of this fact.   RFC 4291 currently specifies the following restrictions on anycast addresses: An anycast address must not be used as the source address of a packet. Any anycast address can only be assigned to a router.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 57
  58. 58. IPv6: Header Format Traffic Class  The 8-bit traffic class field allows applications to specify a certain priority for the traffic they generate, thus introducing the concept of class of service. This enables the prioritization of packets, as in Differentiated Services. DSCP Differentiated Services Code Point (6 bits).It provides various code sets to mark the per-hop behavior for a packet belonging to a service class. ECN Explicit Congestion Notification (2 bits). It allows routers to set congestion indications instead of simply dropping the packets. This avoids delays in retransmissions, while allowing active queuing management.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 58
  59. 59. IPv6: Header Format Flow Labels  IPv6 introduces the concept of a flow, which is a series of related packets from a source to a destination that requires a particular type of handling by the intervening routers, for example, real-time service. The nature of that handling can either be conveyed: by options attached to the datagrams (that is, by using the IPv6 hop-by-hop options header), or by a separate protocol (such as Resource Reservation Protocol (RSVP).© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 59
  60. 60. IPv6: Header Format Flow Labels   All packets belonging to the same flow must be sent with the same source address, destination address, and flow label. The handling requirement for a particular flow label is known as the state information; this is cached at the router. When packets with a known flow label arrive at the router, the router can efficiently decide how to route and forward the packets without having to examine the rest of the header for each packet.   See RFC 3697 for further details about the use of the flow label© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 60
  61. 61. IPv6: Header Format IPv6 Security   There are two optional headers defined for security purposes: Authentication Header (AH) Encapsulated Security Payload (ESP)   AH and ESP in IPv6 support authentication, data integrity, and optionally confidentiality. AH conveys the authentication information in an IP package, while ESP carries the encrypted data of the IP package© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 61
  62. 62. IPv6: Header Format IPv6 Security   Either or both can be implemented alone or combined in order to achieve different levels of user security requirements. Note that they can also be combined with other optional header to provision security features. For example, a routing header can be used to list the intermediate secure nodes for a packet to visit on the way, thus allowing the packet to travel only through secure routers.   IPv6 requires support for IPSec as a mandatory standard. This mandate provides a standards- based solution for network security needs and promotes interoperability.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 62
  63. 63. IPv6: Header Format IPv6 Security: Authentication Header (AH)   The authentication header is used to ensure that a received packet has not been altered in transit and that it really came from the claimed sender.   The authentication header is identified by the value 51 in the preceding Next Header field.   The format of the authentication header and further details are specified in RFC 4302.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 63
  64. 64. IPv6: Header Format IPv6 Security: Encapsulating Security Payload (ESP)   The Encapsulated Security Payload (ESP) is defined in RFC 4303. All data following the ESP header is encrypted.   The packet begins with the Security Parameters Index (SPI) and Sequence Number (SN). Following these fields is the Payload Data, which has a substructure that depends on the choice of encryption algorithm and mode and on the use of TFC padding.   Following the Payload Data are Padding and Pad Length fields and the Next Header field. The optional Integrity Check Value (ICV) field completes the packet.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 64
  65. 65. IPv6: Header Format Packet Sizes   All IPv6 nodes are expected to dynamically determine the maximum transmission unit (MTU) supported by all links along a path (as described in RFC 1191 – Path MTU Discovery) and source nodes will only send packets that do not exceed the path MTU. IPv6 routers will, therefore, not have to fragment packets in the middle of multihop routes and allow much more efficient use of paths that traverse diverse physical transmission media. IPv6 requires that every link supports an MTU of 1280 bytes or greater.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 65
  66. 66. IPv6: Header Format IPv6 Security: Encapsulating Security Payload (ESP)   The source node determines the maximum transmission unit or MTU for a path before sending a packet. If the packet to be sent is larger than the MTU, the packet is divided into pieces, each of which is a multiple of 8 bytes and carries a fragment header. The fragment header is identified by the value 44 in the preceding Next Header field.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 66
  67. 67. IPv6: Header Format All packets belonging to the same flow must be sent SUMMARY class field The 8-bit traffic with the same source 4-bit Internet Protocol it introduces the concept of address, destination version number: 6. class of service. It has address, and flow label. 20- DSCP and ECN fields bit fieldThe length of the packet in bytes (excluding Ver Traffic Flow Labelthis header) encoded as a 16-bit unsigned Classinteger. If length > 64 KB, this field = 0 and an Indicates the type of header Next Payload Length Header Hop Limitoption header (Jumbo Payload) gives the true immediately following the basiclength. IP header. It can indicate an IP This is similar to the IPv4 TTL 40 bytes option header or an upper layer field but it is now measured protocol. 8-bit field. Source Address in hops and not seconds. 8-bit field. Destination Address Source and Destination addresses are a 128-bit address 32 bits IPv6 © 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 67
  68. 68. Internet Control Message Protocol Version 6 (ICMPv6)   IP concerns itself with moving data from one node to another. However, in order for IP to perform this task successfully, there are many other functions that need to be carried out: error reporting, route discovery, and diagnostics, to name a few. All these tasks are carried out by the Internet Control Message Protocol. In addition, ICMPv6 carries out the tasks of conveying multicast group membership information, a function that was previously performed by the IGMP protocol in IPv4 and address resolution, previously performed by ARP ( Address Resolution Protocol (ARP)”).© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 68
  69. 69. Internet Control Message Protocol Version 6 (ICMPv6)   ICMPv6 messages and their use are specified in RFC 4443 – Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification and RFC 2461 – Neighbor Discovery for IP Version 6 (IPv6). Both RFCs are draft standards with a status of elective.   Every ICMPv6 message is preceded by an IPv6 header (and possibly some IP extension headers). The ICMPv6 header is identified by a Next Header value of 58 in the immediately preceding header.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 69
  70. 70. Internet Control Message Protocol Version 6 (ICMPv6)   Type. There are two classes of ICMPv6 messages. Error messages have a Type from 0 to 127. Informational messages have a Type from 128 to 255.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 70
  71. 71. Internet Control Message Protocol Version 6 (ICMPv6)   1 Destination Unreachable   2 Packet Too Big   3 Time (Hop Count) Exceeded   4 Parameter Problem   128 Echo Request   129 Echo Reply   130 Group Membership Query   131 Group Membership Report   132 Group Membership Reduction   133 Router Solicitation   134 Router Advertisement   135 Neighbor Solicitation   136 Neighbor Advertisement   137 Redirect Message© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 71
  72. 72. Internet Control Message Protocol Version 6 (ICMPv6)   Code. Varies according to message type.   Checksum. Used to detect data corruption in the ICMPv6 message and parts of the IPv6 header.   Body of message. Varies according to message type. For full details of ICMPv6 messages for all types, refer to RFC 4443.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 72
  73. 73. ICMPv6 Neighbor Discovery   Neighbor discovery is an ICMPv6 function that enables a node to identify other hosts and routers on its links. The node needs to know of at least one router so that it knows where to forward packets if a target node is not on its local link.   Neighbor discovery also allows a router to redirect a node to use a more appropriate router if the node has initially made an incorrect choice.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 73
  74. 74. ICMPv6 Neighbor Discovery: Address Resolution   Workstation A needs to send data to workstation C. It knows the IPv6 address of workstation B, but it does not know how to send a packet, because it does not know its MAC address. To find this information, it sends a neighbor solicitation message.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 74
  75. 75. ICMPv6 Neighbor Discovery: Address Resolution Neighbor Solicitation Message© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 75
  76. 76. ICMPv6 Neighbor Discovery: Address Resolution Neighbor Advertisement Message   After workstation A receives this packet, it commits the information to memory in its neighbor cache, and then forwards the data packet that it originally wanted to send to workstation C.   Neighbor advertisement messages can also be sent by a node to force updates to neighbor caches if it becomes aware that its link layer address has changed.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 76
  77. 77. ICMPv6 Neighbor Discovery: Address Resolution© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 77
  78. 78. ICMPv6 Router and prefix discovery   In a larger network, particularly one connected to the Internet, the neighbor discovery process is used to find nodes on the same link in exactly the same way. However, it is more than likely that a node will need to communicate not just with other nodes on the same link but with nodes on other network segments that might be anywhere in the world. In this case, there are two important pieces of information that a node needs to know: The address of a router that the node can use to reach the rest of the world. The prefix (or prefixes) that define the range of IP addresses on the same link as the node that can be reached without going through a router.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 78
  79. 79. ICMPv6 Neighbor Discovery: Address Resolution  Routers use ICMPv6 to convey this information to hosts, by means of router advertisements. The message generally has one or more attached options.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 79
  80. 80. ICMPv6 Router and prefix discovery Router advertisement message© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 80
  81. 81. ICMPv6 Router and prefix discovery Router advertisement message© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 81
  82. 82. ICMPv6 Router and prefix discoveryThe three possible options in a router advertisement message are:  Option 1 (source link address). Allows a receiving node to respond directly to the router without having to do a neighbor solicitation.  Option 5 (MTU) Specifies the maximum transmission unit size for the link. For some media, such as Ethernet, this value is fixed, so this option is not necessary.  Option 3 (Prefix) Defines the address prefix for the link. Nodes use this information to determine when they do, and do not, need to use a router. Prefix options used for this purpose have the L (link) bit set on. Prefix options are also used as part of address configuration, in which case the A bit is set on.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 82
  83. 83. ICMPv6 Router and prefix discovery Router advertisement message© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 83
  84. 84. ICMPv6 Router and prefix discovery 192.168.3.0/24 fec0:0:0:3::/64 .2 RA .1 192.168.1.0/24 192.168.2.0/24 fec0:0:0:1::/64 fec0:0:0:2::/64 RA .1 RA .1 Enrutamiento fe80::202:3fff:fe2e:e72c link-local fec0::2:202:3fff:fe2e:e72c site-local .2 192.168.2.2 .3 .2 00:02:3f:2e:e7:2c Direcciones IPv6 Direcciones IPv4 RFC 2461 Direcciones Ethernet RFC 2462© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 84
  85. 85. ICMPv6 Router and prefix discovery fe80::2c0:26ff:fe50:731 link-local fe80::200:c0ff:fea2:cadc link-local 192.168.1.1 Router 192.168.2.1 dual rl0 00:c0:26:50:07:31 de0 00:00:c0:a2:ca:dc fec0:0:0:1::/64 Prefix fec0:0:0:2::/64 Prefix fec0:0:0:2::/64 Prefix 192.168.1.0/24 192.168.2.0/24 192.168.2.0/24 Host B Host C Host A OS: Win XP OS: Win XP OS: Win XP fe80::200:39ff:fe73:20c5 link-local fe80::202:3fff:fe2e:e72c link-local fe80::202:3fff:fe2e:e72c link-local fec0::1:200:39ff:fe73:20c5 site-local fec0::2:202:3fff:fe2e:e72c site-local fec0::2:202:3fff:fe2e:e72c site-local 192.168.1.2 192.168.2.2 192.168.2.3 00:00:39:73:20:c5 00:02:3f:2e:e7:2c 00:02:3f:2e:e7:2c Direcciones IPv6 Direcciones IPv4 RFC 2460 Direcciones Ethernet RFC 2461 RFC 2462© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 85
  86. 86. ICMPv6 Router and prefix discovery Router solicitation message© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 86
  87. 87. ICMPv6 Router and prefix discovery   Homework Redirection Neighbor unreachability detection© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 87
  88. 88. ICMPv6 Autoconfiguration   Although the 128-bit address field of IPv6 solves a number of problems inherent in IPv4, the size of the address itself represents a potential problem to the TCP/IP administrator. Because of this, IPv6 has been designed with the capability to automatically assign an address to an interface at initialization time, with the intention that a network can become operational with minimal to no action on the part of the TCP/IP administrator. IPv6 nodes generally use autoconfiguration to obtain their IPv6 address. This can be achieved using: DHCP, which is known as stateful autoconfiguration Stateless autoconfiguration, which is a new feature of IPv6 and relies on ICMPv6.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 88
  89. 89. ICMPv6 Autoconfiguration A B C S 250:4ff:fe5c:b3f4 Token (Dir. MAC) ROUTER   The stateless autoconfiguration process is defined in RFC 2462 – IPv6 Stateless Address Autoconfiguration. It consists of the following steps: During system startup, the node begins the autoconfiguration by obtaining an interface token from the interface hardware (EUI-64 format)© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 89
  90. 90. ICMPv6 Autoconfiguration A B C S fe80:: 250:4ff:fe5c:b3f4 Prefijo Local Token (Dir. MAC) ROUTER   The node creates a tentative link-local unicast address by combining the well-known link-local prefix (FE80::/10) with the interface token.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 90
  91. 91. ICMPv6 Autoconfiguration A B C S tentative D.A.=fe80:: 250:4ff:fe5c:b3f4 neighbor solicitation message If response neighbor advertisement message ROUTER Manual configuration of the node is then required  The node attempts to verify that this tentative address is unique by issuing a neighbor solicitation message with the tentative address as the target. If the address is already in use, the node will receive a neighbor advertisement in response, in which case the autoconfiguration process stops. (Manual configuration of the node is then required.). © 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 91
  92. 92. ICMPv6 Autoconfiguration A B C S tentative D.A.=fe80:: 250:4ff:fe5c:b3f4 definitive neighbor solicitation message If no response Router solicitation ROUTER  If no response is received, the node assigns the link-level address to its interface. The host then sends one or more router solicitations to the all- routers multicast group. © 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 92
  93. 93. ICMPv6 Autoconfiguration A B C S fe80:: 250:4ff:fe5c:b3f4 3ffe:3328:1:: 250:4ff:fe5c:b3f4 If response ff02::1 Prefijo Global Token (Dir. MAC) RA ROUTER Prefijos: 3ffe:3328:1::/64  Ifthere are any routers present, they will respond with a router advertisement. © 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 93
  94. 94. ICMPv6 Autoconfiguration A B C S fe80:: 250:4ff:fe5c:b3f4 Router solicitation If no response DHCP If no response ROUTER  Ifno router advertisement is received, the node attempts to use DHCP to obtain an address and configuration information. If no DHCP server responds, the node continues using the link-level address and can communicate with other nodes on the same link only. © 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 94
  95. 95. ICMPv6 Autoconfiguration   If a router advertisement is received in response to the router solicitation, this message contains several pieces of information that tells the node how to proceed with the autoconfiguration process: M flag: Managed address configuration. If this bit is set, the node used DHCP to obtain its IP address. O flag: Other stateful configuration. If this bit is set, the node uses DHCP to obtain other configuration parameters. Prefix option: If the router advertisement has a prefix option with the A bit (autonomous address configuration flag) set on, the prefix is used for stateless address autoconfiguration.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 95
  96. 96. ICMPv6 Autoconfiguration   If stateless address configuration is used, the prefix is taken from the router advertisement and added to the interface token to form the global unicast IP address, which is assigned to the network interface.   The working node continues to receive periodic router advertisements. If the information in the advertisement changes, the node must take appropriate action© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 96
  97. 97. ICMPv6 Notes   If stateless address configuration is used, the prefix is taken from the router advertisement and added to the interface token to form the global unicast IP address, which is assigned to the network interface.   The working node continues to receive periodic router advertisements. If the information in the advertisement changes, the node must take appropriate action© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 97
  98. 98. ICMPv6 Notes   Note that it is possible to use both stateless and stateful configuration simultaneously. It is quite likely that stateless configuration will be used to obtain the IP address, but DHCP will then be used to obtain further configuration information. However, plug-and- play configuration is possible in both small and large networks without the requirement for DHCP servers.   The stateless address configuration process, together with the fact that more than one address can be allocated to the same interface, also allows for the graceful renumbering of all the nodes on a site (for example, if a switch to a new network provider necessitates new addressing) without disruption to the network. For further details, refer to RFC 2462.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 98
  99. 99. Homework   DNS in IPv6© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 99
  100. 100. IPv6 new oportunities  IPv6 opens up new opportunities in infrastructure and services as well as in research opportunities.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 100
  101. 101. IPv6 new infrastructure   IPv6 can serve as the next generation wireless core network infrastructure.   Additional sensor devices can be connected into the IPv6 backbone with an individual IP address.   Smart networks with sufficient bandwidth and quality of service make the Internet available for phone calls and multimedia applications.   As virtualization is widely deployed in both computing data centers and network services, the IPv6 functions become mandatory in security, in flow label processing, and so on.   IPv6 can create a new virtual private network (VPN) infrastructure, with inherently built-in tunneling capabilities.   Inside a computer, the traditional I/O bus architecture might be replaced by a pure IP packet exchanged structure.   …© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 101
  102. 102. IPv6 new services   Presence Service can be developed on top of Location Based Service (LBS).   Voice and Video over IP (which we call V2oIP in IPv6) will replace traditional phone service and provide video services over IPv6.   Always On Services (AOS) allows V2oIPv6 to be ready for service with ease of use. Communication sessions can be kept alive and active using IPv6 mobility functions as well as the IPv6 QoS capability.   IPv6 Management Service (IMS) provides address automatic inventory, service provisioning, and service assurance services.   IPv6 Testing Service (ITS) provides capabilities in functional conformance and performance testing for implementations of IETF IPv6 standards or RFCs   …© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 102
  103. 103. IPv6 new research and development platforms   The 6Bone consists of many islands supporting IPv6 packets, linked by tunnels across the existing IPv4 backbone. The 6Bone was widely used for testing of IPv6 protocols and products. By June 6th, 2006 the 6Bone was phased out per agreements with the IETF IPv6 community. http://www.6Bone.net   The 6NET project demonstrated that growth of the Internet can be met using new IPv6 technology. 6NET built a native IPv6-based network connecting 16 European countries. The network allows IPv6 service testing and interoperability with enterprise applications. http://www.6net.org© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 103
  104. 104. IPv6 new research and development platforms   Internet2 built an experimental IPv6 infrastructure. The Internet2 consortium (not a network) established IPv6 working group to perform research and education in the following areas: Infrastructure engineering, operations, and deployment Education for campus network engineers Exploring the motivation for use of IPv6 http://ipv6.internet2.edu© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 104
  105. 105. IPv6 new research and development platforms   Another regional IPv6 example is the MOONv6 project. Moonv6 is just one of the worlds largest native IPv6 networks in existence. http://www.moonv6.org/© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 105
  106. 106. New open research problems in IPv6   IPv6 and next generation network architecture design:   Network infrastructure and service management: Peer-to- peer (P2P) network applications are available to flood the Internet.   Security: In addition to the native security functions supplied in IPv6 protocols, IPv6 network security architecture needs to define how to extend security across upper layers of IP networks.   Real-time control capability: IPv6 quality of service features provide real-time support of voice and multimedia applications. Additional research topics include signaling and integration with IP multimedia subsystems.   IPv6 network virtualization: Automatic configuration inventory and provisioning capabilities have to be studied in order to allocate networking resources and transport on demand.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 106
  107. 107. Internet transition: Migrating from IPv4 to IPv6   If the Internet is to realize the benefits of IPv6, a period of transition will be necessary when new IPv6 hosts and routers are deployed alongside existing IPv4 systems. RFC 2893 – Transition Mechanisms for IPv6 Hosts and Routers and RFC 2185 – Routing Aspects of IPv6 Transition define a number of mechanisms to be employed to ensure both compatibility between old and new systems and a gradual transition that does not impact the functionality of the Internet. These techniques are sometimes collectively termed Simple Internet Transition (SIT).© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 107
  108. 108. Internet transition: Migrating from IPv4 to IPv6 The transition employs the following techniques:   Dual-stack IP implementations for hosts and routers that must interoperate between IPv4 and IPv6.   Imbedding of IPv4 addresses in IPv6 addresses. IPv6 hosts will be assigned addresses that are interoperable with IPv4, and IPv4 host addresses will be mapped to IPv6.   IPv6-over-IPv4 tunneling mechanisms for carrying IPv6 packets across IPv4 router networks.   IPv4/IPv6 header translation. This technique is intended for use when implementation of IPv6 is well advanced and only a few IPv4- only systems remain. Tiempo Sistemas IPv4 Sistemas IPv4 Sistemas IPv6 Sistemas IPv4/IPv6 duales© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 108
  109. 109. Internet transition: Example of Migrating from IPv4 to IPv6. Otros Dominios Servidor Routers Dominio X IPv4/IPv6 DNS N1 N2 H1 H2 Hosts Hosts IPv6/IPv4 IPv4© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 109
  110. 110. Internet transition: Dual Stack Aplicación   Los sistemas (hosts y TCP UDP routers) mantienen dos pilas de protocolos en paralelo: IPv4 e IPv6   Utilizan una u otra en función IPv4 IPv6 de la situación (ej: si el destinatario conoce IPv6 o sólo IPv4)   Un sistema puede saber si otro “habla” IPv6 a través de consultas al DNS Subred (Ej: Ethernet)© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 110
  111. 111. Internet transition: Dual Stack IPv4/IPv6 Dual Stack System© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 111
  112. 112. Internet transition: Tunneling   When IPv6 or IPv6/IPv4 systems are separated from other similar systems with which they want to communicate by older IPv4 networks, IPv6 packets must be tunneled through the IPv4 network. IPv6 packets are tunnelled over IPv4 very simply: The IPv6 packet is encapsulated in an IPv4 datagram, or in other words, a complete IPv4 header is added to the IPv6 packet. The presence of the IPv6 packet within the IPv4 datagram is indicated by a protocol value of 41 in the IPv4 header.   There are two kinds of tunneling of IPv6 packets over IPv4 networks: automatic and configured.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 112
  113. 113. Internet transition: Tunneling Internet IPv4 IPv6 / IPv4 Router IPv4 Router Nodo IPv6 / IPv4 IPv6 / IPv4 Router Origen Nodo IPv6 / IPv4 Destino© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 113
  114. 114. Internet transition: Automatic Tunneling   Automatic tunneling can be either host-to-host, or it can be router-to-host. The mechanism used for automatic tunneling is very simple:   The encapsulating IPv4 datagram uses the low-order 32 bits of the IPv6 source and destination addresses to create the equivalent IPv4 addresses and sets the protocol number to 41 (IPv6).   The receiving nodes network interface layer identifies the incoming packets (or packets if the IPv4 datagram was fragmented) as belonging to IPv4 and passes them upward to the IPv4 part of the dual IPv6/IPv4 internetwork layer.   The IPv4 layer then receives the datagram in the normal way, reassembling fragments if necessary, notes the protocol number of 41, removes the IPv4 header, and passes the original IPv6 packet sideways to the IPv6 part of the internetwork layer.   The IPv6 code then processes the original packet as normal. Because the destination IPv6 address in the packet is the IPv6 address of the node, the packet is at its final destination.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 114
  115. 115. RA IPv4 IPv6 Router-to-host automatic tunneling© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 115
  116. 116. IPv4 Host-to-host automatic tunneling© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 116
  117. 117. Internet transition: Configured Tunneling   Configured tunneling is used for host-router or router-router tunneling of IPv6-over-IPv4. The sending host or the forwarding router is configured so that the route, as well as having a next hop, also has a tunnel end address (which is always an IPv4-compatible address). The process of encapsulation is the same as for automatic tunneling, except that the IPv4 destination address is not derived from the low- order 32 bits of the IPv6 destination address, but from the low-order 32 bits of the tunnel end. The IPv6 destination and source addresses do not need to be IPv4-compatible addresses in this case.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 117
  118. 118.  IPv4-compatible address (::<IPv4_address>)   1.2.3.4 (hex 01.02.03.04) becomes ::0102:0304  IPv4-mapped address (::FFFF:<IPv4_address>)   1.2.3.4, becomes ::FFFF:0102:0304.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 118
  119. 119. Internet transition: Configured Tunneling   When the router at the end of the tunnel receives the IPv4 datagram, it processes it in exactly the same way as a node at the end of an automatic tunnel. When the original IPv6 packet is passed to the IPv6 layer in the router, it recognizes that it is not the destination, and the router forwards the packet on to the final destination as it would for any other IPv6 packet.   It is, of course, possible that after emerging from the tunnel, the IPv6 packet is tunnelled again by another router.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 119
  120. 120. RA IPv4 IPv6 IPv6© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 120
  121. 121. Internet transition: Header translation   Installing IPv6/IPv4 nodes allows for backward compatibility with existing IPv4 systems. However, when migration of networks to IPv6 reaches an advanced stage, it is likely that new systems being installed will be IPv6 only. Therefore, there will be a requirement for IPv6-only systems to communicate with the remaining IPv4-only systems. Header translation is required for IPv6-only nodes to interoperate with IPv4-only nodes. Header translation is performed by IPv6/ IPv4 routers on the boundaries between IPv6 routed areas and IPv4 routed areas.© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 121
  122. 122. Interoperability summary   Whether two nodes can interoperate depends on their capabilities and their addresses.   An IPv4 node can communicate with: Any IPv4 node on the local link Any IPv4 node through an IPv4 router Any IPv6 node with IPv4-mapped address through a header translator   An IPv6 node (IPv6-only address) can communicate with: Any IPv6 node on the local link Any IPv6 node through an IPv6 router on the local link (might require tunneling through the IPv4 network from the router)© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 122
  123. 123. Interoperability summary   Whether two nodes can interoperate depends on their capabilities and their addresses.   An IPv6 node (IPv4-mapped address) can communicate with: Any IPv6 node on the local link Any IPv6 node through an IPv6 router on the local link (might require tunneling through the IPv4 network from the router) Any IPv4 node through a header translator   An IPv6/IPv4 node (IPv4-compatible address) can communicate with: Any IPv4 node on the local link Any IPv4 node through an IPv4 router on the local link Any IPv6 node on the local link Any IPv6 node through an IPv6 router on the local link (might require tunneling through the IPv4 network from the router) Any IPv6/IPv4 node (IPv4-compatible address) through a host-to- host tunnel© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 123
  124. 124. IPv6 migration to the world© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 124
  125. 125. IPv6 migration to Latin America Fuente: Página del proyecto IPv6 de la UNAM© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 125
  126. 126. IPv6 migration at Mexico© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 126
  127. 127. Why IPv6?   Solución ALL-IP: Integración de Redes y Servicios Contents IPv4 ER/FW (public or WLAN RAS private) IPv6 DSL RAS between access systems ER/FW IPv6 (public or Cable RAS private) 3G-GGSN GW IPv6 3G RAN all-IP PSTN Packet Core 3G-GGSN 3G RAN 3G-GGSN© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 127
  128. 128. References   RFC 3041 – Privacy Extensions for Stateless Address Autoconfiguration in IPv6 (January 2001)   RFC 3056 – Connection of IPv6 Domains via IPv4 Clouds (February 2001)   RFC 3307 – Allocation Guidelines for IPv6 Multicast Addresses (August 2002)   RFC 3315 – Dynamic Host Configuration Protocol for IPv6 (DHCPv6) (July 2003)   RFC 3484 – Default Address Selection for Internet Protocol version 6 (IPv6) (February 2003)   RFC 3596 – DNS Extensions to Support IP Version 6 (October 2003) (Obsoletes RFC3152, RFC1886)   RFC 3633 – IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6 (December 2003)   RFC 3646 – DNS Configuration options for Dynamic Host Configuration Protocol for IPv6 (DHCPv6) (December 2003)   RFC 3697 – IPv6 Flow Label Specification (March 2004)   RFC 3736 – Stateless Dynamic Host Configuration Protocol (DHCP) Service for IPv6 (April 2004)   RFC 3775 – Mobility Support in IPv6 (June 2004)   RFC 3776 – Using IPSec to Protect Mobile IPv6 Signaling Between Mobile Nodes and Home Agents (June 2004)© 2008, ITA-SYC TEMAS AVANZADOS DE REDES DE COMPUTADORAS 128

×