Jozi LUG - IPv6IPv6 Introduction & How To           Sponsors      LPI Southern Africa         Jumping Bean
IPv6 Introduction & How To       ● IPv6 Overview     ● IPv6 Configurations
IPv6 Introduction & How ToOverview, Goals & Benefits
IPv6 Goals●   Goals of IPv6       –   Simplify address allocation,       –   Simplify network administration,       –   Si...
IPv6 Overview●   RFC 791 (IPv4) published 1981●   RFC 2460 (IPv6) published 1998●   128 bits address space versus 32 bit f...
IPv6 Benefits●   No need for NAT●   No need for address re-use●   No need to renumber network as number of    devices grow...
IPv6 Benefits●   Built in multi-casting●   Stateless auto configuration●   User can keep session while moving from    loca...
IPv6 Benefits●   Fixed subnet (interface identifier)length●   No need for NAT●   For home users/SOHO        –   Fixed rout...
IPv6 Introduction & How ToIPv6 Address Notation
IPv4 Address Notation●   IPv4 - Dotted quad notation●   Addresses written as 4 groups of 3 digit    decimal values separat...
IPv6 Address Address Notation●   IPv6 - Addresses written as 8 groups of 16 bit    hexadecimal values separated by :      ...
IPv6 Address Address Notation●   2001:0db8:85a3:0000:0000:8a2e:0370:7334●   After rule 1        –   2001:db8:85a3:0:0:8a2e...
IPv6 Address Address Notation●   Most significant 64 bits “network mask” called    network prefix in IPv6●   Least signifi...
IPv6 Address Address Notation●   Bad for Internet browsing – privacy concerns    can track usage and reveals info – e.g. c...
IPv6 Introduction & How ToIPv6 Address Allocation
IPv6 Address Allocation●   Internet Assigned Numbers Authority (IANA)    assigned Regional Internet Registrars 23/12 bit  ...
IPv6 Address Allocation●   Local Internet registries (ISP) assign IPv6    address to end users. Recommended home    users ...
IPv6 Introduction & How ToRouting Methodologies & IPv6 Address Scopes
IPv6 Routing Methodologies●   Unicast       –   Identifies a single network interface●   Anycast       –   Assigned to a m...
IPv6 Routing Methodologies●   Multicast        –   Applied to many host which participate in a             mutli-cast grou...
IPv6 Address Classes●   Anycast/Unicast       –   1st 64 bits – network prefix               ●   1st 48 (or more) routing ...
IPv6 Address Classes●   Anycast/Unicast       –   1st 64 bits – network prefix               ●   1st 48 (or more) routing ...
IPv6 Address Classes●   Multi-cast Address       –   1st 8bit prefix       –   2nd 4bit flag       –   3rd 4 bit scope fie...
IPv6 Address Scope●   IPv6 addresses have scope●   Link-local scope       –   Link-local       –   Loopback●   All others ...
IPv6 Address Scope●   ULA - Reserved address space for internal    lan use. The block fc00::/7 (site-local).●   Block has ...
IPv6 Address Scope●   ::/128 – unspecified address – used to show    port listening for incoming connections, waiting    f...
IPv6 Address Scope●   fc00::/7 – unique local addresses – similar to    private addresses. Will see fd00::/7 for unique   ...
IPv6 Introduction & How ToIPv6 Network Configuration
IPv6 Introduction & How To    IPv6 Link-Local
IPv6 – Link Local●   Link-local – limited to layer two domain.●   None routable,scope is limited.●   1st 10 bits fixed. /1...
IPv6 – Link Local●   Link-local generated from mac address (EUI-    64)                ●   00-0C-29-C2-52-FF       –   Tak...
IPV6 – Link Local●   Pinging link-local address must specify    interface to use as accessible by all ip    addresses.
IPv6 Introduction & How ToIPv6 – Neighbourhood Discovery Protocol
IPv6 Neighbour Discovery Protocol●   Replaces       –   ARP       –   ICMP Router Discovery       –   ICMP Redirect●   Use...
IPv6 Neighbour Discovery Protocol●   Used by routers to:       –   Advertise presence, host config parameters &           ...
IPv6 Neighbour Discovery Protocol●   Used by nodes(ie hosts + routers) to:        –   Determine if packets can be sent to ...
IPv6 Introduction & How ToIPv6 Simple Network   Configuration
IPv6 – Hub/Switch + Hosts Network●   Simple setup with hub/switch no router then    automatic networking with link-local o...
IPv6 Introduction & How ToIPv6 Network Configuration       with Router
IPv6 – Router + Hosts Network●   Two Options       –   SLAAC – Stateless automatic address            configuration, or   ...
IPv6 Introduction & How ToIPv6 Stateless Automatic Address Configuration
IPv6 SLAAC●   SLAAC – Stateless Automatic Address    Configuration●   uses Neighbourhood Discovery Protocol (NDP)●   Liste...
IPv6 SLAAC●   Assigns addresses,●   Assigns default router,●   Problems        –   Slaac standard had no way to set DNS se...
IPv6 SLAAC●   Problems continued       –   Cant configure other services with SLAAC eg            NTP, SMTP etc       –   ...
IPv6 Introduction & How To    IPv6 DHCPv6
IPv6 DHCP●   DHCPv6      –   Works like DHCPv4      –   Allows for control over address allocation I.e            can rest...
IPv6 DHCP●   DHCPv6      –   Works like DHCPv4      –   Allows for control over address allocation I.e            can rest...
IPv6 DHCP●   DHCPv6 Problems:       –   Not default route option (have to use Router            announcement from router) ...
IPv6 Introduction & How ToIPv6 SOHO/Home Network    with ADSL Router
IPv6 – Network with ADSL Router●   Two Scenarios       –   ISP provides IPv6 addresses       –   ISP provides only IPv4 ad...
IPv6 – Network with ADSL Router●   ISP provides IPv6 block       –   Prefix delegation from ISP, should be a block of     ...
IPv6 – Network with ADSL Router●   ISP provides IPv6 block       –   DHCP update local DNS for site-local            addre...
IPv6 – Network with ADSL Router●   ISP provides IPv4 address       –   Use SLAAC internally to assign IPv6 address       –...
IPv6 Linux Utilities & Services●   Radvd – router advertising daemon       –   used for SLAAC configuration●   ISC DHCP Se...
IPv6 Linux Utilities & Services●   Ping6 – must specify which interface to ping    through        –   ping6 -I eth3 fe80::...
IPv6 - Issues●   Firewall rules reference IP addresses not DNS    entries; changing of internal IP means rules    need to ...
IPv6 - Issues●   Mainly problems for home users●   Need firewall as all hosts are reachable        –   Not really a proble...
IPv6 - Issues●   Simple mutli-homing without a BGP router not    possible at the moment or very difficult
Upcoming SlideShare
Loading in …5
×

IPv6 - Jozi Linux User Group Presentation

1,767 views

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,767
On SlideShare
0
From Embeds
0
Number of Embeds
74
Actions
Shares
0
Downloads
67
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

IPv6 - Jozi Linux User Group Presentation

  1. 1. Jozi LUG - IPv6IPv6 Introduction & How To Sponsors LPI Southern Africa Jumping Bean
  2. 2. IPv6 Introduction & How To ● IPv6 Overview ● IPv6 Configurations
  3. 3. IPv6 Introduction & How ToOverview, Goals & Benefits
  4. 4. IPv6 Goals● Goals of IPv6 – Simplify address allocation, – Simplify network administration, – Simplify routing, – resolve security and mobility issues, – improve Quality of Service (QoS), – Increase address space
  5. 5. IPv6 Overview● RFC 791 (IPv4) published 1981● RFC 2460 (IPv6) published 1998● 128 bits address space versus 32 bit for IPV4● 3.4x1038 addresses ~ 4.8x1028 addresses for every human on earth (7 billion people).● IPv4 has ~4.3 billion addresses in total
  6. 6. IPv6 Benefits● No need for NAT● No need for address re-use● No need to renumber network as number of devices grow e.g from class C to class A.● No need to renumber network when location changes● Better route aggregation,
  7. 7. IPv6 Benefits● Built in multi-casting● Stateless auto configuration● User can keep session while moving from location to location – e.g. wireless and mobile networking in bus, airplane● Simplified IPv6 headers means faster processing even though larger than IPv4
  8. 8. IPv6 Benefits● Fixed subnet (interface identifier)length● No need for NAT● For home users/SOHO – Fixed routable IPs!
  9. 9. IPv6 Introduction & How ToIPv6 Address Notation
  10. 10. IPv4 Address Notation● IPv4 - Dotted quad notation● Addresses written as 4 groups of 3 digit decimal values separated by a . – 192.168.014.022● Abbreviation rule – Drop leading 0
  11. 11. IPv6 Address Address Notation● IPv6 - Addresses written as 8 groups of 16 bit hexadecimal values separated by : – 2001:0db8:85a3:0000:0000:8a2e:0370:7334● Abbreviation rules 1. Drop leading zeros in a 16 bit value 2. Replace a group of sequential 0 with a double colon ::
  12. 12. IPv6 Address Address Notation● 2001:0db8:85a3:0000:0000:8a2e:0370:7334● After rule 1 – 2001:db8:85a3:0:0:8a2e:370:7334● After rule 2 – 2001:db8:85a3::8a2e:370:7334
  13. 13. IPv6 Address Address Notation● Most significant 64 bits “network mask” called network prefix in IPv6● Least significant 64 bits – interface identifier called host identifier in IPv4● Interface identifier constructed from MAC address via EUI64 algorithm
  14. 14. IPv6 Address Address Notation● Bad for Internet browsing – privacy concerns can track usage and reveals info – e.g. card manufacturer, machine etc● Can use random identifier for host identifier
  15. 15. IPv6 Introduction & How ToIPv6 Address Allocation
  16. 16. IPv6 Address Allocation● Internet Assigned Numbers Authority (IANA) assigned Regional Internet Registrars 23/12 bit blocks● Regional Internet registrars (Afrinic) assign blocks 19/32 to local Internet registrars●
  17. 17. IPv6 Address Allocation● Local Internet registries (ISP) assign IPv6 address to end users. Recommended home users get 46 or 56 bit blocks but who knows. Means multiple subnets● Can apply for own, provider independent, IPv6 address block with Regional registrar – not for individuals. – Recommended for IPS/provider independence
  18. 18. IPv6 Introduction & How ToRouting Methodologies & IPv6 Address Scopes
  19. 19. IPv6 Routing Methodologies● Unicast – Identifies a single network interface● Anycast – Assigned to a multiple interfaces on different nodes, router sends packet to nearest interface. Any unicast address can be an anycast address
  20. 20. IPv6 Routing Methodologies● Multicast – Applied to many host which participate in a mutli-cast group. Packet received by all participants
  21. 21. IPv6 Address Classes● Anycast/Unicast – 1st 64 bits – network prefix ● 1st 48 (or more) routing prefix ● 2nd 16 (or less) subnet id – 2nd 64 - bits interface identifier – Link-Local ● 1st 10 prefix (fixed) (0xfe80) ● 2nd 54 zeros
  22. 22. IPv6 Address Classes● Anycast/Unicast – 1st 64 bits – network prefix ● 1st 48 (or more) routing prefix ● 2nd 16 (or less) subnet id – 2nd 64 - bits interface identifier – Link-Local ● 1st 10 prefix (fixed) (0xfe80) ● 2nd 54 zeros
  23. 23. IPv6 Address Classes● Multi-cast Address – 1st 8bit prefix – 2nd 4bit flag – 3rd 4 bit scope field – Every block of IPv6 addresses includes multi- cast addresses, therefore easier for organisations to implement
  24. 24. IPv6 Address Scope● IPv6 addresses have scope● Link-local scope – Link-local – Loopback● All others except Unique Local Addresses (ULA) have global scope● ULA not routable – linked to network on which they are used - site-local
  25. 25. IPv6 Address Scope● ULA - Reserved address space for internal lan use. The block fc00::/7 (site-local).● Block has been subdivided into – fc00::/8 – not in use/reserved – fd00::/8 – for use in private lans. Network prefix is /48 – the remaining 40 bits random string. – Allows for 65536 subnets
  26. 26. IPv6 Address Scope● ::/128 – unspecified address – used to show port listening for incoming connections, waiting for address assignment● ::/0 – default unicast route address● ::1/128 – loopback.● fe80::/10 – link local
  27. 27. IPv6 Address Scope● fc00::/7 – unique local addresses – similar to private addresses. Will see fd00::/7 for unique local address as 8th bit must be 1● ::ffff:0:0/96 – maps IPv4 addresses to IPv6
  28. 28. IPv6 Introduction & How ToIPv6 Network Configuration
  29. 29. IPv6 Introduction & How To IPv6 Link-Local
  30. 30. IPv6 – Link Local● Link-local – limited to layer two domain.● None routable,scope is limited.● 1st 10 bits fixed. /10● 0xfe80 – 0xfebf technically but will see fe80 mostly● Most will use 0xfe80::64 bit host or interface ID● Link local address auto-generated
  31. 31. IPv6 – Link Local● Link-local generated from mac address (EUI- 64) ● 00-0C-29-C2-52-FF – Take mac address and insert 0xFFE at the 24th bit offset ● 00-0C-29-FF-FE-C2-52-FF – Invert universal bit in the 6th position of the first octet ● 020c:29ff:fec2:52ff
  32. 32. IPV6 – Link Local● Pinging link-local address must specify interface to use as accessible by all ip addresses.
  33. 33. IPv6 Introduction & How ToIPv6 – Neighbourhood Discovery Protocol
  34. 34. IPv6 Neighbour Discovery Protocol● Replaces – ARP – ICMP Router Discovery – ICMP Redirect● Used by hosts to: – Discover neighbouring routers – Discover address, network prefix & config parameters
  35. 35. IPv6 Neighbour Discovery Protocol● Used by routers to: – Advertise presence, host config parameters & on-link prefixes – Inform hosts of better next-hop address● Used by nodes(ie hosts + routers) to: – Resolve link-layer address of neighbouring node for IPv6 addresses
  36. 36. IPv6 Neighbour Discovery Protocol● Used by nodes(ie hosts + routers) to: – Determine if packets can be sent to or received from a neighbour● Use for Link-local address assignment and stateless auto configuraiton (covered next)
  37. 37. IPv6 Introduction & How ToIPv6 Simple Network Configuration
  38. 38. IPv6 – Hub/Switch + Hosts Network● Simple setup with hub/switch no router then automatic networking with link-local only● DNS resolution done by ZeroConf (Avahi) Mutli-cast DNS
  39. 39. IPv6 Introduction & How ToIPv6 Network Configuration with Router
  40. 40. IPv6 – Router + Hosts Network● Two Options – SLAAC – Stateless automatic address configuration, or – DHCP6 - Stateful automatic address configuration, or – Combination – due to missing features, and partial implementation by vendors, of each protocol may be necessary to use both to provide full feature set.
  41. 41. IPv6 Introduction & How ToIPv6 Stateless Automatic Address Configuration
  42. 42. IPv6 SLAAC● SLAAC – Stateless Automatic Address Configuration● uses Neighbourhood Discovery Protocol (NDP)● Listens for router advertisements messages (RA),● Similar to DHCP was implemented before DHCP established
  43. 43. IPv6 SLAAC● Assigns addresses,● Assigns default router,● Problems – Slaac standard had no way to set DNS settings on client – Added support for RDNSS (recursive DNS server) 2010 but not implemented widely
  44. 44. IPv6 SLAAC● Problems continued – Cant configure other services with SLAAC eg NTP, SMTP etc – DNS server must be updated by each client● Pros – Widely supported
  45. 45. IPv6 Introduction & How To IPv6 DHCPv6
  46. 46. IPv6 DHCP● DHCPv6 – Works like DHCPv4 – Allows for control over address allocation I.e can restrict assignments to small range of addresses or map to specific clients, – Update DNS from central location, – Can configure other services
  47. 47. IPv6 DHCP● DHCPv6 – Works like DHCPv4 – Allows for control over address allocation I.e can restrict assignments to small range of addresses or map to specific clients, – Update DNS from central location, – Can configure other services
  48. 48. IPv6 DHCP● DHCPv6 Problems: – Not default route option (have to use Router announcement from router) – Not supported widely. E.G. Not supported by Android
  49. 49. IPv6 Introduction & How ToIPv6 SOHO/Home Network with ADSL Router
  50. 50. IPv6 – Network with ADSL Router● Two Scenarios – ISP provides IPv6 addresses – ISP provides only IPv4 address
  51. 51. IPv6 – Network with ADSL Router● ISP provides IPv6 block – Prefix delegation from ISP, should be a block of addresses 48/52 – ADSL modem or Linux box DHCP server handles prefix delegation and assigns addresses to local nodes – Probably best to have a site-local address and ISP assigned address for each device
  52. 52. IPv6 – Network with ADSL Router● ISP provides IPv6 block – DHCP update local DNS for site-local addresses
  53. 53. IPv6 – Network with ADSL Router● ISP provides IPv4 address – Use SLAAC internally to assign IPv6 address – Use 6in4 tunnel broker ● SixXs ● Freenet6 ● Hurricane Electrical
  54. 54. IPv6 Linux Utilities & Services● Radvd – router advertising daemon – used for SLAAC configuration● ISC DHCP Server – IPv6 DHCP server – Used for stateful configuration● IPRoute – network config tools
  55. 55. IPv6 Linux Utilities & Services● Ping6 – must specify which interface to ping through – ping6 -I eth3 fe80::227c:8fff:fe1e:909a● IPTables6 – for iptables firewall
  56. 56. IPv6 - Issues● Firewall rules reference IP addresses not DNS entries; changing of internal IP means rules need to be changed● IP addresses now trackable – Unique IP address for each device means easier to track. Privacy issues – Can randomise the interface identifier “privacy addresses” but will also need to change IP address at random intervals
  57. 57. IPv6 - Issues● Mainly problems for home users● Need firewall as all hosts are reachable – Not really a problem as ADSL modems usual come with inbound firewall● Renumbering of network, changing ISP or ISP changes block assignment – Setup Site-local, – Use ZeroConf
  58. 58. IPv6 - Issues● Simple mutli-homing without a BGP router not possible at the moment or very difficult

×