IPv6 required - ICCA Pondicherry 31 Jan 2012

Networking for the Future

Part 1: Why do we need IPv6?
Part 2: IPv6 – A Technical Primer

Dr. Olivier MJ Crépin-Leblond – ocl@gih.com
ICCA ’12 – Pondicherry – 31 January 2012
Version 201201.1
© 2009 Global Information Highway Ltd


IPv4 / IPv6 Table of Contents

Why IPv6? Why not IPv4?
What are the differences between IPv4
and IPv6?
Address / Packet Structure
Header
Datagram
Unicast / Multicast / Anycast
Neighbour Discovery and DHCPv6
Mobility
IPSec / Security

Version 201201.1 2


What is an IP Address?
Domain Names are identifiers
that you type in your Web
Domain Name: www.isoc.org Browser, your E-mail etc.
www.google.com
www.yahoo.com

DNS Servers translate this
DNS Server Domain Name into an
address that is made up of
translation
numbers

Every device that is
IPv4 Address: 212.110.167.157 connected to the Internet
needs its Internet Protocol
(IP) address

Version 201201.1 3


We are running out of IPv4 addresses
“Internet Protocol”

Each device (computer, phone etc.)
connected to the Internet needs an
Internet Protocol (IP) address.

If we have 10 addresses only, how do we
connect 11 computers?
We cannot do that.

This is the point which we are about to
reach.
Version 201201.1 4


World Connectivity vs Population
“Internet Protocol”
Population Size
6 767 805 208
6.7 Billion people on earth
1.7 Bn Internet users in 2009
Population Size
N° Internet Users N° Internet Users
1 733 993 741

Middle East Connectivity vs Population

Population Size
202 687 005

More ways to access the Internet
Population Size
N°Internet Users
N°Internet Users
57 425 046

Version 201201.1 5



today

When we reach this point, it will be too late since
there will be no more free IP addresses!
Real time data collected 1 Mar 2010
Version 201201.1 6



http://www.potaroo.net/tools/ipv4/index.html
When we reach this point, it will be too late since
there will be no more “free” IPv4 addresses!
Real time data collected September 2011
Version 201201.1 7


Current temporary solutions
Network Address Translation

An end user “pulls” the information to them from the network

Version 201201.1 8


Current temporary solutions

As more and more devices are connected
•Computer
•Telephone
•MP3 player
•Television

It becomes impossible for the translation box
to serve all the services for 1 public IP address
Version 201201.1 9


How about Carrier Grade NAT?
Quotes – Vinton Cerf
US Scientist, widely known as one of the Fathers of the Internet

The Internet is based on a layered, end-to-end
model that allows people at each level of the
network to innovate free of any central control.
By placing intelligence at the edges rather than
control in the middle of the network, the
Internet has created a platform for innovation.

Version 201201.1 10


The original Internet Architecture
Can be several
routers at various
“entry” points with
resilient routes

User-Centric Internet

Any connected device could be a “client” or a “server”

Version 201201.1 11


The Internet Architecture Version 2
Local NAT

User-Centric Internet

NAT = Network Address Translation

Version 201201.1 12


Adding Carrier-Grade NAT
Single point of failure
at Carrier Level

CG-NAT CG-NAT

The Network-Centric
Internet

Server Only Client Only

Version 201201.1 13


Carrier Grade NAT

•Single point of failure
•Need to use application-level filtering to
inspect application protocol packets and
modify them on the fly
•Violates TCP states (usually performed by
end nodes
•Hard recovery for link flapping (multiple
routes)
Version 201201.1 14


Carrier Grade NAT
•Hides complete parts of the DNS due to
impossibility of connecting to specific host
•Difficulty in establishing end to end VPN
tunnels due to inability to connect to the “end”
•Major problem for people working from
home or while travelling
•Any address translation might open the door
to fake address translation and hacking thus
potential security issues

Version 201201.1 15



Internet Traffic

It is impossible to connect remotely
to an “internal” address

Version 201201.1 16


Temporary solutions don’t work

In the future, communication will go both ways

Version 201201.1 17


Future Solution – IPv6 everywhere

As more and more devices are connected
•Computer
•Telephone
•MP3 player
•Television

Every device has its own IP address
Every device can be accessed directly
No need for translation
Version 201201.1 18


IPv4 Space / December 2009

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47

48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63

64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79

80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95

96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111

112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127

128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143

144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159

160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175

176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191

192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207

208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223

224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239

240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255

Reference: http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xml
Version 201201.1 19


IPv4 Space / October 2010

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47

48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63

64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79

80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95

96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111

112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127

128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143

144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159

160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175

176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191

192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207

208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223

224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239

240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255

Reference: http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xml
Version 201201.1 20


Future Solution – IPv6 everywhere

In the future, communication will go both ways

Version 201201.1 21


Future Solution – Internet everywhere

In the future, communication will go everywhere

Version 201201.1 22


IPv6 examples

Emergency Alerts

Version 201201.1 23


Version 201201.1 24


Version 201201.1 25


Version 201201.1 26


IPv6 examples

Smart Grid – greener use of
energy
Version 201201.1 27


The Smart Grid

Source: US National Institute of Standards & Technology
Version 201201.1 28


IPv6 examples

US Military

Version 201201.1 29


IPv6 implementation in US Military

Version 201201.1 30


Version 201201.1 31


Version 201201.1 32


Infrastructure required for
telecommunications
•Always connected “Data Glove” incorporating a
fully networked personal digital assistant
•Possibility to consult pictures of area (like
Google maps)
•Possibility to control drone aircraft directly
•Possibility to access remote cameras
•Helmet-mounted Webcam for each soldier
•Vital statistics of soldier (food/health/tiredness)
•GPS location device
•This is only addressable via IPv6
Source: US Army Natick Systems

Version 201201.1 33


Infrastructure required for These are the
telecommunications applications of the
•Always connected Personal Digital Assistant: future
•Mobile phone (Apple iPhone & iPad, Nokia, HTC etc.)
•Possibility to surf Web sites, but also use artificial intelligence for the
digital assistant to automatically book tickets, shop, see pictures of area
(like Google maps), to access remote cameras, and to find out about
anything, anywhere. GPS location device with information about
services. This is only addressable via IPv6!
•Law enforcement and civil protection
•Police can use all of these services, and more, to ensure the safety of
the population. Firemen can coordinate information more easily.
Ambulances and emergency services will know more information before
arriving on scene.
•Always online - Everywhere

Version 201201.1 34


So what is the future?

How do we build this?

Version 201201.1 35


Internet Anytime, Everywhere
A fully connected world

Version 201201.1 36


IPv6 – a Technical Primer

Dr. Olivier MJ Crépin-Leblond – ocl@gih.com

Version 201201.1


IPv4 / IPv6 Table of Contents

Why IPv6? Why not IPv4?
What are the differences between IPv4
and IPv6?
Address / Packet Structure
Header
Datagram
Unicast / Multicast / Anycast
Neighbour Discovery and DHCPv6
Mobility
IPSec / Security

Version 201201.1 38


Differences between V.4 and V.6

Version 201201.1 39


IPv6 Key Features

Version 201201.1 40


IPv4 and IPv6 Addressing
Internet Protocol IPv4 Internet Protocol IPv6

Deployed 1981 1999

Address Size 32 Bit 128 Bit

Address Format Dotted Decimal Hexadecimal Notation
Notation 2001:0DB8:0123:456
192.168.0.1 7:89AB:CDEF:0123:45
67
Prefix Notation 192.168.0.0/24 2001:0DB8:0123/48

N° Addresses 2 x 10^32 2 x 10^128

N° Addresses 4,294,967,296 340,282,366,920,
938,463,463,374,607,431,
768,211,456

Version 201201.1 41


IP Version 4

4,294,967,296

IP Version 6

340,282,366,920,938,463,463,374,607,431,768,211,456

Version 201201.1 42


IPv6 Space

IPv4: 4,294,967,296 addresses

IPv6: 340,282,366,920,938,463,463,374,607,431,770,000,000 possible addresses
50,000,000,000,000,000,000,000,000,000 addresses per human
Version 201201.1 43


IP Version 6

340,282,366,920,938,463,463,374,607,431,768,211,456

With 7Bn people on Earth, N° addresses per person

48,611,766,702,991,209,066,196,372,490

Some of these addresses will be used by devices (the Internet of things)
Some of these addresses will be used by internal addressing/protocol

It is still a lot of usable addresses

Version 201201.1 44


Differences between IPv4 & IPv6
Internet Protocol Internet Protocol
IPv4 IPv6
Address Size 32 Bit 128 Bit

N° Addresses 2 x 10^32 2 x 10^128

Security IPSEC Optional IPSEC (Originally)
Mandatory
Quality of Service Basic Extended

Address Allocation Manual or DHCP Many more methods

Peer to Peer comm. Broken by NAT No NAT

IP Addresses per Usually 1 Many
interface
Mobility Extension Mobile IPv6 Mobility

Version 201201.1 45


Overall Packet Structure
Link Layer IP Transport Application Protocol Data Link Layer
Header Header Header Trailer

Presentation HTML
Application HTTP
Transport TCP, UDP,…
Protocol IP
Link Layer Ethernet
Physical Fiber

Version 201201.1 46


Packet Structure / Datagram
Link Layer IP Transport Application Protocol Data Link Layer
Header Header Header Trailer

Presentation HTML
Application HTTP
Transport TCP, UDP,…
Protocol IP (v4 or v6)
Link Layer Ethernet
Physical Fiber

Version 201201.1 47



Version 201201.1 48


Streamlining of IPv6

Fewer fields in the packet header
Fixed size header- 40 octets (or bytes)
No fragmentation in network
No checksum processing
Packet can be switched by flow label
(Quality of Service possibility)

Version 201201.1 49


No checksum Processing

Presentation HTML
Application HTTP
Checksum: YES Transport TCP, UDP,…
Checksum: NO Protocol IPv6
Checksum: YES Link Layer Ethernet
Physical Fiber

Version 201201.1 50


IPv6 Header Fields

Version

4 bits long

IP Version = 4 for IPv4
= 6 for IPv6

Traffic Class

8 bits long

Quality of Service Techniques:

Diffserv Code Points (DSCP)
Congestion Notification (ECN)
Called “Type of Service in IPv4

Version 201201.1 51


IPv6 Header Fields

Flow Label

20 bits long

Specific per flow processing of
data Streams. This supports
real-time datagram delivery
and quality of service (QoS).
Routers between the source
and destination would treat
traffic with the same datagram
in a similar way.

For example, similar/minimal
latency to Video packets.

Version 201201.1 52


IPv6 Header Fields

Payload Length

16 bits long

In IPv4: Total Length field

This is the size of the inner
datagram, after the basic
header (which itself is 40
bytes long).

Version 201201.1 53


IPv6 Header Fields

Next Header

8 bits long

Identification of Inner datagram

This serves the same purpose Hop Limit
as the IPv4 “Protocol Field”, the
identifying of data inside the 8 bits long
payload of the IP datagram.
Maximum Number of hops
Codes are however extended to
include the processing of In IPv4 this was called “TTL =
options for Extension Headers Time to Live” and decreased at
(described later). each hop.
In IPv6 it is appropriately called

Version 201201.1 54


IPv6 Header Fields

Source and Destination

128 bits long

These are the Source and the
Destination of the datagram.

The Source IP address is the
originator of the datagram i.e.
The device that originally sent
the packet
The Destination IP address is
the intended recipient of the
packet i.e. the ultimate
destination. Valid for Unicast,
Multicast or Anycast

Version 201201.1 55


IPv6 Extension Headers
Order Header Type Next Header
Code
1 Basic IPv6 Header -
2 Hop-by-Hop options 0
3 Destination Options & Routing 60
4 Routing Header 43
5 Fragment Header 44
6 Authentication Header 51
7 Encapsulation Security Payload 50
8 Destination Options 60
9 Mobility Header 135
(end) No Next Header 59
Upper Layer TCP (like IPv4 “protocol” field) 6
Upper Layer UDP (like IPv4 “protocol” field) 17
Upper Layer ICMPv6 (like IPv4 “protocol” field)
Version 201201.1 58 56



Version 201201.1 57



A few more examples of daisy-chained extension headers

Version 201201.1 58


Main Enhancements of IPv6 over IPv4

Header: 40 byte instead of 20
Daisy Chained extension headers
Fragmentation only done by source nodes
and has its own optional extension header
No checksum in IPv6 header
Path Maximum Transmission Unit (MTU)
IPv4: 576 bytes
IPv6: 1280 bytes
MTU size error is being reported back to source
Path MTU Discovery mandatory and refined

Version 201201.1 59


IPv6 Address shortening
2001:0DB8:0000:ABCD:0000:0000:0012:3456

2001:0db8:0000:abcd:0000:0000:0012:3456

2001:db8:0:abcd:0:0:12:3456

2001:db8:0:abcd::12:3456

•Letters are case insensitive
•Leading zeros in a field are optional
•Successive fields of zeros

Version 201201.1 60


IPv6 Addressing
2001:0DB8:0000:ABCD:0000:0000:0012:3456

•Addresses have scope
•Interfaces can have multiple addresses
•Addresses have lifetime
Version 201201.1 61


IPv6 Addresses have scope
2001:0DB8:0000:ABCD:0000:0000:0012:3456

Global Unique Local Link local

Version 201201.1 62


Scope of address is physical

Version 201201.1 63


IPv6 Type of Addresses

Version 201201.1 64


IPv6 Host addresses

Loopback address (used by the machine):
0000:0000:0000:0000:0000:0000:0000:0001
0:0:0:0:0:0:0:1
::1 ( this is like 127.0.0.1 in IPv4)

Unspecified: (used to define the default route)
0:0:0:0:0:0:0:0
::

This address is mandatory
Version 201201.1 65


IPv6 Link Local

Link Local addresses are mandatory and start with
fe80::
They work only on the Link Layer and cannot be
forwarded by a router. Their function is key to the
automatic configuration of a host without a router
or DHCP server. Just connect the hosts & bingo!
Start: fe80::
End: febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff
Version 201201.1 66


IPv6 Unique Local

Unique Local addresses are optional Unicast
addresses that can be used within a site (like an
intranet). They are not globally routed.

Start with fc00::
End: fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
Version 201201.1 67


IPv6 Global Unicast

Global Unicast current assignment:

Start: 2000::
End: 3fff:ffff:ffff:ffff:ffff:ffff:ffff:ffff

6to4 is a transition mechanism where IPv6 packets transit
globally via IPv4.
It has its own prefix 2002 with the rest of the address
structure being slightly different

Version 201201.1 68


IPv6 Multicast

Global Multicast current assignment:
Start: ff00::
End: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff

Field starts with ff<LS> where L and S are as follows:
L = 0 for permanent group / 1 for temporary group
S = Scope bit: 1 - Interface; 2 – Link;
4 – Admin; 5 – Site; 8 = Organization; E = Global
All others: unassigned or reserved

Version 201201.1 69


IPv6 Global Unicast

IPv4 mapped addresses:

Starts with 0:0:0:0:0:0:0:ffff -> ::ffff

An example of this would be:

::ffff:192.168.0.1

These addresses are not IPv6 routed & can be used within
the kernel to show an IPv4 address
Version 201201.1 70


CIDR Blocks in IPv6
CIDR is principally a bitwise, prefix-based
standard for the interpretation of IP
addresses. It facilitates routing by
allowing blocks of addresses to be
grouped into single routing table entries.
It is used in IPv4 and in IPv6
Since IPv6 have scope, it is particularly
helpful to use CIDR

Global Unique Local Link local

Version 201201.1 71


CIDR Blocks in IPv6

2001:0db8:0000:abcd:0000:0000:0012:3456
|||| |||| |||| |||| |||| |||| |||| ||||
|||| |||| |||| |||| |||| |||| |||| |||128 /128 Single end-points and
loopback
|||| |||| |||| |||64 /64 Single end-user LAN subnet (required prefix size
for stateless address autoconfiguration (SLAAC))
|||| |||| |||| ||60 /60 Some (very limited) 6rd deployments
|||| |||| |||| |56 /56 recommended Minimal end-site assignment
|||| |||| |||48 /48 recommended Typical assignment for home sites
|||| |||| 36 /36 possible future local Internet registry (LIR) extra-small
allocation
|||| |||32 /32 LIR minimum allocation
|||| ||28 /28 LIR medium allocation
|||| |24 /24 LIR large allocation
|||| 20 /20 LIR extra large allocation
||12 /12 Allocation to regional Internet registry by IANA[12]

Version 201201.1 72


CIDR Blocks in IPv6

2001:0db8:0000:abcd:0000:0000:0012:3456
|||| |||| |||| |||| |||| |||| |||| ||||
2001:0db8:0000:abcd:0000:0000:0012:3456/128 /128 Single end-points and
loopback
2001:0db8:0000:abcd/64 /64 Single end-user LAN subnet (required prefix size
for stateless address autoconfiguration (SLAAC))
2001:0db8:0000:abc/60 /60 Some (very limited) 6rd deployments
2001:0db8:0000:ab/56 /56 recommended Minimal end-site assignment
2001:0db8:0000/48 /48 recommended Typical assignment for home sites
2001:0db8:0/36 /36 possible future local Internet registry (LIR) extra-
small allocation
2001:0db8/32 /32 LIR minimum allocation
2001:0db/28 /28 LIR medium allocation
2001:0d/24 /24 LIR large allocation
2001:0/20 /20 LIR extra large allocation
200/12 /12 Allocation to regional Internet registry by IANA[12]

Version 201201.1 73


IPv6 Address Format

Unicast Addressing
Multicast Addressing
What is multicast + Anycast

Version 201201.1 74


Unicast Addresses
To transmit data between nodes on the
Internet
One-to-one address

Scope may be Global or Local
Global for worldwide communication
Local for communication within a site

Every Site gets a /48

Version 201201.1 75


Multicast Addresses

Start with “ff” as leftmost octet
One-to-many address: ability to send a single
packet to possibly unlimited multiple destinations
This does not use “broadcast” like in IPv4.
Instead, recipients are part of the group’s scope
Ability to send a packet to all hosts on the attached
link
Ability to send a packet to the link-local all hosts
multicast group
Applications:
Emergency Services
Simultaneous database updating
Parallel computing
Real time news

Version 201201.1 76


Multicast Addresses

In IPv4 the scope of the multicast, using
broadcast, was limited by the number of hops
away from the emitter.
In IPv6, the scope of the multicast is determined
by the scope field:
1 - Interface;
2 – Link;
4 – Admin;
5 – Site;
8 = Organization;
E = Global
…and the group can be defined as permanent or
temporary

Version 201201.1 77


Multicast Addresses
Address Scope Description
ff01::1 Interface All interfaces on the node
ff01::2 Interface All routers on the node
ff02::1 Link All nodes on the link
ff02::2 Link All routers on the link
ff02::5 Link OSPF v3 SFP Routers
ff02::6 Link OFPF v3 Designated Routers
ff02::9 Link RIP Routers
ff02::a Link EIGRP Routers
ff02::d Link PIM Routers
ff05::1:2 Site All DHCP routers on the local net site
ff05::1:3 Site DHCP Servers on the local net site
ff0x::fb Multicast DNS
ff0x::101 Network Time Protocol (NTP)
Version 201201.1 78


Unicast vs. Multicast

Version 201201.1 79


Version 201201.1 80


Anycast Addresses

This is used to send a packet to multiple
nodes which are not necessarily on the
same subnet
An Anycast address is the same Unicast
address configured on multiple nodes:
The routers will deliver the packet to the
nearest node member of the Anycast group
Currently used with DNS servers

Version 201201.1 81


Anycast Addresses
3ffe:b00:1::5

3ffe:b00:1::5

Routers know where 3ffe:b00:1::5
to route this data

Version 201201.1 82


Many addresses on one node
Quantity Address Requirement Context

1 Link local (fe80::) Must be defined On each interface

1 Loopback (::1) Must be defined On each node

0 to many Unicasts May be defined On each interface

any Unique-Local May be defined On each interface

1 All-nodes Multicast Must be joined On each interface

1 Solicited node Must be joined For each multicast
Multicast and any anycast
address defined
any Multicast group May be joined On each interface

Version 201201.1 83


IPv6 Multihoming
2a00:19e8:10::3
Site: 2a00:19e8:10::/48
2001:db8:abcd::3
2001:db8:abcd::/48

2a00:19e8:10::1 2a00:19e8:10::1
200
1:d
b 8:
2001:db8:abcd::1 abc 2001:db8:abcd::2
d ::
/48
48
::/
:10
2a00:19e8:10::/48
:1 9e8 2001:db8:abcd::/48
0
2a0
f.
High Pref. Pre Low
Lo w Pre High Pref.
f.

2a00:19e8::/32 2001:db8:::/32

Version 201201.1 84


Obtaining IPv6 addresses
Manual setting up of IPv6 address. This is
similar to IPv4
2 auto-configuration mechanisms in IPv6:
Stateless: SLAAC (Stateless Address Auto-
Configuration), based on ICMPv6 messages
(Router Solicitation and Router Advertisement)
Stateful: DHCPv6
SLAAC is mandatory, while DHCPv6 is
optional
DHCPv6 works differently to IPv4 DHCP

Version 201201.1 85


Stateless Address Auto-Configuration

In SLAAC, constant “Router
Advertisements” communicate
configuration Information such as:
IPv6 prefixes to use for autoconfiguration
IPv6 routing information
Other configuration parameters (Hop Limit,
MTU, etc.)
This information is used, along with the
Ethernet Unique Identifier (Eui64)
address (and other information, in some
cases), to create IPv6 addresses for the
node

Version 201201.1 86


Making up an Eui-64 address

Version 201201.1 87


IPv6 Address Allocation

2001:db8:abcd::3 Manually allocated

DAD = Duplicate Address Detection
Site Prefix:
2001:db8:abcd::/48

RA message with
MAC: 00:90:27:17:FC:0F Network type
Eui-64: 02 90 27 FF FE 17 FC 0F information

2001:db8:abcd:: + Eui-64
fe80::290:27ff:fe17:fc0f Link-Local
2001:db8:abcd::290:27ff:fe17:fc0f Router Advertisement

Version 201201.1 88


IPv6 Address allocation using DHCPv6

Link & Site Multicast used

Version 201201.1 89


Key differences between DHCPv4 and DHCPv6

Feature DHCPv4 DHCPv6 Benefit
Destination Address Broadcast Multicast to all-DHCP- More specific
of Request agents signalling

Source address of 0.0.0.0 Link-local address of More specific
initial request the client signalling

Relay forwarding Needs static list of Can use “all-DHCP- Higher redundancy
DHCP servers servers” on multicast and easier to manage

Managed config. flag N/A The router using RA Better network
flags can control this config. management

Reconfiguration N/A Server can ask Better network
message clients to update config. management

Identity Association N/A Multiple DHCP More scalable use of
servers & addresses DHCP

Version 201201.1 90


IPv6 Dynamic Naming System
Quite similar to IPv4 DNS
Forward DNS
host1.example.com IN A 192.168.0.2
host1.example.com IN AAAA 2001:db8:0:abcd::12:3456

Reverse DNS
1.0.160.192.in-
1.0.160.192.in-addr.arpa IN PTR host1.example.com
6.5.4.3.2.1.0.0.0.0.0.0.0.0.0.0.d.c.b.a.0.0.0.0.8.b.d.0.1.0.0.2.
6.5.4.3.2.1.0.0.0.0.0.0.0.0.0.0.d.c.b.a.0.0.0.0.8.b.d.0.1.0.0.2.
.ip6.arpa

Tools exist to write the reverse DNS

Version 201201.1 91


Mobility / Mobile IP
IPv4 already had extensions called IPv4
mobility
IPv6 has similar extensions that are a lot
more developed than the IPv4 equivalent
since they run on IPv6.

New mobility options to include in mobility signalling
New extended routing header
New home address option for destination header
New Neighbour Discovery
New ICMPv6 (Internet Control Message Protocol)

Version 201201.1 92


Correspondent Node

Home
Agent

Mobile Node Connects to
At home Mobile Node
At Home

This is a router

Version 201201.1 93


Correspondent Node

Home
Agent

Mobile Node
At home

Tells Home Agent
where it is

Mobile Node

Version 201201.1 94


Correspondent Node

Home
Agent

Tells Home Agent
where it is
Home Agent
forwards packets
To Mobile Node Mobile Node
answers directly
Back to Correspondent

Mobile Node

Version 201201.1 95


Correspondent Node

Home
Agent

Mobile Node
at home

The use of ICPMv6
as well as other
features of IPv6
allows for faster
roaming and more
features in IPv6
Mobile Node Mobile IP.
Mobile Node
Version 201201.1 96


IPv6 Extension Headers -> IPSec
Daisy-chained extension headers

6 Authentication Header 51
7 Encapsulation Security Payload 50

Version 201201.1 97


IPSec on IPv6: end to end security
Encryption using Key

Version 201201.1 98


Router A adds ESP header

Encapsulation
Security
Payload

Version 201201.1 99


Router A adds AH header

Authentication
Header

Version 201201.1 100


Transmission of data on Internet

Router A encapsulates
the packet into a new
packet and sends it to
Router B.

Version 201201.1 101


Router B receives the packet

Router B receives the
packet and removes
the AH

Version 201201.1 102


Router B removes the ESP

Encapsulation
Security
Payload

Version 201201.1 103


Host B receives original information

Version 201201.1 104


IPSec on IPv6: end to end security

Version 201201.1 105


Transition Security Problem Example
IPv4 or
IPv6
Address
spoofing

Version 201201.1 106

Click to add title

Click to add text

Version 201201.1 107


The power of Developers

The key to IPv6 success will be
developers
New services
New applications
The ubiquitous network
Always on
Everywhere

Version 201201.1 108


The power of Developers

The key to IPv6 success will be
developers
New services
New applications
The ubiquitous network
Always on
Everywhere

Version 201201.1 109

With thanks to Dr. Alaa AL-Din AL-Radhi for some visuals.

Thank You / Questions ?

Version 201201.1

IPv6 required - ICCA Pondicherry 31 Jan 2012

Recommended

Recommended

More Related Content

What's hot

What's hot (19)

Viewers also liked

Viewers also liked (6)

Similar to IPv6 required - ICCA Pondicherry 31 Jan 2012

Similar to IPv6 required - ICCA Pondicherry 31 Jan 2012 (20)

More from Olivier MJ Crépin-Leblond

More from Olivier MJ Crépin-Leblond (20)

IPv6 required - ICCA Pondicherry 31 Jan 2012