This document proposes a formal IPv6 anycast address space to distinguish anycast from unicast addresses. It suggests using the "aa00::/8" prefix with a format inspired by IPv6 multicast, including visible scope and embedded unicast prefixes. This would allow anycast addresses to be identified, aggregated, and handled differently by routing protocols and applications. Two example use cases are provided: an ISP's DDoS-resistant anycast DNS servers and an organization's anycast "Thingo" service in development. Feedback is sought on the proposal which has been in development for around 3 years.
The “Hands on Experience with IPv6 Routing and Services” Techtorial will provide attendees an opportunity to configure, troubleshoot, design and implement an IPv6 network using IPv6 technologies and features such as: IPv6 addressing, IPv6 neighbor discovery, HSRPv6, static routing, OSPFv3, EIGRPv6 and BGPv6. You will be provided with a scenario made up of an IPv4 network where you will get the opportunity to configure and implement IPv6 based on the requirements on the network, i.e., where would you deploy dual stack, where it make sense to do funneling and how to deploy IPv6 routing protocols without impacting your existing Network infrastructure.
The “Hands on Experience with IPv6 Routing and Services” Techtorial will provide attendees an opportunity to configure, troubleshoot, design and implement an IPv6 network using IPv6 technologies and features such as: IPv6 addressing, IPv6 neighbor discovery, HSRPv6, static routing, OSPFv3, EIGRPv6 and BGPv6. You will be provided with a scenario made up of an IPv4 network where you will get the opportunity to configure and implement IPv6 based on the requirements on the network, i.e., where would you deploy dual stack, where it make sense to do funneling and how to deploy IPv6 routing protocols without impacting your existing Network infrastructure.
NAT (network address translation) & PAT (port address translation)Netwax Lab
Network Address Translation (NAT) is designed for IP address conservation. It enables private IP
networks that use unregistered IP addresses to connect to the Internet. NAT operates on a router,
usually connecting two networks together, and translates the private (not globally unique) addresses in
the internal network into legal addresses, before packets are forwarded to another network.
Internet Protocol version 6 (IPv6) is what you are going to discover onwards. Here, you will get format, features and related required information of IPv6 addresses and its related protocols.
Network Address Translation (NAT) is a way to map an entire network (or networks) to a single IP address.
NAT is necessary when the number of IP addresses assigned to you by your Internet Service Provider is less than the total number of computers that you wish to provide Internet access for.
If you have an electric lamp, you can plug it anywhere in electric socket and it is expected to work. Could we think the same way for computers? Could we connect our laptop to any Network and make use of the devices available on that network including printer, scanner etc. The answer is YES, we can do it with help of Zero Configuration networking. Zero Configuration networking is a set of protocols which are used together to make devices talk to each other on the same Network, without any DHCP or DNS server. This is has numerous applications including Wake-on-Lan services. In 1980’s, AppleTalk was handling this scenario for Macs which are connected together with LocalTalk cabling. Later on, it was extended to AppleTalk over Ethernet. Currently we have several implementations of Zero Configuration Networking including Apple’s Bonjour, Windows LLMNR, Avahi, Presto etc.
NAT (network address translation) & PAT (port address translation)Netwax Lab
Network Address Translation (NAT) is designed for IP address conservation. It enables private IP
networks that use unregistered IP addresses to connect to the Internet. NAT operates on a router,
usually connecting two networks together, and translates the private (not globally unique) addresses in
the internal network into legal addresses, before packets are forwarded to another network.
Internet Protocol version 6 (IPv6) is what you are going to discover onwards. Here, you will get format, features and related required information of IPv6 addresses and its related protocols.
Network Address Translation (NAT) is a way to map an entire network (or networks) to a single IP address.
NAT is necessary when the number of IP addresses assigned to you by your Internet Service Provider is less than the total number of computers that you wish to provide Internet access for.
If you have an electric lamp, you can plug it anywhere in electric socket and it is expected to work. Could we think the same way for computers? Could we connect our laptop to any Network and make use of the devices available on that network including printer, scanner etc. The answer is YES, we can do it with help of Zero Configuration networking. Zero Configuration networking is a set of protocols which are used together to make devices talk to each other on the same Network, without any DHCP or DNS server. This is has numerous applications including Wake-on-Lan services. In 1980’s, AppleTalk was handling this scenario for Macs which are connected together with LocalTalk cabling. Later on, it was extended to AppleTalk over Ethernet. Currently we have several implementations of Zero Configuration Networking including Apple’s Bonjour, Windows LLMNR, Avahi, Presto etc.
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...Louis Göhl
Take a sprinkling of Windows 7, add Windows Server 2008 R2, IPv6 and IPsec and you have a solution that will allow direct access to your corporate network without the need for VPNs. Come to these demo-rich sessions and learn how to integrate DirectAccess into your environment. In Part 1 learn about IPv6 addressing, host configuration and transitioning technologies including 6to4, ISATAP, Teredo and IPHTTPS. Through a series of demos learn how to build an IPv6 Network and interoperate with IPv4 networks and hosts. In Part 2 we add the details of IPSec, and components that are only available with Windows 7 and Windows Server 2008 R2 to build the DirectAccess infrastructure. Learn how to control access to corporate resources and manage Internet connected PCs through group policy. Part 1 is highly recommended as a prerequisite for Part 2.
10 IP VERSION SIX (6) WEEK TEN notes.pptxJoshuaAnnan5
IPV6 addressing solution was announced in the mid 1990s (RFC 2460) and was task in solving IPv4’s shortcomings
NB: Version 5 was already assigned to another developing protocol, this is the reason for the jump from version 4 to 6.
Although both versions function similarly, version 4 and version 6 use different types of packet header formatting and addressing lengths. Meanwhile IPV6 header are more efficient and greatly simplified compared to IPV4 header information . This helps to reduce processing overhead during transmission.
Larger address space:
The main limitations with IPv4 are the imposed address space limitations and eventual complete loss of addressing capability. IPv6 was designed to overcome IPv4’s 32-bit limitations by introducing much larger 128-bit addresses and providing an address pool that is virtually inexhaustible.
Stateless autoconfiguration:
A feature used to issue and generate an IP address without the need for a Dynamic Host Configuration Protocol
(DHCP) server:
• Routers send router advertisements (RAs) to network hosts containing the first half, or first 64 bits, of the 128-bit network address.
• The second half of the address is generated exclusively by the host and is known as the interface identifier. The interface identifier uses its own MAC address, or it may use a randomly generated number.
This allows the host to keep hardware addresses hidden for security reasons and helps an administrator mitigate security risks.
More efficient packet headers: IPv6 uses a simpler header design than IPv4. The enhanced design allows routers to analyze and forward packets faster. Fewer header fields must be read, and header checksums are completely discarded in IPv6. More efficient packet headers improve network performance and save valuable router resources
Changes in multicast operation: Support for multicasting in IPv6 is now mandatory instead of optional, as with IPv4. The multicasting capabilities in IPv6 completely replace the broadcasting functionality found in IPv4. IPv6 replaces broadcasting with an “all-host” multicasting group.
Increased security: Another optional feature found in IPv4, IP Security (IPsec) measures are now considered mandatory and implemented natively in IPv6.
What all this numbers translate into is, flexibility of assigning different functions on the network, without facing address exhaustion. It also allows for an improved network design and troubleshooting efficiency.
The hexadecimal address look like
Components of Computer Networks
In this tutorial, we will cover the components of Computer Networks.
A Computer Network basically comprises multiple computers that are interconnected to each other in order to share information and other resources. Multiple computers are connected either with the help of cables or wireless media.
So basically with the help of a computer network two or more devices are connected in order to share a nearly limitless range of information and services whic
NZNOG 2020 - IETF Highlights for OperatorsMark Smith
A brief overview of IETF RFCs published in the last 6 months that are likely to be of interest to network operators, as well as some current Internet Drafts that may also be of network operator interest.
NZNOG 2020 - Getting IPv6 Private Addressing RightMark Smith
In this presentation I briefly describe the first version of IPv6 private or local network addressing - site-locals - and the issues that caused the IETF to replace them back in the early 2000s.
I then describe their replacement, Unique Local Unicast Addresses.
Finally, I provide an overview of how they are intended to be used in parallel with public IPv6 Internet addresses, without needing to use NAT.
This is a shortened version of the same topic I presented on at AusNOG 2019.
Using a set of Network Critical Success Factors (NCSFs) - things network operators need to get right to run a good network - I then use them to evaluate IPv4 Network Address Translation.
I then look at the fundamental nature of IPv6 (and IPv4), and how it can better suite the two different application communications architectures - client-server and peer-to-peer.
Finally, I describe how some of the perceived benefits of NAT can be achieved with IPv6 without performing address translation.
This is an updated version of my AusNOG 2016 presentation on the same topic.
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet DevicesMark Smith
For certain types or models of devices it should be clear and obvious that, by default, they should not be reachable from the global IPv6 Internet, or able to reach the global IPv6 Internet, even though the network they are attached to provides global IPv6 Internet connectivity. This memo proposes that these types of devices refuse to configure and use global IPv6 Internet addresses by default.
IETF 106 - In-flight IPv6 Extension Header Insertion Considered HarmfulMark Smith
In the past few years, as well as currently, there have and are a number of proposals to insert IPv6 Extension Headers into existing IPv6 packets while in flight. This contradicts explicit prohibition of this type of IPv6 packet proccessing in the IPv6 standard. This memo describes the possible failures that can occur with EH insertion, the harm they can cause, and the existing model that is and should continue to be used to add new information to an existing IPv6 and other packets.
AusNOG 2019 - Getting IPv6 Private Addressing RightMark Smith
In my AusNOG 2011 presentation, "Residential IPv6 CPE - What Not to Do and Other Observations", a couple of my examples of mistakes in some IPv6 CPE implementations were the incorrect use and understanding of IPv6 private addressing.
Since then, I've come across other examples of IPv6 private addressing misunderstandings.
In this presentation, I want to help people better understand IPv6 private addressing; when to use it, and if you're using it, how to get it right.
Discussion of IPv6 private addressing naturally leads to the
discussion of one of the most significant features of IPv6 other than the much larger address space; the formal support of nodes (or rather interfaces) having multiple addresses. In the second part of the presentation I'll talk about multi-addressing, including how it works and why it allows a network to have IPv6 private addressing without also having to use any form of NAT to reach the Internet. I'll also talk about some of its other emergent benefits.
At a number of past AusNOG conferences we've seen Google and Facebook make a number of presentations about how they've automated the operatonal deployment, monitoring and troubleshooting in their networks.
They've been really interesting presentations. However, I've wondered how applicable their level of automation really is to the rest of us with much smaller networks. We don't and most of us will never have the scale problems they do.
I've changed my mind. I think Google's and Facebook's level of operational automation is inevitable for all networks. If automation is performed by robots, then I think robots are coming to networks everywhere.
In this presentation, I'll talk about why I've changed my mind. More practically, I'll introduce some of the basic building block tools of "robot building" that can be used to build some trivial yet still quite useful operational automation. These tools can then be used as a basis to build more advanced automation. Finally, I'll talk a bit about the possible "post automation" future in networks.
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
ER(Entity Relationship) Diagram for online shopping - TAEHimani415946
https://bit.ly/3KACoyV
The ER diagram for the project is the foundation for the building of the database of the project. The properties, datatypes, and attributes are defined by the ER diagram.
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
1. IPv6 Formal Anycast and Functional Anycast
Addresses
draft-smith-6man-form-func-anycast-addresses-01
IETF-106
Mark Smith
markzzzsmith@gmail.com
2. Current “Informal” IPv6 Anycast
RFC 4291:
“Anycast addresses are taken from the unicast
address spaces (of any scope) and are not
syntactically distinguishable from unicast
addresses.”
3. IPv6 Anycast Configuration
‘anycast’ host interface manual address
configuration flag
Duplicate Address Detection (DAD) disabled per
RFC4862.
For reachability from off-link, injected into routing
protocol somehow.
5. Negative Sometimes
Duplicate “unicast” route (subnet/host) in routing
domain:
Fault? Yes - if not intended, needs to be fixed
No – it’s intended, it’s anycast, move on
Can’t tell from the address.
6. Negative Sometimes
Forwarding “Scopes/Domains” are coarse because Unicast:
- Global (GUA), Local Network (ULA), Link (Link-Local)
What about more discrete:
- e.g., “Realm”, “Administrative”, “Organization”?
7. Negative Sometimes
Applications or protocols can’t distinguish between unicast and
anycast without manual configuration.
E.g., Multipath TCP/MP-QUIC
1. establish with anycast
2. switch to unicast
Need to exclude anycast addresses during 2.
8. Well-Known, High Order
Anycast Prefix?
ff00::/8 – IPv6 Multicast
aa00::/8 – IPv6 Anycast?
(aa - “anycast address”, fa - “formal anycast” an alternative)
9. Not My Idea
RFC 1546, “Host Anycasting Service”, November 1993
“There appear to be a number of ways to support anycast addresses, some of
which use small pieces of the existing address space, others of which require
that a special class of IP addresses be assigned.”
“The major advantages of using a separate class of addresses are that it is easy
to determine if an address is an anycast address and well-known anycast
addresses are easier to support. ...”
11. Existing Well-Known Anycast
Addresses/Prefixes
Name/Purpose Address/Prefix Scope Globally Reachable
Discard-Only Address Block 100::/64 Network
Local
No
Port Control Protocol Anycast 2001:1::1/128 Global Yes
Traversal Using Relays around NAT Anycast 2001:1::2/128 Global Yes
Direct Delegation AS112 Service 2620:4f:8000::/48 Global Yes
IANA IPv6 Special-Purpose Address Registry
12. Common Properties
Property Comment
Encoding Services/Functions These are not host/interface
identifiers in unicast sense
Different Number Spaces GUA Global (2000::/3),
Non-GUA Global,
Any subnet IID
Different Forwarding
Domains/Scopes
Global,
Local Network,
Local Link (e.g. Link-Local
Anycast address)
13. Common Properties
Property Comment IPv6 Multicast?
Encoding
Services/Functions
These are not
host/interface identifiers
in unicast sense
✓
Different Number
Spaces
GUA Global (2000::/3),
Non-GUA Global,
Any subnet IID
✓
(Global/unspecified, or
within embedded unicast
prefix domain)
Different Forwarding
Domains/Scopes
Global,
Local Network,
Local Link (e.g. Link-
Local Anycast address)
✓
14. Anycast is similar to unicast
(e.g., routing)
Anycast might also be similar to multicast?
(e.g., used for services/functions)
16. Formal Anycast Address Space
Seek IPv6 Multicast inspiration
- scopes
- embedded unicast prefix
- IANA well known function/service IDs
- Local network function/service IDs
17. IPv6 Formal Anycast Prefix
0xaa
8 bits 4 bits 4 bits 112 bits
Visible Scope
Same values as
multicast scopes
per RFC 7346
V.Scop Anycast IdentifierAIF
Anycast Identfier Format
Identifies structure of Anycast
Identifer field. 16 possible
formats.
A /8 is a bold ask, future
proofing.
Identifies
whatever anycast
is being used for.
Structured per
AIF.
18. ICMPv6 Destination Unreachable
New Code:
“Edge of Visible Scope Reached”
Interim Equivalent:
Communication with destination administratively prohibited
19. IPv6 Destination Address Selection
Prefer Formal Anycast over Unicast by default
Anycast easily ignored if unicast preferred
because well known:
aa00::/8
21. Hop-by-Hop Using Anycast Address
Encode Hop-by-Hop function using anycast DA.
After local hop processing, egress anycast
forwarding:
1. RPF check on SA, same as multicast
2. Exclude local node anycast DA instance
3. Forward based on remaining anycast routes
22. Hop-by-Hop Using Anycast Address
This is neither unicast or multicast forwarding.
The series of hops is a series of IPv6 host hops.
RFC 8200:
router a node that forwards IPv6 packets not explicitly
addressed to itself.
host any node that is not a router.
23. IPv6 Functional Anycast
0xaa V.Scop AIF=0 Anycast Identifier
Anycast Domain Prefix Res
64 bits
2
bits 6 bits
Pfx.Len.
8 bits
Flags
Local
Inst
8 bits 24 bits
Anycast Function Id
Anycast Domain Prefix: Up to 64 bit Unicast prefix identifying anycast domain, inspired by multicast RFC 3306
::/64 - “unspecified” or “this” domain
Anycast Domain routes can be aggregated here
Reserved: 2 bits reserved, zero upon send, ignored upon receipt.
Pfx.Len: 6 bit Anycast Domain Prefix length, 0 = 64. Informational.
24. IPv6 Functional Anycast
0xaa V.Scop AIF=0 Anycast Identifier
Anycast Domain Prefix Res
64 bits
2
bits 6 bits
Pfx.Len.
8 bits
Flags
Local
Inst
8 bits 24 bits
Anycast Function Id
Flags: 8 bit flags field, inspired by multicast address Flags field
High Order T bit = Transient Anycast Function Id
T = 0, Well Known, IANA Assigned
T = 1, Transient, local anycast domain assigned
(i.e. same meaning as T bit in multicast Flags)
25. IPv6 Functional Anycast
0xaa V.Scop AIF=0 Anycast Identifier
Anycast Domain Prefix Res
64 bits
2
bits 6 bits
Pfx.Len.
8 bits
Flags
Local
Inst
8 bits 24 bits
Anycast Function Id
Local Instance: 8 bit local instance, version or revision of following Anyc. Func. Id
e.g. Dev function, Local Inst =1; Prod function, Local Inst = 0
Move Dev to Prod, change Local Inst from 1 to 0.
Default value of zero
Can be used to increase Anyc. Func. Id to 32 bits if desired.
26. IPv6 Functional Anycast
0xaa V.Scop AIF=0 Anycast Identifier
Anycast Domain Prefix Res
64 bits
2
bits 6 bits
Pfx.Len.
8 bits
Flags
Local
Inst
8 bits 24 bits
Anycast Function Id
Anycast Function Identifier: 24 bit Function or Service Identifier
T=0 flag, IANA well known
T=1 flag, Local anycast domain assigned
27. Could be simpler?
Value of Prefix Length field a bit debatable to me.
With only 1 flag value, perhaps encode it
somehow somewhere else?
28. Example Use Case 1 –
Internet DDoS Impervious ISP Anycast DNS Resolvers
Requirements:
Reachable to all ISP’s customers
Not reachable from the Internet
Attributable to the ISP
29. Example Use Case 1 –
Internet DDoS Impervious ISP Anycast DNS Resolvers
Formal Anycast: aa00::/8
Visible Scope: 0xb - Network Service Provider (New “Multicast” Scope, >
Organization, < Global)
Anycast Identifier Format: 0x0 – Functional Anycast
30. Example Use Case 1 –
Internet DDoS Impervious ISP Anycast DNS Resolvers
Anycast Domain Prefix: 2001:db8::(/64) – really an ISP’s GUA
Prefix Length: 0x0 (/64)
Flags: 0x0 (T = 0, IANA assigned well known AFI)
Local Instance: 0x00 (Production)
Anycast Function Identifier: 0x000053, 0x000054, 0x000055
(IANA Well Known for DNS1, DNS2, DNS3 resolvers)
31. Example Use Case 1 –
Internet DDoS Impervious ISP Anycast DNS Resolvers
aab0:2001:db8::0053
aab0:2001:db8::0054
aab0:2001:db8::0055
32. Example Use Case 2 -
Organization’s Thingo service in development
Formal Anycast: aa00::/8
Visible Scope: 0x8 - Organization
Anycast Identifier Format: 0x0 – Functional Anycast
33. Example Use Case 2 -
Organization’s Thingo service in development
Anycast Domain Prefix: fdxx:yyyy:zzzz:1234:(/64) – org’s ULA
Prefix Length: 0x0 (/64)
Flags: 0x80 (T = 1, Local organizations AFI)
Local Instance: 0x6a (IETF 106 revision)
Anycast Function Identifier: 0x544e47 (Thingo service)
34. Example Use Case 2 -
Organization’s Thingo service in development
aa80:fdxx:yyyy:zzzz:1234:0080:6a54:4e47
35. Status
Idea mostly baked I think.
Been thinking about it and working on draft for around 3
years to see if it would pan out – a /8 is a bold ask.
Discovering “Host-based Anycast using MLD” suggests
others have thought of similar.
I’m at IETF-106, so present!