IPv6 was created to address limitations in IPv4 such as addressing space and header format. IPv6 features a 128-bit address providing vastly more unique addresses than IPv4. It simplifies the header format. Extension headers allow for optional information to be included in packets in a flexible way. IPv6 also supports anycast and multicast addressing and provides improvements in security, authentication, and mobility.
This document provides an overview of the IPv6 header based on Chapter 4 of the book "Understanding IPv6, Third Edition". It describes the components of an IPv6 packet including the IPv6 header, extension headers, and upper-layer protocol data unit. The IPv6 header is a fixed size of 40 bytes and contains fields for version, traffic class, flow label, payload length, next header, hop limit, source address, and destination address. Extension headers can be added after the IPv6 header and are used to expand IPv6's capabilities. The IPv6 header was designed to be more efficient than IPv4 by reducing the number of required fields and moving seldom-used fields to extension headers.
The document discusses IPv6, including its features and transition plans from IPv4. IPv6 addresses many problems with IPv4, such as address exhaustion, and introduces features like auto-configuration, quality of service, security, and mobility support. The transition will be incremental, using dual stack systems and tunneling to foster interoperability between IPv4 and IPv6 nodes as networks upgrade independently.
1) TCP provides reliable data transmission over unreliable networks like the Internet by establishing connections between endpoints, sequencing packets, detecting and retransmitting lost packets.
2) TCP connections are established through a 3-way handshake process where both sides negotiate sequence numbers to synchronize packet transmission.
3) TCP connections can be closed through a 4-step process where each side sends a FIN packet to gracefully close the connection in both directions.
The document discusses IPv6 addressing and configuration, including IPv6 address formats and types, stateless address autoconfiguration, neighbor discovery, and security considerations for neighbor discovery. IPv6 aims to provide a huge number of addresses, simpler header format, and new features like anycast addresses and extension headers, while neighbor discovery handles tasks like address autoconfiguration and duplicate address detection without ARP.
IPv6 Neighbor Discovery (ND) is a set of processes that determines relationships between neighboring nodes, replacing ARP and other IPv4 protocols. ND is used by hosts and routers to discover addresses, prefixes, and other configuration parameters. It also resolves link-layer addresses, determines neighbor reachability, and selects the next-hop for packet forwarding. ND messages include Router Solicitation, Router Advertisement, Neighbor Solicitation, Neighbor Advertisement, and Redirect.
IPv4 packets contain an IP header and payload. The IP header includes fields that identify the packet like the version and protocol, provide routing information like the source and destination addresses, and ensure reliability like the checksum. It also contains fields for fragmentation, packet lifetime (TTL), and optional features. The payload is the actual data being delivered from the upper layer to the destination.
IPv4 uses a datagram format with a header and data. The header contains information for routing and delivery and is 20-60 bytes. It includes fields for the version, length, identification, fragmentation, protocol, and source/destination addresses. Datagrams can be fragmented into smaller pieces if their size exceeds the MTU of a network. Fragments are reassembled at the destination using the identification field. The time to live field limits the number of hops a packet can make to prevent endless routing.
Communication at the network layer is host-to-host (computer-to-computer). A computer somewhere in the world needs to communicate with another computer somewhere else in the world. For this communication, we need a global addressing scheme, called “logical addressing” Today, IP addresses are used to provide logical addresses in the network layer of the TCP/IP protocol suite.
IPV4 - The Internet addresses are 32 bits in length; this gives us a maximum of 2^32 addresses. These addresses are referred to as IPv4 (IP version 4) addresses or simply IP addresses. The need for more addresses, in addition to other concerns about the IP layer, motivated a new design of the IP layer called the new generation of IP or IPv6 (IP version 6).
In this version, the Internet addresses are 128 bits in length; this gives us a maximum of 2^128 addresses. 128-bit addresses give much greater flexibility in address allocation. These addresses are referred to as IPv6 (IP version 6) addresses.
This document provides an overview of the IPv6 header based on Chapter 4 of the book "Understanding IPv6, Third Edition". It describes the components of an IPv6 packet including the IPv6 header, extension headers, and upper-layer protocol data unit. The IPv6 header is a fixed size of 40 bytes and contains fields for version, traffic class, flow label, payload length, next header, hop limit, source address, and destination address. Extension headers can be added after the IPv6 header and are used to expand IPv6's capabilities. The IPv6 header was designed to be more efficient than IPv4 by reducing the number of required fields and moving seldom-used fields to extension headers.
The document discusses IPv6, including its features and transition plans from IPv4. IPv6 addresses many problems with IPv4, such as address exhaustion, and introduces features like auto-configuration, quality of service, security, and mobility support. The transition will be incremental, using dual stack systems and tunneling to foster interoperability between IPv4 and IPv6 nodes as networks upgrade independently.
1) TCP provides reliable data transmission over unreliable networks like the Internet by establishing connections between endpoints, sequencing packets, detecting and retransmitting lost packets.
2) TCP connections are established through a 3-way handshake process where both sides negotiate sequence numbers to synchronize packet transmission.
3) TCP connections can be closed through a 4-step process where each side sends a FIN packet to gracefully close the connection in both directions.
The document discusses IPv6 addressing and configuration, including IPv6 address formats and types, stateless address autoconfiguration, neighbor discovery, and security considerations for neighbor discovery. IPv6 aims to provide a huge number of addresses, simpler header format, and new features like anycast addresses and extension headers, while neighbor discovery handles tasks like address autoconfiguration and duplicate address detection without ARP.
IPv6 Neighbor Discovery (ND) is a set of processes that determines relationships between neighboring nodes, replacing ARP and other IPv4 protocols. ND is used by hosts and routers to discover addresses, prefixes, and other configuration parameters. It also resolves link-layer addresses, determines neighbor reachability, and selects the next-hop for packet forwarding. ND messages include Router Solicitation, Router Advertisement, Neighbor Solicitation, Neighbor Advertisement, and Redirect.
IPv4 packets contain an IP header and payload. The IP header includes fields that identify the packet like the version and protocol, provide routing information like the source and destination addresses, and ensure reliability like the checksum. It also contains fields for fragmentation, packet lifetime (TTL), and optional features. The payload is the actual data being delivered from the upper layer to the destination.
IPv4 uses a datagram format with a header and data. The header contains information for routing and delivery and is 20-60 bytes. It includes fields for the version, length, identification, fragmentation, protocol, and source/destination addresses. Datagrams can be fragmented into smaller pieces if their size exceeds the MTU of a network. Fragments are reassembled at the destination using the identification field. The time to live field limits the number of hops a packet can make to prevent endless routing.
Communication at the network layer is host-to-host (computer-to-computer). A computer somewhere in the world needs to communicate with another computer somewhere else in the world. For this communication, we need a global addressing scheme, called “logical addressing” Today, IP addresses are used to provide logical addresses in the network layer of the TCP/IP protocol suite.
IPV4 - The Internet addresses are 32 bits in length; this gives us a maximum of 2^32 addresses. These addresses are referred to as IPv4 (IP version 4) addresses or simply IP addresses. The need for more addresses, in addition to other concerns about the IP layer, motivated a new design of the IP layer called the new generation of IP or IPv6 (IP version 6).
In this version, the Internet addresses are 128 bits in length; this gives us a maximum of 2^128 addresses. 128-bit addresses give much greater flexibility in address allocation. These addresses are referred to as IPv6 (IP version 6) addresses.
Lec 2(intoduction of computer networkes)maamir farooq
This document discusses different types of networks:
1. The Internet is the common network used for activities like reading news and social media.
2. The Deep Web is a subset not indexed by search engines so it requires directly visiting sites instead of searching. It exists because the Internet is too large to fully index.
3. The Dark Web requires special software to access and is often associated with illegal activities like drug sales, though it also has legitimate uses. It sits on additional private networks like Tor and I2P.
The document discusses IPv4 and IPv6 addressing and protocols. It provides:
1) IPv4 uses 32-bit addresses represented in dotted decimal notation, consisting of a network and node identifier. IPv6 uses 128-bit addresses to allow for more networks and devices.
2) IPv4 is a connectionless protocol that does not guarantee delivery, while IPv6 includes improvements like larger addresses, better header format, new options, and more security.
3) Transition technologies like dual stack, NAT-PT, 6to4, and 4to6 allow migration from IPv4 to IPv6 networks.
The document discusses transport layer protocols and services including:
- TCP provides reliable, in-order delivery through congestion control, flow control, and connection setup. UDP provides unreliable, unordered delivery with no connection.
- Transport protocols multiplex and demultiplex data between applications using port numbers. TCP uses a 4-tuple of IP addresses and port numbers to identify each connection.
- UDP is useful for streaming multimedia since it is loss tolerant but rate sensitive, while TCP provides reliability through congestion control and retransmissions.
The Internet Protocol version 4 (IPv4) is the delivery mechanism used by the TCP/IP protocols. IPv4 is an unreliable and connectionless datagram protocol & a best-effort delivery service means that IPv4 provides no error control or flow control (except for error detection on the header). IPv4 assumes the unreliability of the underlying layers and does its best to get a transmission through to its destination, but with no guarantees.ThesisScientist.com
The document discusses Address Resolution Protocol (ARP) which resolves IP addresses to MAC addresses on local area networks. It provides details on ARP requests, replies, and vulnerabilities like ARP poisoning. It also covers related topics like proxy ARP and variants of ARP used in other network types. The case study certificate is for a student who completed a case study on internet technology and ARP.
The Internet Protocol (IP) is the fundamental protocol that defines how data is sent between computers on the Internet. IP addresses uniquely identify each computer and data is sent in packets that contain the source and destination addresses. Packets can take different routes and arrive out of order, with TCP ensuring proper ordering. IP is connectionless and sends each packet independently. The most common versions are IPv4 and the newer IPv6. The IP datagram structure includes a header with fields like version, length, checksum, and source/destination addresses, followed by the data. Large data can be fragmented into multiple packets for transmission.
IPv6 addresses are 128-bit identifiers for interfaces compared to 32-bit in IPv4. The presentation discusses the various address formats and types in IPv6 including unicast, anycast, and multicast. It also covers the changes in IPv6 packet header format versus IPv4 as well as new features like flow labeling and extension headers. Key advantages of IPv6 are larger address space, simplified header format, improved support for extensions, and better mobility and security features.
IPv6 was developed to replace IPv4 due to IPv4's limited address space and other issues. IPv6 uses 128-bit addresses compared to IPv4's 32-bit addresses, providing vastly more unique addresses. It also includes improvements in areas like security, quality of service, and extension headers. The transition from IPv4 to IPv6 is still ongoing, with strategies like running both protocols simultaneously, tunneling IPv6 traffic over IPv4, and translating headers to allow ongoing communication as adoption increases.
This document summarizes key fields in an IPv4 packet header, including the version and Internet header length, Type of Service, total length, identification, flags, fragmentation offset, protocol, checksum, and source and destination IP addresses. It describes the purpose and values of several fields, such as using the Type of Service field to indicate quality of service preferences or setting the Don't Fragment flag. It also briefly mentions challenges with IPv4 fragmentation and some common attacks.
This document provides instructions for an assignment using Wireshark to analyze TCP and HTTP traffic. Students are asked to capture network traffic from their own computer, including an HTTP request to a specific URL. They then analyze the captured packets to identify the HTTP requests and responses, TCP segments, and answer questions about the role of each requested file. The tasks are designed to help students learn about network protocols like TCP and HTTP through practical analysis of real network traffic data.
The document summarizes key aspects of the Internet Protocol version 4 (IPv4) including:
- IPv4 provides unreliable, connectionless delivery of packets called internet datagrams between hosts on diverse networks.
- The IPv4 header contains fields for version, header length, type of service, total length, identification, flags, fragment offset, time-to-live, protocol, header checksum, source address, and destination address.
- IPv4 addresses are hierarchical, consisting of a network portion and local host portion, and are divided into classes A, B, and C based on network size.
The document outlines key concepts related to IPv4 and IPv6 including:
- IPv4 uses 32-bit addresses and IPv6 uses 128-bit addresses. IPv6 simplifies the header format and introduces extension headers.
- It describes IP address classes in IPv4 and differences between IPv4 and IPv6 addressing schemes, header formats, and features like built-in security.
- Transitioning from IPv4 to IPv6 poses challenges around increased management complexity, interoperability problems, and security concerns due to shared communication resources between the protocols.
The document discusses IP addresses and the differences between IPv4 and IPv6. It defines what an IP address is and explains the classes of IPv4 addresses including Class A, B, C, D and E. It also defines IPv6, noting it uses 128-bit addresses represented by 8 groups of hexadecimal digits separated by colons. The key differences between IPv4 and IPv6 are that IPv4 uses 32-bit addresses in dot-decimal notation while IPv6 uses 128-bit addresses in hexadecimal colon-separated notation and has a much larger address space.
IPv6 was developed to address limitations in IPv4, such as the depletion of available IPv4 addresses. IPv6 features a 128-bit address space providing vastly more addresses than IPv4. It uses a simplified header structure compared to IPv4, removing unnecessary fields and expanding others. IPv6 also supports stateless autoconfiguration allowing nodes to automatically assign themselves addresses. Extension headers provide additional optional information for areas like routing, fragmentation, security and more. IPv6 aims to resolve issues with IPv4 and build upon lessons learned from over 20 years of IPv4 usage on the internet.
Comparative study of IPv4 & IPv6 Point to Point Architecture on various OS pl...IOSR Journals
This document provides a summary of a comparative study on the performance of IPv4 and IPv6 protocols under different operating systems. The study analyzed bandwidth utilization, round trip time, and overhead for IPv4 and IPv6 in point-to-point configurations under Windows 2007, Mac OS, and Red Hat Linux. Experiments were conducted between 3 PCs configured for IPv4 and IPv6 communications over an unloaded network with 3 routers and 3 workstations. Key differences between IPv4 and IPv6 such as address length, header fields, and transition mechanisms are also outlined.
This document provides an overview of IPv6 addressing and address types. It discusses the 128-bit IPv6 address space and address notation. The main types of IPv6 addresses covered are unicast addresses, including global unicast, link-local, and unique local addresses, as well as multicast addresses and their uses for neighbor discovery. Solicited-node addresses are described as a method for IPv6 nodes to resolve link-layer addresses without broadcasting.
The document summarizes key details about UDP packets observed in a Wireshark lab:
1. The UDP header contains 4 fields - source port, destination port, length, and checksum. Each field is 2 bytes long.
2. The value in the length field indicates the total number of bytes of the UDP header and data.
3. The maximum possible UDP payload size is 65,527 bytes.
4. The protocol number for UDP in both hex and decimal is 0x11 and 17 respectively.
Transport layer protocols provide services like reliable data transfer and connection establishment between applications on networked devices. They address this need through protocols like TCP and UDP. TCP provides reliable, ordered data streams using mechanisms like three-way handshake, sequence numbers, acknowledgments, retransmissions, flow control via sliding windows, and connection termination handshaking. UDP provides simple datagram transmissions without reliability or flow control.
The document discusses IPv6 addressing, including historical aspects, types of IPv6 addresses like unicast and multicast, interface identifiers, and address deployment schemes. It provides details on aggregatable global unicast addresses which aim to minimize the global routing table size through allocation hierarchies. The Abilene network's IPv6 allocations and procedures for obtaining addresses are also summarized.
The document describes the headers for IPv4 and IPv6 packets. IPv6 packet headers are simpler than IPv4 headers, with fewer fields but larger source and destination addresses. IPv6 also introduces extension headers to replace IPv4 options and allow additional optional information to be included. The transition from IPv4 to IPv6 will involve dual-stack implementations and tunneling IPv6 packets in IPv4 networks using special address types.
This presentation gives a brief description about IP Address (Internet protocol address), Classes of IPv4. And also included, what is IPv4 and what is IPv6.
Lec 2(intoduction of computer networkes)maamir farooq
This document discusses different types of networks:
1. The Internet is the common network used for activities like reading news and social media.
2. The Deep Web is a subset not indexed by search engines so it requires directly visiting sites instead of searching. It exists because the Internet is too large to fully index.
3. The Dark Web requires special software to access and is often associated with illegal activities like drug sales, though it also has legitimate uses. It sits on additional private networks like Tor and I2P.
The document discusses IPv4 and IPv6 addressing and protocols. It provides:
1) IPv4 uses 32-bit addresses represented in dotted decimal notation, consisting of a network and node identifier. IPv6 uses 128-bit addresses to allow for more networks and devices.
2) IPv4 is a connectionless protocol that does not guarantee delivery, while IPv6 includes improvements like larger addresses, better header format, new options, and more security.
3) Transition technologies like dual stack, NAT-PT, 6to4, and 4to6 allow migration from IPv4 to IPv6 networks.
The document discusses transport layer protocols and services including:
- TCP provides reliable, in-order delivery through congestion control, flow control, and connection setup. UDP provides unreliable, unordered delivery with no connection.
- Transport protocols multiplex and demultiplex data between applications using port numbers. TCP uses a 4-tuple of IP addresses and port numbers to identify each connection.
- UDP is useful for streaming multimedia since it is loss tolerant but rate sensitive, while TCP provides reliability through congestion control and retransmissions.
The Internet Protocol version 4 (IPv4) is the delivery mechanism used by the TCP/IP protocols. IPv4 is an unreliable and connectionless datagram protocol & a best-effort delivery service means that IPv4 provides no error control or flow control (except for error detection on the header). IPv4 assumes the unreliability of the underlying layers and does its best to get a transmission through to its destination, but with no guarantees.ThesisScientist.com
The document discusses Address Resolution Protocol (ARP) which resolves IP addresses to MAC addresses on local area networks. It provides details on ARP requests, replies, and vulnerabilities like ARP poisoning. It also covers related topics like proxy ARP and variants of ARP used in other network types. The case study certificate is for a student who completed a case study on internet technology and ARP.
The Internet Protocol (IP) is the fundamental protocol that defines how data is sent between computers on the Internet. IP addresses uniquely identify each computer and data is sent in packets that contain the source and destination addresses. Packets can take different routes and arrive out of order, with TCP ensuring proper ordering. IP is connectionless and sends each packet independently. The most common versions are IPv4 and the newer IPv6. The IP datagram structure includes a header with fields like version, length, checksum, and source/destination addresses, followed by the data. Large data can be fragmented into multiple packets for transmission.
IPv6 addresses are 128-bit identifiers for interfaces compared to 32-bit in IPv4. The presentation discusses the various address formats and types in IPv6 including unicast, anycast, and multicast. It also covers the changes in IPv6 packet header format versus IPv4 as well as new features like flow labeling and extension headers. Key advantages of IPv6 are larger address space, simplified header format, improved support for extensions, and better mobility and security features.
IPv6 was developed to replace IPv4 due to IPv4's limited address space and other issues. IPv6 uses 128-bit addresses compared to IPv4's 32-bit addresses, providing vastly more unique addresses. It also includes improvements in areas like security, quality of service, and extension headers. The transition from IPv4 to IPv6 is still ongoing, with strategies like running both protocols simultaneously, tunneling IPv6 traffic over IPv4, and translating headers to allow ongoing communication as adoption increases.
This document summarizes key fields in an IPv4 packet header, including the version and Internet header length, Type of Service, total length, identification, flags, fragmentation offset, protocol, checksum, and source and destination IP addresses. It describes the purpose and values of several fields, such as using the Type of Service field to indicate quality of service preferences or setting the Don't Fragment flag. It also briefly mentions challenges with IPv4 fragmentation and some common attacks.
This document provides instructions for an assignment using Wireshark to analyze TCP and HTTP traffic. Students are asked to capture network traffic from their own computer, including an HTTP request to a specific URL. They then analyze the captured packets to identify the HTTP requests and responses, TCP segments, and answer questions about the role of each requested file. The tasks are designed to help students learn about network protocols like TCP and HTTP through practical analysis of real network traffic data.
The document summarizes key aspects of the Internet Protocol version 4 (IPv4) including:
- IPv4 provides unreliable, connectionless delivery of packets called internet datagrams between hosts on diverse networks.
- The IPv4 header contains fields for version, header length, type of service, total length, identification, flags, fragment offset, time-to-live, protocol, header checksum, source address, and destination address.
- IPv4 addresses are hierarchical, consisting of a network portion and local host portion, and are divided into classes A, B, and C based on network size.
The document outlines key concepts related to IPv4 and IPv6 including:
- IPv4 uses 32-bit addresses and IPv6 uses 128-bit addresses. IPv6 simplifies the header format and introduces extension headers.
- It describes IP address classes in IPv4 and differences between IPv4 and IPv6 addressing schemes, header formats, and features like built-in security.
- Transitioning from IPv4 to IPv6 poses challenges around increased management complexity, interoperability problems, and security concerns due to shared communication resources between the protocols.
The document discusses IP addresses and the differences between IPv4 and IPv6. It defines what an IP address is and explains the classes of IPv4 addresses including Class A, B, C, D and E. It also defines IPv6, noting it uses 128-bit addresses represented by 8 groups of hexadecimal digits separated by colons. The key differences between IPv4 and IPv6 are that IPv4 uses 32-bit addresses in dot-decimal notation while IPv6 uses 128-bit addresses in hexadecimal colon-separated notation and has a much larger address space.
IPv6 was developed to address limitations in IPv4, such as the depletion of available IPv4 addresses. IPv6 features a 128-bit address space providing vastly more addresses than IPv4. It uses a simplified header structure compared to IPv4, removing unnecessary fields and expanding others. IPv6 also supports stateless autoconfiguration allowing nodes to automatically assign themselves addresses. Extension headers provide additional optional information for areas like routing, fragmentation, security and more. IPv6 aims to resolve issues with IPv4 and build upon lessons learned from over 20 years of IPv4 usage on the internet.
Comparative study of IPv4 & IPv6 Point to Point Architecture on various OS pl...IOSR Journals
This document provides a summary of a comparative study on the performance of IPv4 and IPv6 protocols under different operating systems. The study analyzed bandwidth utilization, round trip time, and overhead for IPv4 and IPv6 in point-to-point configurations under Windows 2007, Mac OS, and Red Hat Linux. Experiments were conducted between 3 PCs configured for IPv4 and IPv6 communications over an unloaded network with 3 routers and 3 workstations. Key differences between IPv4 and IPv6 such as address length, header fields, and transition mechanisms are also outlined.
This document provides an overview of IPv6 addressing and address types. It discusses the 128-bit IPv6 address space and address notation. The main types of IPv6 addresses covered are unicast addresses, including global unicast, link-local, and unique local addresses, as well as multicast addresses and their uses for neighbor discovery. Solicited-node addresses are described as a method for IPv6 nodes to resolve link-layer addresses without broadcasting.
The document summarizes key details about UDP packets observed in a Wireshark lab:
1. The UDP header contains 4 fields - source port, destination port, length, and checksum. Each field is 2 bytes long.
2. The value in the length field indicates the total number of bytes of the UDP header and data.
3. The maximum possible UDP payload size is 65,527 bytes.
4. The protocol number for UDP in both hex and decimal is 0x11 and 17 respectively.
Transport layer protocols provide services like reliable data transfer and connection establishment between applications on networked devices. They address this need through protocols like TCP and UDP. TCP provides reliable, ordered data streams using mechanisms like three-way handshake, sequence numbers, acknowledgments, retransmissions, flow control via sliding windows, and connection termination handshaking. UDP provides simple datagram transmissions without reliability or flow control.
The document discusses IPv6 addressing, including historical aspects, types of IPv6 addresses like unicast and multicast, interface identifiers, and address deployment schemes. It provides details on aggregatable global unicast addresses which aim to minimize the global routing table size through allocation hierarchies. The Abilene network's IPv6 allocations and procedures for obtaining addresses are also summarized.
The document describes the headers for IPv4 and IPv6 packets. IPv6 packet headers are simpler than IPv4 headers, with fewer fields but larger source and destination addresses. IPv6 also introduces extension headers to replace IPv4 options and allow additional optional information to be included. The transition from IPv4 to IPv6 will involve dual-stack implementations and tunneling IPv6 packets in IPv4 networks using special address types.
This presentation gives a brief description about IP Address (Internet protocol address), Classes of IPv4. And also included, what is IPv4 and what is IPv6.
IPv6 Community Event: IPv6 Protocol ArchitectureAPNIC
APNIC Training Delivery Manager Terry Sweetser gives a technical overview of IPv6 at the IPv6 Community Event, held on 8 June 2023 in Nuku'alofa, Tonga.
This document provides information about the CS352 course on Internetworking Protocols. It discusses the topics that will be covered in Unit III, including IPv6 transition issues, IPsec, addressing, extension headers, routing, autoconfiguration, and more. It lists the course instructor and their details. It then provides background on problems with IPv4 and advantages of IPv6. Several sections define IPv6 headers and addressing, describing the fixed header, extension headers, address notation, and network/node addressing splits.
Complete notes of computer networks. Bca or bsc studentssreejasethu1
The document discusses several topics related to networking including IP addresses, IP protocols, DNS, remote login, MIME protocol, and the World Wide Web. It provides details on:
- What an IP address is and the different types (IPv4 and IPv6)
- Components of an IPv4 and IPv6 packet header
- How DNS works to translate domain names to IP addresses
- The process of remote login using Telnet
- How MIME allows non-ASCII data to be sent via email by encoding and decoding it
- Key components of the World Wide Web including browsers, servers, and URLs
This document provides information about IPv4 and IPv6 by comparing their key aspects. IPv4 uses 32-bit addresses while IPv6 uses 128-bit addresses, allowing for more available addresses. IPv4 addresses are represented in dotted decimal notation while IPv6 uses colon-separated hexadecimal. IPv6 was developed to address limitations in IPv4 such as address space exhaustion and lack of security features. The document outlines differences between the two protocols in areas like packet fragmentation, checksums, and address types.
The document discusses logical addressing and IP addressing. It covers the following key points:
1. The network layer encapsulates transport segments into datagrams and delivers them to the receiving host. Routers examine header fields to route IP datagrams.
2. An IPv4 address is a 32-bit address that defines a device's connection to the Internet. IPv4 has over 4 billion possible addresses.
3. Subnets divide the host portion of an IP address into a subnet number and host number, creating a three-layer hierarchy of network prefix, subnet number, and host number.
This document provides an overview of IPv4 addressing concepts including:
- The structure of IPv4 addresses and how they are represented in dotted decimal format
- How addresses are divided into network and host portions based on subnet masks
- Common address types like unicast, broadcast, multicast, and how they are used
- Private and public IP address ranges, and how NAT allows private networks to connect to the public Internet
6 ccna (fundamentals of i pv4 addressing and routing)Ulaş Ural
The document discusses fundamentals of IPv4 addressing and routing. It covers key topics such as IP addressing definitions including classes of networks (A, B, C), the network and host portions of addresses, and how hosts use simple routing logic to determine if a packet should be sent directly or to their default gateway. It also introduces the concept of IP subnetting to divide networks into smaller subnets.
This document summarizes key concepts about IP, packet forwarding, and switch fabrics. It discusses how IP provides connectionless delivery of packets using headers that include source and destination addresses. Packets are forwarded based on their destination address, and routers maintain forwarding tables. Switch fabrics must deliver packets from input to output ports, and approaches include shared bus, crossbar, and self-routing switches like Banyan networks. Bisection bandwidth measures the minimum bandwidth between equally divided sets of ports in a network.
IPv4 addresses are 32-bit numbers that uniquely identify devices on the Internet. They consist of a network portion and host portion, with the subnet mask defining which bits belong to each portion. Addresses can be assigned statically or dynamically via DHCP. The IPv4 header contains fields like source/destination addresses, flags, fragmentation information, TTL, and checksum to route packets between networks.
This document discusses the network layer in the internet. It covers the internet protocol (IP) which provides connectionless best-effort delivery of packets called internet datagrams. The transmission control protocol (TCP) provides reliable stream service using acknowledgments, while the user datagram protocol (UDP) provides connectionless datagram service. The document then describes the IP version 4 protocol, including the header fields, fragmentation, addressing, and subnetting techniques.
IPV6 EXPLANATION BY FOROUZANN DATA COMMUNICATIONgopi5692
IPv6 addresses are 128 bits long compared to 32 bits for IPv4, solving the problem of IPv4 address depletion. IPv6 addresses are written in colon hexadecimal format and can be abbreviated by omitting leading zeros and replacing consecutive sections of all-zeroes with "::". The IPv6 packet format includes a fixed-length 40-byte header and optional extension headers that provide additional functionality compared to IPv4 options. During the transition from IPv4 to IPv6, devices will have both protocol stacks and query DNS to determine which version to use for a given destination.
This document provides an introduction to IPv6, including:
- IPv4 is running out of addresses due to its 32-bit size, while IPv6 uses a 128-bit address which provides vastly more addresses.
- IPv6 features include larger addresses, more efficient headers, extension headers for additional functions, and stateless autoconfiguration to simplify address assignment.
- Key changes from IPv4 include larger and more hierarchical addresses, removal of optional fields and checksums, and addition of traffic class and flow label fields.
Briefly explain the three types of IPv6 addresses-SolutionThree types.docxgilliandunce53776
Briefly explain the three types of IPv6 addresses.
Solution
Three types of IPv6 (Internet Protocol version 6 )addresses.
An IPv6 label is used to identify a network interface of a computer or other network node participating in an IPv6 computer network. IPv6 is the successor to the first addressing infrastructure of the internet , IPv4(internet protocol version 4). IPv4 IP address has 32-bit value where as IPv6 addresses have a size of 128-bit vale. That is why IPv6 has enlarged address space compared to IPv4.An IP address serves the purpose of uniquely identifying an individual n/w interface of a host, which is locating on the network, and it permits the routing of IP packets between hosts. IP addresses are present in the field of packet header. For routing IP addresses indicates source and destination of the packet.
The following are the three types of IP addresses which are supported by IPv6
IPv6 addresses are classified by the primary addressing and routing methodologies common in networking. They are ………
This is an identifier for a single interface. A Packet sent to a unicast address is delivered to the interface identified by that address. It can be link-local scope, site-local scope,or global scope.
Ths is an identifier for a group of interfaces generally belonging to different nodes. A packet sent to multicast address is delivered to all interfaces identified by that address.
An identifier for a group of interfaces generally belonging to different nodes. A packet sent to an anycast address is delivered to the closest member of a group or nearest member of a group, according to the routing protocols measure of distance.
Anycast addresses are taken from the unicast address spaces and are not syntactically distinguishable from unicast addresses. Anycast is described as a cross between unicast and multicast. Like multicast, multiple nodes may be listening on an anycast address. Like unicast, a packet sent to an anycast address will be delivered to only one of those nodes. The exact node to which is delivered is based on the IP routing table in the n/w.
Unicast and anycast addresses are composed of two logical parts.
A 64-bit n/w prefix used for routing and a 64-bit interface identifier used to identify host’s n/w interface. The n/w prefix is the combination of routing prefix combined with subnet id. It contained in the most significant 64 bits of the address. The size of the routing prefix may vary. A larger prefix size means a smaller subnet id size. The 64-bit interface identifier is either automatically generated of assigned manually.
Multcast addresses are formed according to several specific formatting rules, depending on the application.
.
IPv6 is the successor to IPv4 and provides a vastly larger 128-bit address space. It features stateless address autoconfiguration, no need for NAT, and built-in IPsec support. The document provides details on IPv6 addressing and headers, neighbor discovery, autoconfiguration, extensions, tools, and RFCs.
IPv6 is the successor to IPv4 with a vastly larger 128-bit address space. It features simpler header format, extension headers, automated address configuration, improved security, and mobility support. Key aspects include stateless autoconfiguration using router advertisements, neighbor discovery for link-layer addresses, duplicate address detection, and IPv6/IPv4 translation techniques.
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3Data Hops
Free A4 downloadable and printable Cyber Security, Social Engineering Safety and security Training Posters . Promote security awareness in the home or workplace. Lock them Out From training providers datahops.com
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
A Comprehensive Guide to DeFi Development Services in 2024Intelisync
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on integration of Salesforce with Bonterra Impact Management.
Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Digital Marketing Trends in 2024 | Guide for Staying AheadWask
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Trusted Execution Environment for Decentralized Process MiningLucaBarbaro3
Presentation of the paper "Trusted Execution Environment for Decentralized Process Mining" given during the CAiSE 2024 Conference in Cyprus on June 7, 2024.
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyScyllaDB
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
2. Introduction
What is wrong with IPv4 ?
The address issue:
IPv6
128 bit address = 296
(7.92282 1028
)
Unicast
Anycast
Multicast
IPv4
32 bit address = 232
(4 294 967 296)
Class A between 1 and 126
Class B between 128 and 191
Class C between 192 and 223
3. The header problem:
Version n
o
IHL Type of Service Total Length
Identification Flags Fragment offset
Time-to-live Protocol Header Checksum
Source Address 32 bits
Destination Address 32 bits
Options Padding
IPv4 Header
IPv6 Header
Version no
Class (priority) Flow label
Payload Length Next Header Hop Limit
Source Address 128 bits
Destination Address 128 bits
Headers
4. Major changes from IPv4 to IPv6:
Expanded addressing capabilities
New type of addresses (unicast)
Header format simplification
Improved support of option (extension headers)
Authentication and privacy capabilities
Improvements
6. Architecture
IPv6 addresses are 128 bits long
There are 3 types of IPv6 addresses:
Unicast: An identifier for a single interface
Anycast: An identifier for a set of interfaces
(typically belonging to different nodes)
Multicast: An identifier for a set of interfaces
(typically belonging to different nodes)
7. Address Notation
8 * (16 bit field) = 128 bits
The designers of the protocol chose to write the
128 bits as eight 16-bit integers separated by
colons, each integer is rep by 4 hex digits, e.g:
FEDC:BA98:7654:3210:FEDC:BA98:7654:3210
8. Address Assignments
The first field of any IPv6 address is a variable-
length format prefix, which identifies various
categories of addresses. Some current
allocation of addresses based on the format
prefix are:
Provider-Based Unicast Address: 010
Link Local Use Addresses: 1111 1110 10
Site Local Use Addresses: 1111 1110 11
Multicast Addresses: 1111 1111
9. Unicast
Format of an IPv6 Provider-based global
Unicast address:
TLA: Top level aggregate(provider ID)
NLA: Next level aggregate(subscriber ID)
SLA: Site local aggregate(subnet ID)
IPv4:
010 TLA NLA SLA Interface ID
3 13 32 16 64 bits
Network Subnet Interface ID 32bits
10. Special Unicast Addresses.
In addition to provider based addresses, there
are 5 other unicast addresses:
Unspecified addresses
Loopback addresses
IPv4 -based addresses
Site local addresses
Link local addresses
E.g. IPv4-Compatible IPv6 addresses consists
of a 32-bit IPv4 address prefixed by 96 zeroes.
Bits:
IPv4 Address0.0…. …..0.0
96 32
11. Anycast Address
An anycast address enables a source to specify
that it wants to contact any one node from a group
of nodes via a single address. A packet with such
an address will be routed to the nearest interface
in the group, according to the router's measure of
distance (hop count, cost, etc)
One particular form of anycast address is the
subnet-router anycast address
Bits: n 128-n
000……….000Subnet prefix
12. Multicast Address
IPv6 includes the capability to address a predefined
group of interfaces with a single multicast address.
A multicast address consists of an 8-bit prefix of ones, a
4-bit flag field, a 4-bit scope field and a 112-bit group ID.
Flags:
T = 0: Indicates a permanently assigned or well-known multicast
address, assigned by the global internet numbering authority
T = 1: Indicates a nonpermanently-assigned, or transient, multicast
address
Group ID
4 11248 Bits
1111111 Flgs Scope
000T
13. The IPV6 protocol consists of two headers:
The Basic IP Header
The Extension Header.
Routing
Basic IP
Header
Extension
Header
Data
14. Basic IP header
Version no
Class (priority) Flow label
Payload Length Next Header Hop Limit
Source Address 128 bits
Destination Address 128 bits
4 bit
Version N0
4 bit
Priority N0
Flow
Label
Payload
Length
Next
Header
Hop
Limit
128 bit
Source
128 bit
Destination
15. 4 bit
Version N0
4 bit
Priority N0
Flow
Label
Payload
Length
Next
Header
Hop
Limit
128 bit
Source
128 bit
Destination
Four bit version number: Four bit Internet Protocol
version number. In this case no
6.
Four bit Priority number: Identifies the desired
delivery priority of its packet. The priority values are
divided into two sets. Value 0 through 7 are used to
specify the priority of traffic for which the source is
providing congestion control, that is traffic that
“backs off” in case of congestion (for example TCP
traffic). Values 8 through 15 are used to specify the
priority of traffic that does not back off in response
to congestion (for example real time packets being
sent at a constant rate.)
For congestion control traffic, the following priority
values are recommended for particular applications
categories:
0 Uncharacterized Traffic
1 Filler Traffic (Netnews)
2 Unattended data transfer (e-mail)
3 (Reserved)
4 Attended bulk transfer (FTP, HTTP, NFS)
5 (Reserved)
6 Interactive Traffic (Telnet)
7 Internet Control Traffic (SNMP)
Flow Label: A flow is a sequence of packets sent
from a particular source to a particular destination
for which the source desires special handling by the
routers. The 24 bit flow label field in the IPV6
header may be used by a source to label those
packets for which it requests special handling by the
IPV6 routers. This includes non default quality of
service or “real-time” service. All packets belonging
to the same flow must be sent with the same source
address, same destination address and same non-
zero flow label.
Payload Length: 16 bit field. The payload length
does exactly what it says, give the exact length of
the payload (i.e., the rest of the packet following the
IPV6 header) in bytes.
Next Header: An 8 bit selector. The next header
identifies the type of header (Extension Header)
immediately following the basic IP Header. It uses
the same values as the IPV4 Protocol field.
Hop Limit: The Hop limit is used to prevent a
misrouted packet to travel around the network
forever without being discarded. It is actually a
counter decremented by one each time it reaches a
node. The packet will be discarded when the Hop
Limit reaches zero.
Source Address: 128 bit address of the originator
packet.
Destination address: 128 bit address of the
intended recipient of the packet.
16. Basic IP Header
Next value = TCP
Extension Header =
TCP
Data
Extension header
Basic IP Header
Next value = Routing
DataExtension Header =
TCP
Extension Header = Routing
Next Header value = TCP
In IPV6, optional information is encoded in one or
multiple separate headers that are placed between
the Basic IP Header and the Payload. There are
multiple Extension headers. Each one is identified by
a unique figure in the Next Header value of the Basic
IP Header or preceding Extension headers. The
improvement compare to IPV4 is that Extension
Headers can be of arbitrary length. The total amount
of options carried in a packet is not limited and can
even be fragmented. IPV6 packets may carry zero,
one or multiple Extension headers.
17. Extension header
There are six different Extension headers:
Hop by Hop header
Routing header
Fragment header
Destination header
Authentication header
Encapsulation header
Security
18. The hop-by-hop option handles every special option
which requires hop by hop processing.
For example, the PadN option will be inserted in the
Hop-by-Hop header when needed (the PadN option is
used to insert two or more bytes of padding. To pad out a
packet consists of adding one or two bit to a packet to
obtain a final bit number of 8 or a multiple of 8).
Hop by Hop header
19. Routing header
Identified by a Next Header label of 43, the Routing
Header is used by IPV6 to list one or more intermediate
nodes to “go through” on the way to the packet’s
destination. This new technique is called address
sequencing.
Suppose that address sequences are shown by a list of
individual addresses separated by a comma like the one
here underneath.
SRC, I1, I2, I3, DST
The first Address is the source, the last is the destination
and the middle addresses are intermediate nodes.
20. Address Sequencing
Assume that H1 and H2’s sites are both connected to providers P1
and P2. A third wireless provider, PR, is connected to both.
P1
H1 PR H2
P2
The simplest case (no use of address sequences) is when H1 wants to
send a packet to H2 containing the addresses:
H1, H2
When H2 replies it reverses the addresses and construct a packet
containing the addresses:
H2, H1
In this example either provider could be used, and H1 and H2 would
not be able to select which provider traffic would be send and
received from. If H1 decides that it wants to enforce a policy that all
communications from/to H2 can only use provider P1, it would
construct a packet containing the address sequence:
H1, P1, H2
This ensures that when H2 replies to H1, it will reverse the route and
the reply would also travel over P1. The addresses in H2’s reply
would look like:
H2, P1, H1
If H1 became mobile and moved to provider PR, it could maintain
(not breaking any transport connections) communication with H2, by
sending packets that contain the address sequence:
H1, PR, P1, H2
This would ensure that when H2 replies, it would enforce H1’s
policy of exclusive use of provider P1 and send the packet to H1 new
location on provider PR. The reversed address sequence would be:
H2, P1, PR, H1
21. Fragment Header
The fragment Option is used by an IPV6 source to send a
packet larger than would fit in the path to its destination.
In order to send a packet that is too large, a source node
may divide the packet into fragments and send each
fragment as a separate packet to be reassembled at the
receiver’s point.
22. Fragment Header
The initial packet is referred to as the original packet and
consists of two parts: the unfragmentable part and the
fragmentable part.
The unfragmentable part consists of the IPV6 header plus
any extension headers that must be processed by nodes
along the path to destination.
Unfragmentable Part Fragmentable Part
The fragmentable part is made out of the rest of the packet,
that is, any extension header that only needs to be
processed by the final destination.
Unfragmentable Part Fragment Header First Fragment
Unfragmentable Part Fragment Header Second Fragment
23. Destination Header
The destination option is used to carry optional information
that need to be examined only by a packet’s destination
node. This header is identified by a next header value of 60.
Different actions will be available in the destination header
but have yet to be defined.
25. Security
Application-specific security mechanisms, e.g:
secure HTTP & Secure Socket Layer for web access
SNMPv2 security for network management &
Privacy enhanced mail, PGP for electronic mail
However the security concerns that cuts across
protocol layers still has to be addressed.
Solution: By implementing security at the IP level,
an organization can ensure secure networking not
only for applications that have security mechanisms
but for the many security-ignorant applications.
26. IETF standards
RFC 1825: An overview of a security
architecture
RFC 1826: Description of a packet
authentication extension to IP
RFC 1828: A specific authentication
mechanism
RFC 1827: Description of a packet
encryption extension to IP
RFC 1829: A specific encryption
mechanism
27. IP level security
Authentication:The authentication mechanism
ensures that a received packet was in fact
transmitted by the party identified as the source
in the packet header.
Privacy: The privacy facility enables
communicating nodes to encrypt messages to
prevent eavesdropping by third parties.
The security features are implemented as extension
headers that follow the main IP header. The
extension header for authentication is known as
the authentication header; that for privacy, the
encapsulating security payload (ESP) header.
28. Security Association
A security association is uniquely identified by an
internet destination address and a security
parameter index (SPI). Hence, in any IP packet,
the security association is uniquely identified by
the destination address in the IPv4 or IPv6 header
and the SPI in the enclosed extension header
(authentication header, AH, or ESP header).
Ex. Authenticated & Encrypted packets:
IPv6 H ---Routing H A H ESP H TCP H +Data
30. ESP
The AH header does not transform data. When
confidentiality is desired, the ESP header should be
used. This Header is always the last one in the
chain of IPv6 extension headers.
Format of the ESP header:
32-bit SPI
32-bit Sequence number
Encrypted Data
&Parameters
Authentication Data
31. ESP
The use of ESP provides support for privacy and
data integrity for IP packets.
ESP can operate in two different modes:
Transport-mode ESP, encrypt either a TCP, UDP
or ICMP segment
Tunnel-mode ESP, encrypts an entire IP packet
32. ESP
Transport-mode operation provides privacy for
any application that uses it, thus avoiding the
need to implement privacy in every individual
application.
Tunnel-Mode ESP -- Tunnel-mode ESP is
used to encrypt an entire IP packet. For this
mode, the ESP is prefixed to the packet and
then the packet plus a trailing portion of the
ESP header is encrypted. This method can be
used to counter traffic analysis.
33. Authentication plus Privacy
The two IP security mechanisms can be
combined in order to transmit an IP packet that
has both privacy and authentication.
Encryption Before Authentication: The entire
transmitted IP packet is authenticated, including
both encrypted & unencrypted parts.
Authentication Before Encryption: The AH is
placed inside the inner IP packet, this inner
packet is both authenticated and protected by
the privacy mechanism.
Unicast :An identifier for a single interface. A packet sent to a unicast address is delivered to the interface identified by that address. Anycast: An identifier for a set of interfaces (typically belonging to different nodes). A packet sent to an anycast address is delivered to one of the interfaces identified by that address (the "nearest" according to the routing protocols' measure of distance). Multicast: An identifier for a set of interfaces (typically belonging to different nodes). A packet sent to a multicast address is delivered to all interfaces identified by that address.
These standards are mandatory for IPv6 and optional for IPv4.
Longer IPv6 addresses allow for aggregating add by hierarchies of network, access provider, geography, corporation, and so on. Such aggregation should make for smaller routing tables and faster table look-ups.
Transition Process: During the transition from IPv4 to IPv6, there will be a lengthy transition period when IPv6 & IPv4 must coexist. IPv4-compatible IPv6 addresses accomodates for this coexistence period. It consists of a 32-bit IPv4 address prefixed by 96 Zeroes.
An anycast address enables a source to specify that it wants to contact any one node from a group of nodes via a single address. A packet with such an address will be routed to the nearest interface in the group, according to the router's measure of distance. An example of the use of an anycast address is within a routing header to specify an intermediate address along a route. The anycast address could refer to the group of routers associated with a particular provider or particular subnet, thus dictating that the packet be routed through that provider or internet in the most efficient manner.
Multicasting is a useful capability in a number of contexts. For example, it allows hosts and routers to send neighbor discovery messages only to those machines that are registered to receive them, removing the necessity for all other machines to examine and discard irrelevant packets. As another example, most LANs provide a natural broadcast capability. A multicast address can be assigned that has a scope of link-local with a group ID configured on all nodes on the LAN to be a subnet broadcast address.
Address sequencing gives a lot of QOS capabilities to IPV6. For example, it could be used for provider selection (based on policy, performance, cost , etc…), mobility (best route to a current location) or re-addressing (route to a new address).
Each fragment packet is composed of: The unfragmentable part of the original packet , with the Payload Length of the original IPV6 header changed to contain the length of this fragment packet. A fragment header containing the header value that identifies the first header of the fragmentable part of the original packet. And finally, the fragment packet itself. At the destination, fragment packets are reassembled into their original, unfragmented form. An original packet is reassembled only from fragment packets that have the same source address, destination address and fragment identification.
Until now, the internet community has only developed application-specific security mechanisms
These standards are mandatory for IPv6 and optional for IPv4.
IP-level security encompasses two functional areas; Authentication and Privacy. In addition, this mechanism ensures that the packet has not been altered in transit.
Security parameters index (32 bits): Identifies a security association. The authentication data field contents will depend on the authentication algorithm specified. Authentication Using Keyed MD5 -- RFC 1828 specifies the use of MD5 for authentication. The MD5 algorithm is performed over the IP packet plus a secret key by the source and then inserted into the IP packet. At the destination, the same calculation is performed on the IP packet plus the secret key and compared to the received value. This procedure provides both authentication and data integrity.
One drawback to this mode is that it is possible to do traffic analysis on the transmitted packets. Because the IP header contains the destination address and possibly source routing directives and hop-by-hop option information, it is not possible to simply transmit the encrypted IP packet prefixed by the ESP header. Intermediate routes would be unable to process such a packet. Therefore, it is necessary to encapsulate the entire block (ESP header plus encrypted IP packet) with a new IP header that will contain sufficient information for routing but not for traffic analysis. Whereas the transport mode is suitable for protecting connections between hosts that support the ESP feature, the tunnel mode is useful in a configuration that includes a firewall or other sort of security gateway which protects a trusted network from external networks.
2 approaches: Encryption before Authentication Authentication before Encryption