1 IPv6 for the Network Edge Steve Deering [email protected] March 20, 2000.
-
Upload
clement-neal -
Category
Documents
-
view
214 -
download
2
Transcript of 1 IPv6 for the Network Edge Steve Deering [email protected] March 20, 2000.
![Page 2: 1 IPv6 for the Network Edge Steve Deering deering@cisco.com March 20, 2000.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649f1c5503460f94c31d44/html5/thumbnails/2.jpg)
2
Which Edge?
• end-user site / devices as the edge, orIP / upper-layer interface as the edge?
• either way, I disagree with premise of workshop — intelligence / control was originally at edge (either definition) but has been migrating to the “inside”:– firewalls– NATs– packet-hijacking caches– TCP helpers– layer 4-7 “routers”– ...
![Page 3: 1 IPv6 for the Network Edge Steve Deering deering@cisco.com March 20, 2000.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649f1c5503460f94c31d44/html5/thumbnails/3.jpg)
3
Why Current Direction is Bad
• inhibits introduction of new protocols / services
• gives monopoly control over services to the carriers
• makes Internet behavior harder to understand, manage, diagnose, and correct
• often reduces performance
• often reduces security
If only we had managed to deploy ubiquitous, end-to-end encryption of tranport headers and above...
![Page 4: 1 IPv6 for the Network Edge Steve Deering deering@cisco.com March 20, 2000.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649f1c5503460f94c31d44/html5/thumbnails/4.jpg)
4
IPv6 to Restore Edge Control
• eliminates need for NATs
• 2128 addresses should suffice for a Very Big Edge
• auto-configuration to make a Very Big Edge feasible
• built-in IPsec for security without “inside” agents, such as firewalls
Note: need not put IPv6 everywhere to get these benefits — just in edge devices and “internal edges”
![Page 5: 1 IPv6 for the Network Edge Steve Deering deering@cisco.com March 20, 2000.](https://reader036.fdocuments.in/reader036/viewer/2022082818/56649f1c5503460f94c31d44/html5/thumbnails/5.jpg)
5
IPv6 Status
• core specs are IETF Draft Standard => stable and well-tested
• all major host and router vendors have implementations at some stage of completeness
• current implementations already exceed IPv4 capabilities
• ongoing work to further improve functionality