IP VERSION 6 - polito.itnetgroup.polito.it/courses/Didattica/CNTS-TSR_slide/IPv6.pdfIPv6 - 70 © M....
Transcript of IP VERSION 6 - polito.itnetgroup.polito.it/courses/Didattica/CNTS-TSR_slide/IPv6.pdfIPv6 - 70 © M....
© M. Baldi: see page 2IPv6 - 1
IP VERSION 6(IPV6)Mario Baldi
www.baldi.info
© M. Baldi: see page 2IPv6 - 2
Copyright NoticeCopyright NoticeThis set of transparencies, hereinafter referred to as slides, is protected bycopyright laws and provisions of International Treaties. The title and copyrightregarding the slides (including, but not limited to, each and every image,photography, animation, video, audio, music and text) are property of the authorsspecified on page 1.The slides may be reproduced and used freely by research institutes, schools andUniversities for non-profit, institutional purposes. In such cases, no authorizationis requested.Any total or partial use or reproduction (including, but not limited to, reproductionon magnetic media, computer networks, and printed reproduction) is forbidden,unless explicitly authorized by the authors by means of written license.Information included in these slides is deemed as accurate at the date ofpublication. Such information is supplied for merely educational purposes andmay not be used in designing systems, products, networks, etc. In any case,these slides are subject to changes without any previous notice. The authors donot assume any responsibility for the contents of these slides (including, but notlimited to, accuracy, completeness, enforceability, updated-ness of informationhereinafter provided).In any case, accordance with information hereinafter included must not bedeclared.In any case, this copyright notice must never be removed and must be reportedeven in partial uses.
© M. Baldi: see page 2IPv6 - 3
Outline
A new version of IP: why? Addresses Modified protocols Socket programming interface Packet header format Neighbor discovery Transition to IPv6(?)
© M. Baldi: see page 2IPv6 - 4
A NEW VERSION OF IP: WHY?
© M. Baldi: see page 2IPv6 - 5
Why a new IP?
Only one true answer
A larger address space
© M. Baldi: see page 2IPv6 - 6
Other answersOther answers More efficient on LANs Multicast and anycast Security Policy routing Plug and play Traffic differentiation Mobility
Ported to IPv4
Quality of service support
© M. Baldi: see page 2IPv6 - 7
A long way to IPv6 adoption Long time for defining IPv6 and
migrating to it Problems needed an interim solution in
IPv4 When IPv6 reached "production" stage,
many IPv4 solutions were acceptable
© M. Baldi: see page 2IPv6 - 8
Why are IPv4 addresses scarce?
About 4 billion addresses!!!
32 bit long
however ...
© M. Baldi: see page 2IPv6 - 9
Only part of the addresses are assigned to stations
Hence, “just” 3.5 billion addresses can be used!!!
Class A, B and C Addresses beginning by bx111 are
used for multicast and else
© M. Baldi: see page 2IPv6 - 10
They are used hierarchically
Lots of unused addresses
The prefix used in a physical network cannot be used in a different one
© M. Baldi: see page 2IPv6 - 11
Interim (IPv4) solutions to the saturation of address space Introduction of network with "taylored" size Netmask
Private addresses Intranet, RFC 1918 Not enough to solve the problemIt should be used in conjunction with NAT or
ALG Network Address Translator (NAT) Extremely popular Proposal for RSIP (Realm Specific IP)
ALG (Application Level Gateway)
© M. Baldi: see page 2IPv6 - 12
Has all of this been effective?
© M. Baldi: see page 2IPv6 - 13
Agencies assigning addressesIANA distributes (better: distributed) /8 IPv4 network prefixes to regional registries
© M. Baldi: see page 2IPv6 - 14
Situation (2010)
© M. Baldi: see page 2IPv6 - 15
Situation (2011)
© M. Baldi: see page 2IPv6 - 16
© M. Baldi: see page 2IPv6 - 17
© M. Baldi: see page 2IPv6 - 18
Routing scalability issues Routing table size Internet size Each subnetwork must be advertised
Problems Router resource limitationsToo much information to manage
Routing protocol limitationsHigh probability of route changes
Mainly affecting backbone routers
© M. Baldi: see page 2IPv6 - 19
Routing scalability issueshttp://bgp.potaroo.net/
© M. Baldi: see page 2IPv6 - 20
Isn’t there a solution with IPv4? Aggregate multiple routes in one Shorter prefix including others 1.2.1.0/24, 1.2.2.0/24 … 1.2.0.0/16
CIDR (Classless Inter-Domain Routing) Limited by non-rational assignment of
IP prefixes
© M. Baldi: see page 2IPv6 - 21
Interim (IPv4) solutions to routing scalability CIDR Classless Inter-Domain Routing
Limiting the assignment of IP addresses Regional Internet Registry: assign address
blocks only to big players E.g., minimum /20 (4096 addresses) network
Scalability of routing protocols With no solution, at present
Problem not completely solved It is the major problem that IPv6 wanted to
solve that it is still open
© M. Baldi: see page 2IPv6 - 22
Birth of IPv6 IETF Boston Meeting (1992), “Call for
proposals” Appointment of dedicated Working Groups
Several proposals TUBA: adopting OSI CLNP as new IP CATNIP: integration of different network (IP,
CLNP, IPX) and transport (TP4, SPX, TCP, UDP) protocols
SIPP: incremental over IPv4 Fix some drawbacksSimple: increasing the address field and
eliminating unused ones
Winning proposal: SIPP with 128 bit addresses
© M. Baldi: see page 2IPv6 - 23
ADDRESSES
© M. Baldi: see page 2IPv6 - 24
So, how many addresses should IPv6 have?
A scientific approachA scientific approachAddressing efficiencyAddressing efficiency
H =log10 (number of addresses)log10 (number of addresses)
number of bitsnumber of bits
© M. Baldi: see page 2IPv6 - 25
Addressing Efficiency
Assuming one million billion networked stations68 bits in the minimum efficiency
case
In existing networksH varies between O.22
and O.26
© M. Baldi: see page 2IPv6 - 26
Melius abundare quam deficere
128 bits(16 bytes)
655.57O.793.348.866.943.898.599 IPv6 addresses per sqm of Hearth surface655.57O.793.348.866.943.898.599 IPv6 addresses per sqm of Hearth surface
© M. Baldi: see page 2IPv6 - 27
8 hexadecimal numbers separated by “:”
Groups of 2 bytes
Notation
FEDC:BA98:0876:45FA:0562:CDAF:3DAF:BB01
1080:0000:0000:0007:0200:A00C:3423:A089
© M. Baldi: see page 2IPv6 - 28
Leading Os in each digit group can be omitted
1O8O:O:O:O:7:2OO:AOOC:3423
1O8O::7:2OO:AOOC:3423 Not more than once
Groups of Os can be substituted by “::”
Shortcuts
© M. Baldi: see page 2IPv6 - 29
Multicast 1111 1111 FF00::/8FFxx:xx…
Addressing Space OrganizationFFFF:….:FFFF
FF00::0
0::0
Multicast
© M. Baldi: see page 2IPv6 - 30
HOST ADDRESSES
Routing and Addressing Principles
© M. Baldi: see page 2IPv6 - 31
Same routing principles as IPv4Same routing principles as IPv4
Subnetwork 2Subnetwork 1
Subnet 3
Subnet 4
Router
© M. Baldi: see page 2IPv6 - 32
Address StructureAddress Structure
Prefix Interface Identifier
128 ‐ n bit128 ‐ n bitn bitn bit
n = 64
© M. Baldi: see page 2IPv6 - 33
Same Address Assignment Principles as IPv4Same Address Assignment Principles as IPv4(different terminology)(different terminology)
Sub network: set of hosts with same prefix
Link: physical network
Subnetwork link
© M. Baldi: see page 2IPv6 - 34
On-link hosts have same prefix
Communicate directly
Off-link stations have different prefix
Communicate through a router
© M. Baldi: see page 2IPv6 - 35
PrefixPrefixAddress/netmask pairis substituted by a “Prefix”Address/netmask pairis substituted by a “Prefix”Address/N, where N is the prefix length [bit]Address/N, where N is the prefix length [bit]
No address classesNo address classes
FEDC:0123:8700::/36 1111111011011100
00000001001000111000
© M. Baldi: see page 2IPv6 - 36
Link local/site local 1111 111O 1
Link local 1111 111O 1OFE8O::/64
Site local (deprecated)1111 111O 11FEC0::/1OFE[C-F]…Equivalent to IPv4
private addresses
MulticastFFFF:….:FFFF
FF0::0
0::0
FE80::0 Link/Site local
Site local
© M. Baldi: see page 2IPv6 - 37
Why Deprecated? Overlapping private address spaces Not a problem in principle, but in
practice Extranets Mergers and acquisitions
© M. Baldi: see page 2IPv6 - 38
Private Addresses
Unique Local Addresses (ULA) FC00::/7
1111 110
FC00::/8 for future use
Private addresses 1111 1101
FD00::/8
MulticastFFFF:….:FFFF
FFFF::0
0::0
FE80::0 Link/Site local
PrivateFD00::0
FDFF:FFFF:.:FFFF
Other ULAFC00::0
© M. Baldi: see page 2IPv6 - 39
Local Unicast Addresses
any Interface ID
54 64
1111-1110-11
10
site localFE[C-F]x
Subnet IDrandomly generated Interface ID
40 16 64
1111-1101
8
privateFD
1111-1110-10
10
link local 0
54
Interface ID
64
FE80
© M. Baldi: see page 2IPv6 - 40
Remaining addressesGlobal Unicast
© M. Baldi: see page 2IPv6 - 41
Global Unicast Addressing Space Organization
IPv4 interoperability 0...0 (80 bit) 0::/80 To be used during
transition phase IPv4‐mapped addresses 16 bits set to 10:0:0:0:0:FFFF::/96
MulticastFFFF:….:FFFF
FFFF::0
0::0
FE80::0 Link/Site local
PrivateFD00::0
FDFF:FFFF:.:FFFF
Other ULAFC00::0
0::FFFF:FFFF:FFFF
IPv4interoperability
© M. Baldi: see page 2IPv6 - 42
E.g. 0:0:0:0:0:0:A00:1E.g. 0:0:0:0:0:0:A00:1
IPv4‐compatible Another 16 bits to 0 0::/96
Compact notation ::A00:1
Special notation ::10.0.0.1
© M. Baldi: see page 2IPv6 - 43
Begin with bxOO1
Topology-based assignment
Service providerhierarchy
Effective aggregation
Aggregatable Global UnicastAggregatable Global UnicastMulticast
FFFF:….:FFFF
FFFF::0
0::0
FE80::0 Link/Site local
PrivateFD00::0
FDFF:FFFF:.:FFFF
Other ULAFC00::0
0::FFFF:FFFF:FFFF
AggregatableGlobal Unicast
2000::0
3FFF:….:FFFF
[2-3]…
© M. Baldi: see page 2IPv6 - 44
Tier 1 ISP
Tier 1 ISP
Tier 2 ISPTier 2 ISP
Tier 2 ISP
Tier 3ISP
Tier 3ISP
Tier 3ISP
Tier 3ISP
Tier 3ISP
Tier 3ISP
Tier 2 ISPTier 1 ISP
Tier 2 ISP Tier 2 ISP
Different assignment criterion for other addressesDifferent assignment criterion for other addresses
© M. Baldi: see page 2IPv6 - 45
Prefix
64 bit64 bit
Interface Identifier
64 bit001
TLA ID NLA ID SLA ID
32 bit 16 bit
Address Assignment
Ethernet Address (EUI 64)Ethernet Address (EUI 64)
LargeISP
Top level authority
Organization
Next level authority Subnet level
authority
Automatic renumbering
© M. Baldi: see page 2IPv6 - 46
More Flexibility
Prefix
64 bit64 bit
Interface Identifier
64 bit
Global Routing Prefix
48 bit
SubnetID
16 bit
Prefix
64 bit64 bit
Interface Identifier
64 bit001
Global Routing Prefix
45 bit
SubnetID
16 bit
2001::/21 – 2001::/23 delegated to registries
© M. Baldi: see page 2IPv6 - 47
Plug and PlayPlug and PlayScenariosDentist Office Thousand computers on the dock
Solution: autoconfigurationStateless: no server neededStatefull: DHCP server
© M. Baldi: see page 2IPv6 - 48
Special Addresses Loopback address ::1 All nodes (multicast) address FF02::1 All routers (multicast) address FF02::2 Unspecified address ::
© M. Baldi: see page 2IPv6 - 49
MODIFIED PROTOCOLS
© M. Baldi: see page 2IPv6 - 50
What changes in the protocol architecture?What changes in the protocol architecture? IP ICMP ARP Integrated in ICMP
IGMP Integrated in ICMP
© M. Baldi: see page 2IPv6 - 51
What about layer
independence?
Upgraded But Not ChangedUpgraded But Not Changed
DNS (type AAAA record) RIP and OSPF BGP and IDRP TCP and UDP Socket interface
© M. Baldi: see page 2IPv6 - 52
SOCKET PROGRAMMING
INTERFACE
© M. Baldi: see page 2IPv6 - 53
What is it?Programming interface
for TCP/IP servicesUsed in application implementationUDP messages Bytes on TCP connections
© M. Baldi: see page 2IPv6 - 54
Underlying Principles
Originated in Unix Environment I/O as file access
Socket descriptor equivalent to a file descriptor for network use
© M. Baldi: see page 2IPv6 - 55
Socket
Point of access to network services
Associated to TCP connection orUDP session
© M. Baldi: see page 2IPv6 - 56
Socket Operations
Wait for connection requests on a portServerlisten()
Accept requests (server)
© M. Baldi: see page 2IPv6 - 57
Connect to a port of a remote serverClientRequires specifying address
and portSend and receive data
© M. Baldi: see page 2IPv6 - 58
PACKET HEADER FORMAT
© M. Baldi: see page 2IPv6 - 59
Do You Remember the IPv4 Header?Do You Remember the IPv4 Header?
Options PAD
Destination Address
Source Address
TTL Protocol Checksum
Identifier Flag Fragment Offset
VER HLEN ToS Total Length
© M. Baldi: see page 2IPv6 - 60
Here is the IPv6 OneHere is the IPv6 One
Payload lengthVER Priority
Next header Hop limitFlow label
Source Address
Destination Address
40 bytes
Simple and constant length
© M. Baldi: see page 2IPv6 - 61
Field RemovalField Removal Not very useful Checksum
Not used in each packet Fragmentation
No longer needed Header length
© M. Baldi: see page 2IPv6 - 62
Extension HeadersExtension Headers
Added when usefulNot needlessly processed in
each packet
© M. Baldi: see page 2IPv6 - 63
Extension Headers Hop By Hop Option Routing Fragment Authentication Encrypted Security Payload Destination Option
© M. Baldi: see page 2IPv6 - 64
Extension Header Format
More extension data
More extension data
Next Header Length Extension data
© M. Baldi: see page 2IPv6 - 65
Header Chaining
IPv6 HeaderN.H.=Routing
Routing headerN.H.=Fragm.
Fragm. headerN.H.=TCP TCP Segment
IPv6 HeaderN.H.=Routing
Routing headerN.H.=TCP TCP Segment
IPv6 HeaderN.H.=TCP TCP Segment
© M. Baldi: see page 2IPv6 - 66
Options To be used in Hop-by-hop and
Destination Option Extension Headers TLV format Type - Length – Value
Type Length Value
© M. Baldi: see page 2IPv6 - 67
Value
Value
Sample Option Usage
Next Header Length Type 1 4
Value
Type 2 6
© M. Baldi: see page 2IPv6 - 68
Sample Option: Jumbo Payload
194 4 Jumbo Payload Length
Type ValueLength
Jumbo Payload Length
© M. Baldi: see page 2IPv6 - 69
Padding Options Extension Headers must be 64 bit
aligned PadN Option
Pad1 Option
0
Type
1 0‐6 0‐6 bytes of data
Type ValueLength
© M. Baldi: see page 2IPv6 - 70
Type Field: first three bitsFirst 2 bits: action in case the option is not recognizedCode Meaning
00 The current option can ignored. It is possible to proceedwith the next one
01 The packet must be discarded
10 The packet must be discarded and an ICMPv6 ParameterProblem message generated
11 The packet must be discarded and an ICMPv6 ParameterProblem must be generated, unless the destinationaddress is a multicast one
Third bit: indicates if the option can be modified on-the-flyCode Meaning
0 The option cannot be changed on-the-fly
1 The option can be changed on-the-fly
© M. Baldi: see page 2IPv6 - 71
Routing Header Used by an IPv6 source to list nodes to
traverse on the path to the destination It can be a loose route
Segment Left Field shows the number of the remaining path segments Points to the next router to reach
© M. Baldi: see page 2IPv6 - 72
Next Header Segments Left
Reserved
Routing Type
Strict/Loose Bit Map
Address[1]
Address[2]
Hdr Ext Len
Address[n]
. . . . . . . . . .
© M. Baldi: see page 2IPv6 - 73
Routing Header: exampleS R1 R2 D
Segment Left: 2
From: S
NextHdr: RoutingTo: R1
Hop 1: R2Hop 2: D
IPv6 Hdr
Routing Hdr
Segment Left: 1
From: S
NextHdr: RoutingTo: R2
Hop 1: R1Hop 2: D
IPv6 Hdr
Routing Hdr
Segment Left: 0
From: S
NextHdr: RoutingTo: D
Hop 1: R1Hop 2: R2
IPv6 Hdr
Routing Hdr
© M. Baldi: see page 2IPv6 - 74
INTERFACING WITH THE LOWER LAYER
© M. Baldi: see page 2IPv6 - 75
Encapsulation Encapsulated in layer 2 frames EtherType: 86DD As a new protocol Enables dual stack approach Keep running IPv4 as-is
© M. Baldi: see page 2IPv6 - 76
Address MappingWhat is the destination MAC address?
IP unicast address Procedural (protocol-based) discoveryNeighbor Discovery
IP multicast address Algorithmic mapping
© M. Baldi: see page 2IPv6 - 77
IPv6 Multicast Transmission Based on MAC multicast IPv6 multicast address mapped to
MAC address 33-33 | 4 least significant bytes of
IPv6 address
FF... Last 32 bits of the IPv6 address0127
33-33 Last 32 bit of the IPv6 address03247
32
© M. Baldi: see page 2IPv6 - 78
Multicast Address Mapping Example
When sending a packet to the IP multicast address FFOC::89:AABB:CCDD
Encapsulate in MAC frame to 33:33:AA:BB:CC:DD
© M. Baldi: see page 2IPv6 - 79
NEIGHBOR DISCOVERY
© M. Baldi: see page 2IPv6 - 80
New Function in ICMP
It substitutes ARP Based on multicast Most likely only one station gets
involved
© M. Baldi: see page 2IPv6 - 81
Solicited Node Multicast Address Subscribed by all hosts FFO2::1:FF/1O4 | 24 least significant
bits of IP address Likely 1 host per group
© M. Baldi: see page 2IPv6 - 82
Address Resolution
ICMP Neighbor Solicitation To Solicited Node
Multicast Address of target IPv6 address
ICMP Neighbor Advertisement To requester address
© M. Baldi: see page 2IPv6 - 83
Resolution Example
To find the MAC address of host 2OO1::ABCD:EF98
ICMP Neigh Sol to Sol Node Mult Add: FFO2::1:FFCD:EF98
Encapsulate in MAC frame to 33:33:FF:CD:EF:98
© M. Baldi: see page 2IPv6 - 84
Host Cache
Mapping between IPv6 and MAC address
Equivalent to ARP cache
© M. Baldi: see page 2IPv6 - 85
TRANSITION TO IPv6 (?)
© M. Baldi: see page 2IPv6 - 86
IPv4 to IPv6 TransitionIPv4 to IPv6 Transition Incremental
Smooth
Seamless
© M. Baldi: see page 2IPv6 - 87
How can we enable this?How can we enable this? Dual-stack approach IPv6 as a new protocolGenerate/receive v6
or v4 packets as needed
Tunneling Translation mechanisms
Address mapping
Application
Ethernet
IPv4 IPv6
© M. Baldi: see page 2IPv6 - 88
IPv4
Isolated IPv6 Networks
IPv6IPv6
IPv6IPv6
IPv6IPv6
IPv6IPv6
IPv6 in IPv4 Tunnel IPv6 in IPv4 Tunnel Dual‐stack HostsDual‐stack Hosts
© M. Baldi: see page 2IPv6 - 89
IPv4
IPv6
IPv6
IPv6
IPv6
IPv6‐only HostsIPv6‐only Hosts
Dual‐stackTranslating
Devices
Dual‐stackTranslating
Devices
IPv6IPv6
IPv6IPv6
IPv6IPv6
IPv6IPv6
IPv6 Islands Grow
IPv6IPv6
© M. Baldi: see page 2IPv6 - 90
IPv6IPv6
IPv4
IPv6
IPv6
IPv6
IPv6
IPv6‐only HostsIPv6‐only Hosts
Dual‐stackTranslating
Devices
Dual‐stackTranslating
Devices
IPv6IPv6
IPv6IPv6
IPv6IPv6
IPv6IPv6
Native IPv6 Connectivity
© M. Baldi: see page 2IPv6 - 91
IPv4
IPv6
IPv6
IPv6
IPv6IPv6
IPv6
IPv6
IPv6
IPv6
IPv6
IPv6
IPv6IPv6
IPv4
IPv4
IPv4
IPv4
IPv4 in IPv6 TunnelIPv4 in IPv6 Tunnel
All the Way to the Doomsday
© M. Baldi: see page 2IPv6 - 92
Are we ready?Are we ready?
All protocols specified
For a while: since 1996!!
© M. Baldi: see page 2IPv6 - 93
Implemented on routersEven if less stable than IPv4
Possibly not all functionalities
Some hardware implementations(Layer 3 switch)
© M. Baldi: see page 2IPv6 - 94
Implemented in end systems
Windows since 2OOO and XP
Unix, FreeBSD, Linux
Quite a few applications
Possibly with a few bugs
© M. Baldi: see page 2IPv6 - 95
When will it happen?
Large IPv4 install baseOnly one true motivation:
Address space depletion
© M. Baldi: see page 2IPv6 - 96
The issue has been mitigated
Provident address assignment
Extensive use of private addressing
NAT and proxying
© M. Baldi: see page 2IPv6 - 97
So, don’t we need IPv6?So, don’t we need IPv6?
NAT not suitable for all applications
Problematic with security mechanisms
© M. Baldi: see page 2IPv6 - 98
Not practical with servers
Not many pubblic addresses
Acceptable limitations so farAcceptable limitations so far
User traceability
© M. Baldi: see page 2IPv6 - 99
Just Plain Address Space Exhaustion Especially in the Asia-Pacific region IANA ran out of class A prefixes in
Feb 2O11 RIPE by end 2O11
Possibly legislation
© M. Baldi: see page 2IPv6 - 100
www.vyncke.org
165OO Allocated Prefixes
Allocated prefixes
Announced
Alive
June 2003 June 2013
© M. Baldi: see page 2IPv6 - 101
Current IPv6 web deployment
www.vyncke.org