IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson...
-
Upload
ira-morrison -
Category
Documents
-
view
220 -
download
2
Transcript of IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson...
![Page 1: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/1.jpg)
IPv6 – The Future Of The Internet
Redbrick Networking Conference26 March 2003
Dave [email protected]
DW238-RIPE
![Page 2: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/2.jpg)
What's in store
● Why bother
● The transition
● Doing it NOW (yes, RIGHT NOW!)
● Where to go from here
![Page 3: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/3.jpg)
Disclaimers
● My opinions, not necessarily those of my employer
● Use at your own risk● No warranty express or implied● I may be misguided, misinformed or
misunderstood● or on crack, for that matter● Best Before June 19100● etc● etc● etc
![Page 4: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/4.jpg)
“But why would I want to use it?”
![Page 5: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/5.jpg)
Why a new protocol?
Conservation of addresses(is a hassle)
![Page 6: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/6.jpg)
Why a new protocol?
Restore the end-to-end(and die, NAT, die)
![Page 7: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/7.jpg)
Why a new protocol?
Stateless autoconfiguration(and take the effort out of the
host)
![Page 8: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/8.jpg)
Why a new protocol?
Simplify address allocation(and take the effort out of the
network)
![Page 9: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/9.jpg)
What IPv6 won't fix
It won't slow down routing table growth
It won't fix QoS, rate-limiting, bandwidth allocation
It won't stop spam (or solve security)
It won't solve world peace,global warming, etc
![Page 10: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/10.jpg)
Addressing and Routing
![Page 11: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/11.jpg)
The good old days
193.1.219.94/25
● 32 bits● Variable subnet size● Allocation depends on need
![Page 12: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/12.jpg)
The new world order
193.1.219.94/252001:770:18:2:260:cfff:fe20:f45c/64
● 128 bits● Variable subnet size● IETF mandates /64 for every LAN● "::" means "pad with zeros"
![Page 13: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/13.jpg)
Routing in IPv6
● IP is still IP● Class A, B, C long gone● Get your addresses from your ISP● Can do everything the old way, but...
![Page 14: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/14.jpg)
Routing in IPv6
● IP is still IP● Class A, B, C long gone● Get your addresses from your ISP● Can do everything the old way, but...
The killer app:Neighbour Discovery
![Page 15: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/15.jpg)
Reaching the host
IPv4 uses A recordsIPv6 uses AAAA records
athene IN A 193.1.219.94
athene IN AAAA 2001:770:18:2:260:cfff:fe20:f45c
Client attempts IPv6 first (AAAA record)and if that fails, IPv4 (A record)
![Page 16: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/16.jpg)
“So we turn off IPv4 when, exactly?”
![Page 17: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/17.jpg)
Transition technologies
Automatic tunnels (::1.2.3.4) IPv4-compatible addresses (::1.2.3.4)
● Dual stack
● Configured tunnels
● 6to4
● NAT-PT
![Page 18: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/18.jpg)
Dual stacking
● Each host gets an IPv4 and IPv6 address
● Server software binds to both addresses
● DNS contains both records
● v4 clients will use the old path
● v6 clients will use the new one,and failover to v4
![Page 19: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/19.jpg)
Dual stacking
Use this when
● You already have global v4 address space
● You have native connectivity
● You have a tunnel + neighbour discovery on your LAN
![Page 20: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/20.jpg)
Configured tunnels
● IPv6 connection in an IPv4 path
● Set up by agreement between you and someone on the 6bone
● Saves dual-stacking your router
First v6 hop may be an inefficient path
Uses CPU on the endpoint
![Page 21: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/21.jpg)
Configured tunnels
Use these when
● It's your first IPv6 connection
● Your ISP doesn't support native v6 (ask!!)
● You want to connect one or a few machines
![Page 22: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/22.jpg)
6to4
You have an IPv4 address
193.1.219.117/32
![Page 23: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/23.jpg)
6to4
You have an IPv4 address
193.1.219.117/32
You've been reserved an IPv6 subnet
2002:c101:dbd9::/48
![Page 24: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/24.jpg)
6to4
You have an IPv4 address
c1.01. db. d9/32
You've been reserved an IPv6 subnet
2002:c101:dbd9::/48
![Page 25: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/25.jpg)
6to4
● Set your default route to the 6to4 anycast relay router
● Your host tunnels traffic to that router
● Return traffic is tunnelled to the encoded IPv4 address
![Page 26: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/26.jpg)
6to4
Use this when
● You've no native connectivity● You can't have (or don't want)
a configured tunnel● You have a static global IPv4 address
(or don't mind it changing)
Really fast, easy, no messing setup The route might suck
![Page 27: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/27.jpg)
“But when is it going to get here?”
![Page 28: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/28.jpg)
How to get connectivity
Ask your ISP!
![Page 29: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/29.jpg)
Enabling IPv6 on the host
● Linux 2.4.* (2.2 with effort)● Red Hat 7.2+,● Debian Stable● Solaris 8● Tru64 V5.1● FreeBSD 4.3● Windows XP (or 2000 with research stack)
● Some sort of global IPv4 address- protocol 41 unfirewalled
![Page 30: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/30.jpg)
Compile the Kernel
● Not needed for Red Hat 7.2
● Turn on experimental options
● Turn on IPv6 under networking options
● Optionally, IPv6 firewalling
![Page 31: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/31.jpg)
On Red Hat 7.2+
[/etc/sysconfig/network] NETWORKING_IPV6=yes
...and restart networking (or reboot)
![Page 32: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/32.jpg)
Native connections
eth0 Link encap:Ethernet HWaddr 00:50:04:EA:43:64
inet addr:193.1.219.136 Bcast:193.1.219.255 Mask:255.255.255.128
inet6 addr: fe80::250:4ff:feea:4364/10 Scope:Link
inet6 addr: 2001:770:18:1:250:4ff:feea:4364/64 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9821540 errors:0 dropped:0 overruns:0 frame:0
TX packets:3651133 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:204455702 (194.9 Mb) TX bytes:1439984168 (1373.2 Mb)
Interrupt:10 Base address:0xe400
![Page 33: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/33.jpg)
Native connections
eth0 Link encap:Ethernet HWaddr 00:50:04:EA:43:64
inet addr:193.1.219.136 Bcast:193.1.219.255 Mask:255.255.255.128
inet6 addr: fe80::250:4ff:feea:4364/10 Scope:Link
inet6 addr: 2001:770:18:1:250:4ff:feea:4364/64 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9821540 errors:0 dropped:0 overruns:0 frame:0
TX packets:3651133 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:204455702 (194.9 Mb) TX bytes:1439984168 (1373.2 Mb)
Interrupt:10 Base address:0xe400
![Page 34: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/34.jpg)
6to4 – Red Hat 7.2+
[/etc/sysconfig/network-scripts/ifcfg-eth0][/etc/sysconfig/network-scripts/ifcfg-ppp0]
IPV6INIT=yes
IPV6_AUTOCONF=no
IPV6FORWARDING=no
IPV6TO4INIT=yes
IPV6TO4_RELAY="192.88.99.1"
IPV6TO4_ROUTING="eth0-:f101::0/64 eth1-:f102::0/64"
![Page 35: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/35.jpg)
Tunnel vs. 6to4
www.sixxs.net
![Page 36: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/36.jpg)
So “ping” works. Where next?
![Page 37: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/37.jpg)
Your [n+1]th machine
● No need to statically configure address, tunnel, anything
● Run radvd on your nominated router
● Address assigned using EUI-64
![Page 38: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/38.jpg)
Security
●Get rid of NAT●Get rid of NAT●Get rid of NAT●Get rid of NAT●Get rid of NAT●Get rid of NAT
●Get rid of NAT●Get rid of NAT●Get rid of NAT●Get rid of NAT●Get rid of NAT●Get rid of NAT
![Page 39: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/39.jpg)
Security
Globally addressable
does not mean
Globally reachable
![Page 40: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/40.jpg)
Common services
● Cisco● 12.2T for 2500-7500● 12.0(23)S for 12000● 12000 requires Engine III line cards for
line rate forwarding
● Juniper● All recent versions of JUNOS● Line rate forwarding
![Page 41: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/41.jpg)
Common services
● SMTP Sendmail, Exim● POP, IMAP Courier● LISTSERV via mail+web server● DNS Bind 9● SSH OpenSSH
● Web server Apache 2● News server Diablo● Web cache Squid+patches
![Page 42: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/42.jpg)
Where next?
IPv6-HOWTO at http://www.tldp.org/
http://www.ipv6.heanet.ie/docs/v6linux/
http://www.6bone.net/
http://www.freenet6.net/
http://www.hs247.com/
![Page 43: IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE.](https://reader036.fdocuments.in/reader036/viewer/2022062422/56649f315503460f94c4d245/html5/thumbnails/43.jpg)
This slide intentionally left blank