IPv6 required - Karunya University 3 Feb 2012

Networking for the Future

Part 1: Why do we need IPv6?
Part 2: IPv6 – A Technical Primer
Part 3: Internet is changing the world

Dr. Olivier MJ Crépin-Leblond – ocl@gih.com
Karunya University, Coimbatore, 3 February 2012
Version 201201.2
© 2009 Global Information Highway Ltd


What is an IP Address?
Domain Names are identifiers
that you type in your Web
Domain Name: www.isoc.org Browser, your E-mail etc.
www.google.com
www.yahoo.com

DNS Servers translate this
DNS Server Domain Name into an
address that is made up of
translation
numbers

Every device that is
IPv4 Address: 212.110.167.157 connected to the Internet
needs its Internet Protocol
(IP) address

Version 201201.1 2


We are running out of IPv4 addresses
“Internet Protocol”

Each device (computer, phone etc.)
connected to the Internet needs an
Internet Protocol (IP) address.

If we have 10 addresses only, how do we
connect 11 computers?
We cannot do that.

This is the point which we are about to
reach.
Version 201201.1 3



today

When we reach this point, it will be too late since
there will be no more free IP addresses!
Real time data collected 1 Mar 2010
Version 201201.1 4



http://www.potaroo.net/tools/ipv4/index.html
When we reach this point, it will be too late since
there will be no more “free” IPv4 addresses!
Real time data collected September 2011
Version 201201.1 5


Current temporary solutions
Network Address Translation

An end user “pulls” the information to them from the network

Version 201201.1 6


How about Carrier Grade NAT?
Quotes – Vinton Cerf
US Scientist, widely known as one of the Fathers of the Internet

The Internet is based on a layered, end-to-end
model that allows people at each level of the
network to innovate free of any central control.
By placing intelligence at the edges rather than
control in the middle of the network, the
Internet has created a platform for innovation.

Version 201201.1 7


The original Internet Architecture
Can be several
routers at various
“entry” points with
resilient routes

User-Centric Internet

Any connected device could be a “client” or a “server”

Version 201201.1 8


The Internet Architecture Version 2
Local NAT

User-Centric Internet

NAT = Network Address Translation

Version 201201.1 9


Adding Carrier-Grade NAT
Single point of failure
at Carrier Level

CG-NAT CG-NAT

The Network-Centric
Internet

Server Only Client Only

Version 201201.1 10


Carrier Grade NAT

•Single point of failure
•Need to use application-level filtering to
inspect application protocol packets and
modify them on the fly
•Violates TCP states (usually performed by
end nodes
•Hard recovery for link flapping (multiple
routes)
Version 201201.1 11


Carrier Grade NAT
•Hides complete parts of the DNS due to
impossibility of connecting to specific host
•Difficulty in establishing end to end VPN
tunnels due to inability to connect to the “end”
•Major problem for people working from
home or while travelling
•Any address translation might open the door
to fake address translation and hacking thus
potential security issues

Version 201201.1 12



Internet Traffic

It is impossible to connect remotely
to an “internal” address

Version 201201.1 13


Temporary solutions don’t work

In the future, communication will go both ways

Version 201201.1 14


Future Solution – IPv6 everywhere

In the future, communication will go both ways

Version 201201.1 15


Future Solution – Internet everywhere

In the future, communication will go everywhere

Version 201201.1 16


IPv6 examples

Emergency Alerts

Version 201201.1 17


Version 201201.1 18


Version 201201.1 19


IPv6 examples

Smart Grid – greener use of
energy
Version 201201.1 20


The Smart Grid

Source: US National Institute of Standards & Technology
Version 201201.1 21


Infrastructure required for These are the
telecommunications applications of the
•Always connected Personal Digital Assistant: future
•Mobile phone (Apple iPhone & iPad, Nokia, HTC etc.)
•Possibility to surf Web sites, but also use artificial intelligence for the
digital assistant to automatically book tickets, shop, see pictures of area
(like Google maps), to access remote cameras, and to find out about
anything, anywhere. GPS location device with information about
services. This is only addressable via IPv6!
•Law enforcement and civil protection
•Police can use all of these services, and more, to ensure the safety of
the population. Firemen can coordinate information more easily.
Ambulances and emergency services will know more information before
arriving on scene.
•Always online - Everywhere

Version 201201.1 22


IPv6 – a Technical Primer

Dr. Olivier MJ Crépin-Leblond – ocl@gih.com

Version 201201.1


IPv6 Key Features

Version 201201.1 24


IPv4 and IPv6 Addressing
Internet Protocol IPv4 Internet Protocol IPv6

Deployed 1981 1999

Address Size 32 Bit 128 Bit

Address Format Dotted Decimal Hexadecimal Notation
Notation 2001:0DB8:0123:456
192.168.0.1 7:89AB:CDEF:0123:45
67
Prefix Notation 192.168.0.0/24 2001:0DB8:0123/48

N° Addresses 2 x 10^32 2 x 10^128

N° Addresses 4,294,967,296 340,282,366,920,
938,463,463,374,607,431,
768,211,456

Version 201201.1 25


IP Version 4

4,294,967,296

IP Version 6

340,282,366,920,938,463,463,374,607,431,768,211,456

Version 201201.1 26


IPv6 Space

IPv4: 4,294,967,296 addresses

IPv6: 340,282,366,920,938,463,463,374,607,431,770,000,000 possible addresses
50,000,000,000,000,000,000,000,000,000 addresses per human
Version 201201.1 27


Differences between IPv4 & IPv6
Internet Protocol Internet Protocol
IPv4 IPv6
Address Size 32 Bit 128 Bit

N° Addresses 2 x 10^32 2 x 10^128

Security IPSEC Optional IPSEC (Originally)
Mandatory
Quality of Service Basic Extended

Address Allocation Manual or DHCP Many more methods

Peer to Peer comm. Broken by NAT No NAT

IP Addresses per Usually 1 Many
interface
Mobility Extension Mobile IPv6 Mobility

Version 201201.1 28


Overall Packet Structure
Link Layer IP Transport Application Protocol Data Link Layer
Header Header Header Trailer

Presentation HTML
Application HTTP
Transport TCP, UDP,…
Protocol IP
Link Layer Ethernet
Physical Fiber

Version 201201.1 29


Packet Structure / Datagram
Link Layer IP Transport Application Protocol Data Link Layer
Header Header Header Trailer

Presentation HTML
Application HTTP
Transport TCP, UDP,…
Protocol IP (v4 or v6)
Link Layer Ethernet
Physical Fiber

Version 201201.1 30



Version 201201.1 31


Streamlining of IPv6

Fewer fields in the packet header
Fixed size header- 40 octets (or bytes)
No fragmentation in network
No checksum processing
Packet can be switched by flow label
(Quality of Service possibility)

Version 201201.1 32


No checksum Processing

Presentation HTML
Application HTTP
Checksum: YES Transport TCP, UDP,…
Checksum: NO Protocol IPv6
Checksum: YES Link Layer Ethernet
Physical Fiber

Version 201201.1 33


IPv6 Header Fields

Version

4 bits long

IP Version = 4 for IPv4
= 6 for IPv6

Traffic Class

8 bits long

Quality of Service Techniques:

Diffserv Code Points (DSCP)
Congestion Notification (ECN)
Called “Type of Service in IPv4

Version 201201.1 34


IPv6 Header Fields

Flow Label

20 bits long

Specific per flow processing of
data Streams. This supports
real-time datagram delivery
and quality of service (QoS).
Routers between the source
and destination would treat
traffic with the same datagram
in a similar way.

For example, similar/minimal
latency to Video packets.

Version 201201.1 35


IPv6 Header Fields

Payload Length

16 bits long

In IPv4: Total Length field

This is the size of the inner
datagram, after the basic
header (which itself is 40
bytes long).

Version 201201.1 36


IPv6 Header Fields

Next Header

8 bits long

Identification of Inner datagram

This serves the same purpose Hop Limit
as the IPv4 “Protocol Field”, the
identifying of data inside the 8 bits long
payload of the IP datagram.
Maximum Number of hops
Codes are however extended to
include the processing of In IPv4 this was called “TTL =
options for Extension Headers Time to Live” and decreased at
(described later). each hop.
In IPv6 it is appropriately called

Version 201201.1 37


IPv6 Header Fields

Source and Destination

128 bits long

These are the Source and the
Destination of the datagram.

The Source IP address is the
originator of the datagram i.e.
The device that originally sent
the packet
The Destination IP address is
the intended recipient of the
packet i.e. the ultimate
destination. Valid for Unicast,
Multicast or Anycast

Version 201201.1 38


IPv6 Extension Headers
Order Header Type Next Header
Code
1 Basic IPv6 Header -
2 Hop-by-Hop options 0
3 Destination Options & Routing 60
4 Routing Header 43
5 Fragment Header 44
6 Authentication Header 51
7 Encapsulation Security Payload 50
8 Destination Options 60
9 Mobility Header 135
(end) No Next Header 59
Upper Layer TCP (like IPv4 “protocol” field) 6
Upper Layer UDP (like IPv4 “protocol” field) 17
Upper Layer ICMPv6 (like IPv4 “protocol” field)
Version 201201.1 58 39



Version 201201.1 40



A few more examples of daisy-chained extension headers

Version 201201.1 41


IPv6 Address shortening
2001:0DB8:0000:ABCD:0000:0000:0012:3456

2001:0db8:0000:abcd:0000:0000:0012:3456

2001:db8:0:abcd:0:0:12:3456

2001:db8:0:abcd::12:3456

•Letters are case insensitive
•Leading zeros in a field are optional
•Successive fields of zeros

Version 201201.1 42


IPv6 Addressing
2001:0DB8:0000:ABCD:0000:0000:0012:3456

•Addresses have scope
•Interfaces can have multiple addresses
•Addresses have lifetime
Version 201201.1 43


IPv6 Addresses have scope
2001:0DB8:0000:ABCD:0000:0000:0012:3456

Global Unique Local Link local

Version 201201.1 44


IPv6 Type of Addresses

Version 201201.1 45


IPv6 Host addresses

Loopback address (used by the machine):
0000:0000:0000:0000:0000:0000:0000:0001
0:0:0:0:0:0:0:1
::1 ( this is like 127.0.0.1 in IPv4)

Unspecified: (used to define the default route)
0:0:0:0:0:0:0:0
::

This address is mandatory
Version 201201.1 46


IPv6 Link Local

Link Local addresses are mandatory and start with
fe80::
They work only on the Link Layer and cannot be
forwarded by a router. Their function is key to the
automatic configuration of a host without a router
or DHCP server. Just connect the hosts & bingo!
Start: fe80::
End: febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff
Version 201201.1 47


IPv6 Global Unicast

Global Unicast current assignment:

Start: 2000::
End: 3fff:ffff:ffff:ffff:ffff:ffff:ffff:ffff

6to4 is a transition mechanism where IPv6 packets transit
globally via IPv4.
It has its own prefix 2002 with the rest of the address
structure being slightly different

Version 201201.1 48


IPv6 Multicast

Global Multicast current assignment:
Start: ff00::
End: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff

Field starts with ff<LS> where L and S are as follows:
L = 0 for permanent group / 1 for temporary group
S = Scope bit: 1 - Interface; 2 – Link;
4 – Admin; 5 – Site; 8 = Organization; E = Global
All others: unassigned or reserved

Version 201201.1 49


CIDR Blocks in IPv6
CIDR is principally a bitwise, prefix-based
standard for the interpretation of IP
addresses. It facilitates routing by
allowing blocks of addresses to be
grouped into single routing table entries.
It is used in IPv4 and in IPv6
Since IPv6 have scope, it is particularly
helpful to use CIDR

Global Unique Local Link local

Version 201201.1 50


CIDR Blocks in IPv6

2001:0db8:0000:abcd:0000:0000:0012:3456
|||| |||| |||| |||| |||| |||| |||| ||||
|||| |||| |||| |||| |||| |||| |||| |||128 /128 Single end-points and
loopback
|||| |||| |||| |||64 /64 Single end-user LAN subnet (required prefix size
for stateless address autoconfiguration (SLAAC))
|||| |||| |||| ||60 /60 Some (very limited) 6rd deployments
|||| |||| |||| |56 /56 recommended Minimal end-site assignment
|||| |||| |||48 /48 recommended Typical assignment for home sites
|||| |||| 36 /36 possible future local Internet registry (LIR) extra-small
allocation
|||| |||32 /32 LIR minimum allocation
|||| ||28 /28 LIR medium allocation
|||| |24 /24 LIR large allocation
|||| 20 /20 LIR extra large allocation
||12 /12 Allocation to regional Internet registry by IANA[12]

Version 201201.1 51


CIDR Blocks in IPv6

2001:0db8:0000:abcd:0000:0000:0012:3456
|||| |||| |||| |||| |||| |||| |||| ||||
2001:0db8:0000:abcd:0000:0000:0012:3456/128 /128 Single end-points and
loopback
2001:0db8:0000:abcd/64 /64 Single end-user LAN subnet (required prefix size
for stateless address autoconfiguration (SLAAC))
2001:0db8:0000:abc/60 /60 Some (very limited) 6rd deployments
2001:0db8:0000:ab/56 /56 recommended Minimal end-site assignment
2001:0db8:0000/48 /48 recommended Typical assignment for home sites
2001:0db8:0/36 /36 possible future local Internet registry (LIR) extra-
small allocation
2001:0db8/32 /32 LIR minimum allocation
2001:0db/28 /28 LIR medium allocation
2001:0d/24 /24 LIR large allocation
2001:0/20 /20 LIR extra large allocation
200/12 /12 Allocation to regional Internet registry by IANA[12]

Version 201201.1 52


Multicast Addresses
Address Scope Description
ff01::1 Interface All interfaces on the node
ff01::2 Interface All routers on the node
ff02::1 Link All nodes on the link
ff02::2 Link All routers on the link
ff02::5 Link OSPF v3 SFP Routers
ff02::6 Link OFPF v3 Designated Routers
ff02::9 Link RIP Routers
ff02::a Link EIGRP Routers
ff02::d Link PIM Routers
ff05::1:2 Site All DHCP routers on the local net site
ff05::1:3 Site DHCP Servers on the local net site
ff0x::fb Multicast DNS
ff0x::101 Network Time Protocol (NTP)
Version 201201.1 53


Unicast vs. Multicast

Version 201201.1 54


Version 201201.1 55


Anycast Addresses

This is used to send a packet to multiple
nodes which are not necessarily on the
same subnet
An Anycast address is the same Unicast
address configured on multiple nodes:
The routers will deliver the packet to the
nearest node member of the Anycast group
Currently used with DNS servers

Version 201201.1 56


Anycast Addresses
3ffe:b00:1::5

3ffe:b00:1::5

Routers know where 3ffe:b00:1::5
to route this data

Version 201201.1 57


Many addresses on one node
Quantity Address Requirement Context

1 Link local (fe80::) Must be defined On each interface

1 Loopback (::1) Must be defined On each node

0 to many Unicasts May be defined On each interface

any Unique-Local May be defined On each interface

1 All-nodes Multicast Must be joined On each interface

1 Solicited node Must be joined For each multicast
Multicast and any anycast
address defined
any Multicast group May be joined On each interface

Version 201201.1 58


IPv6 Multihoming
2a00:19e8:10::3
Site: 2a00:19e8:10::/48
2001:db8:abcd::3
2001:db8:abcd::/48

2a00:19e8:10::1 2a00:19e8:10::1
200
1:d
b 8:
2001:db8:abcd::1 abc 2001:db8:abcd::2
d ::
/48
48
::/
:10
2a00:19e8:10::/48
:1 9e8 2001:db8:abcd::/48
0
2a0
f.
High Pref. Pre Low
Lo w Pre High Pref.
f.

2a00:19e8::/32 2001:db8:::/32

Version 201201.1 59


Obtaining IPv6 addresses
Manual setting up of IPv6 address. This is
similar to IPv4
2 auto-configuration mechanisms in IPv6:
Stateless: SLAAC (Stateless Address Auto-
Configuration), based on ICMPv6 messages
(Router Solicitation and Router Advertisement)
Stateful: DHCPv6
SLAAC is mandatory, while DHCPv6 is
optional
DHCPv6 works differently to IPv4 DHCP

Version 201201.1 60


Stateless Address Auto-Configuration

In SLAAC, constant “Router
Advertisements” communicate
configuration Information such as:
IPv6 prefixes to use for autoconfiguration
IPv6 routing information
Other configuration parameters (Hop Limit,
MTU, etc.)
This information is used, along with the
Ethernet Unique Identifier (Eui64)
address (and other information, in some
cases), to create IPv6 addresses for the
node

Version 201201.1 61


Making up an Eui-64 address

Version 201201.1 62


IPv6 Address Allocation

2001:db8:abcd::3 Manually allocated

DAD = Duplicate Address Detection
Site Prefix:
2001:db8:abcd::/48

RA message with
MAC: 00:90:27:17:FC:0F Network type
Eui-64: 02 90 27 FF FE 17 FC 0F information

2001:db8:abcd:: + Eui-64
fe80::290:27ff:fe17:fc0f Link-Local
2001:db8:abcd::290:27ff:fe17:fc0f Router Advertisement

Version 201201.1 63


IPv6 Dynamic Naming System
Quite similar to IPv4 DNS
Forward DNS
host1.example.com IN A 192.168.0.2
host1.example.com IN AAAA 2001:db8:0:abcd::12:3456

Reverse DNS
1.0.160.192.in-
1.0.160.192.in-addr.arpa IN PTR host1.example.com
6.5.4.3.2.1.0.0.0.0.0.0.0.0.0.0.d.c.b.a.0.0.0.0.8.b.d.0.1.0.0.2.
6.5.4.3.2.1.0.0.0.0.0.0.0.0.0.0.d.c.b.a.0.0.0.0.8.b.d.0.1.0.0.2.
.ip6.arpa

Tools exist to write the reverse DNS

Version 201201.1 64


Mobility / Mobile IP
IPv4 already had extensions called IPv4
mobility
IPv6 has similar extensions that are a lot
more developed than the IPv4 equivalent
since they run on IPv6.

New mobility options to include in mobility signalling
New extended routing header
New home address option for destination header
New Neighbour Discovery
New ICMPv6 (Internet Control Message Protocol)

Version 201201.1 65


Correspondent Node

Home
Agent

Mobile Node Connects to
At home Mobile Node
At Home

This is a router

Version 201201.1 66


Correspondent Node

Home
Agent

Mobile Node
At home

Tells Home Agent
where it is

Mobile Node

Version 201201.1 67


Correspondent Node

Home
Agent

Tells Home Agent
where it is
Home Agent
forwards packets
To Mobile Node Mobile Node
answers directly
Back to Correspondent

Mobile Node

Version 201201.1 68


Correspondent Node

Home
Agent

Mobile Node
at home

The use of ICPMv6
as well as other
features of IPv6
allows for faster
roaming and more
features in IPv6
Mobile Node Mobile IP.
Mobile Node
Version 201201.1 69


IPSec on IPv6: end to end security

Version 201201.1 70


Transition Security Problem Example
IPv4 or
IPv6
Address
spoofing

Version 201201.1 71


Internet is changing the world

Version 201201.1

Internet is changing the business world

New business models
Google
Amazon.com
Skype (development in Estonia)
iTunes
youTube
Open Source Software
Mobile application download ($1 app)
New community spaces
Facebook (500+ million users)
MySpace
Google+

Version 201201.1 73

Internet is changing
the business world

Version 201201.1 74


The power of Developers

The key to IPv6 success will be
developers
New services
New applications
The ubiquitous network
Always on
Everywhere

Version 201201.1 75


A recent Boston Consulting Group report
commissioned by Google estimated the
United Kingdom’s Internet economy:
is worth £100 billion a year,
is growing at 10% a year, and
directly employs 250,000 people.
7.2% of UK Gross Domestic Product (GDP)

Source: http://www.connectedkingdom.co.uk/

Version 201201.1 76

Source: http://www.connectedkingdom.co.uk/

Version 201201.1 77

Don’t be afraid of change!
Horse drawn carriages are history
Today there’s a systemic barrier to the
Internet’s Growth
Laws and processes are designed to safeguard
what is currently in place
Baggage which, in some cases, will have to be
changed
Otherwise? The market will dictate change and
it will find opportunities elsewhere

Version 201201.1 78

So what needs to be done?
The Internet Train is here. Do not miss it.
It will continue to grow and if you are not
ready, business will go elsewhere
Get ready for IPv6 – the next network
addressing
Get ready for new technologies and
promote them
Engage in multi-stakeholder processes:
ICANN, IETF, W3C etc.

Version 201201.1 79

World IPv6 Launch

Major Internet service
providers (ISPs), home
networking equipment
manufacturers, and web
companies around the world
are coming together to
permanently enable IPv6 for
their products and services.
Target: 6 June 2012
http://www.worldipv6launch.o
rg
Version 201201.1 80

Click to add title

Click to add text

Version 201201.1 81

So what should you avoid?

Version 201201.1 82

With thanks to Dr. Alaa AL-Din AL-Radhi for some visuals.

Thank You / Questions ?

Version 201201.2

IPv6 required - Karunya University 3 Feb 2012

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (15)

En vedette

En vedette (8)

Similaire à IPv6 required - Karunya University 3 Feb 2012

Similaire à IPv6 required - Karunya University 3 Feb 2012 (20)

Plus de Olivier MJ Crépin-Leblond

Plus de Olivier MJ Crépin-Leblond (15)

Dernier

Dernier (20)

IPv6 required - Karunya University 3 Feb 2012