Internet Protocol Version 6 (IPv6) - fccgov
Internet Protocol Version 6 (IPv6) What is IPv6? In order to connect devices over the Internet, each device must have an Internet protocol (IP) address The current IP system is Version 4 (IPv4), which makes available over four billion IP addresses However, the huge increase in Internet users and devices worldwide means that IPv4 addresses are
Internet Protocol v6 (IPv6)
Comparison –IPv4 vs IPv6 Computer Networking Fall 2020 7 IPv4 IPv6 Deployed 1981 [RFC 791] 1999 [RFC 2460, 8200] Address Size 32-bit number 128-bit number Address Format Dotted Decimal Notation:
Internet Protocol, Version 6 (IPv6) - RFC Editor
IP version 6 (IPv6) is a new version of the Internet Protocol, designed as the successor to IP version 4 (IPv4) [RFC-791] The changes from IPv4 to IPv6 fall primarily into the following categories: o Expanded Addressing Capabilities IPv6 increases the IP address size from 32 bits to 128 bits, to
Deploying IPv6 – Internet Protocol version 6
Today’s Internet addresses are running out The Internet protocol ‘IPv6’ represents one solution IPv6 entails new opportunities and functions, but resembles the previous standard (IPv4) The following describes how IPv6 can be deployed
Internet Protocol Version 6 (IPv6) - Cisco
•Deploying IPv6 in Unified Communications Networks with Cisco Unified Communications Manager •Cisco IOS IPv6 Configuration Library •Implementing VoIP for IPv6 •ThisIPv6chapter Procedure Step1 ProvisionalocalIPv6-capableDNSandDHCPserver InternetProtocolVersion6(IPv6) 2 InternetProtocolVersion6(IPv6) ConfigureIPv6
MEMORANDUM FOR HEADS OF EXECUTIVE DEPARTMENTS AND AGENCIES
SUBJECT: Completing the Transition to Internet Protocol Version 6 (IPv6) This memorandum updates guidance on the Federal government’s operational deployment and use of IPv6 IPv6 is the Internet's next-generation protocol, designed to replace version 4 (IPv4) that has been in use since 1983 Internet Protocol (IP) addresses are the unique,
ipv6 for dummies
Introducing IPv6 Internet Protocol version 6 is the next addressing system for Internet-connected devices The explosive growth of the Internet has exceeded the capacity of the 30-year-old stan-dard, known as IPv4, to handle all the network tools, websites, cell phones, and other devices that need unique addresses out in the Wild Wild Web
DoD Internet Protocol Version 6 (IPv6) Implementation Overview
DoD Internet Protocol Version 6 (IPv6) Implementation Overview August 10, 2011 Kris Strance Architecture and Infrastructure Office of the DoD CIO
[PDF] Comprendre et appliquer Sun Tzu - La pensée stratégique chinoise
[PDF] Comprendre et utiliser Facebook - Acat
[PDF] Formation Google Analytics - Inaativ
[PDF] comprendre l 'eprd dimension exploitation et financière - apdhes
[PDF] Un jeune avec une onction : DAVID - Journal Chrétien
[PDF] Comprendre l 'argent 15
[PDF] Comprendre l 'assurance titres - Commission des services financiers
[PDF] Le Guide de l 'électricité
[PDF] Le ministère des anges
[PDF] Comprendre toute la finance - Decitre
[PDF] Comprendre toute la finance - Decitre
[PDF] Comprendre la finance : Pour les non-financiers et les étudiants - Ce
[PDF] Gestion de projet : Techniques de planification de - Fabrice Sincère
[PDF] Relativité générale pour débutants - Hal
ìComputer NetworkingCOMP 177 | Fall 2020 | University of the Pacific | Jeff ShaferInternet Protocol v6 (IPv6)
RecapPast TopicsìOverview of networking and layered architectureìWireshark packet sniffer and Scapypacket manipulationìWired LAN, Wireless LANs, VLANsìIPv4, ARP, ICMPToday's TopicsìInternet Protocol, Version 6 ìWhy IPv6? ìHeader format ìAddresses ìExtensions ìTunneling Fall 2020Computer Networking2
IP Versions3Fall 2020Computer NetworkingVersionDescription0-3Unused: Development versions of IP4Current network-layer protocol5Unused: Experimental stream protocol -ST6New network-layer protocol (1996)7-9Unused: Experimental protocols -TP/IX, PIP, TUBA 10-15Not allocated
Fall 2020Computer Networking4Motivation for IPv6: Scarcity! (Of IP addresses...)Why Replace IPv4?ìThe problemìIPv4 has ~4.3 billion addressesìWorld has ~6.6 billion people!ìHow many internet-capable devices per person?ìIP address exhaustionìInternet will not "collapse", but new devices / networks will not be able to join(*)ìWhen? YEARS AGO!Final rate of consumption was one /8 block (16.78 million addresses) per monthìFeb 1st, 2011 -Five final /8 blocks handed out to Regional Internet Registries (RIRs)ìRIR supply ran out within months5Fall 2020Computer Networking(*) Except via address translation...
IPv4 Address SpaceìUnavailable Addressesì10.x -Private AddressesìAlong with 192.168.x and 172.16.x to 172.31.xì127.x -Local Loopback AddressesìWhy an entire /8?ì224.x to 239.x - Multicast groupsì240.x to 254.x - Reserved for "future use"ìWaste of address spaceìImpossible to re-use today because most IP software flags these addresses as invalidìCurrent Allocationìhttp://www.iana.org/assignments/ipv4-address-space6Fall 2020Computer Networking
Comparison -IPv4 vs IPv6Fall 2020Computer Networking7IPv4IPv6Deployed1981[RFC 791]1999[RFC 2460, 8200]Address Size32-bit number128-bit numberAddress FormatDotted Decimal Notation: 192.149.252.76Hexadecimal Notation: 3FFE:F200:0234:AB00: 0123:4567:8901:ABCDPrefix Notation192.149.0.0/243FFE:F200:0234::/48Number of Addresses232= ~4,294,967,296 (~4 billion)2128= ~340,282,366, 920,938,463,463,374, 607,431,768,211,456 https://biotech.law.lsu.edu/blog/ipv4_ipv6.pdf(ARIN Fact Sheet)
IPv6 Address Notationì128 bits -8 groups of 4 hex digitsì2001:0db8:85a3:08d3:1319:8a2e:0370:7334ì"User friendly!" "Easy to remember!"ì"Helpful" Shortcuts:ìOmit leading zeros in a group (0005:0db8:...is equivalent to 5:db8:...) ìCollapse groups of all-zeros with ::(2001:0000:0000:0000:0000:8a2e:0370:7334 is equivalent to 2001::8a2e:0370:7334)8Fall 2020Computer Networking
Fall 2020Computer Networking9But we couldn't just stop with a larger address space....IPv4 vs IPv6 -DifferencesFall 2020Computer Networking10IPv6 is notjust IPv4 with 128-bit long addresses...It's a different network protocol that should be configured (and secured) separatelybut runs over the same data link layer."Dual Stack"
IPv4 vs IPv6 -SimilaritiesìDatagramìEach packet is individually routedìPackets may be fragmented or duplicated ìConnectionlessìNo guarantee of delivery in sequenceìUnreliableìNo guarantee of deliveryìNo guarantee of integrity of dataìBest effortìOnly drop packets when necessaryìNo time guarantee for delivery11Fall 2020Computer Networking
IPv4 vs IPv6 -Address LengthìAddress LengthìIPv4 -32 bits (232= ~4 billion)ìIPv6 -128 bits (2128= ~340 trillion, trillion, trillion) ìStandard subnet size in IPv6: 264ìUpper 64 bits: Subnet address (prefix)ìLower 64 bits: Devices within subnet (remainder)ìWith such a large address space, no need to use all possible addresses12Fall 2020Computer Networking
IPv6 -Special AddressesìLoopback Address: ::1ìLink Local Addresses: fe80::/10ìScope limited to single network segment / linkìApplication: Network configuration, device discoveryìSite Local Addresses: fc00::/7ìScope limited to single organization (similar to private IPv4 addresses)ìPurpose: Each organization can randomly pick their own address instead of everyone using same range of private IPv4 addressesFall 2020Computer Networking14
IPv6 -Addresses TypesìUnicastAddressesìOne address represents a single host (interface)ìMulticast AddressesìOne address represents a groupof hosts (interfaces) ìEverymember of the group receives the message destined to this addressìAddress matches ff00::/8ìAnycastAddressìOne address represents a groupof hosts (interfaces)ìOnemember of the group receives the message destined to this addressìNo special prefix for addressesìBroadcast addresses are not included in IPv6ìCan be accomplished by creating a multicast group with all devices in itFall 2020Computer Networking15
IPv4 vs IPv6 -Fragmentation ìIPv6 Fragmentation only done by transmitting hostìSupported by an optional headerìDesign assumption that fragmentation will be less common in the futureìRouters never fragment a packetìDrop packets that are too largeìSend ICMPerror back to hostìSimplifies router designìHost should use Path MTUDiscovery (PMTUD) to select correct (maximum) packet size16Fall 2020Computer Networking
IPv4 DatagramVersionHdrLenType of ServiceTotal LengthIdentificationFragment OffsetFlagsTime-To-LiveProtocolHeader ChecksumSource IP AddressDestination IP AddressOptions and padding (optional)Payload1 byte1 byte1 byte1 byte17Fall 2020Computer Networking
IPv6 Datagram (Base Header)VersionTraffic ClassFlow LabelPayload LengthHop LimitNext HeaderSource IP Address (128 bits)Destination IP Address (128 bits)Payload1 byte1 byte1 byte1 byte18Fall 2020Computer Networking
IPv6 Datagram (Base Header)ìFixed Length (40 bytes)ìVersion (4 bits)ìTraffic Class (8 bits)ìDifferentiated Services (DS) fieldìExplicit Congestion Notification fieldìCanbe used by routers to prioritize traffic or decide what to drop during congestionFall 2020Computer Networking19
IPv6 Datagram (Base Header)ìFlow Label (20 bits)ìIdentifies stream of packetsìCanbe used by routers to avoid sending a single flow across multiple outbound paths (which could result in re-ordering at arrival). If used, hash of (SrcIP, DstIP, TrafficClass)ìPayload Length (16 bits)ìSpecifies the size of the payload packet in bytes ìNext Header (8 bits)ìSpecifies the protocol of payload packetìSame as IPv4 protocol fieldìHop Limit (8 bits) -Same as IPv4 TTLFall 2020Computer Networking20
IPv6 Datagram with ExtensionsìCan append multiple extension headersìExamples of extension headersìFragmentation (done by sender, not routers)ìRouting (allows source to specify preferred route)ìAuthentication Header (part of IPsec -verifies source)ìEncapsulating Security Payload (part of IPsec -carries encrypted payload)Base Header(Next=TCP)TCP DataBase Header(Next=Fragment)Fragment Header(Next=TCP)TCP Data21Fall 2020Computer Networking
IPv4 vs IPv6 -Router OverheadìSimplified packet processing for routersìSimplified Header FormatìInfrequently used fields are moved to optional header extensionsìNo Header Checksum in IPv6ìEasier for routers -No need to update checksum after decrementing TTLìReliability maintained by link-level (Ethernet) and transport-layer (TCP, UDP) error checking 22Fall 2020Computer Networking
IPv6 -Routing ìHow can having bigger IP addresses (128 bits) make routing easier?ìLarger address space allows more intelligent network organizationìAddresses match physical network organizationìCollapse routing table entriesìTypical IPv6 address usageìUse upper 64 bits for routingìUse lower 64 bits for interface ID(clients pick this randomly or based on MAC address)23Fall 2020Computer Networking
IPv6 -RoutingìBesides the address layout, how does IPv6 make routing easier?ìNo checksum calculationìNo fragmentationìInfrequently used headers are optionalìHow does IPv6 make routing harder?ìForwarding table entries 2-4 times largerìNeed to route both IPv4 and IPv6 for the foreseeable future24Fall 2020Computer Networking
IPv6 -Security ìWhat are the security implications of having a huge (sparse) address space?ìSecurity through obscurity(?)ìBlind random address scanning by worms is ineffectiveìUnlike in IPv4, which can be scanned in 5 minutes (!!)over a 10GbE link: https://zmap.io/ìTargeted scanning works great, however...ìListen to P2P networks?ìListen to internal routing protocols? (OSPF, etc...)ìUse Neighbor Discovery on infected host?ìSnoop through host configuration and log files on infected host?ìhttps://www.usenix.org/system/files/login/articles/920/bellovin.pdf25Fall 2020Computer Networking
IPv6 -Security (IPsec)ìSecurity -IPSec support requiredoptional in IPv6ìIPSec encrypts each IP packet independentlyìWas originally required but dropped because not all devices (e.g. embedded) could support itìIPsec featuresìData encryption -Data cannot be read or modifiedìHost authenticationìAnti-replay -Captured packets cannot be reused by an attackerìWhat are the strengths and weaknesses of putting security at the IP layer? (Doesn't SSL work fine?)ìSecurity is independent of higher layers (either applications or protocols like TCP/UDP) ìEncryption overhead is incurred per-packet (high!)26Fall 2020Computer Networking
DeploymentìWhy should I deploy IPv6 today?ìMy customers can reach anywhere on the Internet todayìGoogle, Facebook, Twitter, etc... will always be reachableìOnly new applications / users will sufferìHow do I deploy IPv6?ìFlip a switch across the internet?ìLegacy routers may not be upgradeableìHardware implementations are fixedìSoftware implementations may be insufficiently capable (either incapable or only at low performance)ìIslands of IPv6 in the sea of IPv4ìDual network stacks support both IPv4 and IPv6ìTunnel IPv6 across IPv4 networksìNeed to upgrade other systemsìDHCP (SLAACvs DHCPv6)ìDNSìStarting adding IPv6 addresses to root nameservers in 2008ìAll 13 of 13 root nameservers are IPv6 accessible nowìFirewalls, traffic shapers, etc.27Fall 2020Computer Networking
IPv6 Tunneling (6in4)ìNot all routers are configured for IPv6ìA group of routers understand IPv6ìThe rest only understand IPv4ìHow can IPv6 traffic be routed through a network of mixed capabilities?ìIPv6 tunneling!ìEncapsulate IPv6 datagram within an IPv4 packet.ìRouters that do not understand IPv6 can route according to IPv4 headerìIPv4 protocol field: 0x29 or 41 (decimal)Fall 2020Computer Networking28
IPv4 HeaderIPv6 Packet
IPv6 Tunneling (6in4)ìRouters Cand Donly understand IPv4ìRouters Band Ecreate a 6in4 tunnel to carry IPv6 traffic over the IPv4-only pathìB encapsulates IPv6 packet within IPv4 packetìCand Droute IPv4ìEextracts IPv6 packet and forwards it to FFall 2020Computer Networking29
A B CD E F IPv6 IPv6 IPv6 IPv6IPv4IPv4
IPv4 Tunnel
IPv6 src: A
IPv6 dst: F
IPv4 src: B
IPv4 dst: E
IPv6 -Original PlanFigure from http://www.potaroo.net/presentations/2008-11-17-ipv6-failure.pdf30Fall 2020Computer Networking
IPv6 -Current Status31Fall 2020Computer NetworkingIPv6 -The New "Plan" (?)Figure from http://www.potaroo.net/presentations/2008-11-17-ipv6-failure.pdf32Fall 2020Computer Networking
Fall 2020Computer Networking33https://www.google.com/intl/en/ipv6/statistics.htmlIPv6 -Failure is an OptionìWhat happens if IPv6 "fails"?ìFailure is defined as anything less than a complete migration from IPv4 to IPv6ìDo we stop allowing new hosts to connect to the internet?ìWhat about using NAT?ìObservation: Only 5-20% of assigned IPs are actually used by hosts. ìSolution: Use lots of NAT to reclaim unused addressedìWhat happens if this works, and we build "carrier-grade" NAT everywhere?ìNo more end-to-end connectivity?ìNeed coordination with ISP to deploy new services?ìNew opportunities for ISPs to filter traffic and charge for services?http://www.potaroo.net/presentations/2008-11-17-ipv6-failure.pdf34Fall 2020Computer Networking
Closing ThoughtsRecapìToday we discussedìIPv6 ìIPv6 header formatìAddresses in IPv6ìExtensions in IPv6ìIPv6 tunneling Next ClassìDHCPFall 2020Computer Networking35Class ActivityCA.10 -IPv6 & WiresharkDue tonight at 11:59pmHomework 3Due Oct 14th at 11:59pm
quotesdbs_dbs21.pdfusesText_27