© 2008 national engineers training services. all rights reserved. ipv6- end user perspective fakhar...

© 2008 National Engineers Training Services. All rights reserved.

IPv6- End User Perspective

Fakhar Mirza

CCNA, CCSP, CCIE

Head of Technical, NETS

Agenda Understanding need for IPv6

History of IPv4 Internet

Modern Internet

Needs of Modern Internet

Understanding IPv6 Direct/Indirect Communication IPv6 Communication in LAN

IPv6 Communication over WAN

IPv6 Migration Strategies Understanding Impact on Hardware and Software

Techniques of Partial and Full Migration

IPv6 Applications and Services

Enabling IPv6 in LAN

Enabling IPv6 in WAN

Using Applications and Services via IPv6

History of IPv4 Internet

History of Internet

Advanced Research Projects Agency of the Department of Defense (ARPA) Implemented the ARPAnet, the grandparent of today’s Internet

Packet switching Digital data is sent in small packages called packets

Packets Contain data, address information, error-control information and sequencing information

Transmission Control Protocol (TCP)

ensures that messages are properly sent from sender to receiver and that those messages arrive intact

• Internetworking Protocol (IP) – De-facto Standard– Enabled the intercommunication of inter-organization

and intra-organization packet based networks.

• The Internet was initially limited to universities and research institutions

History of Internet … contd.

History of Internet - Addresses

• Addresses provide information on how to locate something, e.g., what route to take from here to there.

• Internet addresses combine – a routing portion, known as the network part– a name portion known as the host part

• How to split an Internet address into the network part and the host part has changed over time…

How to get there from here!!!

• Back when the TCP/IP protocols were first being designed, there was a big argument between fixed length and variable length addresses– Fixed length will always be limited

• But if you make it big enough, no one will be interested

– Variable length will always take more cycles to process• But there are tricks you can play to minimize the difference

• The decision was made for fixed, 32 bit addresses– Rumor has it, by a flip of a coin...

History of Internet – Addresses … contd.

History of Internet – Internet Address Structure

• 32 bit unsigned integers– possible values 0 - 4,294,967,295

• Typically written as a “dotted quad of octets”– four 8 bit values with a range of 0-255 separated by “.”– For example, 202.12.28.129 can be written as below

202

1 1 0 0 1 0 1 0 0 0 0 0 1 1 0 0 0 0 1 1 1 0 0 0 1 0 0 0 0 0 0 1

12 28 129. . .

History of Internet … Internet Address Structure

E

• Originally, the architects of the Internet thought 256 networks would be more than enough– Assumed a few very large (16,777,216 hosts) networks

• Addresses were partitioned as below– 8 bit network part, 24 bit host part

Network Part Host Part

• Original addressing plan too limiting– More than 256 networks with many fewer hosts

than 224

• Solution was to create address classes


0


1 0


1 1 0

1 1 1 0

1 1 1 1

Class A128 networks16,777,216 hosts

Class B16,384 networks65,536 hosts

Class C2,097,152 networks256 hosts

Class DMulticast268,435,456Addresses

Class EReserved268,435,456Addresses

History of Internet – Classfull Addressing

© 2008 National Engineers Training Services. All rights reserved. 11

• Class A way too big– 16 million hosts in a flat network is unthinkable

• Class B too big– Even 65536 host addresses is too many in most

cases• Imagine 65534 hosts all responding to a broadcast

• Class C too small– Most sites initially connecting to the Internet were

large Universities, 256 was too small for them

• Need more flexibility!

History of Internet – Internet Address The Problem


• Classfull addressing was a better fit than original– but class A and B networks impossible to manage

• Solution was to partition large networks internally into sub-networks (subnets)

History of Internet – Classless Addressing


• Prefix 202.12.28.0/22– 1024 host addresses– announced as a single network (CIDR - Supernetting)

• Consists of 7 subnets– 202.12.28.0/25– 202.12.28.128/26– 202.12.28.192/26– 202.12.29.0/24– 202.12.30.0/24– 202.12.31.0/25– 202.12.31.128/25

2 0 2 .1 2 .2 8 .0 /2 51 2 8 h os ts

2 0 2 .1 2 .2 8 .1 2 8 /2 66 4 h os ts

2 0 2 .1 2 .2 8 .1 9 2 /2 66 4 h os ts

2 0 2 .1 2 .2 8 .1 2 8 /2 51 2 8 h os ts

2 0 2 .1 2 .2 8 .0 /2 42 5 6 h os ts

2 0 2 .1 2 .2 9 .0 /2 42 5 6 h os ts

2 0 2 .1 2 .2 8 .0 /2 35 1 2 h os ts

2 0 2 .1 2 .3 0 .0 /2 42 5 6 h os ts

2 0 2 .1 2 .3 1 .0 /2 51 2 8 h os ts

2 0 2 .1 2 .3 1 .1 2 8 /2 51 2 8 h os ts

2 0 2 .1 2 .3 1 .0 /2 42 5 6 h os ts

2 0 2 .1 2 .2 8 .3 0 /2 35 1 2 h os ts

2 0 2 .1 2 .2 8 .0 /2 21 0 2 4 h os ts

History of Internet – Classless Addressing … contd.

Subnetting/VLSM !!!


History of Internet … contd.

Things went OK and life started sailing smooth …

What happened then ?


Modern Internet


• IPv4 addresses particularly limited• Some U.S. universities and corporations

have more IPv4 address space than some countries

• Upcoming demise of IPv4 address space predicted since mid 1990’s

• NAT + RFC 1918 has slowed that demise• 90% of Fortune 1000 companies use NAT

Modern Internet – New Problems … New Solutions


Modern Internet – New Problems … New Solutions

• Breaks globally unique address model• Breaks address stability• Breaks always-on model• Breaks peer-to-peer model• Breaks some applications• Breaks some security protocols• Breaks some QoS functions• Introduces a false sense of security• Introduces hidden costs


• Mobile nodes must be able to move from router to router without losing end-to-end connection• Home address: Maintains connectivity• Care-of address: Maintains route-ability

• Mobile IP will require millions or billions of care-of addresses

Modern Internet … Mobile IP


• Every host is a client and a server• That is, a consumer and a producer

Modern Internet … Peer to Peer Networking

P2P: A group of nodes actively

participating in the computing process


Modern Internet … Many More

• Online Gaming• Social Networking• Internet Enabled Appliances

• Electrolux Screenfridge

• Samsung Digital Network Refrigerator

• Internet Enabled Auto-Mobiles• GPS Maps

• Tracking etc. • Internet Enabled ATMs• Smart Sensors

A never ending wish list …


Conclusion

Seems like Internet Address is probably the most precious thing in

this world and they are the species at brink …

World Population = 6B+IPv4 Addresses = 4.2B (including RFC1918, Class D and Class E)

We need more addresses and IPv4 has 32bits fixed limit.

Solution = IPv6


Conclusion … contd.

Internet Protocol version 4 (IPv4)

Internet Protocol version 6 (IPv6)

Deployed 1981 1999

Address Size 32-bit number 128-bit number

Address Format

Dotted Decimal Notation: 192.149.252.76

Hexadecimal Notation: 3FFE:F200:0234:AB00:0123:4567:8901:ABCD

Prefix Notation

192.149.0.0/24 3FFE:F200:0234::/48

Number of Addresses

232 = 4,294,967,296 2128 = 340,282,366,920,938,463,463,374,607,431,768,211,456


Conclusion … contd.

World Population = 6B+

IPv6 Addresses = 340T+

• For billions of new users• For billions of new devices• For always-on access• For transparent Internet connectivity

the way it was meant to be


IPv4 & IPv6 – Similarities and Differences


IPv6 – New Features

• Header Length Increased 40B• Hexadecimal Address Format• “:” will be used as delimiter

Yet easy for routers to process because:• No more Checksum Calculations• Fragment Free, auto PMTUD• Broadcast free• Introduction of Anycast (one to one-of-many)

• No need of Address Translation

Also easy for humans to use• Many ways to simply address writing• Mask will officially be written in “/” format e.g. /64


IPv6 – Addressing

Types of Addresses

• Unicast (one-to-one)

• Multicast (one-to-many)

• Anycast (one-to-one-of-many)


IPv6 – Addressing Representation

• All addresses are 128 bits• Write as sequence of eight sets of four hex

digits (16 bits each) separated by colons– Leading zeros in group may be omitted– Contiguous all-zero groups may be replaced by “::”– Only one such group can be replaced


IPv6 – Addressing Representation

3ffe:3700:0200:00ff:0000:0000:0000:0001

can be written3ffe:3700:200:ff:0:0:0:1

or3ffe:3700:200:ff::1


IPv6 – Addressing Representation … contd.

• IPv6 born classless• Generally network and host portion can be

equally divided into 64bits each.

64-bitNetwork

64-bitHost



• Host portion can be manually set or automatically calculated (EUI-64)

64-bitNetwork

64-bitHost



Device

NIC

00-0

1-02

-03-

04-0

5::0201:02FF:FE03:0405

64-bitNetwork

64-bitHost

EUI-64 MAC Format



• Link-local address– Unique on a subnet– Result of router discovery or neighbor discovery– High-order: FE80::/64– Low-order: interface identifier

• Site-local address– Unique to a “site”– High-order: FEC0::/48– Low-order: interface identifier– What is a site?



• Compatible IPv4 addresses– Of form ::a.b.c.d– Used by IPv6 hosts to communicate

over automatic tunnels


• Aggregatable global unicast address

Used in production IPv6 networksGoal: minimize global routing table size From range 2000::/3




Aggregatable global unicast address

IPv6 Direct and Indirect Communication


IPv6 – Communication Types

Direct Communication“Between Same Networks”

Indirect Communication “Between Different Networks”


IPv6 – Direct communication

PC1PC2

FEC0::1/64 FEC0::2/64

L1

L2


IPv6 – Indirect communication

PC1PC2

FEC0::1:0:0:0:1/64

L1

L2

L1

L2L1

L3

L2

FEC0::1:0:0:0:2/64 FEC0::2:0:0:0:2/64FEC0::2:0:0:0:1/64

FEC0::1/64FEC0::2/64

G0/0G0/1


IPv6 – ND Protocol vs IPv4 ARPIPv6 Neighbor Discovery protocol has the distinction of being the only truly new protocol created as part of the core of Internet Protocol version 6; there is no “NDv4” at all.

Address Resolution Protocol: ND provides enhanced address resolution capabilities that are similar to the functions provided in IPv4 by ARP.

Formalizing Of Router Discovery: In IPv4 the process of router discovery and solicitation was arguably an “afterthought”; ND formalizes this process and makes it part of the core of the TCP/IP protocol suite.

Formalizing Of Address Resolution: In a similar manner, address resolution is handled in a superior way in ND. ND functions at layer three and is tightly tied to IP just like ICMP is. There is no more need for an “ambiguously-layered” protocol like ARP, whose implementation is very dependent on the underlying physical and data link layers.


Ability To Perform Functions Securely: ND operates at the network layer, so it can make use of the authentication and encryption capabilities of IPSec for tasks such as address resolution or router discovery.

Autoconfiguration: In combination with features built into IPv6, ND allows many devices to automatically configure themselves even without the need for something like a DHCP server (though DHCPv6 does also exist.)

Dynamic Router Selection: Devices use ND to detect if neighbors are reachable or not. If a device is using a router that stops being reachable it will detect this and ‘automatically switch to another one.

IPv6 – ND Protocol vs IPv4 ARP


Multicast-Based Address Resolution: Address resolution is performed using special multicast addresses instead of broadcasts, reducing unnecessary disruption of “innocent bystanders” when resolution messages must be sent.

IPv6 – ND Protocol vs IPv4 ARP


• Interior Gateway Protocols• RIPng

• OSPFv3

• EIGRP

• Exterior Gateway Protocols• MPBGPv4

IPv6 – Routing Protocols

IPv6 Migration Strategy


• Hardware• End Systems

• Network

• Software• Operating System

• Internetwork Operating System

• Applications and Services

IPv6 Migration – HW/SW Upgradation


Types of Transition Mechanisms

Dual Stacks• IPv4/IPv6 coexistence on one device

Tunnels• For tunneling IPv6 across IPv4 clouds• Later, for tunneling IPv4 across IPv6 clouds• IPv6 <-> IPv6 and IPv4 <-> IPv4

Translators• IPv6 <-> IPv4


Dual Stacks

Physical/Data Link

IPv6 IPv4

TCP/UDPv6

IPv6Applications

0x0800 0x86dd

TCP/UDPv4

IPv4Applications

Network, Transport, and Application layers do not necessarily interact without further modification or translation


Dual Layers

Physical/Data Link

IPv6 IPv4

TCP/UDP

Applications

0x0800 0x86dd

TCP/UDP


Tunnel Applications

IPv4

IPv4

IPv6

Router to Router

Host to Router / Router to Host

Host to Host

IPv6IPv6 IPv6

IPv6

IPv4

IPv6


Tunnel Types

Configured tunnels

• Router to Router

Automatic tunnels

• Tunnel Brokers (RFC 3053)

• 6to4 (RFC 3056)

• ISATAP (Intra-Site Automatic Tunnel Addressing Protocol)

• 6over4 (RFC 2529)

• Teredo

• IPv64

• DSTM (Dual Stack Transition Mechanism)


Transition Mechanism Support


Tunnel Setup Protocol (TSP)

Proposed control protocol for negotiating tunnel parameters• Applicable to several IPv6 tunneling schemes• Can negotiate either IPv6 or IPv4 tunnels• Uses XML messages over TCP session

Example tunnel parameters:• IP addresses• Prefix information• Tunnel endpoints• DNS delegation• Routing information• Server redirects

Three TSP phases:• Authentication Phase• Command Phase (client to server)• Response Phase (server to client)


Tunnel Broker

• RFC 3053 describes general architecture, not a specific protocol• Designed for small sites and isolated IPv6 hosts to connect to an existing

IPv6 network

• Three basic components:• Client: Dual-stacked host or router, tunnel end-point• Tunnel Broker: Dedicated server for automatically managing tunnel

requests from users, sends requests to Tunnel Server• Tunnel Server: Dual-stacked Internet-connected router, other tunnel end

point

• A few tunnel brokers:• Gogo Networks (gogonet.gogo6.com)• Freenet6 [Canada] (www.freenet6.net)• CERNET/Nokia [China] (www.tb.6test.edu.cn)• Internet Initiative Japan (www.iij.ad.jp)• Hurricane Electric [USA] (www.tunnelbroker.com)• BTexacT [UK] (www.tb.ipv6.btexact.com)• Many others…


Tunnel Broker … cont

IPv6Network

TunnelBroker

IPv4Network

TunnelServer

Client

DNS

1

1. AAA Authorization2. Configuration request3. TB chooses:

• TS • IPv6 addresses• Tunnel lifetime

4. TB registers tunnel IPv6 addresses5. Config info sent to TS6. Config info sent to client:

• Tunnel parameters• DNS name

7. Tunnel enabled2

3

5

4

IPv6 Tunnel

6

7


v4host.4net.orgAAAA 3ffe:3700:1100:2::204.127.202.4

Network Address Translation - Protocol Translation (NAT-PT)

IPv6Network

IPv4Network

v6host.6net.com3ffe:3700:1100:1:210:a4ff:fea0:bc97

v4host.4net.org204.127.202.4

NAT-PT

DNS

IPv4 Pool: 120.130.26/24IPv6 prefix: 3ffe:3700:1100:2/64

v4host.4net.org?v4host.4net.orgA 204.127.202.4


Network Address Translation - Protocol Translation (NAT-PT)

IPv6Network

IPv4Network

v6host.6net.com3ffe:3700:1100:1:210:a4ff:fea0:bc97

v4host.4net.org204.127.202.4

NAT-PT

DNS

IPv4 Pool: 120.130.26/24IPv6 prefix: 3ffe:3700:1100:2/64

Source = 3ffe:3700:1100:1:210:a4ff:fea0:bc97Dest = 3ffe:3700:1100:2::204.127.202.4

Source = 120.130.26.10Dest = 204.127.202.4

Source = 204.127.202.4Dest = 120.130.26.10

Source = 3ffe:3700:1100:2::204.127.202.4Dest = 3ffe:3700:1100:1:210:a4ff:fea0:bc97

Mapping Table

Inside Outside 3ffe:3700:1100:1:210:a4ff:fea0:bc97 120.130.26.10


Lab Exercise – Enabling IPv6 in LAN


Lab Exercise – Enabling IPv6 in WAN

616161

Thank You.

National Engineers Training Services

© 2008 national engineers training services. all rights reserved. ipv6- end user perspective fakhar...

Documents

history of internet

ipv6 slide

history of ipv4 internet

internet thought

addresses addresses

intact slide

nets slide

host addresses