IPv6 The New Internet Protocol
Download
Report
Transcript IPv6 The New Internet Protocol
IPv6
The New Internet Protocol
Integrated Network Services
Almerindo Graziano
Introduction
•
•
•
•
Justification for IPv6
IPv6 goals
IPv6 Addressing
The new Header
– Extension Headers
• Recap
Justification for IPv6: What is
wrong with IPv4?
• Wasteful of address space
• Not built-in support for hierarchical
addressing
– Subnetting
– CIDR
• Large routing tables
• Large administrative workload:
– Changing ISP
– Merger or acquisition
Renumbering
or
NAT
What is wrong with IPv4?
• Routers perform a lot of operations
–
–
–
–
Table lookup
Options
Checksum
Fragmentation
• Lack of authentication
– IP spoofing
• Lack of encryption
IPv6 goals
•
•
•
•
•
•
•
•
Support for a larger number of addresses
Reduce the size of routing tables
Simplify the protocol (easier to process)
Provide better security
Better support for Quality of Service
Provide support for mobile users
Allow the protocol to be extensible
Be compatible
IPv6 Addressing scheme
• Designed to be highly scalable and hierarchical
• 16-byte long
– 7x1023 IP addresses per square meter!!!
– It “eliminates” the need for private address space
• IPv6 notation
8000:0000:0000:0000:0123:8219:E42A:DF3E
8000::123:8219:E42A:DF3E
• IPv4 addresses can be written as
::192.31.20.46
Address Allocation
• IPv6 could support a number of diverse
addressing schemes
– Provider Allocation
hierarchy is based on large service providers,
regardless of their location
– Geographic Allocation
hierarchy is based on the location of subscribers
(similar to the telephony system)
• Both approaches have drawbacks
Large networks do not often conform to provider
and/or geographical boundaries!!
Aggregation Based Allocation
• Combines provider and geographic
allocation approaches
– Based on the existence of limited number of
high-level exchange points
• Large providers are represented at one or more
exchange points (provider orientation)
– Exchanges are distributed around the globe
(geographic orientation)
• Favoured by the IETF
IPv6 Address Hierarchy
Long-Haul
Provider
Long-Haul
Provider
Interexchange
(TLA)
Long-Haul
Provider
Long-Haul
Provider
To other
TLA
Provider
Subscriber
Subscriber
Subscriber
Provider
Subscriber
TLA: Top Level Aggregator
Subscriber
Aggregation-based Allocation
• First 3 bits identify the type of address
– unicast, multicast, anycast etc..
• International registries assign block to TLA
• TLA allocate block of addresses to NLA
– NLA can be large providers or global corporate
networks
• NLA can create their own hierarchy
3
001
13
8
TLA RES
24 bits
NLA
Public Topology
16 bits
SLA
Site
Topology
IEEE EUI-64 Address
24 bits - Company ID
40 bits - interface ID
64 bits
Interface ID
Local Interface
Aggregation-based Allocation
32 bits
NLA
1
Site
NLA
2
SLA
Interface ID
Site
SLA
Interface ID
NLA
Site
3
SLA
Interface ID
Other Address Types
• Site-Local Addresses
– Similar to IPv4 private addresses
• Link-Local Addresses
128 bits
1111111010
00 . …. 00
Interface ID
10 bits
54 bits
64 bits
– A router doesn’t exist
– Operate over a single link
– Used for temporary bootstrapping
Not propagated outside organizational
boundaries
Not allocated by public registry authorities
Other Address Types
• Multicast Addresses
– Logical addresses to communicate to multiple
nodes
• Anycast Addresses
– Used to communicate to the closest of a class of
nodes (closest DNS, closest router)
– Allocated from the same address space as
Unicast addresses
Address Autoconfiguration
• A node combines its MAC address with a network
prefix it learns from a neighbouring router
• The autoconfiguration doesn’t need a manually
configured server: stateless address
autoconfiguration
– It differs from IPv4’s DHCP (stateful address
configuration). DHCPv6 has been developed
– Great advantage when an enterprise is forced to
renumber because of an ISP change or M&A
– Great support for mobile users and dynamic
workgroups
Header Comparison
IPv4 Header
IPv6 Header
Version IHL Type of
Service
Flag
Identification
TTL
Total Length
Protocol
Fragment
Offset
Version Priority
Flow Label
Payload Length
Next
Header
Header Checksum
Source Address
Source Address
Destination Address
Options
Padding
32 bits
IPv4 Header = 14 fields
Destination Address
IPv6 Header = 8 fields
32 bits
Hop
Limit
The new Header
• Fixed size
• Fewer fields
• No Checksum
– Already performed by other layers
– Reliable networks
• Extension Headers replace Options
– Routers can skip over some extension headers
Faster processing
Extensible
QoS Support
• Priority field (4 bits)
– Congestion-Controlled traffic (0-7)
• Traffic where the source backs off in case of
congestion (e.g. TCP)
– Non-Congestion-Controlled traffic (8-15)
• Traffic where constant data rate and delay are
desirable (real-time audio/video)
• Flow label field (20 bits)
– A sequence of packets sent from a particular
source to a particular destination for which the
source desires special handling by intervening
routers
Extension Headers
Hop-by-Hop options header
Destination options header-1
Source Routing header
Fragmentation header
Authentication header
IPv6 Encryption header
Destination options header-2
Extention Headers
• Hop-by-Hop
– Carries information for all intermediate nodes
– Used for management and debugging
• Destination
– Carries information to be read just by
destination nodes
• Source Routing
– Allows to specify a list of router to traverse
Fragmentation Header
• Each source is responsible for sending packets of
the right size
– MTU path discovery process
• Packet fragmentation is not permitted by
intermediate nodes (routers)
– Faster processing
• If fragmentation is required, the fragmentation
header is used
Authentication Header
• It gives network applications a guarantee that a
packet did in fact come from an authentic source
• A checksum is created based on the key and the
content of the packet
• The checksum is re-run at the destination and
validated
IPv6 Encryption Header
• Encapsulation Security Payload (ESP)
– It provides encryption at the network layer
• Two encryption modes are supported
– Transport mode
– Tunnel mode (steel pipe)
Encryption modes
Unencrypted
IPv6
Header
Extention
Headers
Encrypted
ESP Header
Transport Header
and Payload
Transport Mode
Unencrypted
IPv6
Header
Tunnel Mode
Extention
Headers
Encrypted
ESP
Header
IPv6
Header
Extention
Headers
Transport Header
and Payload
Original IP packet
The Transition to IPv6
• IPv6 offers a robust future-oriented solution
to integrate physical networks
• Possibly use NAT but
– can be a bottleneck
– prevents the use of IP-level security
– breaks Domain Name Servers
• 6Bone
– Experimental world-wide network for testing
IPv6
IPv6 Resources
– Main IPv6 page
http://ipv6.com/
– 6Bone home page
http://6bone.net/
– The case for IPv6 (Internet Draft)
http://www.6bone.net/misc/case-for-ipv6.html