Transcript IPv6 presentation

IPv6:
Addressing the Future
Fred Baker
Cisco Fellow
© 2001, Cisco Systems, Inc. All rights reserved.
1
Points to ponder
• The past: where networks came from
• The future: where networks are going
• IPv6 innovations: what is really different?
• IPv6 debate: is IPv6 really a sufficient solution?
• IPv6 today: status in implementation and deployment
© 2001, Cisco Systems, Inc. All rights reserved.
2
The Past
© 2001, Cisco Systems, Inc. All rights reserved.
3
Before IP
• Diverse networks joined by
application-layer gateways
Inevitable loss of functionality
crossing proprietary application
and network boundaries
Difficult to deploy multi-network
applications
Hard to diagnose and remedy
problems
Stateful gateways inhibited
dynamic routing around failures
• No global addressability
Ad-hoc, application-specific
solutions
© 2001, Cisco Systems, Inc. All rights reserved.
4
Fundamental Premises:
• Simple Applications, Smart Network
Able to provide high quality services
to specific applications
Network does one thing well: deliver
specified services to specified
applications
Intolerant of change
• Simple Network, Smart Applications
End to End Principle
Network does one thing well: ship
packets
Applications can do anything that
can use that paradigm
© 2001, Cisco Systems, Inc. All rights reserved.
5
The IP Solution
• IP routers & global addresses
Simple, application-independent,
least-common-denominator network
service: best-effort datagrams
Stateless gateways could easily
route around failures
• With application-specific knowledge
out of the gateways:
Anyone could deploy new, internetwide applications and services
Internet became a platform for rapid,
competitive innovation
© 2001, Cisco Systems, Inc. All rights reserved.
6
The Internet Today
• Network address translators and
application-layer gateways
Inevitable loss of some functions
Difficult to deploy new internetwide applications
Hard to diagnose and remedy
problems
Stateful gateways inhibit dynamic
routing around failures
• No global addressability
Ad-hoc, application-specific (or
ignorant!) Solutions
© 2001, Cisco Systems, Inc. All rights reserved.
7
The Future
© 2001, Cisco Systems, Inc. All rights reserved.
8
The Probable Future
• Billions and billions of new Internet devices
• Billions of new Internet users
• Internet available everywhere, all the time
(wired, wireless, mobile,…)
• Convergence of all communication on the Internet
(business, personal, entertainment, public
services,…)
© 2001, Cisco Systems, Inc. All rights reserved.
9
The Unknown Future
• Continued degradation of the
end to end model with IPv4?
• More complex and volatile
network service
=> Lower
performance, less
robust, less secure,
less manageable
• More centralized control over
new applications and
services
=> Significant barrier
to innovation and
growth
© 2001, Cisco Systems, Inc. All rights reserved.
10
The Unknown Future
• …or restoration of the end to
end model with IPv6?
• Simple, stable network
service
=> Higher
performance, more
robust, more secure,
more manageable
• Enabling anyone to provide
new applications and
services
=> Allowing rapid
innovation and growth
© 2001, Cisco Systems, Inc. All rights reserved.
11
IPv6 Innovations
© 2001, Cisco Systems, Inc. All rights reserved.
12
Lots of Addresses
• IPv4 Internet: O(232) = 4,294,967,296 addresses
Arbitrary division into networks
12.5% allocated to non-host addresses
~45% allocated to various networks
~26% advertised in today’s Internet
Conservatively allocated
• IPv6 Internet: O(2128) = 3.4*1038 addresses
O(264) = 18,446,744,073,709,551,616 Networks
O(264) = 18,446,744,073,709,551,616 hosts per network
Host addresses self-allocated
© 2001, Cisco Systems, Inc. All rights reserved.
13
Plug-and-play
• One of the nice things about AppleTalk:
You can plug the device or computer in, and it just works
• One of the not-so-nice things about IPv4:
You can plug the device or computer in…
Configuring, and reconfiguring, can be hard
DHCP helps a lot, but it requires properly configured servers
• IPv6 allows for
Significant level of autoconfiguration
Automated network renumbering
Arbitrary device addressing within topological limits
© 2001, Cisco Systems, Inc. All rights reserved.
14
Mobility
• IPv4 Mobility
Permits device to move using
same home address
All communication through
Home Agent
Foreign Agent must be a router
• IPv6 Mobility
Dogleg Routing
Permits device to move using same
home address
Communication via care-of address
No Foreign Agent required
Security Issues:
Session hijack
Duration of Switchover
© 2001, Cisco Systems, Inc. All rights reserved.
Optimized Routing
15
Anycast
• Addressing and Naming
of Applications
One of the nice things
about NetWare: Service
Location
Today: DNS lists several
addresses for a name, but
no information to help
select a server
© 2001, Cisco Systems, Inc. All rights reserved.
16
Anycast
• Proposal:
DNS lists one address,
Servers are “routers” to that address
•DNS for service name,
•Common address for service location
•Topological address for specific access
• Issues:
Route changes can change which server
you use in mid-transaction
• Solution:
Treat server as a mobile device which is
currently stationary
Connect to “home address” to select server,
Thereafter talk to fixed “care-of address”
© 2001, Cisco Systems, Inc. All rights reserved.
17
Security issues
• IPv6 enables end-to-end use of IPsec protocols
(because it eliminates NATs),
Plus for security, although IPsec also exists in IPv4 Internet
and is widely used for VPNs
Authentication (“you are the person who knows this key”)
Antidote to session hijack (“you are the same person I
was just talking with”)
Privacy (encryption, using symmetric or public key
technology)
• IPsec authentication dependant on key distribution
infrastructure, which is not currently a solved
problem
Affects mobility, anycast, secure communication in general
© 2001, Cisco Systems, Inc. All rights reserved.
18
IPv6 Debate
Geoff Huston’s questions
© 2001, Cisco Systems, Inc. All rights reserved.
19
Are we really running out of addresses?
• Growth in IPv4 advertisement rate not high
But folks who need addresses can’t get them
• Largely a question of perspective
If you already have your addresses assigned,
getting them is not a worry
© 2001, Cisco Systems, Inc. All rights reserved.
20
Everyone doesn’t want a permanent
address
• Everyone who wants one is not able to get one
• Example: People’s Republic of China
1.3 Billion people
Order of magnitude growth in Internet usage year over year
~9M addresses in 1999
~16M addresses in 2001
• Do we simply assume that anyone who has not
already asked never will?
Africa, South America, India, Arab world…
© 2001, Cisco Systems, Inc. All rights reserved.
21
Every device is not a server
• In client/server applications
Clients vastly outnumber servers
Clients can be addressed on demand
Examples: WWW, FTP, X-Windows
• But every application is not client/server
• Peer/peer applications
Peer must be accessible and
addressed when someone decides
to talk with it
• Do we want to limit ourselves to the
client/server model?
© 2001, Cisco Systems, Inc. All rights reserved.
22
Privacy?
• Privacy issues
Concern: inclusion of MAC address in IPv6 breaks privacy
Reality: 1:1 correlation between IP and MAC Address breaks
privacy in either IPv4 or IPv6
• Privacy solutions in IPv6
Autoconfiguration procedures enable, for example
Random address changes every hour
Address per user of multi-user machine
Address per TCP session or per web page loaded
© 2001, Cisco Systems, Inc. All rights reserved.
23
Number of usable addresses
• Argument:
IPv4+port gives 248 effective addresses
IPv6 allocation gives 248 networks, 216 subnets, and a few
hosts in each subnetwork
Comparable when viewed on the service provider network
• Not really comparable
Math error: 248  248+16
Not responsive to user network design issues
© 2001, Cisco Systems, Inc. All rights reserved.
24
Is it enough better to justify changing?
• Argument:
IPv6 doesn’t change routing, trust model, QoS, etc
It gives us IPv4 Internet with more addresses
• What IPv6 does do:
Removes address conservation as an issue
Enables kinds of applications current addressing makes difficult
Simplifies deployment of new applications
Eliminates need to kludge around addressing issues
© 2001, Cisco Systems, Inc. All rights reserved.
25
IPv6 Today
© 2001, Cisco Systems, Inc. All rights reserved.
26
Standards
• Core IPv6 specifications are IETF Draft Standards
=> well-tested & stable
IPv6 base spec, ICMPv6, Neighbor Discovery, PMTU
Discovery, IPv6-over-Ethernet, IPv6-over-PPP,...
• Other important specs are further behind on the
standards track, but in good shape
Mobile IPv6, header compression, A6 DNS support,...
For up-to-date status: http://playground.sun.com/ipng
• UMTS R5 cellular wireless standards mandate IPv6
© 2001, Cisco Systems, Inc. All rights reserved.
27
Implementations
• Most IP stack vendors have an implementation at
some stage of completeness
Some are shipping supported product today,
e.g., Cisco, 3Com, *BSD(KAME), Epilogue, Ericsson/Telebit,
IBM, Linux community, Hitachi, Nortel, Sun, Trumpet
Others have beta releases now, supported products soon,
e.g., Compaq, HP, Microsoft
Others rumored to be implementing, but status unknown
e.g., Apple, Bull, Juniper, Mentat, Novell, SGI
(see http://playground.sun.com/ipng for most recent status
reports)
• Good attendance at frequent testing events
© 2001, Cisco Systems, Inc. All rights reserved.
28
Deployment
• Experimental infrastructure: the 6bone
for testing and debugging IPv6 protocols and operations
(see www.6bone.net)
• Production infrastructure in support of education and
research: the 6ren
CAIRN, Canarie, CERNET, Chunahwa Telecom, Dante, ESnet,
Internet 2, IPFNET, NTT, Renater, Singren, Sprint, SURFnet,
vBNS, WIDE
(see www.6ren.net, www.6tap.net)
• Commercial infrastructure
Some ISPs (IIJ, NTT, SURFnet, Trumpet,…) have announced
commercial IPv6 service or service trials
Japan and China have announced national direction
© 2001, Cisco Systems, Inc. All rights reserved.
29
Deployment (cont.)
• IPv6 address allocation
6bone procedure for test address space
Regional IP address registries (APNIC, ARIN, RIPENCC)
for production address space
• Deployment advocacy (a.k.a. marketing)
IPv6 Forum: www.ipv6forum.com
© 2001, Cisco Systems, Inc. All rights reserved.
30
Conclusions
• IPv6 is addressing the future…
Addresses for new devices, new applications, and new
users
Restoring the end to end model, for performance,
robustness, security, manageability, and enabling rapid
innovation
Enhancing IP for next-generation applications: multicast,
mobility, plug-and-play, security, and multiple qualities of
service
• …but is it a future we will see?
Must apply much more energy, in design, implementation,
deployment, transition, training, explaining,…
The only way to fight entropy is to apply energy
© 2001, Cisco Systems, Inc. All rights reserved.
32