ADM389 IPv6 Rafal Lukawiecki rafal@projectbotticelli.co.uk www.projectbotticelli.co.uk Strategic Consultant Project Botticelli Ltd in association with www.ip426.com 2 Objectives Make a (brief) case for IPv6 (level 200) Give you a crash-course on the main aspects of the protocol (level 300) Explain the available technology support including migration strategies (level 300) 3 Why IPv6? 4 IP Address Allocation History 1981 - IPv4 protocol published 1985 ~ 1/16 of total space 1990 ~ 1/8 of total space 1995 ~ 1/3 of total space 2000 ~ 1/2 of total space 2002.5 ~ 2/3 of total space This despite increasingly intense conservation efforts: PPP / DHCP address sharing NAT (network address translation) CIDR (classless inter-domain routing) plus some address reclamation Theoretical limit of 32-bit space: ~4 billion devices Practical limit of 32-bit space: ~250 million devices (RFC 3194) 5 Running Out of Addresses Even if every company used only 1 address by fully utilising NATs (Network Address Translation)… …we would be out of addresses in the next 3-5 years “Slower that Y2K problem, but a surer one” 6 More IPv4 Pain Argh, NATs  Peer-to-peer is difficult NAT security record is dubious Management is a pain Security is an optional add-on QoS (Quality of Service) is rare and not real-time Routing tables too large and process slow Mobility is a pain But peer-to-peer mobility is the future of Internet Device autoconfiguration is rare DHCP & address ownership does not work across organisational boundaries Using external agents for autoconfiguration is a non-starter 7 US versus ROW US accounts for 90% of address allocation Some universities in US have more allocated addresses than the whole of Asia The so-called, in US, “Rest of the World” is hardly an even partner Reliance on American organisations may be politically difficult, at times, for large or governmental Internet projects Gives US an unwelcome monopoly power 8 6 Benefits of IPv6 Address depletion solved International misallocation solved End-to-end communication restored Scoped addresses & address selection More efficient forwarding Built-in security and mobility 9 Who’s Doing IPv6? More places than you would think! Japanese city of Kyoto (now) JANET (Joint Academic Network) in UK US Deparment of Defence June 13 th 2003 decision made by Pentagon ( http://story.news.yahoo.com/news?tmpl=story&cid=1509&ncid =738&e=6&u=/afp/20030613/tc_afp/us_military_internet ) Planning and preparation in 2003-4 Transition in 2005 Completion in 2008 10 Crash Course on IPv6 [...]... ::0:5EFE:w.x.y.z 28 Structure of an IPv6 Packet IPv6 Header Extension Headers Upper Layer Protocol Data Unit Payload IPv6 Packet 29 Structure of the IPv6 Header Version Traffic Class Flow Label Payload Length Next Header Hop Limit Source Address Destination Address 30 Values of the Next Header Field Value Header 0 6 17 41 43 44 50 51 58 59 60 Hop-by-Hop Options Header TCP UDP Encapsulated IPv6 Header Routing Header... of Earth’s surface 128 bits were chosen to allow multiple levels of hierarchy and flexibility in designing hierarchical addressing and routing Typical unicast IPv6 address: 64 bits for subnet ID, 64 bits for interface ID 15 IPv6 Address Syntax IPv6 address in binary form: 0010000111011010000000001101001100000000000000000010111100111011 0000001010101010000000001111111111111110001010001001110001011010...11 Features of IPv6 New header format Large address space Efficient and hierarchical addressing and routing infrastructure Stateless and stateful address configuration Built-in security Better support for QoS New protocol for neighboring node interaction Extensibility 12 Differences Between IPv4 & IPv6 Feature IPv4 IPv6 Address length 32 bits 128 bits IPSec support... from IPv4 to IPv6 will take years Some hosts will use IPv4 indefinitely Migration is the long term goal, coexistence in the interim Transition criteria: Existing IPv4 hosts can be upgraded at any time independent of the upgrade of other hosts or routers New hosts using only IPv6 can be added at any time without dependencies on other hosts or routing infrastructure Existing IPv4 hosts with IPv6 installed... part of the address where the bits have fixed values or are the bits of a route or subnet identifier IPv6 subnets or routes always uses address/prefix-length notation CIDR notation Examples: 21DA:D3::/48 for a route 21DA:D3:0:2F3B::/64 for a subnet No more dotted decimal subnet masks!  18 Types of IPv6 Addresses Unicast Address of a single interface One-to-one delivery to single interface Multicast... Manual, DHCP Automatic, DHCP DNS name queries Uses A records Uses AAAA records DNS reverse queries Uses IN-ADDR.ARPA Uses IP6.INT 13 IPv6 Terminology Neighbors Host Host Bridge Host Intra-subnet router Router LAN segment Link Subnet Additional subnets Network 14 The IPv6 Address Space 128-bit address space 2128 possible addresses 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses (3.4 x... Compressing Zeros Some IPv6 addresses contain long sequences of zeros A single contiguous sequence of 16-bit blocks set to 0 can be compressed to “::” (doublecolon) Example: FE80:0:0:0:2AA:FF:FE9A:4CA2 becomes FE80::2AA:FF:FE9A:4CA2 FF02:0:0:0:0:0:0:2 becomes FF02::2 Cannot use zero compression to include part of a 16-bit block FF02:30:0:0:0:0:0:5 does not become FF02:3::5 17 IPv6 Prefixes Prefix is... infrastructure Existing IPv4 hosts with IPv6 installed can continue to use their IPv4 address and do not need additional addresses Little preparation is needed to upgrade existing IPv4 nodes to IPv6 or to deploy new IPv6 nodes ... autoconfigure an address Check twice it is not a duplicate Talk to routers and neighbours to be sure Addresses expire, no concept of globally permanent addresses 32 Temporary Address Interface Identifiers Random IPv6 interface identifier Prevent identification of traffic regardless of the prefix - anonymity Initial value based on random number Future values based on MD5 hash of history value and EUI-64-based interface... not forward site-local traffic outside the site 10 bits 38 bits 16 bits 64 bits 1111 1110 11 000 000 Subnet ID Interface ID 25 NSAP Addresses 7 bits 0000001 121 bits NSAP-mapped address 26 Special IPv6 Addresses Unspecified address 0:0:0:0:0:0:0:0 or :: Loopback address 0:0:0:0:0:0:0:1 or ::1 By the way, DNS server is normally at: FEC0:0:0:0:FFFF::1, FEC0:0:0:0:FFFF::2, FEC0:0:0:0:FFFF::3 27 Compatibility . addressing and routing Typical unicast IPv6 address: 64 bits for subnet ID, 64 bits for interface ID 15 IPv6 Address Syntax IPv6 address in binary form: 0010000111011010000000001101001100000000000000000010111100111011. 2003-4 Transition in 2005 Completion in 2008 10 Crash Course on IPv6 11 Features of IPv6 New header format Large address space Efficient and hierarchical