IP Address Allocation History1981 - IPv4 protocol published NAT network address translation CIDR classless inter-domain routing plus some address reclamation Theoretical limit of 32-bit
Trang 2Make a (brief) case for IPv6 (level 200) Give you a crash-course on the main aspects of the protocol (level 300)
Explain the available technology support including migration strategies (level 300)
Trang 3Why IPv6?
Trang 4IP Address Allocation History
1981 - IPv4 protocol published
NAT (network address translation)
CIDR (classless inter-domain routing)
plus some address reclamation
Theoretical limit of 32-bit space: ~4 billion devices
Practical limit of 32-bit space: ~250 million devices (RFC 3194)
Trang 5Running Out of Addresses
Even if every company used only 1 address by fully utilising NATs (Network Address Translation)…
…we would be out of addresses in the next 3-5 years
“Slower that Y2K problem, but a surer one”
Trang 6More IPv4 Pain
Argh, NATs
Peer-to-peer is difficult NAT security record is dubious Management is a pain
Security is an optional add-on QoS (Quality of Service) is rare and not real-time Routing tables too large and process slow
Mobility is a pain
But peer-to-peer mobility is the future of Internet
Device autoconfiguration is rare
DHCP & address ownership does not work across organisational boundaries
Using external agents for autoconfiguration is a non-starter
Trang 7US versus ROW
US accounts for 90% of address allocation
Some universities in US have more allocated addresses than the whole of Asia
The so-called, in US, “Rest of the World” is hardly an even partner
Reliance on American organisations may be politically difficult, at times, for large or
governmental Internet projects Gives US an unwelcome monopoly power
Trang 86 Benefits of IPv6
Address depletion solved International misallocation solved End-to-end communication restored Scoped addresses & address selection More efficient forwarding
Built-in security and mobility
Trang 9Who’s Doing IPv6?
More places than you would think!
Japanese city of Kyoto (now)JANET (Joint Academic Network) in UK
US Deparment of Defence
June 13 th 2003 decision made by Pentagon ( http://story.news.yahoo.com/news?tmpl=story&cid=1509&ncid
=738&e=6&u=/afp/20030613/tc_afp/us_military_internet )
Planning and preparation in 2003-4 Transition in 2005
Completion in 2008
Trang 10Crash Course on IPv6
Trang 11Features of IPv6
New header formatLarge address spaceEfficient and hierarchical addressing and routing infrastructure
Stateless and stateful address configurationBuilt-in security
Better support for QoSNew protocol for neighboring node interactionExtensibility
Trang 12Feature IPv4 IPv6
Address length 32 bits 128 bits
IPSec support Optional Required
Fragmentation Hosts and routers Hosts only
Packet size 576 bytes 1280 bytes
Link-layer address resolution ARP (broadcast) Multicast Neighbor
Discovery Messages Multicast membership IGMP Multicast Listener
Discovery (MLD) Router Discovery Optional Required
Configuration Manual, DHCP Automatic, DHCP
DNS name queries Uses A records Uses AAAA
records DNS reverse queries Uses IN-ADDR.ARPA Uses IP6.INT
Trang 13LAN segment
Link
Subnet
Network
Trang 14The IPv6 Address Space
128-bit address space
2128 possible addresses
340,282,366,920,938,463,463,374,607,431,768,211,456
addresses (3.4 x 10 38 ) 6.65 x 10 23 addresses per square metre of Earth’s surface
128 bits were chosen to allow multiple levels of hierarchy and flexibility in designing
hierarchical addressing and routingTypical unicast IPv6 address:
64 bits for subnet ID, 64 bits for interface ID
Trang 15IPv6 Address Syntax
IPv6 address in binary form:
0010000111011010000000001101001100000000000000000010111100111011 0000001010101010000000001111111111111110001010001001110001011010
Divided along 16-bit boundaries:
Trang 16FE80:0:0:0:2AA:FF:FE9A:4CA2 becomes FE80::2AA:FF:FE9A:4CA2
Trang 17IPv6 Prefixes
Prefix is the part of the address where the bits have fixed values or are the bits of a route or subnet identifier
IPv6 subnets or routes always uses
Trang 18Types of IPv6 Addresses
No more broadcast addresses
Trang 19Unicast IPv6 Addresses
Aggregatable global unicast addresses Link-local addresses
Site-local addresses Special addresses Compatibility addresses NSAP addresses
Trang 20Aggregatable Global Unicast Addresses
Top-Level Aggregation ID (TLA ID) Next-Level Aggregation ID (NLA ID) Site-Level Aggregation ID (SLA ID) Interface ID
Trang 21Topologies Within Global Addresses
Public Topology Site Topology Interface ID
Trang 22Local-Use Unicast Addresses
Trang 23Link-Local Addresses
Format Prefix 1111 1110 10
FE80::/64 prefix
Used for local link only
Single subnet, no routerAddress autoconfigurationNeighbor Discovery
1111 1110 10 Interface ID
10 bits 64 bits
000 000
54 bits
Trang 24Site-Local Addresses
Format Prefix 1111 1110 11
FEC0::/48 prefix for site
Used for local site only
Replacement for IPv4 private addressesIntranets not connected to the InternetRouters do not forward site-local traffic outside the site
Trang 25NSAP Addresses
0000001 NSAP-mapped address
7 bits 121 bits
Trang 26Special IPv6 Addresses
Trang 28IPv6 Header
Upper Layer Protocol Data Unit Payload
IPv6 Packet
Extension Headers
Structure of an IPv6 Packet
Trang 29VersionTraffic ClassFlow LabelPayload Length
Next Header
Hop LimitSource AddressDestination Address
Structure of the IPv6 Header
Trang 30Values of the Next Header Field
Trang 31Besides using DHCP, you can always autoconfigure an address
Check twice it is not a duplicate
Talk to routers and neighbours to be sure
Addresses expire, no concept of globally permanent addresses
Trang 32Temporary Address Interface Identifiers
Random IPv6 interface identifier
Prevent identification of traffic regardless of the prefix - anonymity
Initial value based on random number Future values based on MD5 hash of history value and EUI-64-based interface identifier
Result is a temporary address
Generated from public address prefixes using stateless address autoconfiguration
Changes over time
Trang 33Multiple Addresses on a Node
Unlike in IPv4, a node always has multiple addresses
Link-local, site-local*, global etc.
It is the job of the protocol stack on each node
to decide which address to use depending on who are we talking to
Greatly simplifies the job of routers, of course
This is in the spirit of peer-to-peer and distribution of processing power, by the way
Trang 34Notify it where you are
It will tunnel things to youYou can do Binding Updates with anyone you correspond to establish a direct path
Result: no loss of a session while you roam!
Trang 35Technology Support and Migration Strategy
Trang 36Coexistence and Migration
The transition from IPv4 to IPv6 will take years
Some hosts will use IPv4 indefinitely Migration is the long term goal, coexistence in the interim
Transition criteria:
Existing IPv4 hosts can be upgraded at any time independent of the upgrade of other hosts or routers New hosts using only IPv6 can be added at any time without dependencies on other hosts or routing infrastructure
Existing IPv4 hosts with IPv6 installed can continue to use their IPv4 address and do not need additional addresses Little preparation is needed to upgrade existing IPv4 nodes
to IPv6 or to deploy new IPv6 nodes
Trang 37Application Layer
Transport Layer (TCP/UDP)
IPv6
Network Interface Layer
IPv4
Dual IP Layer Architecture
Trang 38Application Layer
TCP/UDP
IPv6
Network Interface Layer
TCP/UDP
IPv4
Dual Stack Architecture
Trang 39Windows Sockets applications
IPv4 (Tcpip.sys)
Network adapter drivers
IPv6 (Tcpip6.sys)
TDI
NDIS
Windows Sockets
Windows Sockets components
Windows Server 2003 IPv6
Trang 40WS2003 IPv6 Features
Basic stack support
Only Ethernet and FDDI (no Token Ring or PPP)
No Microsoft-specific IPv4 enhancements (from W2K)
6to4, ISATAP, 6over4, PortProxy Temporary addresses
DNS support (dynamic AAAA and reverse) IPSec6 support
Generically incompatible with IPSec for IPv4
No ESP for data encryption, no IKE for SA negotiation –use ipsec6.exe for manual configuration of SAs
Address selection and autoconfiguration Can be a static router
Site prefixes in router advertisements
Trang 41Application Support in WS2003
Internet Explorer Telnet client
FTP client Internet Information Services, version 6 File and print sharing
Windows Media Services Network Monitor
SNMP MIB support
Trang 42Application Programming Interfaces in WS2003
Windows Sockets (WinSock) Remote Procedure Call (RPC) Internet Protocol Helper (IPHelper) Win32 Internet Extensions (WinInet) NET Framework
Trang 43IPv6-enabled Utilities
Ipconfig Route Ping Tracert Pathping Netstat
Trang 44IPv6 Command Line Utilities
Netsh.exe
interface ipv6interface ipv6 6to4interface ipv6 isatapinterface portproxy
Ipsec6.exe
Trang 45Installing & Configuring IPv6
Install
Add the “Microsoft TCP/IP version 6”
protocol when configuring the properties of
a LAN connection in Network ConnectionsExecute netsh interface ipv6 install at a command prompt
Configure
IPv6 is self-configuringFor manual configuration, use commands
in the netsh interface ipv6 context
Trang 46Migrating to IPv6
1 Upgrade your applications to be
independent of IPv4 or IPv6
2 Update the DNS infrastructure to support
IPv6 addresses and PTR records
3 Upgrade hosts to IPv4/IPv6 nodes
4 Upgrade routing infrastructure for native
IPv6 routing
5 Convert IPv4/IPv6 nodes to IPv6-only
nodes
Trang 47Prepare your infrastructure over the next year, if possibleContact the experts for help
www.ip426.com at your service
in association with www.ip426.com
Trang 48Ask The Experts
Get Your Questions Answered
I will be at the Ask The Experts stand on
Friday from 12:00 till 14:00 waiting for
Trang 50Suggested Reading & Resources
“Understanding IPv6”, Joseph Davies,
Microsoft Press, ISBN 0-7356-1245-5
Available (limited copies) on Microsoft Press stand near the conference rooms during TechEd 2003 at a discount!
www.microsoft.com/ipv6 www.ipv6forum.org
www.ip426.com
Trang 51evaluations
Trang 52© 2003 Microsoft Corporation & Project Botticelli Ltd All rights reserved This presentation is for informational purposes only MICROSOFT AND PROJECT BOTTICELLI MAKE NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.