Download IPv6 Advantages March 2000

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
page
52
page
53
page
54
page
55
page
56
page
57
page
58
page
59
page
60
page
61
page
62
page
63
page
64
page
65
page
66
page
67
page
68
page
69
page
70
page
71
page
72
page
73
page
74
page
75
page
76
page
77
page
78
page
79
page
80
page
81
page
82
page
83
Document related concepts

Internet protocol suite wikipedia , lookup

Distributed firewall wikipedia , lookup

Asynchronous Transfer Mode wikipedia , lookup

Deep packet inspection wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Airborne Networking wikipedia , lookup

Computer security wikipedia , lookup

IEEE 1355 wikipedia , lookup

Wireless security wikipedia , lookup

Dynamic Host Configuration Protocol wikipedia , lookup

SIP extensions for the IP Multimedia Subsystem wikipedia , lookup

Multiprotocol Label Switching wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Transcript 
IPv6 Advantages
Ted Peng
[email protected]
Agenda
IPv4 - Limiting factors
 IPv6 Base Technology
 The power of IPv6






Addressing
Management
Security
Other IPv6 goodies
Summary
IPv6 Forum May 2000
IPv4 - Limiting factors
IPv4 issues (1)

Out of Internet addresses






Address Shortages
Limits Internet growth for existing users
Hinders use of the Internet for new users
Internet Routing today is inefficient
Forces users to use NAT
System Management Costs

Managing addresses manually is costly
– and error-prone

Inconsistent level of DHCP support in clients
– Lowest common denominator wins

Networks are having to Renumber
– Caused by address space shortage
– When choosing a more competitive ISP

Mobile IP
– Complicated to manage
IPv6 Forum May 2000
IPv4 issues (2)

Optional Security

IPv4 was never designed to be secure
– Originally designed for an isolated military network
– Then adapted for a public educational & research network

IPv4 security is retrofitted and many solutions defined
– SSL, SHTTP, IPSEC v4
– No ONE standard

Security features are optional
– CANNOT count on their availability

Support for 21st century applications

New applications are more demanding, they will require
Guaranteed on-time delivery ; Guaranteed availability of
bandwidth; Guaranteed security

Difficult to add to the base IPv4 technology; adding it on is
very high overhead
IPv6 Forum May 2000
Will IPv4 last forever?

How long can we ignore these problems?



IPv4 address space will run out
There is an engineering limit to the amount of retrofitting that
can be applied to IPv4
A natural evolution from IPv4 is required

Designed with extensibility and scalability in mind
IPv6 Forum May 2000
IPv6 Base Technology
Wins
IPv4 Header
20 octets + options : 13 fields, including 3 flag bits
Changed
0 bits
Ver
4
8
IHL
16
24
Service Type
Identifier
Time to Live
Removed
Total Length
Flags
Protocol
Fragment Offset
Header Checksum
32 bit Source Address
32 bit Destination Address
Options and Padding
IPv6 Forum May 2000
31
IPv6 Header
40 Octets, 8 fields
0
4
Version
12
Class
16
24
31
Flow Label
Payload Length
Next Header
128 bit Source Address
128 bit Destination Address
IPv6 Forum May 2000
Hop Limit
IPv6 Extension Headers


IP options have been moved to a set of optional Extension
Headers
Extension Headers are chained together
IPv6 Header TCP Header
Application Data
Next = TCP
IPv6 Header Routing Hdr
Next = Routing
TCP Header
Application Data
Next = TCP
IPv6 Header Security Hdr Fragment Hdr TCP Header
Next = Security Next = Frag
Next = TCP
IPv6 Forum May 2000
Data
Frag
Performance Wins

Fixed Size IPv6 Header


Unlike IPv4 - Options not limited at 40 bytes
Fewer fields in basic header


faster processing of basic packets
no checksum
64 Bit Alignment Header/Options
 Efficient option processing




option fields processed only when the option present
Processing of most options limited performed only at
destination
No Fragmentation in the network

More router cycles available for forwarding packets
IPv6 Forum May 2000
The power of IPv6
Addressing
IPv6 - Addressing Model

Addresses are assigned to interfaces

No change from IPv4 Model

Interface can have multiple addresses

Addresses have scope




Link Local
Site Local
Global
Global
Addresses have lifetime

Valid and Preferred lifetime
IPv6 Forum May 2000
Site-Local
Link-Local
IPv6 Address Structure

Formed from a combination of the:
Prefix
Interface ID
3FFE:0301:DEC1:: 0A00:2BFF:FE36:701E
Prefix Representation 3FFE:0301:DEC1::/64

Separation of “who you are” from “where you are
connected to”

Routing Prefix
– Routing Topology

Node Identification
– Interface Identifier
IPv6 Forum May 2000
The power of IPv6
Management
Network Management

Auto configuration



Plug-and-Play.
Automate network address renumbering
DHCP support is mandated
– Every host can download their network configurations from a
server at startup time

Address changes are automated
– Stateless ; Routers advertise prefixes that identify the subnet(s)
associated with a link ; Hosts generate an "interface token" that
uniquely identifies an interface on a subnet ; An address is
formed by combining the two.
– Stateful ; Clients obtain address and / or configuration from a
DHCP server ; DHCP server maintains the database and has a
tight control over address assignments.
IPv6 Forum May 2000
Automatic Renumbering

Renumbering IPv6 Hosts is easy



Add a new Prefix to the Router
Reduce the Lifetime of the old prefix
As nodes depreciate the old prefix the new Prefix will start to
be used for new connections
Renumbering in IPv6 is designed to happen!
 An end of ISP “lock in”!


Improved competition
IPv6 Forum May 2000
Putting the IT Director
back in control

IPv6 Address Scope




Configuration Policy Control



Some addresses are GLOBAL
Others are Link or Site LOCAL
Addressing Plan also controls network access
Stateless
Stateful (DHCPv6)
Routers Dictate the Configuration Policy


Router Managers are “in control” of the network
Routers also dictate MTU size for the Link
IPv6 Forum May 2000
Mobile IPv6

IPv6 Mobility is based on core features of IPv6


The base IPv6 was designed to support Mobility
Mobility is not an “Add-on” features
– All IPv6 Networks are IPv6-Mobile Ready
– All IPv6 nodes are IPv6-Mobile Ready
– All IPv6 LANs / Subnets are IPv6 Mobile Ready
IPv6 Neighbor Discovery and Address
Autoconfiguration allow hosts to operate in any
location without any special support
 No single point of failure (Home Agent)
 More Scalable : Better Performance



Less traffic through Home Link
Less redirection / re-routing (Traffic Optimisation)
IPv6 Forum May 2000
The power of IPv6
Security
IPv6 - Mandates Security

Security features are standardized and mandated


All implementations must offer them
No Change to applications
Authentication (Packet signing)
 Encryption (Data Confidentiality)
 End-to-End security Model





Protects DHCP
Protects DNS
Protects IPv6 Mobility
Protects End-to-End traffic over IPv4 networks
IPv6 Forum May 2000
Enables Next Generation
Applications

IPv6 Flow Labels provide Support for Data Flows



Allows Packet Prioritizing
Ensures that high priority traffic (voice, data, real-time
manufacturing, etc.) is not interrupted by less critical data
IPv6 Multicast & Anycast

Multicast delivers data simultaneously to all hosts that sign
up to receive it
– Makes conferencing more efficient

Anycast delivers data to one host in the group
– Could be used to implement fault tolerant client/server
applications more efficiently
IPv6 Forum May 2000
IPv6 Features and Advantages







Larger Address Space
Efficient and Extensible IP datagram
Efficient Route Computation and Aggregation
Improved Host and Router Discovery
Mandated New Stateless and Stateful Address
Autoconfiguration
Mandated Security for IP datagrams
Easy renumbering
IPv6 Forum May 2000
IPv6 Transition Scenarios
Getting Started with IPv6
`
Outline
ASCI & IPv6
 Review of Transition Mechanisms
 Planning for IPv6
 Transition Scenario Examples
 Summary
 Information Resources

IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
IPv6 Forum May 2000
Service Pr Service Providers are Key

Starting Edge upgrades (only) enable IPv6 service
offerings`
IPv6 over IPv4 Internet:IPv6 over MPLS:-
Mobile Data
IPv6
Enterprise
IPv4
Enterprise
CE
Router
PE Router
IPv6
Enterprise
Service Provider
IPv4 Backbone
Translating
Gateways
IPv6
Enterprise
IPv4
Enterprise
IPv6
Enterprise
Service Provider
MPLS Backbone
CE
Router
MPLS LSPs
Mobile Data
IPv6
Enterprise
Translating
Gateways
IPv6 Forum May 2000
Translating
Gateway
Service Providers & Phases of Integration
IPv6 over MPLS


Why?!
 Market has voted, Multi-Protocol Label Switching (MPLS) - backbone
technology of choice
 IPv6 Control Plane, MPLS Data Plane means No Forklifts
 Leverages VPN Support - scalable, customer-by-customer, site-by-site.
 Traffic Engineering capabilities - e.g. route via translating gateways
 Services Transparency - e.g. Provisioning, QoS, Security.
Providers can therefore readily offer IPv6 Addresses while preserving
investment
IPv6 Forum May 2000
The The Cisco IOS IPv6 Roadmap




IPv6 Phase I - Currently in Beta, FCS IOS 12.1(5)T
(October 2000)
 RIPv6, Multi-protocol BGP, ICMPv6, ND, Tunnel Support, 6to4, 6over4, Ping,
Trace, Telnet, FTP, Access Lists etc.
IPv6 Phase II
 CEFv6, IPv6 over MPLS, Protocol Translation IPv6 <-> IPv4, Additional
Routing Protocols (e.g. i/IS-IS), DiffServ etc.
IPv6 Phase III
 Mobility, IP Multicast, VoIPv6, Security etc.
Hardware support designed in for future platforms
IPv6 Forum May 2000
BGP Multiprotocol
Extensions
Summary



New BGP optional attributes:
MP_REACH_NLRI
MP_UNREACH_NLRI
Protocol independent NEXT_HOP and NLRI
attributes.
Subnetwork Point of Attachment (SNPA) for the
NEXT_HOP.
IPv6 Forum May 2000
MP_REACH_NLRI
Address Family Identifier
Sub-AFI
NEXTHOP Address
Num SNPAs
NEXTHOP len
...
1st SNPA len
1st SNPA
Remaining SNPAs
...
...
NLRI length
NLRI information
...
IPv6 Forum May 2000
...
IPv6 Considerations

Rules for constructing the NEXTHOP attribute:
When two peers share a common subnet the
NEXTHOP information is formed by a global
address and a link local address.
Redirects in IPv6 are restricted to the usage of link
local addresses.
Redistribution from and to protocols that use link
local nexthops only (like RIPng).
IPv6 Forum May 2000
Routing Information


Independent operation.
One RIB per protocol.
–e.g. IPv6 has its own BGP table.
Distinct policies per protocol.
Peering sessions can be shared when the
topology is congruent.
IPv6 Forum May 2000
6bone Deployment
TCP over IPv6 peering session
IPv6 over IPv4 Tunnel


Small number of BGP speaking routers (~20-30).
Highly meshed topology.
IPv6 Forum May 2000
Home
Networking
with IPv6
Why Home Networking?

43.1 million U.S. homes have a PC



Telecommuting is on the rise



9.4 million have 2 PCs
3 million have 3 or more PCs
30% growth from 1995 to 1997
40% growth in 1998
13 million households contain a business
IPv6 Forum May 2000
Why Home Networking?

Smart devices





PDAs
Phones
Set top boxes
In 1999, non-PC CPU devices outsold PCs
IP is the means for devices to communicate!
IPv6 Forum May 2000
Home Networking Goals

Simple to setup


Plug-and-play
Quick
Maintenance-free
 Sophisticated functionality in a simple system
 IT SHOULD JUST WORK!

IPv6 Forum May 2000
Home Networking Today
IPv6 Forum May 2000
Home Networking Tomorrow
IPv6 Forum May 2000
Limitations


IPv4 cumbersome to put on low memory devices (cell
phone, PDA, etc.)
What about IPv4-capable devices?




Usually requires NAT
Not easy to setup and maintain
Not quick
Not simple!
IPv6 Forum May 2000
What IPv6 Offers

Media Flexibility
Stateless Autoconfiguration
 Multihoming
 Neighbor Discovery
 Built-in Security
 Mobility

IPv6 Forum May 2000
Multitudes of Media
Ethernet
 PPP
 Wireless
 Cable Data
 IEEE 1394

IPv6 Forum May 2000
What IPv6 Offers

Media Flexibility

Stateless Autoconfiguration
Multihoming
 Neighbor Discovery
 Built-in Security
 Mobility

IPv6 Forum May 2000
IPv6 Stateless Autoconfiguration

Local communication with no intervention




Global communication with no stateful server


Generate link-local address
Perform Duplicate Address Detection
Start sending data
Example later…
Facilitate site renumbering
IPv6 Forum May 2000
What IPv6 Offers
Media Flexibility
 Stateless Autoconfiguration


Multihoming
Neighbor Discovery
 Built-in Security
 Mobility

IPv6 Forum May 2000
Multihoming

Adds reliability

Multiple routes in/out of network
Nodes generate a global address for each prefix heard
 OS or IP stack determines which address to use

IPv6 Forum May 2000
What IPv6 Offers
Media Flexibility
 Stateless Autoconfiguration
 Multihoming


Neighbor Discovery
Built-in Security
 Mobility

IPv6 Forum May 2000
Neighbor Discovery
Finds adjacent nodes on shared link
 Learns optimal gateway
 Performs address resolution
 Aids autoconfiguration
 Announces addressing changes

IPv6 Forum May 2000
What IPv6 Offers
Media Flexibility
 Stateless Autoconfiguration
 Multihoming
 Neighbor Discovery


Built-in Security

Mobility
IPv6 Forum May 2000
Security

IP Security support built-in



Authentication header
Encapsulated Security Payload header
Privacy extensions to Autoconfiguration

Prevents mapping of addresses to particular nodes
IPv6 Forum May 2000
What IPv6 Offers
Media Flexibility
 Stateless Autoconfiguration
 Multihoming
 Neighbor Discovery
 Built-in Security


Mobility
IPv6 Forum May 2000
Mobility

Wireless mobility




802.11 wireless LAN
Bluetooth (radio technology)
Infrared
Roaming


Laptop plugged into remote network
PDA accessing via satellite
IPv6 Forum May 2000
IPv6 Home Networking Example

In IPv4


Get single IPv4 address from provider
May need to configure all devices :
– Private address
– Default gateway

Setup and configure NAT/router
– Address mappings
– Application Layer Gateways (ALGs)
– Needs global IPv4 address from provider
IPv6 Forum May 2000
IPv6 Home Networking Example

In IPv6


Get IPv6 prefix from provider
Add prefix to gateway/router
IPv6 Forum May 2000
Example
IPv6 Prefix
RA w/ prefix
Global IPv6 Address
IPv6 Forum May 2000
IPv6 Home Networking

Simple


Plug-and-play
Quick


No host configuration
No NATs or private addressing

No network maintenance

Regain end-to-end transparency!
IPv6 Forum May 2000
Related documents
Title: ISPs ignore IP timebomb
Title: ISPs ignore IP timebomb
Document
Document
IPv4 to IPv6 Migration strategies
IPv4 to IPv6 Migration strategies
Chapter 9b IPv6 Subnetting
Chapter 9b IPv6 Subnetting
Document
Document
HOW MANY IP ADDRESSES ARE AVAILABLE IN IPV6
HOW MANY IP ADDRESSES ARE AVAILABLE IN IPV6
IPv6 Migration: A cost estimate Methodology
IPv6 Migration: A cost estimate Methodology
To ensure that the industry maintains a collective - Labs
To ensure that the industry maintains a collective - Labs
GBBN IPV6 LAUNCH EVENT GBBN is using Internet Protocol
GBBN IPV6 LAUNCH EVENT GBBN is using Internet Protocol
Internet Exchange Points
Internet Exchange Points
IPv6 Transition
IPv6 Transition