Download IPv6 Site Renumbering Gap Analysis

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
Document related concepts

Wake-on-LAN wikipedia , lookup

Deep packet inspection wikipedia , lookup

Wireless security wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Computer network wikipedia , lookup

Net bias wikipedia , lookup

Network tap wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Airborne Networking wikipedia , lookup

Dynamic Host Configuration Protocol wikipedia , lookup

Distributed firewall wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Service-oriented architecture implementation framework wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Transcript 
IPv6 Enterprise Network Renumbering
Scenarios and Guidelines
draft-ietf-6renum-enterprise-00
Sheng Jiang(speaker), Bing Liu, Brian.E.Carpenter
IETF 83@Paris
Mar 2012
Progress
Adopted as a WG item
• WG Chair initialed the Call in Dec 2011
• Submitted as a WG draft in Feb 2012
Content updated
• Got some valuable comments, mainly from Lee Howard, many
thanks!
Main revisions
• Reconfirm the scope of not including IPv4/IPv6
co-existence scenarios
• Modified some scenario description
• Security considerations update
• Editorial revision
• Scope Issue
To explain why we exclude IPv4/IPv6 transition
scenarios:
 The IPv4 and IPv6 are logically separated from the perspective
of renumbering, regardless of overlapping of the IPv4/IPv6
networks or devices. For IPv4/IPv6 addresses are configured
respectively by different protocols, as while as the DNS/Filters
records.
[Open Question] In some transition mechanisms, IPv4/IPv6 may
be mixed in one DHCP configuration, shall we consider this?
• Scenario description modification
 Deleted these:
-
DHCPv6 server in the ISP delegates a new prefix to the
enterprise network.
- If the administrators only want part of the network to have
multiple prefixes, the renumbering process should be carefully
managed
 It should be noted that multicast DNS is link-local
only, so the effort is limited.
• Security considerations
 Any automatic renumbering scheme has a potential
exposure to hijacking.
 For malicious entity in the network can forge prefixes
to renumber the hosts, either through ND or DHCP.
Open Questions
• DHCPv6 PD options may be used between the
enterprise routers and their upstream ISPs, is
it reasonable?
• Use of FQDN for services should imply use (or
at least consideration) of DNSSEC, what about
the real deployment situation?
• Need more reasonable cases where FQDN is
better than IP address.
• RA guard [RFC6105] is a light-weight
alternative of SEND?
Open Questions
• Is this figure sufficient?
For some argued it is too simple that just like a single hub. But we only
considered it as an illustration of an enterprise network, which can reflect the
main architecture and contains most types of elements relevant to
renumbering.
Comments?
Thank you
[email protected]
[email protected]
[email protected]
Mar 26-2012, @Paris
Related documents
IPv4 to IPv6 Migration strategies
IPv4 to IPv6 Migration strategies
Title: ISPs ignore IP timebomb
Title: ISPs ignore IP timebomb
Document
Document
Ip addressing
Ip addressing
IPv6
IPv6
HOW MANY IP ADDRESSES ARE AVAILABLE IN IPV6
HOW MANY IP ADDRESSES ARE AVAILABLE IN IPV6
Wired communication standards solutions
Wired communication standards solutions
Document
Document
Internet Exchange Points
Internet Exchange Points
Security on IPv6
Security on IPv6
Merger IT Infrastructure Integration
Merger IT Infrastructure Integration
Colorful Spring Flowers
Colorful Spring Flowers