960 likes | 1.4k Views
網際網路 IPv6 研習班 中華電信訓練所 網路學系 王宗仁. Content. Introduction IPv6 Addressing IPv6 Header ICMPv6 Neighbor Discovery Address Autoconfiguration. Introduction. 1. 網際網路資源分配以階層式架構進行,由全球各地的管理單位負責維護資源的公平分配。結構最頂層的 ICANN (The Internet Corporation for Assigned Names and Numbers)
E N D
網際網路IPv6研習班 中華電信訓練所 網路學系 王宗仁
Content • Introduction • IPv6 Addressing • IPv6 Header • ICMPv6 • Neighbor Discovery • Address Autoconfiguration
Introduction 1.網際網路資源分配以階層式架構進行,由全球各地的管理單位負責維護資源的公平分配。結構最頂層的ICANN (The Internet Corporation for Assigned Names and Numbers) 2.以紐約的IANA為中心, ,再依區域區分亞太區、北美洲、拉丁美洲、非洲及歐洲各核准了一個RIR (Regional Internet Registry),由RIR 負責該地區資源的分配與管理。
Introduction APNIC為掌管亞太地區、ARIN為掌管北美地區、RIPENCC為掌管歐洲地區、AfriNIC為掌管非洲地區之位址分配 以亞太地區來說,RIR 可透過 NIR (National Internet Registry) 將資源發放給LIR (Local Internet Registry,一般皆為ISP) ,LIR 再將資源指定分發給其客戶。如此階層式的組織不但使得資源分配及管理更有效率,也可避免資源過度集中,避免不公平的資源分配
0 Net ID (7bits) Host ID (24bits) Introduction 00000000001111111111222222222233 01234567890123456789012345678901 Class A (國家級) 0(第一)及127(最後)保留 Class B (跨國組識) 10 Net ID (14bits) Host ID (16bits) 0及16383保留 Class C (企業組識) 110 Net ID (21bits) Host ID (8bits) 0及2097151保留 Class D 特殊用途 1110 Multicast address (28bits) (只能作destination) Reserved for future use Class E 1111
Introduction • RFC 1918 規定 Intranet 可以用的三個網段 • Class A : 中 10.0.0.0 ~ 10.255.255.255(一個block) • Class B : 中 172.16.0.0 ~ 172.31.255.255 (16個blocks) • Class C : 中 192.168.0.0. ~ 192.168.255.255 (256個blocks)
Introduction RIR IPv4 unallocated address pool will be exhausted is 17-Jan-2012 IANA IPv4 unallocated address pool, which this model predicts will occur on 01-Jan-2011 source:http://bgp.potaroo.net/index-ale.html update: 2007/12/24
Introduction 行政院 NICI 於 民國 90 年 10 月 26 日 第四次會議中決議成立「 IPv6 推動工作小組」,並擬定了 「我國 IPv6 建置發展計畫」 ,以分階段的方式推動 IPv6 全面建置。此計畫已納入行政院「挑戰 2008 :六年國家發展重點計畫」之 「數位台灣計畫 (eTaiwan) 」 中,自 2003 年起由政府政策帶領我國發展 IPv6 環境。本計劃主管機關由交通部電信總局(2006年起改為郵電司) , 計畫執行單位為 TWNIC 財團法人台灣網路資訊中心。 期望能藉由政府與民間之力量,相輔相成全面建立我國 IPv6 網路建設及應用環境,進而提升我國相關產業之競爭優勢,俾及早達成 e-Taiwan 資訊化優質網路社會之目標。 行政院國家資訊通信發展推動小組」,英文名稱為「National Information and Communications Initiative Committee」(簡稱NICI小組) Source: http://www.ipv6.org.tw/about.html
Introduction 本計畫小組成員含括國內各大學與研究機構、 TWNIC 、資策會、工研院電通所、中研院、國家高速電腦中心、中華電信、相關固網及 ISP 業者。各成員依 照單位屬性組成「研究發展」、「基礎建設」、「標準測試」及「應用推廣」等四個分組,由各分組擬定推動目標及工作重點項目,定期召開會議並向 NICI 報告工作成果。 Source: http://www.ipv6.org.tw/about.html
Introduction • Address depletion/ exhaustion and its implications • NAT (Network Address Translation) • CIDR IPv4 address allocation rate
Problems with IPv4 • Scaling problems with Inter- domain routing • CIDR (Classless Inter-Domain Routing) • Manual configuration required • DHCP (Dynamic Host Configuration Protocol) • Multicast, Security, Quality of Service and Mobility • IP multicast, IPSec, DiffServ and IP mobility • Header and format limitations that limit future flexibility
NAT • Network Address Translation allows a site to use private addresses behind a NAT gateway/ firewall when communicating locally, • and then automatically get a global IPv4 address assigned from a smaller pool when needed for Internet communication, • which requires changing the IPv4 header’s source address on the fly, which has a few problems...
Potential IPv6 Services • Broadband Access Subscribers • 3G and WLAN Services • 3G services to be launched in 4Q 2003 • Public Hotspots deployment plan to make Taiwan a “Wireless Island • Home network and IA Services • e-Taiwan Projects will catalyze the development of home & IA • More IP addresses will be consumed • 2. More advanced features (e.g. Mobility, Auto-configuration, QoS, Security) will be required IPv6
IPv6的發展 資料來源:NICI
IPv6的發展 資料來源:NICI
IPv6的發展 資料來源:NICI
Several key components now on Standards Track: • Specification (RFC2460) • Neighbour Discovery (RFC2461,43114861) • ICMPv6 (RFC 24634443) IPv6 Addresses (RFC2373/4/5) • RIP (RFC2080) BGP (RFC2545) • IGMPv6 (RFC2710) OSPF (RFC2740) • Router Alert (RFC2711) Jumbograms (RFC2675) • Autoconfiguration (RFC24624862) PMTU (RFC 1981) • Addressing Architecture (RFC 3513 4291) • DHCPv6 (RFC 3315, 4361, 4994, 5007) • Mobile IPv6 (RFC 3775/6) • Multihome (RFC 3178, 3704) • IPv6 over: PPP (RFC202324725072) Ethernet (RFC2464) • FDDI (RFC2467) Token Ring (RFC2470) • NBMA(RFC2491) ATM (RFC2492) • Frame Relay (RFC2590) ARCnet (RFC2549) IETF IPv6標準已相當完備 Source:中華電信研究所整理
Content • Introduction • IPv6 Addressing • IPv6 Header • ICMPv6 • Neighbor Discovery • Address Autoconfiguration
Address Notation • 以16進位,每16位元為單位並以‘:’為區隔來表示 • 3FFE:3600:4368:1234:0008:AB12:98CE:1000 • IPv4以十進位,每8位元為單位並以‘‧’為區隔來表示,如202.39.157.141 • 為使標示簡潔,位於一單位內前方之0可省略 • 3FFE:3600:4368:1234:8:AB12:98CE:1000 • 為使標示簡潔,若有連續為0 之位元,可以“::”表示,但一個位址中只能使用一次 • 3FFE:3600::1 與 3FFE:3600:0000:0000:0000:0000:0000:0001 • 3FFE:3600::3:0000:1與3FFE:3600:0000:0000:0000:0003:0000:0001
IPv6 - Addressing Model • Addresses are assigned to interfaces • No change from IPv4 Model • Interface ‘expected’ to have multiple addresses • Addresses have scope • Link Local • Site Local • Global • Addresses have lifetime • Valid and Preferred lifetime Link-Local Global Site-Local Huitema, C. and B. Carpenter, "Deprecating Site Local Addresses", RFC 3879, September 2004 R. Hinden and B. Haberman, "Unique Local IPv6 Unicast Addresses" RFC 4193, October 2005 Unique-Local
Basic Address Types U • Unicast • Address of a single interface • Delivery to single interface • for one-to-one communication • Multicast • Address of a set of interfaces • Delivery to all interfaces in the set • for one-to-many communication • Anycast • Address of a set of interfaces • Delivery to a single interface in the set • for one-to-nearest communication • Nearest is defined as being closest in term of routing distance M M M A A A
Address Type Prefixes RFC 4291 Private: Link-Local FE80::/10 && Site local FEC0::/10 Global start 2000::/3 assigned by IANA
Address Type Prefixes 資料來源:http://www.iana.org/assignments/ipv6-address-space
Aggregatable Global Unicast RFC2374 An IPv6 Aggregatable Global Unicast Address Format 001 TLA Res NLA subnet interface ID • TLA(Top Level Aggregator) = 13 bits • 0x1FFE 由IANA分配给IPv6骨幹測試網路 • may be assigned to providers or exchanges • Res= 8 bits • Reserved for future use in expanding the size of either the TLA or NLA • NLA(Next Level Aggregator)= 24 bits • SLA(Site level Aggregator)= 16 bits • Public topology • Collection of larger and smaller ISP • Site topology • Collection of subnets within an organization’s site public topology (45 bits) site topology (16 bits) interface identifier (64 bits) SLA 全球聚集單一傳遞位址格式
General format for IPv6 RFC 4291 典型的IPv6 位址包含三個部份,前面為全球路由位址前輟(Global Routing Prefix ),第二部份為子網路識別符號 (Subnet ID),第三部份是介面識別符號(Interface ID) 。「全球路由位址前輟」主要用來識別特殊位址,例如群體播送或是指定依個網點(site)的位址範圍。「子網路識別符號」用來識別網路中的連結。「介面識別符號」用來識別一個鏈結上的介面,且在鏈結上它必須是唯一的。
Link-Local Unicast Addresses • meaningful only in a single link zone, and may be re-used on other links • Link-local addresses for use during auto-configuration and when no routers are present • Required for Neighbor Discovery process, always automatically configuration • An IPv6 router never forwards link-local traffic beyond the link • Prefix= FE80::/64 1111111010 0 interface ID 10 bits 54 bits 64 bits
Site-Local Unicast Addresses • meaningful only in a single site zone, and may be re-used in other sites • Equivalent to the IPv4 private address space • Address are not automatically configured and must be assigned • Prefix= FEC0::/48 1111111011 0 subnet ID interface ID 10 bits 38 bits 16 bits 64 bits
Unique-Local Address (全新制定) • meaningful only in a single site zone, and can not be re-used in other sites • Equivalent to the IPv4 private address space • Replace Site-Local Addresses • L identifies the assignment policy. Only value 1 (FD00::/8) is currently in use designating a local assignment* • Global ID is a 40-bit identifier that ensures the global uniqueness of the address. It is generated pseudo-randomly and must not be sequential. Because ULAs should not be globally routed, they do not need to be aggregated, so sequential global IDs are not necessary * • Prefix= FC00::/7 L=1 表示Local L=0 保留中 1111110 L Global ID subnet ID interface ID 40 bits 16 bits 64 bits 7 bits 1 bits
Unique-Local Address (全新制定) Unique-Local Address have the following characteristics: -Globally unique prefix -Well-known prefix to allow for easy filtering at site boundaries. -Allow sites to be combined or privately interconnected without creating any address conflicts or requiring renumbering of interfaces that use these prefixes. ….(略) RFC4193
Other IPv6 addresses • Solicited-node multicast address介面自動產生 • Facilitates the efficient query of network node during address resolution (DAD),L2-L3 mapping • Prefix= FF02::1FF00/104 and the last 24-bits of IPv6 address • Anycast IPv6 address • Assigned to multiple interface • Only used as destination address • Only assigned to router • anycast addresses are indistinguishable from unicast • Subnet-router anycast address is predefined and requires 例:2001:ed8:32:1:0:0:aabb:ccdd其Solicited-Node Multicast Address 將為FF02::1:FFbb:ccdd Subnet Prefix 000…000 n bits 128 - n bits
Interface ID 產生方式 • 採用modified EUI-64 演算法,經由MAC Address 計算出Interface 位址 • 作業系統自動產生隨機位址 • 手動設定 • DHCPv6伺服器指定 (Stateful)
EUI-64 The conversion of a universally administered, unicast IEEE 802 address to an IPv6 interface identifier
Content • Introduction • IPv6 Addressing • IPv6 Header • ICMPv6 • Neighbor Discovery • Address Autoconfiguration
IPv6 vs. IPv4 Packet Data Unit maximum 65535 octets minimum 20 octets IPv4 Header Data Field IPv4 PDU maximum 65535 octets Fixed 40 octets 0 or more IPv6 Header Extension Header Extension Header Transport-level PDU IPv6 PDU
Comparison of IPv4 and IPv6 Header IPv6 Packet Header IPv4 Packet Header Traffic Class Service Type Ver Flow Label Ver IHL Total Length Next Header Hop Limit Payload Length Identification Flags Offset TTL Protocol Header Checksum Source Address Source Address Destination Address Options + Padding 32 bits Destination Address
Summary of Header Changes between IPv4 & IPv6 • Streamlined • Fragmentation fields moved out of base header • IP options moved out of base header • Header Checksum eliminated • Header Length field eliminated • Length field excludes IPv6 header • Alignment changed from 32 to 64 bits • Revised • Time to Live ’ Hop Limit • Protocol ’ Next Header • Precedence & TOS ’ Traffic Class • Addresses increased 32 bits ’ 128 bits • Extended • Flow Label field added
Internet Protocol(IPv4) RFC791
Internet Protocol(IPv4) Version: 4 bits The Version field indicates the format of the internet header. IHL: 4 bits Internet Header Length is the length of the internet header Total Length: 16 bits Total Length is the length of the datagram, measured in octets Identification: 16 bits An identifying value assigned by the sender to aid in assembling the fragments of a datagram Fragment Offset: 13 bits This field indicates where in the datagram this fragment belongs Time to Live: 8 bits This field indicates the maximum time the datagram is allowed to remain in the internet system.
Internet Protocol(IPv4) Flags: 3 bits Various Control Flags. Bit 0: reserved, must be zero Bit 1: (DF) 0 = May Fragment, 1 = Don't Fragment. Bit 2: (MF) 0 = Last Fragment, 1 = More Fragments. 0 1 2 +---+---+---+ | | D | M | | 0 | F | F | +---+---+---+ Header Checksum: 16 bits A checksum on the header only
Internet Protocol(IPv4) • Type of Service: 8 bits • The Type of Service provides an indication of the abstract parameters of the quality of service desired. • 2.These parameters are to be used to guide the selection of the actual service parameters when transmitting a datagram through a particular network. • 3. The major choice is a three way tradeoff between low-delay, high-reliability, and high-throughput.
Internet Protocol(IPv4) Example mappings of the internet type of service to the actual service provided on networks such as AUTODIN II, RPANET, SATNET, and PRNET is given in RFC795
Internet Protocol(IPv4) RFC 1349 1.The TOS facility is one of the features of the Type of Service octet in the IP datagram header. 2.The first field, labeled "PRECEDENCE" above, is intended to denote the importance or priority of the datagram 3.The second field, labeled "TOS" above, denotes how the network should make tradeoffs between throughput, delay, reliability, and cost. 4.The last field, labeled "MBZ" (for "must be zero") above, is currently unused.
Internet Protocol(IPv4) RFC 1349 TOS field values (expressed as binary numbers): 1000 -- minimize delay 0100 -- maximize throughput 0010 -- maximize reliability 0001 -- minimize monetary cost 0000 -- normal service 最小延遲、最大處理量、最大可靠度、最小花費位元組成