320 likes | 340 Views
Explore the transition from IPv4 to IPv6, including addressing, protocols, and benefits of the new protocol for efficient communication and enhanced security. Learn about IPv6 address structure, categories, and uses.
E N D
Also called , IPng – “IP next generation” Next Generation: IPv6 and ICMPv6 Recall IPv4 provides host-to-host or hop-to-hop communication Recall UDP/TCP provide end-to-end or process-to-process communication
Why IPv6 ? 3 major reasons Recall that (1) subnetting, (2) classless addressing, (3) DHCP (dynamic address allocation) and (4) NAT all contributed to better utilization of the 32-bit address space - despite these solutions, address depletion is still an issue There are numerous applications on the rise that require streaming real-time audio and video – and real-time transmission requires minimum delay and reservation-of-resources strategies – and IPv4 isn’t designed for these strategies Over the last few years, there has been a much greater demand for security and for the Internet to accommodate encryption and authentication of data for some applications – and IPv4 doesn’t provide encryption or authentication
Why IPv6 ? IPv6 was proposed in overcoming IPv4’s deficiencies IPv6 has these advantages over IPv4: 1. larger address space – 128 bits 2. better header format – options can be inserted or not 3. new options – additional functionalities4. allowance for extension – protocol can be extended for newer technologies5. support for resource allocation – enables the Tx to request special handling 6. support for more security – provides encryption and authentication Related protocols were either modified or dropped for IPv6 - ICMP was modified (ICMPv6) - ARP and IGMP in version 4 were combined in ICMPv6 - RARP was dropped - RIP and OSPF were slightly modified
IPv6 Address Uses hexadecimal colon notation, a 296 address increase over IPv4 Abbreviated address Leading zeros can be omitted If consecutive sections consist of zeros only, the zeros can be removed altogether and replaced with double semicolon Only allowed once per address – if there were two runs of zero sections, only one can be abbreviated
IPv6 Address Like IPv4, IPv6 can use CIDR notation 3 Categories of IPv6 Addresses Unicast Address – packet sent to a specific computer Anycast Address – group of computers with addresses that have the same prefix (ie. all belong to the same physical network) Multicast Address – packet sent to a group of computers with different address prefixes
IPv6 Address Address structure Means 1/8 of the entire address spaces uses type prefix 010 The address space has many purposes The address space is divided into 2 parts The first part, called “type prefix”, is variable length, defines the purpose by using unique codes Type prefixes for IPv6 addresses
IPv6 Address Type prefix 010 or provider-based address is generally used by a host as a unicast address Provider-based address structure Variable-length field identifies the provider for Internet access (ie ISP) – recommends this field be 16 bits The provider (ISP) assigns a 24-bit subscriber id to the organization Identifies one of many subnets under the subscriber’s control – recommends using 32-bits Identifies the node connected to the subnet – recommends 48-bits (the same as the 48-bit physical Ethernet address) Defines the address as a provider-based address Indicates one of the three agencies that has registered the address. INTERNIC – North America RIPNIC – Europe APNIC – Asia & Pacific
IPv6 Address Can think of the provider-based address as a hierarchical identity with several prefixes Address hierarchy
IPv6 Address Unspecified address When the non-prefix part of the address is also zeros – this is called an Unspecified Address – this address is used when the host doesn’t know its own address and sends an inquiry and uses the Unspecified Address to represent itself – the address can not be used as a destination address Loopback address Recall the purpose of the loopback address – an address used by a host to test itself without going into the network.
IPv6 Address During transition from IPv4 to IPv6, hosts can use their IPv4 addresses embedded in IPv6 addresses. Two formats have been designed for this – (1) compatible and (2) mapped Compatible address 96 bits of zeros followed by 32 bits of IPv4 address Compatible Address is used when a IPv6 Tx wants to send a message to an IPv6 Rx, but needs to pass through a region using IPv4 – the Tx must them use the compatible address while passing through the Ipv4 region 0000 0010 0001 0001 0000 1101 0000 1110 Binary 02 0D 11 0E Hexidecimal Decimal 2 13 17 14
IPv6 Address During transition from IPv4 to IPv6, hosts can use their IPv4 addresses embedded in IPv6 addresses. Two formats have been designed for this – (1) compatible and (2) mapped Mapped address 80 bits of zeros followed by 16 bits of ones followed by 32 bits of IPv4 address Mapped Address is used when a IPv6 Tx wants to send a message to an IPv4 Rx. The packet will mostly travel through an IPv6 region with a final destination of IPv4. NOTE: when calculating the CHECKSUM, either the embedded address or total address can be used because the extra 0s or 1s (in multiples of 16) DO NOT have an effect on the checksum calculation.
IPv6 Address Addresses that use the reserved prefix (11111110) are local addresses Link local address Used if the LAN uses the Internet protocols but is not connected to the Internet for security reasons – these addresses do not have a global effect Site local address Used if a site with several networks uses the Internet protocols but is not connected to the Internet for security reasons – these addresses do not have a global effect
IPv6 Address Addresses used to define a group of hosts instead of just one. Multicast address Defines the group address as either permanent or transient Permanent Address – defined by the Internet authorities and can be accessed at all time Transient Address – is temporary Defines the scope of the group address
Next Generation: IPv6 and ICMPv6 .. Continuing …
Format of an IPv6 datagram Defines the priority of the packet with respect to traffic congestion (discuss later) 24-bit field that provide special handling for a particular flow of data (discuss later) Defines the version (IPv6 = 6) 8-bit field defining the header that follows the base header (discuss later) 8-bit field serves as the Time-To-Live (TTL) 2-byte field defines the length of the data excluding the base header Source address Usually identifies the destination address – if Source Routing is used, identifies the address of the next router
Format of an IPv6 datagram Next Header The next header is either one of the optional extension headers used by IPv6 or the header of an encapsulated packet such as UDP or TCP. Each extension header also contains the next header field. For version 4, this field was called the protocol. Next header codes
Format of an IPv6 datagram Priority Defines the priority of each packet with respect to other packets from the same source. IPv6 divides traffic into two categories: congestion-control and non-congestion-control Priorities for congestion-controlled traffic Process does not define a priority If a source adapts itself to traffic slowdown when there is congestion, the traffic is called congestion-control traffic – example, TCP sliding window protocol Defines data delivered in the background User is not waiting for the data (ie. Email) Protocol that transfer data while the user is waiting to receive the data (ie FTP, HTTP) User interaction is needed (ie. TELNET) Protocols that control traffic (ie. OSPF, RIP, SNMP)
Format of an IPv6 datagram Priority Defines the priority of each packet with respect to other packets from the same source. IPv6 divides traffic into two categories: congestion-control and non-congestion-control Priorities for non congestion-controlled traffic Refers to traffic that expects minimum delay – dropping packets is not desired – retransmission is impossible. Examples would be realtime audio and video
IPv6 Packet Flow Label • Recall how a routing-algorithm table lookup is performed for a packet using a router. • Sequence of packets sent from a Tx to Rx needing “special handling” is called a flow • Combo of the Tx address and a flow label uniquely identifies a flow of packets • The flow label is assigned to the packet by the Tx – randomly generated number • From a router perspective, a flow is a sequence of packets sharing the characteristics (using same resources, same security, , etc) • If the packet has a flow number, the router consults it flow label table for the next hop • This speeds up the process – much faster than going through the routing algorithm approach • Flow label approach is good for apps needing to reserve bandwidth and buffer space beforehand in minimizing delays (ie. realtime audio and video)
IPv6 Packet Extension header format The base header is 40 bytes – in providing the IPv6 datagram more functionality, up to 6 extension headers can be added There are 6 different extension header types
Hop-by-hop option header format Option used when the Tx needs to pass info to every router visited by the datagram (ie mgmt, debugging or control functions) The various options for the Hop-by-Hop option are (1) Pad1, (2) PadN and (3) Jumbo payload. The general format is
Pad1 1 byte long and used for alignment or padding – some options need to start at specific bit. Pad1 doesn’t contain the option length field nor the data field – simply consists of the code field with all bits set to zeros. The Pad1 option can be inserted anywhere. Action is 00 (skip over this option) Change bit is 0 (does not change in transit) Type is 00000 (Pad1)
PadN Similar to Pad1 however, PadN is used when 2 or bytes are needed for alignment or padding. Length contains the number of padding bytes Data contains the zero padding bytes Action is 00 (skip over this option) Change bit is 0 (does not change in transit) Type is 00001 (PadN)
Jumbo payload Maximum size of an IP payload is 65,535 bytes – but suppose a longer payload is needed – use the Jumbo Payload to define the longer payload Action is 11 , change bit is 0, type is 00010 Code = 11000010 Contains the size-in-bytes of this field (static 4 bytes) Contains the size of the payload – can be a max size of 232-1 because it can be a max of 32 bits (4x8)
Source Routing Recall the concepts of strict source routing and loose source routing for IPv4 – IPv6 combines the two. Indicates the # hops needed to reach destination Defines Source routing Defines Strict (must follow exactly) or Loose (in addition to the routers in the header, can visit other routers) For this option, the destination address is the next hop (versus the Rx) and it is not constant
Fragmentation Recall the concept of fragmentation for IPv4 – IPv6 fragmentation is similar however, ONLY the Tx can fragment – the TX uses Path MTU Discovery technique in finding the smallest MTU across the path – then it fragment based on this If the Tx does not use the Path MTU Discovery technique, it fragments to 576 bytes or smaller – the minimum size MTU
Authentication Authentication extension header (1) validates the Tx and (2) ensures the integrity of the data – making sure the Tx is genuine and making sure the data sent wasn’t altered. Identifies which authentication algorithm is used Contains the data generated from the algorithm The way the authentication data is generated by the TX is by passing the key first, then the IP datagram with the changing and authentication fields removed, and them passing the key again Using the secret key, the RX performs the same operation and if there is a match, fine, if there is no match, the datagram is discarded.
Encrypted Security Payload ESP extension header provides confidentiality and guards against eavesdropping. 32-bit word that defines the type of encryption/decryption used Encrypted data with any extra parameters needed by the algorithm Encryption can be implemented in 2 ways: transport mode or tunnel mode For the transport mode, a TCP segment or UDP datagram is first encrypted and then encapsulated in the IPv6 packet – typically used to encrypt from host to host For the tunnel mode, entire datagram with base header and extension header is encrypted and then encapsulated into a NEW datagram – most used by security gateways
Destination option Option used when the Tx needs to pass info to the Rx only