1 / 56

IPv6

IPv6. Chapter 13. Objectives. Discuss the fundamental concepts of IPv6 Describe IPv6 practices Implement IPv6 in a TCP/IP network. Overview. Introduction to IPv6. Internet Protocol version 4 (IPv4) Created around 1979 32-bit IP address space – ~4 billion addresses

reece
Download Presentation

IPv6

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. IPv6 Chapter 13

  2. Objectives Discuss the fundamental concepts of IPv6 Describe IPv6 practices Implement IPv6 in a TCP/IP network

  3. Overview

  4. Introduction to IPv6 • Internet Protocol version 4 (IPv4) • Created around 1979 • 32-bit IP address space – ~4 billion addresses • Allocation methods wasted addresses • Internet Protocol version 6 (IPv6) • 128-bit addresses • Improved security, routing, other features

  5. Three Parts to Chapter 13 • IPv6 Basics • Using IPv6 • Moving to IPv6

  6. IPv6 Basics

  7. IPv6 Address Notation • 128-bits written in hexadecimal • 2001:0000:0000:3210:0800:200C:00CF:1234 • Pair of colons represent string of consecutive groups of zeroes • 2001::3210:0800:200C:00CF:1234 • Only one set of colon pairs per address • FEDC:0000:0000:0000:00CF:0000:BA98:1234 • FEDC::CF:0:BA98:1234

  8. IPv6 Address Notation • IPv6 loopback address • ::1 • 0000:0000:0000:0000:0000:0000:0000:0001

  9. Link-Local Address • Self-generated (in manner of IPv4 APIPA) • First 64-bits always FE80::/64 • Second 64-bits EUI-64 • Generated with calculation using MAC address • Most operating systems use EUI-64 • Extra steps in Windows Vista and Windows 7 • Guaranteed unique • Link-local address works on private networks

  10. Figure 13.1 Link-local address

  11. IPv6 Subnet Masks • Function like IPv4 subnet masks • Represented with /x CIDR naming • FEDC::CF:0:BA98:1234/64 • No subnet is ever longer than /64 • IANA gives out /32 subnets to big ISPs • ISPs pass out /48 and /64 subnets • Most IPv6 subnets are between /48 & /64

  12. Figure 13.2 Link-local address in Windows Vista

  13. The End of Broadcast • Each link-local is a unicast address • Multicast addresses replace broadcast • FF02::2 only read by routers • FF02::1 all nodes address • FF02::1:FFxx:xxxx solicited-node address • Anycast • Used in DNS • Looks like a unicast to sending computer

  14. Figure 13.3 Multicast to routers

  15. Table 13.1 IPv6 Multicast Addresses Address Function FF02::1 All Nodes Address FF02::2 All Routers Address FF02::FFXX:XXXX Solicited-Node Address

  16. Global Addresses • Globalunicast address • Required for Internet access • IPv6-capable gateway router gives to hosts • Router configured to do this • 2001:470:B8F9:1/64 • Router provides prefix • NIC generates the rest (using EUI-64) • 2001:470:B8F9:1:20C:29FF:FE53:45CA

  17. Figure 13.4 Getting a global address

  18. Figure 13.5 IPv6 configuration on Macintosh OS X

  19. Aggregation • Current problem with tier-one routers • No default routes • Huge routing table (30,000-50,000 routes)

  20. Figure 13.6 No-default routers

  21. Aggregation • Every router uses a subnet of the next higher router’s routes • Reduces size and complexity of tables • Gives detailed geographic picture • IP address shows location • Part of IPv6

  22. How aggregation works • Gateway gives first 64 bits of IP address to computers • Gateway gets its 48-bit prefix from upstream • 2001:d0be:7922:1:fc2d:aeb2:99d2:e2b4 • Network prefix is 2001:dObe:7922:1 /64 • ISP’s network prefix 2001:D0BE /32 • ISP adds 16-bit subnet: 2001:d0be:7922/48 • At your gateway, tech adds 160bit subnet • Result: 2001:d0be:7922:1 /64

  23. Figure 13.7 Aggregation

  24. Figure 13.8 An IPv6 group of routers

  25. Figure 13.9 Adding the first prefix

  26. Figure 13.10 Adding the second prefix

  27. Aggregation and router changes • From ISP1 to ISP2 • New 32-bit prefix: 2ab0:3c05/32 • Downstream routers make an “all nodes” multicast • All clients get new IP addresses • IPv6 address changes rare but normal

  28. Figure 13.11 New IP address updated downstream

  29. Using IPv6

  30. Enabling IPv6 • Table 13.2 lists IPv6 status of operating systems • Check to see if IPv6 is running • IPCONFIG in Windows • IFCONFIG in Linux or Mac OS X

  31. Table 13.2 IPv6 Adoption by IS Operating System IPv6 Status Windows 2000 Windows 2000 came with “developmental” IPv6 support. Microsoft does not recommend using Windows 2000 for IPv6. Windows XP Original Windows XP came with a rudimentary but fully fun- ctional IPv6 stack that had to be installed from the command prompt. SP1 added the ability to add the same IPv6 stack under the Install | Protocols menu. Windows Vista/Windows 7 Complete IPv6 support. IPv6 is active on default installs. Windows Server 2003 Complete IPv6 support. IPv6 is not installed by default but is easily installed via the Install | Protocolsmenu. Windows Server 2008 Complete IPv6 support. IPv6 is active on default installs. Linux Complete IPv6 support from kernel 2.6. IPv6 is active on default installs. Macintosh OS X Complete IPv6 support on all versions. IPv6 is active on default installs.

  32. NAT in IPv6 • NAT not used in IPv6 • All IP addresses exposed to the Internet • Huge address space makes IP scanning nearly impossible • IPSec important for security • Security options beyond IPv6 • Encryption • Firewall

  33. Figure 13.12 IPv6 enabled in Windows Vista

  34. Figure 13.13 IPv6 enabled in Ubuntu 8.10

  35. Figure 13.14 Angry IP scanner at work

  36. DHCP in IPv6 • DHCPv6 • Works differently than in IPv4 • IP address and subnet received from gateway router • Need DCHPv6 for other IP information • Two modes of DHCPv6 • Stateful – works like DHCP in IPv4 • Stateless – only passes out optional information • Stateless is the norm

  37. Figure 13.15 DHCPv6 server in action

  38. DNS in IPv6 • Trivial • Most DNS servers now support IPv6 addresses • DNS servers supporting IPv6 use AAAA records • DNSv6 details not finalized • For now manually add DNS server information to IPv6 clients

  39. Figure 13.16 IPv6 addresses on DNS server

  40. Figure 13.17 Manually adding an IPv6 DNS server in Vista

  41. Moving to IPv6

  42. IPv4 and IPv6 • What is not ready for IPv6? • Most home routers • Some Internet routers • What is ready for IPv6? • Most recent operating systems • All root DNS servers • All tier-one ISP routers

  43. Figure 13.18 IPv4 and IPv6 on one computer

  44. Figure 13.19 The IPv6 gap

  45. Tunnels • IPv4-to-IPv6 tunnels bridge the gap • Encapsulate IPv6 traffic into an IPv4 tunnel • Endpoints at IPv6 client and IPv6 router

  46. Figure 13.20 The IPv4-to-IPv6 tunnel

  47. 6to4 Tunnels • 6to4 dominant tunneling protocol • Does not require a tunnel broker • Usually connects two routers • Normally requires public IPv4 address • Uses public relay routers • 192.88.9.1 is 6to4 anycast address • Challenging to set up

  48. 6in4 Tunnels • 6in4 • Most popular tunneling protocol • One of only two that is NAT traversal

  49. Teredo Tunnels • Teredo • NAT-traversal IPv6 tunneling protocol • Built into Microsoft Windows • Addresses start with 2001:0000 /32 • Many people use third-party tool

  50. ISATAP • Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) • Works within an IPv4 network • Adds IPv4 address to an IPv6 prefix for endpoints • 2001:db8::98ca:200:131.107.28.9.

More Related