ipv6: an introduction dheeraj sanghi department of computer science and engineering indian institute...
Post on 18-Dec-2015
221 views
TRANSCRIPT
IPv6: An IntroductionIPv6: An Introduction
Dheeraj SanghiDheeraj SanghiDepartment of Computer Science and EngineeringDepartment of Computer Science and Engineering
Indian Institute of Technology KanpurIndian Institute of Technology Kanpur
[email protected]@iitk.ac.in
http://www.cse.iitk.ac.in/users/dheerajhttp://www.cse.iitk.ac.in/users/dheeraj
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 22
OutlineOutline
Problems with IPv4Problems with IPv4 Basic IPv6 ProtocolBasic IPv6 Protocol IPv6 featuresIPv6 features
– Auto-configuration, QoS, Security, Auto-configuration, QoS, Security, MobilityMobility
Transition PlansTransition Plans
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 33
Internet ProtocolInternet Protocol
Transports a datagram from source host to Transports a datagram from source host to destination, possibly via several intermediate destination, possibly via several intermediate nodes (“routers”)nodes (“routers”)
Service is:Service is: Unreliable:Unreliable: Losses, duplicates, out-of-order Losses, duplicates, out-of-order
deliverydelivery Best effort:Best effort: Packets not discarded capriciously, Packets not discarded capriciously,
delivery failure not necessarily reporteddelivery failure not necessarily reported Connectionless:Connectionless: Each packet is treated Each packet is treated
independentlyindependently
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 44
IP Datagram HeaderIP Datagram Header
VERS HLEN TOS TOTAL LENGTH
IDENTIFICATION FLAG FRAGMENT OFFSET
TTL PROTOCOL CHECKSUM
SOURCE ADDRESS
DESTINATION ADDRESS
OPTIONS (if any) + PADDING
0 4 8 16 19 31
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 55
Problems with IPv4: Limited Address Problems with IPv4: Limited Address SpaceSpace
IPv4 has 32 bit addresses.IPv4 has 32 bit addresses. Flat addressing (only netid + hostid with “fixed” Flat addressing (only netid + hostid with “fixed”
boundaries)boundaries) Results in inefficient use of address space.Results in inefficient use of address space. Class B addresses are almost over.Class B addresses are almost over. Addresses will exhaust in the next 5 years.Addresses will exhaust in the next 5 years. IPv4 is victim of its own success.IPv4 is victim of its own success.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 66
Problems with IPv4: Routing Table Problems with IPv4: Routing Table ExplosionExplosion
IP does not permit route aggregationIP does not permit route aggregation
(limited supernetting possible with new (limited supernetting possible with new routers)routers)
Mostly only class C addresses remainMostly only class C addresses remain Number of networks is increasing very fastNumber of networks is increasing very fast
(number of routes to be advertised goes up)(number of routes to be advertised goes up) Very high routing overheadVery high routing overhead
– lot more memory needed for routing tablelot more memory needed for routing table– lot more bandwidth to pass routing informationlot more bandwidth to pass routing information– lot more processing needed to compute routes lot more processing needed to compute routes
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 77
Problems with IPv4: Header Problems with IPv4: Header LimitationsLimitations
Maximum header length is 60 octets.Maximum header length is 60 octets.(Restricts options)(Restricts options)
Maximum packet length is 64K octets.Maximum packet length is 64K octets.(Do we need more than that ?)(Do we need more than that ?)
ID for fragments is 16 bits. Repeats every 65537th ID for fragments is 16 bits. Repeats every 65537th packet.packet. (Will two packets in the network have same ID?)(Will two packets in the network have same ID?)
Variable size header.Variable size header.(Slower processing at routers.)(Slower processing at routers.)
No ordering of options.No ordering of options.(All routers need to look at all options.)(All routers need to look at all options.)
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 88
Problems with IPv4: Other LimitationsProblems with IPv4: Other Limitations
Lack of quality-of-service support.Lack of quality-of-service support.– Only an 8-bit ToS field, which is hardly used.Only an 8-bit ToS field, which is hardly used.– Problem for multimedia services.Problem for multimedia services.
No support for security at IP layer.No support for security at IP layer. Mobility support is limited.Mobility support is limited.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 99
IP Address ExtensionIP Address Extension
Strict monitoring of IP address assignmentStrict monitoring of IP address assignment Private IP addresses for intranetsPrivate IP addresses for intranets
– Only class C or a part of class C to an organizationOnly class C or a part of class C to an organization– Encourage use of proxy servicesEncourage use of proxy services
Application level proxiesApplication level proxies Network Address Translation (NAT)Network Address Translation (NAT)
Remaining class A addresses may use CIDRRemaining class A addresses may use CIDR Reserved addresses may be assignedReserved addresses may be assigned
But these will only postpone address exhaustion.But these will only postpone address exhaustion.
They do not address problems like QoS, mobility, They do not address problems like QoS, mobility, security.security.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 1010
IPng CriteriaIPng Criteria
At least 10At least 1099 networks, 10 networks, 101212 end-systems end-systems Datagram service (best effort delivery)Datagram service (best effort delivery) Independent of physical layer technologiesIndependent of physical layer technologies Robust (routing) in presence of failuresRobust (routing) in presence of failures Flexible topology (e.g., dual-homed nets)Flexible topology (e.g., dual-homed nets) Better routing structures (e.g., aggregation)Better routing structures (e.g., aggregation) High performance (fast switching)High performance (fast switching) Support for multicastingSupport for multicasting
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 1111
IPng CriteriaIPng Criteria
Support for mobile nodesSupport for mobile nodes Support for quality-of-serviceSupport for quality-of-service Provide security at IP layerProvide security at IP layer ExtensibleExtensible Auto-configuration (plug-and--play)Auto-configuration (plug-and--play) Straight-forward transition plan from IPv4Straight-forward transition plan from IPv4 Minimal changes to upper layer protocolsMinimal changes to upper layer protocols
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 1212
IPv6: Distinctive FeaturesIPv6: Distinctive Features
Header format simplificationHeader format simplification Expanded routing and addressing capabilitiesExpanded routing and addressing capabilities Improved support for extensions and optionsImproved support for extensions and options Flow labeling (for QoS) capabilityFlow labeling (for QoS) capability Auto-configuration and Neighbour discoveryAuto-configuration and Neighbour discovery Authentication and privacy capabilitiesAuthentication and privacy capabilities Simple transition from IPv4Simple transition from IPv4
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 1313
IPv6 Header FormatIPv6 Header Format
Traffic Class Flow LabelVers
Payload Length Next Header Hop Limit
Source Address
Destination Address
0 4 12 16 24 31
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 1414
IPv6 Header FieldsIPv6 Header Fields
Version number (4-bit field) Version number (4-bit field) The value is always 6.The value is always 6.
Flow label (20-bit field)Flow label (20-bit field)Used to label packets requesting special handling by Used to label packets requesting special handling by routers.routers.
Traffic class (8-bit field)Traffic class (8-bit field)Used to mark classes of traffic.Used to mark classes of traffic.
Payload length (16-bit field)Payload length (16-bit field)Length of the packet following the IPv6 header, in octets.Length of the packet following the IPv6 header, in octets.
Next header (8-bit field)Next header (8-bit field)The type of header immediately following the IPv6 The type of header immediately following the IPv6 header.header.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 1515
IPv6 Header FieldsIPv6 Header Fields
Hop limit (8-bit field)Hop limit (8-bit field)Decremented by 1 by each node that forwards the Decremented by 1 by each node that forwards the packet. packet.
Packet discarded if hop limit is decremented to Packet discarded if hop limit is decremented to zero.zero.
Source Address (128-bit field)Source Address (128-bit field)An address of the initial sender of the packet.An address of the initial sender of the packet.
Destination Address (128-bit field)Destination Address (128-bit field)An address of the intended recipient of the packet. An address of the intended recipient of the packet. May not be the ultimate recipient, if Routing May not be the ultimate recipient, if Routing Header is present.Header is present.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 1616
Header Changes from IPv4Header Changes from IPv4
Longer address - 32 bits Longer address - 32 bits 128 bits 128 bits Fragmentation field moved to separate headerFragmentation field moved to separate header Header checksum removedHeader checksum removed Header length removed (fixed length header)Header length removed (fixed length header) Length field excludes IPv6 headerLength field excludes IPv6 header Time to live Time to live Hop limit Hop limit Protocol Protocol Next header Next header 64-bit field alignment64-bit field alignment TOS replaced by flow label, traffic classTOS replaced by flow label, traffic class
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 1717
Extension HeadersExtension Headers
Less used functions moved to extension headers.Less used functions moved to extension headers. Only present when needed.Only present when needed. Processed only by node identified in IPv6 Processed only by node identified in IPv6
destination field.destination field.
=> much lower overhead than IPv4 options=> much lower overhead than IPv4 options
Exception: Hop-by-Hop option headerException: Hop-by-Hop option header Eliminated IPv4’s 40-byte limit on optionsEliminated IPv4’s 40-byte limit on options Currently defined extension headers: Hop-by-hop, Currently defined extension headers: Hop-by-hop,
Routing, Fragment, Authentication, Privacy, End-to-Routing, Fragment, Authentication, Privacy, End-to-end.end.
Order of extension headers in a packet is defined.Order of extension headers in a packet is defined. Headers are aligned on 8-byte boundaries.Headers are aligned on 8-byte boundaries.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 1818
Address TypesAddress Types
UnicastUnicast Address for a single interface.Address for a single interface.
MulticastMulticast Identifier for a set of interfaces.Identifier for a set of interfaces.
Packet is sent to Packet is sent to allall these these interfaces.interfaces.
AnycastAnycast Identifier for a set of interfaces.Identifier for a set of interfaces.
Packet is sent to the Packet is sent to the nearestnearest one. one.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 1919
Text Representation of AddressesText Representation of Addresses
HEX in blocks of 16 bitsHEX in blocks of 16 bitsBC84 : 25C2 : 0000 : 0000 : 0000 : 55AB : 5521 : 0018BC84 : 25C2 : 0000 : 0000 : 0000 : 55AB : 5521 : 0018
leading zero suppressionleading zero suppressionBC84 : 25C2 : 0 : 0 :55AB : 5521 : 18BC84 : 25C2 : 0 : 0 :55AB : 5521 : 18
Compressed format removes strings of Compressed format removes strings of 00ssBC84 : 25C2 :: 55AB : 5521 : 18BC84 : 25C2 :: 55AB : 5521 : 18
:::: can appear only once in an address. can appear only once in an address.
can also be used to compress leading or trailing can also be used to compress leading or trailing 00ss Mixed Notation Mixed Notation (X:X:X:X:X:X:d.d.d.d)(X:X:X:X:X:X:d.d.d.d)
e.g.,e.g., ::144.16.162.21::144.16.162.21
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 2020
IPv6 AddressesIPv6 Addresses
128-bit addresses128-bit addresses Multiple addresses can be assigned to an interfaceMultiple addresses can be assigned to an interface Provider-based hierarchy to be used in the Provider-based hierarchy to be used in the
beginningbeginning Addresses should have 64-bit interface IDs in EUI-Addresses should have 64-bit interface IDs in EUI-
64 format64 format Following special addresses are defined :Following special addresses are defined :
– IPv4-mappedIPv4-mapped– IPv4-compatibleIPv4-compatible– link-locallink-local– site-localsite-local
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 2121
Unicast Addresses ExamplesUnicast Addresses Examples
Global Aggregate AddressGlobal Aggregate Address
Link local addressLink local address
Site-local addressSite-local address
FP TLA NLA
3 13 32
SLA
64 bits
Interface ID
1111111010
10 bits
0
54 bits
Interface ID
64 bits
Public Topology SiteTopology
Interface Identifier
1111111011 0 Interface IDsubnet ID
10 bits 38 bits 16 bits 64 bits
16
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 2222
Multicast AddressMulticast Address
FlagsFlags 000T000T 3 bits reserved3 bits reservedT= 0T= 0 permanentpermanentT= 1T= 1 transienttransient
ScopeScope 22 link-locallink-local55 site-localsite-local88 org-localorg-localEE globalglobal
Permanent groups are formed independent of scope.Permanent groups are formed independent of scope.
11111111 flags scope Group ID
8 bits 4 4 112 bits
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 2323
IPv6 RoutingIPv6 Routing
Hierarchical addresses are to be used.Hierarchical addresses are to be used. Initially only provider-based hierarchy will be used.Initially only provider-based hierarchy will be used. Longest prefix match routing to be used.Longest prefix match routing to be used.
(Same as IPv4 routing under CIDR.)(Same as IPv4 routing under CIDR.) OSPF, RIP, IDRP, ISIS, etc., will continue as isOSPF, RIP, IDRP, ISIS, etc., will continue as is
(except 128-bit addresses).(except 128-bit addresses). Easy renumbering should be possible.Easy renumbering should be possible. Provider selection possible with Provider selection possible with anycastanycast groups. groups.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 2424
QoS CapabilitiesQoS Capabilities
Protocol aids QoS support, not provide it.Protocol aids QoS support, not provide it. Flow labelsFlow labels
– To identify packets needing same quality-of-serviceTo identify packets needing same quality-of-service– 20-bit label decided by source20-bit label decided by source– Flow classifier: Flow label + Source/Destination Flow classifier: Flow label + Source/Destination
addressesaddresses– Zero if no special requirementZero if no special requirement– Uniformly distributed between 1 and FFFFFFUniformly distributed between 1 and FFFFFF
Traffic classTraffic class– 8-bit value8-bit value– Routers allowed to modify this fieldRouters allowed to modify this field
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 2525
IPv6: Security IssuesIPv6: Security Issues
Provision forProvision for– Authentication headerAuthentication header
Guarantees authenticity and integrity of dataGuarantees authenticity and integrity of data
– Encryption headerEncryption header Ensures confidentiality and privacyEnsures confidentiality and privacy
Encryption modes:Encryption modes:– Transport mode Transport mode – Tunnel modeTunnel mode
Independent of key management algorithm.Independent of key management algorithm. Security implementation is mandatory Security implementation is mandatory
requirement in IPv6.requirement in IPv6.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 2626
Mobility Support in IPv6Mobility Support in IPv6
Mobile computers are becoming commonplace.Mobile computers are becoming commonplace. Mobile IPv6 allows a node to move from one link to Mobile IPv6 allows a node to move from one link to
another without changing the address.another without changing the address. Movement can be heterogeneous, i.e., node can move Movement can be heterogeneous, i.e., node can move
from an Ethernet link to a cellular packet network.from an Ethernet link to a cellular packet network. Mobility support in IPv6 is more efficient than mobility Mobility support in IPv6 is more efficient than mobility
support in IPv4.support in IPv4. There are also proposals for supporting micro-mobility.There are also proposals for supporting micro-mobility.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 2727
Neighbour DiscoveryNeighbour Discovery
Router Discovery - Router Discovery - determines set of routers on the determines set of routers on the link.link.
Prefix Discovery - Prefix Discovery - set of on-link address prefixes.set of on-link address prefixes. Parameter Discovery - Parameter Discovery - to learn link parameters such to learn link parameters such
as link MTU, or internet parameters like hop limit, etc.as link MTU, or internet parameters like hop limit, etc. Address Auto-configuration - Address Auto-configuration - address prefixes that address prefixes that
can be used for automatically configuring interface can be used for automatically configuring interface address.address.
Address resolution - Address resolution - IP to link-layer address mapping.IP to link-layer address mapping. Duplicate Address Detection.Duplicate Address Detection. Route Redirect - Route Redirect - inform of a better first hop node to inform of a better first hop node to
reach a particular destination.reach a particular destination.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 2828
Neighbour Discovery OperationNeighbour Discovery Operation
Based on ICMPv6 messagesBased on ICMPv6 messages– Router Solicitation (RS)Router Solicitation (RS)– Router Advertisement (RA)Router Advertisement (RA)– Neighbour Solicitation (NS)Neighbour Solicitation (NS)– Neighbour Advertisement (NA)Neighbour Advertisement (NA)– RedirectRedirect
Router SolicitationRouter Solicitation– sent when an interface becomes enabled, sent when an interface becomes enabled,
hosts request routers to send RA immediately.hosts request routers to send RA immediately.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 2929
Neighbour Discovery Operation Neighbour Discovery Operation (contd..)(contd..)
Router advertisementRouter advertisement– Sent by routers periodically or in response Sent by routers periodically or in response
to RS.to RS.– Hosts build a set of default routers based on Hosts build a set of default routers based on
this information.this information.– Provides information for address auto-Provides information for address auto-
configuration, set of on-link prefixes etc.configuration, set of on-link prefixes etc.– Supplies internet/subnet parameters, like Supplies internet/subnet parameters, like
MTU, and hop limit.MTU, and hop limit.– Includes router’s link-layer address.Includes router’s link-layer address.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 3030
Neighbour Discovery Operation Neighbour Discovery Operation (contd..)(contd..)
Neighbour SolicitationNeighbour Solicitation– To request link-layer address of neighbourTo request link-layer address of neighbour– Also used for Duplicate Address DetectionAlso used for Duplicate Address Detection
Neighbour AdvertisementNeighbour Advertisement– Sent in response to NSSent in response to NS– May be sent without solicitation to announce May be sent without solicitation to announce
change in link-layer addresschange in link-layer address Redirect - used to inform hosts of a better Redirect - used to inform hosts of a better
first hop for a destination.first hop for a destination.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 3131
Additional FeaturesAdditional Features
Anycast AddressesAnycast Addresses Multiple nodes on link may have this addressMultiple nodes on link may have this address All those nodes will respond to an NS message.All those nodes will respond to an NS message. Host will get multiple NA messages, but should Host will get multiple NA messages, but should
accept only one.accept only one. The messages should be tagged as The messages should be tagged as non-non-
overrideoverride..
Proxy advertisementsProxy advertisements Router may send NA on behalf of others.Router may send NA on behalf of others. Useful for mobile nodes who have moved.Useful for mobile nodes who have moved.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 3232
Address Auto-configurationAddress Auto-configuration
The problemThe problem System bootstrap (“plug and play”)System bootstrap (“plug and play”) Address renumberingAddress renumbering
Addressing PossibilitiesAddressing Possibilities
ManualManual Address configured by handAddress configured by hand
AutonomousAutonomous Host creates address with no externalHost creates address with no externalinteraction (e.g., link local)interaction (e.g., link local)
Semi-autonomousSemi-autonomous Host creates address by combining a prioriHost creates address by combining a prioriinformation and some external information and some external
information.information.
Stateless ServerStateless Server Host queries a server, and gets an Host queries a server, and gets an address.address.
Server does not maintain a state.Server does not maintain a state.
Stateful ServerStateful Server Host queries a server, and gets an Host queries a server, and gets an address. address.
Server maintains a state.Server maintains a state.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 3333
Auto-configuration in IPv6Auto-configuration in IPv6
Link-local prefix concatenated with 64-bit MAC Link-local prefix concatenated with 64-bit MAC address. address. (Autonomous mode)(Autonomous mode)
Prefix advertised by router concatenated with 64-bit Prefix advertised by router concatenated with 64-bit MAC address. MAC address. (Semi-autonomous mode.)(Semi-autonomous mode.)
DHCPng DHCPng (for server modes)(for server modes)– Can provide a permanent address Can provide a permanent address (stateless mode)(stateless mode)– Provide an address from a group of addresses, and Provide an address from a group of addresses, and
keep track of this allocation keep track of this allocation (stateful mode)(stateful mode)– Can provide additional network specific information.Can provide additional network specific information.– Can register nodes in DNS. Can register nodes in DNS.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 3434
Address RenumberingAddress Renumbering
To migrate to a new addressTo migrate to a new address– change of providerchange of provider– change in network architecturechange in network architecture
MethodsMethods– router adds a new prefix in RA, and informs that the router adds a new prefix in RA, and informs that the
old prefix is no longer valid.old prefix is no longer valid.– When DHCP lease runs out, assign a new address to When DHCP lease runs out, assign a new address to
node.node.– DHCPng can ask nodes to release their addresses.DHCPng can ask nodes to release their addresses.
Requires DNS update. Requires DNS update. DHCPng can update DNS for DHCPng can update DNS for clients.clients.
Existing conversations may continue if the old Existing conversations may continue if the old address continues to be valid for some time.address continues to be valid for some time.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 3535
Upper Layer IssuesUpper Layer Issues
Minor changes in TCPMinor changes in TCP– Maximum segment size should be based on Path MTU.Maximum segment size should be based on Path MTU.– The packet size computation should take into account The packet size computation should take into account
larger size of IP header(s).larger size of IP header(s).– Pseudo-header for checksum is different.Pseudo-header for checksum is different.
UDP checksum computation is now mandatory.UDP checksum computation is now mandatory. Most application protocol specifications are Most application protocol specifications are
independent of TCP/IP - hence no change.independent of TCP/IP - hence no change. FTP protocol exchanges IPv4 addresses - hence FTP protocol exchanges IPv4 addresses - hence
needs to be changed.needs to be changed.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 3636
The pseudo-header is changed in checksum The pseudo-header is changed in checksum
computation:computation:– Address are 128 bits.Address are 128 bits.– Payload length is 32 bits.Payload length is 32 bits.– Payload length is not copied from IPv6 header.Payload length is not copied from IPv6 header.
(Extension headers should not be counted.)(Extension headers should not be counted.)– Next header field of last extension header is used in Next header field of last extension header is used in
place of protocol.place of protocol. UDP packets must also have checksum.UDP packets must also have checksum.
(Since no IP checksum now.)(Since no IP checksum now.)
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 3737
Changes in Other ProtocolsChanges in Other Protocols
ICMPv6ICMPv6– Rate limiting feature addedRate limiting feature added
Timer basedTimer based Bandwidth basedBandwidth based
– IGMP, ARP mergedIGMP, ARP merged– Larger part of offending packet is includedLarger part of offending packet is included
DNSDNS– AAAA type for IPv6 addressesAAAA type for IPv6 addresses– A6 type: recursive definition of IP addressA6 type: recursive definition of IP address– Queries that do additional section processing are Queries that do additional section processing are
redefined to do processing for both ‘A’ and ‘AAAA’ redefined to do processing for both ‘A’ and ‘AAAA’ type recordstype records
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 3838
Socket APISocket API
““Sockets” interface – the de facto standard API for Sockets” interface – the de facto standard API for TCP/IP Applications.TCP/IP Applications.
Need to change Socket API in order to reflect the Need to change Socket API in order to reflect the increased address length in IPv6.increased address length in IPv6.
Also need to make new features like flow label, Also need to make new features like flow label, visible to applications.visible to applications.
A few new library routinesA few new library routines Complete source and binary compatibility with Complete source and binary compatibility with
original API.original API. One can have some sockets using IPv4 and others One can have some sockets using IPv4 and others
using IPv6.using IPv6.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 3939
Transition to IPv6: Design GoalTransition to IPv6: Design Goal
No “flag”day.No “flag”day. Incremental upgrade and deployment.Incremental upgrade and deployment. Minimum upgrade dependencies.Minimum upgrade dependencies. Interoperability of IPv4 and IPv6 nodes.Interoperability of IPv4 and IPv6 nodes. Let sites transition at their own pace.Let sites transition at their own pace. Basic migration toolsBasic migration tools
– Dual stack and tunnelingDual stack and tunneling– TranslationTranslation
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 4040
Transition Mechanisms: Dual StackTransition Mechanisms: Dual Stack
New nodes support both IPv4 and IPv6.New nodes support both IPv4 and IPv6. Upgrading from IPv4 to v4/v6 does not break Upgrading from IPv4 to v4/v6 does not break
anything.anything. Same transport layer and application above Same transport layer and application above
both.both. Provides complete interoperability with IPv4 Provides complete interoperability with IPv4
nodes.nodes.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 4141
Transition Mechanism: TunnelsTransition Mechanism: Tunnels
Tunnel IPv6 packets across IPv4 topology.Tunnel IPv6 packets across IPv4 topology. Configured tunnels:Configured tunnels:
– Explicitly configured tunnel endpoints.Explicitly configured tunnel endpoints.– Router to router, host to router.Router to router, host to router.
Automatic tunnels:Automatic tunnels:– Automatic address resolution using embedded Automatic address resolution using embedded
IPv4 address (like IPv4-compatible address).IPv4 address (like IPv4-compatible address).– Host to host, router to hostHost to host, router to host
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 4242
Transition mechanism: TranslationTransition mechanism: Translation
This will allow communication between IPv6 only This will allow communication between IPv6 only hosts and IPv4 only hosts.hosts and IPv4 only hosts.
A typical translator consists of two components:A typical translator consists of two components:– translation between IPv4 and IPv6 packets.translation between IPv4 and IPv6 packets.– Address mapping between IPv4 and IPv6Address mapping between IPv4 and IPv6
For translation, three technologies are available:For translation, three technologies are available:– header conversionheader conversion– transport relaytransport relay– application proxyapplication proxy
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 4343
NAT-PTNAT-PT
Combination of Network Address Combination of Network Address Translation (NAT) and Protocol Translation Translation (NAT) and Protocol Translation (PT)(PT)
Meant for communication between IPv6-Meant for communication between IPv6-only and IPv4-only nodes.only and IPv4-only nodes.
No change is needed on the IPv6-only No change is needed on the IPv6-only nodes.nodes.
But translation is not stateless.But translation is not stateless. Hence, single point of failure.Hence, single point of failure.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 4444
NAPT-PTNAPT-PT
Network Address Port Translation + Protocol Network Address Port Translation + Protocol TranslationTranslation
In addition to changing IP address, changes the In addition to changing IP address, changes the port number also in the transport layer header.port number also in the transport layer header.
It will allow IPv6 nodes to communicate with IPv4 It will allow IPv6 nodes to communicate with IPv4 nodes transparently using a single IPv4 address.nodes transparently using a single IPv4 address.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 4545
Stateless IP-ICMP Translation (SIIT)Stateless IP-ICMP Translation (SIIT)
SIIT also translates between IPv4 and IPv6 SIIT also translates between IPv4 and IPv6 headers.headers.
Stateless: Translator does not keep address Stateless: Translator does not keep address mapping.mapping.
There has to be a translator on every path, not There has to be a translator on every path, not necessarily on all physical links.necessarily on all physical links.
Uses Uses IPv4-translatable addresses.IPv4-translatable addresses. Assumes that there is an IPv4 address pool of Assumes that there is an IPv4 address pool of
addresses for the subnet.addresses for the subnet.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 4646
Issues in TranslationIssues in Translation
PMTU discovery is optional on IPv4 network.PMTU discovery is optional on IPv4 network. Fragmentation is difficult to handle.Fragmentation is difficult to handle. Security Associations may not be Security Associations may not be
transparent.transparent. Options may not be translatable.Options may not be translatable. UDP checksum is optional over IPv4.UDP checksum is optional over IPv4. Some ICMP messages are different.Some ICMP messages are different. Connections can only start from IPv6 node.Connections can only start from IPv6 node.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 4747
Transition Plan for InternetTransition Plan for Internet
Maintain complete V4 routing till addresses Maintain complete V4 routing till addresses last.last.
Upgrade V4 routers to dual stack.Upgrade V4 routers to dual stack. Incrementally build up V6 backbone routing Incrementally build up V6 backbone routing
system.system.– Use v6-over-v4 tunnels to construct Use v6-over-v4 tunnels to construct 6bone6bone..– Grow like Mbone (multicast backbone).Grow like Mbone (multicast backbone).
De-activate tunnels as soon as underlying path De-activate tunnels as soon as underlying path upgraded to V6.upgraded to V6.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 4848
Transition Options for User SitesTransition Options for User Sites
Incrementally upgrade V4 hosts to dual V4/V6Incrementally upgrade V4 hosts to dual V4/V6– Use IPv4-compatible addresses with existing Use IPv4-compatible addresses with existing
IPv4 address assignmentsIPv4 address assignments– Host-to-host automatic tunneling over IPv4Host-to-host automatic tunneling over IPv4
Upgrade routers to IPv6.Upgrade routers to IPv6.– Hosts may require native IPv6 addressesHosts may require native IPv6 addresses– DNS upgrade is needed before hosts get IPv6 DNS upgrade is needed before hosts get IPv6
addressesaddresses Connect IPv6 router to Connect IPv6 router to an IPv6-enabled ISP.an IPv6-enabled ISP. Install translators like NAT-PT or SIIT.Install translators like NAT-PT or SIIT.
Apr 2005Apr 2005 IIT KanpurIIT Kanpur 4949
Thank YouThank You