SlideShare una empresa de Scribd logo

IPv6 Introduction: Addresses, Headers, Autoconfiguration

Martin Schütte
Martin Schütte

This document provides an introduction to IPv6 including a discussion of IPv6 addresses, headers, autoconfiguration, DNS, and the transition from IPv4. It describes key aspects of IPv6 such as the 128-bit addresses, extension headers, stateless address autoconfiguration, neighbor discovery, and duplicate address detection. The document also discusses DNS records for IPv6, transition technologies like dual-stack and tunneling, and some security considerations for IPv6 deployment.

Tecnología
1 de 34
Descargar para leer sin conexión
Short Introduction to IPv6 Martin Schütte
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Network Working Group S. Deering Request for Comments: 2460 Cisco Obsoletes: 1883 R. Hinden Category: Standards Track Nokia December 1998 Internet Protocol, Version 6 (IPv6) Specification Status of this Memo ... Abstract This document specifies version 6 of the Internet Protocol (IPv6), also sometimes referred to as IP Next Generation or IPng. Martin Schütte Short Introduction to IPv6 2013-09-28 2 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps The Hourglass Internet Architecture IP TCP UDP HTTPIMAP SkypeP2P RTP FirefoxKMailThunderbird Skype Kazaa MPlayer EthernetPPP DOCSIS CoaxialFiberTwistedPair CDMA TDMA byConstantineDovrolis Martin Schütte Short Introduction to IPv6 2013-09-28 3 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Addresses IPv4: 32 bits 11001011000000000111000100010111 11001011 00000000 01110001 00010111 0xcb 0x00 0x71 0x17 203 0 113 23 203.0.113.23 Martin Schütte Short Introduction to IPv6 2013-09-28 4 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Addresses IPv6: 128 bits 0010000000000001000001100011100000001000000001110000000000111010 0000001000000101010111011111111111111110111110110011100000010010 0010000000000001 0000011000111000 0000100000000111 0000000000111010 0000001000000101 0101110111111111 1111111011111011 0011100000010010 0x2001 0x0638 0x0807 0x003a 0x0205 0x5dff 0xfefb 0x3812 2001:0638:0807:003a:0205:5dff:fefb:3812 Martin Schütte Short Introduction to IPv6 2013-09-28 5 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Notation 2a01:0198:0200:01e4:0000:0000:0000:0002 = 2a01:198:200:1e4:0:0:0:2 = 2a01:198:200:1e4::2 2001:0db8:0000:0000:0001:0000:0000:0001 = 2001:db8:0:0:1:0:0:1 = 2001:db8::1:0:0:1 Ports: [2001:db8::1:0:0:1]:443 http://[2001:db8::1:0:0:1]:443/index.html Martin Schütte Short Introduction to IPv6 2013-09-28 6 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Address Structure 1 8 16 24 32 IPv4 Address 1 32 64 96 128 IPv6 Address 1 40 64 128 Global Routing Prefix Subnet ID Interface ID Martin Schütte Short Introduction to IPv6 2013-09-28 7 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Address Allocation 1 23 32 48 64 128 IANA RIPE LIR Site Interface ID Example: University Server 2001:638:807:3a:205:5dff:fefb:3812 1 23 32 48 64 128 IANA 2001:06 RIPE 38: DFN 0807: Uni 003a: Interface ID 0205:5dff:fefb:3812 Martin Schütte Short Introduction to IPv6 2013-09-28 8 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Address Usage Example: Comcast (USA) • 20 M customers • avg. 2.5 set-top boxes (STB) per customer • 2 IPs per STB ⇒ 20M × 2.5 × 2 = 100 M IPs Comparison: 10.0.0.0/8 has 224 ≈ 16.5 M IPs Martin Schütte Short Introduction to IPv6 2013-09-28 9 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Address Usage Hypothetical example: China Mobile • 740 M customers • avg. 2 devices per customer • 2 IPs per device ⇒ 740M × 2 × 2 ≈ 3000 M IPs Comparison: 0/1 has 231 ≈ 2150 M IPs IPv4 has 232 ≈ 4300 M IPs Martin Schütte Short Introduction to IPv6 2013-09-28 10 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Some Special Address Ranges :: unspecified ::1 localhost ::ffff:192.0.2.1 IPv4-mapped 2000::/3 unicast fe80::/10 link-local fd00::/8 site-local ff00::/8 multicast ff02::1 multicast, all hosts ff02::2 multicast, all routers ff02::101 multicast, all NTP servers ff05::1:3 multicast, all DHCP servers Martin Schütte Short Introduction to IPv6 2013-09-28 11 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Scope Multicast addresses have scope: • ff01::101 means all NTP servers on the same interface (i.e., the same node) as the sender. • ff02::101 means all NTP servers on the same link as the sender. • ff05::101 means all NTP servers in the same site as the sender. • ff0e::101 means all NTP servers in the Internet. Example: mschuett@zula:~$ ssh root@fe80::6670:2ff:fe4c:3a61 ssh: connect to host fe80::6670:2ff:fe4c:3a61 port 22: Invalid argument mschuett@zula:~$ ssh root@fe80::6670:2ff:fe4c:3a61%eth0 BusyBox v1.19.4 (2013-04-07 13:28:47 CEST) built-in shell (ash) Enter ’help’ for a list of built-in commands. ... Martin Schütte Short Introduction to IPv6 2013-09-28 12 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps IPv4 Header Format 0 3 4 7 8 15 16 18 19 31 Version IH Len ToS/ECN Total Length Identification Flags Fragment Offset Time to Live Protocol Header Checksum Source Address Destination Address Options Padding    IP header (20–60 octets) Martin Schütte Short Introduction to IPv6 2013-09-28 13 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps IPv6 Header Format 0 3 4 7 8 11 12 15 16 23 24 31 Version Traffic Class Flow Label Payload Length Next Header Hop Limit Source Address Destination Address    basic header (40 octets) Martin Schütte Short Introduction to IPv6 2013-09-28 14 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps IPv6 Extension Header Martin Schütte Short Introduction to IPv6 2013-09-28 15 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Destination/Hop-by-Hop Option Header 0 7 8 15 16 23 24 31 Next Header Hdr Ext Len Opt Type Opt Len Opt Value . . . 0 7 8 15 16 23 24 31 Next Header: 0x3a ICMPv6 Hdr Ext Len: 0x00 8 octets Opt Type: 0x05 Rtr alert Opt Data Len: 0x02 2 octets Opt Data: 0x00 0x00 MLD Opt Type: 0x01 PadN Opt Data Len: 0x00 0 octets Martin Schütte Short Introduction to IPv6 2013-09-28 16 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps ICMPv6 ICMPv6 includes: • control messages (like ICMPv4) • Link-Layer address resolution (like ARP) • multicast group membership (like IGMP) • Path MTU Discovery • Neighbor Discovery/Autoconfiguration Martin Schütte Short Introduction to IPv6 2013-09-28 17 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Stateless Address Autoconfiguration 1. select tentative address 2. send Router Solicitation to ff02::2 3. join multicast groups for all nodes and Solicited-Node address 4. Duplicate Address Detection ⇒ acquired link-local IP receive Router Advertisement(s) with network info: • routers with lifetime and preference • local network MTU • global address prefix • DHCP management flag ⇒ acquire global address Martin Schütte Short Introduction to IPv6 2013-09-28 18 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Link-Layer Address Resolution Solicited-Node Address: FF02:0:0:0:0:1:FFXX:XXXX Mapping: Unicast fe80::218:f3ff:fe3a:3f55 ⇒ Multicast ff02::1:ff3a:3f55 ⇒ MAC 33:33:ff3a:3f:55 send Neighbor Solicitation to multicast ⇒ receive Neighbor Advertisement with IP and MAC address Note: no broadcast required(!) Martin Schütte Short Introduction to IPv6 2013-09-28 19 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Duplicate Address Detection Solicited-Node Address: FF02:0:0:0:0:1:FFXX:XXXX Mapping: Unicast fe80::218:f3ff:fe3a:3f55 ⇒ Multicast ff02::1:ff3a:3f55 ⇒ MAC 33:33:ff3a:3f:55 send Neighbor Solicitation to multicast • receive Neighbor Advertisement with IP and MAC address • no answer, address is free Martin Schütte Short Introduction to IPv6 2013-09-28 20 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Autoconfiguration and Neighbor Discovery Design assumption: secure and trustworthy LAN Simple Denial of Service: 1. Host Alice starts Duplicate Address Detection: "Anyone using IP X?" 2. Host Eve answers "I have IP X." 3. goto 1 Routing/Man in the Middle: 1. Host Eve sends ICMPv6 Redirect: "This is router Bob, for google.com please use router Eve." Martin Schütte Short Introduction to IPv6 2013-09-28 21 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps DNS IPv4: A Record — IPv6: AAAA Record [mschuett@cayce] ~> dig +short quux.de a 88.198.11.141 [mschuett@cayce] ~> dig +short quux.de aaaa 2001:6f8:1138::1 [mschuett@cayce] ~> dig +short -x 2001:6f8:1138::1 mail.quux.de. [mschuett@cayce] ~> dig -x 2001:6f8:1138::1 ... ;; QUESTION SECTION: ;1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0. 8.3.1.1.8.f.6.0.1.0.0.2.ip6.arpa. IN PTR ... Martin Schütte Short Introduction to IPv6 2013-09-28 22 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Happy Eyeballs byDanWingandAndrewYourtchenko Martin Schütte Short Introduction to IPv6 2013-09-28 23 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Known for Some Time Frank Solensky’s Report on Address Depletion, Proceedings of IETF 18, p. 61, Vancouver, August 1990 Martin Schütte Short Introduction to IPv6 2013-09-28 24 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps The Plan byGeoffHuston Martin Schütte Short Introduction to IPv6 2013-09-28 25 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Plan B byGeoffHuston Martin Schütte Short Introduction to IPv6 2013-09-28 26 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Status Quo byGeoffHuston Martin Schütte Short Introduction to IPv6 2013-09-28 27 / 34
JasonFesler
JasonFesler
Intro Addresses Headers Autoconfiguration DNS Transition First Steps IPv6 @ Home A few ISPs finally offer native IPv6 to consumers. If not available: use a tunnel brokers, e. g.: • SixXS • Hurricane Electric Martin Schütte Short Introduction to IPv6 2013-09-28 31 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Security Consideration • IPv6 restores end-to-end connectivity • no NAT ⇒ no implicit packet filter • problem: insecure L2 net and First Hop Security (just like with IPv4) • (still) missing support in common tools (firewalls, IDS, config UIs, etc) • little experience Martin Schütte Short Introduction to IPv6 2013-09-28 32 / 34
Intro Addresses Headers Autoconfiguration DNS Transition First Steps Tips for transition • external connectivity matters • your printer does not need IPv6 • neither does your DB backend (probably) • start with an additional load balancer or reverse proxy Martin Schütte Short Introduction to IPv6 2013-09-28 33 / 34
IPv6 Introduction: Addresses, Headers, Autoconfiguration

Recomendados

NetBSD syslogd with IETF Syslog Protocols
NetBSD syslogd with IETF Syslog ProtocolsNetBSD syslogd with IETF Syslog Protocols
NetBSD syslogd with IETF Syslog ProtocolsMartin Schütte
 
The IPv6 Snort Plugin (at DeepSec 2014)
The IPv6 Snort Plugin (at DeepSec 2014)The IPv6 Snort Plugin (at DeepSec 2014)
The IPv6 Snort Plugin (at DeepSec 2014)Martin Schütte
 
The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)
The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)
The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)Martin Schütte
 
05 06 ike
05 06 ike05 06 ike
05 06 ikeBabaa Naya
 
100197
100197100197
100197Abhishek Malik
 
Network Traffic Search using Apache HBase
Network Traffic Search using Apache HBaseNetwork Traffic Search using Apache HBase
Network Traffic Search using Apache HBaseEvans Ye
 
NetFlow Monitoring for Cyber Threat Defense
NetFlow Monitoring for Cyber Threat DefenseNetFlow Monitoring for Cyber Threat Defense
NetFlow Monitoring for Cyber Threat DefenseCisco Canada
 
IPV6 Under the Hood
IPV6 Under the HoodIPV6 Under the Hood
IPV6 Under the Hoodamiable_indian
 

Recomendados

NetBSD syslogd with IETF Syslog Protocols
NetBSD syslogd with IETF Syslog ProtocolsNetBSD syslogd with IETF Syslog Protocols
NetBSD syslogd with IETF Syslog ProtocolsMartin Schütte
 
The IPv6 Snort Plugin (at DeepSec 2014)
The IPv6 Snort Plugin (at DeepSec 2014)The IPv6 Snort Plugin (at DeepSec 2014)
The IPv6 Snort Plugin (at DeepSec 2014)Martin Schütte
 
The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)
The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)
The IPv6 Snort Plugin (at Troopers 14 IPv6 Security Summit)Martin Schütte
 
05 06 ike
05 06 ike05 06 ike
05 06 ikeBabaa Naya
 
100197
100197100197
100197Abhishek Malik
 
Network Traffic Search using Apache HBase
Network Traffic Search using Apache HBaseNetwork Traffic Search using Apache HBase
Network Traffic Search using Apache HBaseEvans Ye
 
NetFlow Monitoring for Cyber Threat Defense
NetFlow Monitoring for Cyber Threat DefenseNetFlow Monitoring for Cyber Threat Defense
NetFlow Monitoring for Cyber Threat DefenseCisco Canada
 
IPV6 Under the Hood
IPV6 Under the HoodIPV6 Under the Hood
IPV6 Under the Hoodamiable_indian
 
Access over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEAccess over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEamiable_indian
 
DPDK IPSec Security Gateway Application
DPDK IPSec Security Gateway ApplicationDPDK IPSec Security Gateway Application
DPDK IPSec Security Gateway ApplicationMichelle Holley
 
Iptables presentation
Iptables presentationIptables presentation
Iptables presentationEmin Abdul Azeez
 
Ip tables
Ip tablesIp tables
Ip tablesnavid ashrafi
 
Tech f42
Tech f42Tech f42
Tech f42SelectedPresentations
 
IPsec Basics: AH and ESP Explained
IPsec Basics: AH and ESP ExplainedIPsec Basics: AH and ESP Explained
IPsec Basics: AH and ESP ExplainedAndriy Berestovskyy
 
Silverlight Wireshark Analysis
Silverlight Wireshark AnalysisSilverlight Wireshark Analysis
Silverlight Wireshark AnalysisYoss Cohen
 
DPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet ProcessingDPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet ProcessingMichelle Holley
 
introduction of iptables in linux
introduction of iptables in linuxintroduction of iptables in linux
introduction of iptables in linuxNouman Baloch
 
Wireshark
WiresharkWireshark
Wiresharkashiesh0007
 
DPDK Summit 2015 - Intel - Keith Wiles
DPDK Summit 2015 - Intel - Keith WilesDPDK Summit 2015 - Intel - Keith Wiles
DPDK Summit 2015 - Intel - Keith WilesJim St. Leger
 
Swiss IPv6 Council: Konfusion um die Router Flags
Swiss IPv6 Council: Konfusion um die Router FlagsSwiss IPv6 Council: Konfusion um die Router Flags
Swiss IPv6 Council: Konfusion um die Router FlagsDigicomp Academy AG
 
Introduction to Snort Rule Writing
Introduction to Snort Rule WritingIntroduction to Snort Rule Writing
Introduction to Snort Rule WritingCisco DevNet
 
AF-23- IPv6 Security_Final
AF-23- IPv6 Security_FinalAF-23- IPv6 Security_Final
AF-23- IPv6 Security_FinalMusa Stephen HONLUE
 
DPDK Summit 2015 - NTT - Yoshihiro Nakajima
DPDK Summit 2015 - NTT - Yoshihiro NakajimaDPDK Summit 2015 - NTT - Yoshihiro Nakajima
DPDK Summit 2015 - NTT - Yoshihiro NakajimaJim St. Leger
 
Tunnel & vpn1
Tunnel & vpn1Tunnel & vpn1
Tunnel & vpn1ariesubagyo
 
Creating a firewall in UBUNTU
Creating a firewall in UBUNTUCreating a firewall in UBUNTU
Creating a firewall in UBUNTUMumbai University
 
DPDK: Multi Architecture High Performance Packet Processing
DPDK: Multi Architecture High Performance Packet ProcessingDPDK: Multi Architecture High Performance Packet Processing
DPDK: Multi Architecture High Performance Packet ProcessingMichelle Holley
 
IPSec and VPN
IPSec and VPNIPSec and VPN
IPSec and VPNAbdullaziz Tagawy
 
Wireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsWireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsSachidananda Sahu
 
SA’EY
SA’EYSA’EY
SA’EYHafiz Amir Aslam
 
Design and Implementation of an IPv6 Plugin for the Snort Intrusion Detection...
Design and Implementation of an IPv6 Plugin for the Snort Intrusion Detection...Design and Implementation of an IPv6 Plugin for the Snort Intrusion Detection...
Design and Implementation of an IPv6 Plugin for the Snort Intrusion Detection...Martin Schütte
 

Más contenido relacionado

La actualidad más candente

Access over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEAccess over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEamiable_indian
 
DPDK IPSec Security Gateway Application
DPDK IPSec Security Gateway ApplicationDPDK IPSec Security Gateway Application
DPDK IPSec Security Gateway ApplicationMichelle Holley
 
IPsec Basics: AH and ESP Explained
IPsec Basics: AH and ESP ExplainedIPsec Basics: AH and ESP Explained
IPsec Basics: AH and ESP ExplainedAndriy Berestovskyy
 
Silverlight Wireshark Analysis
Silverlight Wireshark AnalysisSilverlight Wireshark Analysis
Silverlight Wireshark AnalysisYoss Cohen
 
DPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet ProcessingDPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet ProcessingMichelle Holley
 
introduction of iptables in linux
introduction of iptables in linuxintroduction of iptables in linux
introduction of iptables in linuxNouman Baloch
 
DPDK Summit 2015 - Intel - Keith Wiles
DPDK Summit 2015 - Intel - Keith WilesDPDK Summit 2015 - Intel - Keith Wiles
DPDK Summit 2015 - Intel - Keith WilesJim St. Leger
 
Swiss IPv6 Council: Konfusion um die Router Flags
Swiss IPv6 Council: Konfusion um die Router FlagsSwiss IPv6 Council: Konfusion um die Router Flags
Swiss IPv6 Council: Konfusion um die Router FlagsDigicomp Academy AG
 
Introduction to Snort Rule Writing
Introduction to Snort Rule WritingIntroduction to Snort Rule Writing
Introduction to Snort Rule WritingCisco DevNet
 
DPDK Summit 2015 - NTT - Yoshihiro Nakajima
DPDK Summit 2015 - NTT - Yoshihiro NakajimaDPDK Summit 2015 - NTT - Yoshihiro Nakajima
DPDK Summit 2015 - NTT - Yoshihiro NakajimaJim St. Leger
 
Creating a firewall in UBUNTU
Creating a firewall in UBUNTUCreating a firewall in UBUNTU
Creating a firewall in UBUNTUMumbai University
 
DPDK: Multi Architecture High Performance Packet Processing
DPDK: Multi Architecture High Performance Packet ProcessingDPDK: Multi Architecture High Performance Packet Processing
DPDK: Multi Architecture High Performance Packet ProcessingMichelle Holley
 
Wireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsWireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsSachidananda Sahu
 

La actualidad más candente (20)

Access over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEAccess over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoE
 
DPDK IPSec Security Gateway Application
DPDK IPSec Security Gateway ApplicationDPDK IPSec Security Gateway Application
DPDK IPSec Security Gateway Application
 
Iptables presentation
Iptables presentationIptables presentation
Iptables presentation
 
Ip tables
Ip tablesIp tables
Ip tables
 
Tech f42
Tech f42Tech f42
Tech f42
 
IPsec Basics: AH and ESP Explained
IPsec Basics: AH and ESP ExplainedIPsec Basics: AH and ESP Explained
IPsec Basics: AH and ESP Explained
 
Silverlight Wireshark Analysis
Silverlight Wireshark AnalysisSilverlight Wireshark Analysis
Silverlight Wireshark Analysis
 
DPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet ProcessingDPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet Processing
 
introduction of iptables in linux
introduction of iptables in linuxintroduction of iptables in linux
introduction of iptables in linux
 
Wireshark
WiresharkWireshark
Wireshark
 
DPDK Summit 2015 - Intel - Keith Wiles
DPDK Summit 2015 - Intel - Keith WilesDPDK Summit 2015 - Intel - Keith Wiles
DPDK Summit 2015 - Intel - Keith Wiles
 
Swiss IPv6 Council: Konfusion um die Router Flags
Swiss IPv6 Council: Konfusion um die Router FlagsSwiss IPv6 Council: Konfusion um die Router Flags
Swiss IPv6 Council: Konfusion um die Router Flags
 
Introduction to Snort Rule Writing
Introduction to Snort Rule WritingIntroduction to Snort Rule Writing
Introduction to Snort Rule Writing
 
AF-23- IPv6 Security_Final
AF-23- IPv6 Security_FinalAF-23- IPv6 Security_Final
AF-23- IPv6 Security_Final
 
DPDK Summit 2015 - NTT - Yoshihiro Nakajima
DPDK Summit 2015 - NTT - Yoshihiro NakajimaDPDK Summit 2015 - NTT - Yoshihiro Nakajima
DPDK Summit 2015 - NTT - Yoshihiro Nakajima
 
Tunnel & vpn1
Tunnel & vpn1Tunnel & vpn1
Tunnel & vpn1
 
Creating a firewall in UBUNTU
Creating a firewall in UBUNTUCreating a firewall in UBUNTU
Creating a firewall in UBUNTU
 
DPDK: Multi Architecture High Performance Packet Processing
DPDK: Multi Architecture High Performance Packet ProcessingDPDK: Multi Architecture High Performance Packet Processing
DPDK: Multi Architecture High Performance Packet Processing
 
IPSec and VPN
IPSec and VPNIPSec and VPN
IPSec and VPN
 
Wireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsWireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance tools
 

Destacado

Design and Implementation of an IPv6 Plugin for the Snort Intrusion Detection...
Design and Implementation of an IPv6 Plugin for the Snort Intrusion Detection...Design and Implementation of an IPv6 Plugin for the Snort Intrusion Detection...
Design and Implementation of an IPv6 Plugin for the Snort Intrusion Detection...Martin Schütte
 
Software Testing on the Web
Software Testing on the WebSoftware Testing on the Web
Software Testing on the WebMartin Schütte
 
Terraform: Configuration Management for Cloud Services
Terraform: Configuration Management for Cloud ServicesTerraform: Configuration Management for Cloud Services
Terraform: Configuration Management for Cloud ServicesMartin Schütte
 
Terraform: Cloud Configuration Management (WTC/IPC'16)
Terraform: Cloud Configuration Management (WTC/IPC'16)Terraform: Cloud Configuration Management (WTC/IPC'16)
Terraform: Cloud Configuration Management (WTC/IPC'16)Martin Schütte
 

Destacado (6)

SA’EY
SA’EYSA’EY
SA’EY
 
Design and Implementation of an IPv6 Plugin for the Snort Intrusion Detection...
Design and Implementation of an IPv6 Plugin for the Snort Intrusion Detection...Design and Implementation of an IPv6 Plugin for the Snort Intrusion Detection...
Design and Implementation of an IPv6 Plugin for the Snort Intrusion Detection...
 
Software Testing on the Web
Software Testing on the WebSoftware Testing on the Web
Software Testing on the Web
 
Syslog Protocols
Syslog ProtocolsSyslog Protocols
Syslog Protocols
 
Terraform: Configuration Management for Cloud Services
Terraform: Configuration Management for Cloud ServicesTerraform: Configuration Management for Cloud Services
Terraform: Configuration Management for Cloud Services
 
Terraform: Cloud Configuration Management (WTC/IPC'16)
Terraform: Cloud Configuration Management (WTC/IPC'16)Terraform: Cloud Configuration Management (WTC/IPC'16)
Terraform: Cloud Configuration Management (WTC/IPC'16)
 

Similar a IPv6 Introduction: Addresses, Headers, Autoconfiguration

Nad710 Network Address Translation
Nad710 Network Address TranslationNad710 Network Address Translation
Nad710 Network Address Translationtmavroidis
 
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...Louis Göhl
 
Getting started with IPv6
Getting started with IPv6Getting started with IPv6
Getting started with IPv6Private
 
The End of IPv4: What It Means for Incident Responders
The End of IPv4: What It Means for Incident RespondersThe End of IPv4: What It Means for Incident Responders
The End of IPv4: What It Means for Incident RespondersCarlos Martinez Cagnazzo
 
Deploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack EnvironmentsDeploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack EnvironmentsShannon McFarland
 
Plug and Play Using Prefix Delegation Mechanism
Plug and Play Using Prefix Delegation MechanismPlug and Play Using Prefix Delegation Mechanism
Plug and Play Using Prefix Delegation MechanismShinsuke SUZUKI
 
Sharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linuxSharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linuxjasembo
 
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime
 
NAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallNAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallCassiano Campes
 
NZNOG 2020 - The Trouble With NAT
NZNOG 2020 - The Trouble With NATNZNOG 2020 - The Trouble With NAT
NZNOG 2020 - The Trouble With NATMark Smith
 
Fedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friendsFedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friendsTim Martin
 
IETF 100: Surviving IPv6 fragmentation
IETF 100: Surviving IPv6 fragmentationIETF 100: Surviving IPv6 fragmentation
IETF 100: Surviving IPv6 fragmentationAPNIC
 
Understanding the IP Protocol.pdf
Understanding the IP Protocol.pdfUnderstanding the IP Protocol.pdf
Understanding the IP Protocol.pdfLandoMuzychuk
 
Upcoming internet challenges
Upcoming internet challengesUpcoming internet challenges
Upcoming internet challengesIvan Pepelnjak
 
Apnic V6 Tutorial Distribution
Apnic V6 Tutorial DistributionApnic V6 Tutorial Distribution
Apnic V6 Tutorial DistributionAli_Ahmad
 
PLNOG15: Practical deployments of Kea, a high performance scalable DHCP - Tom...
PLNOG15: Practical deployments of Kea, a high performance scalable DHCP - Tom...PLNOG15: Practical deployments of Kea, a high performance scalable DHCP - Tom...
PLNOG15: Practical deployments of Kea, a high performance scalable DHCP - Tom...PROIDEA
 
Apnic-Training-IPv6_workshop
Apnic-Training-IPv6_workshopApnic-Training-IPv6_workshop
Apnic-Training-IPv6_workshopNguyen Minh Thu
 

Similar a IPv6 Introduction: Addresses, Headers, Autoconfiguration (20)

Nad710 Network Address Translation
Nad710 Network Address TranslationNad710 Network Address Translation
Nad710 Network Address Translation
 
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...
 
Getting started with IPv6
Getting started with IPv6Getting started with IPv6
Getting started with IPv6
 
The End of IPv4: What It Means for Incident Responders
The End of IPv4: What It Means for Incident RespondersThe End of IPv4: What It Means for Incident Responders
The End of IPv4: What It Means for Incident Responders
 
Deploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack EnvironmentsDeploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack Environments
 
Plug and Play Using Prefix Delegation Mechanism
Plug and Play Using Prefix Delegation MechanismPlug and Play Using Prefix Delegation Mechanism
Plug and Play Using Prefix Delegation Mechanism
 
Sharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linuxSharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linux
 
TCP/IP Basics
TCP/IP BasicsTCP/IP Basics
TCP/IP Basics
 
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
 
NAT Traversal
NAT TraversalNAT Traversal
NAT Traversal
 
NAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallNAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewall
 
NZNOG 2020 - The Trouble With NAT
NZNOG 2020 - The Trouble With NATNZNOG 2020 - The Trouble With NAT
NZNOG 2020 - The Trouble With NAT
 
Fedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friendsFedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friends
 
IETF 100: Surviving IPv6 fragmentation
IETF 100: Surviving IPv6 fragmentationIETF 100: Surviving IPv6 fragmentation
IETF 100: Surviving IPv6 fragmentation
 
Understanding the IP Protocol.pdf
Understanding the IP Protocol.pdfUnderstanding the IP Protocol.pdf
Understanding the IP Protocol.pdf
 
Upcoming internet challenges
Upcoming internet challengesUpcoming internet challenges
Upcoming internet challenges
 
Apnic V6 Tutorial Distribution
Apnic V6 Tutorial DistributionApnic V6 Tutorial Distribution
Apnic V6 Tutorial Distribution
 
PLNOG15: Practical deployments of Kea, a high performance scalable DHCP - Tom...
PLNOG15: Practical deployments of Kea, a high performance scalable DHCP - Tom...PLNOG15: Practical deployments of Kea, a high performance scalable DHCP - Tom...
PLNOG15: Practical deployments of Kea, a high performance scalable DHCP - Tom...
 
IPv6_Quick_Start_Guide
IPv6_Quick_Start_GuideIPv6_Quick_Start_Guide
IPv6_Quick_Start_Guide
 
Apnic-Training-IPv6_workshop
Apnic-Training-IPv6_workshopApnic-Training-IPv6_workshop
Apnic-Training-IPv6_workshop
 

Último

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 

Último (20)

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 

IPv6 Introduction: Addresses, Headers, Autoconfiguration

  • 1. Short Introduction to IPv6 Martin Schütte
  • 2. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Network Working Group S. Deering Request for Comments: 2460 Cisco Obsoletes: 1883 R. Hinden Category: Standards Track Nokia December 1998 Internet Protocol, Version 6 (IPv6) Specification Status of this Memo ... Abstract This document specifies version 6 of the Internet Protocol (IPv6), also sometimes referred to as IP Next Generation or IPng. Martin Schütte Short Introduction to IPv6 2013-09-28 2 / 34
  • 3. Intro Addresses Headers Autoconfiguration DNS Transition First Steps The Hourglass Internet Architecture IP TCP UDP HTTPIMAP SkypeP2P RTP FirefoxKMailThunderbird Skype Kazaa MPlayer EthernetPPP DOCSIS CoaxialFiberTwistedPair CDMA TDMA byConstantineDovrolis Martin Schütte Short Introduction to IPv6 2013-09-28 3 / 34
  • 4. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Addresses IPv4: 32 bits 11001011000000000111000100010111 11001011 00000000 01110001 00010111 0xcb 0x00 0x71 0x17 203 0 113 23 203.0.113.23 Martin Schütte Short Introduction to IPv6 2013-09-28 4 / 34
  • 5. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Addresses IPv6: 128 bits 0010000000000001000001100011100000001000000001110000000000111010 0000001000000101010111011111111111111110111110110011100000010010 0010000000000001 0000011000111000 0000100000000111 0000000000111010 0000001000000101 0101110111111111 1111111011111011 0011100000010010 0x2001 0x0638 0x0807 0x003a 0x0205 0x5dff 0xfefb 0x3812 2001:0638:0807:003a:0205:5dff:fefb:3812 Martin Schütte Short Introduction to IPv6 2013-09-28 5 / 34
  • 6. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Notation 2a01:0198:0200:01e4:0000:0000:0000:0002 = 2a01:198:200:1e4:0:0:0:2 = 2a01:198:200:1e4::2 2001:0db8:0000:0000:0001:0000:0000:0001 = 2001:db8:0:0:1:0:0:1 = 2001:db8::1:0:0:1 Ports: [2001:db8::1:0:0:1]:443 http://[2001:db8::1:0:0:1]:443/index.html Martin Schütte Short Introduction to IPv6 2013-09-28 6 / 34
  • 7. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Address Structure 1 8 16 24 32 IPv4 Address 1 32 64 96 128 IPv6 Address 1 40 64 128 Global Routing Prefix Subnet ID Interface ID Martin Schütte Short Introduction to IPv6 2013-09-28 7 / 34
  • 8. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Address Allocation 1 23 32 48 64 128 IANA RIPE LIR Site Interface ID Example: University Server 2001:638:807:3a:205:5dff:fefb:3812 1 23 32 48 64 128 IANA 2001:06 RIPE 38: DFN 0807: Uni 003a: Interface ID 0205:5dff:fefb:3812 Martin Schütte Short Introduction to IPv6 2013-09-28 8 / 34
  • 9. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Address Usage Example: Comcast (USA) • 20 M customers • avg. 2.5 set-top boxes (STB) per customer • 2 IPs per STB ⇒ 20M × 2.5 × 2 = 100 M IPs Comparison: 10.0.0.0/8 has 224 ≈ 16.5 M IPs Martin Schütte Short Introduction to IPv6 2013-09-28 9 / 34
  • 10. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Address Usage Hypothetical example: China Mobile • 740 M customers • avg. 2 devices per customer • 2 IPs per device ⇒ 740M × 2 × 2 ≈ 3000 M IPs Comparison: 0/1 has 231 ≈ 2150 M IPs IPv4 has 232 ≈ 4300 M IPs Martin Schütte Short Introduction to IPv6 2013-09-28 10 / 34
  • 11. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Some Special Address Ranges :: unspecified ::1 localhost ::ffff:192.0.2.1 IPv4-mapped 2000::/3 unicast fe80::/10 link-local fd00::/8 site-local ff00::/8 multicast ff02::1 multicast, all hosts ff02::2 multicast, all routers ff02::101 multicast, all NTP servers ff05::1:3 multicast, all DHCP servers Martin Schütte Short Introduction to IPv6 2013-09-28 11 / 34
  • 12. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Scope Multicast addresses have scope: • ff01::101 means all NTP servers on the same interface (i.e., the same node) as the sender. • ff02::101 means all NTP servers on the same link as the sender. • ff05::101 means all NTP servers in the same site as the sender. • ff0e::101 means all NTP servers in the Internet. Example: mschuett@zula:~$ ssh root@fe80::6670:2ff:fe4c:3a61 ssh: connect to host fe80::6670:2ff:fe4c:3a61 port 22: Invalid argument mschuett@zula:~$ ssh root@fe80::6670:2ff:fe4c:3a61%eth0 BusyBox v1.19.4 (2013-04-07 13:28:47 CEST) built-in shell (ash) Enter ’help’ for a list of built-in commands. ... Martin Schütte Short Introduction to IPv6 2013-09-28 12 / 34
  • 13. Intro Addresses Headers Autoconfiguration DNS Transition First Steps IPv4 Header Format 0 3 4 7 8 15 16 18 19 31 Version IH Len ToS/ECN Total Length Identification Flags Fragment Offset Time to Live Protocol Header Checksum Source Address Destination Address Options Padding    IP header (20–60 octets) Martin Schütte Short Introduction to IPv6 2013-09-28 13 / 34
  • 14. Intro Addresses Headers Autoconfiguration DNS Transition First Steps IPv6 Header Format 0 3 4 7 8 11 12 15 16 23 24 31 Version Traffic Class Flow Label Payload Length Next Header Hop Limit Source Address Destination Address    basic header (40 octets) Martin Schütte Short Introduction to IPv6 2013-09-28 14 / 34
  • 15. Intro Addresses Headers Autoconfiguration DNS Transition First Steps IPv6 Extension Header Martin Schütte Short Introduction to IPv6 2013-09-28 15 / 34
  • 16. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Destination/Hop-by-Hop Option Header 0 7 8 15 16 23 24 31 Next Header Hdr Ext Len Opt Type Opt Len Opt Value . . . 0 7 8 15 16 23 24 31 Next Header: 0x3a ICMPv6 Hdr Ext Len: 0x00 8 octets Opt Type: 0x05 Rtr alert Opt Data Len: 0x02 2 octets Opt Data: 0x00 0x00 MLD Opt Type: 0x01 PadN Opt Data Len: 0x00 0 octets Martin Schütte Short Introduction to IPv6 2013-09-28 16 / 34
  • 17. Intro Addresses Headers Autoconfiguration DNS Transition First Steps ICMPv6 ICMPv6 includes: • control messages (like ICMPv4) • Link-Layer address resolution (like ARP) • multicast group membership (like IGMP) • Path MTU Discovery • Neighbor Discovery/Autoconfiguration Martin Schütte Short Introduction to IPv6 2013-09-28 17 / 34
  • 18. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Stateless Address Autoconfiguration 1. select tentative address 2. send Router Solicitation to ff02::2 3. join multicast groups for all nodes and Solicited-Node address 4. Duplicate Address Detection ⇒ acquired link-local IP receive Router Advertisement(s) with network info: • routers with lifetime and preference • local network MTU • global address prefix • DHCP management flag ⇒ acquire global address Martin Schütte Short Introduction to IPv6 2013-09-28 18 / 34
  • 19. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Link-Layer Address Resolution Solicited-Node Address: FF02:0:0:0:0:1:FFXX:XXXX Mapping: Unicast fe80::218:f3ff:fe3a:3f55 ⇒ Multicast ff02::1:ff3a:3f55 ⇒ MAC 33:33:ff3a:3f:55 send Neighbor Solicitation to multicast ⇒ receive Neighbor Advertisement with IP and MAC address Note: no broadcast required(!) Martin Schütte Short Introduction to IPv6 2013-09-28 19 / 34
  • 20. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Duplicate Address Detection Solicited-Node Address: FF02:0:0:0:0:1:FFXX:XXXX Mapping: Unicast fe80::218:f3ff:fe3a:3f55 ⇒ Multicast ff02::1:ff3a:3f55 ⇒ MAC 33:33:ff3a:3f:55 send Neighbor Solicitation to multicast • receive Neighbor Advertisement with IP and MAC address • no answer, address is free Martin Schütte Short Introduction to IPv6 2013-09-28 20 / 34
  • 21. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Autoconfiguration and Neighbor Discovery Design assumption: secure and trustworthy LAN Simple Denial of Service: 1. Host Alice starts Duplicate Address Detection: "Anyone using IP X?" 2. Host Eve answers "I have IP X." 3. goto 1 Routing/Man in the Middle: 1. Host Eve sends ICMPv6 Redirect: "This is router Bob, for google.com please use router Eve." Martin Schütte Short Introduction to IPv6 2013-09-28 21 / 34
  • 22. Intro Addresses Headers Autoconfiguration DNS Transition First Steps DNS IPv4: A Record — IPv6: AAAA Record [mschuett@cayce] ~> dig +short quux.de a 88.198.11.141 [mschuett@cayce] ~> dig +short quux.de aaaa 2001:6f8:1138::1 [mschuett@cayce] ~> dig +short -x 2001:6f8:1138::1 mail.quux.de. [mschuett@cayce] ~> dig -x 2001:6f8:1138::1 ... ;; QUESTION SECTION: ;1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0. 8.3.1.1.8.f.6.0.1.0.0.2.ip6.arpa. IN PTR ... Martin Schütte Short Introduction to IPv6 2013-09-28 22 / 34
  • 23. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Happy Eyeballs byDanWingandAndrewYourtchenko Martin Schütte Short Introduction to IPv6 2013-09-28 23 / 34
  • 24. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Known for Some Time Frank Solensky’s Report on Address Depletion, Proceedings of IETF 18, p. 61, Vancouver, August 1990 Martin Schütte Short Introduction to IPv6 2013-09-28 24 / 34
  • 25. Intro Addresses Headers Autoconfiguration DNS Transition First Steps The Plan byGeoffHuston Martin Schütte Short Introduction to IPv6 2013-09-28 25 / 34
  • 26. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Plan B byGeoffHuston Martin Schütte Short Introduction to IPv6 2013-09-28 26 / 34
  • 27. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Status Quo byGeoffHuston Martin Schütte Short Introduction to IPv6 2013-09-28 27 / 34
  • 28.
  • 31. Intro Addresses Headers Autoconfiguration DNS Transition First Steps IPv6 @ Home A few ISPs finally offer native IPv6 to consumers. If not available: use a tunnel brokers, e. g.: • SixXS • Hurricane Electric Martin Schütte Short Introduction to IPv6 2013-09-28 31 / 34
  • 32. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Security Consideration • IPv6 restores end-to-end connectivity • no NAT ⇒ no implicit packet filter • problem: insecure L2 net and First Hop Security (just like with IPv4) • (still) missing support in common tools (firewalls, IDS, config UIs, etc) • little experience Martin Schütte Short Introduction to IPv6 2013-09-28 32 / 34
  • 33. Intro Addresses Headers Autoconfiguration DNS Transition First Steps Tips for transition • external connectivity matters • your printer does not need IPv6 • neither does your DB backend (probably) • start with an additional load balancer or reverse proxy Martin Schütte Short Introduction to IPv6 2013-09-28 33 / 34