Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
2/20/2013
1
IP Networking Part 4‐Fundamentals of IPv6
“A webinar to help you prepare for the CBNE™ Certification”
Wayne M. Pecena, CPBE, CBNE
T A&M I f i T h lTexas A&M Information TechnologyEducational Broadcast Services
IP Networking Part 4‐ Fundamentals of IPv6 “A webinar to help you prepare for the CBNE™ Certification”
Advertised Presentation Scope:
This webinar builds upon the brief introduction to IPv6 terminology presented in the third webinar of the series held in January 2013. Just as IPv4 addressing can be challenging when managing limited IP address space, IPv6 brings new challenges g g g g p g gwhen working with enormous IP address space. A new mindset is required to effectively understand and implement IPv6 in your network. New IPv6 features and capabilities also bring challenges to the broadcast network engineer.
My Goals & Deliverables for This Afternoon:
‐ Provide an Awareness of IPv6 Terminology‐ Provide an Understanding of IPv6 Technology Fundamentals & Implementation‐ Provide a Foundation for SBE CBNT & CBNE Certification Exams‐ Provide Reference Material & Resources to Obtain Further Knowledge
2
2/20/2013
2
Agenda
• Introduction– IP Address Status
– Why IPv6?y
• IPv6 Fundamentals– IPv6 Address Space
– Address Format & Notation
– Understanding IP Address Types
– IPv6 Address Allocation
– IPv6 Enhancements
• When to Implement IPv6
• How to Implement IPv6
• Takeaway Summary – Q&A
• Reference Sources
3
A Poll ?:
My Interest in IPv6 is:
J W K U Wi h IP N ki T h l□ Just Want to Keep Up With IP Networking Technology□ Want to Understand If I Need to Implement□ Plan to Implement IPv6 □ Have Already Implemented IPv6 and Looking for More Knowledge
4
2/20/2013
3
IPv4 Address DepletionSource: http://www.potaroo.net/tools/ipv4/plotvar.png
• As of February 2011 ALL ICANN IPv4 Address Space Assigned!
• Regional Registries Now Have Their Last Allocation!
& S l d• APNIC & RIPE NCC IPv4 Space Now Depleted
5
IPv6 Technology Fundamentals
IETF – Internet Engineering Task Force
• Request for Comments – RFC’s
The “Standards Bible” of the Internet– The “Standards Bible” of the Internet
– Used to Explain All Aspects of IP Networking
– Nomenclature “RFC xxxx”
• Requirement Levels:
– Required
– Recommended
– ElectiveElective
– Limited Use
– Not Recommended
6
www.rfc‐editor.org/rfc.html
2/20/2013
4
Why IPv6?RFC 2460
• IPv6 Provides Expanded IP Address Space
i h d d dd• But, IPv6 is More Than Expanded Address Space:– An Opportunity to Re‐Engineer IPv4
• Host Auto‐Configuration Capability
• Regain TCP End‐End Connectivity Model– Eliminates Need for Network Address Translation (NAT)
• Eliminates the Broadcast Address
• Improved Support• Improved Support:– Multicasting
– Security Built In
– Mobile Application Roaming Support
7
Hexadecimal Review
RFC 5952 recommends use of lower case hexadecimal characters
But,case insensitive!
Decimal (10) Hexadecimal (16) Binary (2)
0 0 0000
1 1 0001
2 2 0010
3 3 0011
4 4 01004 4 0100
5 5 0101
6 6 0110
7 7 0111
8 8 1000
9 9 1001
10 a 1010
8
11 b 1011
12 c 1100
13 d 1101
14 e 1110
15 f 1111
2/20/2013
5
IPv6 Address SpaceIETF ‐ RFC 2460
IP 6 P id E d d IP Add SIPv6 Provides Expanded IP Address Space
128 bit address
2128 =
340,282,366,920,938,463,463,374,607,431,768,211,456
(three hundred forty UNDECILLION addresses)3.4 x 1038
9
How Big is the IPv6 Address Space?340,282,366,920,938,463,463,374,607,431,768,211,456 addresses
• 50 octillion addresses per person
• 3.7 x 1021 addresses per square inch of earth3.7 x 10 addresses per square inch of earth
10Owen DeLong – Hurricane Electric
2/20/2013
6
IPv6 Address – Similar to IPv4, But DIFFERENT
• 128 bit vs 32 bit Address Length
• Hexadecimal vs Decimal Address Characters
• Colon vs Period Address Section Separators
• Hextet vs Octet Address Sections
IPv4 IPv6
Address Length (bits) 32 128
192.168.100.255 vs 2001:0:0:0:db8:8000:200c:417a
11
Address Length (bits) 32 128
Address Characters Decimal Hexadecimal
Address Section Separators . : (or maybe ::)
Address Section Nomenclature Octet Hextet (chunk, Quartet, or quad)
The IPv6 Address
128‐Bit Address Binary Format:001001100000011110111000000000001111101010100000000000110010000110010101100110001000011110111100010010000010100011110001001001100000011110111000000000001111101010100000000000110010000110010101100110001000011110111100010010000010100011110001
Subdivide Into Eight (8) 16‐bit Groups:
0010011000000111 1011100000000000 0000111110101010 0000000000000011 0010000110010101 1001100010000111 1011110001001000 0010100011110001
Convert Each 16‐bit Binary Group to Hexadecimal:(separate Hextet(s) with a colon)
b f b f2607:b800:0faa:0003:2195:9887:bc48:28f1
12
2/20/2013
7
Representing an IPv6 AddressRFC 4291
X : X : X : X : X : X : X : X
Each IPv6 Address:
0000toFFFF
0000 0000 0000 0000
128 bits in length ‐Written as 32 hexadecimal digits
Expressed as (8) 16 bit sections separated by a colon
Each 16 bit section or “Hextet” represented by 4 hexadecimal
13
0000 0000 0000 0000to to to to1111 1111 1111 1111
represented by 4 hexadecimal digits(also called Chunks, Quads, Quartets)
Preferred Address Format
0000:0000:0000:0000: 0000:0000:0000:0000
0000:0000:0000:0000: 0000:0000:0000:0001
2001:0000:0000:0000: 0000:0000:0000:0001
2001:0ccc:bbbb:0001: 0000:0000:0000:1234
14
2/20/2013
8
IPv6 Address Summarization Rules3 ‐ Rules of Address Notation Reduction
• Eliminate Leading Zero’sEliminate Leading Zero’s in Any Hextet:
0001 becomes 100f0 becomes f0
• Eliminate Hextet’s With All Zero’sDouble Colon Represents Continuous Hextet’s of All Zeros:
0000:0000:0000:0001 becomes ::0001Apply Rule #1 yields ::1
• Only One (1) Double Colon Allowed in an Address
15
Compressed Address FormatAddress Summarization
Preferred Format: Compressed Format:
0000:0000:0000:0000: 0000:0000:0000:0000 ::
0000:0000:0000:0000: 0000:0000:0000:0001 ::1
2001:0000:0000:0000: 0000:0000:0000:0001 2001::1
2001:0ccc:bbbb:0001: 0000:0000:0000:0234 2001:0ccc:bbbb:1::234
16
2/20/2013
9
A Quiz ?:
Address f123:0000:0000:abcd:00fe:0000:0000:9876
Can Be Condensed To:Can Be Condensed To:
F123::abcd:fe::9876
□ TRUE□ FALSE
17
Address Mask• An IPv6 Address is Divided Into Network Portion & Host Portion (just
like IPv4)
• Mask Specifies the Division Betwwen Network & Host Portion of pAddress – Determines the Block Size To‐Be‐Routed
• CIDR Notation ALWAYS USED – No Explicit Mask
IANA Allocated Global Routing SLA
Provider Site
128 bits
Network Portion Host Portion
0x001IANA Allocated Global Routing
PrefixSLA
(Subnet ID)Interface ID
3 bits 45 bits 16 bits 64 bits
EXAMPLE: Global Unicast Address Format (Aggregatable & Routable)
18
2/20/2013
10
IPv6 Address Notation
Classless Inter‐Domain Routing “CIDR”Notation Always Utilized
CIDR Notation Represents An IP Address & Mask in a Shorthand FormCIDR Notation Represents An IP Address & Mask in a Shorthand Form:
IPv4: 165.95.240.136/n
IPv6: 2607:b800:faa::/n
Where n represents the number of bits in the subnet mask
19
IPv6 Address Types
• Unicast – One Destination Single Interface– Global
– Link & Site Local
– Loopback
• Anycast – Allows Multiple Devices to Share the Same Address– Router Selects the Closest Host
• Typically Used for Host Replication
• Multicast – One Source to Many “Subscribers”– NOTE – No Broadcast Address in IPv6
20
2/20/2013
11
Layered Address Access
Link – LocalFE8x:
SiteLocalFECx:
Global2xxx: or 3xxx:
21
IPv6 Addresses:
Link – Local Address – Used on a Single Subnet or Link – Never Routed to Another Subnet –Every IPv6 Host Interface Has A Link-local Address That is Assigned or Auto-Configured
Site Local Address – Routed Within the Organization – Never Routed to the Public Internet
Global Address – Routed to the Public Internet
The Global Unicast IPv6 Address in DetailApplying the “3 – 1 – 4” Rule
Global Routing Prefix Interface ID
Structure of an IPv6 Global Unicast Address
/64/48
Global Routing Prefix(assigned by IANA/provider)
Subnet IDInterface ID
(unique interface ID)
48
bits
16
bits 64
bits
/128
22
16 bits 16 bits16 bits16 bits 16 bits 16 bits 16 bits 16 bits
3 4
1
The “3 – 1 - 4” Rule Makes the IPv6 Address Easier to Decypher
2/20/2013
12
IPv6 Representation in a URL
• IPv6 Address in a URL:
I IP 4 htt //192 168 1 1 8080In IPv4: https://192.168.1.1:8080
In IPv6: Address 2001::0DB8:8:200C:417AEntered URL within [Brackets]
as: https://[2001::0DB8:8:200C:417A]:8080https://[2001::0DB8:8:200C:417A]:8080
23
IPv6 EnhancementsRe‐Engineering Beyond Increased Address Space
• IP Header Format Simplification
• Improved Support for Extensions and Options
• Improved Flow Labeling Capability
• Improved Authentication and Privacy Capabilities
• Host Auto‐Configuration
• Mobility Incorporated
24
2/20/2013
13
The IPv6 Header
The “Next Header”UDPTCPICMP
OrAn Extension Header:Hop‐Hop OptionsDestination OptionsR ti H d
25
Routing HeaderFragment HeaderAuthentication HeaderESP Header
Host Auto‐Configuration
• Assigning the Link‐Local Interface ID:
– Stateful generally configured via DHCPv6
– Crypto RFC 3972 Secure Unique Interface ID
– Manual
– Auto‐Configuration (RFC 4291) :• No Additional Network Services Support Required
• Privacy Format Derived from RNG
• Modified IEEE EUI‐64 MAC Address Derived
26
2/20/2013
14
Auto ‐ ConfigurationInterface ID Derived from MAC Address
27
Mobility Incorporated
• Provides Roaming Service Without Interrupting Connectivity– Ability to Move Between Networks
– Maintains Home IP Address Regardless of Location
– Establishes Care‐Of IP Address When In a “Foreign” Network
• Similar in Concept to IPv4 Mobile IP
28
2/20/2013
15
IPv6 Implementation “Speed Bumps”?
– The “FUD” Principle
– “Does Not Apply to Me”Does Not Apply to Me• I Have Adequate IP Address Space Now
• I Do Not Anticipate Network Growth
• I Only Care About My Internal Network
– No IPv4 to IPv6 Interoperability
– Another IT Industry “Crying Wolf” Event
No Demand for IPv6 from My Users– No Demand for IPv6 from My Users
– Low Priority – No “ROI” Seen
29
A Poll ?:
I Consider My Organization to Be an Internet Content Provider:
Y□ Yes□ No□ Not Sure□ Expect to Be In The Future
30
2/20/2013
16
Viewing the “Broadcasters”Network
IPV6Only AudienceIs Growing
“ContentConsumer”
Is Growing
Your NetworkAs A
“Content Provider”
IPV6Only
31
I Am Ready to Implement IPv6“What’s Next?”
• You Gotta Have a Plan!
• Evaluate Network– CoreCore
– DMZ
– Internal
– External Provider(s)
• Inventory & Evaluate Applications
• Inventory & Evaluate Server Op Systems– Focus on Outward Facing Services First
– Then Address Internal Networks
• Establish Organization Wide Address Plang
• Training & Study
• Implement a Pilot!
32
2/20/2013
17
IPv6 Implementation“Overcoming the IPv4 Mindset”
• Address Plan – “May Be the Most Difficult Aspect”M t O IP 4 Add C ti R fl– Must Overcome IPv4 Address Conservation Reflex
– No More “VLSM”
– Address Assignment by Subnet Rather Than Host
– IPv6 Addresses Are Assigned to Interfaces(Hosts are likely to have multiple IPv6 addresses)
– Stick With /64 Subnet Size
– Assign to Simplify Network Management and Configuration
33
ARIN IPv6 Address Allocation Policies
• End‐User / Enterprise Network
– Qualify by Meeting IPv4 Qualifications
– /48 Minimum Allocated
65 536 /64 b t• 65,536 /64 subnets
• Qualify for Larger Blocks by Justification of Proposed Use
– Allocation Guideline – Large Sites: /48
– Allocation Guideline – Small Sites: /56
• Home End‐User Network
– /64 Minimum Allocated
8 6 0 3 09 2 000 h– 18,446,744,073,709,552,000 hosts
34
IP Address Conservation Is No Longer a ConcernAbandon IPv4 Allocation Mindset
2/20/2013
18
ARIN IPv6 Address Allocation Policies
• Service Provider: /32 232 /64 subnets
• Large End User: /48 65,536 /64 subnets
• Small End User: /56 256 /64 subnets
• SOHO: /64 1 /64 subnets
CIDR Notation = Number of subnet bits
A /64 IPv6 subnet = 18,446,744,073,709,552,000 hosts
35
IPv6 Implementation Techniques
• Native– Separate IPv4 and IPv6 NetworksSeparate IPv4 and IPv6 Networks
• Dual ‐ Stack– Simultaneous IPv4 and IPv6
• Tunnel– IPv4 Network Used as Transport for IPv6
• Translation BasedM l i l L NAT LSN CGN– Multiple Layer NAT or LSN or CGN
– NAT64
– NAT44
36
Preference
2/20/2013
19
Implementation Options
37
Migration Techniques“Dual‐Stack”
Hosts Run IPv4 and IPv6 Simultaneously, But Independently
Advantages:Gradual IPv6 Host ImplementationNo Translation Devices – No Added Latency
38
2/20/2013
20
IPv4 – IPv6 “Dual – Stack”
39
Migration Techniques“Tunnel”
40
2/20/2013
21
IPv6 – IPv4 Tunnel Approach
41
The Typical IPv4 Based ISP Today!
42
2/20/2013
22
Migration Techniques“Translation”
43
Migration Techniques “6 to 4” Translation
44
2/20/2013
23
Interoperability Between IPv4 and IPv6 Hosts
45
Translation Adds Latency – Detrimental for Real‐Time MediaBreaks Some Applications
IPv6 Device Support Today
• Desktop & Server OS:
– Microsoft XP & Server 2003 (manual enable)
– Microsoft Vista, 7, 8, & Server 2008/10
– MAC OS X 10.4+ (no DHCPv6 support) Default Enabled
– MAC LION DHCPv6 Supported
– LINUX (2.6 kernal)
• Ethernet Switches: (NOTE ‐ Layer 2 devices
are not generally concerned with a Layer 3 address)Don’t Forget the Management Interface!
• Enterprise Routers:
– Cisco (manual enable)– Cisco (manual enable)
– Juniper (manual enable)
• Consumer Routers:
– D‐Link
– Cisco – Linksys
– Netgear
46
Source: Stan Barber – Academ ConsultingJeff Carrell – Network Conversions
May Need Firmware Upgrade
2/20/2013
24
Routing Protocols for IPv6“Just Need the Proper Version”
• Interior Gateway Protocols – “IGP”– RIPng (RFC 2080)
– OSPFv3 (RFC 5340)
– IS‐IS (RFC 5308)
– EIGRP for IPv6
• Exterior Gateway Protocols – “EGP”– BGP‐4
47
Takeaway Summary
• The Industry is IPv4 Based Today• IPv4 Demand Continues• IPv4 Availability Pool Rapidly Decreasing or Depleted• IPv4 Availability Pool Rapidly Decreasing or Depleted• IPv6 Provides the Future for Continued Growth• “IPv6 Only” End Users Rapidly Growing• IPv6 Implementation Does Not Happen Overnight – Plan Today!• Focus Implementation Upon External Users• IPv6 is NOT Backward Compatible With IPv4, Thus Expect IPv4 and IPv6 To
Be Maintained for Many Years to Come• IPv6 Address Allocation Focuses Upon Subnet Allocation, NOT Address p ,
Allocation• Don’t Loose Sight of IPv6 Is Still IP.• IPv6 Is More Than Expanded IP Address Space.
48 48
2/20/2013
25
Familiar TCP/IP Tools
(Win XP Shown)
49
An Ipv6 Address You Can Remember
The IPv6 Loopback Addressp
::1Summarized from:0:0:0:0:0:0:0:1
Equivalent of the IPv4 Loopback Address: 127.0.0.1
50
2/20/2013
26
Some Final TriviaWhat Happened to Version 5 or IPv5 of the Internet Protocol?
“IP 5 Si l D N t E i t!“IPv5 Simply Does Not Exist!Version 5 was intentionally skipped to avoid confusion, or at least to rectify it. The problem with version 5 relates to an experimental TCP/IP protocol called the Internet Stream Protocol, Version 2, originally defined in RFC 1190. This protocol was originally seen by some as being a peer of IP at the Internet Layer in the TCP/IP architecture and these packets were assigned IP version 5 to differentiate them from “normal” IPv4 packets. This protocol never went anywhere, but to be absolutely sure that there would be no confusion, version 5 was skipped over in favor of version 6.”
51
Reference Sources:• IPv6 Reference Texts:
– IPv6 Fundamentals – Rick Graziani
– Understanding IPv6 – Joseph Davies
– IPv6 Essentials – Silvia Hagen
– Deploying IPv6 Networks – Ciprian Popoviciu
– IP Address Management Principals & Practice – Timothy Rooney
– Migrating to IPv6 – Marc Blanchet
• IETF ‐ RFC Documents: www.rfc‐editor.org
• IP Address Block Size Chart: https://www.arin.net/knowledge/cidr.pdf
• IPv4 Address Rundown Models: http://www.potaroo.net/tools/ipv4/index.html
• IPv6 Reference Websites:
– International IPv6 Forum: www.ipv6forum.com
– North American IPv6 Task Force: www.nav6tf.org
– IPv6 Portal: www.ipv6tf.org
52
2/20/2013
27
Recommended References
53
https://www.arin.net/knowledge/cidr.pdf
54
2/20/2013
28
Learn More:IPv6 Enable Your Network
But, My Provider is Not IPv6 Enabled!
Then “Tunnel” to an IPv6 Provider:
55
http://www.tunnelbroker.net/
IPv6 Test Web Sites
http://ipv6‐test.com/
http://v6.testmyipv6.com/
56
www.ARIN.net
2/20/2013
29
? Questions ?
Thank You for Attending!
Wayne M. PecenaTexas A&M Universityw‐[email protected]
57