244 lines
6.7 KiB
Plaintext
244 lines
6.7 KiB
Plaintext
%include "default.mgp"
|
|
%default 1 bgrad
|
|
%deffont "typewriter" tfont "MONOTYPE.TTF"
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
%nodefault
|
|
%back "blue"
|
|
|
|
%center
|
|
%size 7
|
|
|
|
|
|
IPv6 Introduction
|
|
|
|
|
|
%center
|
|
%size 4
|
|
by
|
|
|
|
Harald Welte <laforge@rfc2460.org>
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
IPv6 Introduction
|
|
What? Why?
|
|
|
|
|
|
What is IPv6?
|
|
|
|
Successor of currently used IP Version 4
|
|
Specified 1995 in RFC 2460
|
|
|
|
Why?
|
|
|
|
Address space in IPv4 too small
|
|
Routing tables too large
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
IPv6 Introduction
|
|
Advantages
|
|
|
|
|
|
Advantages
|
|
|
|
stateless autoconfiguration
|
|
multicast obligatory
|
|
IPsec obligatory
|
|
Mobile IP
|
|
|
|
Address renumbering
|
|
Multihoming
|
|
Multiple address scopes
|
|
smaller routing tables through aggregatable allocation
|
|
|
|
simplified l3 header
|
|
64bit aligned
|
|
no checksum (l4 or l2)
|
|
no fragmentation at router
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
IPv6 Introduction
|
|
Disadvantages
|
|
|
|
Disadvantages
|
|
Not widely deployed yet
|
|
In most cases access only possible using manual tunnel
|
|
OS support not ideal in most cases
|
|
W2k: IPv6 available from MSi
|
|
Windows XP: IPv6 included
|
|
Linux has support, but some flaws (no IPsec, ndisc not fully implemented, ...)
|
|
*BSD: full support (KAME)
|
|
Solaris: full support
|
|
Application support not ideal in most cases
|
|
not supported: postfix, current squid, inn, proftpd,
|
|
supported: bind8/9, apache, openssh, xinetd, rsync, squid-2.5(CVS), exim, zmailer, sendmail, qmail, inn-2.4(CVS), zebra
|
|
|
|
Conclusion: Circular dependencies
|
|
no application support without OS support
|
|
no good OS support without applications
|
|
no wide deployment without applications
|
|
no applications without deployment
|
|
no deployment without applications
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
IPv6 Introduction
|
|
Deployment
|
|
|
|
|
|
Experimental (6bone)
|
|
Experimental 6bone (3ffe::) has been active since 1995.
|
|
Uses slightly different Addressing Architecture (RFC2471)
|
|
|
|
Production (2001::)
|
|
Initial TLA's and sub-TLA's assigned in Sept 2000
|
|
Mostly used in education+research
|
|
Some commercial ISP's in .de are offering production prefixes
|
|
|
|
Why isn't IPv6 widely used yet?
|
|
No immediate need in Europe / North America
|
|
Big deployment cost at ISP's (Training, Routers, ..)
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
IPv6 Introduction
|
|
Technical: Address Space
|
|
|
|
IP Version 6 Addressing Architecture (RFC2373)
|
|
Format prefix, variable length
|
|
001: RFC2374 addresses, 1/8 of address space
|
|
0000 001: Reserved for NSAP (1/128)
|
|
0000 010: Reserved for IPX (1/128)
|
|
1111 1110 10: link-local unicast addresses (1/1024)
|
|
1111 1110 11: site-local unicast addresses (1/1024)
|
|
1111 1111 flgs scop: multicast addresses
|
|
flgs (0: well-known, 1:transient)
|
|
scop (0: reserved, 1: node-local, 2: link-local, 5: site-local, 8: organization-local, e: global scope, f: reserved)
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
IPv6 Introduction
|
|
Technical: Address Space
|
|
|
|
Aggregatable Global Unicast Address Format (RFC2374)
|
|
3bit FP (format prefix = 001)
|
|
13bit TLA ID - Top-Level Aggregation ID
|
|
13bit Sub-TLA - Sub-TLA Aggergation ID
|
|
19bit NLA - Next-Level Aggregation ID
|
|
16bit SLA - Site-Level Aggregation ID
|
|
64bit Interface ID - derived from 48bit ethernet MAC
|
|
Initial subTLA-Assignments
|
|
2001:0000::/29 - 2001:01f8::/29 IANA
|
|
2001:0200::/29 - 2001:03f8::/29 APNIC
|
|
2001:0400::/29 - 2001:05f8::/29 ARIN
|
|
2001:0600::/29 - 2001:07f8::/29 RIPE
|
|
loopback ::1
|
|
unspecified: ::0
|
|
embedded ipv4
|
|
IPv4-compatible address: 0::xxxx:xxxx
|
|
IPv4-mapped IPv4 (IPv4 only node): 0::ffff:xxxx:xxxx
|
|
anycast
|
|
allocated from unicast addresses
|
|
only subnet-router anycast address predefined (prefix::0000)
|
|
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
IPv6 Introduction
|
|
Technical: Header
|
|
|
|
%font "typewriter"
|
|
%size 3
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|Version| Traffic Class | Flow Label |
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
| Payload Length | Next Header | Hop Limit |
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
+ Source Address +
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
+ Destination Address +
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
%font "standard"
|
|
4bit Version: 6
|
|
8bit Traffic Class
|
|
20bit Flow Label
|
|
16bit Payload Length (incl. extension hdrs)
|
|
8bit next header (same values like IPv4, RFC1700 et seq.)
|
|
8bit hop limit (TTL)
|
|
128bit source address
|
|
128bit dest address
|
|
extension headers:
|
|
hop-by-hop options
|
|
routing
|
|
fragment
|
|
destination options
|
|
IPsec (AH/ESP)
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
IPv6 Introduction
|
|
Technical: Layer 2 <-> Address mapping
|
|
|
|
|
|
Ethernet: No more ARP, everything within ICMPv6
|
|
No Broadcast, everything built using multicast.
|
|
|
|
all-nodes multicast address ff02::1
|
|
all-routers multicast address ff02::2
|
|
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
IPv6 Introduction
|
|
Technical: Address Configuration
|
|
|
|
|
|
router discovery
|
|
routers periodically send router advertisements
|
|
hosts can send router solicitation to explicitly request RADV
|
|
|
|
prefix discovery
|
|
router includes prefix(es) in ICMPv6 router advertisements
|
|
other nodes receive prefix advertisements and derive their final address from prefix + EUI64 of MAC address
|
|
|
|
neighbour discovery
|
|
machines can discover it's neighbours without advertising router
|
|
|
|
|
|
%page
|
|
IPv6 Introduction
|
|
How to get connected
|
|
|
|
In case of static IPv4 address
|
|
SIT (ipv6-in-ipv4) tunnel possible
|
|
http://www.join.uni-muenster.de/
|
|
|
|
In case of dynamic IPv4 address
|
|
ppp (ipv6 over ppp) tunnel (pptp, l2tp) possible
|
|
sitctrl (linux <-> linux)
|
|
atncp (*NIX), http://www.dhis.org/atncp/
|
|
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
IPv6 Introduction
|
|
Further Reading
|
|
|
|
http://www.ipv6-net.org/ (deutsches IPv6 forum)
|
|
http://www.6bone.net/ (ipv6 testing backbone)
|
|
http://www.freenet6.net/ (free tunnel broker)
|
|
http://hs247.com/ (list of tunnel brokers)
|
|
|
|
http://www.bieringer.de/ (ipv6 for linux)
|
|
http://www.linux-ipv6.org/ (improved ipv6 for linux)
|
|
http://www.kame.net/ (ipv6 for *BDS)
|
|
http://www.join.uni-muenster.de/ (ipv6 at DFN/WiN)
|
|
|
|
http://www.gnumonks.org/ (slides of this presentation)
|
|
|
|
And of course, all relevant RFC's
|
|
|