PowerPoint Template

IPv6GVHD : TS. Nguyn c ThiNhm 4Lu Nguyn Hong HnhTrn c NghaTrn Duy LinhPhm ch Tr Nhn

1LOGO

Ni dung chnh2AGii thiu IPv6BCch hot ng ca IPv6CCng ngh chuyn i IPv4-IPv6

A. IPv64. u im ca IPv63. Phn loi2. Cu trc1. Gii thiu3

1. Gii thiu a ch IP"a ch IP" l vit tt ca a chInternet Protocol address(a ch giao thc Internet). Mi thit b c kt ni vo mng (nh mng Internet) s c gn mt a ch.

a ch IP c th l a chnghoctnh4

Thut ng IP "tnh" c ni n nh mt a ch IP c nh dnh ring cho mt ngi, hoc nhm ngi s dng m thit b kt ni n Internet ca h lun lun c t mt a ch IP. Thng thng IP tnh c cp cho mt my ch vi mt mc ch ring (my ch web, mail) nhiu ngi c th truy cp m khng lm gin on cc qu trnh .Tri li vi IP tnh l cc IP ng: Nu khng s dng cc dch v c bit cn dng IP tnh, khch hng thng thng ch c ISP gn cho cc IP khc nhau sau mi ln kt ni hoc trong mt phin kt ni c i thnh cc IP khc. Hnh ng cp IP ng ca cc ISP nhm tit kim ngun a ch IP ang cn kit hin nay. Khi mt my tnh khng c kt ni vo mng Internet th nh cung cp s s dng IP cp cho mt ngi s dng khc.Nh vy nu nh s dng IP ng th ngi s dng khng th tr thnh ngi cung cp mt dch v trn Internet (chng hn lp mt trang web, m mt proxy cho php ngi khc t do thng qua n che giu tung tch... trn chnh my tnh ca mnh) bi a ch IP ny lun b thay i.Khng hn l nh vy, nu nh ngi cung cp dch v to ra trn my tnh ca h, sau thng bo n nhng ngi khc th nhng ngi ny c th truy cp trong khong thi gian IP cha b thay i, v thm cc iu kin rng ISP ca ngi to ra dch v khng t mt firewall khng cho php truy cp tri php n.41. Hn ch ca a ch IPv4Cn kit ti nguynCu trc nh tuyn khng hiu quHn ch v tnh bo mt v kt ni u cui- u cui

Thc y IPv6 ra i5

a ch IPv4 c cu trc nh tuyn va phn cp, va khng phn cp. Mi router phi duy tr bng thng tin nh tuyn ln, i hi router phi c dung lng b nh ln.Trong cu trc thit k ca a ch IPv4 khng c cch thc bo mt no i km. IPv4 khng cung cp phng tin h tr m ha d liu. Kt qu l hin nay, bo mt mc ng dng c s dng ph bin, khng bo mt lu lng truyn ti gia cc host5A. IPv64. u im ca IPv63. Phn loi2. Cu trc1. Gii thiu6

2. Cu trc a ch IPv6a ch IPv6 c di 128 bit

0010000000000001

0000110110111000

0000000000000000

0010111100111011000000101010101000000000111111111111111000101000100111000101101021DA:00D3:0000:2F3B:02AA:00FF:FE28:9C5A21DA:D3:0:2F3B:2AA:FF:FE28:9C5A21DA:D3::2F3B:2AA:FF:FE28:9C5A7

72.1. IPv6 vs IP4 Header

8

Version Ch nh phin bn ca IP, c gi tr 4.Internet Header Length Ch nh chiu di ipv4 header (n v o l khi 4 byte).Service Type Ch nh dch v mong mun khi truyn cc gi tin qua router. Trng ny c 8 bt, xc nh quyn u tin, tr, thng lng, cc c tnh ch nh tin cy khc. Trng Service Type gm TOS (Type of Service) v Precedence. TOS xc nh loi dch v, bao gm: gi tr, tin cy, thng lng, tr hoc bo mt. Precedence xc nh mc u tin, s dng 8 mc t 0-7.Total Length Ch nh tng chiu di gi tin ipv4 (IPv4 header + IPv4 payload). Kch thc 16 bt, ch nh rng gi tin ipv4 c th di ti 65,535 byte.Identification nh danh gi tin. Kch thc 16 bt. nh danh cho gi tin c la chn bi ngun gi gi tin. Nu gi tin ipv4 b phn mnh, mi phn mnh s gi li gi tr trng nh danh ny, mc ch node ch c th nhm li cc mnh, phc v cho vic phc hi li gi tin.Flags Xc nh c cho qu trnh phn mnh. Kch thc 3 bt. C hai c: mt xc nh gi tin b phn mnh v c kia ch nh xem c thm phn mnh khc na tip theo phn mnh hin thi hay khng.Fragment Offset Ch nh v tr ca phn mnh trong phn payload ca gi tin ban u. Trng ny c kch thc 13 bt.Time to Live Ch nh s lng link ti a m mt gi tin ipv4 c th i qua trc khi b hy b. Trng ny di 8 bt. TTL c s dng nh mt b m thi gian m router ipv4 dng quyt nh di thi gian cn thit (bng giy) chuyn tip gi tin ipv4. Router hin i chuyn tip gi tin cha n mt giy song lun phi gim gi tr trng ny t nht 1 n v. Khi gi tr TTL tr v 0, gi tin s c hy i v thng ip li c gi tr li a ch ipv4 ngun.Protocol Xc nh th tc lp cao hn gi tin s c chuyn tip. Trng ny gm 8 bt. V d mt s gi tr: 6 l TCP, 17 l UDP, 1 l ICMP.Header Checksum Cung cp kim tra checksum cho ipv4 header. C kch thc 16 bt. IPV4 payload khng bao gm trong checksum ny m thng cha checksum ring ca n. Cc ipv4 node nhn gi tin s kim tra ipv4 header checksum v loi b gi tin nu khng trng khp thng tin. Khi router forward mt gi tin ipv4, n phi gim gi tr trng TTL, do vy trng Header Checksum c tnh ton li ti mi router gia ngun v ch.Source Address Cha a ch ngun gi gi tin ipv4. Kch thc 32 bit.Destination Address Cha a ch ipv4 ch. Kch thc 32 bit.Options Cha mt hoc nhiu hn ty chn trong ipv4. Kch thc trng ny l mt s nguyn ln ca 32 bt (4 byte) . Nu cc option khng dng ht v lm l khi 32 bt, cc gi tr 0 s c thm vo m bo ipv4 header l mt s nguyn ca khi 4 byte, nh vy chiu di ipv4 header mi c th ch nh c bng gi tr cu trng Internet Header Length.

82.1. IPv6 vs IP4 HeaderCu trc IPv6IPv6 HeaderExtensionHeaderDataPayloadIPv6 Packet9

92.1. IPv6 vs IP4 Header

10

102.1. IPv6 vs IP4 Header

11

Version 4 bt: Cng tn vi trng trong a ch ipv4. Ch khc gi tr th hin a ch phin bn 6.Traffic Class 8 bt:: Thc hin chc nng tng t trng Service Type ca a ch ipv4. Trng ny c s dng biu din mc u tin ca gi tin, v d gi tin nn c truyn vi tc nhanh hay thng thng, hng dn thit b thng tin x l gi mt cch tng ng.Payload Length 16 bt: Trng ny thay th cho trng Total length ca a ch ipv4. Tuy nhin, n ch xc nh chiu di phn payload. Trng Payload Length bao gm c header m rng. Bng 16 bit, c th ch nh IPv6 payload ti 65,535 byte.Hop Limit- 8 bit: Thay th trng Time to live ca a ch ipv4.Next Header 8 bt: Thay th trng Protocol. N ch nh n header m rng u tin (nu c) hoc th tc lp trn nh TCP, UDP, ICMPv6. Nu s dng ch nh th tc lp trn, trng ny s c gi tr tng t nh trng Protocol ca a ch ipv4.Source Address: a ch ngun, chiu di l 128 bt.Destination Address:a ch ch, chiu di l 128 bt.So vi IPv4, IPv6 header c mt trng mi nh sau:Flow Label:Trng Flow Label c chiu di 20 bt, l trng mi c thit lp trong IPV6. Trng ny c s dng ch nh rng gi tin thuc mt dng (flow) nht nh gia ngun v ch, yu cu IPv6 router phi c cch x l c bit. Flow Label c dng khi mun p dng cht lng dch v (quality of service) khng mc nh, v d QoS cho d liu thi gian thc (voice, video). Bng cch s dng trng ny, ni gi gi tin c th xc nh mt chui cc gi tin, v d Voice over IP, thnh 1 dng, v yu cu cht lng dch v c th cho dng . Theo mc nh, Flow Label c t gi tr 0. C th c nhiu dng gia ngun v ch, s c xc nh bi nhng gi tr tch bit ca Flow Label.

112.1. Header m rng IPv6Hop by hopDestinationRoutingFragmentAuthentication ESP

Gi tr Next HeaderDng Extension tng ng0Hop by hop43Routing44Fragmentation51Authentication52ESP59No next Header60Destination Options Header12

Trong IPv4, thng tin lin quan n nhng c tnh m rng (v d xc thc, m ho) c trong phn Options ca IPv4 header. a ch IPv6 a nhng c tnh m rng v cc dch v thm vo thnh mt phn ring, gi l header m rng. Gi tin IPv6 c th c mt hay nhiu header m rng, c t sau header chnh, trc phn d liu. Cc header m rng c t ni tip nhau theo th t quy nh, mi dng c cu trc trng ring.Nh tch bit cc dch v gia tng khi cc dch v c bn v t chng trong header m rng, phn loi header m rng theo chc nng, a ch IPv6 gim ti nhiu cho router, v thit lp nn c mt h thng cho php b sung mt cch linh ng cc chc nng, k c cc chc nng hin nay cha thy r rng.Thng thng cc header m rng c x l ti ch. Header m rng Hop-by-Hop c x l ti mi router m gi tin i qua.Cc dng header m rng:Hin nay, c su dng header m rng tng ng su dch v ang c nh ngha: Hop-by-Hop, Destination, Routing, Fragment, Authentication, v ESP (Encapsulating Security Payload). Th t t header m rng trong gi tin l cn thit.Hop-by-HopHop-by-Hop l header m rng c t u tin ngay sau header c bn. Header ny c s dng xc nh nhng tham s nht nh ti mi hop trn ng truyn dn gi tin t ngun ti ch. Do vy s c x l ti mi router trn ng truyn dn gi tin.DestinationDestination header c s dng xc nh cc tham s truyn ti gi ti ch lin k hoc ch cui cng.-Nu c routing header, th s mang thng tin tham s x l ti mi ch ti.-Nu khng c routing header, thng tin l tham s x l ti ch cui cng.RoutingRouting header m nhim xc nh ng dn nh tuyn. Node IPv6 ngun c th s dng routing header xc nh tuyn, lit k a ch ca cc router m gi tin phi i qua. a ch thuc danh sch s c dng lm a ch ch ca gi tin IPV6 theo th t c lit k v gi tin s c gi t router ny n router khc.FragmentHeader m rng Fragment mang thng tin h tr cho qu trnh phn mnh v ti to gi tin IPv6. Fragment header c s dng khi ngun IPV6 gi i gi tin ln hn Path MTU. Trong IPV4, mi router trn ng dn cn tin hnh phn mnh gi tin theo gi tr ca MTU t cho mi giao din. Tuy nhin, chu trnh ny p t mt gnh nng ln router. Bi vy trong a ch IPV6, router khng thc hin phn mnh gi tin. Vic ny c thc hin ti u cui.Node ngun IPV6 s thc hin thut ton tm kim Path MTU, l gi tr MTU nh nht trn ton b mt ng dn nht nh, v iu chnh kch thc gi tin tu theo trc khi gi chng. Nu ng dng ti ngun p dng phng thc ny, n s gi d liu c kch thc ti u, v s khng cn thit x l ti tng IP. Tuy nhin, nu ng dng khng s dng phng thc ny, n phi chia nh gi tin c kch thc ln hn Path MTU. Trong trng hp , nhng gi tin ny phi c chia ti tng IP ca node ngun v Fragment header c s dng.Authentication and ESPIPSec l phng thc m ha bo mt d liu ti tng IP. Trong th h a ch IPv4, khi c s dng IPsec, thng tin h tr bo mt v m ha c t trong trng Option.Trong a ch IPv6, thc thi IPsec c coi l mt c tnh bt buc. Tuy nhin, IPsec c thc s c s dng trong giao tip hay khng ty thuc vo tng trng hp. Khi IPsec c s dng, trong gi tin IPv6 s cn cc header m rng Authentication v ESP. Authentication header dng xc thc v bo mt tnh ng nht ca d liu, ESP header dng xc nh nhng thng tin lin quan n m ho d liu.

2.2. Interface IDInterface ID : 64 bit cui, xc nh duy nht 1 giao din v cu thnh t ng t a ch MAC (EUI-64)13http://daotaoipv6.vnnic.vn/ch2/2_3_2/index.html, 01/09/2014

C 3 cch to t ng Interface ID :To t ng t a ch MAC (nh x EUI-64)To t ng ngu nhinDng th tc gn a ch stateful (DHCPv6)Ngu nhin : s dng thut ton gn mt s ngu nhin lm 64 bt nh danh giao din. nh danh l tm thi v s thay i theo thi gian.Extended Unique Identifier (EUI-64).Dynamic Host Configuration Protocol(DHCP- giao thc cu hnh ng my ch).Bit c : c=0 Universal, c=1 LocalBit g : g=0 unicast, g=1 multicastA. IPv64. u im ca IPv63. Phn loi2. Cu trc1. Gii thiu14

3. Phn loiUnicast

Multicast

Anycast15

Chng trnh o to IPv6 v DNS, http://daotaoipv6.vnnic.vn/, 01/09/2014.

IPv4 : 1 node mng c i din (nh danh) bng 1 a ch IP ton cu (public).IPv4 scope (phm vi) : a ch private phm vi site (1 public IP); a ch broadcast mng con subnet; a ch ton cu ton b Internet.

IPv6 : gn a ch cho 1 interface (ko phi node). Node mng : c th l router, switch hoc bt c thit b g m ta c th nh danh n trn mng.1 interface : c th c nhiu a ch, mi ci c lifetime tng ng.1 node IPv6 (d ch 1 card mng) s c nhiu interface : physical interface hoc virtual interface (cng ngh Tunnel)1 node IPv6 c xc nh bng bt k 1 a ch unicast no gn vi 1 trong s cc interface ca n. hot ng c, thit b IPv6 cn gn nhiu loi a ch.

IPv6 : gm 3 loi (da trn cch truyn packet), nhn dng bng tin t (prefix). Unicast 1-1 : nh v 1 interface, ch n l Unicast = gi packet n 1 interface duy nht.Multicast 1-n : nh v nhiu interfaces (thuc nhiu nodes), gi n all interfaces c cng a ch Multicast.Anycast : nh v nhiu interfaces (thuc nhiu nodes), gi n 1 interface trong s cc interface c cng a ch Anycast (thng chn ci gn nht khong cch routing)Ko c Broadcast, Broadcast IPv4 ca 1 subnet ~ Multicast IPv6 phm vi Link-local FF02::1

3.1. UnicastGlobal Unicast Address (GUA)Unique-Local Address (ULA)Link-Local Address (LLA)Site-Local Address (SLA) bSpecial addressTransition address (a ch chuyn tip)16

3.1. Unicast (1)Global Unicast Address (GUA) : phm vi ton cu~ public IPv4Prefix : 2000::/345 bit : phn cp bi t chc qun l ton cu16 bit : t chc (cng ty) t to

17

http://technet.microsoft.com/en-us/library/cc781672(v=ws.10).aspx, 01/09/2014

RFC 3587 quy nh cu trc GUA. (ISP Internet Service Provider)Vic phn b v cp pht dng a ch ny do h thng cc t chc qun l a ch quc t m nhim.IPv4 : 3 mc tiu quan trng s dng hiu qu, tit kim, tnh t hp v tnh c ng kIPv6 : tnh t hp do vi 128 bit, ko gian a ch ln, nn cn c cu trc phn cp r rng x l c 1 khi lng thng tin khng l.45 bit : a ch mng ring ca 1 t chc c cp bi nhiu cp t chc qun l.16 bit : a ch mng con do t chc t to.

3.1. Unicast (2)Unique-Local Address (ULA)~ private IPv4 (t chc c nhiu mng con)Prefix : FC00::/7 (L = 1 : ang dng)40 bit : ngu nhin18Joshep Davies, Understanding IPv6, 3rd_edition, 2012, p.66

L = 0 : cha c nh ngha trong RFC 4193.ULA : phm vi (scope) gn ton cc.T chc c nhiu mng : 1 host c 1 ULA duy nht, LLA-prefix c th lp li nhiu mng (site)a ch unique local tng ng vi a ch private trong IPv4, ngha l mt doanh nghip c th ty s dng di a ch ny m khng cn phi mua t ISP nh a ch global unicast. Tuy nhin, khc vi a ch private trong IPv4, kh nng xy ra overlap a ch unique local gia cc doanh nghip l rt thp (nh vic sp nhp gia cc doanh nghip vi nhau cng s tr nn d dng hn), v 40 bit phn global ID trong a ch unique local c pht sinh ngu nhin gi bng thut ton, v thut ton ny m bo xc sut phn global ID duy nht trn ton th gii l rt cao.3.1. Unicast (3)Link-Local Address (LLA) : phm vi 1 linkDng giao tip gia cc node lng ging (cng 1 ng link)Lun c cu hnh t ng.Prefix : FE80::/64VD : FE80::2B0:D0FF:FEE9:4143%3 19

http://technet.microsoft.com/en-us/library/cc781672(v=ws.10).aspx, 01/09/2014

Neighbor Discovery (ND protocol) : phc v giao tip gia cc neighbor node.~ IPv4 (169.254.X.X)Khi ko c router, cc node trn cng 1 ng link s dng LLA giao tip nhau.LLA lun lun c cu hnh mt cch t ng, ngay c khi khng c s tn ti ca mi loi a ch unicast khc. (mi interfaces u phi c LLA)Khc vi GUA : LLA c th c dng li (trng lp) cc link ko r rng. Cn thm 1 thng s nh v Zone IDZone ID : FE80::2B0:D0FF:FEE9:4143%3 Zone_ID = %3, l s th t ca Interface (trong Host) kt ni vi Link (s th t ca Link m interface kt ni ti th ng hn)3.1. Unicast (4)Site-Local Address (SLA): phm vi site~ private IPv4 (10.x.x.x, 172.16.x.x, 192.168.x.x)C th dng trng lp.Prefix : FEC0::/10Khng cn s dng na20http://technet.microsoft.com/en-us/library/cc781672(v=ws.10).aspx, 01/09/2014

Site : khi nim ch mt phn ca h thng mng ti cc ta a l khc nhau.Ko gy xung t : v SLA ch truy cp trong phm vi mng ring ca ngi gi, ko th truy cp sang mng khc.

Do nhu cu dn tr nn ko cn thit nn IETF sa i RFC3513, loi b i SLA v d kin thay th bng GUL(Globally Unique Local).3.1. Unicast (5)Special address0:0:0:0:0:0:0:0 hay :: ngha : hin ti node khng c a chCch dng :a ch ngun trong th tc kim tra s trng lp a ch Link-localKhng dng lm a ch ch, hoc a ch ca interface0:0:0:0:0:0:0:1 hay ::1 a ch xc nh interface loopback, cho php 1 node gi packet n chnh n, ~ 127.0.0.1 ca IPv421

Kim tra s trng lp a ch Link-local : trong qu trnh t cu hnh a ch IPv61 node A mi to a ch Link-local v gn n cho 1 interfaceKim tra xem a ch c b dng cha bng c ch DAD- Duplicate Address Detection + A gi thng ip Neighbor Solicitation (NS) c a ch ngun l :: trong mng + Nu node B c dng a ch , th B gi thng ip Neighbor Advertisement (NA) cho A A ko dng a ch + Nu ko c trng lp A dng a ch quan bc tip theoNode A gi thng ip Router Solicitation (RS) trong mng yu cu thng tin, s dng a ch link-local va toRouter gi thng ip RA (Router Advertisement) (RA c truyn lp li theo thi gian mc nh, nn A ko cn ch ng gi RS cng c)Node A nhn RA v thu c tin t IPv6 node to c a ch IPv6.

Interface loopback : ngha lun l, lun lun up, v l giao din kim tra cu hnh, c s dng trong OSPF gn router ID.::1 thuc phm vi node, v khng bao gi c gi trn ng link hay forward i bi router3.1. Unicast (6)Transition address (a ch chuyn tip)H tr chuyn i IPv4 IPv6Dng trong cng ngh bin dch hoc chuyn i tunnelIPv4-compatible : 0:0:0:0:0:0:w.x.y.zIPv4-mapped : 0:0:0:0:0:FFFF:w.x.y.z6to4 : 2002:WWXX:YYZZ:SubID:InterfaceID

22

IPv4-compatible c s dng cho cng ngh tunnel t ng. Khi dng lm a ch IPv6 ch, t ng c bc trong packet c IPv4 Header v gi ti ch dng c s mng IPv4. Hin nay nhu cu tunnel t ng ko cn na nn loi ny cng b loi b dn, ko cn xut hin trong giai on pht trin tip theo ca IPv6.

IPv4-mapped c s dng trong cng ngh bin dch a ch IPv4 IPv6 (v d cng ngh NAT-PT). Ko dng lm a ch ngun hay ch.

6to4 : dng trong cng ngh chuyn i IPv6 6to4, WWXX:YYZZ l h 16 ca a ch public IP w.x.y.z

RFC 3056 m t cng ngh tunnel 6to4.

3.2. MulticastCu trc :23http://mrncciew.com/2013/04/05/ipv6-basics/, 01/09/2014

RFC 2375 quy nh.Node c th gia nhp hoc ri b nhm Multicast ti bt c thi im no.Multicast : ko dng lm a ch ngunFlag : xc nh dng a ch, 3 bit cha s dng gn tr 0, bit T xc nh dng do user quyt nh, T=0 a ch Multicast IPv6 vnh vin, T=1 ko vnh vin.Scope : 0001 (tc tr 1) th c phm vi node, ch gi n cc interface trong 1 node.FF01::1 mi node phm vi nodeFF02::1 mi node phm vi linkFF01::2 mi router phm vi nodeFF02::2 mi router phm vi linkFF05::2 mi router phm vi site

3.2. Multicast24

http://hocmang.net/2014/05/03/cac-loai-dia-chi-ipv6-p2/, 01/09/2014

3.2. MulticastSolicited-node Address (SNA)25http://mrncciew.com/2013/04/05/ipv6-basics/, 01/09/2014

RFC 3513 quy nh.IPv4 ARP (Address Resolution Protocol) : nh x IP MAC. 1 node gi packet ARP broadcast ti all host trn Ethernet. Node no c a ch IP trng vi trong packet s phn hi li nh hng n all node trn phm vi link.IPv4 : ARP broadcast (IP MAC) ~ FF02::1 IPv6FF02::1 a ch multicast mi node phm vi link.

SNA c dng trong th tc Neighbor Discovery, ND ph trch ton b giao tip gia cc node IPv6 trn cng mt ng link (cc neighbor node)3.3. AnycastKhng c khng gian a ch ring : 1 a ch unicast c gn cho nhiu interface ca nhiu node.Khng c dng lm a ch ngun ca packet.26

RFC 3513 quy nhHin nay, a ch anycast khng c gn cho ipv6 host m ch c gn cho ipv6 router. Mt trong nhng ng dng mong mun ca a ch anycast l s dng xc nh mt tp cc router thuc v mt t chc cung cp dch v Internet.Hin nay, mi ch c mt dng a ch anycast c nh ngha v ng dng. l a ch anycast Subnet-Router. Mt a ch anycast Subnet-Router tng ng vi mt prefix a ch trong subnet.3.4. Tm ttBitDng a chCh thch::a ch c bit::1a ch loopbackFE80::/10a ch link-localFEC0::/10a ch site local c hy b2000::/3a ch unicast nh danh ton cu. 2002::/16 a ch ca tunnel 6to4::w.x.y.za ch tng thchDng cho cng ngh tunnel t ng.::FFFF:w.x.y.za ch IPv4 - mapDng trong bin dch a ch IPv6-IPv427BitDng a chCh thchFF::/8a ch multicastFF01::1 - mi node phm vi nodeFF02::1 - mi node phm vi linkFF01::2 - mi router phm vi nodeFF02::2 - mi router phm vi linkFF05::2 - mi router phm vi siteFF02::1:FF/104 Solicited node

A. IPv64. u im ca IPv63. Phn loi2. Cu trc1. Gii thiu28

4. IPv6 vs IPv429

http://www.cnet.com/news/moving-to-ipv6-now-for-the-hard-part-faq/, 01/09/2014

4. u im ca IPv6t a ch Host : n gin ha, tn dng 48bit a ch MACH tr t ng cu hnh a ch.Hiu sut cao hnGim thi gian x l Header, gim Overhead v chuyn dch a chGim thi gian x l nh tuynB Broadcast30

(2) Qu trnh t ng config address :1. Mt a ch tentitive ( thm d ) c gn cho giao din host .2. S dng qu trnh check duplicate a ch va gn xong.3. Nu cng c 1 host no ang dng a ch tentitive th qu trnh ngng li. Lc ny phi dng cch config manual config cho host.4. Nu mi th ok ri th a ch tentitive s c gn cho giao din host .5. Host s gi (by default) 3 bn tin tm cc router trn mng.6. Nu khng c tr li t cc router th host s s dng cch config DHCPv6 nh cho giao din cc a ch v nhng tham s ci t khc.7. - Nu nhn c tr li cng cc tham s km theo ( hop-limitation, reachable time, .) th host s c t ng config theo cc tham s . - Nu nhn c tr li cng cc trng c bit km theo l Managed add. Config. Flag v Other Stateful Configuration flag c set bng 1 th host s s dng DHCPv6 config cho n cc a ch tip theo ( khng fi a ch tentitive lc trc na ) v cc tham s km theo.

(3) IPv6 ko thiu a ch nn ko cn dng a ch ring ko cn k thut NAT. IPv6 c cp pht phn cp r rng. S dng th tc Neighbor Discovery Protocol thay cho ARP Request broadcast (IPv4), tng cng kh nng ca Multicast.

4. u im ca IPv6H tr tt tnh nng di ng (Mobile IP) : c tch hp sn trong IPv6, phn Header ca nh tuyn gip Mobile IPv6 hiu qu hn.

Bo mt cao : IPSec l tnh nng bt buc

Header n gin hn ci thin tc IPv4 : 10 trng, 2 a chIPv6 : 6 trng, 2 a ch31

Mobile IP l mt tiu chun ca IETF cho c IPv4 v IPv6, cho php thit b di chuyn m khng b t kt ni, vn duy tr c kt ni hin ti.

Bo mt cao hn : IPSec trong IPv6 l bt buc ch khng cn l ty chn nh ca IPv4 na. IPSec gm 2 loi ca Extension header v 1 giao thc to bo mt ( sercurity setting ). Authentication header (AH) cung cp tnh ton vn, tnh ng tin ca d liu v trnh c vic phi truyn li cho gi tin IPv6. Cn encapsulating Security Payload (ESP) header and trailer th cung cp tnh ton vn, tnh ng tin ca d liu v trnh c vic phi truyn li cho payload. Protocol m bo vic thc hin bo mt bng IPSec l Internet Key Exchange (IKE) protocol.

Header ca IPv6 n gin v hp l hn IPv4. IPv6 ch c 6 trng v 2 a ch, trong khi IPv4 cha 10 trng v 2 a ch. Do vy cc gi tin IPv6 di chuyn nhanh hn trong mng. Dn n tc mng s c ci thin.Ni dung chnh32AGii thiu IPv6BCch hot ng ca IPv6CCng ngh chuyn i IPv4-IPv6

Hot ng ca a ch IPv6Th tc ICMPv6 (Internet control message protocol version 6)Th tc multicast listener discovery (MLD)Th tc neighbor discovery ND

33

Chc nng ca ICMPv6Ging ICMPv4: Thng bo li mng. Thng bo tc nghn mng. H tr x l s c. Thng bo thi gian timeout.Khc ICMPv4H tr Multicast Listener Discovery (MLD)H tr Neighbor Discovery (ND)34

ICMPv6Cu trc gi tin ICMPv6

MAC headerIPv6 headerICMPv6 headerICMPv6 messageTypeCodeChecksum7 815 16032ICMPv6 message35

Gi tin ICMPv6Type:T 0-127 : thng ip liT 128-255 : thng ip thng tinCode : cho bit y l thng tin dng g36

Loi thng ip ICMPv6TypeMeaning1Destination unreachable2Packet too big3Time exceeded4Parameter problem128Echo request129Echo reply130Multicast Listener Query131Multicast Listener Report132Multicast Listener Done133Router Solicitation134Router Advertisement135Neighbor Solicitation136Neighbor Advertisement137Redirect37

Nhim v ca ICMPv6Tm Path MTU (Path MTU Discovery)ICMPv6 Packet Too Big c s dng trong th tc tm Path MTUThng bo li (Error Notification): S dng : Destination Unreachable, Packet Too Big, Parameter Problem, v Time Exceeded38

Nhim v ca ICMPv6 (tip)Thng bo thng tin S dng Echo Request v Echo ReplyTm kim router v prefix a ch (Router & prefix discovery), l mt phn trong Neighbor DiscoveryS dng Router Solicitation v Router Advertisement T ng cu hnh a ch (Address auto configuration)39

Nhim v ca ICMPv6 (tip)Kim tra trng lp a ch (Duplicate Address Detection)Neighbor Solicitation v AdvertisementPhn gii a ch (Address Resolution)Neighbor Solicitation v Advertisement Kim tra tnh kt ni c ca node ln cn (Neighbor Reachability Detection)Redirect40

Multicast Listener Discovery (MLD)Thay th cho Internet Group Management Protocol phin bn 2 (IGMPv2) trong IPv4S dng chnh thng ip ICMPv6Cho php mt router khm ph ra trn mi interface gn trc tip vi n nhng node :L thnh vin ca nhm multicastSn sng nhn gi tin c gi ti a ch multicast (node ang "nghe" lu lng)Nhng a ch multicast ang c node ny quan tm41

Cu trc gi tin MLDCu trc gi tin MLD

Gi tin MLD lun lun c header m rng Hop-by-Hop m bo rng router s x l c nhng thng ip MLD gi ti nhng a ch multicast m bn thn router khng nghe lu lngIPv6 header(Hop-by-Hop options)Hop-by-Hop Options headerIPv6 Router Alert OptionMLD Message42

Ba loi thng ip ICMPv6Type 130: Multicast Listener QueryType 131: Multicast Listener ReportType 132: Multicast Listener Done43

Neighbor Discovery (ND)ND ph trch ton b giao tip gia cc node IPv6 trn cng mt ng linkm nhim nhng chc nng m cc th tc ARP, ICMP Router Discovery, v ICMP Redirect thc hin trong IPv444

Neighbor Discovery (ND) Node s s dng ND :Thc hin phn gii a ch lp link-layer ca mt neighbor node t a ch IPv6.Quyt nh xem node ln cn c cn t ti c hay khng.

Host s s dng ND :Tm kim router trn ng kt ni.Tm kim thng tin v a ch, hay prefix a ch v nhng thng tin cu hnh khc phc v cho vic cu hnh a ch v hot ng ca host.

45

Neighbor Discovery (ND)Router s s dng ND :Qung b s hin din ca mnh, qung b nhng thng tin cu hnh cn thit cho host, qung b prefix a ch ca ng link.Thng bo cho host v a ch next-hop tt hn c th chuyn tip gi tin n mt ch nht nh.

46

5 loi thng ip ICMPv6 c s dngRouter AdvertisementRouter SolicitationNeighbor SolicitationNeighbor AdvertisementRedirect

47

Cu trc ca gi tin NDTypeTn options1Source Link-Layer Address2Target Link-Layer Address3Prefix Information4Redirected Header5MTUIPv6 HeaderNext header = 58ND message headerND message optionsTypeLengthValue8 bitsNx8 bits8 bits48

Cc quy trnh th tc m ND cung cpTm kim router (Router discovery)Tm kim prefix (Prefix discovery)Tm kim thng s (Parameter discovery)T ng cu hnh a ch (Address autoconfiguration)Phn gii a ch (Address resolution)Quyt nh Next-hop (Next-hop determination)Khm ph tnh c th t ti ca node ln cn (Neighbor unreachability detection)Kim tra trng lp a ch (Duplicate address detection)Chc nng Redirect (Redirect function)49

Ni dung chnh50AGii thiu IPv6BCch hot ng ca IPv6CCng ngh chuyn i IPv4-IPv6

Cng ngh chuyn i giao tip IPv6a ch IPv6 khng th tc khc thay th IPv4 trong thi gian ngn.Kt ni IPv6 s tn dng c s h tng sn c ca IPv4.51Ngun hnh : http://www.potaroo.net/ispcol/2009-09/v6trans.html

Cng ngh chuyn i giao tip IPv6Cc cng ngh s dng chuyn i ph bin hin nay :Dual StackNAT-PTTunnelling

52

Dual Stack l hnh thc thc thi TCP/IP bao gm c tng IP layer ca Ipv4 v tng IP layer ca ipv6. Thit b h tr c 2 giao thc IPv4 v IPv6, cho php h iu hnh hay ng dng la chn mt trong hai giao thc.ng dng h tr dual-stack s hot ng c c vi a ch ipv4 v a ch ipv6. Vic la chn a ch da trn kt qu tr v ca truy vn DNS.Ngun IPv6 Transition Technologies - Microsoft Windows Server 2008 White Paper1. Dual Stack53

53

M hnh Dual Stack541. Dual Stack

Thc cht l mt dng thc cng ngh NAT (Network Address Translation-Protocol Translation), cho php thit b ch h tr IPv6 vi thit b ch h tr IPv4 c th giao tip vi nhau.

Khi gi tin t mng IPv4 sang mng IPv6 (hay ngc li IPv6 sang IPv4) thng qua b nh tuyn NAT-PT:Header IPv4 c tch ra v thay th bi header IPv6 (hay ngc li). Tt c cc thng tin trong phn d liu (data) ca gi tin thng thng phi c bo ton.552. NAT-PT

Hin nay hu ht cc b nh tuyn (router) NAT-PT ch mi h tr NAT Prefix/96. NAT-PT nh ngha ra mt IPv6 Prefix c gi l NAT Prefix. Cc gi tin t mng IPv4 sang mng IPv6 khi qua b nh tuyn NAT-PT s c chuyn i thnh gi tin IPv6 vi a ch ngun l mt a ch IPv6 nm trong NAT Prefix ny. Trong trng hp NAT tnh (Static NAT), mi a ch trong NAT Prefix tng ng vi mt a ch IPv4 ban u (nh x 1:1). Trong trng hp NAT ng (Dynamic NAT), hoc NAT qu ti (NAT overload), mt a ch IPv6 trong NAT Prefix ny c th dng cho mt hoc nhiu a ch IPv4. 55

562. NAT-PT

interface Ethernet0/0 ipv6 address 3ffe:100:200:1::2/64 ipv6 enable ipv6 nat!interface Ethernet1/0 ip address 192.168.1.2 255.255.255.0 ipv6 nat!Entry for static mapping of v4 source->v6-ipv6 nat v4v6 source 192.168.1.1 3ffe:b00:1::1!Entry for mapping of v6 source->dynamic v4ipv6 nat v6v4 source list pt1 pool v4poolipv6 nat v6v4 pool v4pool 10.50.10.1 10.50.10.10 prefix-length 24ipv6 nat translation udp-timeout 600ipv6 nat prefix 3ffe:b00:1::/96!ipv6 access-list pt1 permit ipv6 3ffe:100:200:1::/64 any

563. Tunnelling

Ngun hnh : IPv6 Transition Technologies - Microsoft Windows Server 2008 White Paper

57Tunneling l cng ngh s dng c s h tng ca mng IPv4 truyn ti gi tin IPv6.Ti im u, cc thit b chy Dual Stack bc gi tin ipv6 trong gi tin c header ipv4 v truyn ti i.Ti im ch cui ,ipv4 header c g b, nhn li gi tin ipv6 ban u.Gi tr ca trng Protocol Field trong ipv4 header lun c xc lp c gi tr 41

573. Tunnelling

58

583. Tunnelling59Phn loi cng ngh ng hm:Manual tunnels: i hi phi c cu hnh bng tay ti thit b im u v im cui ng hm.Automatic Tunnels: a ch IPv4 ca im bt u v kt thc ng hm c suy ra t a ch ngun v a ch ch ca gi tin IPv6

Maunual-Tunnel bng tay l hnh thc to ng hm kt ni IPV6 trn c s h tng mng IPV4, trong i hi phi c cu hnh bng tay cc im kt thc tunnel. Trong tunnel cu hnh bng tay, cc im kt cui ng hm ny s khng c suy ra t cc a ch nm trong a ch ngun v a ch ch ca gi tin.Thng thng, hnh thc to ng hm bng tay ny thng c cu hnh to ng hm gia router ti router (hai border router) nhm kt ni hai mng IPV6 xc nh s dng c s h tng mng ipv4. -hng thc ny c th c p dng vi cc mng c t phn mng hoc cho mt s lng hn ch cc kt ni t xa

59Tunnelling - Cng ngh ng hm 6to4

60S dng a ch IPv4 ton cu to ra cc khi a ch IPv6 ringIANA cp ring mt tin t a ch 2002::/16 a ch 6to4 c prefix l 2002::/16, kt hp vi 32 bit ca mt a ch IPv4 s to nn mt a ch 6to4 c prefix /48 duy nht ton cu c s dng cho mng IPv6

60Tunnelling Cc thnh phn 6to4

Ngun hnh : IPv6 Transition Technologies - Microsoft Windows Server 2008 White Paper

61

im khc bit c bn nht gia ng hm 6to4 v ng hm cu hnh bng tay l ch ng hm 6to4 khng phi kt ni im-im. ng hm 6to4 l dng kt ni im-a im.cc mng 6to4 khng ch kt ni vi nhau, chng cn c th kt ni ti mng Internet s dng a ch thun IPv6 bng mt thit b thc hin vai tr cu ni. Thit b ny gi l b nh tuyn chuyn tip 6to4 (6to4 relay router).61Tunnelling V d 6to4 Addressing

Ngun hnh : IPv6 Transition Technologies - Microsoft Windows Server 2008 White Paper

62

-The 6to4 router creates the 48-bit prefix 2002:9D3C:1::/48, in which 9D3C:1 is the colon hexadecimal notation for 157.60.0.1. The 6to4 router advertises the 2002:9D3C:1:1::/64 prefix on the LAN interface connected to the private intranet. The SubnetID portion of the 64-bit prefix can be manually configured or automatically determined by the 6to4 router. IPv6 hosts on the private intranet subnet configure an IPv6 address based on the 2002:9D3C:1:1::/64 prefix using standard IPv6 stateless address autoconfiguration. In this example, 6to4 Host A automatically configures the IPv6 address 2002:9D3C:1:1::1.-6to4 Host/router B is directly connected to the Internet and has been assigned the public IPv4 address of 131.107.0.1. The IPv6 protocol for Windows Server 2008 and Windows Vista automatically derives an address of the form 2002:WWXX:YYZZ::WWXX:YYZZ. Therefore, 6to4 Host/router B assigns itself the IPv6 address 2002:836B:1::836B:1.

62Tunnelling V d 6to4 Routing

Ngun hnh : IPv6 Transition Technologies - Microsoft Windows Server 2008 White Paper

63

63Tunnelling V d 6to4 Routing

6to4 Host to 6to4 Host/RouterNgun hnh : IPv6 Transition Technologies - Microsoft Windows Server 2008 White Paper

64

64Tunnelling V d 6to4 Routing

6to4 Host to 6to4 Host/RouterNgun hnh : IPv6 Transition Technologies - Microsoft Windows Server 2008 White Paper

65

65Tunnelling V d 6to4 Routing

6to4 Host to IPv6 hostNgun hnh : IPv6 Transition Technologies - Microsoft Windows Server 2008 White Paper

66

66Tunnelling V d 6to4 Routing

6to4 Host to IPv6 hostNgun hnh : IPv6 Transition Technologies - Microsoft Windows Server 2008 White Paper

67

67Tham khoJoshep Davies, Understanding IPv6, 3rd_edition, 2012.Andrew S. Tanenbaum, Computer Networks, 4th edition, 2003, ch.5.6.8.JF Kurose, KW Ross, Computer Networking : A Top-Down Approach featuring the Internet, 2001, p.356-362.Martin Dunmore, ed, An IPv6 Deployment Guide, 6NET Consor-tium, Sept. 2005; www.6net.org/book/deployment-guide.pdf

Chng trnh o to IPv6 v DNS, http://daotaoipv6.vnnic.vn/, 01/09/2014.http://technet.microsoft.com/en-us/library/cc781672(v=ws.10).aspx, 01/09/2014.68

Thank You !69

Q&ALOGO