Embed Size (px)
DESCRIPTION
Next Generation IP < IPv6 >. 下一代網際網路協定. National Dong Hwa University Director of Computer Center Han-Chieh Chao 趙涵捷. Overview. Limitations of current Internet Protocol (IP) IPv6 addressing IPv4/IPv6 Transition IPv6 features Autoconfiguration IPSec QoS IPv6 Mobility Support Summary. - PowerPoint PPT Presentation
Citation preview
Next Generation IPNext Generation IP< IPv6 >< IPv6 >
National Dong Hwa UniversityDirector of Computer Center
Han-Chieh Chao趙涵捷
下一代網際網路協定下一代網際網路協定
OverviewOverview
• Limitations of current Internet Protocol (IP)• IPv6 addressing• IPv4/IPv6 Transition• IPv6 features
– Autoconfiguration– IPSec– QoS
• IPv6 Mobility Support• Summary
Internet GrowthInternet Growth
Internet GrowthInternet Growth
Growing PainsGrowing Pains
• Depletion of IP address ( between 2005 and 2001 )
• Explosion of Routing Tables ( routing table explosion will condemn the internet
even sooner than the exhaustion of network addresses )
IPv4 AddressesIPv4 Addresses
• Example: 203.64.105.100=1100 1011:0100 0000:0110 1001:0110 0100
(32 bits) = CB:40:69:64• Maximum = 232 = 4 Billion• Class A Network: 15 Million nodes• Class B Network: 64,000 nodes or less• Class C Network: 250 nodes or less
IPv4 Address (cont.)IPv4 Address (cont.)
• 127 Class A + 16,381 Class B + 2,097,151 Class C Network = 2,113,659 networks total
• Class B is most popular• 20% of Class B were assigned by 7/90 and
doubling every 14 months => Will exhaust by 3/94
• Question: Estimate how big will you become?Answer: more than 256!Class C is too small. Class B is just right.
How many address?How many address?
• Some believe 26 to 28 address per host• Safety margin => 1015 addresses• IPng Requirements => 1012 end systems and
109 networks. Desirable 1012 to 1015 networks
Address SizeAddress Size
• H Ratio = log10(number of objects)/available bits• 2n objects with n bits: H Ratio = log102 = 0.30103• French telephone moved from 8 to 9 digits at 107
households => H = 0.26 (assuming 3.3 bits/digit) • US telephone expanded area codes with 108
subscribers => H = 0.24 • SITA expanded 7-character address at 64k nodes
=> H = 0.14 (assuming 5 bits/char)
Address Size (cont.)Address Size (cont.)
• Physics/space science net stopped at 15000 nodes using 16-bit addresses => H = 0.26
• 3 Million Internet hosts currently using 32-bit addresses => H = 0.20 => A few more years to go
• The enormous growth of Internet.
• The Address space is running out in IPv4 (32 bits).
• Routing tables are exploding.• The lack of security at the net
work layer• Device Control – Smart
Homes• High Performance Networks• IP Based Cellular Systems• Connect everything over IP
• Several years of networking with TCP/IP had brought lessons and knowledge
• Lack of Mobility support • New Applications such as Real
Time Multimedia.• Networked Entertainment - yo
ur TV will be an Internet host• More Scalable Solution is
needed
IPv6 motivationIPv6 motivation
Internet Draft
Technically complete and stable?
Yes Proposed Standard (RFC)
Yes DraftStandard (RFC)Multiple
InteroperableImplemen-
tationsYes Internet
Standard (RFC)
Significant OperationalExperience?
Where in the standardization process is IPv6?
6ren, vBNS etc.GPRS, UMTS?
IPv6 StandardizationIPv6 Standardization
Ipng long term solutionIpng long term solution
•1991: Work starts on next generation Internet protocols -- More than 6 different proposals were developed •1993: IETF forms IPng Directorate --To select the new protocol by consensus •1995: IPv6 selected -- Evolutionary (not revolutionary) step from IPv4 •1996: 6Bone started •1998: IPv6 standardized• Today: Initial products and deployments
IPv6 Main Features/FunctionalityIPv6 Main Features/Functionality
• expanded addressing and routing capabilities• support for extension headers and options• Simplified header format• quality of service capabilities• Auto-configuration• Multi-Homing• Class of Service/Multimedia support• support for authentication and privacy•Multicast (No more broadcast )• IPv4 , IPv6 Transition Strategy
0 bits 84 16 31
Ver IHL Total Length
Identifier Flags Fragment Offset
32 bit Source Address
32 bit Destination Address
24
Service Type
Options and Padding
Time to Live Header ChecksumProtocol
SuppressedRenamedRevised
IPv4 HeaderIPv4 Header20 Octets+Options : 13 fields, include 3 flag bits
Version Class Flow Label
Payload Length Next Header Hop Limit
128 bit Source Address
128 bit Destination Address
New
IPv6 HeaderIPv6 Header40 Octets, 8 fields
Major SimplificationsMajor Simplifications
• Assign a fixed format to all headers (40 bytes)• Remove the header checksum• Remove the hop-by-hop segmentation procedure• Built-in security
IPv6 AddressIPv6 Address
• 128 bits long. Fixed size • 2128 = 3.4×1038 addresses => 6.65×1023 addre
sses per m2 of earth surface• If assigned at the rate of 106/s, it would take
20 years • Expected to support 8×1017 to 2×1033 address
es 8×1017 => 1,564 address per m2 • Allows multiple interfaces per host• Allows multiple addresses per interface
Text Representation of ddressesText Representation of ddressesColon-Hex: 1080 : 0 : 0 : 0 : 8 : 800 : 200C : 417A “::” indicates multiple groups of 16-bits of zeros
Dot-Decimal : 203.64.105.100Can leave the last 32 bits in dot-decimal, :: 203.64.105.100
1080 :: 8 : 800 : 200C : 417A
The "::" can only appear once in an addressThe "::" can also be used to compress the leading and/or trailing zeros in an address
HierachyHierachy
3+5+16+16+8+32=80The remaining 48 bits define the particular system on the subnetwork.
IPv6 Address Models
• Allows unicast, multicast, anycast • Allows provider based, site-local, link-local
• 85% of the space is unassigned• Addresses have lifetime
– Valid and Preferred lifetime
Global Site-Local Link-Local
Local-Use AddressLocal-Use Address
• Link Local: Not forwarded outside the link,FE80::xxx
• Site Local: Not forwarded outside the site,FEC0::xxx
bits1111 1110 10 0 Interface ID
10 54 64
1111 1110 11 0 Subnet ID Interface IDbits3810 16 64
Multicast AddressMulticast Address
• T=0 => Permanent (well-known) multicast address, T=1 => Transient
• Scope: 1 Node-local, 2 Link-local, 5 Site-local,8 Organization-local, E Global, F Reserved
• Predefined: 1 => All nodes, 2 => Routers,
0 0 0 T
1111 1111 Flags Scope Group ID
4bits8bits 112bits4bits
Multicast Address (cont.)Multicast Address (cont.)• Link-local scope limits multicast to single Ethernet
Multicast Address (cont.)Multicast Address (cont.)• Organization-local scope limits multicast to organization boundary
Subnetwork Prefix : 5A01: 203 : 405 :607 : 809 :: /80
Anycast Address (the subnet-routAnycast Address (the subnet-router address)er address)
“Can any localrouter help me ”
Destination address : 5A01: 203 : 405 :607 : 809 : 0 : 0 : 0
• Workstation uses an anycast address to ask for help from any router.
Address PrefixesAddress Prefixes
Can specify a prefix by /length
Allocation Prefix Fraction of (binary) Address Space------------------------------- -------- -------------Reserved 0000 0000 1/256 (0::/8)Unassigned 0000 0001 1/256 (100::/8)Reserved for NSAP Allocation 0000 001 1/128 (200::/7)Reserved for IPX Allocation 0000 010 1/128 (400::/7)Unassigned 0000 011 1/128 (600::/7)Unassigned 0000 1 1/32 (800::/5)Unassigned 0001 1/16 (1000:/4)
IPv6 Address AllocationIPv6 Address Allocation
Allocation Prefix Fraction of (binary) Address Space------------------------------- -------- -------------Aggregatable Global Unicast Addresses 001 1/8 (2000::3)Unassigned 1111 0 1/32 (F000::/5)Unassigned 1111 10 1/64 (F800::/6)Unassigned 1111 110 1/128 (FC00::/7)Unassigned 1111 1110 0 1/512 (FE00::/9)Link Local Unicast Addresses 1111 1110 10 1/1024 (FE80::/10)Site Local Unicast Addresses 1111 1110 11 1/1024 (FEC0::/10)Multicast Addresses 1111 1111 1/256 (FF00::/8)
IPv6 Address Allocation (cont.)IPv6 Address Allocation (cont.)
IPv6 Extension HeadersIPv6 Extension Headers• IP options have been moved to a set of optional
Extension Headers• Extension Headers are chained together
IPv6 HeaderNext Header=TCPTCP Header
IPv6 HeaderNext Header=Routing
TCP HeaderRouting HeaderNext Header=TCP
IPv6 HeaderNext Header=Routing
TCP HeaderRouting HeaderNext Header=Fragment
Fragment HeaderNext Header=TCP
Next Header
Routing HeaderRouting Header
Next Header Routing Type Num. Address
Reserved Strict/Loose bit mask
Address 1
Address 2
Next Address
Address n
…..
Routing Header (cont.)Routing Header (cont.)
• Strict => Discard if Address[Next-Address] neighbor
• Type = 0 => Current source routing • Type > 0 => Policy based routing (later) • New Functionality: Provider selection, Host
mobility, Auto-readdressing (route to new address)
Address AutoconfigurationAddress Autoconfiguration• Allow plug and play• BOOTP and DHCP are used in IPv4 • DHCPng will be used with IPv6 • Two Methods: Stateless and Stateful• Stateless:
– A system uses link-local address as source and multicasts to "All routers on this link"
– Router replies and provides all the needed prefix info– All prefixes have a associated lifetime – System can use link-local address permanently if no route
r
Address Autoconfiguration (cont.)Address Autoconfiguration (cont.)
• Stateful: – Problem w stateless: Anyone can connect – Routers ask the new system to go DHCP server (b
y setting managed configuration bit) – System multicasts to "All DHCP servers" – DHCP server assigns an address
Automatic RenumberingAutomatic Renumbering
• Renumbering IPv6 Hosts is easy– Add a new Prefix to the Router– Reduce the Lifetime of the old prefix– As nodes depreciate the old prefix the new Prefix
will start to be used for new connections• Renumbering in IPv6 is designed to happen!• An end of ISP “lock in”!
– Improved competition
• Dual Stack : Providing complete support for both IPv4 and IPv6 in hosts and routers.
Transition Mechanism Transition Mechanism
DRIVER
IPv4 IPv6IPv4 IPv6
APPLICATION
TCP/UDP
This allows indefinite co-existence of IPv4 and IPv6, and gradual, app-by-app upgrades to IPv6 usage
IPv6 host IPv4 hostDual IP host
Transition Mechanism (cont.)Transition Mechanism (cont.)• IPv6 over IPv4 tunneling : Encapsulating IPv6 packets within
IPv4 headers to carry them over IPv4 routing infrastructures.
Entry Router
Leaving Router
IPv6packet IPv6
packet
IPv6packet
IPv4 header
Protocol number=41
IPv4Infrastructure
Encapsulate IPv6 packets inside IPv4 packets(or MPLS frames)any methods exist for establishing tunnels:
-- configured tunnels - manual-- automatic tunnels - IPv4 compatible addresses ::<ipv4>
Transition Mechanism (cont.)Transition Mechanism (cont.)
• IPv6-to-IPv4 (inter-domain, using IPv4 addr as IPv6 site prefix)
• IPv4-compatible IPv6 Addresses
96 bits 32 bits
|0000..............................00000000| IPv4 address |
Dest. :: 0102:0304 Dest. :: 0102:0304Dest. 1.2.3.4
Transition Mechanism (cont.)Transition Mechanism (cont.)
• IPv4-mapped IPv6 address
Dest. 1.2.3.4Dest. ::FFFF: 0102:0304 Dest. ::FFFF: 0102:0304
80 bits 16 bits
| 000………000 : 11….11: IPv4 |
Transition Mechanism (cont.)Transition Mechanism (cont.)
QoSQoS
• Class Field– Diff Serv Code Point will be used
– Can be used for distinguish between different traffic classes
• Flow label– Identifies streams that needs special handling
– Used by RSVP today
– Not fully defined yet
– Could be used for a deterministic hashkey to classify on L2-L7 -> Would make it easier to implement in Hardware
IPv6 SecurityIPv6 Security• Two headers in IPv6 that provides security - AH, ESP• AH - Authentication Header
– Provides source authentication– Integrity
• ESP - Encrypted Security Payload– Integrity– Authentication– Confidentiality
• Note: IPSec is exactly the same for IPv4 and IPv6 only that it was Taylor-made for IPv6.
• Advantages with IPsec– Network level security– Transparent to End-user– Open Standard
Mobile IPv6Mobile IPv6
• IPv6 Mobility is based on core features of IPv6– The base IPv6 was designed to support Mobility– Mobility is not an “Add-on” features
• All IPv6 Networks are IPv6-Mobile Ready• All IPv6 nodes are IPv6-Mobile Ready• All IPv6 LANs / Subnets are IPv6 Mobile Ready
• IPv6 Neighbor Discovery and Address Autoconfiguration allow hosts to operate in any location without any special support
Mobile IPv6 Mobile IPv6 (cont.)(cont.)
• No Foreign Agent– In a Mobile IP, an MN registers to a foreign node a
nd borrows its’ address to build an IP tunnel so that the HA can deliver the packets to the MN. But in Mobile IPv6, the MN can get a new IPv6 address, which can be only used by the MN and thus the FA no longer exists.
• More Scalable : Better Performance– Less traffic through Home Link – Less redirection / re-routing (Traffic Optimisation)
IPv6 Mobility SupportIPv6 Mobility SupportNo FA’s, ND, always Co-located Co addresses
mn.ndhu.tw
INTERNET
mit.us
for mn.ndhu.tw
Correspondend NodeHome AgentRouter
for mn.ndhu.tw atagent.mit.us
ndhu.tw
Gets an address trough ND
Improved PerformanceImproved Performance
• Faster processing time per IPv6 packet– Align on 64 bits boundary– Fewer Optional Headers (from 12 to 8)– Removed checksum
• Better designed for HW support• Scalable hierarchical address architecture
– Faster routing lookups– Smaller routing tables due to Hierarchical address architectu
re -> which make ip_forwarding faster and more efficient use of the memory
– Less routing traffic in the backbone -> which mean less load on the network
SummarySummary
• Streamlined Header Format• Flow Label• 128-bit Network Addresses• Elimination of Header Checksum• Fragmentation only by source Host• Extension Headers• Built-in-security
