Introduction to IPv6 - II

Similar documents
Workshop on Scientific Applications for the Internet of Things (IoT) March

IPv6 Associated Protocols. Athanassios Liakopoulos 6DEPLOY IPv6 Training, Skopje, June 2011

IPv6 associated protocols

Athanassios Liakopoulos

IPv6 Neighbor Discovery

Configuring IPv6 basics

Operation Manual IPv6 H3C S3610&S5510 Series Ethernet Switches Table of Contents. Table of Contents

IPv6 Autoconfiguration. Stateless and Stateful. Rabat, Maroc Mars 2007

Rocky Mountain IPv6 Summit April 9, 2008

IPv6 Protocols and Networks Hadassah College Spring 2018 Wireless Dr. Martin Land

Guide to TCP/IP Fourth Edition. Chapter 6: Neighbor Discovery in IPv6

IPv6. IPv4 & IPv6 Header Comparison. Types of IPv6 Addresses. IPv6 Address Scope. IPv6 Header. IPv4 Header. Link-Local

Configuring IPv6 for Gigabit Ethernet Interfaces

IPv6 Protocol Architecture

IPv6 Protocol & Structure. npnog Dec, 2017 Chitwan, NEPAL

TCP/IP Protocol Suite

IPv6 Neighbor Discovery

Table of Contents 1 IPv6 Basics Configuration 1-1

IPv6 Security Course Preview RIPE 76

Internet Protocol, Version 6

IPv6 Neighbor Discovery

ETSF05/ETSF10 Internet Protocols Network Layer Protocols

TSIN02 - Internetworking

tcp ipv6 timer fin-timeout 40 tcp ipv6 timer syn-timeout 40 tcp ipv6 window 41

Step 2. Manual configuration of global unicast and link-local addresses

IPv6 Next generation IP

IPv6 address configuration and local operation

Introduction to IPv6

Internet Control Message Protocol

ODL Summit Bangalore - Nov 2016 IPv6 Design in OpenDaylight

IPv6 Concepts. Improve router performance Simplify IP header Align to 64 bits Address hierarchy with more levels Simplify routing tables

IPv6 Neighbor Discovery

The Netwok Layer IPv4 and IPv6 Part 2

IPv6 Configuration Commands

IPv6 Neighbor Discovery

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1

Internet Protocol v6.

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1

IPv6: An Introduction

IPv6. (Internet Protocol version 6)

FiberstoreOS IPv6 Service Configuration Guide

Veryx ATTEST TM Conformance Test Suite

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1

On Distributed Communications, Rand Report RM-3420-PR, Paul Baran, August

Introduction to IPv6. IPv6 addresses

Configuring IPv6. Information About IPv6. Send document comments to CHAPTER

Tutorial: IPv6 Technology Overview Part II

FiberstoreOS IPv6 Security Configuration Guide

Introduction to IPv6

Radware ADC. IPV6 RFCs and Compliance

Configuring IPv6 First-Hop Security

Introduction to IPv6. IPv6 addresses

Last time. Network layer. Introduction. Virtual circuit vs. datagram details. IP: the Internet Protocol. forwarding vs. routing

IPv6 Feature Facts

It's the economy, stupid: the transition from IPv4 to IPv6

Chapter 7: IP Addressing CCENT Routing and Switching Introduction to Networks v6.0

IPv6 Client IP Address Learning

On Distributed Communications, Rand Report RM-3420-PR, Paul Baran, August 1964

CSCI-1680 Network Layer:

IPv6 Technical Challenges

OSI Data Link & Network Layer

Network Layer (4): ICMP

DHCPv6 OPERATIONAL ISSUES Tom Coffeen 4/7/2016

IPv6 Security Fundamentals

Step 2. Manual configuration of global unicast and link-local addresses

Juniper Netscreen Security Device. How to Enable IPv6 Page-51

The Netwok Layer IPv4 and IPv6 Part 2

Setup. Grab a vncviewer like: Or

IPv6 and IPv4: Twins or Distant Relatives

ISO 9001:2008. Pankaj Kumar Dir, TEC, DOT

IPv6 ND Configuration Example

IPv6 Stateless Autoconfiguration

HPE ArubaOS-Switch IPv6 Configuration Guide YA/YB.16.02

IPv6 Cyber Security Briefing May 27, Ron Hulen VP and CTO Cyber Security Solutions Command Information, Inc.

IP - The Internet Protocol. Based on the slides of Dr. Jorg Liebeherr, University of Virginia

CS 356: Computer Network Architectures. Lecture 10: IP Fragmentation, ARP, and ICMP. Xiaowei Yang

Lecture Computer Networks

IPv4 and IPv6 Commands

Outline. IP Address. IP Address. The Internet Protocol. o Hostname & IP Address. o The Address

Configuring Wireless Multicast

TSIN02 - Internetworking

Network Working Group Request for Comments: W. Simpson Daydreamer H. Soliman Elevate Technologies September 2007

The Netwok Layer IPv4 and IPv6 Part 2

Introduction to IPv6. IPv6 addresses

Lecture 3. The Network Layer (cont d) Network Layer 1-1

Internet Control Message Protocol (ICMP)

IPv6 migration challenges and Security

IPv6 Security (Theory vs Practice) APRICOT 14 Manila, Philippines. Merike Kaeo

IPv6 Protocols & Standards

Transitioning to IPv6

ICMPv6. Internet Control Message Protocol version 6. Mario Baldi. Politecnico di Torino. (Technical University of Turin)

Lecture 11: IP routing, IP protocols

Advanced Computer Networking. CYBR 230 Jeff Shafer University of the Pacific. IPv6

IPv6 CONSORTIUM TEST SUITE Address Architecture Conformance Test Specification

IPv6 Security. David Kelsey (STFC-RAL) IPv6 workshop pre-gdb, CERN 7 June 2016

Ch.6 Mapping Internet Addresses to Physical Addresses (ARP)

IPv6 READY. Conformance Test Scenario CE Router. Technical Document. Revision 1.0.0b1

Planning for Information Network

internet technologies and standards

Network layer: Overview. Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing

Transcription:

Introduction to IPv6 - II Building your IPv6 network Alvaro Vives 27 June 2017 Workshop on Open Source Solutions for the IoT

Contents IPv6 Protocols and Autoconfiguration - ICMPv6 - Path MTU Discovery (PMTU-D) - NDP - Autoconfiguration: DHCPv6 vs. SLAAC Use of IP on WSN/IoT Connecting our IPv6 Network to the Internet Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 2

IPv6 Protocols: ICMPv6 (1) ICMPv6 fundamental part of IPv6 ICMPv6 MIPv6 MLD NDP IGMP ICMP Multicast IPv6 Link Layer ARP IPv4 Link Layer Broadcast Multicast Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 3

IPv6 Protocols: ICMPv6 (2) It s used for several things, both: - Locally on the LAN: NDP, MLD - On the Internet: Fragmentation, detect other errors You should be careful when filtering Two type of messages: - Error: Destination unreachable, packet too big, time exceeded, parameter problem (type = 0 127) - Informative: echo request, echo reply (type = 128 255) 8 bits Type 8 bits Code Message Body 16 bits Checksum Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 4

IPv6 Protocols: ICMPv6 (3) ICMPv6 Error Messages Destination Unreachable (type = 1, parameter = 0) No route to destination (code = 0) Communication with destination administratively prohibited (code = 1) Beyond scope of source address (code = 2) Address Unreachable (code = 3) Port Unreachable (code = 4) Source address failed ingress/egress policy (code = 5) Reject route to destination (code = 6) Packet Too Big (type = 2, code = 0, parameter = next hop MTU) Time Exceeded (type = 3, parameter = 0) Hop Limit Exceeded in Transit (code = 0) Fragment Reassembly Time Exceeded (code = 1) Parameter Problem (type = 4, parameter = offset to error) Erroneous Header Field (code = 0) Unrecognised Next Header Type (code = 1) Unrecognised IPv6 Option (code = 2) Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 5

Path MTU Discovery (1) MTU: Maximum Transmission Units - Link MTU: maximum number of bytes of IP packet - Path MTU: minimum link MTU from source to destination In IPv6 the minimum link MTU is 1280 bytes (v4 68 bytes) In IPv6 this is important because: - Fragmentation process changes: extension header - Encapsulation frequently used: overhead reduces available MTU Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 6

Path MTU Discovery (2) Path MTU Discovery sends packets bigger than 1280 bytes - For each destination, starts assuming MTU of first hop - If packet reaches a link MTU smaller than its size, ICMPv6 packet too big packet is sent to source, with info of link MTU (that MTU value is saved for that destination) - Eventually, saved MTU values are discarded to detect possible changes on the MTU values Constrained implementations: PMTU-D could be omitted, if detected that 1280 bytes packets could reach a destination Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 7

Path MTU Discovery (3) IPv6 fragmentation done in the source node Source S MTU = 1500 R1 R2 R3 R4 D MTU = 1500 MTU = 1280 MTU = 1500 MTU = 1500 Destination IPv6 DATA 1500 bytes IPv6 DATA 1500 bytes X ICMPv6 Packet Too Big (MTU 1280) IPv6 Frag. H DATA 1400 bytes IPv6 Frag. H DATA 1400 bytes Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 8

Autoconfiguration (1) ICMPv6 Informative Messages Echo Request (type =128, code = 0) Echo Reply (type =129, code = 0) MLD (Multicast Listener Discovery) Messages: Query, Report, Done (Like IGMP for IPv4) NDP Messages: NS (Neighbor Solicitation) NA (Neighbor Advertisement) RS (Router Solicitation) RA (Router Advertisement) Redirect Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 9

Autoconfiguration (2) NDP: Neighbor Discovery Protocol Used for hosts-hosts and routers-hosts communication It offers several services on a LAN: Discovery of routers, network prefixes, network parameters Autoconfiguration Address Resolution DAD (Duplicate Address Detection) NUD (Neighbor Unreachability Detection) It only uses 5 type of ICMPv6 packets: NS, NA, RS, RA, Redirect Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 10

NS / NA A Host will send NS: 1. To determine the MAC address associated with an IPv6 address: Dest. Addr. Multicast Solicited Node (Address Resolution = ARP IPv4) 2. To check reachability: Dest. Addr. Unicast A Host will send NA: 1. Answer to NS 2. To quickly send new information (Unsolicited) Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 11

Neighbor Solicitation Format NS to determine MAC. Own MAC address is sent 8 bits Type = 135 8 bits Code = 0 Reserved = 0 Target Address Options 16 bits Checksum Target Address: IPv6 address that generated the request. Could not be a multicast address. Possible Options: Source Link-Layer Address Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 12

Neighbor Advertisement Format 8 bits Type = 136 R S O 8 bits Code = 0 Reserved = 0 Target Address Options 16 bits Checksum Flags: - R: Router Flag=1 sending node is a router - S: Solicited Flag=1 sent as an answer to a NS - O: Override Flag=1 indicating caches should be updated Target Address (can t be a multicast address): - Solicited NAs = Target Address of NS - Unsolicited NA: IP address which MAC address has changed Possible Options: Target Link-Layer Address (MAC of Tx) Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 13

RS / RA A Host will send RS 1. When bring up an interface: Dest. Addr = Well known multicast address of all routers A Router will send RA: 1. As an answer to RS 2. Periodically to inform about network parameters Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 14

Router Solicitation Format 8 bits Type = 133 8 bits Code = 0 Reserved = 0 Options 16 bits Checksum Possible Options: Source Link-Layer Address Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 15

Router Advertisement Format (1) 8 bits Type = 134 Cur Hop Lim 8 bits Code = 0 M O Reserved Reachable Timer Retrains Timer 16 bits Checksum Router Lifetime Options Cur Hop Limit: default value to be used as Hop Limit in IPv6 header for packets sent M: 1-bit "Managed address configuration" flag O: 1-bit "Other configuration" flag Router Lifetime: time the router could be used as default router Reachable Time: time node assumes a neighbour is reachable after having received a reachability confirmation (used in NUD) Retrans Timer: time (ms) between retransmitted NS (u in NUD, AR) Possible Options: Source LinkLayer Address, MTU, Prefix Information, RDNSS, Flags Expansion Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 16

Router Advertisement Format (2) Options: TLV (Type-Lenght-Value) Example: Prefix Information - L(1bit): on-link flag=1 indicates if prefix could be used for on-link determination - A(1bit): autonomous address-configuration flag=1 indicates if prefix could be used for stateless address autoconfiguration. - Valid Lifetime: Time in secs. Prefix is valid for on-link determination. Used for stateless address autoconfiguration as well. - Preferred Lifetime: Time in secs. that addresses generated with this prefix using SLAAC are in preferred state - Prefix (128 bits): IPv6 Address or prefix 8 bits 8 bits Type = 3 Length = 4 Valid Lifetime Reserved = 0 Prefix Prefix Length Preferred Lifetime 8 bits 8 bits L A Reserved Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 17

Autoconfiguration (3) Autoconfiguration: automatically configure network parameters, not manually In IPv4 we only have DHCP In IPv6 there are more options Two scenarios: router or non-router Router: - Sends RAs -> M and O Flags -> four combinations - Hosts should look at M and O flags and then start to autoconfigure - M is about IPv6 address, O is about other parameters (DNS, etc.) - We have two tools SLAAC (0) and DHCPv6 (1) Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 18

Autoconfiguration (4) SLAAC vs. DHCPv6 NOTE: Default gateway is learnt from the RA(s) (or manually) IP / Other M O Comments SLAAC / SLAAC 0 0 If dual-stack, could use IPv4 for DNS SLAAC / DHCPv6 0 1 DHCPv6 Stateless DHCPv6 / SLAAC 1 0 If dual-stack, could use IPv4 for DNS DHCPv6 / DHCPv6 1 1 Gateway is learnt from RA Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 19

Autoconfiguration (5) Host A attaches to a network with a Router MAC address 00:0E:0C:31:C8:1F EUI-64 IID is 20E:0CFF:FE31:C81F FF02::2 (all routers) FE80::20F:23FF:FEF0:551A Internet R RA Prefix 2001:db8:1:1::/64 M = 0 O = 0 DNS = 2001:db8::53 1. Create Link-local Address 2. Duplicate Address Detection 3. Send Router Solicitation 4. Create global address 5. Do a DAD 6. Set Default Router 7. Set DNS Server A DNS 2001:db8::53 ::/0 FE80::20F:23FF:FEF0:551A 2001:db8:1:1:20E:0CFF:FE31:C81F FE80::20E:0CFF:FE31:C81F RS Dest FF02::2 Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 20

Autoconfiguration (6) In practice SLAAC for DNS is not yet available. Use IPv4 for DNS resolution (dual-stack) or DHCPv6 (O = 1) MAC address 00:0E:0C:31:C8:1F EUI-64 IID is 20E:0CFF:FE31:C81F FF02::2 (all routers) FE80::20F:23FF:FEF0:551A Internet R 1. Create Link-local Address 2. Duplicate Address Detection 3. Send Router Solicitation 4. Create global address 5. Do a DAD 6. Set Default Router 7. Send DHCPv6 Request for DNS A ::/0 FE80::20F:23FF:FEF0:551A 2001:db8:1:1:20E:0CFF:FE31:C81F FE80::20E:0CFF:FE31:C81F RS Dest FF02::2 RA Prefix 2001:db8:1:1::/64 M = 0 O = 1 Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 21

DHCPv6 (1) DHCPv6 works as DHCPv4 - Client-server SOLICIT ADVERTISE - UDP - Use of relay Client REQUEST REPLY Server DIFFERENCE: Does not provide default gateway Messages names change: SOLICIT, ADVERTISE, REQUEST,REPLY Servers/Relays listen on well-known multicast addresses (FF02::1:2) DHCPv6 stateless: only provides other info, not IP Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 22

DHCPv6 (2) DHCPv6-PD (Prefix Delegation) In IPv6 no private IP + NAT. A GUA prefix is needed DHCPv6-PD allows scalable configuration of IPv6 prefixes in routers Same as for IP addresses: client-server, etc. Only changes the requested object: a prefix (IA-PD) Example: CPE connected to an ISP End-User ISP H CPE CPE Internet CPE D DHCPv6 Server Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 23

DHCPv6 (3) Host A connected to network with Router and DHCPv6 relay M = O = 1 DHCPv6 Server S FF02::2 (all routers) FF02::1:2 (DHCPv6 Relay) FE80::20F:23FF:FEF0:551A R 1. Create Link-local Address 2. Duplicate Address Detection 3. Send Router Solicitation 4. Set Default Router 5. SOLICIT/ADVERTISE/REQUEST/REPLY 6. Configure global address 7. Do a DAD 8. Configure DNS MAC address 00:0E:0C:31:C8:1F EUI-64 IID is 20E:0CFF:FE31:C81F A DNS 2001:db8:FF::5:3 ::/0 FE80::20F:23FF:FEF0:551A 2001:db8:1:1:20E:0CFF:FE31:C81F FE80::20E:0CFF:FE31:C81F RS Dest FF02::2 RA M = 1 O = 1 REQUEST REPLY SOLICIT ADVERTISE Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 24

Use of IP on WSN/IoT (1) IP has benefits for WSN/IoT: - Pervasive nature of IP allows use of existing infrastructure - IP-based technologies exist, are well-known, mature and widely available. Allowing easier and cheaper adoption, good interoperability and easier application layer development - Open/free specifications: easier understood by wider audience than proprietary solutions - Tools for IP networks already exist - IP devices can easily connect to IP networks. No need for protocol translation gateways or proxies Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 25

Use of IP on WSN/IoT (2) IPv6 in particular has benefits for WSN/IoT: - Gives huge amount of addresses - No (real) limit of hosts in a local link - Provides for easy network parameters autoconfiguration (SLAAC) - (Possible) end-to-end bi-directional communication - Could save battery: 1. No NAT and keepalives 2. No need to periodically pull information (PUSH model) Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 26

Connecting to IPv6 Internet (1) Objective: Connect our network to the IPv6 Internet Collecting Servers People IoT devices Networks Bidirectional, allows: - Management - Control - Communication IPv6 Internet Our IoT devices Network Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 27

Connecting to IPv6 Internet (2) Scenario 1: Native IPv6 and IPv6 Router IPv6 Internet R1 RA LAN1 R2 Cloud of IoT devices LAN2 Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 28

Connecting to IPv6 Internet (3) Scenario 2: Without native IPv6 and IPv6 Router IPv4 Internet Tunnel End R IPv6 Internet IPv4 IPv6 DATA R1 RA LAN1 R2 Cloud of IoT devices LAN2 Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 29

Connecting to IPv6 Internet (4) Scenario 3: Without native IPv6 or IPv6 Router IPv4 Internet Tunnel End R IPv6 Internet IPv4 IPv6 DATA R1 RA R3 R2 LAN1 Cloud of IoT devices LAN2 Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 30

Connecting to IPv6 Internet (5) Simplified Scenarios IPv6 Internet IPv4 Internet Tunnel End R IPv6 Internet IPv6 DATA R1 IPv4 IPv6 DATA R1 Cloud of IoT devices LAN1 Cloud of IoT devices LAN1 a) Native IPv6 b) Encapsulated IPv6 Alvaro Vives Workshop on Open Source Solutions for the IoT 27 June 2017 31

Questions avives@ripe.net @TrainingRIPENCC

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback