Network Layer Protocol & Internet Protocol (IP) Suguru Yamaguchi Nara Institute of Science and Technology Department of Information Science
Reading Assignment Information Network 1 / 2012 2
Network Layer Features Basic model Node identification Node aggregation End-to-end Packet delivery Broadcast Multicast Failure isolation and Failure recovery Connecting heterogeneous datalinks Information Network 1 / 2012
OSI 7 Layer Reference Model ES (End System) Application Presentation Session Transport Network Data Link Physical Upper Layer Protocol IS (Intermediate System) ES (End System) NFS XDR Sun RPC TCP IP IEEE802.3 Ethernet Coax Physical connection Physical connection Information Network 1 / 2012 4
Connecting Heterogeneous Data Link Network Gateway The gateway forwards IP packets as an intermediate system according to the routing structure. Connecting directory with datalink in same network. Information Network 1 / 2012
TCP/IP as a Layered Protocol Architecture Application TCP Application TCP IP Network Interface Physical IP Network Interface Physical IP Network Interface Physical IP realizes the end-to-end communication Information Network 1 / 2012
TCP/IP as a Layered Protocol Architecture (1) Service relationship is defined by service provider. (2) The layer upper to the IP protocol defines the service. Thereby, it does not matter what comes below the data link layer. Information Network 1 / 2012
Node Identification Globally unique address space Address space and delegation of authority Network identification and host identification Address class Address class Address space that delegates authority to the layers Ex. IPv4 address 163 221 74 127 0xA3 0xDD 0x4A 0x7F Identifying network Identifying host Network area is 24 bits 163.221.74.127/24 Prefix length Information Network 1 / 2012 8
Node Aggregation 163.221/16 163.221.52/24 163.221.127.0/21... Prefix length = Binary tree level Simple expression Fast and memory-saving Especially in relay node... Information Network 1 / 2012 9
Address Aggregation Aggregating contiguous network blocks 24 C Network Number 00 Host C Network Number 01 Host C Network Number 10 Host C Network Number 11 Host 22 4C Prefix Information Network 1 / 2012 10
Address Aggregation Information Network 1 / 2012 11
End-to-End Packet Delivery 163.221.3.3 163.221.5.5 Network Layer Network Layer Cloud Hosts are present at the cloud edge Identified uniquely by IPv4 address 163.221.4.4 Information Network 1 / 2012 12
Graph Representation of Networks Information Network 1 / 2012 13
Hierarchy Perspective: who carries the ladder? From data link layer to network layer: Network Layer Native to data link layer Ex: LLC/SNAP, NLPID From network layer to datalink layer: Native to network layer ( IPv4 ) Ex) ARP ND (IPv6) Data Link Layer Data Link Layer Information Network 1 / 2012 14
Network to Data Link (1) ARP Address Resolution Protocol (ARP) RFC 826 A B: M a all stations: where is B b a: B is at b a b: A B: M A B C Network layer a b c Data-link layer Information Network 1 / 2012 15
Network to Data Link (2) ARP The case of routed networks A C: M a all stations: where is R r a: R is at r a r: A C: M r all stations: where is C c r: C is at c r c: A C: M R r A a B b Network layer Data-link layer C c D d Information Network 1 / 2012 16
Network to Data Link (3) ARP The case of bridged networks A C: M a all stations: where is C c a: C is at a a c: A C: M T t A a B b Network layer Data-link layer C c D d Information Network 1 / 2012 17
Data Link to Network Several network layer protocols are multiplexed to a single data link layer. Multiplexing, de-multiplexing IPv4 IPv6... IPv4 IPv6... Network? Ethernet Ethernet Datalink Information Network 1 / 2012 18
Ethernet: IEEE802.3, 802.2LLC, Ethernet2 6 6 2 Dst addr Src addr Type DATA (variable) FCS 4 IEEE802.3 (Length < 0x05DC) Length DATA (variable) FCS IEEE802.3 Raw Length (0xFFFF DATA (variable) FCS IEEE802.2 LLC 1 1 1 DSAP SSAP CTL DATA (variable) FCS SNAP 3 2 Protocol ID Type DATA (variable) FCS Information Network 1 / 2012 19
Data Link to Network De-multiplexing with LLC I/G = Individual or group address C/R = Command or response frame SAP address examples: 06 IP packet E0 Novell IPX FE OSI packet AA SubNetwork Access protocol (SNAP) 1 byte 1 1 or 2 bytes Destination SAP Address Source SAP Address Control Information Destination SAP Address Source SAP Address I/G C/R 1 7 bits 1 7 bits Information Network 1 / 2012 20
De-multiplexing with LLC/SNAP ORG Type 3 2 SNAP PDU SNAP Header Information LLC PDU AA AA 03 1 1 1 MAC Header FCS Information Network 1 / 2012 21
Implementing the Communication Model Unicast Peer to Peer communication Source and destination address allocation Example p.16, 17, 18 is Unicast Broadcast Multicast Information Network 1 / 2012 22
Broadcast Sending to all hosts running in the same transmission medium (data link). Broadcast communication availability depends on the datalink. Many data links do not support broadcast communication. Does not guarantee a perfect broadcast. Passive hosts will not receive the broadcast. Processing received data depends on the processes run by receiving hosts. IP broadcast Link-layer broadcast Information Network 1 / 2012 23
Bootstrapping with Broadcast Broadcast communication in multi-access network It is absolutely necessary to resolve address from network layer to data link layer. Automatic configuration is absolutely necessary. Bootstrap A: a all stations: who is router r a: router R is at r R r A B C Network layer a b c Data-link layer Information Network 1 / 2012 24
Selective Broadcasting Multicast Multi-point to Multi-point communication Selective broadcasting Membership If host is not a member, it won t be able to listen to communications within the group. Membership management Group Management IP multicast Link-layer multicast Information Network 1 / 2012 25
What if...? Application Presentation Session Transport Network Data Link Physical Application Presentation Session Transport Network Data Link Physical physical connection Failure isolation and Failure recovery Information Network 1 / 2012 26
Failure Isolation: ICMP (1) RFC792 Failure occurs below the data link layer Dropping a Packet In the case a packet did not reach its destination Destination Unreachable Returning to the source address. ICMP Destination Unreachable failure Information Network 1 / 2012 27
Failure Isolation: ICMP (2) End-to-end reachability verification, faulty section judgement Echo Request, Echo Reply Application Presentation Session Transport Network Data Link Physical Application Presentation Session Transport Network Data Link Physical Information Network 1 / 2012 28
Connecting Heterogeneous Data Links (1) Because of heterogeneity... Address architecture is different Resolving with ARP. Multiplexing method is different Resolving with LLC/SNAP Transmission speed is different Resolving with buffer Maximum Transmission Unit (MTU) size is different Fragmentation Information Network 1 / 2012 29
Connecting Heterogeneous Data Links (2) Fragmentation and reassembly Fragmentation Fragmenting a packet and keeping fragments within a maximum frame length. Reassembly Reconstructing the fragmented packet at the destination node. MTU = 9128 MTU = 1520 Information Network 1 / 2012 30
Fragmentation and Reassembly IPv4 header Flags = {0, MF, DF} Fragment offset: 13 bits 0 4 8 16 31 Ver. IHL Type of Service ( Octet Total Length (in Identification Flags Fragment Offset Time to Live Protocol Header Checksum Source Address Destination Address ( any Option (if Information Network 1 / 2012 31
BOOTP & DHCP Information Network 1 / 2012 32
Dynamic Assignment of IP addresses It is desirable for several reasons: IP addresses are assigned on-demand Avoid manual IP configuration Support mobility of laptops / handheld WiFi devices etc. Information Network 1 / 2012 33
RARP Reverse Address Resolution Protocol (RFC 903) Works similar to ARP Broadcast a request for the IP address associated with a given MAC address RARP server responds with an IP address Only assigns IP address (not the default router and subnet mask) Obsolete! IP address (32 bit) ARP RARP Ethernet MAC address (48 bit) Information Network 1 / 2012 34
BOOTP Bootstrap protocol (RFC 951) Predecessor of DHCP Host can configure its IP parameters at boot time It was designed for a static environment Three services IP address assignment. Detection of the IP address for a serving machine. The name of a file to be loaded and executed by the client machine (boot file name) Not only assign IP address, but also default router, network mask, etc. Sent as UDP messages (UDP Port 67 (server) and 68 (host)) Use limited broadcast address (255.255.255.255): These addresses are never forwarded Information Network 1 / 2012 35
DHCP (1) Dynamic Host Configuration Protocol It was developed in 1993 to improve and resolve specific limitations of BOOTP It was devised to automate the configuration DHCP is the preferred mechanism for dynamic assignment of IP addresses It use plug-and-play networking to join a new network and obtain an IP address DHCP server can be configured to have two type of addresses : Permanent addresses: assigned to server computers Pool of addresses: these are to be allocated on demand DHCP issues a lease on the address for a finite period of time If lease expires, computer must renegotiate with the DHCP server Information Network 1 / 2012 36
DHCP (2) Information Network 1 / 2012 37
BOOTP/DHCP Message Format OpCode Hardware Type Number of Seconds Transaction ID Client IP address Your IP address Server IP address Gateway IP address Client hardware address (16 bytes) Server host name (64 bytes) Boot file name (128 bytes) Options Hardware Address Hop Count Length Unused (in BOOTP) Flags (in DHCP) Information Network 1 / 2012 38
DHCP Operations (1) DHCP Client 00:a0:24:71:e4:44 DHCP Server DHCP DISCOVER DHCPDISCOVER Sent to 255.255.255.255 DHCP Server DHCP OFFER DHCP Client 00:a0:24:71:e4:44 DHCPOFFER DHCPOFFER DHCP Server DHCP Server Information Network 1 / 2012 39
DHCP Operations (2) DHCP Client 00:a0:24:71:e4:44 DHCP Server DHCP REQUEST DHCPREQUEST DHCPACK At this time, the DHCP client can start to use the IP address DHCP Server DHCP Client 00:a0:24:71:e4:44 DHCP Server Renewing a Lease (sent when 50% of lease has expired) DHCPREQUEST DHCPACK DHCP Server Information Network 1 / 2012 40
DHCP Operations (3) DHCP Client 00:a0:24:71:e4:44 DHCP Server DHCP RELEASE DHCPRELEASE At this time, the DHCP client has released the IP address DHCP Server Information Network 1 / 2012 41
Lecture Archive Information Network 1 / 2012 42
Lecture Archive (2011) Network Layer Protocols & Internet Protocol (IP) http://library.naist.jp/real/9b2cf40300e4f2f41bcbe9166ff8b430/ index.html Whole class http://library.naist.jp/mylimedio/search/av2.do? target=local&bibid=135469 Information Network 1 / 2012 43
IPv6 Information Network 1 / 2012 44
The End of IPv4 50 Billion individual elements on the Internet in 2014 Information Network 1 / 2012 45
IPv4 Address Allocation Report Date: 27-Apr-2012 http://labs.apnic.net/ipv4/report.html Information Network 1 / 2012 46
Internet Protocol version 6 (IPv6) Developed in early 90s Deployed since late 90s early 2000 Designed to overcome limitations in IPv4 First issue was to deal with addressing From 2 32 to 2 128 (4.3 x 10 9 to 3.4 x 10 38 ) Enhance the security IPsec is built in to IPv6 from the start IPv6 global addressing enables you to minimize devices, minimize delay, and simplify development Headers allow development of new quality and streaming services Information Network 1 / 2012 47
IPv4 vs IPv6 (1) Address architecture Hierarchic structure Introduction of the concept of scope Clear definition of address classes Multicast Standardization Discontinuation of broadcast Able to deal with high-speed networks Simplified header format Suppression of unused fields Static length Discontinuation of checksums Discontinuation of IP header options Discontinuation of en-route packet fragmentation Information Network 1 / 2012 48
IPv4 vs IPv6 (2) Link layer and network layer address resolution ( Protocol ARP -> NDP (Neighbor Discovery Unreachability detection Security IPsec as a standard Flexibility IP extension header MobileIPv6 IPsec Information Network 1 / 2012 49
IPv6 Address Format Information Network 1 / 2012 50
IPv6 Address (1) IPv4 address: 32 Bits (4 Bytes) 4 decimal numbers separated by a dot 192.168.1.240 IPv6 address: 128 Bits (16 Bytes) 8 Groups separated by colons ( : ) Each group represent 4 Hexadecimal digits 2001:0db8:85a3:0000:0000:8a2e:0370:7334 Allowing to remove leading zeros and skip consecutive zero sequence 2001:0db8:85a3:0000:0000:8a2e:0370:7334 2001:db8:85a3:0:0:8a2e:370:7334 2001:db8:85a3::8a2e:370:7334 Information Network 1 / 2012 51
IPv6 Address (2) IPv4 compatibility address ::IPv4 address ::203.178.142.1 Address used for auto-tunneling IPv4-mapped address ::ffff:ipv4 address ::ffff:203.178.142.1 Address expression to show a node implements IPv4 only Information Network 1 / 2012 52
Scope (1) Link-Local To be used for auto-address configuration neighbor discovery Valid in the scope of the given link, not routable fe80::/ 10 prefix Global Global/Universal address Routable Connect to any global scope address anywhere Information Network 1 / 2012 53
Scope (2) Organization Global HOST HOST Organization Link-local Router Link-local HOST Information Network 1 / 2012 54
IPv4 Header Total length: 20 bytes + options Fields in red are suppressed or renamed in IPv6 bit 4 8 16 20 32 version HL ToS Total Length Iden4fica4on Flag Fragment Offset TTL Protocol Header Checksum Source address (32 bits) Des4na4on address (32 bits) Op4ons Padding Information Network 1 / 2012 55
IPv6 Header Fixed length: 40 bytes All optional/additional info is encoded in Extension Header It isn t protected by checksum bit 4 12 16 24 32 version Traffic class Flow label Payload length Next header Hop limit Source address (128 bits) Des4na4on address (128 bits) Information Network 1 / 2012 56
Address Structure (1) Separating network prefix and interface ID ( bits Network prefix (Upper 64 Interface ID (Lower 64 :( bits MAC address (EUI-64) E.g. 00:e0:18:98:93:6d (MAC address) 2001:200:16a:e320:2e0:18ff:fe98:936d 64 bits 64 bits Network Prefix Interface ID 3 45 16 64 001 global routing prefix subnet id interface id IANA RIR RIR LIR /48 block for end user Information Network 1 / 2012 57
Address Structure (2) Address assignment following the network topology RFC2374 3 13 8 24 16 64 FP TLA ID RE NLA ID SLA ID Interface ID RFC2450 3 13 13 6 13 16 64 FP TLA ID RE NLA ID SLA ID Interface ID sub-tla FP Format Prefix RE Reserved TLA ID Top-Level Aggregation Identifier NLA ID Next-Level Aggregation Identifier SLA ID Site-Level Aggregation Identifier Information Network 1 / 2012 58
Address Assignment APNIC 2001:200::/35 2001:200::/29-2001:3f8::/29 TLA ID WIDE sub-tla NAIST USM NLA ID 2001:200:16a::/48 2001:200:703::/48 Information Network 1 / 2012 59
Top Level Aggregator (TLA) Assigned from RIRs (ARIN, RIPE, APNIC) /29 address space 3 13 8 24 FP TLA ID RE NLA ID Previous assignment 3 13 13 19 FP TLA ID SubTLA ID NLA ID Current assignment Information Network 1 / 2012 60
Next Level Aggregator (NLA) ISPs and organizations acquire addresses from TLA Enabling to set a subnet From /35 to /48 address spaces 3 13 8 24 FP TLA ID RE NLA ID Previous assignment 3 13 13 19 FP TLA ID SubTLA ID NLA ID Current assignment Information Network 1 / 2012 61
Site Level Aggregator (SLA) Organizations acquire addresses from NLA. From /49 to /64 address spaces 3 13 13 19 16 FP TLA ID SubTLA ID NLA ID SLA ID Information Network 1 / 2012 62
Unicast Address Unicast Address Assigned to a single interface Address valid at the link scope fe80::2e0:18ff:fe98:936d 10 bits 56 bits 64 bits 1111111010 00000... 0000 interface Id Information Network 1 / 2012 63
Multicast Address Multicast Address Assigned to several interfaces and delivered to all these interfaces 8 bits 4 4 112 bits 11111111 flgs scope group ID 0 reserved 1 node-local scope 2 link-local scope 5 site-local scope 8 organization-local scope E global scope F reserved 0000 permanent(defined)address 0001 temporary address Information Network 1 / 2012 64
Format Prefix (1) Usage Prefix Occupation Reserved 0000 0000 1/256 Unassigned 0000 0001 1/256 Reserved for NSAP Allocation 0000 001 1/128 Reserved for IPX Allocation 0000 010 1/128 Unassigned 0000 011 1/128 Unassigned 0000 1 1/32 Unassigned 0001 1/16 Aggregatable Global Unicast Address 001 1/8 Unassigned 010 1/8 Unassigned 011 1/8 Unassigned 100 1/8 Unassigned 101 1/8 Information Network 1 / 2012 65
Format Prefix (2) Usage Prefix Occupation Unassigned 110 1/8 Unassigned 1110 1/16 Unassigned 1111 0 1/32 Unassigned 1111 10 1/64 Unassigned 1111 110 1/128 Unassigned 1111 1110 0 1/512 Link-Local Unicast Address 1111 1110 10 1/1024 Multicast Address 1111 1111 1/256 Unassigned is dealt with as Unicast from now on. Information Network 1 / 2012 66
Defined Multicast Address FF00:0:0:0:0:0:0:0 reserved FF01:0:0:0:0:0:0:0 reserved : FF0F:0:0:0:0:0:0:0 reserved FF01:0:0:0:0:0:0:1 All IPv6 nodes address (node-local) FF02:0:0:0:0:0:0:1 All IPv6 nodes address (link-local) FF01:0:0:0:0:0:0:2 All IPv6 routers address (node-local) FF02:0:0:0:0:0:0:2 All IPv6 routers address (link-local) FF02:0:0:0:0:0:0:C DHCP servers / relay agents FF02:0:0:0:0:1:x:x Solicited-Node address Information Network 1 / 2012 67
ICMPv6 & NDP Information Network 1 / 2012 68
Control Protocols IPv4 control protocols: ICMP ARP IGMP IPv6 control protocol: Internet Control Message Protocol version 6 (ICMPv6) Information Network 1 / 2012 69
ICMPv6 Many messages are the same as the IPv4 counterpart: Type 1: Destination Unreachable Type 2: Packet Too Big (MTU) Type 3: Time Exceeded Type 4: Parameter Problem Type 128/129: Echo Request/ Echo Reply Must not be fragmented Must not be originated in response to ICMPv6 error or redirect messages multicast/broadcast packets addresses 8 bits 8 bits 16 bits Type Code Checksum Message body Information Network 1 / 2012 70
Neighbor Discovery Protocol (NDP) Uses ICMPv6 messages Used to Neighbor Solicitation (NS) determine link-layer address of neighbor Neighbor Advertisement (NA) actively keep track of neighbor reachability Router Solicitation (RS) determine on-link routers and default route Router Advertisement (RA) send network information from routers to hosts Redirect router can inform a node about better first-hop routers Protocol used for host auto-configuration All ND messages must have hop limit = 255 must originate and terminate from the same link Information Network 1 / 2012 71
Neighbor Solicitation (NS) Sent by node to determine link-layer address of a neighbor Similar to an IPv4 ARP request Packet description Source address: Link-Local address Destination: Solicited-node multicast address or all nodes multicast (FF02::1) Data contains Link-Layer address of source Query: please send me your link-layer address ICMP type 135 Information Network 1 / 2012 72
Neighbor Advertisement (NA) Response to Neighbor Solicitation Similar to an IPv4 ARP response Includes my MAC address, so you can send me information Packet description Source address: Link-Local address of source Destination: Destination address of the NS request Data contains Link-Layer address of source ICMP type 136 Information Network 1 / 2012 73
Router Solicitation (RS) Nodes request routers to send Router Advertisement immediately Packet description Source: Link-Local address Destination: Multicast address all routers (FF02::2) ICMP type 133 Information Network 1 / 2012 74
Router Advertisement (RA) Routers advertise periodically Max time between advertisement ~ 4 8,000 sec. The advertisement has a lifetime Specifies if stateful or stateless auto-configuration is to be used Packet description Source: Router Link-Local address Destination: All nodes multicast address (FF02::1) Data: prefix, lifetimes, default router, options ICMP type 134 Information Network 1 / 2012 75
Duplicate Address Detection (DAD) Similar to IPv4 ARP self nodes can check whether an address is already in use Packet description Source: Unspecified Destination: Solicited-node multicast address Data: Link-layer address of source Query: please send me your link-layer address ICMP type 135 If no NA is received, address is ok Information Network 1 / 2012 76
Auto-configuration States Stateful Manual IP configuration DHCPv6 configuration Stateless Applies to hosts only (not to routers) No manual configuration required Specifies the prefix, default route, and lifetime RA doesn t specify the DNS servers Assumes interface has unique identifies Assumes multicast capable link Uses Duplicate Address Detection Information Network 1 / 2012 77
Auto-configuration Example Information Network 1 / 2012 78
Auto-configuration Example Information Network 1 / 2012 79
Internet Protocol Security (IPsec) Information Network 1 / 2012 80
IP Security Overview IPSec is not a single protocol IPSec provides a set of security algorithms IPSec provides a general security framework for a pair of communicating entities Across LAN, Private & Public WANs Across Internet Applications of IPSec Secure branch office connectivity over the Internet Secure remote access over the Internet Establishing extranet and intranet connectivity with partners Enhancing electronic commerce security Information Network 1 / 2012 81
IPsec Scenario Information Network 1 / 2012 82
IPsec Services Access Control Connectionless integrity Data origin authentication Rejection of replayed packets Confidentiality (encryption) Limited traffic flow confidentiality Information Network 1 / 2012 83
IPsec Protocols Authentication Header (AH) provide connectionless integrity and data origin authentication for IP datagrams Encapsulating Security Payload (ESP) provides confidentiality services ESP with Authentication Security Associations (SA) provides the bundle of algorithms and data that provide the parameters necessary to operate the AH and ESP operations Information Network 1 / 2012 84
Protocols & Services AH ESP (encryption only) ESP (encryption & authentication) Access control yes yes yes Connectionless integrity Data origin authentication yes yes yes yes Rejection of replay attacks yes yes yes confidentiality no yes yes Limited traffic flow confidentiality no yes yes Information Network 1 / 2012 85
IPsec Modes of Operations Transport IPSec protects IP payload IPSec headers added before IP payload No change in IP header Tunnel IPSec protects total IP packet IPSec headers encapsulates IP packet New IP header is created Information Network 1 / 2012 86
Security Services Protocols Transport Mode SA Tunnel Mode SA AH Authenticates IP payload and selected portions of IP header and IPv6 extension headers Authenticates entire inner IP packet plus selected portions of outer IP header ESP Encrypts IP payload and any IPv6 extesion header Encrypts inner IP packet ESP with authentication Encrypts IP payload and any IPv6 extesion header. Authenticates IP payload but no IP header Encrypts inner IP packet. Authenticates inner IP packet. Information Network 1 / 2012 87
Authentication Header (1) It uses hashing operation to hide packet information It provides connectionless integrity, data authentication, and replay protection Guards against replay attacks Header before applying AH Information Network 1 / 2012 88
Authentication Header (2) Transport Mode (AH Authentication) Tunnel Mode (AH Authentication) Information Network 1 / 2012 89
Encapsulating Security Payload (1) It encrypts the packet s payload with a symmetric key It provides confidentiality, data integrity, data origin authentication, and an anti-replay service Encryption Three-key triple DES RC5 IDEA Three-key triple IDEA CAST Blowfish Authentication HMAC-MD5-96 HMAC-SHA-1-96 Information Network 1 / 2012 90
Encapsulating Security Payload (2) Transport Mode Tunnel Mode Information Network 1 / 2012 91
RFCs IPSec documents: RFC 2401: An overview of security architecture RFC 2402: Description of a packet authentication extension to IPv4 and IPv6 RFC 2406: Description of a packet encryption extension to IPv4 and IPv6 RFC 2408: Specification of key management capabilities Information Network 1 / 2012 92
IPv6 Transition Information Network 1 / 2012 93
Dual Stack Dual stack host can speak both IPv4 and IPv6 Most workstations are IPv6-enabled Application Layer Transport Layer (TCP/UDP) IPv4 IPv6 Network Interface Layer Information Network 1 / 2012 94
Tunneling Connection of IPv6 domains via IPv4 clouds 6to4 the most common IPv6 over IPv4 tunneling protocol Tunnel endpoints must have public IPv4 addresses Teredo encapsulating IPv6 inside IPv4/UDP IPv6/Dual Network IPv4 Core IPv6/Dual Network Generation 6to4 Router Adds v4 header IPv4 Router Forwards as Usual Destination 6to4 router removes IPv4 header Delivery Information Network 1 / 2012 95
Address Translation NAT64 Packet headers are translated according to Stateless IP/ICMP Translation Algorithm (SIIT) IPv6 (address + port) is mapped to IPv4 (address + port) IPv4 is mapped into IPv6 as Pref64::IPv4 Pref64 is an /96 IPv6 address pool Information Network 1 / 2012 96
More Details Many resources available ARIN http://www.getipv6.info/index.php/main_page APNIC RIPE http://www.apnic.net/community/ipv6-program http://www.ripe.net/lir-services/resource-management/numberresources/ipv6 AfriNIC http://www.afrinic.net/ipv6/index.htm LACNIC http://portalipv6.lacnic.net/en Information Network 1 / 2012 97
IPv6 Advantages More efficient address space allocation End-to-end addressing; no NAT anymore Fragmentation only by the source host Routers don t calculate header checksum (speed up) Multicasting instead of broadcasting Built-in security mechanisms Single control protocol (ICMPv6) Auto-configuration etc. Information Network 1 / 2012 98
Assignment 2 Information Network 1 / 2012 99
Network Configuration (1) Goal: To understand the dynamics of IPv6 and to be able to troubleshoot connectivity in an IPv6 network What to do: Download the provided network topology from the link below: http://iplab.naist.jp/class/infon/2012/materials/sample.pkt Configure the IPv6 addresses on the routers in the topology Enable Auto Config in IPv6 of the PCs in the network Test network connectivity by using Neighbor Discovery Protocol Configure the RIPng in the routers Disconnect one link between two routers and test network connectivity again. Observe the communication between the two disconnected routers. Information Network 1 / 2012 100
Network Configuration (2) Essay Briefly explain the following: IPv6 (i.e., addressing and subnetting) Neighbor Discovery protocol Routing RIPng For the last step in the instructions, can the routers still communicate? Answer by yes or no, then explain why. Information Network 1 / 2012 101
Submission Deadline: May 16, 2012 (Wed) at 17:00 JST Compress your Packet Tracer file and essay in one folder with your name and student ID (e.g., DoudouFall1234567.zip) then send it to: network1-2012@is.naist.jp For questions and concerns about the assignment, you may contact the TAs by email (network1-2012@is.naist.jp) or meet them in A307 Internet Engineering Laboratory Information Network 1 / 2012 102