IRT0030 ANDMESIDE LOENG 4. Indrek Rokk

Similar documents
IPv6 Protocol Architecture

IPv6 Neighbor Discovery

IPv6 Protocol & Structure. npnog Dec, 2017 Chitwan, NEPAL

Rocky Mountain IPv6 Summit April 9, 2008

IPv6 Neighbor Discovery

TCP/IP Protocol Suite

Introduction to IPv6

Operation Manual IPv6 H3C S3610&S5510 Series Ethernet Switches Table of Contents. Table of Contents

IPv6 Neighbor Discovery

IPv6 Protocols and Networks Hadassah College Spring 2018 Wireless Dr. Martin Land

IPv6 Associated Protocols. Athanassios Liakopoulos 6DEPLOY IPv6 Training, Skopje, June 2011

Introduction to IPv6 - II

Configuring IPv6 basics

Guide to TCP/IP Fourth Edition. Chapter 6: Neighbor Discovery in IPv6

Configuring IPv6 for Gigabit Ethernet Interfaces

IPv6. IPv4 & IPv6 Header Comparison. Types of IPv6 Addresses. IPv6 Address Scope. IPv6 Header. IPv4 Header. Link-Local

Lecture Computer Networks

Configuring IPv6. Information About IPv6. Send document comments to CHAPTER

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1

Internet Control Message Protocol

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1

Planning for Information Network

Table of Contents 1 IPv6 Basics Configuration 1-1

Foreword xxiii Preface xxvii IPv6 Rationale and Features

IPv6: An Introduction

IPv6 Protocols & Standards. ISP/IXP Workshops

Chapter 7: IP Addressing CCENT Routing and Switching Introduction to Networks v6.0

ISO 9001:2008. Pankaj Kumar Dir, TEC, DOT

IPv6 Client IP Address Learning

Network layer: Overview. Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing

Network layer: Overview. Network Layer Functions

OSI Data Link & Network Layer

IPv6 ND Configuration Example

The IPv6 Protocol & IPv6 Standards

IPv6 Stateless Autoconfiguration

Internet Protocol, Version 6

IPv6 Protocols & Standards

Athanassios Liakopoulos

IPv6 Concepts. Improve router performance Simplify IP header Align to 64 bits Address hierarchy with more levels Simplify routing tables

Workshop on Scientific Applications for the Internet of Things (IoT) March

IPv6 Feature Facts

ODL Summit Bangalore - Nov 2016 IPv6 Design in OpenDaylight

IPv6 associated protocols

CSCI-1680 Network Layer:

Setup. Grab a vncviewer like: Or

On Distributed Communications, Rand Report RM-3420-PR, Paul Baran, August 1964

Internet Protocol v6.

Radware ADC. IPV6 RFCs and Compliance

IPv6 Next generation IP

IP - The Internet Protocol. Based on the slides of Dr. Jorg Liebeherr, University of Virginia

Remember Extension Headers?

Step 2. Manual configuration of global unicast and link-local addresses

TSIN02 - Internetworking

Last time. Network layer. Introduction. Virtual circuit vs. datagram details. IP: the Internet Protocol. forwarding vs. routing

Transitioning to IPv6

IPv6 address configuration and local operation

IPv6 Neighbor Discovery

ETSF05/ETSF10 Internet Protocols Network Layer Protocols

Introduction to IPv6. IPv6 addresses

IPv6 Configuration Commands

DHCPv6 Overview 1. DHCPv6 Server Configuration 1

IPv6. (Internet Protocol version 6)

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

TD#RNG#2# B.Stévant#

Step 2. Manual configuration of global unicast and link-local addresses

The Netwok Layer IPv4 and IPv6 Part 2

IPv4 and IPv6 Commands

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12

Network Layer (4): ICMP

IPv6 Protocol. Does it solve all the security problems of IPv4? Franjo Majstor EMEA Consulting Engineer Cisco Systems, Inc.

On Distributed Communications, Rand Report RM-3420-PR, Paul Baran, August

Operational Security Capabilities for IP Network Infrastructure

Understanding IPv6 BRKRST Cisco Public BRKRST Cisco and/or its affiliates. All rights reserved.

OSI Data Link & Network Layer

DNS, DHCP and Auto- Configuration. IPv6 Training Day 18 th September 2012 Philip Smith APNIC

Aeronautical Systems Center

Outline. IP Address. IP Address. The Internet Protocol. o Hostname & IP Address. o The Address

Tutorial: IPv6 Technology Overview Part II

Network Layer: Internet Protocol

Organization of Product Documentation... xi

Internet Protocols (chapter 18)

IPv6 Bootcamp Course (5 Days)

Computer Networks ICS 651. IP Routing RIP OSPF BGP MPLS Internet Control Message Protocol IP Path MTU Discovery

An IPv6 unicast address is an identifier for a single interface, on a single node. A packet that is sent to a unicast

Understanding IPv6. Shannon McFarland CCIE #5245 Principal Engineer. #clmel BRKRST-1069

Advanced Computer Networking. CYBR 230 Jeff Shafer University of the Pacific. IPv6

OSI Data Link & Network Layer

HPE ArubaOS-Switch IPv6 Configuration Guide YA/YB.16.02

CPSC 826 Internetworking. The Network Layer: Routing & Addressing Outline. The Network Layer

HP FlexFabric 5930 Switch Series

IP Protocols. ALTTC/Oct

Avaya Networking IPv6 Using Fabric Connect to ease IPv6 Deployment. Ed Koehler Director DSE Ron Senna SE Avaya Networking Solutions Architecture

IPv6 Neighbor Discovery

FiberstoreOS IPv6 Service Configuration Guide

Network Management. IPv6 Bootcamp. Zhiyi Huang University of Otago

Configuring IPv6 First-Hop Security

Index Terms- IPv4, IPv6

Subnet Masks. Address Boundaries. Address Assignment. Host. Net. Host. Subnet Mask. Non-contiguous masks. To Administrator. Outside the network

Acknowledgments. Part One - Introduction to the TCP/IP Protocol

Transcription:

IRT0030 ANDMESIDE LOENG 4 Indrek Rokk

IPv6 Technology Scope 2

3 IPv6 pakett Etherneti paketi sees Etherneti paketis päis Type IPv4 0x0800 IPv6 0x86DD ARP 0x0806

IPv6 paketi struktuur 4

IPv4 and IPv6 Header Comparison 5

Päis 6

7 IPv6 päis Hop Limit = 8-bit value Decreased by one every IPv6 hop (IPv4 TTL counter) Source address = 128-bit value Destination address = 128-bit value

8 IPv6 päis Fikseeritud pikkus 40 baiti Version = 4-bit value set to 6 Traffic Class = 8-bit value Replaces IPv4 TOS field Flow Label = 20-bit value Payload Length = 16-bit value The size of the rest of the IPv6 packet following the header - replaces IPv4 Total Length Next Header = 8-bit value Replaces IPv4 Protocol, and indicates type of next header

9 Fragmentation fields moved out of base header IP options moved out of base header Header Checksum eliminated Header Length field eliminated Length field excludes IPv6 header

10 Extension Headers Multiple extension headers (called a chain) may be included in an IPv6 packet. The number of extension headers is not fixed, so the total length of the extension header chain is variable. The destination node examines the first extension header (if any). The contents determine whether or not the node should examine the next header. Therefore, extension headers must be processed in the order they appear in the packet.

11 IPv6 extension headers IPv6 erinevad variandid-võimalused lisa päistega Defineeritud 6 päise tüüpi: Hop-by-hop options header (0) Routing header (43) Fragment header (44) Destination options header (60) Authentication header (51) Encrypted security payload header (50) Teised ülemised kihi TCP (6) UDP (17) ICMPv6 (58)

12 Extension Headerite töötlemine Ülemise kihi aadressi leidmine ei ole lihtne Jäta vahele tundud päised Kuni leitakse tuntud 4 kihi päis Või tundmatu päis/4. kihi päis

MTU Discovery IPv6 routers no longer perform fragmentation. A discovery process is used to determine the optimum MTU to use during a given session. In this discovery process, the source IPv6 device attempts to send a packet at the size that is specified by the upper IP layers, for example, the transport and application layers. If the device receives an Internet Control Message Protocol (ICMP) packet too big message, it retransmits the MTU discover packet with a smaller MTU; this process is repeated until the device receives a response that the discover packet arrived intact. The device then sets the MTU for the session. 13

New IPv6 Features Prefix renumbering IPv6 allows simplified mechanisms for address and prefix renumbering. Multiple addresses per interface An IPv6 interface can have multiple addresses. Link-local addresses IPv6 link-local addresses are used as the next hop when IGPs are exchanging routing updates. Stateless autoconfiguration: DHCP is not required because an IPv6 device can automatically assign itself a unique IPv6 link-local address. Provider-dependent or provider-independent addressing 14

15 Required host IPv6 addresses Each host must assign the following addresses to identify itself: Its link-local address for each interface Any assigned unicast addresses The loopback address The all-nodes multicast address Solicited-node multicast address for each assigned unicast or anycast address Multicast addresses for all other group memberships

Multiple IP Addresses per Interface An interface can have multiple IPv6 addresses simultaneously configured and enabled on it. However, it must have a link-local address. Typically, an interface is assigned a link-local and one (or more) global IPv6 address. For example, an Ethernet interface can have: Link-local address Global unicast address (e.g., FE80::21B:D5FF:FE5B:A408) (e.g., 2001:8:85A3:4289:21B:D5FF:FE5B:A408) Note: An interface could also be configured to simultaneously support IPv4 and IPv6 addresses. This creates a dual-stacked interface which is discussed later. 16

17 Anycast Anycast allows a source node to transmit IP datagrams to a single destination node out of a group destination nodes with same subnet id based on the routing metrics Only routers should respond to anycast addresses Routers along the path to the destination just process the packets based on network prefix Routers configured to respond to anycast packets will do so when they receive a packet send to the anycast address

18 Anycast on the Internet A global unicast address is assigned to all nodes which need to respond to a service being offered This address is routed as part of its parent address block The responding node is the one which is closest to the requesting node according to the routing protocol Each anycast node looks identical to the other

19 Anycast on the Internet Applicable within an ASN, or globally across the Internet Typical (IPv4) examples today include: Root DNS and cctld/gtld nameservers SMTP relays and DNS resolvers within ISP autonomous systems

20 IPv6 anycast Anycast addresses are allocated from the unicast address space, using any of the defined unicast address formats. Thus, anycast addresses are syntactically indistinguishable from unicast addresses. When a unicast address is assigned to more than one interface, thus turning it into an anycast address, the nodes to which the address is assigned must be explicitly configured to know that it is an anycast address. RFC4291

21 IPv6 anycast - Subnet-Router anycast n bits 128-n bits +---------------+----------------+ subnet prefix 00000000000000 +---------------+----------------+ The "subnet prefix" in an anycast address is the prefix that identifies a specific link. This anycast address is syntactically the same as a unicast address for an interface on the link with the interface identifier set to zero. The Subnet-Router anycast address is intended to be used for applications where a node needs to communicate with any one of the set of routers.

IPv6 Link-Local Address Link-local addresses are used for automatic address configuration, neighbor discovery, router discovery, and by many routing protocols. They are dynamically created using a link-local prefix of FE80::/10 and a 64-bit interface identifier. Unique only on the link, and it is not routable off the link. 22 128 bits /10 /64 FE80 1111 1110 1000 0000 0000 0000... 0000 0000 0000 Interface ID FE80::/10

23 IPv6 Link-Local Address Link-local packets are unique only on the link, and are not routable off the link. Packets with a link-local destination must stay on the link where they have been generated. Routers that could forward them to other links are not allowed to do so because there has been no verification of uniqueness outside the context of the origin link. When communicating with a link-local address, the outgoing interface must be specified because every interface is connected to FE80::/10. For example, if you ping the neighbor s link-local address, you will be asked to input the interface from which you wish to ping.

24 IPv6 Address Allocation The allocation process is: The IANA is allocating out of 2000::/3 for initial IPv6 unicast use Each registry gets a /12 prefix from the IANA Registry allocates a /32 prefix (or larger) to an IPv6 ISP Policy is that an ISP allocates a /48 prefix to each end customer

25 Harjutus Aadress 2000:db8:aaaa:fc:50a5:8a35:a5bb:66e1/64 Küsimused Interface ID Subnet prefix Site prefix ISP prefix ISP prefix kahendkoodis Registry number Registry number kahendkoodis

26 Harjutus - vastus Aadress 2000:db8:aaaa:fc:50a5:8a35:a5bb:66e1/64 Küsimused Interface ID Subnet prefix Site prefix ISP prefix - 50a5:8a35:a5bb:66e1 - fc - aaaa - b8 ISP prefix kahendkoodis - 1011 1000 Registry number - 00d Registry number kahendkoodis - 0000 0000 1100 NB! Vasus osaliselt vale. Vaadake järgmise loengu slaide.

Dynamic Configuration of a Global Unicast Address using SLACC 27 Stateless Address Autoconfiguraton (SLAAC) A method that allows a device to obtain its prefix, prefix length and default gateway from an IPv6 router No DHCPv6 server needed Rely on ICMPv6 Router Advertisement (RA) messages IPv6 routers Forwards IPv6 packets between networks Can be configured with static routes or a dynamic IPv6 routing protocol Sends ICMPv6 RA messages

Stateless Autoconfiguration A R1 ICMP type: 133 (RS) Source: :: Destination: All routers multicast address (FF02::2) Query: Please send RA Every IPv6 system (other than routers) is able to build its own unicast global address. Enables new devices (e.g., cellular phones, wireless devices, home appliances, and home networks) to easily connect to the Internet. Stateless autoconfiguration uses the information in RA messages to configure hosts automatically. RAs are sent periodically, but a node can send out RS messages when it boots so that it doesn t have to wait for the next RA.

Stateless Autoconfiguration A R1 ICMP type: 134 (RA) Source: R1 link-local address Destination: All nodes multicast address (FF02::1) Data: Options, prefixes, lifetime, All routers on the network reply to the RS immediately, with an RA sent to the all-nodes multicast address. The prefix included in the RA is used as the /64 prefix for the host address. The interface ID used is the EUI-64 format interface ID.

Stateless Autoconfiguration A B ICMP type: 135 (NS) Source: :: Destination: Solicited-node address of A Data: Link-layer address of A Query: What is your link-layer address? The host now creates a link-local address and solicited-node address using the RA supplied by the router. Next it needs to verify that it s new IPv6 address is unique on the link using the Duplicate Address Detection (DAD) process. DAD is used during the autoconfiguration process to ensure that no other device is using the autoconfiguration address. During the DAD phase, Host A sends an NS to query if another node on the link has the same IPv6 address. If a node responds to the request, it means that the IPv6 address is already in use, and Host A needs to be manually configured.

31 Dynamic Configuration of a Global Unicast Address using SLAAC RA message can contain one of the following three options SLAAC Only use the information contained in the RA message SLAAC and DHCPv6 use the information contained in the RA message and get other information from the DHCPv6 server, stateless DHCPv6 (example: DNS) DHCPv6 only device should not use the information in the RA, stateful DHCPv6 Routers send ICMPv6 RA messages using the link-local address as the source IPv6 address

Dynamic Configuration of a Global Unicast Address using SLACC 32

33 Dynamic Configuration of a Global Unicast Address using DHCPv6 Dynamic Host Configuration Protocol for IPv6 (DHCPv6) Similar to IPv4 Automatically receive addressing information including a global unicast address, prefix length, default gateway address and the addresses of DNS servers using the services of a DHCPv6 server Device may receive all or some of its IPv6 addressing information from a DHCPv6 server depending upon whether option 2 (SLAAC and DHCPv6) or option 3 (DHCPv6 only) is specified in the ICMPv6 RA message Host may choose to ignore whatever is in the router s RA message and obtain its IPv6 address and other information directly from a DHCPv6 server.

Dynamic Configuration of a Global Unicast Address using DHCPv6 34

Solicited-Node Multicast Addresses The solicited-node multicast address (FF02::1:FF) is used for: Neighbor discovery (ND) process Stateless address autoconfiguration The Neighbor discovery (ND) process is used to: Determine the local-link address of the neighbor. Determine the routers on the link and default route. Actively keep track of neighbor reachability. Send network information from routers to hosts 35

36 Neighbor Solicitation Example A B ICMP type: 135 (NS) Source: A Destination: Solicited-node multicast of B (FF02::1:FFxx.xxxx) Data: Link-layer address of A Query: What is your local-link address? ICMPv6 Neighbor Solicitation (NS) is similar to IPv4 ARP in that it is used when resolving an IPv6 address to a MAC address. For example, Host A needs to send a packet to Host B but needs the MAC address of host B. Host A sends a Neighbor Solicitation (ICMPv6 message type 135) on the link. The source address is the IPv6 address of the source node.

37 Neighbor Advertisement Example A B ICMP type: 136 (NA) Source: B Destination: A Data: Link-layer address of B Each destination node that receives the NS responds with an ICMPv6 message type 136, NA. The source address of this message is the IPv6 address of the responding node, and the destination address is the IPv6 address of the original source node (which sent the NS). The data portion includes the link-layer address of the destination node (even though the link-layer address is of course also included in the frame).

38 Solicited-Node Multicast Addresses A B A and B can now exchange packets on this link. The two devices can now communicate on the link because they know each other s link-layer addresses.

Solicited-Node Multicast Address Example 2001:DB8::500:AAAA:BBBB 39 2001:DB8::500:1234:5678 R2 R1 2001:DB8::501:AAAA:BBBB When R1 desires to exchange packets with R2, R1 sends an NS message to the solicited-node multicast address of R2, (FF02::1:FFAA:BBBB). Along with other data, the NS message contains the target address which is the full IPv6 address that R1 is looking for (2001:DB8::500:AAAA:BBBB). R3

Solicited-Node Multicast Address Example 2001:DB8::500:AAAA:BBBB 40 2001:DB8::500:1234:5678 R2 R1 2001:DB8::501:AAAA:BBBB Both R2 and R3 are listening to the same solicited-node multicast address (FF02::1:FFAA:BBBB)., so they both receive and process the packet. R2 sees that the target address inside the packet is its own and responds with a neighbor advertisement (NA) that includes its MAC address. R3 sees that the target address inside the packet is not its own and does not respond. R3

Solicited-Node Multicast Address Example 2001:DB8::500:AAAA:BBBB 41 2001:DB8::500:1234:5678 R2 R1 2001:DB8::501:AAAA:BBBB What would happen if R1 wanted to exchange packets with R2? In this case R2 and R3 would have the same solicited-node multicast address of FF02::1:FFAA:BBBB. Recall that a solicited-node address is FF02::1:FFxx.xxxx where the xx:xxxx is the far right 24 bits of the corresponding unicast or anycast address of the node. R3

Neighbor Discovery ICMPv6 Packet Types Neighbor Discovery uses four ICMPv6 packet types: Neighbor Solicitation and Neighbor Advertisement messages Router Solicitation and Router Advertisement messages ICMPv6 Message Type Description 42 Neighbor Solicitation (NS) Neighbor Advertisement (NA) Router Advertisement (RA) Router Solicitation (RS) 135 Sent by a host to determine the link-layer address of a neighbor. Used to verify that a neighbor is still reachable. An NS is also used for Duplicate Address Detection (DAD). 136 A response to a NS message. A node may also send unsolicited NA to announce a link-layer address change. 134 RAs contain prefixes that are used for on-link determination or address configuration, a suggested hop limit value, MTU value, etc. RAs are sent either periodically, or in response to a RS message. 133 When a host is booting it send s out an RS requesting routers to immediately generate an RA rather than wait for their next scheduled time.

43 IPv6 Auto-Configuration Renumbering Hosts renumbering is done by modifying the RA to announce the old prefix with a short lifetime and the new prefix Router renumbering protocol (RFC2894), to allow domain-interior routers to learn of prefix introduction / withdrawal

44 Renumbering Router sends router advertisement (RA) This includes the new prefix and default route (and remaining lifetime of the old address) PC configures a new IPv6 address by concatenating prefix received with its EUI-64 address Attaches lifetime to old address

45 ICMP - Internet Control Message Protocol Tuntuim näide Ping ping -c 5 rasi.lr.ttu.ee ping -t 1 rasi.lr.ttu.ee ping -i 5 rasi.lr.ttu.ee ping -s 100 rasi.lr.ttu.ee ping -s 2000 -f earl.itcollege.ee

46 Millal ping ei sobi Tulemüüris ära keelatud kuskil Ping paketile madalam prioriteet Eriti oluline QoS sõltuva liikluse korral Teenuse toimimise mõõtmiseks ühendus vastavasse porti Näide www.microsoft.com HPING3 hping3 -p 80 -c 2 -S www.microsoft.com

47 ICMP protokolli tüübid TYPE Description 0 Echo Reply 3 Destination Unreachable 4 Source Quench 5 Redirect Message 8 Echo Request 11 Time Exceeded 12 Parameter Problem

48 Destination Unreachable Koodid (1) Value Description 0 Network Unreachable 1 Host Unreachable 2 Protocol Unreachable 3 Port Unreachable 4 Fragmentation needed and DF (Don't Fragment) set 5 Source route failed 6 Destination Network unknown 7 Destination Host unknown 8 Source Host isolated Ei kasutata enam

49 Destination Unreachable Koodid (2) Value Description 9 Communication with Destination Network Administratively Prohibited Used by U.S military agencies 10 Communication with Destination Host Administratively Prohibited Used by U.S military agencies 11 Network Unreachable for Type Of Service 12 Host Unreachable for Type Of Service 13 Communication Administratively Prohibited by Filtering 14 Host Precedence Violation 15 Precedence Cutoff in Effect

ICMP Message Formats 50

IP marsruutimine 51

52 Routing versus Forwarding Routing = building maps and giving directions Forwarding = moving packets between interfaces according to the directions

53 IP Routing finding the path Path derived from information received from a routing protocol Several alternative paths may exist best path stored in forwarding table Decisions are updated periodically or as topology changes (event driven) Decisions are based on: topology, policies and metrics (hop count, filtering, delay, bandwidth, etc.)

54 IP route lookup Based on destination IP address longest match routing More specific prefix preferred over less specific prefix Example: packet with destination of 10.1.1.1/32 is sent to the router announcing 10.1/16 rather than the router announcing 10/8

55

56

57 Routing Tables Feed the Forwarding Table

58 RIBs and FIBs FIB is the Forwarding Table It contains destinations and the interfaces to get to those destinations Used by the router to figure out where to send the packet Careful! Some people call this a route! RIB is the Routing Table It contains a list of all the destinations and the various next hops used to get to those destinations and lots of other information too! One destination can have lots of possible next-hops only the best next-hop goes into the FIB

59 Router as a Computer Routers use destination IP address to forward packets The path a packet takes is determined after a router consults information in the routing table. After router determines the best path Packet is encapsulated into a frame Frame is then placed on network medium

Router as a Computer 60

61 Routing Table Structure Routing Table is stored in ram and contains information about: Directly connected networks - this occurs when a device is connected to another router interface Remotely connected networks - this is a network that is not directly connected to a particular router Detailed information about the networks include source of information, network address & subnet mask, and IP address of next-hop router

62 Routing Table Structure When to use static routes -When network only consists of a few routers -Network is connected to internet only through one ISP

63 Static Routes with Exit Interfaces Purpose of a static route A manually configured route used when routing from a network to a stub network

64 IPv6 aadressruumi planeerimisest Preparing an IPv6 Addressing Plan http://labs.ripe.net/members/steffann/preparing-an-ipv6- addressing-plan

65 Lisalugemist Deploying IPv6 - practical problems from the campus perspective https://tnc2012.terena.org/core/presentation/49

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback