IPv6 Transition Mechanisms

Similar documents
IPv6 Transition Mechanisms

Transition To IPv6 October 2011

Unit 5 - IPv4/ IPv6 Transition Mechanism(8hr) BCT IV/ II Elective - Networking with IPv6

A Border Gateway Protocol 3 (BGP-3) DNS Extensions to Support IP version 6. Path MTU Discovery for IP version 6

Transitioning to IPv6

IPv4/v6 Considerations Ralph Droms Cisco Systems

IPv6 Feature Facts

IPv6 Transitioning. An overview of what s around. Marco Hogewoning Trainer, RIPE NCC

Radware ADC. IPV6 RFCs and Compliance

CCNA Questions/Answers IPv6. Select the valid IPv6 address from given ones. (Choose two) A. FE63::0043::11:21 B :2:11.1 C.

Chapter 15 IPv6 Transition Technologies

Planning for Information Network

IPv6 Addressing. There are three types of IPV6 Addresses. Unicast:Multicast:Anycast

IPv6 in Campus Networks

IPv4-to-IPv6 Transition Strategies

Internet Protocol, Version 6

Practical IPv6 for Windows Administrators

Foreword xxiii Preface xxvii IPv6 Rationale and Features

CSCI-1680 Network Layer:

TCP/IP Protocol Suite

IPv6 Transition Technologies (TechRef)

IPv6 Technical Challenges

MUM Lagos Nigeria Nov 28th IPv6 Demonstration By Mani Raissdana

IPv6 Bootcamp Course (5 Days)

ECE 435 Network Engineering Lecture 14

Cisco IOS IPv6. Cisco IOS IPv6 IPv6 IPv6 service provider IPv6. IPv6. data link IPv6 Cisco IOS IPv6. IPv6

Guide to TCP/IP Fourth Edition. Chapter 11: Deploying IPv6

IPv6 migration challenges and Security

IPv6 tutorial. RedIRIS Miguel Angel Sotos

Mobile IP. rek. Petr Grygárek Petr Grygarek, Advanced Computer Networks Technologies 1

COE IPv6 Roadmap Planning. ZyXEL

Migration to IPv6 from IPv4. Is it necessary?

Avaya Networking IPv6 Using Fabric Connect to ease IPv6 Deployment. Ed Koehler Director DSE Ron Senna SE Avaya Networking Solutions Architecture

IP version 6. The not so new next IP version. dr. C. P. J. Koymans. Informatics Institute University of Amsterdam.

Introduction to IPv6 - II

IPv6 Security (Theory vs Practice) APRICOT 14 Manila, Philippines. Merike Kaeo

OSI Data Link & Network Layer

12.1. IPv6 Feature. The Internet Corporation for Assigned Names and Numbers (ICANN) assigns IPv6 addresses based on the following strategy:

2009/10/01. Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Obsoleted by RFC3596 [7] RFC 1887

Network Configuration Example

Transition to IPv6. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806

IPv6 : Internet Protocol Version 6

History. IPv6 : Internet Protocol Version 6. IPv4 Year-Wise Allocation (/8s)

IPv4 and IPv6 Transition & Coexistence

Category: Standards Track June Mobile IPv6 Support for Dual Stack Hosts and Routers

CS 356: Computer Network Architectures. Lecture 15: DHCP, NAT, and IPv6. [PD] chapter 3.2.7, 3.2.9, 4.1.3, 4.3.3

RMIT University. Data Communication and Net-Centric Computing COSC 1111/2061. Lecture 2. Internetworking IPv4, IPv6

Important RFCs. Guide to TCP/IP: IPv6 and IPv4, 5 th Edition, ISBN

Tunnels. Jean Yves Le Boudec 2015

Advanced Computer Networking. CYBR 230 Jeff Shafer University of the Pacific. IPv6

Tunnels. Jean Yves Le Boudec 2015

IPv6 Neighbor Discovery

IPv6. Internet Technologies and Applications

IPv6 Concepts. Improve router performance Simplify IP header Align to 64 bits Address hierarchy with more levels Simplify routing tables

IPv4/IPv6 Smooth Migration (IVI) Xing Li etc

Implementing Cisco IP Routing

BIG-IP CGNAT: Implementations. Version 13.0

Network Management. IPv6 Bootcamp. Zhiyi Huang University of Otago

Networking: Network layer

Configuring IPv6 basics

Chapter 7: IP Addressing CCENT Routing and Switching Introduction to Networks v6.0

Data Center Configuration. 1. Configuring VXLAN

IPv6 Deployment at the University of Pennsylvania

Tik Network Application Frameworks. IPv6. Pekka Nikander Professor (acting) / Chief Scientist HUT/TML / Ericsson Research NomadicLab

Transition Strategies from IPv4 to IPv6: The case of GRNET

Introduction to IPv6

DHCPv6 Overview 1. DHCPv6 Server Configuration 1

Mobile IP and its trends for changing from IPv4 to IPv6

"Charting the Course... IPv6 Bootcamp Course. Course Summary

PRACTICAL IPV6 DEPLOYMENT FOR THE MASS MARKET

IPv6 Next generation IP

IPv6 Rapid Deployment (6rd) in broadband networks. Allen Huotari Technical Leader June 14, 2010 NANOG49 San Francisco, CA

The OSI model of network communications

IPv6: An Introduction

Federal Agencies and the Transition to IPv6

IPv4 Care-of Address Registration for IPv4 Support on the NEMO Basic Support Protocol

ETSF05/ETSF10 Internet Protocols Network Layer Protocols

R. van Rein OpenFortress November A Comparison of IPv6-over-IPv4 Tunnel Mechanisms

IPv6. Copyright 2017 NTT corp. All Rights Reserved. 1

Internet of Things (IOT) Things that you do not know about IOT

Virtual Private Networks Advanced Technologies

OSI Data Link & Network Layer

Advanced Computer Networking (ACN)

IPv6 Neighbor Discovery

OSI Data Link & Network Layer

Host-based Translation Problem Statement.

IPv6 Client IP Address Learning

Index Terms- IPv4, IPv6

Lecture Computer Networks

The link-local prefix ff00::/8 specifies any addresses which are used only in software.

BIG-IP CGNAT: Implementations. Version 12.1

Internet Control Message Protocol

Table of Contents. Mid-Term Report: Issues in Migration from IPv4 to IPv6 By Ayaz-ul-Hassan Khan ( )

APNIC Training. IPv6 Essentials

Patrick Grossetete Cisco Systems Cisco IOS IPv6 Product Manager 2003, Cisco Systems, Inc. All rights reserved.

Configuring IPv6 PDP Support on the GGSN

Mapping of Address and Port (MAP) an ISPs Perspective. E. Jordan Gottlieb Principal Engineer Charter Communications

Introduction to IPv6. Stig Venaas, UNINETT /18/2001

Organization of Product Documentation... xi

Securizarea Calculatoarelor și a Rețelelor 32. Tehnologia MPLS VPN

Transcription:

IPv6 Transition Mechanisms Petr Grygárek rek 1

IPv6 and IPv4 Coexistence Expected to co-exist together for many years Some IPv4 devices may exist forever Slow(?) transition of (part of?) networks to IPv6 depends on tangible benefits for users IPv4 address range may be treated as a subset of IPv6 range but payload transition has to be translated somehow 2

Large address space Motivation for IPv6 transition (1) IPv4 address pool is depleted in some RIRs Anybody can have (almost) as many GLOBAL UNIQUE addresses as he wants Interesting for mobile devices manafacturers, telco operators and last mile Internet access providers Should eliminate overlapping private networks forever BUT: is current address allocation scheme effective? remember beginnings of IPv4 ;-) Avoidance of NAT universal connectivity, no need of provider's NAT44-like solutions etc. BUT: Some customers love their NAT 3

Motivation for IPv6 transition (2) New attractive features Mobility, multiple-address support,... Enhanced security Built-in directly into protocol specification BUT: Not supported by all IPv6 protocol stack implementations 4

Demotivation for IPv6 transition (1) From customer's applications point of view, no direct benefit for users but implementation may bring problems and network outages ;-) Many new mechanisms developed for IPv6 are available in IPv4 also now IPSec, IP Mobile, Transition is not easy for ISP, but is much complicated for service hosting company Many different platforms involved 5

Demotivation for IPv6 transition (2) IPv6 tends to solve many IPv4 problems (both existing and hypotetical) => complicated Not all security risks are guaranteed to be be well understood now IPv6 specifications and address assignment policies are still changing 6

Typical IPv4 and IPv6 interactions IPv4 and IPv6 in parallel Dual stack, no true interoperability Bridging over other protocol domains 6 islands over 4 backbone 6 hosts over 4 networknteroperability Full application connectivity between 6 and 4 hosts (6-4 payload translation) 7

Interoperability Options Dual-stack hosts Applications and DNS resolver have to support both protocols also Tunneling Network-to-network basis Host-to-network, host-to-host Does not bring universal interoperability Protocol translation (NAT-PT, NAT64+DNS64) includes DNS manipulation Promising but most problematic 8

Basic Interoperability Tools Dual stack most commonly one hybrid stack Tunnelling Protocol translator AFT address-family translator 9

6 in 4 Tunnelling mechanisms protocol 41 in IPv4 header 4 in 6 various options are attractive for ISPs Static tunneling manual configuration virtual interfaces and virtual links Dynamic tunneling Stateful tunnel interface created Stateless per-packet encapsulation 6to4, Teredo,... 10

Tunnel Servers Automated explicit tunnel interface configuration Tunnel server is a router connected to both IPv4 and IPv6 network platform has to support lot of tunnel interfaces Creates tunnel interfaces on IPv4 side according to previous registrations WWW interface Tunnel Setup Protocol (TSP) experimental, www.freenet6.net protocol messages in XML SASL authentication Commonly separate Tunnel Broker that controls multiple Tunnel Servers Tunnel broker generates config script for remote client 11

6 to 4 (RFC 3056) communication of IPv6 islands over IPv4 backbone Most used automatic tunneling mechanism Islands IPv6 address ranges are derived from gateway s IPv4 address 2002::/16 + 32 bit of 6to4 router s IPv4 address 6to4 router advertises 2002://16 prefix to IPv6 island Automatic (stateless) packet tunneling encapsulation to IPv4 packet with address obtained from 6to4 destination address Reverse DNS has to be solved Registrations may be accomplished on https://6to4.nro.net Verification by client s source address 12

6to4 to native-ipv6 communication Relay router IPv6->6to4 One native IPv6 interface One 6to4 interface Relay router(s) advertise 2002://16 prefix to IPv6 world 6to4->IPv6 Address of gateway to IPv6 native world needed (in 6to4 format) BGP Dedicated anycast prefix for all 6to4 relay routers 13

6over4 (RFC 2529) Allows separate computers with IPv4 connectivity only to participate on IPv6 Computers have to support both IPv4 and IPv6 Utilizes IPv4 as virtual link layer Packets are tunneled to 6over4 gateway (router) connected to both IPv4 and native IPv6 Neighbor discovery used for mapping of IPv6 addresses to IPv4 Because of ND procedures, IPv4 infrastructure has to support multicast IPv6 multicast group *.X.Y mapped to 239.192.X.Y 14

Inter-Site Automatic Tunnel Addressing Protocol (ISATAP) (1) Similar to 6over4 but does not require multicasting in IPv4 infrastructure Used in IPv4 customer networks Utilizes 6to4 to communicate with other IPv6 islands Device s IPv6 address contains its IPv4 address <site_ipv6_prefix>:0000:5efe:<ipv4_address> Automatic stateless encapsulation/tunneling 15

Inter-Site Automatic Tunnel Addressing Protocol (ISATAP) (2) Neighbor discovery does not use multicasting IPv4 address encapsulated in IPv6 address Autoconfiguration and obtaining of default gateway has to be solved Explicit configuration of Potential Router List Manual configuration, DHCPv4, DNS Unicast Router Solicitations/ Advertisements 16

Teredo For IPv6 clients connected to IPv4 network through NAT Provides mechanism to communicate in both directions over NAT Communication has to be initiated from NAT inside and NAT table entry maintained Supports only cone and restricted NAT, not symmetric NAT Uses UDP-IPv4 encapsulation 17

Cone NAT NAT Implementations Assigns single address/port to client Any packet from outside to client s address/port is passed to the client (regardless of the source) Restricted NAT Only packets from addresses/ports contacted previously by client are allowed to pass in Symmetric NAT Assigns various addresses/ports to client for communication with different destinations Behaves as Restricted NAT in other aspects 18

Teredo IPv6 Addressess Network prefix (assigned by server) 2001::/32 Teredo prefix Teredo server IPv4 address (32b) Interface ID (constructed by client) Flags type of NAT type of NAT is tested during client registration ( qualification procedure ) Client s NAT outside address + port Obtained from Teredo server during qualification procedure Unicasted router solicitation/advertisement 19

Teredo servers Located in public Internet Connections to both IPv4 and IPv6 world Addresses configured manually on Teredo clients Serves as relays between Teredo clients behind NATs 20

Communication between Teredo clients Cone NAT: direct communication Restricted NAT: bubbles (empty messages) used to create translation entries in source s and destination s NATs Source->destination => (bidirectional) entry in source s NAT Source->Teredo server->destination Instruct destination to send bubble to source => (bidirectional) entry in destination s NAT Direct communication may follow 21

Relaying from Teredo client to non-teredo address Procedure defined to obtain Relay server address from Teredo server Advertises Teredo prefix (2001::/32) to native IPv6 world 22

NAT-Protocol Translation Client 4 server 6: Uses DNS reply manipulation AAAA A Pool of inside (private) IPv4 addresses on NAT/PT box used to replace AAAA destination IPv6 address Assigned inside address translated to selected address from pool of outside (global) IPv6 addresses on NAT-PT box Single global IPv6 address may be also PAT-ted for L4 protocols IP Packet payload translated on NAT-PT box Client 6 server 4 IPv4 address space may be considered subset of IPv6 address space 23

NAT64+DNS64 Connections may be established only from IPv6 to IPv4 Uses local dedicated 96b prefix for all IPv4 addresses in IPv6 networks Appended with IPv4 address Stateless unique address mapping Outgoing traffic routed normally to translator IPv6 NAT address is dynamically allocated for 1st sender s packet 24

DNS64 Client asks for AAAA For IPv4 servers, only A is present Has to be mapped to AAAA Fictive IPv4 address that directs to translator is placed into DNS reply Manipulated DNS replies are marked 25

IPv6 Rapid Deployment 6rd (RFC 5569) IPv6 over ISP's IPv4 environment Derived from 6to4 ISP uses some of his prefixes instead of 2002::/16, so that all 6rd hosts are reachable behind this prefix No problem with 6to4 GW selection, asymmetric routing, propagation of 2002::/16 prefix to IPv6-only world,... IPv4 address encoded in IPv6 address Common IPv4-prefix may be omitted without it, only /64s can be assigned as LIRs normally obtain /32 from RIR 26

Dual Stack (DS) Lite IPv4 tunneled over IPv6-only last-mile infra ISP IPv4 NAT on packets decapsulated from IPv6 27

Other Migration Issues 28

Other 4-to-6 transition problems (1) Many older routers are NOT IPv6-enabled IPv6 support is often suboptimal Partial implementation Not hardware-accelerated => CPU load Many existing user devices are NOT IPv6-enabled nor upgradable to IPv6 IP phones, industry automation,... Some of them will NEVER be IPv6 support required even in switches MLD snooping, DHCP snooping, ARP snooping Reasonable multicast processing is now a MUST 29

Other 4-to-6 transition problems (2) Not complete IPv6 implementation in supporting infrastructure AAA RADIUS implementations etc. Some DNS/DDNS server implementations Management infrastructure implementation SNMP, Netconf, Syslog,... Firewalls, VPN gateways Often only partial L7 inspection support on IPv6 IP Telephony devices Special devices Content filters, load balancers, WLAN controllers,... 30

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback