View
253
Download
1
Category
Preview:
Citation preview
IPv6 技術理論與實務研習班 IPv6 Addressing
2
Ipv6
技術理論與實務研習班2
Content IntroductionIntroduction IPv6 AddressingIPv6 Addressing IPv6 HeaderIPv6 Header ICMPv6ICMPv6 Neighbor DiscoveryNeighbor Discovery Address AutoconfigurationAddress Autoconfiguration Addressing Allocation Addressing Allocation
PolicyPolicy Global IPv6 actionsGlobal IPv6 actions
3
Ipv6
技術理論與實務研習班3
Content IntroductionIntroduction IPv6 AddressingIPv6 Addressing IPv6 HeaderIPv6 Header ICMPv6ICMPv6 Neighbor DiscoveryNeighbor Discovery Address AutoconfigurationAddress Autoconfiguration Addressing Allocation Addressing Allocation
PolicyPolicy Global IPv6 actionsGlobal IPv6 actions
4
Ipv6
技術理論與實務研習班4
IPv4 定址 IPv4 以 32bit 來做定址空間 共四十億個 IPv4 位址可用 IPv4 位址表示方式為 xxx.xxx.xxx.xxx 例如 211.72.211.
1 IPv4 定址架構 (classfull) 如下
– 001 - 126 = Class A – 128 - 191 = Class B– 192 - 223 = Class C– 224 - 239 = Class D– 240 - 254 = Class E
5
Ipv6
技術理論與實務研習班5
Problems with IPv4(1/2) Address depletion/ exhaustion and its
implications – NAT (Network Address Translation)– CIDR
IPv4 address allocation rate
6
Ipv6
技術理論與實務研習班6
Problems with IPv4(1/2)
Scaling problems with Inter- domain routing– CIDR (Classless Inter-Domain Routing)
Manual configuration required– DHCP (Dynamic Host Configuration Protocol)
Multicast, Security, Quality of Service and Mobility– IP multicast, IPSec, DiffServ and IP mobility
Header and format limitations that limit future flexibility
7
Ipv6
技術理論與實務研習班7
NAT Network Address Translation allows a site to use
private addresses behind a NAT gateway/ firewall when communicating locally,
and then automatically get a global IPv4 address assigned from a smaller pool when needed for Internet communication,
which requires changing the IPv4 header’s source address on the fly, which has a few problems...
8
Ipv6
技術理論與實務研習班8
Potential IPv6 Services Broadband Access Subscribers
– 95% FTTH coverage by 2008– 6 millions by 2008
3G and WLAN Services – 3G services to be launched in 4Q 2003– Public Hotspots deployment plan to make
Taiwan a “Wireless Island Home network and IA Services
– e-Taiwan Projects will catalyze the development of home & IA
1. More IP addresses will be consumed 2. More advanced features (e.g. Mobility, Auto-
configuration, QoS, Security) will be required
1. More IP addresses will be consumed 2. More advanced features (e.g. Mobility, Auto-
configuration, QoS, Security) will be required
IPv6IPv6IPv6IPv6
9
Ipv6
技術理論與實務研習班9
Content IntroductionIntroduction IPv6 AddressingIPv6 Addressing IPv6 HeaderIPv6 Header ICMPv6ICMPv6 Neighbor DiscoveryNeighbor Discovery Address AutoconfigurationAddress Autoconfiguration Addressing Allocation Addressing Allocation
PolicyPolicy Global IPv6 actionsGlobal IPv6 actions
10
Ipv6
技術理論與實務研習班10
Address Notation 以 16 進位,每 16 位元為單位並以‘:’為區隔來表示
– 3FFE:3600:4368:1234:0008:AB12:98CE:1000– IPv4 以十進位,每 8 位元為單位並以‘‧’為區隔來表示,如 202.39.157.141
為使標示簡潔,位於一單位內前方之 0 可省略– 3FFE:3600:4368:1234:8:AB12:98CE:1000
為使標示簡潔,若有連續為 0 之位元,可以“ ::” 表示,但一個位址中只能使用一次– 3FFE:3600::1 與
3FFE:3600:0000:0000:0000:0000:0000:0001– 3FFE:3600::3:0000:1 與
3FFE:3600:0000:0000:0000:0003:0000:0001
11
Ipv6
技術理論與實務研習班11
IPv6 - Addressing Model Addresses are assigned to interfaces
– No change from IPv4 Model
Interface ‘expected’ to have multiple addresses Addresses have scope
– Link Local– Site Local– Global
Addresses have lifetime– Valid and Preferred lifetime
Link-LocalLink-LocalSite-LocalSite-LocalGlobalGlobal
12
Ipv6
技術理論與實務研習班12
Basic Address Types Unicast
– Address of a single interface– Delivery to single interface– for one-to-one communication
Multicast– Address of a set of interfaces– Delivery to all interfaces in the set– for one-to-many communication
Anycast– Address of a set of interfaces– Delivery to a single interface in the set– for one-to-nearest communication– Nearest is defined as being closest in term
of routing distance
M
M
M
A
A
A
U
13
Ipv6
技術理論與實務研習班13
Address Type Prefixes
Address type Binary prefix
IPv4-compatible 0000...0 (96 zero bits)
global unicast 001
link-local unicast 1111 1110 10
site-local unicast 1111 1110 11
multicast 1111 1111
all other prefixes reserved (approx. 7/8ths of total) anycast addresses allocated from unicast prefixes
14
Ipv6
技術理論與實務研習班14
Aggregatable Global Unicast Addresses
TLA(Top Level Aggregator) = 13 bits– TLA routers(default-free router) do not have a default route, only route
with 16 bits prefix– may be assigned to providers or exchanges
Res= 8 bits– Reserved for future use in expanding the size of either the TLA or
NLA NLA(Next Level Aggregator)= 24 bits SLA(Site level Aggregator)= 16 bits Public topology
– Collection of larger and smaller ISP Site topology
– Collection of subnets within an organization’s site
sitetopology(16 bits)
interfaceidentifier(64 bits)
publictopology(45 bits)
interface IDsubnetNLATLA001 Res
15
Ipv6
技術理論與實務研習班15
Link-Local Unicast Addresses meaningful only in a single link zone, and may be re-
used on other links Link-local addresses for use during auto-configuration
and when no routers are present Required for Neighbor Discovery process, always
automatically configuration An IPv6 router never forwards link-local traffic beyond
the link Prefix= FE80::/64
interface ID01111111010
10 bits 54 bits 64 bits
16
Ipv6
技術理論與實務研習班16
Site-Local Unicast Addresses
meaningful only in a single site zone, and may be re-used in other sites
Equivalent to the IPv4 private address space Address are not automatically configured and
must be assigned Prefix= FEC0::/48
subnet ID interface ID01111111011
10 bits 38 bits 64 bits16 bits
17
Ipv6
技術理論與實務研習班17
Special IPv6 address Unspecified address(0:0:0:0:0:0:0:0 or ::)
– Indicate the absence of an address– Equivalent to IPv4 0.0.0.0– Never assigned to an interface or used as a destination address
Loopback address (0:0:0:0:0:0:0:1 or ::1)– Identify a loopback interface
IPv4-compatible address (0:0:0:0:0:0:w.c.x.z or ::w.c.x.z)– Used by dual-stack nodes– IPv6 traffic is automatically encapsulated with an IPv4 header
and send to the destination using the IPv4 infrastructure IPv4 mapped address (0:0:0:0:0:FFFF:w.c.x.z or ::FFFF:w.c.x.z)
– Represent an IPv4-only node to an IPv6 node– Never used as a source or destination address of IPv6 packet
NSAP(Network Service Access Point) address(FP=0000001) IPX(Internetwork Packet Exchange) address (FP=0000010)
18
Ipv6
技術理論與實務研習班18
Multicast IPv6 addresses Multicast address can not be used as source or as intermediate destination in a
Routing header low-order Transient(T) flag indicates permanent (T=0) / transient(T=1) group; three
other flags reserved Scope field
– 1: node-local– 2: link-local– 5: site-local– 8: organization-local– E: global– Others: reserved
4 112 bits8
group IDscopeflags11111111
4
19
Ipv6
技術理論與實務研習班19
Other IPv6 addresses Solicited-node address
– Facilitates the efficient query of network node during address resolution
– Prefix= FF02::1FF00/104 and the last 24-bits of IPv6 address Anycast IPv6 address
– Assigned to multiple interface– Only used as destination address– Only assigned to router– anycast addresses are indistinguishable from unicast– Subnet-router anycast address is predefined and requires
n bits 128 - n bits
000…000Subnet Prefix
20
Ipv6
技術理論與實務研習班20
IPv6 interface identifier Lowest-order 64-bit field of unicast address Globally unique or locally unique within a subnet Future higher-layer protocols may take advantage of globally-
unique interface IDs to identify nodes independently of their current location
Configure interface identifier– manual configuration– DHCPv6 (configures whole address)– automatic derivation from MAC address or other hardware
serial number– pseudo-random generation (for client privacy)– the latter two choices enable “serverless” or “stateless”
autoconfiguration, when combined with high-order part of the address learned via Router Advertisements
21
Ipv6
技術理論與實務研習班21
The conversion of a universally administered, unicast IEEE 802 address to an IPv6 interface identifier
22
Ipv6
技術理論與實務研習班22
Content
IntroductionIntroduction IPv6 AddressingIPv6 Addressing IPv6 HeaderIPv6 Header ICMPv6ICMPv6 Neighbor DiscoveryNeighbor Discovery Address AutoconfigurationAddress Autoconfiguration Addressing Allocation Addressing Allocation
PolicyPolicy Global IPv6 actionsGlobal IPv6 actions
23
Ipv6
技術理論與實務研習班23
IPv6 vs. IPv4 Packet Data Unit
minimum20 octets
maximum65535 octets
IPv4 PDU
Fixed40 octets
maximum65535 octets
IPv6 PDU
0 or more
IPv4 Header Data Field
Transport-level PDUIPv6 Header Extension
Header
Extension
Header
24
Ipv6
技術理論與實務研習班24
Comparison of IPv4 and IPv6 Header
Destination Address
Source Address
Ver IHLService
Type
Identification Flags Offset
TTL ProtocolHeader Checksum
Source Address
Destination Address
Options + Padding
Total Length Ver Flow Label
Payload LengthNext
HeaderHop Limit
Traffic Class
IPv4 Packet HeaderIPv4 Packet Header IPv6 Packet HeaderIPv6 Packet Header
32 bits
25
Ipv6
技術理論與實務研習班25
Summary of Header Changes between IPv4 & IPv6
Streamlined Fragmentation fields moved out of base header IP options moved out of base header Header Checksum eliminated Header Length field eliminated Length field excludes IPv6 header Alignment changed from 32 to 64 bits
Revised Time to Live ’ Hop Limit Protocol ’ Next Header Precedence & TOS ’ Traffic Class Addresses increased 32 bits ’ 128 bits
Extended Flow Label field added
26
Ipv6
技術理論與實務研習班26
IPv6 extension header
Hop-by-hop options header Routing header Fragment header Authentication header Encapsulating security payload header Destination options header
IPv6 PDU general form
Transport-level PDUIPv6 Header Extension
Header
Extension
Header
40 octets 0 or more
27
Ipv6
技術理論與實務研習班27
IPv6 extension header(cont.) IPv6 specification
recommended order:– IPv6 header– Hop-by-hop options
header– Destination options
header(for intermediate destination when the routing header is present)
– Routing header– Fragment header– Authentication header– Encapsulation security
payload header– Destination options
header(for final destination)IPv6 packet with all extension headers
Octets:
40
Variable
Variable
Variable
Variable
Variable
Variable
8
= Next header field
IPv6 header
Hop-by-hop options header
Routing header
Fragment header
Authentication header
Encap security payload header
TCP header
Application data
28
Ipv6
技術理論與實務研習班28
Hop-by-Hop option header
Specify delivery parameters at each hop on the path to the destination
– Header Extension Length No of 8-byte block in Hop-by-Hop option header Not including first 8 bytes
– Option Type-Length-Value(TLV) format 0: Pad1– insert single byte of padding 1: PadN – insert 2 or more byte of padding 5: Router Alert – indicate to the router the packets require additional
processing(MLD and RSVP) 194: Jumbo Payload – indicate payload size over 65,535 (65,535~2^32-
1)
29
Ipv6
技術理論與實務研習班29
Destination option header
Specify packet delivery parameter for either intermediate destinations or final destinations
If Routing header exists, it specifies delivery or processing options at each intermediate destination
30
Ipv6
技術理論與實務研習班30
Routing header Similar to the source routing in IPv4 Use of Routing header with anycast addresses allows routing packets
through particular regions– e.g., for provider selection, policy, performance, etc.
31
Ipv6
技術理論與實務研習班31
Example: Header when S to A
S A
B
D
32
Ipv6
技術理論與實務研習班32
Example: Header when A to B
S A
B
D
33
Ipv6
技術理論與實務研習班33
Example: Header when B to D
S A
B
D
34
Ipv6
技術理論與實務研習班34
Fragment header Fragmentation and reassembly services is an end-to-end function;
routers do not fragment packets en-route if too big—they send ICMP “packet too big” instead
Support only on source nodes
35
Ipv6
技術理論與實務研習班35
Authentication header Provide data authentication
– verification of the node that sent the packet Provide data integrity
– verification that the data was not modified in transit Provide anti-replay protection
– assurance that captured packets cannot be retransmitted and accepted as valid data
36
Ipv6
技術理論與實務研習班36
Encapsulating security payload(ESP) header and trailer
Provides data confidentiality, data authentication, and data integrity
37
Ipv6
技術理論與實務研習班37
Content IntroductionIntroduction IPv6 AddressingIPv6 Addressing IPv6 HeaderIPv6 Header ICMPv6ICMPv6 Neighbor DiscoveryNeighbor Discovery Address AutoconfigurationAddress Autoconfiguration Addressing Allocation Addressing Allocation
PolicyPolicy Global IPv6 actionsGlobal IPv6 actions
38
Ipv6
技術理論與實務研習班38
Features of ICMPv6 An integral part of IPv6 and MUST be fully
implement by every IPv6 node (RFC 2463) Next Header value= 58 Report delivery or forwarding errors Provide simple echo service for
troubleshooting Multicast Listener discovery(MLD) – 3 ICMP
messages Neighbor Discovery(ND) – 5 ICMP messages
39
Ipv6
技術理論與實務研習班39
ICMPv6 message format
40
Ipv6
技術理論與實務研習班40
Two types of ICMP messages Error messages
– Report error in the forwarding or delivery
Informational messages– Provide diagnostic function, MLD, and ND
41
Ipv6
技術理論與實務研習班41
Error message(Destination Unreachable)
Send by router or destination host
42
Ipv6
技術理論與實務研習班42
Error message(Packet Too Big)
Send when link MTU is smaller than the size of packet
Used for IPv6 Path MTU Discovery process
43
Ipv6
技術理論與實務研習班43
Error message(Time Exceeded)
Send by router when Hop limit field is zero
– Code field: 0: Hop limit= 0
– Hop limit of outgoing packets is not large enough to reach destination, or
– Routing loop exist 1: fragmentation reassembly time of destination host is exceeded
44
Ipv6
技術理論與實務研習班44
Error message(Parameter Problem)
Send by router or destination host when errors of IPv6 header or extension header
45
Ipv6
技術理論與實務研習班45
Informational message Echo Request message
Echo Reply message
Identifier and Sequence Number are send by host and used to match incoming Echo Reply with corresponding Echo Request(same as IPv4)
Multicast Listener Query messages:– Query, Report, done(like IGMP for IPv4)
46
Ipv6
技術理論與實務研習班46
Minimum MTU Link MTU
– A link’s maximum transmission unit(ex: the max IP packet size that can be transmitted over the link)
Path MTU– The minimum MTU of all the links in a path between a source
and a destination Minimum link MTU for IPv6 is 1280 octets vs 68 octets
for IPv4 On links with MTU < 1280, link-specific fragmentation
and reassembly must be used On links that have a configurable MTU, it’s
recommended a MTU of 1500 bytes
47
Ipv6
技術理論與實務研習班47
Path MTU Discovery
RFC 1981 Implementations are expected to perform path MTU discovery to
send packets bigger than 1280 octets– For each destination, start by assuming MTU of first-hop link– If a packet reach a link in which it can’t fit, will invoke ICMP
“packet too big” message to source, reporting the link’s MTU; MTU is cached by source for specific destination
– Occasionally discard cached MTU to detect possible increase Minimal implementation can omit path MTU discovery as long as
all packets kept <= 1280 octets– Ex: in a boot ROM implementation
48
Ipv6
技術理論與實務研習班48
Content
IntroductionIntroduction IPv6 AddressingIPv6 Addressing IPv6 HeaderIPv6 Header ICMPv6ICMPv6 Neighbor DiscoveryNeighbor Discovery Address AutoconfigurationAddress Autoconfiguration Addressing Allocation Addressing Allocation
PolicyPolicy Global IPv6 actionsGlobal IPv6 actions
49
Ipv6
技術理論與實務研習班49
Neighbor Discovery(ND)
RFC 2461 Node(Hosts and Routers) use ND to determinate the
link-layer addresses for neighbors known to reside on attached links and quick purge cached valued that become invalid
Hosts also use ND to find neighboring router that willing to forward packets on their behalf
Nodes use the protocol to actively keep track of which neighbors are reachable and which are not, and to detect changed link-layer addresses
Replace ARP, ICMP Router Discovery, and ICMP Redirect used in IPv4
50
Ipv6
技術理論與實務研習班50
IPv6 ND processes Router discovery
– Discover the local hosts on an attached link– Equivalent to ICMPv4 Router Discovery
Prefix discovery– Discovery the network prefix– Equivalent to ICMPv4 Address Mask Request/Reply
Parameter discovery– Discovery additional parameter(ex: link MTU, default hop limit for
outgoing packet) Address autoconfiguration
– Configure IP address for interfaces Address resolution
– Equivalent to ARP in IPv4
51
Ipv6
技術理論與實務研習班51
IPv6 ND processes(cont.)
Next-hop determination– Destination address, or– Address of an on-link default router
Neighbor unreachable detection(NUD) Duplicate address detection(DAD)
– Determine that an address considered for use is not already in use by a neighboring node
First-hop Redirect function– Inform a host of a better first-hop IPv6 address to reach a
destination– Equivalent to ICMPv4 Redirect
52
Ipv6
技術理論與實務研習班52
ND message format 5 ND messages:
– Router solicitation– Router Advertisement– Neighbor Solicitation– Neighbor Advertisement– Redirect
All ND message are send with hop limit= 255. – If it is not set to 255, the message is silently discarded– Provide Protection from ND-based network attacks launched from off-link nodes– Router can not have forwarded the ND message from an off-link node
53
Ipv6
技術理論與實務研習班53
Neighbor Discovery options Source/Target link-layer address option
– Source link-layer address Indicate the link-layer address of the ND sender Included in Neighbor Solicitation, Router Solicitation, and Router Advertisement Type = 1
– Target link-layer address Indicate the link-layer address of the neighbor node Included in Neighbor Advertisement and Redirect Type = 2
– Example for Ethernet
54
Ipv6
技術理論與實務研習班54
Neighbor Discovery options(cont.) Prefix information option
– Indicate both address prefixes and information about address autoconfiguration– Included in Router Advertisement– Can be multiple prefix information options in Router Advertisement message
– Autonomous flag: stateless address configuration
55
Ipv6
技術理論與實務研習班55
Neighbor Discovery options(cont.)
Redirect header option
MTU option
56
Ipv6
技術理論與實務研習班56
ND Autoconfiguration, Prefix & Parameter Discovery
Router solicitation are sent by booting nodes to request RAs for configuring the interfaces.
1. RS:
ICMP Type = 133
Src = ::
Dst = All-Routers multicast Address
query= please send RA
2. RA2. RA1. RS
2. RA:
ICMP Type = 134
Src = Router Link-local Address
Dst = All-nodes multicast address
Data= options, prefix, lifetime, autoconfig flag
57
Ipv6
技術理論與實務研習班57
ND Address Resolution & Neighbor Unreachability Detection
ICMP type = 135 (NS) Src = A Dst = Solicited-node multicast of B Data = link-layer address of AQuery = what is your link address?
A B
ICMP type = 136 (NA) Src = B Dst = A Data = link-layer address of B
A and B can now exchange packets on this link
58
Ipv6
技術理論與實務研習班58
ND Redirect
Redirect is used by a router to signal the reroute of a packet to an onlink host to a better router or to another host on the link
Redirect:Src = R2Dst = AData = good router = R1
3FFE:B00:C18:2::/64
R1
R2A B
Src = A Dst IP = 3FFE:B00:C18:2::1 Dst Ethernet = R2 (default router)
59
Ipv6
技術理論與實務研習班59
Content IntroductionIntroduction IPv6 AddressingIPv6 Addressing IPv6 HeaderIPv6 Header ICMPv6ICMPv6 Neighbor DiscoveryNeighbor Discovery Address AutoconfigurationAddress Autoconfiguration Addressing Allocation Addressing Allocation
PolicyPolicy Global IPv6 actionsGlobal IPv6 actions
60
Ipv6
技術理論與實務研習班60
Address autoconfiguration The autoconfiguration for link-local addresses is only specified for hosts.
Routers must obtain through manual configuration Three type of autoconfiguration
– Based on receipt Router Advertisement message– Stateless
and one or more prefix information Both Managed address configuration and Other stateful
configuration flag=1 – Stateful
no prefix information Either Managed address configuration or Other stateful
configuration flag=1 DHCPv6
– Both and one or more prefix information Either Managed address configuration or Other stateful
configuration flag=1
61
Ipv6
技術理論與實務研習班61
Serverless Autoconfiguration(“Plug-n-Play”)
Hosts can construct their own addresses:– subnet prefix(es) learned from periodic multicast
advertisements from neighboring router(s)– interface IDs generated locally – MAC addresses : pseudo-random temporary
Other IP-layer parameters also learned from router adverts (e.g., router addresses, recommended hop limit, etc.)
Higher-layer info (e.g., DNS server and NTP server addresses) discovered by multicast / anycast-based service-location protocol [details being worked out]
DHCP also available for those who want more control
62
Ipv6
技術理論與實務研習班62
Auto-Reconfiguration(“Renumbering”)
New address prefixes can be introduced, and old ones withdrawn– we assume some overlap period between old and new,
i.e., no “flash cut-over”– hosts learn prefix lifetimes and preference order from router
advertisements– old TCP connections can survive until end of overlap;
new TCP connections can survive beyond overlap Router renumbering protocol, to allow domain-interior routers to
learn of prefix introduction / withdrawal New DNS structure to facilitate prefix changes
63
Ipv6
技術理論與實務研習班63
Content IntroductionIntroduction IPv6 AddressingIPv6 Addressing IPv6 HeaderIPv6 Header ICMPv6ICMPv6 Neighbor DiscoveryNeighbor Discovery Address AutoconfigurationAddress Autoconfiguration Addressing Allocation Addressing Allocation
PolicyPolicy Global IPv6 actionsGlobal IPv6 actions
64
Ipv6
技術理論與實務研習班64
International IPv6 Address International IPv6 Address ManagementManagement Management Method – Hierarchical ManagementManagement Method – Hierarchical Management
IANA
RIPE NCC ARIN … 6BONE
End-User
End-User
APNIC
NIR
TLARegistry
NLARegistry
NLARegistry
End-User
End-User
TLARegistry
TWNIC
65
Ipv6
技術理論與實務研習班65
Initial IPv6 Sub-TLA Address Management in detailsInitial IPv6 Sub-TLA Address Management in details
IPv6 Prefix Range Assignment
2001:0000::/29-2001:01F8::/29 IANA
2001:0200::/29-2001:03F8::/29 APNIC
2001:0400::/29-2001:05F8::/29 ARIN
IPv6 Prefix Range Assignment
2001:0600::/29-2001:07F8::/29 RIPE NCC
… For future
2001:FE00::/29-2001:FFF8::/29 For future
International IPv6 International IPv6 Address Management Address Management (cont’d) (cont’d)
66
Ipv6
技術理論與實務研習班66
TLA Identifier AssignmentsTLA Identifiers are defined in [RFC2374] and are assigned from the TLA Identifiers are defined in [RFC2374] and are assigned from the FormatFormat
Prefix (FP) 001 (binary) in [RFC2373].Prefix (FP) 001 (binary) in [RFC2373].
Binary Value Hex Value IPv6 Prefix AssignmentBinary Value Hex Value IPv6 Prefix Assignment
---------------- ----------- ------------- ---------------------------------- ----------- ------------- ------------------
0 0000 0000 0000 0x0000 2000::/16 Reserved0 0000 0000 0000 0x0000 2000::/16 Reserved
0 0000 0000 0001 0x0001 2001::/16 Sub-TLA Assignments 0 0000 0000 0001 0x0001 2001::/16 Sub-TLA Assignments [RFC2450][RFC2450]
0 0000 0000 0010 0x0002 2002::/16 "6to4" [RFC3056]0 0000 0000 0010 0x0002 2002::/16 "6to4" [RFC3056]
1 1111 1111 1110 0x1FFE 3FFE::/16 6bone Testing 1 1111 1111 1110 0x1FFE 3FFE::/16 6bone Testing [RFC2471][RFC2471]
1 1111 1111 1111 0x1FFF 3FFF::/16 Reserved1 1111 1111 1111 0x1FFF 3FFF::/16 Reserved
67
Ipv6
技術理論與實務研習班67
Initial IPv6 Sub-TLA Address AllocationInitial IPv6 Sub-TLA Address Allocation
Before Initial Stage
1. Peering relationships ≥ 3 ASes
AND
2. Clear intent to provide IPv6 service within 12 months
AND either
3-1. ≥ 40 IPv4 customersOR3-2. 6bone experience
At Initial Stage
1. Peering relationships ≥ 3 sub-TLAs
AND either
2-1. 40 SLA customersOR2-2. a clear intent to provide IPv6 service within 12 months
International IPv6 Address International IPv6 Address Management (cont’d) Management (cont’d)
68
Ipv6
技術理論與實務研習班68
IPv6 IPv6 Policy Development Policy Development
• Oct 1998 Oct 1998 Initial discussions RIRs/IETF and RIR Initial discussions RIRs/IETF and RIR
communitiescommunities
• July 1999July 1999 Provisional policy document releasedProvisional policy document released
• Aug 1999Aug 1999 IPv6 allocation service beganIPv6 allocation service began
• Oct 1999Oct 1999 Review of policy document after early Review of policy document after early
deployment deployment experienceexperience
• 20012001 Revised policy document to be Revised policy document to be
published following extensivepublished following extensive
IETF/community inputIETF/community input
• 2002… 2002… Policies Policies alwaysalways subject to change subject to change
• Oct 1998 Oct 1998 Initial discussions RIRs/IETF and RIR Initial discussions RIRs/IETF and RIR
communitiescommunities
• July 1999July 1999 Provisional policy document releasedProvisional policy document released
• Aug 1999Aug 1999 IPv6 allocation service beganIPv6 allocation service began
• Oct 1999Oct 1999 Review of policy document after early Review of policy document after early
deployment deployment experienceexperience
• 20012001 Revised policy document to be Revised policy document to be
published following extensivepublished following extensive
IETF/community inputIETF/community input
• 2002… 2002… Policies Policies alwaysalways subject to change subject to change
69
Ipv6
技術理論與實務研習班69
IPv6 Address AllocationIPv6 Address Allocation
Source : APNIC, Feb 2003
70
Ipv6
技術理論與實務研習班70
Content IntroductionIntroduction IPv6 AddressingIPv6 Addressing IPv6 HeaderIPv6 Header ICMPv6ICMPv6 Neighbor DiscoveryNeighbor Discovery Address AutoconfigurationAddress Autoconfiguration Addressing Allocation Addressing Allocation
PolicyPolicy Global IPv6 actionsGlobal IPv6 actions
71
Ipv6
技術理論與實務研習班71
Global IPv6 actions
IPv6 標準現況 IPv6 建置現況 IPv6 產品發展現況 日本發展現況 韓國發展現況 我國發展現況
72
Ipv6
技術理論與實務研習班72
IPv6 標準現況
Core IPv6 specifications are IETF Draft Standards(well-tested and stable)
IPv6 base specICMPv6Neighbor DiscoveryIPv6-over-Ethernet, IPv6-over-…
Other important specs are progressing and in good shape
3GPP wireless standard mandates IPv6
73
Ipv6
技術理論與實務研習班73
IPv6 建置現況實驗網路 : ( the 6bone )
for testing and debugging IPv6 protocols and operations
支援學術及教育之網路 : ( the 6ren )
CAIRN, Canarie, CERNET, Chunahwa Telecom, Dante, ESnet, Internet 2, IPFNET, NTT, Renater, Singren, Sprint, SURFnet, vBNS, WIDE
商用網路 a few ISPs (IIJ, NTT, SURFnet, Trumpet,…) have announced commercial IPv6 service or service trials
74
Ipv6
技術理論與實務研習班74
IPv6 產品發展現況
大部分之 IP stack 廠商均投入 IPv6 研發 已 release
如 3Com, *BSD(KAME), Epilogue, Ericsson/Telebit, IBM, Hitachi, Nortel, Sun, Trumpet , Juniper, Cisco, Compaq, HP, Linux community, Microsoft
研製中如 Apple, Bull, Mentat, Novell, SGI
75
Ipv6
技術理論與實務研習班75
日本發展現況
Governmental - IPv6 Council
- JGN (Japan Gigabit Network) IPv6
R&D - WIDE IPv6 / NSPIXP6 / Kame / Usagi / TAHI
Industrial - IAJapan IPv6 Deployment Committee
- JPNIC IPv6 project
- IPv6 Operation Study Group
- IPv6 Summit in Japan
Publication - IPv6 Journal (RIIS)
- v6start (Nikkei BP)
76
Ipv6
技術理論與實務研習班76
JAPAN -- IPv6 Council
Initiated by Ministry of Public Management, Home Affairs, Posts and Telecommunications
Chair: Jun Murai Not only router vendors and service providers, but home
appliance developers etc. are involved TAO (Telecommunications Advancement Organization of Japan)
conducts a nation-wide IPv6 experiment including home appliance application development, using budget of 8 billion Yen (= $ 800k).
http://www.v6pc.jp/chb/index.html( 繁體中文版 )
77
Ipv6
技術理論與實務研習班77
IPv6 Deployment Policy
6Bone-KR
IPv6 Commercial Network
KRv6 Project
IPv6 Address Allocation
IPv6 Forum Korea
• Government Strategies • Since Feb 2001
• 8 /35 prefix sTLA allocations• Since 1999 • KRNIC, ETRI, KOREN, etc.
• 6NGIX: IPv6 Next Generation Internet eXchange
• KT, KOREN, KOSINET6, etc.
• IPv6 Research & Development• IPv4/IPv6 Translator, BIA, etc.• Since 2000
• National Forum since 2000 for the promotion of IPv6
• 61 regular organizational members • Korea-EU IPv6 Network• Partnership with 6WINIT• Since 2001
Trans-Eurasia Project
• Experimental IPv6 Testbed• 2 pTLAs• Since 1996
韓國發展現況 ( 一 )
78
Ipv6
技術理論與實務研習班78
韓國發展現況 ( 二 )
Transition Roadmap by Government (23 Feb 2001)
Complete native IPv6CommercialIPv6 Service
(wire/wireless)
Phase I(~2001)
Phase I(~2001)
Phase II(2002~2005)
Phase II(2002~2005)
Phase III(2006~2010)
Phase III(2006~2010)
Phase IV(2011~)
Phase IV(2011~)
IPv4 Only IPv4 Ocean
IPv6 Island
IPv4 Island
IPv6 Ocean
IPv6 Only
• Validation• Operation• Promotion
• IMT2000 Service• Translation Service
IPv4/IPv6 Translation Required
ExperimentalIPv6 Network
79
Ipv6
技術理論與實務研習班79
The government plans to develop:
IPv6-applied high speed Internet equipments including routers, IMT2000 terminals and information home appliances
by investing 46.8 billion won of government budget and 36.8 billion won of private fund, a total of 83.6 billion won until 2003.
韓國發展現況 ( 三 )
80
Ipv6
技術理論與實務研習班80
我國 IPv6 allocation Status
81
Ipv6
技術理論與實務研習班81
Taiwan IPv6 actions
學術研究單位– TANET– NBEN
政府單位– NICI IPv6 推動工作小組
商業組織– Hinet– IPv6 Forum Taiwan
82
Ipv6
技術理論與實務研習班82
APNIC 已核發給 TANet 之 IPv6 sTLA 位址為 2001:288::/35
TANet 已完成 IPv6 位址規劃– 以區網中心、縣網中心為 NLA– 依網路中心連線單位數採變動 NLA– 每一連線單位或學校,核發給 Prefix /48– 已申請單位
教育部電算中心 2001:288:0000::/41
中正大學 2001:288:0200::/42
東華大學 2001:288:0380::/44
清華大學 2001:288:0182::/48
國家高速電腦中心 2001:288:03A0::/44
中山大學 2001:288:0300::/41
中央大學 2001:288:0140::/42
TANET 發展現況
83
Ipv6
技術理論與實務研習班83
TANet
Backbone
TP
CNC
KL
CNC
TPC
CNC
ILC
CNCTYC1
CNCTYC
2
CNCKM
CNC
MATSU
CNC
HCC
CNC
HC
CNC
MLC
CNC
TC
CNC
TCC
CNC
CHC
CNC
NTCT
CNC
YLC
CNC
CY
CNC
CYC
CNC
TN
CNC
TNC
CNC
KHC
CNC
KH
CNCPTC
1
CNC
PTC3
CNC
MOERNC NCCU
RNC
NTURNC
38customers
279customers
262customers
70customers
121customers
66customers
HLC
CNC146
customers
17customersNHLTC
RNC
NDHURNC
5customers
NTTTCRNC
TTCT
CNC
4customers
139customers
NSYSURNC
PTC2
CNC
59customers 60
customers
209customers24
customers226
customers172
customers
NCKURNC
52Customer
225customers
67customers
CCU
RNC
NCURNC
NCTURNC
NCHURNC
206customers
44customers
207customers
194customers
22customers48
customers
239customers
84customers
212customers
171customers
116customers
39customers
39customers
44customer
s
14customers
26customer
s
107customers
120customers
53customers
TANET IPv6 網路架構圖
84
Ipv6
技術理論與實務研習班84
NBEN 發展現況 Establishing an native IPv6 network in 3 GigaPOP
( NCHC, CHT-TL, NCU )
Establish an native IPv6 network in campus (NTHU, CCU, and NDHU) 9/30
9/11 Connection to 6Bone
IPv6 Test Result
IPv6 Tunneling -Test ping6, http6, Video program transmission
Establish PC-based IPv6 platform –Windows NT/2000, Linux, FreeBSD, WWW server, WWW browser
85
Ipv6
技術理論與實務研習班85
NMS
STM-1 Fiber (155Mbps)
VPX ATM Switch
Giga Pop
NBEN Backbone
STM-4
TaichungVPX
TainanVPX
KaohsiungVPX
Hua-lianVPX
TaipeiVPX
TLVPX
Chung-liVPX
HsinchuVPX
NMS
NDHU
TTITL
NCU
CCU
NCKU
NSYSU
NCHU
NTHU NCTU
NCHC
NTU
86
Ipv6
技術理論與實務研習班86
NICI IPv6 推動小組成立緣由 許多國家皆已相繼投入 IPv6技術之研發與推動
亞太地區鄰近國家,如日本與韓國,已陸續投入大筆經費 ,並在政府資金浥注下逐見成效,中國大陸也急起直追。 歐洲方面,歐盟委員會已正式建議歐洲各國政府及工業界 傾全力支持 IPv6,更於歐盟行政系統下成立 IPv6工作小組 ,為歐洲地區勾勒整體之 IPv6發展藍圖。
解決現行問題 國內廠商投入 IPv6 的意願不高 各界對 IPv6知識不足 台灣於 IPv6領域起步稍晚 我國政府應及早帶領國內相關產業投入 IPv6之領域,以提升我國未來網際網路相關市場競爭力及網路基礎設施之建設。
87
Ipv6
技術理論與實務研習班87
NICI IPv6 推動小組工作重點
支持成立 IPv6 Forum Taiwan, 建立 IPv6 公共論壇– 支援其他各分組推廣活動
舉辦教育訓練推廣活動 舉辦國際性研討會 建置 IPv6 網站
– http://www.ipv6.org.tw
國際交流活動 相關文件、期刊、論文等刊物出版 建置 IPv6 基礎教育之網路學習環境 IPv6 產業推動
88
Ipv6
技術理論與實務研習班88
NICI IPv6 推動小組組織架構 – 關係圖
IPv6推動工作小組召集人 :簡局長仁德副召集人:高副局長凱聲、曾董事長憲雄執行秘書:蘇總工程司宗宏、陳執行長文生
IPv6推動工作小組召集人 :簡局長仁德副召集人:高副局長凱聲、曾董事長憲雄執行秘書:蘇總工程司宗宏、陳執行長文生
NICI總召集人:蔡政務委員清彥
NICI總召集人:蔡政務委員清彥 NICI民間
諮詢委員會NICI民間諮詢委員會
應用推廣分組研究發展分組
標準測試分組 骨幹建設分組
召集人 : 國家高速電腦中心 莊主任哲男副召集人 :中華電信謝副總經理俊明教育部計算機中心陳主任景章
召集人 : 國家高速電腦中心 莊主任哲男副召集人 :中華電信謝副總經理俊明教育部計算機中心陳主任景章
召集人 : 清華大學 黃教授能富副召集人 :交通大學陳教授耀宗東華大學趙教授涵捷
召集人 : 清華大學 黃教授能富副召集人 :交通大學陳教授耀宗東華大學趙教授涵捷
召集人 : 中華電信研究 所梁所長隆星副召集人 :資策會網路及通訊實驗室張主任嘉祥中研院何副所長建明
召集人 : 中華電信研究 所梁所長隆星副召集人 :資策會網路及通訊實驗室張主任嘉祥中研院何副所長建明
召集人 : 工研院電通所 林所長寶樹副召集人 : 友訊科技副李董事長中旺教育部計算機中心陳主任景章
召集人 : 工研院電通所 林所長寶樹副召集人 : 友訊科技副李董事長中旺教育部計算機中心陳主任景章
IPv6 Forum Taiwan
89
Ipv6
技術理論與實務研習班89
組織架構 – 推動工作小組與 Forum Taiwan 之關係
於運作初期, IPv6 Forum Taiwan 將為 IPv6推動工 作小組下之活動推廣分組主要工作,活動推廣分 組召集人亦為 IPv6 Forum Taiwan 之召集人。透過 此 Forum ,業界之建議可直接反應至推動小組, 以使政府政策與民間需求一致,相互配合,共同 推動 IPv6 。
待此 Forum 運作成熟後,擬獨立由會員費收入及 民間力量繼續運作。
90
Ipv6
技術理論與實務研習班90
NICI IPv6 推動小組工作重點
IPv6 推動工作小組
整合產、官、學、研各界資源與力量,共同推 動 IPv6,俾讓我國及早邁入 IPv6 全面應用之 新紀元。
聯繫協調並瞭解各工作小組決議事項及執行情 形,以確保 IPv6 推動工作順利進行。
91
Ipv6
技術理論與實務研習班91
NICI IPv6 推動小組工作重點
研究發展分組 IPv4 與 IPv6 之 Interoperability 技術發展 OSPFv6, Mobile IPv6, IPv6 Multicast, IPv6 state configuration IPv6 Security IPv6 QoS Voice over IPv6/ Video Streaming over IPv6 發展關鍵應用軟體 (Killer applications) 與國際 IPv6研發組織進行交流 定期舉辦相關研討會
92
Ipv6
技術理論與實務研習班92
NICI IPv6 推動小組工作重點 標準測試分組 建立 IPv6網路互連與應用之互通性測試方法,協 助我國 IPv6相關產業之發展。 訂定標準測試宗旨和目標,研擬我國國家 IPv6通 信標準。 訂定測試項目、測試範圍、測試方法及標 準,以提供適當之單位進行相關測試, 建立國家級 IPv6技術與應用驗證中心,提供我國IPv6 路設備、用戶設備 (含有線用戶終端、無線用戶設備 如手機等 )、 IPv6網路家電等業者產品驗證測試之服 務。 與國際 IPv6相關標準測試組織交流,定期舉辦研討會
93
Ipv6
技術理論與實務研習班93
NICI IPv6 推動小組工作重點
骨幹建設分組 建立 IPv6骨幹維護管理運作機制,推動國內IPv6 網路互連及國際 IPv6網路互連合作。 協助建置 Native IPv6網路骨幹,訂定 IPv6位址 分配與管理政策,以提供研發及測試之實際應 用環境。 執行現有 IPv4網路至 IPv6之轉移,並提供過渡期 間之相容機制。
94
Ipv6
技術理論與實務研習班94
NICI IPv6 推動小組工作重點
應用推廣分組 提供國內各界獲取 IPv6資訊與技術之管道,支援 IPv6技術及應用之發展,舉辦 IPv6相關研討會議, 出版 IPv6相關文件期刊論文,提高市場對 IPv6之 瞭解。 建立國內對 IPv6推動之共識,協助推動 IPv6之基 礎建設。 協助推動並建立國內 IPv6產業 , 奠定未來之競爭基 礎。
95
Ipv6
技術理論與實務研習班95
NICI IPv6 推動小組目標與展望 第一階段 (至民國九十一年 )
於 NICI下成立 IPv6推動工作小組,並於此小組下建置責任分組。成立 IPv6 Forum Taiwan,並舉辦國際研討會
第二階段 ( 民國九十一年至民國九十五年 )發展並推廣 IPv6相關技術,尤其是 IPv4-to-IPv6移轉技術。以 IPv6漸漸取代 IPv4 。
推動國內各單位網路 IPv6位址申請並將現有 IPv4網路移轉或支援 IPv6 。
舉辦大型 IPv6研討會及全球 IPv6高峰會。建置國家 IPv6測試驗證中心。
第三階段 ( 民國九十六年 )全面完成純 IPv6建置
96
Ipv6
技術理論與實務研習班96
IPv6 Forum Taiwan 組織架構會長 /副會長
指導委員會
秘書處
推廣服務領域 專業技術領域 產業應用領域
Mobile IP WG
Security WG
產業推廣 WG
應用開發 WG
QoS WG
活動推廣 WG
國際交流 WG
XDSL WG教育推廣 WG
IA & HN WG
林寶樹 /
盧崑瑞 ,王輔卿
( 台北市電腦工會 , 電通所 )
陳文生 , 周勝鄰 黃能富 , 趙涵捷 陳志恩 , 蔡志宏
張瑞雄
賴溪松
黃仁竑
陳錦洲
黃崇明
蔡志宏
陳志恩陳文生周勝鄰
林誠謙
陳景章趙涵捷
97
Ipv6
技術理論與實務研習班97
Recommended