Department of Computer Science Southern Illinois University Edwardsville Spring, 2010

Department of Computer ScienceSouthern Illinois University Edwardsville

Spring, 2010

Dr. Hiroshi FujinokiE-mail: [email protected]

CS 547/490 Network Programming

IP Version 6 (IPv6)

IPv6.PPT/001


IPv6.PPT/002

History

• IPnG officially became IPv6 in RFC 1752

• A project for IPnG (IP Next Generation) was started to improve the existing IP (IPv4)

• Many modifications were made to the first IPv6 draft

- RFC 2460: Internet Protocol Version 6 (1998)

- RFC 2374: IPv6 Aggregatable Global Unicast Address Format

- RFC 2463: Internet Protocol Version 6 (Revision)

- RFC 2464: Transmission of IPv6 packets over Ethernet

• Latest OSes support IPv6 (Windows XP, Solaris 8 and Linux (krnl: 2.1.2)


IPv6.PPT/003

IPv6 Goals

1. Extended address space

2. QoS (Quality of Service) support

3. Built-in security mechanisms

4. Better protocol service extendibility

6. More efficient routing

5. State-less DHCP services

7. Backward compatibility to IPv4

8. Network infrastructure for both IPv4 and IPv6

9. More flexible network set up


IPv6.PPT/004

Extended Address Space

• The address space for IPv4 = 232 = about 4.3 billion unique addresses

• The address space of IPv4 was considered to be large enough

• In the late 90s, the address space of IPv4 was getting starved

- Advent of WWW

- Household electric appliances started connected to the Internet

- There usually are some addresses not used in every network domain

(a group of IP addresses are reserved for every domain)

(Commercial domains became popular)

CIDR (Class-less Internet Domain Routing) proposed


IPv6.PPT/005


Comparisons of IPv4 and IPv6 address spaces

Protocol Unique Addresses

IPv4

IPv6 340, 282, 366, 920, 938, 463, 374, 607, 431, 768, 211, 456 addresses

4, 294, 967, 296 addresses

Using IPv6, we can assign 1028 addresses to every one on the earth!


IPv6.PPT/006


Due to the introduction of 128-bit address space, the available address space is now much larger ….

This is a good thing, since we do not have to worry about address spacestarvation any more.

However, there are something we (engineers) have to take care of ...


IPv6.PPT/007


Routing overhead at routers (especially core routers):

(2) Routing algorithm overhead

(1) Routing table size

- 296 times larger address space than IPv4

- Each entry is now four times larger

- Complexity of routing algorithm usually is in the order of O( nlogkn) and c nlogkn (n is the number of network routers)

- The throughput will go down quickly as n increases ...

Large address space There are something we (engineers) have to take care of

TLA IDFP Reserved NLA ID SLA ID


IPv6.PPT/008


Interface ID

3 13 8 24 16 64

128 bits

Public AddressSite Address

Interface Address (Interface ID)

FP = Format Prefix (Address Format Prefix)

TLA ID = Top Layer Aggregation ID

NLA ID = Next Layer Aggregation ID

SLA ID = Top Layer Aggregation ID

Class ID Domain Address


IPv6.PPT/009

IP V4 Address Space

Host ID

3 24 5

32 bits

Public Address Interface Address (Interface ID)

This is essentially a two-layer addressing


IPv6.PPT/010


TLA

NLA

SLA

Interface ID

4-layer routing Reduce “n” inO(nlogn)


IPv6.PPT/013

Security

IPv4 security

• User name and Password

• Initially for recognizing every user, not for authentication

• Not enough system support for security

- Security is performed by “application”

IPv6 security

• Security even at the beginning of protocol design

- Encryption is a part of protocol design

(in IPv4, it’s a part of application-level protocol)


IPv6.PPT/014

Security

IPv6 Packets

= Packets for data transmission

= Packets for authentication

Each authentication packets should:

1. Have AH (Authentication Header)

2. Have ESP (Encapsulating Security Payload) header

Data Packets

Authentication Packets


IPv6.PPT/015

Protocol Service Extendibility

In IPv4, header information is all within header

It is difficult to change options without changing packet header format

In IPv6, the header contains pointers to options

Parameters are out of the “fixed” portion of the packet header


IPv6.PPT/017


IPv6 Header

Version # Traffic Class Flow Label

Data (Payload Data) Length Next Header Pointer Max Hop Count

Sender IPv6 IP Address (128 bits)

Receiver IPv6 IP Address (128 bits)

IPv6 Header

ExtendedHeader

Next header Pointer


IPv6.PPT/018


Concepts:

• Keep the “IPv6 header core” as small and as simple as possible

• Extension should be made outside of the “header core”

1. Throughput

2. End-to-end delay

will be improved.

3. Delay jitter (variances in end-to-end delay)


IPv6.PPT/016


IPv4 Header

IPv6 Header





Fragment Offset

IHL Service Type Packet Length

Flags

TTL Transport Protocol Header Check Sum Code

Sender IP Address

Receiver IP Address

Options and Padding

Version #

Packet Sequence Number


IPv6.PPT/011

Quality of Service Support

• IPv4 does not have any quality of service support

Factors for “quality of service”:

(1) Transmission Rate (Link Bandwidth) Reservation

(2) Guaranteeing Short Delay (end-to-end delay and delay jitter)

(3) Error rate

- end users usually do not see “errors” during data transmissions

(4) Security- encryption methods applied during data transmissions


IPv6.PPT/012


QoS Support in IPv6: QoS Support by “flow”

• In IPv6, QoS is provided to each “flow” (sometimes called “pipe”)

• “IPv6 flow” is a “path” in virtual circuit

• QoS is managed for “flow”, but not for each packet

• The difference from “path” in the virtual circuit is that it can be a collection of paths.


IPv6.PPT/017

For each IPv6 flow (pipe), the following QoS parameters can be specified:

• Queuing Priority

• Network Resources

- Memory Buffer- Link Bandwidth

- Processor Time Slice (at routers)• Requirements for Packet Drop

• Accounting

• Security- Better Encryption


IPv6.PPT/012


QoS Support in IPv6: QoS Support by “flow”

• A “flow” is a virtual pipe uniquely identified by a combination of:

IPv6 Header





- Flow label (20 bits)- Sender IPv6 Address- Receiver IPv6 Address


IPv6.PPT/017

Router

Router Router

Router Router

Router

IPv6 Pipe

IPv6 Sender IPv6 Receiver


IPv6.PPT/017

R1 R2 R3 R4 RnSENDER RECEIVER

Path Set-updelay

Data Transmission

Time

ACK Signal

Path Set-up Signal


IPv6.PPT/017

InternalOperation

External Operation

Virtual Circuit

Virtual Circuit

Datagram

Datagram

A

B C

D

IPv4

IPv6


IPv6.PPT/019

State-Less DHCP Services

Existing HDCP (State-Full) DHCP Server:

DHCPServer Client A

A 146.163.147.52

“146.163.147.52”

Address Request

• Server keeps state (table)

DHCP Address Pool


IPv6.PPT/020

DHCPServer Client A

A 146.163.147.52

“146.163.147.52”

Address Request

• Server keeps state (table)


• Client does not make a request at the beginning

• A client generates its own IPv6 address

• A client makes sure the address is available with a help of routers

• If the chosen address does not work, then a host talks to IPv6 DHCP server


IPv6.PPT/021


Client AClient BClient CClient D

Generate an IPv6 address from the network address and interface ID

Broadcast the generated IPv6 address within the network

If someone already uses it, the host sends NACK

If no one sends NACK, the host uses it as temporary address

Talk to the gateway router to broadcast the temporary address to all the other routers in the network domain (ACK must be returned)

If no ACK comes back, the joining host talks to IPv6 DHCP server


IPv6.PPT/022


-A When a router receives a polling message, it broadcasts the address in the network

-B If anyone is not using the address, the router sends ACK to the router

-C If someone already uses it, the router sends NACK

-D If the gateway router receives at least one NACK, it sends NACK to the joining node

-E NACK is not received at all, the gateway router sends ACK to joining node


IPv6.PPT/023

Backward Compatibility to IPv4

- Unfortunately, there is no backward compatibility to IPv4 in the protocol implementation

• IPv4/IPv6 Dual-Protocol Server

• IPv4-mapped IPv6 addresses

• IPv4 Tunneling

There are some techniques to realize IPv4/IPv6 hybrid:

- Source code compatible with minor differences


IPv6.PPT/024

IPv4/IPv6 Dual-Protocol Servers

• During IPv4/IPv6 transition period, servers should be able to work with both IPv4 and IPv6 routers

- IPv4-mapped addresses allow a host that supports both IPv4 and IPv6 to communicate with a host (or router) that supports only IPv4

- The IPv4-mapped IPv6 address is based on a unique format


IPv6.PPT/025

Class ID Domain Address Host ID

3 24 5

32 bits IPv4 Address

IPv4-Mapped IPv6 Addresses

“000 … 000” “FFFF” IPv4 Address

80 16 32

128 bits


IPv6.PPT/026

IPv4/IPv6 Dual-Protocol Servers

Client1

TCP

IPv6

LLC

Client2

TCP

IPv4

LLC

Server

TCP

IPv6

LLC

IPv4

Network

IPv4-mappedIPv6 address

Dual-stack node: define in RFC 1933


IPv6.PPT/027

IPv4Addresses

IPv6 Addresses

IPv4-mappedIPv6 Addresses

IPv4-Mapped IPv6 Addresses


IPv6.PPT/028

IPv6 Tunneling

= IPv6 Router= IPv4 Router

Internet

Host A

Host B

Host C


IPv6.PPT/029

IPv6 Tunneling


Internet

Host A

Host B

Host CIPv6 Packet

IPv6 Packet

IPv6 Packet

IPv6 Packet


IPv6.PPT/030

IPv6 Tunneling


Internet

Host A

Host B

Host CIPv6 Packet

IPv6 Packet

IPv6 Packet

IPv4 PacketIPv4 Packet

IPv4 Packet

IPv4 Tunnel

4

6

6

4 6

6


IPv6.PPT/027

Dual-Stack

Internal Server

IPv6 host

Private LAN

F/WExternal Server

Internet


IPv6.PPT/027

• If your domain is connected to an ISP that does not support IPv6

• IPv4-mapped IPv6 address must be used for this IPv6 host

• The dual-stack internal server can establish an IPv4 tunnel

• From the public Internet, your IPv6 domain looks like an IPv4 domain!

Internet

Private LAN

F/WExternal Server

IPv6 host

Internal Server

V4-V6 translator


IPv6.PPT/027

• If your domain is connected to an ISP that does not support IPv6

• Most of your domain is IPv4(only a few LAN segments in your domain is operated by IPv6)

• A technique to make a transition from an IPv4 to an IPv6 domain

(when IPv6 hosts dominate, this domain uses dual-stack server)

• IPv6 extended features are available only in the same segment

IPv6 host

Dual-Stack

Internal Server

F/W

Dual-Stack

Dual-Stack

Private LAN

Internet

External Server

IPv6 over IPv4tunneling


IPv6.PPT/027


IPv6.PPT/031

6-Bone 6-bone is a virtual IPv6 network


IPv6.PPT/032

6-Bone

• Many operating systems and routers start adopting IPv6.

• IPv4 is still the majority

• A virtual IPv6 Internet constructed by IPv4 tunnel

(Something similar to Mbone)

• Your host (local machine) must support IPv6

• You get connected through an 6-Bone access point

• 6-Bonje is an experimental network established by IETF

(Such as Windows XP - you do NOT need IPv6 router)


IPv6.PPT/036

IPv6 Programming


IPv6.PPT/037

How can we develop network applications using IPv6?

• IPv6 does not have compatibility to IPv4 in implementation

…….struct sockaddr_in server_addr; ……. server_addr.sin_family = AF_INET;server_addr.sin_len = sizeof (server_addr); ……. …….

IPv4 Address structure

• IPv6 does have compatibility to IPv4 in source code


IPv6.PPT/038


…….struct sockaddr_in6 server_addr; ……. server_addr.sin6_family = AF_INET6;server_addr.sin6_len = sizeof (server_addr); server_addr.sin6_port = PORT# …….

IPv6 Address structure


IPv6.PPT/039


socket (AF_INET, SOCK_STREAM, 0);

Creating a socket (IPv4)

Creating a socket (IPv6)

socket (AF_INET6, SOCK_STREAM, 0);

Documents

Department of Computer Science Southern Illinois University Edwardsville Spring, 2010