Embed Size (px)
Citation preview
IPv6
Content
History
IPv4 Downfall
IPv6 Features
IPv6 Addresses
Changes from IPv4
IPv6 Headers/Frames/Packets
Autoconfiguration
Commands
Resources
What should I learn from this?
Know what a IPv6 Address looks like
Have an idea why IPv6 is need and should be important to me
How to troubleshoot low level issues
How to look at an IPv6 header and have an idea what is going on with it
Know where to go to ask questions about IPv6
Know what ISATAP, Dual Stack and 6RD are
History of IP
IPv4 IPv6
Dates 1969 DARPA started research, 1981 IPv4 RFC791
1999
Data 32 Bits 128 Bits
Notation Decimal Hexadecimal
Size 2^32 addresses (4,294,967,296)
2^128 addresses (340,282,366,920,938, 463,463,374,607,431, 768,211,456)
Example 192.168.1.0/24 2001:558:4020::1/56
User Subnet
Does not exist /64, or (2^32)^2 – each household gets the size of IPv4 public addresses squared
IPv4 Downfall IPv4 Addresses are almost gone
All IPv4’s have been assigned!
Everything using a single IP
Growing ISP’s require more IP Addresses
NAT issues
IPv6 Main Features
Larger address space for users and ISP to use with public access Global capability Plug – and – play Multihoming Autoconfiguration Renumbering (easy if setup right)
Simpler header – Streamlining of routing code
Address space
Types of IPv6 Addresses
Global Unicast 2000::/3
Link-Local Unicast FE80::/1
Loopback ::1/128
6to4 2002::/16
Teredo 2001:0000::/32
Unique Local Unicast FC00::/7
Multicast FF00::/8
IPv4 Mapped ::ffff:128.223.214.23
Link-Local Multicast All-Nodes
FF02::1
Private Address Range FC00::/7
Non Routeable 2001:0DB8::/32
Global Address
In IPv6 every host is publicly routable.
Each host has 2 IP addresses
Global address is your publicly routable address
Link Local Address
A link local address is like an IPv4 NATted address. When you connect your computer to a router, you get (DHCP) an IP Address like 192.168.1.101. This same concept exists in IPv6, but is built into the protocol, and the start of the IP address will be ‘FE80:’
This IPv6 address is how your computer talks to the other computers that are on your same network.
Change From IPv4
Address length quadrupled to 16 bytes Header Format Simplification •
Fixed length, optional headers are daisy-chained
IPv6 header is twice as long (40 bytes) as IPv4 header without options (20 bytes) No checksumming at the IP network layer No hop-by-hop segmentation
Path MTU discovery 64 bits aligned No more broadcast
No more fragmentation and reassembly in header Incorrectly sized packets are dropped and message is sent to sender to reduce
packet size Hosts should do path MTU discovery
IPv6 Headers
IPv6 Header Extensions Everything in IPv6 is a header extension – even TCP/UDP payload
IPv6 Full Example
Autoconfiguration
Built into the IPv6 protocol, there is the concept of IP autoconfiguration.
Stateless
In IPv4, you connect to the router, and your machine asks the DHCP server what IP address it should use.
In IPv6 the DHCP option is still there, but with autoconfiguration, your host negotiates its IP address with all of the other hosts that are on the network.
IPv6 Commands
ping6
nmap -6
traceroute -6
ssh -6
Web pages: http://[IPv6 address]%[device] http://fe80::21c:42ff:fe00:9%eth1
Nslookup (AAAA record)
Resources
http://www.cisco.com/en/US/technologies/tk648/tk872/technologies_white_paper0900aecd8054d37d.html
RFC2460 http://www.ietf.org/rfc/rfc2460.txt RFC4861 http://www.ietf.org/rfc/rfc4861.txt RFC4862 http://www.ietf.org/rfc/rfc4862.txt RFC4942 http://www.ietf.org/rfc/rfc4942.txt RFC5157 http://www.ietf.org/rfc/rfc5157.txt RFC3756 http://www.ietf.org/rfc/rfc3756.txt http://www.iol.unh.edu/services/testing/ipv6/ http://nmap.org/book/man-host-discovery.html http://www.cs.columbia.edu/~smb/papers/v6worms.pdf http://www.uninformed.org/?v=10&a=3 http://www.infosecwriters.com/text_resources/pdf/IPv6_SSotillo.pdf http://freeworld.thc.org/thc-ipv6/ http://freeworld.thc.org/papers/vh_thc-ipv6_attack.pdf http://www.rmv6tf.org/RMv6TFDocs.htm http://defcon.org/images/defcon-18/dc-18-presentations/Bowne/DEFCON-18-Bown
e-IPv6.pdf http://defcon.org/images/defcon-18/dc-18-presentations/Curran/DEFCON-18-Curra
n-IPv6.pdf http://defcon.org/images/defcon-18/dc-18-presentations/Ryanczak/DEFCON-18-Ry
anczak-IPV6.pdf
