Upload
hayden-biggins
View
230
Download
4
Tags:
Embed Size (px)
Citation preview
KOM 15032: Arsitektur Jaringan
TerkiniBab 2. Pengalamatan IPv6
Course Goal Memahami konsep dasar pengalamatan IPv6
Mengerti konsep transisi IPv4 ke IPv6
IP Addressing How many IP address?
IPv4: 2^32 = 4.3 * 109 (Billion)
IPv6: 2^128 = 3.4 * 1038 (Undecillion)
When was IP address standarized? IPv4 in 1981 (RFC 791)
IPv6 in 1995 (RFC 1883) refined in 1998 (RFC 2460)
o As early as 1990, IETF started to work on IPng, solving IPv4 address shortage issue
o IETF initiated the standard in 1994
o Why not IPv5?
Major Goal of IPv6 Support billion of hosts
Reduce the size of the routing table
Simplify the protocol
Provide better security (authentication & privacy)
Pay more attention in QoS
High-bandwidth multimedia and fault tolerance applications (multicast)
Allowing a host to roam without changing its address
Allow the protocol to evolve in future
Permit old and new protocols to coexist for years
Do We Need Larger IP Address Space?
What is the Problem with IPv4? Rapid increase of the size of routing tables
More than 450.000 entries in the Internet
It was predicted that IPv4 will exhaust by 2008
Theoritical limit 4 billion devices
Practical limit 250 million devices
How to Reduce IPv4 Address Depletion
Classless Inter Domain Routing (CIDR)
Network Address Translation (NAT)
CIDR Advantages:
IP addressing scheme that replaces the older system based on classes A, B, and C. A single IP address can be used to designate many unique IP addresses
CIDR can reduce the number of routing table entries
Disadvantages:
Greater complexity
Many unused IP address
NAT Assign private addresses to the internal systems
Router translate the addresses
NAT (cont.) Popular on Dial-up, SOHO, and VPN
Save IPv4 address from exhausted
Lost of the end-to-end model
Asymmetric identifier
NAT Drawbacks
NAT breaks end-to-end communication Routers monitors the communication
Routers changes the data
NAT breaks bi-directional communication Hosts with global address can’t initiate the communication to the hosts
with private address
Why 128 bit then?
Room for many levels of structured hierarchy and routing aggegation
Easier address management and delegation than IPv4
Easy address auto-comfiguration
Ability to deploy end-to-end IPsec
What’s Good About IPv6
Larger address space 128 bit 3.4 * 10^38
Re-design to solve the current problem such as: Efficient and hierarchial addressing and routing
Security
Auto-configuration
Plug & play
Better support for QoS
Extensibility
Is IPv6 really good? IPv6 can’t easily solve (same as IPv4)
Security
Multicast
Mobile
QoS
IPv6 Addressing
A 128 bit value that representing an interface on the network
00101010000100100011010001011100000000000000000000000000000000000000000001111000000010011010101100001100000011011110000011110000
IPv6 Address Notation
2A12:345C:0:0:78:9AB:C0D:E0F0
IPv6 Address Notation (cont.)
2A12:345C:0:0:78:9AB:C0D:E0F0
00101010000100100011010001011100000000000000000000000000000000000000000001111000000010011010101100001100000011011110000011110000
Eight blocks of 16 bits in hexadecimal separated by colons (:)
IPv6 Address Notation (cont.)
2A12:345C:0:0:78:9AB:C0D:E0F0
00101010000100100011010001011100000000000000000000000000000000000000000001111000000010011010101100001100000011011110000011110000
Eight blocks of 16 bits in hexadecimal separated by colons (:)
IPv6 Address Notation (cont.)
2A12:345C:0:0:78:9AB:C0D:E0F0
00101010000100100011010001011100000000000000000000000000000000000000000001111000000010011010101100001100000011011110000011110000
Eight blocks of 16 bits in hexadecimal separated by colons (:)
IPv6 Address Notation (cont.)
2A12:345C:0:0:78:9AB:C0D:E0F0
00101010000100100011010001011100000000000000000000000000000000000000000001111000000010011010101100001100000011011110000011110000
Eight blocks of 16 bits in hexadecimal separated by colons (:)
IPv6 Address Notation (cont.) Blocks of 0 may be shortened with double colon (::) , but only
one :: is allowed
1234:5678:90AB::5678:0:CDEF
1234:5678:90AB:0:0:5678::CDEF
1234:5678:90AB::5678::CDEF
IPv6 Address Space Notation
<prefix>/<prefix-length>
1234:5678::/481234:5678:9ABC:DEF::/64
IPv6 Address Type Unicast
Single interface
Multicast Set of interfaces
Packets delivered to all interfaces
Anycast Set of interfaces
Packets delivered to one (the nearest) interface
Address Type Identification
Global Aggregatable Unicast Address Format
TLA ID Top-level aggregation identifier
RES Reserved for future use
NLA ID Next-level aggregation identifier
SLA ID Site-level aggregation identifier
Interface ID Interface identifier
An Interface’s Unicast Address
A link’s prefix length is always 64 bit
Allocationg IPv6 Address Space
2001:df0:ba::/48
16 bits for link’s network prefixes = 65k
Interface Identifier Interface ID manual or automatic
Automatic modified EUI-64 of MAC address
Complement 2nd LSB of 1st byte
Insert 0xfffe between 3rd and 4th bytes
MAC 00-12-34-56-78-9a
Interface ID 212:34ff:fe56:789a
Link-local Address Format
KAME style
fe80:<Interface-ID>%<ifname>
fe80::212:34ff:fe56:789a%fxp0
fe80::<Interface-ID>
Multicast Address Format
Flags:
LSB = 0 well-known multicast address
LSB = 1 temporary/transient multicast address
Scope:
1 interface-link scope
2 link-local scope
5 site-local scope
8 organization-local scope
E global scope
Multicast Address Example
ff02::2
Well-known address, link-local scope
Ff18::100
Temporary address, organization-local scope
A Node’s Address
Loopback Address
Link-local Address for each interface
Additional Unicast and Anycast Addresses
All-Nodes Multicast Addresses (ff02::1)
Solicited-Node Multicast Addresses
Multicast Addresses of groups it joined
A Router’s Address
A Node’s Address
Subnet-Router Anycast Addresses
All other Anycast Addresses
All-Router Multicast Addresses (ff02::2)
IPv4 vs IPv6 Header
What are Missing from IPv4 in IPv6?
Fragmentation/Reassembly IPv6 doesn’t allow for freagmentation/reassembly
Header checksum Transport layer and data link layer have handle it
Options Fixed-length 40 byte IP header
No longer a part of standard IP header
But, there is next header
Transition from IPv4 to IPv6
Generally, there are 3 approaches for transitioning to IPv6:
1. Dual-stack (running both IPv4 and IPv6 on the same device)
To allow IPv4 and IPv6 to co-exist in the same devices and networks
2. Tunneling (transporting IPv6 traffic through an IPv4 network transparently)
To avoid dependencies when upgrading hosts, routers, or regions
3. Translation (converting IPv6 traffic to IPv4 traffic for transport and vice versa)
To allow IPv6-only devices to communicate with IPv4-only devices
Dual-Stack Approach
Dual-stack node means: Both IPv4 and IPv6 stacks enabled
Applications can talk to both
Choice of the IP version is based on name lookup and application preference
Dual-Stack Approach (cont.)
A system running dual-stack, an application with IPv4 and IPv6 enabled will: Ask the DNS for an IPv6 address (AAAA record)
If that exists, IPv6 transport will be used
If it doesn’t exist, it will then ask the DNS for an IPv4 address (A record) and use IPv4 transport instead
Tunneling Approach
Manually configured Manual tunnel (RFC 4213)
GRE (RFC 2473)
Semi-automated Tunnel broker
Automatic 6to4 (RFC 3056)
6rd
ISATAP (RFC 4214)
TEREDO (RFC 4380)
Translation Approach
Techniques:
NAT-PT require Application Layer Gateway (ALG) functionality that converts Domain Name System (DNS) mappings between protocols (not really in use, since NAT64 came)
NAT64 combined with DNS64