1 / 38

IPv6: Hype or Reality?

IPv6: Hype or Reality?. Tim Helming Director of Product Management Corey, Nachreiner, CISSP, Sr. Network Security Strategist ,. Welcome!. You’re here because v6 matters to you. Come On In: The Water’s Fine!. IPv4 is dead…long live IPv4!. IPv6 is Everywhere….sort of….

banyan
Télécharger la présentation

IPv6: Hype or Reality?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IPv6: Hype or Reality? Tim Helming Director of Product Management Corey, Nachreiner, CISSP, Sr. Network Security Strategist ,

  2. Welcome!

  3. You’re here because v6 matters to you

  4. Come On In: The Water’s Fine!

  5. IPv4 is dead…long live IPv4!

  6. IPv6 is Everywhere….sort of… Source: Elise Gerich, IANA/ICANN

  7. Sometimes “unofficial” data is the most interesting… Graphic: Geoff Huston, APNIC

  8. OK….Pencils and Binoculars Ready?

  9. IPv6 Technical Brief

  10. What’s the problem with IPv4? Simply put, it doesn’t offer enough addresses… World Population: Around 6.8 billion Number of IPv4 addresses: Around 4.3 billion That’s not enough!

  11. It Gets Worse… People (personal computers) aren’t the only thing online…

  12. IPv6 Technical Benefits

  13. Quick IPv4 Address Recap One byte = 0 - 255 32-bit (four bytes) long 1101000.10000100.01100000.00011001 208.132.96.25 • Developed in 80s • 232 • 4.3 billion possible addresses (4,294,967,296) • Generally represented in decimal • NAT allows more (1000s of devices can hide behind one IPv4 address)

  14. Dissecting an IPv6 Address Two bytes = 0 – FFFF (65535) 128-bits (16 bytes) long 0010000111011010000000001101001100000000000000000010111100111011 0000001010101010000000001111111111111110001010001001110001011010 340 282 366 920 938 463 463 374 607 431 768 211 456 2560:1900:4545:0003:0200:F8FF:FE21:67CF • Developed in 1998 (RFC 2460) • 2128 • 3.4 x 1038 or 340 Undecillion (what?) possible addresses • Generally represented in hexadecimal (HEX) • Who needs NAT!

  15. Shortening IPv6 Addresses 2001:0019:0545:0003:0200:0000:0000:67CF Remove preceding zeros 2001:19:545:3:200:0:0:67CF Remove groups of zeros 2001:19:545:3:200::67CF 2001:19:545:3:200:::67CF

  16. Reading HEX Primer • Hexadecimal (base 16) is a numeral system with sixteen symbols • 0-9 = well… zero through nine (duh) • A-F = 10 – 15 • 10,11,12,13 = 16, 17, 18. 19 • Converting HEX to decimal: 4D5F • (4 x 163) + (13 x 162) +(5 x 161 ) + (15 x 160) • (16384) + (3328)+(80)+(15) • 19807 or (0100110101011111)

  17. Types of IPv6 Addresses • Unicast Address – a one-to-one address: • Global – publicly routable address assigned by IANA (2000::/3) • Link local – Local address assigned for auto configuration or neighbor discovery, etc… not routed. (FE80::/10) • Unique local – like private addresses. Just used at local site (FC00 or FD00::/8) • Special – special addresses like loopback or default gateway • Compatible – used for IPv4 to IPv6 migration • Multicast Address – an address intended for one-to-many communication: • Multicast – sent to members in a multicast group • Broadcast – sent to all address on a network (technically, now a all-nodes multicast) • Anycast Address – a new address used to send to the first receipient of a group

  18. IPv6 Hierarchical Addressing Interface ID Global Routing Prefix Prefix SLA ID 2561:1900:4545:0003:0200:F8FF:FE21:67CF TLA ID NLA ID

  19. IPv6 Subnetting • CIDR only (slash notation) • No concept of subnet masks • / followed by prefix size (decimal number 1-128) 2001:1900:4545:0003:0200:F8FF:FE21:67CF 2001:1900:4545::/48 = /16 /32 /48 2001:1900:4545:0000:0000:0000:0000:0000 - 2001:1900:4545:FFFF:FFFF:FFFF:FFFF:FFFF CIDR to range tool: http://www.ultratools.com/tools/ipv6CIDRToRange

  20. What about MAC? MAC Address: 90-3A-2B-06-2C-D1 Split in half: 90-3A-2B 06-2C-D1 Insert FFFE: 90:3A:2B:FF:FE:06:2C:D1 Change 7th bit to 1: 92:3A:2B:FF:FE:06:2C:D1 • Hosts generate a unique “Interface Identifier” • Called 64-bit Extended Unique Identifier or EUI-64 • 48-bit MAC addresses converted by adding FFFE to the middle

  21. What about ARP? • IPv6 replaces ARP with the Neighborhood Discovery Protocol. This new protocol combines many functions:

  22. Simplified Headers Mean Faster Traffic IPv4 Header (20 bytes) IPv6 Header (40 bytes) Version IHL Type of Service Total Length Version Traffic Class Flow Label Identification Flags Fragment Offset Payload Length Next Header Hop Limit Time to Live Protocol Header Checksum Source Address Source Address Destination Address Destination Address Options Padding

  23. IPv6 OS Support

  24. Field Guide to Common IPv6 Addresses

  25. Common Address Field Guide (1) 0000:0000:0000:0000:0000:0000:0000:0001 or ::1 FE80::/10 FE80::28BB:0ACB:3F57:D837 • Loopback address (was 127.0.0.1) • Link-local address (was 169.254.0.0/16)

  26. Common Address Field Guide (2) 0000:0000:0000:0000:0000:0000:0000:0000/0 or ::/0 FC00::/7 FC00::28BB:0ACB:3F57:D837 • Default route (was 0.0.0.0/0) • Unique Local Address or ULA (Also called Site Local. Similar to private networks)

  27. Common Address Field Guide (3) FF00::/8 FF02::1 Looks like a unicast address • Multicast address (was 224.0.0.0/4) • Anycast address (new – send to the nearest node in a group)

  28. Common Address Field Guide (4) 2002::/16 207.134.42.111 = 2002:CF86:2A6F::/48 • 6to4 addresses

  29. Common Address Field Guide (5) 2000::/3 2260:F3A4:32CB:715D:5D11:D837 • Unique Global (public IP address)

  30. Common Address Field Guide (6) • Other addresses/ranges of lesser note: • 42::/16 - The Retiolum Prefix • 2001::/32 -Teredo tunneling (transition mechanism) • 2001:2::/48 -Assigned to BMWG • 2001:10::/28 - ORCHID (Overlay Routable Cryptographic Hash Identifiers) • 3FFE::/16 – 6Bone IPv6 Testbed addresses (legacy)

  31. IPv6 Technical Summary

  32. Glossary • IP address: Internet protocol address. An address network devices use to identify one another • NAT: Network address translation. A standard to hide many special IPs behind one real IP • Hexadecimal: A base-16 numbering system consisting of 0-F • Routing Prefix: The first 64-bits of an IPv6 address, which identifies routing info • Interface ID: The last 64-bits of an IPv6 address, which identifies a single host • CIDR: Classless Inter-Domain Routing. A scalable method for assigning IPs and routing packets • MAC: Media Access Control address. A unique address for specific network hardware • ARP: Address resolution protocol. A standard for IPv4 devices to find one another locally • EUI-64: A unique 64-bit identifier of IPv6, based on MAC • Network Discovery (ND) Protocol: IPv6 replacement for ARP and more…

  33. Glossary (cont.) • Addresses • Unicast Address: Specific One-to-one address • Multicast Address: An address to communicate from one-to-many • Anycast Address: A new type of address to communicate from one to the first in a group to receive. • Loopback: Address that represents the local host • Local Link: Required, non-routable address that connects to local network, and is used for autoconfiguration • Default Route: Address that represents where to send non-local traffic • Unique Local: Non-global address similar to IPv4 private networks • 6to4: One of many IPv6 transition mechanisms • Unique Global: A specific, publicly routable IPv6 host address

  34. Things We Haven’t Covered (Lots)

  35. Extra Reading Material for Geeks • IPv6 Request For Comments (RFCs): • RFC 1752 (1995): The Recommendation for IP Next Generation (IPng) Protocol • RFC 2460 (1998): Internet Protocol Version 6 (IPv6) Specification • RFC 2462: IPv6 Stateless Address Autoconfiguration • RFC 3775: Mobility Support in IPv6 • RFC 2893: Transition Mechanisms for IPv6 Hosts and Routers • RFC 2373: IP Version 6 Addressing Architecture • And many more (over 70 RFCs related to IPv6): http://oversteer.bl.echidna.id.au/IPv6/RFC/

  36. Wrapping Up

  37. You Have Some New IPv6 Knowledge….Now What?

  38. Thank You!

More Related