1 / 43

IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson

IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE. What's in store. Why bother The transition Doing it NOW (yes, RIGHT NOW!) Where to go from here. Disclaimers. My opinions, not necessarily those of my employer

caroun
Télécharger la présentation

IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson dave.wilson@heanet.ie DW238-RIPE

  2. What's in store • Why bother • The transition • Doing it NOW (yes, RIGHT NOW!) • Where to go from here

  3. Disclaimers • My opinions, not necessarily those of my employer • Use at your own risk • No warranty express or implied • I may be misguided, misinformed or misunderstood • or on crack, for that matter • Best Before June 19100 • etc • etc • etc

  4. “But why would I want to use it?”

  5. Conservation of addresses (is a hassle) Why a new protocol?

  6. Restore the end-to-end (and die, NAT, die) Why a new protocol?

  7. Stateless autoconfiguration (and take the effort out of the host) Why a new protocol?

  8. Simplify address allocation (and take the effort out of the network) Why a new protocol?

  9. What IPv6 won't fix • It won't slow down routing table growth • It won't fix QoS, rate-limiting, bandwidth allocation • It won't stop spam (or solve security) • It won't solve world peace,global warming, etc

  10. Addressing and Routing

  11. The good old days 193.1.219.94/25 • 32 bits • Variable subnet size • Allocation depends on need

  12. The new world order 193.1.219.94/25 2001:770:18:2:260:cfff:fe20:f45c/64 • 128 bits • Variable subnet size • IETF mandates /64 for every LAN • "::" means "pad with zeros"

  13. Routing in IPv6 • IP is still IP • Class A, B, C long gone • Get your addresses from your ISP • Can do everything the old way, but...

  14. Routing in IPv6 • IP is still IP • Class A, B, C long gone • Get your addresses from your ISP • Can do everything the old way, but... The killer app: Neighbour Discovery

  15. Reaching the host IPv4 uses A records IPv6 uses AAAA records athene IN A 193.1.219.94 athene IN AAAA 2001:770:18:2:260:cfff:fe20:f45c Client attempts IPv6 first (AAAA record) and if that fails, IPv4 (A record)

  16. “So we turn off IPv4 when, exactly?”

  17. Transition technologies • Automatic tunnels (::1.2.3.4) • IPv4-compatible addresses (::1.2.3.4) • Dual stack • Configured tunnels • 6to4 • NAT-PT

  18. Dual stacking • Each host gets an IPv4 and IPv6 address • Server software binds to both addresses • DNS contains both records • v4 clients will use the old path • v6 clients will use the new one,and failover to v4

  19. Dual stacking Use this when • You already have global v4 address space • You have native connectivity • You have a tunnel + neighbour discovery on your LAN

  20. Configured tunnels • IPv6 connection in an IPv4 path • Set up by agreement between you and someone on the 6bone • Saves dual-stacking your router • First v6 hop may be an inefficient path • Uses CPU on the endpoint

  21. Configured tunnels Use these when • It's your first IPv6 connection • Your ISP doesn't support native v6 (ask!!) • You want to connect one or a few machines

  22. 6to4 You have an IPv4 address 193.1.219.117/32

  23. 6to4 You have an IPv4 address 193.1.219.117/32 You've been reserved an IPv6 subnet 2002:c101:dbd9::/48

  24. 6to4 You have an IPv4 address c1.01.db.d9/32 You've been reserved an IPv6 subnet 2002:c101:dbd9::/48

  25. 6to4 • Set your default route to the 6to4 anycast relay router • Your host tunnels traffic to that router • Return traffic is tunnelled to the encoded IPv4 address

  26. 6to4 Use this when • You've no native connectivity • You can't have (or don't want)a configured tunnel • You have a static global IPv4 address(or don't mind it changing) • Really fast, easy, no messing setup • The route might suck

  27. “But when is it going to get here?”

  28. How to get connectivity Ask your ISP!

  29. Enabling IPv6 on the host • Linux 2.4.* (2.2 with effort) • Red Hat 7.2+, • Debian Stable • Solaris 8 • Tru64 V5.1 • FreeBSD 4.3 • Windows XP (or 2000 with research stack) • Some sort of global IPv4 address- protocol 41 unfirewalled

  30. Compile the Kernel • Not needed for Red Hat  7.2 • Turn on experimental options • Turn on IPv6 under networking options • Optionally, IPv6 firewalling

  31. On Red Hat 7.2+ [/etc/sysconfig/network] NETWORKING_IPV6=yes ...and restart networking (or reboot)

  32. Native connections eth0 Link encap:Ethernet HWaddr 00:50:04:EA:43:64 inet addr:193.1.219.136 Bcast:193.1.219.255 Mask:255.255.255.128 inet6 addr: fe80::250:4ff:feea:4364/10 Scope:Link inet6 addr: 2001:770:18:1:250:4ff:feea:4364/64 Scope:Global UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:9821540 errors:0 dropped:0 overruns:0 frame:0 TX packets:3651133 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:204455702 (194.9 Mb) TX bytes:1439984168 (1373.2 Mb) Interrupt:10 Base address:0xe400

  33. Native connections eth0 Link encap:Ethernet HWaddr 00:50:04:EA:43:64 inet addr:193.1.219.136 Bcast:193.1.219.255 Mask:255.255.255.128 inet6 addr: fe80::250:4ff:feea:4364/10 Scope:Link inet6 addr: 2001:770:18:1:250:4ff:feea:4364/64 Scope:Global UP BROADCAST RUNNINGMULTICASTMTU:1500 Metric:1 RX packets:9821540 errors:0 dropped:0 overruns:0 frame:0 TX packets:3651133 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:204455702 (194.9 Mb) TX bytes:1439984168 (1373.2 Mb) Interrupt:10 Base address:0xe400

  34. 6to4 – Red Hat 7.2+ [/etc/sysconfig/network-scripts/ifcfg-eth0] [/etc/sysconfig/network-scripts/ifcfg-ppp0] IPV6INIT=yes IPV6_AUTOCONF=no IPV6FORWARDING=no IPV6TO4INIT=yes IPV6TO4_RELAY="192.88.99.1" IPV6TO4_ROUTING="eth0-:f101::0/64eth1-:f102::0/64"

  35. Tunnel vs. 6to4 www.sixxs.net

  36. So “ping” works. Where next?

  37. Your [n+1]th machine • No need to statically configure address, tunnel, anything • Run radvd on your nominated router • Address assigned using EUI-64

  38. Get rid of NAT Get rid of NAT Get rid of NAT Get rid of NAT Get rid of NAT Get rid of NAT Get rid of NAT Get rid of NAT Get rid of NAT Get rid of NAT Get rid of NAT Get rid of NAT Security

  39. Security Globally addressable does not mean Globally reachable

  40. Common services • Cisco • 12.2T for 2500-7500 • 12.0(23)S for 12000 • 12000 requires Engine III line cards for line rate forwarding • Juniper • All recent versions of JUNOS • Line rate forwarding

  41. Common services • SMTP Sendmail, Exim • POP, IMAP Courier • LISTSERV via mail+web server • DNS Bind 9 • SSH OpenSSH • Web server Apache 2 • News server Diablo • Web cache Squid+patches

  42. Where next? IPv6-HOWTO at http://www.tldp.org/ http://www.ipv6.heanet.ie/docs/v6linux/ http://www.6bone.net/ http://www.freenet6.net/ http://www.hs247.com/

  43. This slide intentionally left blank

More Related