1 / 30

Christophe Jelger Post-doctoral researcher Christophe.Jelger@unibas.ch

The Internet Protocol version 6 (IPv6) : Evolution or Revolution ?. Christophe Jelger Post-doctoral researcher Christophe.Jelger@unibas.ch. Plan. Motivations behind IPv6 IP is History … Lack of IPv4 addresses ? Growth of routing tables Unfairness in IPv4 address allocation

thalia
Télécharger la présentation

Christophe Jelger Post-doctoral researcher Christophe.Jelger@unibas.ch

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Internet Protocolversion 6 (IPv6) :Evolution or Revolution ? Christophe Jelger Post-doctoral researcher Christophe.Jelger@unibas.ch Christophe Jelger – CS221 Network and Security - Universität Basel - 2005

  2. Plan • Motivations behind IPv6 • IP is History … • Lack of IPv4 addresses ? • Growth of routing tables • Unfairness in IPv4 address allocation • Required features of IPng • So what's new in IPv6 ? • Address format and scoped addresses • IPv6 header vs. IPv4 header • New features : autoconfiguration, improved mobility support Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  3. Plan • Address allocation with IPv6 • Hierarchical routing everywhere • Today's IPv6 world • Where are we today ? • Current status of IPv6 • From IPv4 to IPv6 Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  4. Motivationsbehind IPv6 When the main issues are not related to end users Where are We today ? Motivations Behind IPv6 So what's New in IPv6 ? Address Allocation With IPv6 Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  5. IP is History … and the Internet is growing • The current version (4) of the IP protocol is 30 years old • IP is everywhere : it has become the de facto standard • The Internet is growing … • 1973 : research network (~100 machines) • Mid-80s : early adoption and first address allocations • 1992 : First commercial applications and start of the Web • 1993 : first address crisis – CIDR introduced • no more addresses by 1994 ! • Exponential growth • 2002 : 600 million Internet users Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  6. Lack of IPv4 addresses ? • A very hot topic … • Address exhaustion was predicted many times • Current estimates : 5 to 20 years to go • 2011-2012: IANA unallocated address space is assigned • 2026: exhaustion of the RIRs' address spaces • Drawback is that getting addresses becomes very difficult • Address allocation is strongly unfair • IPv4 • Address length is 32 bits : theoretically, that is 4.5 billion addresses • But addressing is not so simple … • Allocation is network-based Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  7. Lack of IPv4 addresses ? • Class-based address architecture Network id Host id 32 bits Class A network 127 networks each with 16,777,216 hosts 8 bits 24 bits Class B network 16,128 networks each with 65,536 hosts 16 bits 16 bits Class C network 2,031,616 networks each with 256 hosts 24 bits 8 bits 1993 : no Class B networks available ! Class-less Inter-Domain Routing (CIDR) introduced Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  8. Lack of IPv4 addresses ? • CIDR • Allows network-id of any length (e.g. /13, /26) • E.g. /18 = 16384 hosts and /19 = 8192 hosts • Aggregation and hierarchical routing • An ISP get a /15 address space and it redistributes sub-parts of it, e.g. 512 /24 networks • Routing to all the ISP's clients is done via the /15 • Also adddress allocation became more strict Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  9. Lack of IPv4 addresses ? • CIDR solved the problem … until when ? • Around 65 /8 are still available (78 in November 2004) • At the current pace, 5 /8 (100M addresses !) are used every year, but this rate is growing as emerging countries are hungry in addresses (China, India, African countries) • Address allocation is becoming a nightmare • We must move ahead before it's too late • Still a big waste of address space • UniBasel : 8500 active machines but a /16 network (65,536 hosts) • Non-ISP entities still have a /8 address space (IBM, HP, Xerox, Apple, MIT, Ford, Lily, Halliburton) • BUT the problem is not only the lack of addresses … Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  10. Growth of routing tables • In the core part of the Internet, routers do not have a default route : this is the Default-Free Zone (DFZ) • In 2000, the size of routing tables in the DFZ is around 75,000 entries • In 2001, it is around 100,000 • In December 2004, this value is between 150,000 and 180,000 • In April 2007, this value reaches 300,000 for some ASs ! • Routing updates are getting slower • Operational maintenance becomes more and more complex Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  11. Growth of routing tables • Main cause : aggregation is not sufficient • The top 30 operators could reduce their announcements by 68.6% with proper aggregation (67% in 2006, 60% in 2005) • The DFZ size could be reduced by 50.7% with aggregation for all ASs (34% in 2006, 30% in 2005) • Aggregation alone cannot significantly reduce the size of the DFZ: A complete address re-allocation should be made • 131.152.0.0/16 UniBasel – 131.153.0.0/16 Sematech, TX • THIS IS IMPOSSIBLE ! • Except if a new addressing scheme is used : IPv6 ! Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  12. Unfairness in address allocation • Historically, addresses have been assigned on a first-come first-serve basis • But today, addresses are assigned in a very strict way • Some countries fail to obtain sufficient addresses • When others have far too many addresses • United States : 4.2 addresses / inhabitant (9.4 per Internet user) • Switzerland : 1.4 addresses / inhabitant (4 per Internet user) • France : 0.6 addresses / inhabitant (3.4 per Internet user) • China : 0.02 addresses / inhabitant (0.54 per Internet user) • India : 0.003 addresses / inhabitant (0.38 per Internet user) • Senegal : 8.192 addresses (10M inhabitants) • Mali : 4.096 addresses (13 M inhabitants) • Congo : 0 addresses (52 M inhabitants) Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  13. Required features of IPng (next generation) • RFC-1380 : from IESG (Internet Engineering Steering Group) • IPng must be capable of addressing 1012 networks • Transition to IPng must be done without the need of a D-day • IPng must be easily extended with new features • Deployment features • Hierchical routing MUST be the norm • Getting an address space must be straightforward • Autoconfiguration Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  14. So what's new in IPv6 ? Myths and reality … Where are We today ? Motivations Behind IPv6 So what's New in IPv6 ? Address Allocation With IPv6 Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  15. Address format and scoped addresses (RFC 3513) • 128 bits (16 octets) • That is potentially 3.4 x 1038 addresses • And 1.8 x 1019 /64 networks ! • 64-64 is the norm : a /64 network can accommodate any number of devices ! • Notation • IPv4 : 131.152.230.33/16 • IPv6 : 2001:620:200:1:200:e2ff:fe9c:2282/64 • 2001:620:200:1:0:0:0:1  2001:620:200:1::1 • New DNS record : AAAA (A for IPv4) Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  16. Address format and scoped addresses • Scoped addresses • Link-local addresses : prefix fe80::/64 • Site-local (deprecated) : prefix fec0::/64 • Unique local (address scope is global but routing is restricted to a site) : prefix fc00::/7 (but /64 when deployed) • Multicast : ff00::/8 • Link-scope : ff02::/16 • Site-scope : ff05::/16 • Global-scope : ff0e::/16 • Well-known addresses : no layer-3 broadcast any more • ff02::1 all nodes on link, ff02::2 all routers on link • ff02::16 all MLDv2 multicast routers • Special addresses • Loopback : 0:0:0:0:0:0:0:1 or ::1 • Unspecified : 0:0:0:0:0:0:0:0 or :: Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  17. IPv6 header vs. IPv4 header (RFC 2460) 20 bytes (without option) 40 bytes Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  18. IPv6 header vs. IPv4 header • Header format is simplified • Optional headers are daisy-chained • No checksum at IP layer (it's done by other layers) • No re-computation by each router • No hop-by-hop segmentation • Path MTU discovery • 64 bits aligned • ARP (address Resolution Protocol) is replaced by Neighbor Discovery at the ICMP6 layer Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  19. IPv6 header vs. IPv4 header • Optional headers • Hop-by-Hop header: information that must be processed by all intermediate hops • Used by ICMP6 (MLD, Multicast Listener Discovery) • Routing header: the source node can specify one or multiple intermediate hops via which the packet must travel (source-routing) • Used by Mobile IPv6 • Fragment header: to send a packet which has a size > MTU • Destination option: to carry additional information that must be processed by the destination • Used by Mobile IPv6 Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  20. New features • Stateless Address Autoconfiguration (RFC 2462) MAC : 00:07:85:92:7F:F8 IPv6 router Prefix + EUI-64 (+universal bit) IPv6 prefix 2001:660:4701:f002:207:85ff:fe92:7ff8/64 2001:660:4701:f002::/64 also internally done for fe80::207:85ff:fe92:7ff8/64 Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  21. New features: ICMPv6 • Neighbor Discovery (RFC 2461) • Main feature is the replacement of ARP IPv6: fe80::207:85ff:fe92:7ff8/64 MAC : 00:07:85:92:7F:F8 + 33:33:ff:92:7f:f8 IPv6: fe80::20b:5dff:fe58:9eec/64 MAC : 00:0B:5D:58:9E:EC Neighbor sollicitation Neighbor advertisement Eth dst addr: 33:33:ff:92:7f:f8 (multicast MAC address) IPv6 dst addr: ff02::1:ff92:7ff8 (sollicited multicast address) Target: fe80::207:85ff:fe92:7ff8 Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  22. New features • Stateless Address Autoconfiguration • Duplicate Address Detection (DAD) • Security issues and DNS dynamic updates are currently being investigated by IETF. • Who's behind which machine ? (URZ) • Improved support for • Mobility (Mobile IPv6) • Security (IPSec) is integrated • Multicast deployment through RP-embedded addresses • Myths : IPv6 does NOT provide • Any QoS features • Any kind of improved performance Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  23. Address Allocationwith IPv6 Where the BIG difference is … Where are We today ? Motivations Behind IPv6 So what's New in IPv6 ? Address Allocation With IPv6 Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  24. AGUA (Aggregatable Global Unicast Addresses) Provider Site Host 45 bits 16 bits 64 bits 3 bits 001 Global Routing Prefix SLA Host ID • Current allocation scheme • IANA has decided to start with 2001::/16 • IANA allocates /23 to registries • RIPE (Europe) : 2001:600::/23 • ARIN (North America) : 2001:400::/23 • APNIC (Asia) : 2001:200::/23 • Registries allocate /32 to ISP • SWITCH : 2001:620::/32 • RENATER : 2001:660::/32 Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  25. Allocation Scheme • ISP allocate /48 or /64 to customers • UniBasel : 2001:620:200::/48 • UniStrasbourg : 2001:660:4701::/48 • /64s are for end users (via ADSL or cable) • Hierarchical routing IS the norm • With IPv4, SWITCH announces 88 prefixes (could be reduced to 87) which CANNOT be aggregated ! • With IPv6, SWITCH announces one prefix ! (2001:620::/32) • Current DFZ size is around 850 (300,000 for IPv4!) • Proper aggregation could reduce this by 4%. • Max DFZ until re-allocation is 4096 Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  26. Today's IPv6 world • Only 0.0008 % of the entire IPv6 address space is used ! (i.e. the equivalent of about 152,000 billion /64 networks ! • In 2006: 0.0007% and 130,000 billion /64s • In 2005: 0.0005% and 90,000 billion /64s) • IPv6 ready-networks : WIDE, Geant (european academic network), Internet2 (US academic network), AOL, Swisscom, NASA, FT, BT etc … • Deployment in end-sites is slow • IPv6 is not a revolution : not much added value for end-users • Developed countries have plenty of IPv4 addresses • Still, IPv6 will eventually replace IPv4 : it's a matter of time ! Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  27. Where are we today ? Status of IPv6 specifications Where are We today ? Motivations Behind IPv6 So what's New in IPv6 ? Address Allocation With IPv6 Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  28. IPv6 status • Most part of the protocol is specified and has proved to work well (around 10 years of experimentation) • Areas that are currently considered • Default router selection and specific routes (multi-homing) • Load sharing • Privacy extensions for address autoconfiguration • Secure DNS update and secure autoconfiguration • Most systems are IPv6-ready • *BSD, Linux, Windows 2000 and XP • Cisco, Juniper, and 6Wind routers • Most applications are also IPv6-ready Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  29. From IPv4 to IPv6 • Transition is difficult • End-users and end-sites do not feel concerned • There is no killer application for IPv6 • Many transitioning tools available • Dual-stack • Tunneling techniques : 6to4, ISATAP • Translation tools : NAT-PT, DSTM • Sooner or later IPv6 will prevail • In networks with IPv4 addresses : dual-stack is best • In native IPv6 networks, tunneling or translation is needed to reach IPv4 world Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

  30. Thank you Questions ? Christophe Jelger – CS221 Network and Security - Universität Basel - 2007

More Related