IP Next Generation IPv 6 IPv 4 vs

IP Next Generation (IPv 6): IPv 4 vs. IPv 6 - - DPNM

Table of Contents v Limitations of current Internet Protocol (IPv 4) v How many addresses do we need? v IPv 6 addressing v IPv 6 header format v IPv 6 features: routing flexibility, plug-n-play, multicast support, flows -2 - DPNM

Pre-IP: Translation, ALGs ALG ALG v Application-Layer Gateways (ALGs) – – inevitable loss of some semantics difficult to deploy new Internet-wide applications hard to diagnose and remedy end-to-end problems stateful gateways hard to route around failures v No global addressability – ad-hoc, application-specific solutions -3 - DPNM

The IP Solution … IP IP v Internet-layer gateways & global addresses v Simple, application-independent, lowest denominator network service: best-effort datagrams v Stateless gateways could easily route around failures v with application-specific knowledge out of gateways: – Network service providers (NSPs) no longer had monopoly on new services – Internet: a platform for rapid, competitive innovation -4 - DPNM

The Internet Today: with NATs NAT-ALG IP v Network Address Translators (NATs) and App-layer gateways (ALGs) – – – inevitable loss of some semantics hard to diagnose and remedy end-to-end problems stateful gateways inhibit dynamic routing around failures no global addressability => brokered with NATs new Internet devices more numerous, and may not be adequately handled by NATs (e. g. , mobile nodes) -5 - DPNM

IPv 4 Addresses v Example: 164. 107. 134. 5 = 1010 0100 : 0110 1011 : 1000 0110 : 0000 0101 = A 4: 6 B: 86: 05 (32 bits) v Maximum number of address = 232 = 4 Billion v Class A Networks: 15 Million nodes v Class B Networks: 64, 000 nodes or less v Class C Networks: 250 nodes or less v Class B very popular… v Total allocated address space as seen by routing: ~1 Billion -6 - DPNM

How Many Addresses? v 10 Billion people by 2020 v Each person has more than one computing device v Assuming 100 devices person 1012 devices v More addresses may be required since – Multiple interfaces per node – Multiple addresses per interface – Some believe 26 to 28 addresses per host v Safety margin 1015 addresses v IPng Requirements 1012 end systems and 109 networks. Desirable 1012 to 1015 networks -7 - DPNM

IPv 6 Addresses v 128 -bit long. Fixed size v 2128 = 3. 4× 1038 addresses 665× 1021 addresses per sq. m of earth surface v If assigned at the rate of 106/ s, it would take 20 years v Expected to support 8× 1017 to 2× 1033 addresses 8× 1017 1, 564 address per sq. m v Allows multiple interfaces per host. v Allows multiple addresses per interface v Allows unicast, multicast, anycast v 85% of the space is unassigned -8 - DPNM

Colon-Hex Notation v Dot-Decimal: 127. 23. 45. 88 v Colon-Hex: FEDC: 0000: 3243: 0000: ABCD – Can skip leading zeros of each word – Can skip one sequence of zero words, e. g. , FEDC: : 3243: 0000: ABCD or : : 3243: 0000: ABCD – Can leave the last 32 bits in dot-decimal, e. g. , : : 127. 23. 45. 88 – Can specify a prefix by /length, e. g. , 2345: BA 23: 7: : /40 -9 - DPNM

Header v IPv 6: Version Class Flow Label Payload Length Next Header Hop Limit Source Address Destination Address IPv 4: Version IHL Type of Service Total Length Identification Flags Fragment Offset Time to Live Protocol Header Checksum Source Address Destination Address Options Padding q - 10 - DPNM

The IPv 4 Header Version Hdr Len Prec TOS Total Length Identification Flags Fragment Offset Time to Live Protocol Header Checksum Source Address Destination Address Options Padding 32 bits v shaded fields are absent from IPv 6 header - 11 - DPNM

IPv 6 vs. IPv 4 v IPv 6 twice the size of IPv 4 header v Version: only field with the same position and meaning v Removed: – Header length, fragmentation fields (identification, flags, fragment offset), header checksum v Replaced: – – Datagram length by payload length Protocol type by next header Time to live by hop limit Type of service by “class” octet v Added: flow label v All fixed size fields. v No optional fields. Replaced by extension headers. – Idea: avoid unnecessary processing by intermediate routers w/o sacrificing the flexibility - 12 - DPNM

Extension Headers Base Extension Header 1 Extension Header n Data v Most extension headers are examined only at destination v Routing: Loose or tight source routing v Fragmentation: one source can fragment v Authentication v Hop-by-Hop Options v Destination Options: - 13 - DPNM

Extension Header (Continued) o Only Base Header: Base Header Next = TCP o TCP Segment Only Base Header and One Extension Header: Base Header Route Header Next = TCP o TCP Segment Only Base Header and Two Extension Headers: Base Header Route Header Auth Header Next = TCP Next = Auth Next = TCP - 14 - TCP Segment DPNM

Fragmentation v Routers cannot fragment. Only source hosts can. Need path MTU discovery or tunneling v Fragmentation requires an extension header v Payload is divided into pieces v A new base header is created for each fragment . . . Part n Base Header Data New Base Header Frag. 1 Header Part 1 New Base Header Frag. 2 Header Part 2 New Base Header Frag. n Header Part n Part 1 - 15 - DPNM

Initial IPv 6 Prefix Allocation Reserved Unassigned NSAP IPX Unassigned Prefix Allocation 0000 Unassigned 0000 0001 Unassigned 0000 010 Unassigned 0000 011 Unassigned 0000 1 Unassigned 0001 Unassigned Provider-based* 010 Link-Local Unassigned 011 Site-Local Geographic 100 Multicast Prefix 101 110 1111 110 1111 1110 11 1111 *Has been renamed as “Aggregatable global unicast” - 16 - DPNM

Aggregatable Global Unicast Addresses (1) v Address allocation: “provider-based” plan v Format: TLA + NLA + SLA + 64 -bit interface ID v TLA = “Top level aggregator. ” – For “backbone” providers or “exchange points” v NLA = “Next Level Aggregator” – Second tier provider and a subscriber – More levels of hierarchy possible within NLA v SLA = “Site level aggregator” – Renumbering: change of provider => change the TLA and NLA. But have same SLA & I/f ID v Sub-fields variable-length, non-self-encoding - 17 - DPNM

Aggregatable Global Unicast Addresses (2) v Interface ID = 64 bits – Will be based on IEEE EUI-64 format – An extension of the IEEE 802 (48 bit) format. – Possible to derive the IEEE EUI-64 equivalent of current IEEE 802 addresses 001 TLA NLA* public topology (45 bits) SLA* interface ID site topology (16 bits) - 18 - interface identifier (64 bits) DPNM

IPv 6 Routing architecture TOP Next level Provider, Exchange Next level Site Link Host - 19 - DPNM

Local-Use Addresses v Link Local: Not forwarded outside the link, FE: 80: : xxx – Auto-configuration and when no routers are present 10 bits 1111 1110 10 q q 118 -n Interface ID Site Local: Not forwarded outside the site, FE: C 0: : xxx Independence from changes of TLA / NLA* 10 bits 1111 1110 11 q n bits 0 n bits m bits 118 -n-m bits 0 SLA* Interface ID Provides plug and play - 20 - DPNM

Multicast Addresses 1111 flags scope 8 4 group ID 112 bits 4 v low-order flag indicates permanent / transient group; three other flags reserved v scope field: 1 - node local 2 - link-local 5 - site-local 8 - organization-local B - community-local E - global (all other values reserved) v All IPv 6 routers will support native multicast - 21 - DPNM

Multicast Scoping v Scoping. Eg: 43 NTP Servers – – – FF 01: : 43 All NTP servers on this node FF 02: : 43 All NTP servers on this link FF 05: : 43 All NTP servers in this site FF 08: : 43 All NTP servers in this org. FF 0 F: : 43 All NTP servers in the Internet v Structure of Group ID: – First 80 bits = zero (to avoid risk of group collision, because IP multicast mapping uses only 32 bits) - 22 - DPNM

Address Auto-configuration v Allows plug and play v BOOTP and DHCP are used in IPv 4 v DHCPng will be used with IPv 6 v Two Methods: Stateless and Stateful v Stateless: – A system uses link-local address as source and multicasts to "All routers on this link" – Router replies and provides all the needed prefix info – All prefixes have a associated lifetime – System can use link-local address permanently if no router - 23 - DPNM

Address Auto-configuration (Continued) v Stateful: – Problem with stateless: Anyone can connect – Routers ask the new system to go DHCP server (by setting managed configuration bit) – System multicasts to "All DHCP servers" – DHCP server assigns an address - 24 - DPNM

ICMPv 6: Neighbor Discovery v ICMPv 6 combines regular ICMP, ARP, Router discovery and IGMP. v The “neighbor discovery” is a generalization of ARP & router discovery. v Source maintains several caches: – – destination cache: dest neighbor mapping neighbor cache: neighbor IPv 6 link address prefix cache: prefixes learnt from router advertisements router cache: router IPv 6 addresses - 25 - DPNM

Neighbor Discovery (Continued) v Old destination look up destination cache v If new destination, match the prefix cache. If match destination local! v Else select a router from router cache, use it as the nexthop (neighbor). – Add this neighbor address to the destination cache v Solicitation-advertisement model: – Multicast solicitation for neighbor media address if unavailable in neighbor cache – Neighbor advertisement message sent to soliciting station. - 26 - DPNM

IPv 6 Auto-configuration: 7 problems v 1. End-node acquires L 3 address: – Use link-local address as src and multicast query for advts – Multiple prefixes & router addresses returned v 2. Router finds L 3 address of end-node: same net-ID v 3. Router finds L 2 address of end-node: neighbor discovery (generalization of ARP, w/ several caches) v 4. End-nodes find router: solicit/listen for router advt v 5. End-nodes send directly to each other: same prefix (prefix cache) => direct v 6. Best router discovery: ICMPv 6 redirects v 7. Router-less LAN: same prefix (prefix cache) => direct. Link-local addresses + neighbor discovery if no router. - 27 - DPNM

Auto-Reconfiguration (“Renumbering”) v Problem: providers changed => old-prefixes given back and new ones assigned THROUGHOUT the site v Solution: – we assume some overlap period between old and new, i. e. , no “flash cut-over” – hosts learn prefix lifetimes and preferability from router advertisements – old TCP connections can survive until end of overlap; new TCP connections can survive beyond overlap v Router renumbering protocol, to allow domain-interior routers to learn of prefix introduction / withdrawal v New DNS structure to facilitate prefix changes - 28 - DPNM

Other Features of IPv 6 v Flow label for more efficient flow identification (avoids having to parse the transport-layer port numbers) v Neighbor un-reachability detection protocol for hosts to detect and recover from first-hop router failure v More general header compression (handles more than just IP+TCP) v Security (“IPsec”) & differentiated services (“diff-serv”) Qo. S features — same as IPv 4 - 29 - DPNM

If IPv 6 is so great, how come it is not there yet? v Applications – Need upfront investment, stacks, etc. – Similar to Y 2 K, 32 bit vs. “clean address type” v Networks – Need to ramp-up investment – No “push-button” transition - 30 - DPNM

Transition Issues: Protocol upgrades v Most application protocols will have to be upgraded: FTP, SMTP, Telnet, Rlogin v Several full standards revised for IPv 6 v Non-IETF standards: X-Open, Kerberos, . . . will be updated… Hosts, routers … the works! v With a suite of “fixes” to IPv 4, what is compelling in IPv 6? – Sticks: tight address allocation (3 G going to IPv 6), NAT becomes too brittle… – Incentives (carrots): stateless autoconf simplifies mobility, if p 2 p and multimedia grow, then NATs may pose a problem - 31 - DPNM

Transition Mechanisms v 1. Recognize that IPv 4 will co-exist with IPv 6 indefinitely v 2. Recognize that IPv 6 will co-exist with NATs for a while v Dual-IP Hosts, Routers, Name servers v Tunneling IPv 6 -over-IPv 4 (6 -over-4), IPv 4 as link (6 -to-4) v Translation: allow IPv 6 -only hosts to talk to IPv 4 -only hosts Application Dual Internet TCP IPv 4 IPv 6 Ethernet IPv 4 - 32 - DPNM

IPv 4 -IPv 6 Co-Existence / Transition Three categories: (1) dual-stack techniques: allow IPv 4 and IPv 6 to coexist in the same devices and networks (2) tunneling techniques: avoid order dependencies when upgrading hosts, routers, or regions (3) translation techniques: allow IPv 6 -only devices to communicate with IPv 4 -only devices v. Expect all of these to be used, in combination - 33 - DPNM

Dual-Stack Approach v When adding IPv 6 to a system, do not delete IPv 4 – this multi-protocol approach is familiar and well-understood (e. g. , for Apple. Talk, IPX, etc. ) – note: in most cases, IPv 6 will be bundled with new OS releases, not an extra-cost add-on v Applications (or libraries) choose IP version to use – when initiating, based on DNS response: if (dest has AAAA or A 6 record) use IPv 6, else use IPv 4 – when responding, based on version of initiating packet v This allows indefinite co-existence of IPv 4 and IPv 6, and gradual, app-by-app upgrades to IPv 6 usage - 34 - DPNM

Tunneling v Encapsulate IPv 6 inside IPv 4 packets (or MPLS). Methods: – – Manual configuration “Tunnel brokers” (using web-based service to create a tunnel) “ 6 -over-4” (intra-domain, using IPv 4 multicast as virtual LAN) “ 6 -to-4” (inter-domain, using IPv 4 addr as IPv 6 site prefix) v can view this as: – IPv 6 using IPv 4 as a virtual link-layer, or – an IPv 6 VPN (virtual public network), over the IPv 4 Internet (becoming “less virtual” over time) - 35 - DPNM

6 to 4 Automated tunneling across IPv 4… Pure “Version 6” Internet Original “Version 4” Internet 1 v 4 address = 6 to 4 Site 1 v 6 network - 36 - DPNM

6 to 4 addresses: 1 v 4 address = 1 v 6 network FP (3 bits) TLA (13 bits) IPv 4 Address (32 bits) SLA ID (16 bits) Interface ID (64 bits) 001 0 x 0002 ISP assigned Locally administered Auto configured v Stateless tunnel over the IPv 4 network without configuration – The IPv 6 address contains the IPv 4 address – Entire campus infrastructure fits behind single IPv 4 address - 37 - DPNM

Translation: path from NATs v May prefer to use IPv 6 -IPv 4 protocol translation for: – new kinds of Internet devices (e. g. , cell phones, cars, appliances) – benefits of shedding IPv 4 stack (e. g. autoconfig) v Simple extension to NAT techniques, to translate header format as well as addresses – IPv 6 nodes behind a translator get full IPv 6 functionality when talking to other IPv 6 nodes located anywhere – they get the normal (i. e. , degraded) NAT functionality when talking to IPv 4 devices – methods used to improve NAT functionality (e. g, ALGs, RSIP) can be used equally to improve IPv 6 -IPv 4 functionality v Alternative: transport-layer relay or app-layer gateways - 38 - DPNM

Network Address Translation and Protocol Translation (NAT-PT) IPv 6 -only devices NAT-PT IPv 4 -only and dual-stack devices - 39 - DPNM

RSIP-based evolution leads to IPv 6 IPv 4 Crisis IPv 4+NAT Broken. . . Realm-Specific IP (RSIP) IPv 4+RSIP Unlikely direction… Future proof. . . IPv 6+RSIP Backbone. . . Since RSIP is not gaining traction IPv 6 - 40 - DPNM

Standards v core IPv 6 specifications are IETF Draft Standards well-tested & stable – IPv 6 base spec, ICMPv 6, Neighbor Discovery, Multicast Listener Discovery, PMTU Discovery, IPv 6 -over-Ethernet, . . . v other important specs are further behind on the standards track, but in good shape – mobile IPv 6, header compression, A 6 DNS support, IPv 6 -over-NBMA, . . . – for up-to-date status: playground. sun. com / ipng v the 3 GPP cellular wireless standards are highly likely to mandate IPv 6 - 41 - DPNM

Implementations v most IP stack vendors have an implementation at some stage of completeness – some are shipping supported product today, e. g. , 3 Com, *BSD, Epilogue, Ericsson/Telebit, IBM, Hitachi, KAME, Nortel, Sun, Trumpet – others have beta releases now, supported products “soon”, e. g. , Cisco, Compaq, HP, Linux community, Microsoft – others known to be implementing, but status unkown • e. g. , Apple, Bull, Mentat, Novell, SGI (see playground. sun. com/ipng for most recent status reports) v good attendance at frequent testing events - 42 - DPNM

6 -bone etc… v Experimental infrastructure: the 6 bone – for testing and debugging IPv 6 protocols and operations – mostly IPv 6 -over-IPv 4 tunnels – > 200 sites in 42 countries; mostly universities, network research labs, and IP vendors v Production infrastructure in support of education and research: the 6 ren – CAIRN, Canarie, CERNET, Chunghwa Telecom, Dante, ESnet, Internet 2, IPFNET, NTT, Renater, Singren, Sprint, SURFnet, v. BNS, WIDE – a mixture of native and tunneled paths – see www. 6 ren. net, www. 6 tap. net v Few commercial trials by ISPs announced - 43 - DPNM

Incentive: Peer-to-peer applications? 4255551212 - 44 - DPNM

Problem 1: Peer-to-peer RTP audio example P 1 P 2 Home LAN NAT Internet NAT Home LAN v With NAT: – – Need to learn the address “outside the NAT” Provide that address to peer Need either NAT-aware application, or application-aware NAT May need a third party registration server to facilitate finding peers - 45 - DPNM

Solution 1: Peer-to-peer RTP audio example P 1 P 2 Home LAN Home Gateway Internet Home Gateway Home LAN v With IPv 6: – Just use IPv 6 address - 46 - DPNM

Problem: Multiparty Conference P 1 P 2 Home LAN NAT Internet NAT Home LAN P 3 v With NAT, complex and brittle software: – – 2 Addresses, inside and outside P 1 provides “inside address” to P 3, “outside address” to P 2 Need to recognize inside, outside P 1 does not know outside address of P 3 to inform P 2 - 47 - DPNM

Multiparty IPv 6 Conference P 1 P 2 Home LAN P 3 Home Gateway Internet Home Gateway Home LAN v With IPv 6: – Just use IPv 6 addresses - 48 - DPNM

Key drivers? Parting thoughts … v Always-on requirement large number of actively connected nodes online v 3 G, Internet appliances – large numbers of addresses needed in short order… – IPv 6 auto-configuration and mobility model better – 3 GPP already moving towards IPv 6 v P 2 P apps and multimedia get popular and NAT/ALGs/Firewalls break enough of them v Multi-homed sites and traffic engineering hacks in BGP/IPv 4 make inter-domain routing un-scalable v Dual stack, simpler auto-conf, automatic tunneling (6 to 4, etc. ) simplify migration path and provide installed base – Applications slowly start self-selecting IPv 6 - 49 - DPNM

Summary v IPv 6 uses 128 -bit addresses v Allows provider-based, site-local, link-local, multicast, anycast addresses v Fixed header size. Extension headers instead of options for provider selection, security etc v Allows auto-configuration v Dual-IP, 6 -to-4 etc for transition - 50 - DPNM

Question and Discussion - 51 - DPNM