IPv 6 The New Internet Protocol Integrated Network

IPv 6 The New Internet Protocol Integrated Network Services Almerindo Graziano

Introduction • • Justification for IPv 6 goals IPv 6 Addressing The new Header – Extension Headers • Recap

Justification for IPv 6: What is wrong with IPv 4? • Wasteful of address space • Not built-in support for hierarchical addressing – Subnetting – CIDR • Large routing tables • Large administrative workload: – Changing ISP – Merger or acquisition Renumbering or NAT

What is wrong with IPv 4? • Routers perform a lot of operations – Table lookup – Options – Checksum – Fragmentation • Lack of authentication – IP spoofing • Lack of encryption

IPv 6 goals • • Support for a larger number of addresses Reduce the size of routing tables Simplify the protocol (easier to process) Provide better security Better support for Quality of Service Provide support for mobile users Allow the protocol to be extensible Be compatible

IPv 6 Addressing scheme • Designed to be highly scalable and hierarchical • 16 -byte long – 7 x 1023 IP addresses per square meter!!! – It “eliminates” the need for private address space • IPv 6 notation 8000: 0000: 0123: 8219: E 42 A: DF 3 E 8000: : 123: 8219: E 42 A: DF 3 E • IPv 4 addresses can be written as : : 192. 31. 20. 46

Address Allocation • IPv 6 could support a number of diverse addressing schemes – Provider Allocation hierarchy is based on large service providers, regardless of their location – Geographic Allocation hierarchy is based on the location of subscribers (similar to the telephony system) • Both approaches have drawbacks Large networks do not often conform to provider and/or geographical boundaries!!

Aggregation Based Allocation • Combines provider and geographic allocation approaches – Based on the existence of limited number of high-level exchange points • Large providers are represented at one or more exchange points (provider orientation) – Exchanges are distributed around the globe (geographic orientation) • Favoured by the IETF

IPv 6 Address Hierarchy Long-Haul Provider Interexchange (TLA) Long-Haul Provider To other TLA Provider Subscriber Provider Subscriber TLA: Top Level Aggregator Subscriber

Aggregation-based Allocation • First 3 bits identify the type of address – unicast, multicast, anycast etc. . • International registries assign block to TLA • TLA allocate block of addresses to NLA – NLA can be large providers or global corporate networks • NLA can create their own hierarchy 3 13 8 001 TLA RES 24 bits NLA Public Topology 16 bits 64 bits IEEE EUI-64 Address 24 bits - Company ID 40 bits - interface ID SLA Interface ID Site Topology Local Interface

Aggregation-based Allocation 32 bits NLA 1 Site NLA 2 SLA Interface ID Site SLA Interface ID NLA Site 3 SLA Interface ID

Other Address Types • Site-Local Addresses – Similar to IPv 4 private addresses • Link-Local Addresses 128 bits 1111111010 10 bits – A router doesn’t exist – Operate over a single link – Used for temporary bootstrapping 00. …. 00 54 bits Not propagated outside organizational boundaries Not allocated by public registry authorities Interface ID 64 bits

Other Address Types • Multicast Addresses – Logical addresses to communicate to multiple nodes • Anycast Addresses – Used to communicate to the closest of a class of nodes (closest DNS, closest router) – Allocated from the same address space as Unicast addresses

Address Autoconfiguration • A node combines its MAC address with a network prefix it learns from a neighbouring router • The autoconfiguration doesn’t need a manually configured server: stateless address autoconfiguration – It differs from IPv 4’s DHCP (stateful address configuration). DHCPv 6 has been developed – Great advantage when an enterprise is forced to renumber because of an ISP change or M&A – Great support for mobile users and dynamic workgroups

Header Comparison IPv 4 Header IPv 6 Header Version IHL Type of Service Flag Identification TTL Total Length Protocol Fragment Offset Version Priority Flow Label Payload Length Next Header Checksum Source Address Destination Address Options Padding 32 bits IPv 4 Header = 14 fields Destination Address IPv 6 Header = 8 fields 32 bits Hop Limit

The new Header • Fixed size • Fewer fields • No Checksum – Already performed by other layers – Reliable networks • Extension Headers replace Options – Routers can skip over some extension headers Faster processing Extensible

Qo. S Support • Priority field (4 bits) – Congestion-Controlled traffic (0 -7) • Traffic where the source backs off in case of congestion (e. g. TCP) – Non-Congestion-Controlled traffic (8 -15) • Traffic where constant data rate and delay are desirable (real-time audio/video) • Flow label field (20 bits) – A sequence of packets sent from a particular source to a particular destination for which the source desires special handling by intervening routers

Extension Headers Ê Hop-by-Hop options header Ë Destination options header-1 Ì Source Routing header Í Fragmentation header Î Authentication header Ï IPv 6 Encryption header Ð Destination options header-2

Extention Headers • Hop-by-Hop – Carries information for all intermediate nodes – Used for management and debugging • Destination – Carries information to be read just by destination nodes • Source Routing – Allows to specify a list of router to traverse

Fragmentation Header • Each source is responsible for sending packets of the right size – MTU path discovery process • Packet fragmentation is not permitted by intermediate nodes (routers) – Faster processing • If fragmentation is required, the fragmentation header is used

Authentication Header • It gives network applications a guarantee that a packet did in fact come from an authentic source • A checksum is created based on the key and the content of the packet • The checksum is re-run at the destination and validated

IPv 6 Encryption Header • Encapsulation Security Payload (ESP) – It provides encryption at the network layer • Two encryption modes are supported – Transport mode – Tunnel mode (steel pipe)

Encryption modes Unencrypted IPv 6 Header Extention Headers Encrypted ESP Header Transport Header and Payload Transport Mode Unencrypted IPv 6 Header Tunnel Mode Extention Headers Encrypted ESP Header IPv 6 Header Extention Headers Transport Header and Payload Original IP packet

The Transition to IPv 6 • IPv 6 offers a robust future-oriented solution to integrate physical networks • Possibly use NAT but – can be a bottleneck – prevents the use of IP-level security – breaks Domain Name Servers • 6 Bone – Experimental world-wide network for testing IPv 6

IPv 6 Resources – Main IPv 6 page http: //ipv 6. com/ – 6 Bone home page http: //6 bone. net/ – The case for IPv 6 (Internet Draft) http: //www. 6 bone. net/misc/case-for-ipv 6. html