analyzing ipv6 address assignment practices
play

Analyzing IPv6 address assignment practices Ramakrishna - PowerPoint PPT Presentation

Aug 28, 2023 •221 likes •437 views

Analyzing IPv6 address assignment practices Ramakrishna Padmanabhan, John Rula, Philipp Richter, Stephen Strowes, Alberto Dainotti Goal: Understand the stability of IPv6 addresses How long do devices retain their IPv6 addresses?

  1. Analyzing IPv6 address assignment 
 practices Ramakrishna Padmanabhan, John Rula, Philipp Richter, 
 Stephen Strowes, Alberto Dainotti

  2. Goal: Understand the stability of 
 IPv6 addresses • How long do devices retain their IPv6 addresses? • If the device’s address changes, how far away in the address space is the new address? 2

  3. Motivating applications • Host reputation, tracking • This work can inform how long to consider an IP address “risky” • Identifying candidate addresses for active probing • Prior work generates hitlists of addresses • If a device’s address changes, this work can inform where to look for the device 3

  4. Dataset: RIPE Atlas 
 “IP echo” measurements Home Network HTTP GET http://ip-echo.ripe.net (Hourly) IP echo HTTP CPE IPv6 address server IPv6 address 4

  5. The IP echo dataset allows 
 measuring properties of the CPE’s LAN prefix Home Network HTTP GET http://ip-echo.ripe.net (Hourly) IP echo LAN 
 WAN 
 HTTP CPE prefix prefix IPv6 address server EUI-64 IPv6 address 5

  6. The IP echo dataset allows 
 measuring properties of the CPE’s LAN prefix • We used IP echo measurements from August 2014 to December 2019 • We find an address change when a probe reports a different address in the IP echo measurement • Since probes use EUI-64 addresses, address changes indicate changes in the CPE’s LAN prefix • ~3000 probes observed at least one address change 6

  7. Atlas probes’ IPv6 addresses are typically 
 temporally stable • In previous work, we found that IPv4 addresses in many ASes are short-lived • Assignment durations tended to be O(weeks) • Many ASes reassigned addresses periodically • Comparatively, IPv6 addresses are long-lived • Durations tend to be O(months) • Only a few ASes reassign addresses periodically: DTAG, Versatel, Netcologne, ANTEL, Global Village 7

  8. How can we find a device after its address changes? • Suppose we want to track an EUI-64 device • If its CPE LAN prefix changes, where in the address space do we look for the device? • Can be a function of ISP property + CPE property • ISP may choose to delegate a new prefix to the CPE • CPE may choose to advertise a new prefix within ISP delegated prefix 8

  9. We first analyze the common prefix lengths between successive addresses Find how many bits match in successive addresses Common prefix 
 assigned to the same probe length 2a02:908:0d83:c780:6666:b3ff:feb0:ede8 44 2a02:908:0d88:d9a0:6666:b3ff:feb0:ede8 44 2a02:908:0d82:b2c0:6666:b3ff:feb0:ede8 46 2a02:908:0d81:a3e0:6666:b3ff:feb0:ede8 47 2a02:908:0d80:8840:6666:b3ff:feb0:ede8 44 2a02:908:0d89:9940:6666:b3ff:feb0:ede8 44 2a02:908:0d80:8840:6666:b3ff:feb0:ede8 44 Upon address change, search for the device 
 2a02:908:0d88:0ba0:6666:b3ff:feb0:ede8 44 within the same /44 2a02:908:0d82:7120:6666:b3ff:feb0:ede8 40 2a02:908:0d76:fb40:6666:b3ff:feb0:ede8 44 2a02:908:0d78:2520:6666:b3ff:feb0:ede8 44 9

  10. We first analyze the common prefix lengths between successive addresses Find how many bits match in successive addresses Common prefix 
 assigned to the same probe length 2a02:908:0d83:c780:6666:b3ff:feb0:ede8 44 2a02:908:0d88:d9a0:6666:b3ff:feb0:ede8 44 2a02:908:0d82:b2c0:6666:b3ff:feb0:ede8 46 2a02:908:0d81:a3e0:6666:b3ff:feb0:ede8 47 2a02:908:0d80:8840:6666:b3ff:feb0:ede8 44 2a02:908:0d89:9940:6666:b3ff:feb0:ede8 44 2a02:908:0d80:8840:6666:b3ff:feb0:ede8 44 Upon address change, search for the device 
 2a02:908:0d88:0ba0:6666:b3ff:feb0:ede8 44 within the same /44 2a02:908:0d82:7120:6666:b3ff:feb0:ede8 40 2a02:908:0d76:fb40:6666:b3ff:feb0:ede8 44 2a02:908:0d78:2520:6666:b3ff:feb0:ede8 44 9

  11. We first analyze the common prefix lengths between successive addresses Find how many bits match in successive addresses Common prefix 
 assigned to the same probe length 2a02:908:0d83:c780:6666:b3ff:feb0:ede8 44 2a02:908:0d88:d9a0:6666:b3ff:feb0:ede8 44 2a02:908:0d82:b2c0:6666:b3ff:feb0:ede8 46 2a02:908:0d81:a3e0:6666:b3ff:feb0:ede8 47 2a02:908:0d80:8840:6666:b3ff:feb0:ede8 44 2a02:908:0d89:9940:6666:b3ff:feb0:ede8 44 2a02:908:0d80:8840:6666:b3ff:feb0:ede8 44 Upon address change, search for the device 
 2a02:908:0d88:0ba0:6666:b3ff:feb0:ede8 44 within the same /44 2a02:908:0d82:7120:6666:b3ff:feb0:ede8 40 2a02:908:0d76:fb40:6666:b3ff:feb0:ede8 44 2a02:908:0d78:2520:6666:b3ff:feb0:ede8 44 9

  12. For LGI, subsequent addresses typically belong to the same /44 2a01:5e0:34:ffff:a62b:b0ff:fee0:848 LGI (AS6830) 
 to 103 probes 
 2a0b:c180:34:ffff:a62b:b0ff:fee0:848 580 address-changes 10

  13. Multiple behaviors appear to be occurring in DT DT (AS3320) 
 387 probes 
 114432 address-changes 11

  14. Some probes change addresses mostly within the same /56 Probe ID 2702, 1246 address changes, 30 unique /56s … 2003:0058:bd1b:06b1:220:4aff:fee0:2171 2003:0058:bd1b:0666:220:4aff:fee0:2171 2003:0058:bd1b:06b8:220:4aff:fee0:2171 2003:0058:bd1b:0617:220:4aff:fee0:2171 2003:0058:bd1b:0631:220:4aff:fee0:2171 2003:0058:bd68:87be:220:4aff:fee0:2171 2003:0058:bd68:8737:220:4aff:fee0:2171 2003:0058:bd68:8710:220:4aff:fee0:2171 Upon address change, search for the device 
 2003:0058:bd68:8753:220:4aff:fee0:2171 within the same /56 2003:0058:bd68:87d6:220:4aff:fee0:2171 … 12

  15. Some probes change addresses mostly within the same /56 Probe ID 2702, 1246 address changes, 30 unique /56s … 2003:0058:bd1b:06b1:220:4aff:fee0:2171 2003:0058:bd1b:0666:220:4aff:fee0:2171 2003:0058:bd1b:06b8:220:4aff:fee0:2171 2003:0058:bd1b:0617:220:4aff:fee0:2171 2003:0058:bd1b:0631:220:4aff:fee0:2171 2003:0058:bd68:87be:220:4aff:fee0:2171 2003:0058:bd68:8737:220:4aff:fee0:2171 2003:0058:bd68:8710:220:4aff:fee0:2171 Upon address change, search for the device 
 2003:0058:bd68:8753:220:4aff:fee0:2171 within the same /56 2003:0058:bd68:87d6:220:4aff:fee0:2171 … 12

  16. Other probes change addresses mostly within the same /40 but different /56s Probe ID 23839, 783 address changes, 780 unique /56s, 3 unique /40s … 2003:007a:0558:e400:16cc:20ff:fe48:d52a 2003:007a:0506:8800:16cc:20ff:fe48:d52a 2003:007a:0510:0500:16cc:20ff:fe48:d52a 2003:007a:056a:7800:16cc:20ff:fe48:d52a 2003:007a:056d:9c00:16cc:20ff:fe48:d52a 2003:00e3:571e:f400:16cc:20ff:fe48:d52a 2003:00e3:5715:e800:16cc:20ff:fe48:d52a 2003:00e3:571c:9700:16cc:20ff:fe48:d52a Upon address change, search for the device 
 2003:00e3:5727:de00:16cc:20ff:fe48:d52a within the same /41 2003:00e3:572c:8d00:16cc:20ff:fe48:d52a … 13

  17. Other probes change addresses mostly within the same /40 but different /56s Probe ID 23839, 783 address changes, 780 unique /56s, 3 unique /40s … 2003:007a:0558:e400:16cc:20ff:fe48:d52a 2003:007a:0506:8800:16cc:20ff:fe48:d52a 2003:007a:0510:0500:16cc:20ff:fe48:d52a 2003:007a:056a:7800:16cc:20ff:fe48:d52a 2003:007a:056d:9c00:16cc:20ff:fe48:d52a 2003:00e3:571e:f400:16cc:20ff:fe48:d52a 2003:00e3:5715:e800:16cc:20ff:fe48:d52a 2003:00e3:571c:9700:16cc:20ff:fe48:d52a Upon address change, search for the device 
 2003:00e3:5727:de00:16cc:20ff:fe48:d52a within the same /41 2003:00e3:572c:8d00:16cc:20ff:fe48:d52a … 13

  18. Are we observing a combination of 
 CPE + ISP properties? DT (AS3320) 
 387 probes 
 114432 address-changes 14

  19. We are looking to collaborate 
 and validate • Ongoing work • Investigate delegated prefix lengths • Compare address changes in IPv6 and IPv4 • Investigate per-prefix properties • Are there pieces we can work on together? • EUI-64 addresses can also serve as host- identifiers (modulo mobility) 15

  20. Backup slides: Versatel (AS8881) Versatel (AS8881) 
 55 probes 
 28983 address-changes 16

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1. IPv6 address (abbreviated representation) 2. IPv6 address (abbreviation and expansion

1. IPv6 address (abbreviated representation) 2. IPv6 address (abbreviation and expansion

1. IPv6 address (abbreviated representation) 2. IPv6 address (abbreviation and expansion practice) 3. IPv6 advantages over IPv4 4. IPv4 address structure 5. IPv6 address structure IPv4 Address 32 bit address (computer stores information

655 views • 53 slides
Source Address Finding (SAF) for IPv6 Translation Mechanisms draft-thaler-ipv6-saf-01.txt Dave

Source Address Finding (SAF) for IPv6 Translation Mechanisms draft-thaler-ipv6-saf-01.txt Dave

Source Address Finding (SAF) for IPv6 Translation Mechanisms draft-thaler-ipv6-saf-01.txt Dave Thaler dthaler@microsoft.com IETF 74 - 6AI BOF 1 UNilateral Self-Address Fixing (UNSAF) 1:1 address mappings (NAT66) avoid most of the issues

545 views • 7 slides
Deploying IPv6 in OpenStack Environments Shannon McFarland - CCIE #5245 Distinguished Engineer

Deploying IPv6 in OpenStack Environments Shannon McFarland - CCIE #5245 Distinguished Engineer

Deploying IPv6 in OpenStack Environments Shannon McFarland - CCIE #5245 Distinguished Engineer Cloud Platform & Services Group @eyepv6 Agenda General OpenStack + IPv6 Stuff Tenant IPv6 Address Assignment: SLAAC, Stateless

872 views • 51 slides
RouterLab LabCourse SoSe 2016 Worksheet 3: Access Networks with DHCP and IPv6 Stateless Address

RouterLab LabCourse SoSe 2016 Worksheet 3: Access Networks with DHCP and IPv6 Stateless Address

RouterLab LabCourse SoSe 2016 Worksheet 3: Access Networks with DHCP and IPv6 Stateless Address Auto Configuration Prof. Anja Feldmann, Philipp S. Tiesel, Thorben Krger, Apoorv Shukla IPv6 Scoped Address Architecture IPv6 addresses have

679 views • 19 slides
Internet Protocol v6 October 25, 2016 v6@nkn.in Table of Content Why IPv6? Why IPv6?

Internet Protocol v6 October 25, 2016 v6@nkn.in Table of Content Why IPv6? Why IPv6?

Internet Protocol v6 October 25, 2016 v6@nkn.in Table of Content Why IPv6? Why IPv6? IPv6 Address Space IPv6 Address Space Customer LAN Migration Customer LAN Migration Why IPv6? Why IPv6? IPv6 Address Space IPv6

770 views • 58 slides
Address scarcity, NAT, and IPv6 CSCI 466: Networks

Address scarcity, NAT, and IPv6 CSCI 466: Networks

Address scarcity, NAT, and IPv6 CSCI 466: Networks Keith Vertanen Fall 2011 Overview Handling IPv4 address scarcity Address space

766 views • 33 slides
IPv6 Ephemeral Addresses <draft-kitamura-ipv6-ephemeral-address-00.txt> Harmless IPv6

IPv6 Ephemeral Addresses <draft-kitamura-ipv6-ephemeral-address-00.txt> Harmless IPv6

IPv6 Ephemeral Addresses <draft-kitamura-ipv6-ephemeral-address-00.txt> Harmless IPv6 Address State Extension ( Uncertain State) <draft-kitamura-ipv6-uncertain-address-state-00.txt> Hiroshi KITAMURA NEC Corporation

544 views • 33 slides
IPv6 Yourself Jumping Bean What is IPv6? Replacement for IPv4, 128 bit IP address

IPv6 Yourself Jumping Bean What is IPv6? Replacement for IPv4, 128 bit IP address

IPv6 Yourself Jumping Bean What is IPv6? Replacement for IPv4, 128 bit IP address IPv4 allowed for 4.3 billion possible addresses, IPv6 allows for 340 undecillion addresses 3.40E38, 7.9E28 more than IPv4 addresses, ~ 4.8x10

1.07k views • 28 slides
Naming IPv6 address parts IETF 79 L. Donnerhacke R. Hartmann Editors What are we thinking

Naming IPv6 address parts IETF 79 L. Donnerhacke R. Hartmann Editors What are we thinking

Naming IPv6 address parts IETF 79 L. Donnerhacke R. Hartmann Editors What are we thinking about? Find a term to describe precisely : 16 bits of an IPv6 address, separated by colons Useful for daily communication Easy to pronounce

70 views • 6 slides
IPv6 Practices on China Mobile IP Bearer Network

IPv6 Practices on China Mobile IP Bearer Network

IPv6 Practices on China Mobile IP Bearer Network draft-chen-v6ops-ipv6-bearer-network-trials-00.txt IETF 81-Quebec, July 2011 G. Chen, T. Yang, L. Li and H. Deng Background China Mobile IPv6 trial program started over 3 years ago This

399 views • 8 slides
IPv6 Stateless Address Autoconfiguration: Balancing Between Security, Privacy and Usability Ahmad

IPv6 Stateless Address Autoconfiguration: Balancing Between Security, Privacy and Usability Ahmad

IPv6 Stateless Address Autoconfiguration: Balancing Between Security, Privacy and Usability Ahmad AlSadeh, Hosnieh Rafiee, Christoph Meinel Hasso-Plattner-Institut, University of Potsdam, Germany IPv6 StateLess Address Auto- Configuration

330 views • 20 slides
IPv6 Address Management The First Five Years 1 #whoami o o www.ernw.de o o

IPv6 Address Management The First Five Years 1 #whoami o o www.ernw.de o o

IPv6 Address Management The First Five Years 1 #whoami o o www.ernw.de o o https://insinuator.net/tag/ipv6/ o 2 Agenda o o o 3 3 Very Quick Stats (1) Source: http://6lab.cisco.com/stats/cible.php?coun try=DE&option=all 4

1.11k views • 48 slides
IPv6 Prefix Assignment for end-customers persistent vs non-persistent and what size to

IPv6 Prefix Assignment for end-customers persistent vs non-persistent and what size to

Best Current Operational Practice for operators: IPv6 Prefix Assignment for end-customers persistent vs non-persistent and what size to choose Jordi Palet jordi.palet@consulintel.es BCOP IPv6 Prefix Assignment for end-customers 1

533 views • 29 slides
IPv6 Prefix Assignment for end-customers persistent vs non-persistent and what size to

IPv6 Prefix Assignment for end-customers persistent vs non-persistent and what size to

Best Current Operational Practice for operators: IPv6 Prefix Assignment for end-customers persistent vs non-persistent and what size to choose Jordi Palet jordi.palet@theipv6company.com BCOP IPv6 Prefix Assignment for end-customers

701 views • 51 slides
IPv6, MPLS IPv6 History Next generation IP (AKA IPng) Intended to extend address space

IPv6, MPLS IPv6 History Next generation IP (AKA IPng) Intended to extend address space

IPv6, MPLS IPv6 History Next generation IP (AKA IPng) Intended to extend address space and routing limitations of IPv4 Requires header change Attempted to include everything new in one change IETF moderated Based

775 views • 46 slides
IPv6 Deployment at Monash University John Mann Agenda IPv6 is Coming IPv6 is Already

IPv6 Deployment at Monash University John Mann Agenda IPv6 is Coming IPv6 is Already

IPv6 Deployment at Monash University John Mann Agenda IPv6 is Coming IPv6 is Already Here Monash IPv6 Progress Addressing End Systems Monitoring Network Address Usage Traffic Monitoring Problems IPv6 is Coming

779 views • 41 slides
Harikrishna Narasimhan and Shivani Agarwal Department of Computer Science and Automation Indian

Harikrishna Narasimhan and Shivani Agarwal Department of Computer Science and Automation Indian

On the Relationship Between Binary Classification, Bipartite Ranking, and Binary Class Probability Estimation Harikrishna Narasimhan and Shivani Agarwal Department of Computer Science and Automation Indian Institute of Science, Bangalore State

332 views • 4 slides
From CPU-GPU to heterogeneous multi-core Yesterday (2000-2010) Homogeneous multi-core Discrete

From CPU-GPU to heterogeneous multi-core Yesterday (2000-2010) Homogeneous multi-core Discrete

Simty : Generalized SIMT execution on RISC-V CARRV 2017 Sylvain Collange INRIA Rennes / IRISA sylvain.collange@inria.fr From CPU-GPU to heterogeneous multi-core Yesterday (2000-2010) Homogeneous multi-core Discrete components Graphics

254 views • 22 slides
$ $448 $$ $ $$$ Media Advertiser Audience Billion Ad The Great Divide Brand Direct

$ $448 $$ $ $$$ Media Advertiser Audience Billion Ad The Great Divide Brand Direct

10/29/2010 I know Im wasting half of Internet Advertising my ad budget. I just dont y g j know which half. UW CSE454 10/28/10 Mike Mathieu mike@frontseat.org 2010 Global Ad Spend Industry Structure $$$$$ $ $448 $$ $ $$$ Media

616 views • 7 slides
Long Range Correlations in Driven Systems (I) David Mukamel Firenze, 12-16 May, 2014

Long Range Correlations in Driven Systems (I) David Mukamel Firenze, 12-16 May, 2014

Long Range Correlations in Driven Systems (I) David Mukamel Firenze, 12-16 May, 2014 Non-equilibrium systems Systems with currents (driven by electric field, T gradients etc.) In many cases these systems reach a steady state (but

480 views • 31 slides
POLICY UNDERSTANDING WITH COMMUNICATION AND TRAINING THE POLICY MANAGEMENT ILLUSTRATED SERIES

POLICY UNDERSTANDING WITH COMMUNICATION AND TRAINING THE POLICY MANAGEMENT ILLUSTRATED SERIES

BEYOND THE SHELF - ENSURING POLICY UNDERSTANDING WITH COMMUNICATION AND TRAINING THE POLICY MANAGEMENT ILLUSTRATED SERIES PART THREE SPEAKERS Michael Rasmussen, GRC Research Analyst and Pundit, GRC 20/20 and OCEG Fellow Robert OBrien,

614 views • 32 slides
IPv6 Deployment Planning: 12 Steps to Enable IPv6 in an ISP Network LACNIC 28

IPv6 Deployment Planning: 12 Steps to Enable IPv6 in an ISP Network LACNIC 28

IPv6 Deployment Planning: 12 Steps to Enable IPv6 in an ISP Network LACNIC 28 Montevideo, Uruguay Septiembre 2017 Jordi Palet (jordi.palet@theipv6company.com) - 1 1. Prefix request How many customers do you have? Home

198 views • 16 slides
Understanding the Share of IPv6 Traffic in a Dual-Stack ISP Enric Pujol, Philipp Richter, and

Understanding the Share of IPv6 Traffic in a Dual-Stack ISP Enric Pujol, Philipp Richter, and

Understanding the Share of IPv6 Traffic in a Dual-Stack ISP Enric Pujol, Philipp Richter, and Anja Feldmann PAM 2017, Sydney, Australia IPv6 adoption metrics User end hosts Server-side measurements e.g., Google reports 20% of the hosts have

869 views • 40 slides
Chapter Meeting OWASP_Geneva 2015/10/19 About Me Thomas Hofer Java DEV / AppSec

Chapter Meeting OWASP_Geneva 2015/10/19 About Me Thomas Hofer Java DEV / AppSec

OWASP Dependency-Check Chapter Meeting OWASP_Geneva 2015/10/19 About Me Thomas Hofer Java DEV / AppSec OWASP Geneva Board State of Geneva @thhofer thomas.hofer@owasp.org Outline Context How it works / Integration

335 views • 9 slides

More recommend