IPv6 session Introduction APAN 29 2010 Sydney 10 th February, 2010 - - PowerPoint PPT Presentation

IPv6 session Introduction

APAN 29 2010 Sydney 10th February, 2010

W hy I Pv6 ? W hy I Pv6 ?

• Early in the 1990s it was apparent

that the explosive growth of the that the explosive growth of the internet meant that current internet protocols were inadequate.

• Many suggestions were made as to

how this problem could be resolved how this problem could be resolved but by 1996 there was a growing consensus of deploying an next generation 128 bit addressing scheme called IPv6

W hat changed w ith I Pv6 ? W hat changed w ith I Pv6 ?

• Addressing increased from 4 to 16

bytes bytes

• Internet headers were simplified

getting rid of unnecessary fields g g y

• Fixed length, optional headers are

daisy-chained h k h k l

• No checksum at the IP network layer
• Path MTU discovery and no hop-by-

hop segmentation hop segmentation

• IPsec is mandated
• No more broadcast

I Pv6 Prim er I Pv6 Prim er

• IPv4 or IP is 32 bit limited having the capability to reach 2^32 hosts
• 4,294,967,296 addresses in total
• 0.6 addresses per person

M dd d t b ll t d

• Many addresses are reserved or cannot be allocated
• IPv6 was designed as the successor to IPv4.
• The 6Bone was started in 1996 as a testbed
• IPv6 standard was defined in December 1998 by the Internet

Engineering Task Force (IETF) with the publication of an Internet standard specification, RFC 2460

• It has 128 bits so allows for 3 4 x 1038 addresses
• It has 128 bits so allows for 3.4 x 1038 addresses
• This is more than adequate to cover native connectivity
• 4.8 x 1028 addresses per person

1 2 8 bit addressing 1 2 8 bit addressing

Courtesy of Wikipedia

I Pv6 Addressing I Pv6 Addressing

• General allocations are / 32 networks which are generally

General allocations are / 32 networks which are generally subdivided along / 40 and / 48 boundaries to sites and

• institutions. There are some / 40 allocations from the RIRs
• Back to the old days of RIP and classful networks - only much

bigger?

– Subnet allocations in IPv6 are 64 bit to allow for stateless t fi ti autoconfiguration – That’s 264 addresses or 1.8 x 1019 addresses for each subnet

• For personal use sometimes / 56 networks are deployed
• For personal use sometimes / 56 networks are deployed
• Many providers only provide a / 64

Stateless address autoconfiguration Stateless address autoconfiguration

– ICMPv6 discovery messages are used by an IPv6 host and router to automatically configure themselves. A host sends a multicast message requesting router solicitation which requests network configuration

• parameters. An IPv6 connected router, if configured,

would send configuration parameters back to the host.

• parameters. These parameters do not include DNS

– DHCPv6 (Dynamic Host Configuration Protocol) can be deployed on a router or network connected host can be deployed on a router or network connected host can be used to provide network configuration information including Domain Name Service (DNS) These approaches can be used together SAA with – These approaches can be used together. SAA with DHCPv6 DNS

DNS and I Pv6 DNS and I Pv6

With such large address space DNS becomes even more critical With such large address space DNS becomes even more critical A new form of record “quad A” (AAAA) is defined in the DNS for returning IPv6 addresses to forward queries

apan.net. 35281 IN AAAA 2001:220:800:602::86 apan.net. 35281 IN AAAA 2001:220:800:602:20e:cff:fe4d:3bac apan.net. 35281 IN AAAA 2001:200:901:2::30 apan.net. 35281 IN AAAA 2001:220:800:600::51 apan.net. 35281 IN AAAA 2001:220:800:600:20e:cff:fe4d:3bac apan.net. 35281 IN A 203.181.248.30 apan.net. 35281 IN A 203.255.255.86

Tunnels galore! Tunnels galore!

• As IPv6 didn’t create a new network

infrastructure, tunneling over the existing infrastructure, tunneling over the existing IPv4 network was widely deployed to connect IPv6 sites

• Still widely deployed today with Tunnel

brokers offering IPv6 connectivity to clients

• ver IPv4 networks (6in4)
• ver IPv4 networks (6in4)
• Automatic tunnels such as Teredo (Vista) and

ISATAP for connecting IPv6 sites ISATAP for connecting IPv6 sites

I Pv6 Multicast I Pv6 Multicast

– Multicast, the ability to send a single packet to multiple destinations, is part of the basic spec of p , p p IPv6. – IPv6 does not use broadcast addressing as in

• IPv4. Instead it uses multicast to send to the all

hosts multicast group in network discovery. IP 6 lti t i id l d l d t ’ – IPv6 multicast is widely deployed on a country’s R&E networks

• It is not widely deployed within campuses
• Session at 12: 00 on IPv6 Multicast on TEIN3
• Session at 12: 00 on IPv6 Multicast on TEIN3

network

1 0 years onw ards 1 0 years onw ards…

• IPv6 is widely deployed in the R&E backbones and with

many ISP backbones but generally in a dual stack many ISP backbones but generally in a dual stack IPv4/ IPv6 environment

• There are a small number of IPv6 only deployments But
• There are a small number of IPv6 only deployments. But

some are big deployments (China) Th l t k f IP 6 t hi h t d

• The general uptake of IPv6 was not as high as expected

and we are running out of IPv4 address space

• IPv4 NATs are increasingly deployed both at the

home/ user sites, among many institutions and also with ISPs

W here are w e w ith I Pv6 ? W here are w e w ith I Pv6 ?

C tl IP 6 t ffi i l th 1% f i t t

• Currently IPv6 traffic is less than 1% of internet

traffic

• IPv6 routes are 1% of all routes
• But they do cover more address space!
• There isn’t much access to IPv6 outside of Research
• There isn t much access to IPv6 outside of Research

and Education Networks. V f ISP ff IP 6 ti it th h

• Very few ISPs offer IPv6 connectivity, though many

backbones are IPv6 enabled.

• The iPhone doesn’t do IPv6 natively!

I Pv6 routing table grow th I Pv6 routing table grow th

Source: http://bgpmon.net/stat.php

Cam pus Deploym ent Cam pus Deploym ent

• While an institution may have native IPv6

connectivity there is no guarantee that the connectivity there is no guarantee that the connectivity will reach the desktop.

• Firewalls and old equipment may not do IPv6!
• The support infrastructure may not support IPv6
• Hard to measure IPv6 traffic
• Hard to offer control IPv6 traffic
• Still need to duplicate IPv4 infrastructure
• Some of these issues will be covered in the afternoon session

I Pv6 is seen as new and experim ental I Pv6 is seen as new and experim ental

• While a lot of effort has been put into

IPv4 routing and traffic engineering IPv4 routing and traffic engineering,

• ften IPv6 is configured without this

in mind.

• IPv6 Routes end up non-congruent to

IPv4 – this is in general not good. Policies naturally applied to IPv4 are

• Policies naturally applied to IPv4 are

not implemented with IPv6.

• Some peers take IPv6 routes and

p treat them as customer routes (ie transit) leading to higher latency paths paths.

• Tunnels hide poor physical paths.

An Operational Perspective An Operational Perspective

IPv6 grew out of research 12 years of history… Still the tendency for tunnels everywhere – is this good? A new phase as IPv4 address space exhaustion sets in: Who will be the champion of IPv6? Who will be the champion of IPv6? Peering and transit? Route efficiency Route filtering

Toolsets in the I Pv6 w orld are not w ell developed

• Prefix filtering is often not deployed.

Th t l th l h

• The tools themselves such as

IRRToolset are produce varying results in the IPv6 implementations. p

• Difficult to maintain automation of

t k fi ti network configurations

Monitoring and Measurem ent Monitoring and Measurem ent

• Traffic information is harder to

retrieve retrieve

– No useful SNMP oids for IPv6 traffic measurement – Resort to using scripts to retrieve stats from Resort to using scripts to retrieve stats from routers – Netflow information is not as granular as in – Netflow information is not as granular as in the IPv4 world making measurement harder.

W here to Next? W here to Next?

• How do we maintain an

internet?

– Where each host can establish a direct connection to another host d h dl – How do we handle IPv4 NAT – How do we handle IPv6/ 4 NAT – Both take CPU on routers.

Thank You