IPv6 session Introduction APAN 29 2010 Sydney 10 th February, 2010
W hy I Pv6 ? W hy I Pv6 ? • Early in the 1990s it was apparent that the explosive growth of the that the explosive growth of the internet meant that current internet protocols were inadequate. • Many suggestions were made as to how this problem could be resolved how this problem could be resolved but by 1996 there was a growing consensus of deploying an next generation 128 bit addressing scheme called IPv6
W hat changed w ith I Pv6 ? W hat changed w ith I Pv6 ? • Addressing increased from 4 to 16 bytes bytes • Internet headers were simplified getting rid of unnecessary fields g g y • Fixed length, optional headers are daisy-chained • No checksum at the IP network layer h k h k l • Path MTU discovery and no hop-by- hop segmentation hop segmentation • IPsec is mandated • No more broadcast
I Pv6 Prim er I Pv6 Prim er • IPv4 or IP is 32 bit limited having the capability to reach 2^32 hosts • 4,294,967,296 addresses in total • 0.6 addresses per person • M Many addresses are reserved or cannot be allocated dd d t b ll t d • IPv6 was designed as the successor to IPv4. • The 6Bone was started in 1996 as a testbed • IPv6 standard was defined in December 1998 by the Internet Engineering Task Force (IETF) with the publication of an Internet standard specification, RFC 2460 It has 128 bits so allows for 3 4 x 10 38 addresses It has 128 bits so allows for 3.4 x 10 38 addresses • • • This is more than adequate to cover native connectivity 4.8 x 10 28 addresses per person •
1 2 8 bit addressing 1 2 8 bit addressing Courtesy of Wikipedia
I Pv6 Addressing I Pv6 Addressing • General allocations are / 32 networks which are generally General allocations are / 32 networks which are generally subdivided along / 40 and / 48 boundaries to sites and institutions. There are some / 40 allocations from the RIRs • Back to the old days of RIP and classful networks - only much bigger? – Subnet allocations in IPv6 are 64 bit to allow for stateless autoconfiguration t fi ti – That’s 2 64 addresses or 1.8 x 10 19 addresses for each subnet • • For personal use sometimes / 56 networks are deployed For personal use sometimes / 56 networks are deployed • Many providers only provide a / 64
Stateless address autoconfiguration Stateless address autoconfiguration – ICMPv6 discovery messages are used by an IPv6 host and router to automatically configure themselves. A host sends a multicast message requesting router solicitation which requests network configuration parameters. An IPv6 connected router, if configured, would send configuration parameters back to the host. parameters. These parameters do not include DNS – DHCPv6 (Dynamic Host Configuration Protocol) can be deployed on a router or network connected host can be deployed on a router or network connected host can be used to provide network configuration information including Domain Name Service (DNS) – These approaches can be used together. SAA with These approaches can be used together SAA with DHCPv6 DNS
DNS and I Pv6 DNS and I Pv6 With such large address space DNS becomes even more critical With such large address space DNS becomes even more critical A new form of record “quad A” (AAAA) is defined in the DNS for returning IPv6 addresses to forward queries apan.net. 35281 IN AAAA 2001:220:800:602::86 apan.net. 35281 IN AAAA 2001:220:800:602:20e:cff:fe4d:3bac apan.net. 35281 IN AAAA 2001:200:901:2::30 apan.net. 35281 IN AAAA 2001:220:800:600::51 apan.net. 35281 IN AAAA 2001:220:800:600:20e:cff:fe4d:3bac apan.net. 35281 IN A 203.181.248.30 apan.net. 35281 IN A 203.255.255.86
Tunnels galore! Tunnels galore! • As IPv6 didn’t create a new network infrastructure, tunneling over the existing infrastructure, tunneling over the existing IPv4 network was widely deployed to connect IPv6 sites • Still widely deployed today with Tunnel brokers offering IPv6 connectivity to clients over IPv4 networks (6in4) over IPv4 networks (6in4) • Automatic tunnels such as Teredo (Vista) and ISATAP for connecting IPv6 sites ISATAP for connecting IPv6 sites
I Pv6 Multicast I Pv6 Multicast – Multicast, the ability to send a single packet to multiple destinations, is part of the basic spec of p , p p IPv6. – IPv6 does not use broadcast addressing as in IPv4. Instead it uses multicast to send to the all hosts multicast group in network discovery. – IPv6 multicast is widely deployed on a country’s IP 6 lti t i id l d l d t ’ R&E networks • It is not widely deployed within campuses • Session at 12: 00 on IPv6 Multicast on TEIN3 • Session at 12: 00 on IPv6 Multicast on TEIN3 network
1 0 years onw ards 1 0 years onw ards… • IPv6 is widely deployed in the R&E backbones and with many ISP backbones but generally in a dual stack many ISP backbones but generally in a dual stack IPv4/ IPv6 environment • • There are a small number of IPv6 only deployments But There are a small number of IPv6 only deployments. But some are big deployments (China) • Th The general uptake of IPv6 was not as high as expected l t k f IP 6 t hi h t d and we are running out of IPv4 address space • IPv4 NATs are increasingly deployed both at the home/ user sites, among many institutions and also with ISPs
W here are w e w ith I Pv6 ? W here are w e w ith I Pv6 ? • Currently IPv6 traffic is less than 1% of internet C tl IP 6 t ffi i l th 1% f i t t traffic • IPv6 routes are 1% of all routes • But they do cover more address space! • • There isn’t much access to IPv6 outside of Research There isn t much access to IPv6 outside of Research and Education Networks. • V Very few ISPs offer IPv6 connectivity, though many f ISP ff IP 6 ti it th h backbones are IPv6 enabled. • The iPhone doesn’t do IPv6 natively!
I Pv6 routing table grow th I Pv6 routing table grow th Source: http://bgpmon.net/stat.php
Cam pus Deploym ent Cam pus Deploym ent • While an institution may have native IPv6 connectivity there is no guarantee that the connectivity there is no guarantee that the connectivity will reach the desktop. • Firewalls and old equipment may not do IPv6! • The support infrastructure may not support IPv6 • Hard to measure IPv6 traffic • Hard to offer control IPv6 traffic • Still need to duplicate IPv4 infrastructure • Some of these issues will be covered in the afternoon session
I Pv6 is seen as new and experim ental I Pv6 is seen as new and experim ental • While a lot of effort has been put into IPv4 routing and traffic engineering IPv4 routing and traffic engineering, often IPv6 is configured without this in mind. • IPv6 Routes end up non-congruent to IPv4 – this is in general not good. • Policies naturally applied to IPv4 are Policies naturally applied to IPv4 are not implemented with IPv6. • Some peers take IPv6 routes and p treat them as customer routes (ie transit) leading to higher latency paths paths. • Tunnels hide poor physical paths.
An Operational Perspective An Operational Perspective IPv6 grew out of research 12 years of history… Still the tendency for tunnels everywhere – is this good? A new phase as IPv4 address space exhaustion sets in: Who will be the champion of IPv6? Who will be the champion of IPv6? Peering and transit? Route efficiency Route filtering
Toolsets in the I Pv6 w orld are not w ell developed • Prefix filtering is often not deployed. • The tools themselves such as Th t l th l h IRRToolset are produce varying results in the IPv6 implementations. p • Difficult to maintain automation of network configurations t k fi ti
Monitoring and Measurem ent Monitoring and Measurem ent • Traffic information is harder to retrieve retrieve – No useful SNMP oids for IPv6 traffic measurement – Resort to using scripts to retrieve stats from Resort to using scripts to retrieve stats from routers – – Netflow information is not as granular as in Netflow information is not as granular as in the IPv4 world making measurement harder.
W here to Next? W here to Next? • How do we maintain an internet? – Where each host can establish a direct connection to another host – How do we handle IPv4 NAT d h dl – How do we handle IPv6/ 4 NAT – Both take CPU on routers.
Thank You
Recommend
More recommend
