analyzing ipv6 address assignment practices
play

Analyzing IPv6 address assignment practices Ramakrishna - PowerPoint PPT Presentation

Aug 28, 2023 •221 likes •437 views

Analyzing IPv6 address assignment practices Ramakrishna Padmanabhan, John Rula, Philipp Richter, Stephen Strowes, Alberto Dainotti Goal: Understand the stability of IPv6 addresses How long do devices retain their IPv6 addresses?

  1. Analyzing IPv6 address assignment 
 practices Ramakrishna Padmanabhan, John Rula, Philipp Richter, 
 Stephen Strowes, Alberto Dainotti

  2. Goal: Understand the stability of 
 IPv6 addresses • How long do devices retain their IPv6 addresses? • If the device’s address changes, how far away in the address space is the new address? 2

  3. Motivating applications • Host reputation, tracking • This work can inform how long to consider an IP address “risky” • Identifying candidate addresses for active probing • Prior work generates hitlists of addresses • If a device’s address changes, this work can inform where to look for the device 3

  4. Dataset: RIPE Atlas 
 “IP echo” measurements Home Network HTTP GET http://ip-echo.ripe.net (Hourly) IP echo HTTP CPE IPv6 address server IPv6 address 4

  5. The IP echo dataset allows 
 measuring properties of the CPE’s LAN prefix Home Network HTTP GET http://ip-echo.ripe.net (Hourly) IP echo LAN 
 WAN 
 HTTP CPE prefix prefix IPv6 address server EUI-64 IPv6 address 5

  6. The IP echo dataset allows 
 measuring properties of the CPE’s LAN prefix • We used IP echo measurements from August 2014 to December 2019 • We find an address change when a probe reports a different address in the IP echo measurement • Since probes use EUI-64 addresses, address changes indicate changes in the CPE’s LAN prefix • ~3000 probes observed at least one address change 6

  7. Atlas probes’ IPv6 addresses are typically 
 temporally stable • In previous work, we found that IPv4 addresses in many ASes are short-lived • Assignment durations tended to be O(weeks) • Many ASes reassigned addresses periodically • Comparatively, IPv6 addresses are long-lived • Durations tend to be O(months) • Only a few ASes reassign addresses periodically: DTAG, Versatel, Netcologne, ANTEL, Global Village 7

  8. How can we find a device after its address changes? • Suppose we want to track an EUI-64 device • If its CPE LAN prefix changes, where in the address space do we look for the device? • Can be a function of ISP property + CPE property • ISP may choose to delegate a new prefix to the CPE • CPE may choose to advertise a new prefix within ISP delegated prefix 8

  9. We first analyze the common prefix lengths between successive addresses Find how many bits match in successive addresses Common prefix 
 assigned to the same probe length 2a02:908:0d83:c780:6666:b3ff:feb0:ede8 44 2a02:908:0d88:d9a0:6666:b3ff:feb0:ede8 44 2a02:908:0d82:b2c0:6666:b3ff:feb0:ede8 46 2a02:908:0d81:a3e0:6666:b3ff:feb0:ede8 47 2a02:908:0d80:8840:6666:b3ff:feb0:ede8 44 2a02:908:0d89:9940:6666:b3ff:feb0:ede8 44 2a02:908:0d80:8840:6666:b3ff:feb0:ede8 44 Upon address change, search for the device 
 2a02:908:0d88:0ba0:6666:b3ff:feb0:ede8 44 within the same /44 2a02:908:0d82:7120:6666:b3ff:feb0:ede8 40 2a02:908:0d76:fb40:6666:b3ff:feb0:ede8 44 2a02:908:0d78:2520:6666:b3ff:feb0:ede8 44 9

  10. We first analyze the common prefix lengths between successive addresses Find how many bits match in successive addresses Common prefix 
 assigned to the same probe length 2a02:908:0d83:c780:6666:b3ff:feb0:ede8 44 2a02:908:0d88:d9a0:6666:b3ff:feb0:ede8 44 2a02:908:0d82:b2c0:6666:b3ff:feb0:ede8 46 2a02:908:0d81:a3e0:6666:b3ff:feb0:ede8 47 2a02:908:0d80:8840:6666:b3ff:feb0:ede8 44 2a02:908:0d89:9940:6666:b3ff:feb0:ede8 44 2a02:908:0d80:8840:6666:b3ff:feb0:ede8 44 Upon address change, search for the device 
 2a02:908:0d88:0ba0:6666:b3ff:feb0:ede8 44 within the same /44 2a02:908:0d82:7120:6666:b3ff:feb0:ede8 40 2a02:908:0d76:fb40:6666:b3ff:feb0:ede8 44 2a02:908:0d78:2520:6666:b3ff:feb0:ede8 44 9

  11. We first analyze the common prefix lengths between successive addresses Find how many bits match in successive addresses Common prefix 
 assigned to the same probe length 2a02:908:0d83:c780:6666:b3ff:feb0:ede8 44 2a02:908:0d88:d9a0:6666:b3ff:feb0:ede8 44 2a02:908:0d82:b2c0:6666:b3ff:feb0:ede8 46 2a02:908:0d81:a3e0:6666:b3ff:feb0:ede8 47 2a02:908:0d80:8840:6666:b3ff:feb0:ede8 44 2a02:908:0d89:9940:6666:b3ff:feb0:ede8 44 2a02:908:0d80:8840:6666:b3ff:feb0:ede8 44 Upon address change, search for the device 
 2a02:908:0d88:0ba0:6666:b3ff:feb0:ede8 44 within the same /44 2a02:908:0d82:7120:6666:b3ff:feb0:ede8 40 2a02:908:0d76:fb40:6666:b3ff:feb0:ede8 44 2a02:908:0d78:2520:6666:b3ff:feb0:ede8 44 9

  12. For LGI, subsequent addresses typically belong to the same /44 2a01:5e0:34:ffff:a62b:b0ff:fee0:848 LGI (AS6830) 
 to 103 probes 
 2a0b:c180:34:ffff:a62b:b0ff:fee0:848 580 address-changes 10

  13. Multiple behaviors appear to be occurring in DT DT (AS3320) 
 387 probes 
 114432 address-changes 11

  14. Some probes change addresses mostly within the same /56 Probe ID 2702, 1246 address changes, 30 unique /56s … 2003:0058:bd1b:06b1:220:4aff:fee0:2171 2003:0058:bd1b:0666:220:4aff:fee0:2171 2003:0058:bd1b:06b8:220:4aff:fee0:2171 2003:0058:bd1b:0617:220:4aff:fee0:2171 2003:0058:bd1b:0631:220:4aff:fee0:2171 2003:0058:bd68:87be:220:4aff:fee0:2171 2003:0058:bd68:8737:220:4aff:fee0:2171 2003:0058:bd68:8710:220:4aff:fee0:2171 Upon address change, search for the device 
 2003:0058:bd68:8753:220:4aff:fee0:2171 within the same /56 2003:0058:bd68:87d6:220:4aff:fee0:2171 … 12

  15. Some probes change addresses mostly within the same /56 Probe ID 2702, 1246 address changes, 30 unique /56s … 2003:0058:bd1b:06b1:220:4aff:fee0:2171 2003:0058:bd1b:0666:220:4aff:fee0:2171 2003:0058:bd1b:06b8:220:4aff:fee0:2171 2003:0058:bd1b:0617:220:4aff:fee0:2171 2003:0058:bd1b:0631:220:4aff:fee0:2171 2003:0058:bd68:87be:220:4aff:fee0:2171 2003:0058:bd68:8737:220:4aff:fee0:2171 2003:0058:bd68:8710:220:4aff:fee0:2171 Upon address change, search for the device 
 2003:0058:bd68:8753:220:4aff:fee0:2171 within the same /56 2003:0058:bd68:87d6:220:4aff:fee0:2171 … 12

  16. Other probes change addresses mostly within the same /40 but different /56s Probe ID 23839, 783 address changes, 780 unique /56s, 3 unique /40s … 2003:007a:0558:e400:16cc:20ff:fe48:d52a 2003:007a:0506:8800:16cc:20ff:fe48:d52a 2003:007a:0510:0500:16cc:20ff:fe48:d52a 2003:007a:056a:7800:16cc:20ff:fe48:d52a 2003:007a:056d:9c00:16cc:20ff:fe48:d52a 2003:00e3:571e:f400:16cc:20ff:fe48:d52a 2003:00e3:5715:e800:16cc:20ff:fe48:d52a 2003:00e3:571c:9700:16cc:20ff:fe48:d52a Upon address change, search for the device 
 2003:00e3:5727:de00:16cc:20ff:fe48:d52a within the same /41 2003:00e3:572c:8d00:16cc:20ff:fe48:d52a … 13

  17. Other probes change addresses mostly within the same /40 but different /56s Probe ID 23839, 783 address changes, 780 unique /56s, 3 unique /40s … 2003:007a:0558:e400:16cc:20ff:fe48:d52a 2003:007a:0506:8800:16cc:20ff:fe48:d52a 2003:007a:0510:0500:16cc:20ff:fe48:d52a 2003:007a:056a:7800:16cc:20ff:fe48:d52a 2003:007a:056d:9c00:16cc:20ff:fe48:d52a 2003:00e3:571e:f400:16cc:20ff:fe48:d52a 2003:00e3:5715:e800:16cc:20ff:fe48:d52a 2003:00e3:571c:9700:16cc:20ff:fe48:d52a Upon address change, search for the device 
 2003:00e3:5727:de00:16cc:20ff:fe48:d52a within the same /41 2003:00e3:572c:8d00:16cc:20ff:fe48:d52a … 13

  18. Are we observing a combination of 
 CPE + ISP properties? DT (AS3320) 
 387 probes 
 114432 address-changes 14

  19. We are looking to collaborate 
 and validate • Ongoing work • Investigate delegated prefix lengths • Compare address changes in IPv6 and IPv4 • Investigate per-prefix properties • Are there pieces we can work on together? • EUI-64 addresses can also serve as host- identifiers (modulo mobility) 15

  20. Backup slides: Versatel (AS8881) Versatel (AS8881) 
 55 probes 
 28983 address-changes 16

Recommend

1. IPv6 address (abbreviated representation) 2. IPv6 address (abbreviation and expansion

1. IPv6 address (abbreviated representation) 2. IPv6 address (abbreviation and expansion

1. IPv6 address (abbreviated representation) 2. IPv6 address (abbreviation and expansion practice) 3. IPv6 advantages over IPv4 4. IPv4 address structure 5. IPv6 address structure IPv4 Address 32 bit address (computer stores information

655 views • 53 slides
Source Address Finding (SAF) for IPv6 Translation Mechanisms draft-thaler-ipv6-saf-01.txt Dave

Source Address Finding (SAF) for IPv6 Translation Mechanisms draft-thaler-ipv6-saf-01.txt Dave

Source Address Finding (SAF) for IPv6 Translation Mechanisms draft-thaler-ipv6-saf-01.txt Dave Thaler dthaler@microsoft.com IETF 74 - 6AI BOF 1 UNilateral Self-Address Fixing (UNSAF) 1:1 address mappings (NAT66) avoid most of the issues

545 views • 7 slides
Deploying IPv6 in OpenStack Environments Shannon McFarland - CCIE #5245 Distinguished Engineer

Deploying IPv6 in OpenStack Environments Shannon McFarland - CCIE #5245 Distinguished Engineer

Deploying IPv6 in OpenStack Environments Shannon McFarland - CCIE #5245 Distinguished Engineer Cloud Platform & Services Group @eyepv6 Agenda General OpenStack + IPv6 Stuff Tenant IPv6 Address Assignment: SLAAC, Stateless

872 views • 51 slides
RouterLab LabCourse SoSe 2016 Worksheet 3: Access Networks with DHCP and IPv6 Stateless Address

RouterLab LabCourse SoSe 2016 Worksheet 3: Access Networks with DHCP and IPv6 Stateless Address

RouterLab LabCourse SoSe 2016 Worksheet 3: Access Networks with DHCP and IPv6 Stateless Address Auto Configuration Prof. Anja Feldmann, Philipp S. Tiesel, Thorben Krger, Apoorv Shukla IPv6 Scoped Address Architecture IPv6 addresses have

679 views • 19 slides
Internet Protocol v6 October 25, 2016 v6@nkn.in Table of Content Why IPv6? Why IPv6?

Internet Protocol v6 October 25, 2016 v6@nkn.in Table of Content Why IPv6? Why IPv6?

Internet Protocol v6 October 25, 2016 v6@nkn.in Table of Content Why IPv6? Why IPv6? IPv6 Address Space IPv6 Address Space Customer LAN Migration Customer LAN Migration Why IPv6? Why IPv6? IPv6 Address Space IPv6

770 views • 58 slides
Address scarcity, NAT, and IPv6 CSCI 466: Networks

Address scarcity, NAT, and IPv6 CSCI 466: Networks

Address scarcity, NAT, and IPv6 CSCI 466: Networks Keith Vertanen Fall 2011 Overview Handling IPv4 address scarcity Address space

766 views • 33 slides
IPv6 Ephemeral Addresses <draft-kitamura-ipv6-ephemeral-address-00.txt> Harmless IPv6

IPv6 Ephemeral Addresses <draft-kitamura-ipv6-ephemeral-address-00.txt> Harmless IPv6

IPv6 Ephemeral Addresses <draft-kitamura-ipv6-ephemeral-address-00.txt> Harmless IPv6 Address State Extension ( Uncertain State) <draft-kitamura-ipv6-uncertain-address-state-00.txt> Hiroshi KITAMURA NEC Corporation

544 views • 33 slides
IPv6 Yourself Jumping Bean What is IPv6? Replacement for IPv4, 128 bit IP address

IPv6 Yourself Jumping Bean What is IPv6? Replacement for IPv4, 128 bit IP address

IPv6 Yourself Jumping Bean What is IPv6? Replacement for IPv4, 128 bit IP address IPv4 allowed for 4.3 billion possible addresses, IPv6 allows for 340 undecillion addresses 3.40E38, 7.9E28 more than IPv4 addresses, ~ 4.8x10

1.07k views • 28 slides
Naming IPv6 address parts IETF 79 L. Donnerhacke R. Hartmann Editors What are we thinking

Naming IPv6 address parts IETF 79 L. Donnerhacke R. Hartmann Editors What are we thinking

Naming IPv6 address parts IETF 79 L. Donnerhacke R. Hartmann Editors What are we thinking about? Find a term to describe precisely : 16 bits of an IPv6 address, separated by colons Useful for daily communication Easy to pronounce

70 views • 6 slides
IPv6 Practices on China Mobile IP Bearer Network

IPv6 Practices on China Mobile IP Bearer Network

IPv6 Practices on China Mobile IP Bearer Network draft-chen-v6ops-ipv6-bearer-network-trials-00.txt IETF 81-Quebec, July 2011 G. Chen, T. Yang, L. Li and H. Deng Background China Mobile IPv6 trial program started over 3 years ago This

399 views • 8 slides
IPv6 Stateless Address Autoconfiguration: Balancing Between Security, Privacy and Usability Ahmad

IPv6 Stateless Address Autoconfiguration: Balancing Between Security, Privacy and Usability Ahmad

IPv6 Stateless Address Autoconfiguration: Balancing Between Security, Privacy and Usability Ahmad AlSadeh, Hosnieh Rafiee, Christoph Meinel Hasso-Plattner-Institut, University of Potsdam, Germany IPv6 StateLess Address Auto- Configuration

330 views • 20 slides
IPv6 Address Management The First Five Years 1 #whoami o o www.ernw.de o o

IPv6 Address Management The First Five Years 1 #whoami o o www.ernw.de o o

IPv6 Address Management The First Five Years 1 #whoami o o www.ernw.de o o https://insinuator.net/tag/ipv6/ o 2 Agenda o o o 3 3 Very Quick Stats (1) Source: http://6lab.cisco.com/stats/cible.php?coun try=DE&option=all 4

1.11k views • 48 slides
IPv6 Prefix Assignment for end-customers persistent vs non-persistent and what size to

IPv6 Prefix Assignment for end-customers persistent vs non-persistent and what size to

Best Current Operational Practice for operators: IPv6 Prefix Assignment for end-customers persistent vs non-persistent and what size to choose Jordi Palet jordi.palet@consulintel.es BCOP IPv6 Prefix Assignment for end-customers 1

533 views • 29 slides
IPv6 Prefix Assignment for end-customers persistent vs non-persistent and what size to

IPv6 Prefix Assignment for end-customers persistent vs non-persistent and what size to

Best Current Operational Practice for operators: IPv6 Prefix Assignment for end-customers persistent vs non-persistent and what size to choose Jordi Palet jordi.palet@theipv6company.com BCOP IPv6 Prefix Assignment for end-customers

701 views • 51 slides
IPv6, MPLS IPv6 History Next generation IP (AKA IPng) Intended to extend address space

IPv6, MPLS IPv6 History Next generation IP (AKA IPng) Intended to extend address space

IPv6, MPLS IPv6 History Next generation IP (AKA IPng) Intended to extend address space and routing limitations of IPv4 Requires header change Attempted to include everything new in one change IETF moderated Based

775 views • 46 slides
IPv6 Deployment at Monash University John Mann Agenda IPv6 is Coming IPv6 is Already

IPv6 Deployment at Monash University John Mann Agenda IPv6 is Coming IPv6 is Already

IPv6 Deployment at Monash University John Mann Agenda IPv6 is Coming IPv6 is Already Here Monash IPv6 Progress Addressing End Systems Monitoring Network Address Usage Traffic Monitoring Problems IPv6 is Coming

779 views • 41 slides
1 IPv6 Packet Format IPv6 Packet Format 40 Byte minimum 0 8 16 31 Mandatory fields

1 IPv6 Packet Format IPv6 Packet Format 40 Byte minimum 0 8 16 31 Mandatory fields

IPv6 IPv6, MPLS History Next generation IP (AKA IPng) Intended to extend address space and routing limitations of IPv4 Requires header change Attempted to include everything new in one change IETF moderated Based

506 views • 5 slides
IPv6 @ Navneet Nagori Network Engineering Why IPv6 IPv4 exhaustion Cost - Buying

IPv6 @ Navneet Nagori Network Engineering Why IPv6 IPv4 exhaustion Cost - Buying

IPv6 @ Navneet Nagori Network Engineering Why IPv6 IPv4 exhaustion Cost - Buying address costly , Provider supported NAT, Abuse Identification, Port exhaustion, User share address New Devices IPTV, Mobile Network, home

528 views • 21 slides
IPv6 Introduction by Harald Welte <laforge@rfc2460.org> IPv6 Introduction What? Why?

IPv6 Introduction by Harald Welte <laforge@rfc2460.org> IPv6 Introduction What? Why?

IPv6 Introduction by Harald Welte <laforge@rfc2460.org> IPv6 Introduction What? Why? What is IPv6? Successor of currently used IP Version 4 Specified 1995 in RFC 2460 Why? Address space in IPv4 too small Routing tables too large

476 views • 19 slides
IPv4 address exhaustion and IPv6 Glen Turner 2008-12-09 AARNet staff meeting aar net

IPv4 address exhaustion and IPv6 Glen Turner 2008-12-09 AARNet staff meeting aar net

IPv4 address exhaustion and IPv6 Glen Turner 2008-12-09 AARNet staff meeting aar net Australia's Academic and Research Network IPv6 policy Going forward, we seek to support IPv6 to the same extent as we support IPv4. Exceptions require

631 views • 52 slides
IAB/IESG Recommendations on IPv6 Address Allocations Jun-ichiro itojun Hagino IIJ research

IAB/IESG Recommendations on IPv6 Address Allocations Jun-ichiro itojun Hagino IIJ research

IAB/IESG Recommendations on IPv6 Address Allocations Jun-ichiro itojun Hagino IIJ research laboratory / KAME Project itojun@{iijlab.net,kame.net} Background IPv6 address space has 128 bit width IETF ipngwg (hence IAB/IESG) recommended /48

89 views • 8 slides
At which IPv6 stage are you? Scared The address is too long! All my IP addresses are

At which IPv6 stage are you? Scared The address is too long! All my IP addresses are

At which IPv6 stage are you? Scared The address is too long! All my IP addresses are traceable! Angry It's a conspiriacy there is no IPv4 shortage! As long as I get an IPv4 address I don't care! Nobody is using it anyway! Confused

863 views • 48 slides
IPv6: Where are we in 2017? Based on Internet Society 2017 report

IPv6: Where are we in 2017? Based on Internet Society 2017 report

IPv6: Where are we in 2017? Based on Internet Society 2017 report https://www.internetsociety.org/doc/state-ipv6-deployment-2017 June 6, 2017 History of IPv6 1990: IETF realized that IPv4 address space would run out Took steps to

588 views • 25 slides
Flexible IPv6 Migration Scenarios in the Context of IPv4 Address Shortage

Flexible IPv6 Migration Scenarios in the Context of IPv4 Address Shortage

Flexible IPv6 Migration Scenarios in the Context of IPv4 Address Shortage I-D.boucadair-behave-ipv6-portrange and I-D.boucadair-softwire-dslite-v6only Softwire WG Interim Meeting-BEIJING, September 2011 M. Boucadair et al.

583 views • 41 slides

More recommend