ilabx
play

iLabX Internet Protocol version 6 Stefan Liebald - PowerPoint PPT Presentation

May 31, 2023 •212 likes •783 views

iLabX Internet Protocol version 6 Stefan Liebald liebald@net.in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen August 19, 2019 Based on slides of Lukas Schwaighofer 1

  1. iLabX Internet Protocol version 6 Stefan Liebald liebald@net.in.tum.de Lehrstuhl für Netzarchitekturen und Netzdienste Fakultät für Informatik Technische Universität München August 19, 2019 Based on slides of Lukas Schwaighofer 1

  2. Outline Motivation IPv6 vs IPv4 IPv6 Addressing ICMPv6 Neighbor Discovery Protocol (NDP) Stateless Address Auto Configuration (SLAAC) Transition Mechanisms IPv6 Lab overview 2

  3. Motivation Figure: IPv6 exhaustion (source: https://xkcd.com/865) 3

  4. Outline Motivation IPv6 vs IPv4 IPv6 Addressing ICMPv6 Neighbor Discovery Protocol (NDP) Stateless Address Auto Configuration (SLAAC) Transition Mechanisms IPv6 Lab overview 4

  5. IPv4 and IPv6 Header 5

  6. IPv6 Differences ◮ 128 bit addresses compared to 32 bit in IPv4 ◮ Fragmentation only on end-hosts ◮ Header: ◮ Fixed header length (40 byte) + extension headers ◮ Fewer fields (no checksum, fragmentation) ◮ Integrated IPsec via extension header ◮ No more broadcast → multicast ◮ NDP instead of ARP ◮ more efficient routing ◮ . . . 6

  7. IPv4 Train Source: https://www.reddit.com/r/ipv6/comments/b2upap/make_ sure_you_get_a_ticket_for_the_right_ip_train 7

  8. Outline Motivation IPv6 vs IPv4 IPv6 Addressing ICMPv6 Neighbor Discovery Protocol (NDP) Stateless Address Auto Configuration (SLAAC) Transition Mechanisms IPv6 Lab overview 8

  9. IPv6 Address notation ◮ 8 blocks of 2 bytes, colon separated: ◮ e.g.: 2001:0db8:0000:0000:0000:0102:0000:0304 9

  10. IPv6 Address notation ◮ 8 blocks of 2 bytes, colon separated: ◮ e.g.: 2001:0db8:0000:0000:0000:0102:0000:0304 ◮ can be shortened: 9

  11. IPv6 Address notation ◮ 8 blocks of 2 bytes, colon separated: ◮ e.g.: 2001:0db8:0000:0000:0000:0102:0000:0304 ◮ can be shortened: ◮ replace longest sequence of blocks of zeros with :: ◮ omit leading zeros ◮ e.g. 2001:db8::102:0:304 9

  12. IPv6 Address notation ◮ 8 blocks of 2 bytes, colon separated: ◮ e.g.: 2001:0db8:0000:0000:0000:0102:0000:0304 ◮ can be shortened: ◮ replace longest sequence of blocks of zeros with :: ◮ omit leading zeros ◮ e.g. 2001:db8::102:0:304 ◮ What about ports? 9

  13. IPv6 Address notation ◮ 8 blocks of 2 bytes, colon separated: ◮ e.g.: 2001:0db8:0000:0000:0000:0102:0000:0304 ◮ can be shortened: ◮ replace longest sequence of blocks of zeros with :: ◮ omit leading zeros ◮ e.g. 2001:db8::102:0:304 ◮ What about ports? ◮ use [IPv6-address]:port ◮ e.g.: [2001:db8::102:0:304]:80 9

  14. IPv6 Prefix and Interface Identifier ◮ 128 bit IPv6 address can be split in two parts: ◮ 64 bit prefix ← identifies subnet, used for routing ◮ 64 bit interface identifier ← identifies host/interface 10

  15. IPv6 Prefix and Interface Identifier ◮ 128 bit IPv6 address can be split in two parts: ◮ 64 bit prefix ← identifies subnet, used for routing ◮ 64 bit interface identifier ← identifies host/interface ◮ example 2001:db8::102:0:304 10

  16. IPv6 Prefix and Interface Identifier ◮ 128 bit IPv6 address can be split in two parts: ◮ 64 bit prefix ← identifies subnet, used for routing ◮ 64 bit interface identifier ← identifies host/interface ◮ example 2001:db8::102:0:304 ◮ prefix: 2001:db8::/64 ◮ interface identifier: 0:102:0:304 10

  17. IPv6 Prefix and Interface Identifier ◮ 128 bit IPv6 address can be split in two parts: ◮ 64 bit prefix ← identifies subnet, used for routing ◮ 64 bit interface identifier ← identifies host/interface ◮ example 2001:db8::102:0:304 ◮ prefix: 2001:db8::/64 ◮ interface identifier: 0:102:0:304 ◮ ISP could also assign you a /56 or other prefix 10

  18. IPv6 Prefix and Interface Identifier ◮ 128 bit IPv6 address can be split in two parts: ◮ 64 bit prefix ← identifies subnet, used for routing ◮ 64 bit interface identifier ← identifies host/interface ◮ example 2001:db8::102:0:304 ◮ prefix: 2001:db8::/64 ◮ interface identifier: 0:102:0:304 ◮ ISP could also assign you a /56 or other prefix ◮ → You can create 2 8 = 256 /64 subnets from that 10

  19. Subnetting in IPv6 Figure: Subnetting in IPv6 11

  20. IPv6: Important well defined address prefixes source: https://xkcd.com/742 12

  21. IPv6: Important well defined address prefixes Address (prefix) Type ::1/128 fe80::/10 fc00::/7 2001:db8::/32 ff00::/8 13

  22. IPv6: Important well defined address prefixes Address (prefix) Type ::1/128 Loopback fe80::/10 fc00::/7 2001:db8::/32 ff00::/8 13

  23. IPv6: Important well defined address prefixes Address (prefix) Type ::1/128 Loopback fe80::/10 Link-local unicast fc00::/7 2001:db8::/32 ff00::/8 13

  24. IPv6: Important well defined address prefixes Address (prefix) Type ::1/128 Loopback fe80::/10 Link-local unicast fc00::/7 Unique Local unicast 2001:db8::/32 ff00::/8 13

  25. IPv6: Important well defined address prefixes Address (prefix) Type ::1/128 Loopback fe80::/10 Link-local unicast fc00::/7 Unique Local unicast 2001:db8::/32 Documentation ff00::/8 13

  26. IPv6: Important well defined address prefixes Address (prefix) Type ::1/128 Loopback fe80::/10 Link-local unicast fc00::/7 Unique Local unicast 2001:db8::/32 Documentation ff00::/8 Multicast 13

  27. Unicast Address Types Figure: Relevant IPv6 unicast Types 14

  28. Unicast Address Types Figure: Relevant IPv6 unicast Types Bonus: Prefix assignmets to continents https://jacquev6.github.io/IpMap 14

  29. IPv6: Important multicast addresses ◮ Multicast prefix: ff00::/8 15

  30. IPv6: Important multicast addresses ◮ Multicast prefix: ff00::/8 Address Definition ff02::1 All nodes on local network segment ff02::2 All routers on local network segment All DHCPv6 servers on local network ff02::1:2 segment ff02::1:ff00:0/104 Solicited-node multicast prefix 15

  31. Outline Motivation IPv6 vs IPv4 IPv6 Addressing ICMPv6 Neighbor Discovery Protocol (NDP) Stateless Address Auto Configuration (SLAAC) Transition Mechanisms IPv6 Lab overview 16

  32. ICMPv6 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Type Code Checksum Message body ◮ Error reporting and other things for IPv6 ◮ Relevant types: ◮ Echo request/reply ◮ Time exceeded ◮ Packet too big ◮ Destination unreachable 17

  33. Outline Motivation IPv6 vs IPv4 IPv6 Addressing ICMPv6 Neighbor Discovery Protocol (NDP) Stateless Address Auto Configuration (SLAAC) Transition Mechanisms IPv6 Lab overview 18

  34. Neighbor Discovery Protocol (NDP) 19

  35. Neighbor Discovery Protocol (NDP) ◮ Resolves MAC address of given IPv6 address to send packet over ethernet: ◮ Sender sends Neighbour Solicitation to target: ◮ IP dest: Solicited Node Multicast IPv6 Address of target (prefix + last 3 octets of address) ◮ MAC dest: IPv6 multicast over ethernet address (33:33: + last 4 octets of v6 multicast address) ◮ Full IPv6 address of target as payload ◮ Target returns Neighbour Advertisement with MAC as payload 19

  36. Outline Motivation IPv6 vs IPv4 IPv6 Addressing ICMPv6 Neighbor Discovery Protocol (NDP) Stateless Address Auto Configuration (SLAAC) Transition Mechanisms IPv6 Lab overview 20

  37. Stateless Address Auto Configuration (SLAAC) 21

  38. Stateless Address Auto Configuration (SLAAC) 1. Generate Link Local (LL) address 21

  39. Stateless Address Auto Configuration (SLAAC) 1. Generate Link Local (LL) address 2. Perform Duplicate Address Detection (DAD) ◮ Send Neighbour Solicitation for own LL address ◮ No response → assign address 21

  40. Stateless Address Auto Configuration (SLAAC) 1. Generate Link Local (LL) address 2. Perform Duplicate Address Detection (DAD) ◮ Send Neighbour Solicitation for own LL address ◮ No response → assign address 3. Send Router Solicitation (RS) to all routers 21

  41. Stateless Address Auto Configuration (SLAAC) 1. Generate Link Local (LL) address 2. Perform Duplicate Address Detection (DAD) ◮ Send Neighbour Solicitation for own LL address ◮ No response → assign address 3. Send Router Solicitation (RS) to all routers 4. Take information (prefix) from response (Router Advertisement (RA)) and configure global IP address 21

  42. Address Autogeneration Each host must have an Link Local address. Multiple Ways to generate host part: ◮ (Extended) EUI-64: 22

  43. Address Autogeneration Each host must have an Link Local address. Multiple Ways to generate host part: ◮ (Extended) EUI-64: ◮ Split MAC address (48 bit) ◮ Stuff ff:fe in the middle (16 bit) ◮ Flip second least significant bit in first octet ◮ example: MAC 00:01:02:03:04:05 → fe80::201:2ff:fe03:405 22

  44. Address Autogeneration Each host must have an Link Local address. Multiple Ways to generate host part: ◮ (Extended) EUI-64: ◮ Split MAC address (48 bit) ◮ Stuff ff:fe in the middle (16 bit) ◮ Flip second least significant bit in first octet ◮ example: MAC 00:01:02:03:04:05 → fe80::201:2ff:fe03:405 ◮ Stable privacy: ◮ Replacement for EUI-64 ◮ Add secret + subnet identifier to IPv6 address generation ◮ → stable IPv6 address per subnet, can’t be mapped to MAC 22

More recommend