ipv6 no longer optional
play

IPv6 -- No longer optional Owen DeLong owend@he.net 4 September, - PowerPoint PPT Presentation

Mar 27, 2024 •273 likes •894 views

IPv6 -- No longer optional Owen DeLong owend@he.net 4 September, 2011 Hurricane Electric Thursday, September 15, 2011 Why is this important? - Today Today 4 Sep. 2011 Hurricane Electric Page 2 Thursday, September 15, 2011 RIR Free Pool

  1. IPv6 -- No longer optional Owen DeLong owend@he.net 4 September, 2011 Hurricane Electric Thursday, September 15, 2011

  2. Why is this important? - Today Today 4 Sep. 2011 Hurricane Electric Page 2 Thursday, September 15, 2011

  3. RIR Free Pool Projections Geo fg Huston’s math: 4 Sep. 2011 Hurricane Electric Page 3 Thursday, September 15, 2011

  4. RIR Free Pool Update My speculation: Non-Austerity Austerity RIR Free Pool Date? (9/4/2011) ARIN 7.75 /8s 3/2012? AfriNIC 4.74 /8s 4/2012? RIPE 2.26 /8s 11/2011? LACNIC 2.81 /8s 4/2012? APNIC 0.00 /8s OUT 4/15/11 4 Sep. 2011 Hurricane Electric Page 4 Thursday, September 15, 2011

  5. IPv4 Runout Process  IANA runs out first, ~2011 February 3, 2011  RIRs start running out probably in 2012 around June, 2011 APNIC ran out April 15, 2011  End-User providers start running out shortly after RIR runout. Most likely, the larger ones first (APNIC happening now)  After ISPs start running out, an increasing number of your customers/users will have are experiencing limited or seriously degraded ability to connect via IPv4, possibly even no ability. 4 Sep. 2011 Hurricane Electric Page 5 Thursday, September 15, 2011

  6. IPv6 Transition -- How ready are we?  Things that are WiMax (specification, head ready end equipment) Backbones LTE (some) CMTS Systems CPE (very limited) (DOCSIS 3) Early Adopters and MacOS (10.4+) some industry Linux (2.6 Kernels) experts Windows (7, 2008, Hurricane Electric XP (limited)) Me 4 Sep. 2011 Hurricane Electric Page 6 Thursday, September 15, 2011

  7. IPv6 Transition -- How ready are we?  Things that are Older Windows (XP and earlier) NOT ready Embedded systems PON Systems Printers DSL Systems Home entertainment CMTS Systems devices (DOCSIS 2) CPE (most) WDS/EVDO/HSPA Most IT staff and WIMAX (handsets, management providers) 4 Sep. 2011 Hurricane Electric Page 7 Thursday, September 15, 2011

  8. Quick survey 4 Sep. 2011 Hurricane Electric Page 8 Thursday, September 15, 2011

  9. Quick survey How many of you have started planning IPv6 in your organization? 4 Sep. 2011 Hurricane Electric Page 8 Thursday, September 15, 2011

  10. Quick survey How many of you have started planning IPv6 in your organization? How many of you have IPv6 running in a test environment? 4 Sep. 2011 Hurricane Electric Page 8 Thursday, September 15, 2011

  11. Quick survey How many of you have started planning IPv6 in your organization? How many of you have IPv6 running in a test environment? How many of you have started deploying IPv6 to your organization? 4 Sep. 2011 Hurricane Electric Page 8 Thursday, September 15, 2011

  12. Quick survey How many of you have started planning IPv6 in your organization? How many of you have IPv6 running in a test environment? How many of you have started deploying IPv6 to your organization? How many of you have a fully production dual-stack environment running in your organization? 4 Sep. 2011 Hurricane Electric Page 8 Thursday, September 15, 2011

  13. This is a room full of IPv6 proponents.  Results from other rooms:  Planning? -- average about 5%  Test environment? -- average about 2%  Deploying? -- Average 1-2 hands  Full production? -- Usually just my hand.  We have to do better!  If you’re not planning, why?  If you’re deploying, keep moving.  Full Production? Help the others! 4 Sep. 2011 Hurricane Electric Page 9 Thursday, September 15, 2011

  14. LoL Kitteh sez: More IPv4 NAT Are you fscking kidding me? 4 Sep. 2011 Hurricane Electric Page 10 Thursday, September 15, 2011

  15. Shared Network, Shared Fate  I hear a lot of people say “I don’t need to do IPv6, I have enough IPv4 addresses for years to come.”  Are you really on the internet just to talk to your own organization?  There simply aren’t enough addresses for everyone that wants/needs to be on the internet in IPv4. If you want to be able to reach new participants, that’s going to require IPv6.  Workarounds all come with bad tradeoffs. 4 Sep. 2011 Hurricane Electric Page 11 Thursday, September 15, 2011

  16. The real questions... How many of you think your organization will be fully IPv6 ready by February, 2012? What do you plan to do to fix that? How do you plan to cope with a world where there are no more IPv4 addresses available? How do you plan to cope with a world where some of your customers have only IPv6 connectivity, or, severely degraded IPv4 connectivity? 4 Sep. 2011 Hurricane Electric Page 12 Thursday, September 15, 2011

  17. The final question... Which Approach will you take? IPv4 is just fine. We just need MOAR NAT!! IPv4/IPv6 Dual Stack Now My dual stack network is running great! 4 Sep. 2011 Hurricane Electric Page 13 Thursday, September 15, 2011

  18. What we’ll cover  Basics of IPv6  IPv6 Addressing Methods  SLAAC  DHCP  Static  Privacy  Linux Configuration for Native Dual Stack  IPv6 without a native backbone available  Free IPv6? 4 Sep. 2011 Hurricane Electric Page 14 Thursday, September 15, 2011

  19. Some additional topics  Routing  Firewalls  DNS  Reverse DNS  Troubleshooting  Staff Training 4 Sep. 2011 Hurricane Electric Page 15 Thursday, September 15, 2011

  20. Basics: IPv4 vs. IPv6 Property IPv4 Address IPv6 Address Bits 32 128 Total address 3,758,096,384 unicast 42+ Undecilion assignable 1 268,435,456 multicast space 297+ Undeciliion IANA reserved 2 268,435,456 Experimental/other (Class E, F, G) Most prevalent /24 (254 usable hosts) /64 (18,446,744,073,709,551,616 host addresses) network size Notation Dotted Decimal Octets Hexidecimal Quads (192.0.2.239) (2001:db8:1234:9fef::1) Shortening Suppress leading zeroes per Suppress leading zeroes per octet quad, longest group of zeroes replaced with :: 1 42,535,295,865,117,30 117,307,932,921,825,928,971,026,432 assi 2 assignable unicast (1/8th of total) 2 297,747,071,055,821,1 ,821,155,530,452,781,502,797,185,024 IAN 24 IANA reserved (7/8th of total) 4 Sep. 2011 Hurricane Electric Page 16 Thursday, September 15, 2011

  21. Network Size and Number of networks (The tasty version) One IPv6 /64 -- Enough M&Ms to fill all 5 of the great lakes. One IPv4 /24 -- 254 M&Ms he.net he.net Full Address Space, One M&M per Full Address Space, One M&M per /24 covers 70% of a football field /64 fills all 5 great lakes. Comparison based on Almond M&Ms, not plain. Caution! Do not attempt to eat a /64 worth of any style of M&Ms. 4 Sep. 2011 Hurricane Electric Page 17 Thursday, September 15, 2011

  22. Basics: IPv4 vs. IPv6 thinking Thought IPv4 dogma IPv6 dogma Assignment Unit Address (/32) Network (/64) Address Tradeoff -- Aggregation, Aggregation (At least for this Optimization Scarcity first 1/8th of the address space) Address Issue Sequential, Slow Start, Bisection (minimize fragmentation), frequent fragmentation issue large, minimal requests for Methodology more, aggregate expansions. NAT Necessary for address Not supported, Not needed -- Breaks more than it solves conservation (other than possible NAT64) Address Static, DHCP Stateless Autoconf, Static, Configuration some DHCP (needs work), DHCP-PD (NEW!!) 4 Sep. 2011 Hurricane Electric Page 18 Thursday, September 15, 2011

  23. Example: v6 only clients with v4 only servers IPv6 only Clients IPv4 Only Server 4 Sep. 2011 Hurricane Electric Page 19 Thursday, September 15, 2011

  24. This is the Internet This is the Internet on IPv4 (2012) Any quesitons? 4 Sep. 2011 Hurricane Electric Page 20 Thursday, September 15, 2011

  25. Basics Address Scopes  Link Local -- fe80::<UUVV:WW>ff:fe<XX:YYZZ> only valid on directly attached subnet.  Site Local (deprecated) -- Only valid within site, use ULA or global as substitute.  Unique Local Addresses (ULA) -- Essentially replaces IPv4 RFC-1918, but, more theoretical uniqueness.  Global -- Pretty much any other address, currently issued from 2000::/3, globally unique and valid in global routing tables. 4 Sep. 2011 Hurricane Electric Page 21 Thursday, September 15, 2011

  26. Basics: Stateless Autoconfiguration  Easiest configuration  No host configuration required  Provides only Prefix and Router information, no services addresses (DNS, NTP, etc.)  Assumes that all advertising routers are created equal, rogue RA can be pretty transparent to user (RA guard required on switches to avoid) 4 Sep. 2011 Hurricane Electric Page 22 Thursday, September 15, 2011

  27. RA Guard -- PUSH YOUR VENDORS!!  RA has a serious vulnerability  Compare to rogue DHCP  Accidental Rogue RA  breaks stuff  easy to find  easy to mitigate  Malicious Rogue RA  Virtually undetectable  All your packets are belong to us  Coffee Shop nightmare 4 Sep. 2011 Hurricane Electric Page 23 Thursday, September 15, 2011

  28. Stateless Autoconfiguration Process  Host uses MAC address to produce Link Local Address. If MAC is EUI-48, convert to EUI-64 per IEEE process: invert 0x02 bit of first octet, insert 0xFFFE between first 24 bits and last 24 bits fe80::<EUI-64>  IPv6 shutdown on interface if duplicate detected.  ICMP6 Router Solicitation sent to All Routers Multicast Group 4 Sep. 2011 Hurricane Electric Page 24 Thursday, September 15, 2011

Recommend

IPv6 IPv6 Header IPv6 Addressing IPv6 Neighbor Discovery Jyh-Cheng Chen Department of Computer

IPv6 IPv6 Header IPv6 Addressing IPv6 Neighbor Discovery Jyh-Cheng Chen Department of Computer

Outline IPv6 IPv6 Header IPv6 Addressing IPv6 Neighbor Discovery Jyh-Cheng Chen Department of Computer Science and IPv6 Autoconfiguration Institute of Communications Engineering National Tsing Hua University jcchen@cs.nthu.edu.tw

783 views • 11 slides
Internet Evolution and IPv6 Paul Wilson APNIC 1 Where are IPv6 addresses today? 2 IPv6

Internet Evolution and IPv6 Paul Wilson APNIC 1 Where are IPv6 addresses today? 2 IPv6

Internet Evolution and IPv6 Paul Wilson APNIC 1 Where are IPv6 addresses today? 2 IPv6 Global allocations by RIR APNIC 337 21% RIPENCC 737 45% ARIN 438 LACNIC AFRINIC 27% 87 37 5% 2% Unit: IPv6 pref i x 3 IPv6

603 views • 24 slides
IPv6 Ready Logo Aiding IPv6 Deployment Timothy Winters LACNIC 27 May 2017 IPv6 Forums IPv6

IPv6 Ready Logo Aiding IPv6 Deployment Timothy Winters LACNIC 27 May 2017 IPv6 Forums IPv6

IPv6 Ready Logo Aiding IPv6 Deployment Timothy Winters LACNIC 27 May 2017 IPv6 Forums IPv6 Ready Logo Goal 2001-Present: Conformance and Interoperability test program intended to increase user confidence and promote IPv6 deployment.

403 views • 11 slides
Chapter 8 Communication Networks and Services 1. IPv6 2. Internet Routing Protocols: OSPF,

Chapter 8 Communication Networks and Services 1. IPv6 2. Internet Routing Protocols: OSPF,

Chapter 8 Communication Networks and Services 1. IPv6 2. Internet Routing Protocols: OSPF, RIP, BGP 3. Other protocols: DHCP, NAT, and Mobile IP Chapter 8 Communication Networks and Services IPv6 SYSC5201 2 IPv6 Longer address

898 views • 55 slides
IPv6 Extension headers Suresh Krishnan James Woodyatt Erik Kline James Hoagland Extension

IPv6 Extension headers Suresh Krishnan James Woodyatt Erik Kline James Hoagland Extension

IPv6 Extension headers Suresh Krishnan James Woodyatt Erik Kline James Hoagland Extension headers The base IPv6 standard [RFC2460] defines extension headers An expansion mechanism to carry optional internet layer information.

638 views • 8 slides
IPv6 Deployment at Monash University John Mann Agenda IPv6 is Coming IPv6 is Already

IPv6 Deployment at Monash University John Mann Agenda IPv6 is Coming IPv6 is Already

IPv6 Deployment at Monash University John Mann Agenda IPv6 is Coming IPv6 is Already Here Monash IPv6 Progress Addressing End Systems Monitoring Network Address Usage Traffic Monitoring Problems IPv6 is Coming

779 views • 41 slides
Life with IPv6 Journe Cohabitation IPv4-IPv6 16 Fvrier 2005 Keiichi SHIMA

Life with IPv6 Journe Cohabitation IPv4-IPv6 16 Fvrier 2005 Keiichi SHIMA

Life with IPv6 Journe Cohabitation IPv4-IPv6 16 Fvrier 2005 Keiichi SHIMA &lt;keiichi@iijlab.net&gt; IIJ Research Laboratory / WIDE project Contents IPv6 service in Japan How I live Example of IPv6 configuration Some news of IPv6

653 views • 16 slides
Introduction to IPv6 (Chapter 4 in Huitema) IPv6,Mobility-1 S-38.121 / S-03 / N Beijar IPv6

Introduction to IPv6 (Chapter 4 in Huitema) IPv6,Mobility-1 S-38.121 / S-03 / N Beijar IPv6

Introduction to IPv6 (Chapter 4 in Huitema) IPv6,Mobility-1 S-38.121 / S-03 / N Beijar IPv6 addresses 128 bits long Written as eight 16-bit integers separated with colons E.g. 1080:0000:0000:0000:0000:0008:200C:417A =

617 views • 20 slides
IPv6 Deployment WG in IPv6 Promotion Council and its Deployment Guideline 2005.2.23 IPv6

IPv6 Deployment WG in IPv6 Promotion Council and its Deployment Guideline 2005.2.23 IPv6

IPv6 Deployment WG in IPv6 Promotion Council and its Deployment Guideline 2005.2.23 IPv6 Deployment WG Chair Takashi Arano (Intec NetCore, Inc.) IPv6 Deployment Guideline solves barriers for deployment I cant see IPv6s

319 views • 7 slides
Introduction to IPv6 (Chapter 4 in Huitema) S-38.121 / Fall-04 / N Beijar IPv6,Mobility-1 IPv6

Introduction to IPv6 (Chapter 4 in Huitema) S-38.121 / Fall-04 / N Beijar IPv6,Mobility-1 IPv6

Introduction to IPv6 (Chapter 4 in Huitema) S-38.121 / Fall-04 / N Beijar IPv6,Mobility-1 IPv6 addresses 128 bits long Written as eight 16-bit integers separated with colons E.g. 1080:0000:0000:0000:0000:0008:200C:417A =

556 views • 20 slides
Introducing IPv6-only in the Internet: Balkanisation or Translation? Alain.Durand@sun.com

Introducing IPv6-only in the Internet: Balkanisation or Translation? Alain.Durand@sun.com

Introducing IPv6-only in the Internet: Balkanisation or Translation? Alain.Durand@sun.com When will IPv6-only deployment happen? Hypothesis 1 1st node is All IPv4 nodes dual-stack speak also IPv6 IPv4-only IPv4 &amp; IPv6 IPv6-only

675 views • 25 slides
IPv6 Introduction by Harald Welte &lt;laforge@rfc2460.org&gt; IPv6 Introduction What? Why?

IPv6 Introduction by Harald Welte &lt;laforge@rfc2460.org&gt; IPv6 Introduction What? Why?

IPv6 Introduction by Harald Welte &lt;laforge@rfc2460.org&gt; IPv6 Introduction What? Why? What is IPv6? Successor of currently used IP Version 4 Specified 1995 in RFC 2460 Why? Address space in IPv4 too small Routing tables too large

476 views • 19 slides
1 IPv6 Packet Format IPv6 Packet Format 40 Byte minimum 0 8 16 31 Mandatory fields

1 IPv6 Packet Format IPv6 Packet Format 40 Byte minimum 0 8 16 31 Mandatory fields

IPv6 IPv6, MPLS History Next generation IP (AKA IPng) Intended to extend address space and routing limitations of IPv4 Requires header change Attempted to include everything new in one change IETF moderated Based

506 views • 5 slides
Internet Protocol Version 6 (IPv6): North American IPv6 Summit April 10, 2012 Steven Pirzchalski

Internet Protocol Version 6 (IPv6): North American IPv6 Summit April 10, 2012 Steven Pirzchalski

Department of Veterans Affairs Internet Protocol Version 6 (IPv6): North American IPv6 Summit April 10, 2012 Steven Pirzchalski Director, Enterprise Transport Services VA IPv6 Transition Manager Outreach Chair, Federal IPv6 Task Force Major

382 views • 13 slides
IANA IPV6 Workshop A View From the Trenches (Some thoughts on IPV6 deployment in enterprise and

IANA IPV6 Workshop A View From the Trenches (Some thoughts on IPV6 deployment in enterprise and

IANA IPV6 Workshop A View From the Trenches (Some thoughts on IPV6 deployment in enterprise and ISP networks) Joel Jaeggli Nokia This talk is focused on the issues faced by network operators in deploying IPV6 Most of these observations are

548 views • 50 slides
IPv6 IPv6 IIJ IPv6 Home Networks and IPv6 Appliances Progress and Potential Moderator Kazu

IPv6 IPv6 IIJ IPv6 Home Networks and IPv6 Appliances Progress and Potential Moderator Kazu

IPv6 IPv6 IIJ IPv6 Home Networks and IPv6 Appliances Progress and Potential Moderator Kazu Yamamoto, IIJ

338 views • 9 slides
IPv6 Addressing and IPv6 Addressing and Implementation Implementation Rodolfo Kohn Software

IPv6 Addressing and IPv6 Addressing and Implementation Implementation Rodolfo Kohn Software

IPv6 Addressing and IPv6 Addressing and Implementation Implementation Rodolfo Kohn Software Architect Intel Software de Argentina rodolfo.kohn@intel.com IPv6 - Agenda Why IPv6? No business case Different drivers IPv6 main

440 views • 28 slides
The Internet Protocol (IP) Part 2: IPv6 JeanYves Le Boudec Fall 2009 1 1 Contents 1. IPv6

The Internet Protocol (IP) Part 2: IPv6 JeanYves Le Boudec Fall 2009 1 1 Contents 1. IPv6

COLE POLYTECHNIQUE FDRALE DE LAUSANNE The Internet Protocol (IP) Part 2: IPv6 JeanYves Le Boudec Fall 2009 1 1 Contents 1. IPv6 2. NATs 3. Interworking IPv4 / IPv6 4. Routing Implications 5. Recap Some slides come from:

911 views • 73 slides
Global IPv6 statistics Measuring the current state of IPv6 for ordinary users Steinar H.

Global IPv6 statistics Measuring the current state of IPv6 for ordinary users Steinar H.

Global IPv6 statistics Measuring the current state of IPv6 for ordinary users Steinar H. Gunderson Software Engineer 1 Motivation There is too little data about IPv6 among clients Existing measurements mostly on a small scale and/or

517 views • 20 slides
Introduction to IPv6 - II Building your IPv6 network Alvaro Vives | 27 June 2017 | Workshop on

Introduction to IPv6 - II Building your IPv6 network Alvaro Vives | 27 June 2017 | Workshop on

Introduction to IPv6 - II Building your IPv6 network Alvaro Vives | 27 June 2017 | Workshop on Open Source Solutions for the IoT Contents IPv6 Protocols and Autoconfiguration - ICMPv6 - Path MTU Discovery (PMTU-D) - NDP -

879 views • 32 slides
Advanced Exercises (optional - but then again, all of these are optional) Exercise 1 I posted

Advanced Exercises (optional - but then again, all of these are optional) Exercise 1 I posted

Advanced Exercises (optional - but then again, all of these are optional) Exercise 1 I posted solution to all the previous exercises. Go through my solutions and compare to yours. Experiment with some of the alternatives I show. Let me know of

801 views • 11 slides
IPv6 Transition Revisit Davey Song BII Foresee and imply IPv6 is a long way to go? What if

IPv6 Transition Revisit Davey Song BII Foresee and imply IPv6 is a long way to go? What if

IPv6 Transition Revisit Davey Song BII Foresee and imply IPv6 is a long way to go? What if ? Global IPv6 Development and Efforts On Feb, 3, 2011 IANA announced the exhaustion of its IPv4 pool Followed by APNIC at 19-Apr-2011, and

254 views • 24 slides
Legal and Policy Aspects of CIRs Ashok.B.Radhakissoon General Counsel/Policy Liaison AfriNIC

Legal and Policy Aspects of CIRs Ashok.B.Radhakissoon General Counsel/Policy Liaison AfriNIC

Legal and Policy Aspects of CIRs Ashok.B.Radhakissoon General Counsel/Policy Liaison AfriNIC Opportunity for Africa 1.Existing IPv4 Resources 2.The very low IPv6 penetration 3.Longer time for co-existence of transition networks 4.Longer

338 views • 18 slides
Introduction to Mobile IPv6 III IPv6 Global Summit Moscow Dr. Dimitrios Kalogeras dkalo@grnet.gr

Introduction to Mobile IPv6 III IPv6 Global Summit Moscow Dr. Dimitrios Kalogeras dkalo@grnet.gr

Introduction to Mobile IPv6 III IPv6 Global Summit Moscow Dr. Dimitrios Kalogeras dkalo@grnet.gr GRNET 1 Outline Introduction Relevant Features of IPv6 Major Differences between MIPv4 and MIPv6 Mobile IPv6 Operation Home

752 views • 35 slides

More recommend