ip version 6 (ipv6) advantages and transitions pat r. calhoun carl williams sun microsystems
TRANSCRIPT
IP Version 6 (IPv6)IP Version 6 (IPv6)Advantages and Advantages and
TransitionsTransitions
Pat R. CalhounPat R. Calhoun
Carl WilliamsCarl Williams
Sun MicrosystemsSun Microsystems
IntroductionIntroduction
• This contribution is intended to provide This contribution is intended to provide 3GPP2 members with an introduction to 3GPP2 members with an introduction to IP version 6.IP version 6.
• This contribution will discuss the This contribution will discuss the advantages of IPv6, as well as the advantages of IPv6, as well as the different transition tools available.different transition tools available.
Why is IPv6 needed?Why is IPv6 needed?
IPv4 problemsIPv4 problems
• 1. Running out of Internet addresses ...1. Running out of Internet addresses ...–Stops Internet growth for existing usersStops Internet growth for existing users–Prevents use of the Internet for new usersPrevents use of the Internet for new users–Internet Routing today is inefficient for Internet Internet Routing today is inefficient for Internet
Service Providers (ISPs)Service Providers (ISPs)–Forces users to use NAT Forces users to use NAT
• Loss of the end-to-end principle for networkingLoss of the end-to-end principle for networking
IPv4 problemsIPv4 problems
• 2. System Management2. System Management– Labour intensive, complex, slow & error proneLabour intensive, complex, slow & error prone– Subscriber Networks cannot be dynamically Subscriber Networks cannot be dynamically
renumbered or configuredrenumbered or configured
• 3. Security 3. Security • 4. Bandwidth Reservation / Resource 4. Bandwidth Reservation / Resource
MeteringMetering– Need to schedule bandwidth for select timeNeed to schedule bandwidth for select time– Pay or Charge only for what is usedPay or Charge only for what is used
The “Transparency” Principle The “Transparency” Principle has been lost ...has been lost ...
• Internet “Transparency” concept Internet “Transparency” concept – Transparent transmission of datagramsTransparent transmission of datagrams
• Addresses are uniqueAddresses are unique• Datagrams are not touched in transitDatagrams are not touched in transit• End-Systems handle naming, error detection, error End-Systems handle naming, error detection, error
recovery, security recovery, security
– Applications are designed with this principle Applications are designed with this principle in mindin mind
The “Transparency” Principle The “Transparency” Principle has been lost ...has been lost ...
• In today’s world we are loosing In today’s world we are loosing TransparencyTransparency
• Private addresses Private addresses • Network Address Translators (NATs)Network Address Translators (NATs)• Intranet growthIntranet growth• FirewallsFirewalls
– Applications sometime fail completely or have Applications sometime fail completely or have to be designed without this basic principleto be designed without this basic principle
Will IPv4 last forever?Will IPv4 last forever?
• How long can we ignore these problems?How long can we ignore these problems?– IPv4 address space will run outIPv4 address space will run out– There is an engineering limit to the amount of There is an engineering limit to the amount of
retrofitting that can be applied to IPv4retrofitting that can be applied to IPv4
• Need to regain some “Transparency”Need to regain some “Transparency”• A natural evolution from IPv4 is requiredA natural evolution from IPv4 is required
– Designed with extensibility and scalability in Designed with extensibility and scalability in mindmind
IPv6 Benefits - Short TermIPv6 Benefits - Short Term
• Increased Address Space Increased Address Space – Efficient addressing and routing topologyEfficient addressing and routing topology– NAT is not RequiredNAT is not Required
• ArchitectureArchitecture– Optimized for 64 bit architectureOptimized for 64 bit architecture– Efficient and Extensible IP datagramEfficient and Extensible IP datagram– Improved Host and Router DiscoveryImproved Host and Router Discovery– MulticastMulticast– Enhancements for Quality of Service (QOS) and for Enhancements for Quality of Service (QOS) and for
Mobile NetworkingMobile Networking
• Plug and PlayPlug and Play– Dynamic Address Autoconfiguration (Stateless, Stateful)Dynamic Address Autoconfiguration (Stateless, Stateful)– Dynamic Renumbering of NetworksDynamic Renumbering of Networks
• SecuritySecurity
IPv6 benefits - Long TermIPv6 benefits - Long Term
• Dynamic Rehoming of Applications Dynamic Rehoming of Applications – MobilityMobility
• Quality of Service for end-to-end Quality of Service for end-to-end networking.networking.
• Extensible to support new features for Extensible to support new features for applicationsapplications– Voice over IP (VoIP), Video, Network Voice over IP (VoIP), Video, Network
Management, Mobility, Network AppliancesManagement, Mobility, Network Appliances
• Other functions still evolving from the Other functions still evolving from the extensibility of the architecture.extensibility of the architecture.
IP Address 4 Bytes- starting to run out now- routing less efficient
16 Bytes- massive address space increase- routing much more efficient
665,570,793,348,866,943,898,599 IPv6 Addresses / m2 of the Earth Surface
NetworkAddress Mgmt.(plug & play)
ManualDHCP optionalRouter Discovery(optional)
Autoconfiguration (stateless)DHCP mandatory (stateful)Router Discovery mandatoryNeighbor Discovery detectionRouter Renumbering
Security Retrofit, optional Mandated standard, integrated, & flexible
Quality ofService
Optional, Patched On Inherent Features to Support QoSFlow Label, Priority Field
MobileNetworking
Retrofit, Requires foreignand home agents
Inherent as Extension Header in IPv6,Neighbor Discovery, and Auto Config
IPv4 IPv6
IPv4 versus IPv6 Key FeaturesIPv4 versus IPv6 Key Features
IPv6 Status - ImplementationsIPv6 Status - Implementations
• Host ImplementationsHost Implementations– Sun, Compaq, HP, IBM, Mentat, Microsoft, Linux, BSDI, Sun, Compaq, HP, IBM, Mentat, Microsoft, Linux, BSDI,
INRIA, FreeBSD, NetBSD, SGI, WIDE etcINRIA, FreeBSD, NetBSD, SGI, WIDE etc
• Router ImplementationsRouter Implementations– 3com, Cisco, Bay Networks, Hitachi, Nokia, Sumitomo 3com, Cisco, Bay Networks, Hitachi, Nokia, Sumitomo
Electric, Telebit, Merit etcElectric, Telebit, Merit etc
• Recent Product Announcements (MSFT, CISCO)Recent Product Announcements (MSFT, CISCO)• Some shipping in products todaySome shipping in products today
– Sun Solaris 8Sun Solaris 8– IBM AIX 4.3IBM AIX 4.3– TelebitTelebit
http://playground.sun.com/pub/ipng/html/ipng-main.htmlhttp://playground.sun.com/pub/ipng/html/ipng-main.html
http://6bone.net/
IPv6 TODAY: 6BoneIPv6 TODAY: 6Bone
• A Public Test bed for IPv6 and it’s related protocolsA Public Test bed for IPv6 and it’s related protocols• To Assist in the Evolution and Deployment of IPv6To Assist in the Evolution and Deployment of IPv6• IPv6 Sites are connected to each otherIPv6 Sites are connected to each other
– over IPv4 (IPv6 tunnelled in IPv4)over IPv4 (IPv6 tunnelled in IPv4)– over native IPv6 linksover native IPv6 links
• 28+ Implementations on the 6Bone28+ Implementations on the 6Bone– HostsHosts
• Sun Solaris 8, COMPAQ’s TRU64 UNIX and OpenVMS, Hitachi Sun Solaris 8, COMPAQ’s TRU64 UNIX and OpenVMS, Hitachi NR60, IBM AIX, Inria BSD, Linux, SICS HP-UX, UNH for BSD, NR60, IBM AIX, Inria BSD, Linux, SICS HP-UX, UNH for BSD, NRL for BSD, WIDE Hydrangea for BSD, WIDE ZETA for BSD, NRL for BSD, WIDE Hydrangea for BSD, WIDE ZETA for BSD, WIDE v6d, Microsoft ResearchWIDE v6d, Microsoft Research
– RoutersRouters• Bay, Cisco, Fujitsu LR550, Hitachi NR60, Inria BSD, Linux, Bay, Cisco, Fujitsu LR550, Hitachi NR60, Inria BSD, Linux,
Merit MRT, NRL for BSD, Telebit, WIDE Hydrangea for BSD, Merit MRT, NRL for BSD, Telebit, WIDE Hydrangea for BSD, WIDE ZETA for BSD, WIDE v6dWIDE ZETA for BSD, WIDE v6d
IPv6 TODAYIPv6 TODAYGrowing World-wideGrowing World-wide
• 469 Registered IPv6 Sites on the 6Bone - October 469 Registered IPv6 Sites on the 6Bone - October 19991999– US and CanadaUS and Canada 123123 ((107))((107)) (95)– EuropeEurope 252252 ((187))((187)) (160)– Asia PacificAsia Pacific 7575 ((51))((51)) (43)– Latin AmericaLatin America 1616 ((4))((4)) (1)– AfricaAfrica 33 ((3))((3)) (0)– CountriesCountries 4242 ((41)) ((41)) (35)
((352)) ((352)) (299)
(( )) Values in March 1999(( )) Values in March 1999
( ) Values in August 1998
IPv6 TODAY: 6RENIPv6 TODAY: 6REN
• The 6REN is a voluntary coordination initiative of The 6REN is a voluntary coordination initiative of Research and Education Networks that provide Research and Education Networks that provide productionproduction IPv6 transit service IPv6 transit service – To facilitate high quality, high performance, and To facilitate high quality, high performance, and
operationally robust IPv6 networks. operationally robust IPv6 networks. – Participation is free and open to all Research and Participation is free and open to all Research and
Education Networks that provide IPv6 service. Education Networks that provide IPv6 service. – Other for-profit and not-for-profit IPv6 networks are Other for-profit and not-for-profit IPv6 networks are
also encouraged to participate.also encouraged to participate.
• Join the 6REN Initiative Join the 6REN Initiative • See the new web site for the 6RENSee the new web site for the 6REN
http://www.6ren.net/
IPv6 FORUMIPv6 FORUM• A world-wide consortium of leading Internet A world-wide consortium of leading Internet
vendors and Research and Education vendors and Research and Education Networks Networks
• The IPv6 FORUM mission The IPv6 FORUM mission – To promote IPv6 in order to create a higher To promote IPv6 in order to create a higher
quality and more secure Next Generation quality and more secure Next Generation Internet.Internet.
• The FORUM works closely with the Internet The FORUM works closely with the Internet Engineering Task Force (IETF) which is Engineering Task Force (IETF) which is responsible for the IPv6 technical responsible for the IPv6 technical specificationsspecifications
• 66 ‘Founding Members’66 ‘Founding Members’
http://www.ipv6forum.com/
Internet Draft
Technically complete and stable?
Yes
Yes
Yes
Proposed Standard (RFC)
DraftStandard (RFC)Multiple
InteroperableImplemen-
tations InternetStandard (RFC)
Significant OperationalExperience?
Where in the standardization process is IPv6?
Platform - 6bone
6ren, vBNS etc.3GPP2?
IPv6 StandardizationIPv6 Standardization
IPv6 - IPv4 InteroperationIPv6 - IPv4 Interoperation
Facts of Life IPv4 and IPv6Facts of Life IPv4 and IPv6
• Facts:Facts:– Millions of nodes are running IPv4 todayMillions of nodes are running IPv4 today– Some nodes will never upgrade to IPv6Some nodes will never upgrade to IPv6
• Large investment in IPv4 applicationsLarge investment in IPv4 applications
• Consequences:Consequences:– IPv4 and IPv6 will coexist for an extended IPv4 and IPv6 will coexist for an extended
period.period.• For ever?For ever?
– Great care has been taken to ensure that Great care has been taken to ensure that hosts and routers can be upgraded to IPv6 hosts and routers can be upgraded to IPv6 independently. independently.
– Transition must prevent isolation of IPv4 Transition must prevent isolation of IPv4 nodes.nodes.
Facts of Life for a Successful Facts of Life for a Successful DeploymentDeployment
• No disruptionNo disruption– IPv6 and IPv4 Router + Hosts can interoperateIPv6 and IPv4 Router + Hosts can interoperate
• Incremental upgrade / DeploymentIncremental upgrade / Deployment– IPv6 routers and hosts can be deployed in an IPv6 routers and hosts can be deployed in an
Intranet in a highly diffused and incremental Intranet in a highly diffused and incremental fashionfashion
• Low start-up costs Low start-up costs – Transition should be as easy as possible for Transition should be as easy as possible for
end-users, system administrators, and end-users, system administrators, and network operatorsnetwork operators
• No Flag Days.No Flag Days.
Mechanisms for transitionMechanisms for transition
• Many tools and proposals availableMany tools and proposals available• IETF Ngtrans Working Group working on IETF Ngtrans Working Group working on
Roadmap documentsRoadmap documents• Basic Transition toolsBasic Transition tools
– Dual Stack Dual Stack – TunnelsTunnels
• TranslationsTranslations– packet header translations and ALG’spacket header translations and ALG’s
• OthersOthers
RFC 1933 RFC 1933 Transition Mechanisms for IPv6 Hosts and RoutersTransition Mechanisms for IPv6 Hosts and Routers
Basic transition tools:Basic transition tools:Dual Stacks and TunnelsDual Stacks and Tunnels
• Defines:Defines:– Two Mechanisms Two Mechanisms
• Dual IP layer - providing complete support for both Dual IP layer - providing complete support for both IPv4 and IPv6 in hosts and routers. IPv4 and IPv6 in hosts and routers.
• Tunnels to encapsulate IPv6 packets within IPv4 Tunnels to encapsulate IPv6 packets within IPv4 headers and to carry them over headers and to carry them over IPv4 routing IPv4 routing infrastructuresinfrastructures. .
– An IPv6 addressing structure that embeds An IPv6 addressing structure that embeds IPv4 addresses within IPv6 addressesIPv4 addresses within IPv6 addresses
IPv6IPv4
IPv4 Address MappingIPv4 Address Mapping
• IPv4-Mapped IPv6 AddressIPv4-Mapped IPv6 Address– a node that is not IPv6-capablea node that is not IPv6-capable
• Reachable using the IPv4 Routing InfrastructureReachable using the IPv4 Routing Infrastructure
0000:0000:0000:0000:0000:0000:FFFF:<IPv4 Address>0000:0000:0000:0000:0000:0000:FFFF:<IPv4 Address> ::FFFF:10.21.32.43::FFFF:10.21.32.43
IPv6IPv4
TCP
IPv4
IPv6
TCP
TCP
IPv4
Dual-IP StacksDual-IP Stacks
• IPv4 address acquiredIPv4 address acquired– via IPv4 mechanismsvia IPv4 mechanisms
• IPv6 address acquiredIPv6 address acquired– via stateless or stateful configuration via stateless or stateful configuration
IPv6
Applications: IPv6-IPv4 Applications: IPv6-IPv4 InteroperabilityInteroperability
• IPv6 enabled applications and the TCP/UDP IPv6 enabled applications and the TCP/UDP transport protocols run on both IP versionstransport protocols run on both IP versions
IPv6IPv4
TCP
IPv6 enabled app
IPv6 in IPv4 TunnellingIPv6 in IPv4 Tunnelling
• Mechanism of encapsulating IPv6 packets Mechanism of encapsulating IPv6 packets within IPv4within IPv4– So that they can be carried across IPv4 So that they can be carried across IPv4
routing infrastructuresrouting infrastructures
• Tunnelling process:Tunnelling process:– EncapsulationEncapsulation– DecapsulationDecapsulation– Tunnel configuration informationTunnel configuration information
IPv4 Header IPv6 Packet
IPv6 Packet
IPv6 in IPv4 TunnelIPv6 in IPv4 Tunnel
• IPv6 Encapsulated Packet inside IPv4 HeaderIPv6 Encapsulated Packet inside IPv4 Header– IPv4 Protocol ID 41 (decimal)IPv4 Protocol ID 41 (decimal)
Source Host A
IPv4 B
IPv6 BData
Destination Host B
IPv6/v4
IPv6/v4 IPv4 only
Router R1 Router R2 IPv4 B
IPv6 B
Data
IPv6 B
Data
IPv4Network
IPv6 only
IPv6 IPv4
Automatic Tunnel (1)Automatic Tunnel (1)
Source Host A
IPv4 B
IPv6 B
Data
IPv6/v4
Destination Host B
IPv6/v4
IPv4 only
Router R1 Router R2
IPv4Network
IPv4 only
Automatic Tunnel (2)Automatic Tunnel (2)
IPv6 B
Data
Source Host A
IPv4 R2
IPv6 BData
Destination Host B
IPv6/v4 IPv4/v6
Router R1 Router R2IPv6 B
Data
IPv4Network
IPv6 only IPv6 only
Configured TunnelConfigured Tunnel
Methods of communication Methods of communication between IPv4 and IPv6 nodesbetween IPv4 and IPv6 nodes
• SIIT (Stateless IP/ICMP Translator)SIIT (Stateless IP/ICMP Translator)– This proposal is stateless, and does packet-This proposal is stateless, and does packet-
by-packet translation, which eliminates the by-packet translation, which eliminates the single point of failuresingle point of failure
• NAT-PT (Network Address Translation – NAT-PT (Network Address Translation – Protocol Translation)Protocol Translation)– This proposal requires a stateful NAT serverThis proposal requires a stateful NAT server
• SOCKS64 (Socks-based IPv6/IPv4 SOCKS64 (Socks-based IPv6/IPv4 Gateway mechanism)Gateway mechanism)– This proposal requires socks client on the This proposal requires socks client on the
mobilemobile
Application - IssuesApplication - Issues
• Many IPv4 applicationsMany IPv4 applications– assume the IP host address is fixed 32 bitsassume the IP host address is fixed 32 bits
• IPv4 APIs make the IP Address visible to IPv4 APIs make the IP Address visible to an applicationan application– Some Applications make use of IP Addresses Some Applications make use of IP Addresses
for Indexing within the Applicationfor Indexing within the Application
Application - SolutionsApplication - Solutions
• Make No Code ChangesMake No Code Changes– Can only Access Nodes with IPv4 AddressesCan only Access Nodes with IPv4 Addresses
• For example using the IPv4 Part of the Hybrid StackFor example using the IPv4 Part of the Hybrid Stack
– Only use IPv4 featuresOnly use IPv4 features
• Change Code to use IPv6 APIChange Code to use IPv6 API– Can Access Hosts with IPv4 and IPv6 Can Access Hosts with IPv4 and IPv6
AddressesAddresses– Can exploit IPv6 featuresCan exploit IPv6 features
The riskThe risk
• If 3G is as successful as we believe it will If 3G is as successful as we believe it will be, what would happen if requests for be, what would happen if requests for addresses were denied.addresses were denied.
• Although there are still addresses left, Although there are still addresses left, they are very difficult to obtain.they are very difficult to obtain.
• It doesn’t seem logical to create a It doesn’t seem logical to create a standard that may never be deployable.standard that may never be deployable.
What should we do?What should we do?
• Clearly, IPv6 must be on our radar.Clearly, IPv6 must be on our radar.• 3GPP2 should create an ad-hoc group to 3GPP2 should create an ad-hoc group to
investigate the remaining issues with IPv6 investigate the remaining issues with IPv6 deployment.deployment.
• The outcome could require The outcome could require standardization work, that could be done standardization work, that could be done within the IETF.within the IETF.
SuggestionSuggestion
• One approach we could take is to support One approach we could take is to support an IPv6 core network, and maintain an IPv6 core network, and maintain support IPv4 mobiles.support IPv4 mobiles.
• This would reduce the pain of transition in This would reduce the pain of transition in the future.the future.
• If our request for IPv4 is denied, we can If our request for IPv4 is denied, we can still deploy IPv6 clients.still deploy IPv6 clients.
Why bother?Why bother?
• Renumbering will occur in the future, we Renumbering will occur in the future, we might as well get the networks ready for might as well get the networks ready for it.it.
• In moving towards IPv6, we would gain a In moving towards IPv6, we would gain a tremendous amount of support from the tremendous amount of support from the IETF.IETF.
• Since these networks do not exist today, Since these networks do not exist today, they are the ideal candidates for IPv6.they are the ideal candidates for IPv6.
..and what if we don’t?..and what if we don’t?
• Some networks, especially the European Some networks, especially the European and Asian networks will have great and Asian networks will have great difficulty in allocating IPv4 addresses.difficulty in allocating IPv4 addresses.
• If we don’t all move towards IPv6, we will If we don’t all move towards IPv6, we will have fragmented IPv4 and IPv6 networks, have fragmented IPv4 and IPv6 networks, which could complicate inter-domain which could complicate inter-domain roaming.roaming.
ConclusionConclusion
• IPv6 will occur.IPv6 will occur.• We need to be ready for it, and even be We need to be ready for it, and even be
pro-active.pro-active.• We should setup an ad-hoc group to We should setup an ad-hoc group to
study IPv6.study IPv6.• This would minimize risk should requests This would minimize risk should requests
for IPv4 addresses be denied.for IPv4 addresses be denied.