ipv6 working

8/10/2019 Ipv6 Working

1/35

Jeff Schwab


2/35

Dont

Panic!


3/35

February 3, 2011

IANA (Internet Assigned Numbers Authority)hands out the last 5 available /8 address pools to

ARIN, LACNIC, AFRINIC, RIPE, and APNIC Over the next several months these pools will be

exhausted

After that, requests will be queued until addresses

are returned to the pool


4/35

Address space exhaustion first discussed in theearly 1990s!

Three competing proposals:

64 bit SIPP (Simple Internet Protocol Plus) 128 bit SIPP

Variable length address TUBA (ISO based)

In 1994, at Toronto meeting IETF announcedplans to use 128 bit SIPP


5/35

2128 = 3.40282367 * 1038

Assuming one address per cubic meter, thisgives us a sphere just short of the orbit of

Neptune Certainly, this will be enough

After all, a PC only needs 64K of memory


6/35

IPv4 addresses are usually represented as: Four period separated decimals (0-255)

128.210.11.1

Stored in DNS A records IPv6 addresses are usually represented as:

Eight colon separated hex numbers (0-FFFF)

2001:18E8:0800:F4FF:0000:0000:0000:0001

Stored in DNS AAAA records Any one group of consecutive zeros can be replaced

by ::

2001:18E8:800:F4FF::1


7/35

Basic Format

Host Part

Manually configured

Mapped from EUI-48 (MAC address)

Mapped rom EUI-64 (Infiniband/Firewire) Concerns about privacy/tracking if MAC address is

used


8/35

Many different proposals floated

Two early favorites

1) Provider based addressing

13 bits at top level (8192 top level routes)

Severely limits number of Tier-1 providers

Good for routing table

2) Geographic addressing Good for routing and aggregation

Requires more cooperation among providers thanwe can ever expect


9/35

Provider/entity based addressing

Provider part comes from regional registry(ARIN, etc.)

End sites customarily receive a /48

Residential users will get less But we still may be able to get rid of NAT


10/35

Providers can actually get more than a /32

Almost any large enterprise can receive a /32

The current definition of enterprise is rather

loosely interpreted


11/35

ARIN allocated 2001:18E8::/32 to the IndianaGigapop

Indiana Gigapop allocated 2001:18E8:0800/44 toPurdue University

Purdue University allocated 2001:18E8:0800/48 tothe West Lafayette campus

Initially, West Lafayette campus can allocate 65,536subnets with 264potential hosts on each


12/35

Multicast

Start with ff00::/8

Scoping rules used to limit propagation

Anycast Highest 128 interface addresses on a subnet

Broadcast

Gone. Can use scoped multicast instead


13/35

IPv6 Packet Headers

Fixed length header to simplify processing

IPv4 headers had variable length due to options


14/35

Hop Limit Analogous to IPv4 TTL

Next Header Type of Extension header

(Layer 3 or Layer 4) can be chained Payload Length Number of octets (unless

jumbo extension header follows)


15/35

Replace (and augment) IPv4 options

Source routing

Authentication

Encryption

Layer-4 protocols

TCP, UDP, ICMP


16/35

TCP and UDP

Bit for bit the same as with IPv4

ICMP

Slightly modified, all IPv4 functionality is there Includes some old IGMP (multicast) functionality

Adds functions for neighbor/router discovery

ARP Gone!

Functionality merged into ICMP


17/35

RIP

Still there

OSPF

Parallel to IPv4, but two do not interact

BGP

Can support both IPv4 and IPv6 in same session


18/35

Static Manual Configuration

Router gateway, network address/mask, DNS

Just like today only numbers are larger

More typing

Two Network based options

SLAAC

DHCPv6


19/35

StateLess Automatic Address Configuration

IPv6 Plug and Play

Uses ICMP to find router and local network

Host part of address comes from MAC address

Some OSs (Windows) randomize this for privacy

But Privacy addresses may break firewalls

But No DNS info No generally accepted extensions for DNS


20/35

Works similarly to DHCP for IPv4

DHCPv6 servers now available

But Currently not implemented by Apple


21/35

Routers and switches will need to support IPv6

Most current generation hardware does IPv6 tosome extent.

Routing protocols are available for IPv6 Older hardware will need to be updated

May have enough time to work into LCR plan

Wireless is usually easy if just bridging


22/35

Firewalls and Load Balancers

Support for IPv6 mostly just starting

Some upgraded code for existing hardware

May require a forklift upgrade Beating up vendors can help


23/35


24/35

Server side

Many critical pieces already have IPv6 awareversions

Apache, Sendmail, Bind, MySQL Client side

Most services just rely on underlying OS support

Major browsers are IPv6 aware

Firefox, Opera, Safari


25/35

Many sites are enabling IPv6

Industry does not want to lose IPv6 clientelle

Facebook, Netflix, and Google are IPv6 ready

Google requires whitelisting currently


26/35

Eventually, IPv6 will be the only protocol

Probably after most of us are retired

Meanwhile, we need to work in both worlds

We will start with islands of IPv6 in an IPv4 world

Will transition to islands of IPv4 in an IPv6 world

Tunnels will evolve to carry traffic between theislands

Will need to support both protocols and formsof tunneling and NAT servers to support access


27/35

Host supports and talks to both IPv6 and IPv4

Cleanest answer

Future-proof

Generally transparent to end user

As long as everything is working correctly

Difficult to debug when things go wrong


28/35

Not enough address bits to be easy

DS-Lite Dual Stack Light

NAT based solution

Needs to play DNS tricks Rumored Comcast trial


29/35


30/35

NATs

Lots of NATs

Lots and lots and lots of NATs

Performance suffers

End to end applications fail


31/35

Lose access to overseas markets/clients

Lose access when travelling

New remote sites may not be able to get IPv4

space Eventually lose access to domestic

markets/clients


32/35

Unfunded Mandate

Replace as much hardware as possible in LCR

DO NOT buy any new hardware that isnt IPv6

ready Routers

Firewalls

Network Appliances

Pressure your vendors for software upgrades, etc. Engineering costs to set up new address scheme

Cost of running transitional appliances


33/35

Work IPv6 into hardware LCR

Prepare your networking infrastructure forIPv6

Your Internet presence (servers) will be mostpainful conversion

Printers and other internal only appliances are

lowest priority


34/35

Its the End of the World as We Know it

We cant ignore the problem

We have some time

Start experimenting!

World IPv6 Day June 8, 2011


35/35

Questions?

Comments?

Live Poultry?

Acknowledgements: Michael Lambert, Pittsburg Supercomputing Center

Internet2 IPv6 Working Group

ipv6 working

Documents