Notes for IPv6 Terrance Lee. Transition Mechanisms for IPv6 Hosts and Routers (RFC 2893)

Slides:



Advertisements
Similar presentations
Introduction to IPv6 Presented by: Minal Mishra. Agenda IP Network Addressing IP Network Addressing Classful IP addressing Classful IP addressing Techniques.
Advertisements

Introduction to IPv6 Network & Application Passakon Prathombutr Next Generation Internet (NGI) National Electronics and Computer Technology Center.
IPv4 - IPv6 Integration and Coexistence Strategies Warakorn Sae-Tang Network Specialist Professional Service Department A Subsidiary.
CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv IPv6.
1 IPv6. 2 Problem: 32-bit address space will be completely allocated by Solution: Design a new IP with a larger address space, called the IP version.
CE363 Data Communications & Networking Chapter 7 Network Layer: Internet Protocol.
IPv6 Victor T. Norman.
IPv4 - The Internet Protocol Version 4
Chapter 22 IPv6 (Based on material from Markus Hidell, KTH)
CS 457 – Lecture 16 Global Internet - BGP Spring 2012.
1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.
Network Layer IPv6 Slides were original prepared by Dr. Tatsuya Suda.
IP Version 6 Next generation IP Prof. P Venkataram ECE Dept. IISc.
CSE 461: IP/ICMP and the Network Layer. Next Topic  Focus:  How do we build large networks?  Introduction to the Network layer  Internetworks  Service.
2: Comparing IPv4 and IPv6 Rick Graziani Cabrillo College
Chapter 20 Network Layer: Internet Protocol Stephen Kim 20.1.
IP Version 6 (IPv6) Dr. Adil Yousif. Why IPv6?  Deficiency of IPv4  Address space exhaustion  New types of service  Integration  Multicast  Quality.
1 IPv6 Packet Format. 2 Objectives IPv6 vs IPv4 IPv6 Packet Format IPv6 fields IPv6 and data-link technologies.
Chapter 5 The Network Layer.
Transition Mechanisms for Ipv6 Hosts and Routers RFC2893 By Michael Pfeiffer.
IP/ICMP Translation Algorithm (IIT) Xing Li, Congxiao Bao, Fred Baker
CS 6401 IPv6 Outline Background Structure Deployment.
1 IPv6 Address Management Rajiv Kumar. 2 Lecture Overview Introduction to IP Address Management Rationale for IPv6 IPv6 Addressing IPv6 Policies & Procedures.
資 管 Lee Lesson 11 Coexistence and Migration. 資 管 Lee Lesson Objectives Coexistence and migration overview Coexistence mechanisms ◦ Dual Stack ◦ Tunneling.
Network Layer4-1 NAT: Network Address Translation local network (e.g., home network) /24 rest of.
© Janice Regan, CMPT 128, CMPT 371 Data Communications and Networking Network Layer ICMP and fragmentation.
CSE 8343 Group 3 Advanced OS Inter Operability Between IPv4 and IPv6 Team Members Aman Preet Singh Rohit Singh Nipun Aggarwal Chirag Shah Eugene Novak.
Coexistence and Migration
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public BSCI Module 8 Lessons 1 and 2 1 BSCI Module 8 Lessons 1 and 2 Introducing IPv6 and Defining.
Basic Transition Mechanisms for IPv6 Hosts and Routers -RFC 4213 Kai-Po Yang
Fall 2005Computer Networks20-1 Chapter 20. Network Layer Protocols: ARP, IPv4, ICMPv4, IPv6, and ICMPv ARP 20.2 IP 20.3 ICMP 20.4 IPv6.
1 IP : Internet Protocol Computer Network System Sirak Kaewjamnong.
Chapter 81 Internet Protocol (IP) Our greatest glory is not in never failing, but in rising up every time we fail. - Ralph Waldo Emerson.
IPv6 Routing Milo Liu SW2 R&D ZyXEL Communications, Inc.
1 Network Layer Lecture 16 Imran Ahmed University of Management & Technology.
1 RFC Transmission of IPv6 Packets over IEEE Networks Speaker: Li-Wen Chen Date:
CSC 600 Internetworking with TCP/IP Unit 7: IPv6 (ch. 33) Dr. Cheer-Sun Yang Spring 2001.
Transport Layer3-1 Chapter 4: Network Layer r 4. 1 Introduction r 4.2 Virtual circuit and datagram networks r 4.3 What’s inside a router r 4.4 IP: Internet.
Network Layer4-1 Datagram networks r no call setup at network layer r routers: no state about end-to-end connections m no network-level concept of “connection”
1 Requirements for Internet Routers (Gateways) and Hosts Relates to Lab 3. (Supplement) Covers the compliance requirements of Internet routers and hosts.
W&L Page 1 CCNA CCNA Training 3.4 Describe the technological requirements for running IPv6 in conjunction with IPv4 Jose Luis Flores /
ICMPv6 Error Message Types Informational Message Types.
Bjorn Landfeldt, The University of Sydney 1 NETS 3303 IPv6 and migration methods.
1 Lecture 13 IPsec Internet Protocol Security CIS CIS 5357 Network Security.
© Janice Regan, CMPT 128, CMPT 371 Data Communications and Networking Network Layer NAT, IPv6.
1 Computer Communication & Networks Lecture 19 Network Layer: IP and Address Mapping Waleed Ejaz.
“IPv4 to IPv6 Transition”
Data Communications and Computer Networks Chapter 4 CS 3830 Lecture 19 Omar Meqdadi Department of Computer Science and Software Engineering University.
1 Internetworking: IP Packet Switching Reading: (except Implementation; pp )
1 Objectives Identify the basic components of a network Describe the features of Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6)
1 IPv6: Packet Structures Dr. Rocky K. C. Chang 29 January, 2002.
Network Layer Protocols COMP 3270 Computer Networks Computing Science Thompson Rivers University.
1 COMP 431 Internet Services & Protocols The IP Internet Protocol Jasleen Kaur April 21, 2016.
IPv6 Security Issues Georgios Koutepas, NTUA IPv6 Technology and Advanced Services Oct.19, 2004.
Lecture 13 IP V4 & IP V6. Figure Protocols at network layer.
Network Layer/IP Protocols 1. Outline IP Datagram (IPv4) NAT Connection less and connection oriented service 2.
Next Generation: Internet Protocol, Version 6 (IPv6) RFC 2460
The New Internet Protocol
The New Internet Protocol
CS 457 – Lecture 10 Internetworking and IP
Lecture#5 IPV6 Addressing
Guide to TCP/IP Fourth Edition
IP : Internet Protocol Surasak Sanguanpong
Net 323 D: Networks Protocols
Chapter 15. Internet Protocol
Chapter 4 Network Layer Computer Networking: A Top Down Approach 5th edition. Jim Kurose, Keith Ross Addison-Wesley, April Network Layer.
ITIS 6167/8167: Network and Information Security
Chapter 4: outline 4.1 Overview of Network layer data plane
Presentation transcript:

Notes for IPv6 Terrance Lee

Transition Mechanisms for IPv6 Hosts and Routers (RFC 2893)

Purpose and Approaches Interoperation of an IPv4/IPv6 node with another IPv4/IPv6 node or an IPv4-only node Dual Stacks Configured Tunneling Host-to-Router, Router-to-Router Automatic Tunneling IPv4-Compatible IPv6 Addr. (::v4addr) Host-to-Host, Router-to-Host

Techniques Used in Transition Configured Tunneling IPv4 tunnel endpoint addr is determined by configuration information Automatic Tunneling IPv4 tunnel endpoint addr is determined from the IPv4-compatible destination addr IPv4 Multicast Tunneling IPv4 tunnel endpoint addr is determined using Neighbor Discovery

Check Packet Length for Tunneling (1/2) If (IPv4 path MTU – 20) <= 1280 if packet length > 1280 bytes send IPv6 ICMP “packet too long” with MTU = 1280; Drop packet else Encapsulate; don’t set Don’t Fragment flag in the IPv4 header endif

Check Packet Length for Tunneling (2/2) Else if packet length > (IPv4 path MTU – 20) send IPv6 ICMP “packet too big” with MTU = (IPv4 path MTU – 20); Drop packet else Encapsulate and set the Don’t Fragment flag endif

IPv4 Header Construction (1/2) Version: 4 Header Length: 5 Type of Service: 0 (Might be changed) Total Length: Payload length from IPv6 header plus length of IPv6 and IPv4 headers Identification: Generated uniquely Flags: As specified before Fragment Offset: Set as necessary

IPv4 Header Construction (2/2) Time to Live: Implementation specific Protocol: 41 Header Checksum: Calculate the checksum Source Address: IPv4 address of encapsulating node Destination Address: IPv4 address of tunnel endpoint

Configured Tunneling The tunnel endpoint addr is determined from configuration information IPv6/IPv4 hosts that are connected to datalinks with no IPv6 routers MAY use a default configured tunnel to reach an IPv6 router.

Automatic Tunneling Operation Perform automatic tunneling if the destination IPv6 addr is IPv4-compatible with prefix 0:0:0:0:0:0/96 The automatic tunneling module MUST NOT send to IPv4 broadcast or multicast destinations

Ingress Filtering Invalid IPv6 addresses after de-capsulation multicast, broadcast, :: , :: IPv6 link-local address for an IPv4 virtual interface: FE80::/64 || Interface Identifier Link-local addresses are used by the routing protocols operating over the tunnels Interface Identifier = 0:0:0:0:v4addr Need ingress filter for packet filtering

Transmission of IPv6 over IPv4 Domains without Explicit Tunnels (6over4) (RFC 2529)

Purpose and Approaches Specifies frame format of IPv6 packets and the method of forming IPv6 link-local addresses over IPv4 multicast domains Specifies contents of Source/Target Link-Layer Address option used in Router Solicitation, Router Advertisement, Neighbor Solicitation, Neighbor Advertisement, Redirect messgaes Uses IPv4 multicast as a “virtual Ethernet”

Motivation Allow isolated IPv6 hosts to become fully functional IPv6 hosts by using an IPv4 domain that supports IPv4 multicast as their virtual local link Does not require IPv4-compatible addr or configured tunnels Known as “6over4” or “virtual Ethernet”

Maximum Transmission Unit The default MTU for IPv6 packets on an IPv4 domain is 1480 octets. MTU may be varied by a Router Advertisement containing an MTU option or by manual configuration The IPv4 DF bit MUST NOT be set if the IPv6 MTU proves to be too larger for some intermediate IPv4 subnets

Frame Format Protocol type = 41 (IPv6 packets tunneled inside IPv4 frames) for outer IPv4 header If there are IPv4 options, then padding should be added to the IPv4 header such that the IPv6 header starts on a boundary that is a 32-bit offset from the end of the datalink header Recommended default TTL = 8

Link Local Address Prefix: FE80::/64 Link Local Address: FE80::0:0:V4ADDR The “Universal/Local” bit is zero (i.e., the Interface Identifier is not globally unique)

Address Mapping – Unicast (1/2) RFC 2461 “Neighbor Discovery for IP Version 6” describes the procedure for mapping IPv6 addr into IPv4 virtual link- layer addr TypeLengthZerosIPv4 Address

Address Mapping – Unicast (2/2) Type: 1 for Source Link-Layer addr 2 for Target Link-Layer addr Length: 1 (in units of 8 octets) IPv4 Address: The 32 bit IPv4 addr in network byte order

Address Mapping – Multicast (1/2) IPv4 multicast must be available An IPv6 multicast destination addr DST MUST be transmitted to the IPv4 multicast addr of Organization-Local Scope taken from the block /16

Address Mapping – Multicast (2/2) DST 14, DST 15: Last two bytes of IPv6 multicast addr OLS: Configured Organization-Local Scope addr block. Should be OLSDST14DST15

Transition Issues A site may choose to start its IPv6 transition by configuring one IPv6 router to support “6over4” on an interface connected to the site’s IPv4 domain, and another IPv6 format on an interface connected to the IPv6 Internet. During transition, routers may need to advertise at least two IPv6 prefixes, one for the native LAN (e.g., Ethernet) and one for “6over4”.

Connection of IPv6 Domains via IPv4 Clouds (6to4) (RFC 2893)

Purpose and Approaches Interoperation of IPv6 sites over the IPv4 network without explicit tunnel setup Communication of isolated IPv6 sites with native IPv6 domains via relay router Treats the wide area IPv4 network as a unicast point-to-point link layer The site needs a globally unique IPv4 addr Can coexist with Firewall and NAT

Terminologies (1/2) 6to4 pseudo interface: 6to4 encapsulation point 6to4 prefix: 2002::/16 (The site addr prefix: 2002:V4ADDR::/48) 6to4 router: An IPv6 router supporting a 6to4 pseudo interface 6to4 site: A site running IPv6 internally using 6to4 addresses

Terminologies (2/2) Relay router: A 6to4 router configured to support transit routing between 6to4 addresses and native IPv6 addresses 6to4 exterior routing domain: a routing domain interconnecting a set of 6to4 routers and relay routers. It is distinct from an IPv6’s interior routing domain and all native IPv6 exterior routing domains

Sending Rule for 6to4 Router (1/2) If the final destination is a 6to4 addr, it will be considered as the next hop If the final destination is not a 6to4 addr and is not local, the next hop indicated by routing will be the 6to4 addr of a relay router

Sending Rule for 6to4 Router (2/2) If the next hop IPv6 addr for an IPv6 packet does match the prefix 2002::/16, and does not match any prefix of the local site then apply any security checks encapsulate the packet in IPv4 with IPv4 dest addr = the NLA value V4ADDR extracted from the next hop IPv6 addr queue the packet for IPv4 forwarding

De-capsulation Rule For an incoming IPv4 packet with protocol type 41, a 6to4 router performs: Apply any security checks Remove the IPv4 header Submit the packet to local IPv6 routing

Stateless IP/ICMP Translation (SIIT) (FRC 2765)

Purpose and Approaches Interoperation of an IPv6-only node with an IPv4-only node IPv6 node somehow acquires an IPv4 addr. The temporary IPv4 addr. is used as an IPv4-translated IPv6 addr. Stateless IP/ICMP translation

Applicability and Limitation IPv6 node sees an IPv4-mapped addr. for the peer IPv6 node uses an IPv4-translatable addr. for its local addr. for that communication Only ESP transport mode (IPsec) is relatively easy to make work through a translator Does not work for multicast packets

Addresses IPv4-mapped: 0::ffff:a.b.c.d (refers to an IPv4 node) IPv4-compatible: 0::0:a.b.c.d (refers to automatic tunneling) IPv4-translated: 0::ffff:0:a.b.c.d (refers to an IPv6- enabled node) 0::ffff:0:0:0/ 96 is chosen to checksum to zero to avoid any changes to the transport protocol’s pseudo header checksum

Translating from IPv4 to IPv6 IPv4 Header Transport Layer Header Data IPv6 Header Fragment Header (Not always) Transport Layer Header Data

Translating IPv4 Headers to IPv6 Headers(1/5) Version: 6 Traffic Class: Always set to zero or, by default, copied from Type of Service and Precedence field Flow Label: 0 Payload Length: Total length value from IPv4 header, minus the size of the IPv4 header and IPv4 options, if present

Translating IPv4 Headers to IPv6 Headers(2/5) Next Header: protocol field copied from IPv4 header Hop Limit: TTL value copied from IPv4 header Source Address: low-order 32 bits: IPv4 source addr high-order 96 bits: ::ffff:0:0/96 (IPv4- mapped prefix)

Translating IPv4 Headers to IPv6 Headers(3/5) Destination Address: low-order 32 bits: IPv4 destination addr high-order 96 bits: 0::ffff:0:0:0/96 (IPv4-translated prefix) IPv4 options are ignored (not translated) Error if an un-expired source route option is present

Translating IPv4 Headers to IPv6 Headers(4/5) If a fragment header is needed (DF bit is not set or the packet is a fragment) IPv6 Fields Payload Length: Total length value from IPv4 header + 8 (fragment header) – IPv4 header length Next Header: Fragment Header (44)

Translating IPv4 Headers to IPv6 Headers(5/5) Fragment Header Fields –Next Header: Protocol field copied from IPv4 header –Fragment Offset: Fragment Offset copied from IPv4 header –M Flag: More Fragment bit copied from IPv4 header –Identification: Low-order 16 bits: copied from the ID field in the IPv4 header High-order 16 bits: set to zero

Translating UDP over IPv4 Un-fragmented UDP IPv4 packets Calculate the checksum if the checksum field is zero Fragmented UDP IPv4 packets First fragment: Drop the packet, generate a system management event Other fragments: Drop the packet

When to Translate Assume the translator knows the pool of IPv4 addresses that are used to represent internal IPv6-only nodes CPU translates ICMPv4 to ICMPv6

Translating from IPv6 to IPv4 IPv4 Header Transport Layer Header Data IPv6 Header Fragment Header (if present) Transport Layer Header Data

Translating IPv6 Headers into IPv4 Headers(1/6) Version: 4 Internet Header Length: 5 (no IPv4 options) Type of Service and Precedence: By default, copied from the Traffic Class (all 8 bits) or always set to zero Total Length: Payload Length value from IPv6 header + size of the IPv4 header

Translating IPv6 Headers to IPv4 Headers(2/6) Identification: All zero Flags: More Fragment = 0 Don’t Fragment = 1 Fragment Offset: All zero Time to Live: Hop Limit value copied from IPv6 header (Decrement TTL and check if zero after translation)

Translating IPv6 Headers into IPv4 Headers(3/6) Protocol: Next Header field copied from IPv6 header Header Checksum: Computed once the IPv4 header is created Source Address: If the IPv6 source addr is an IPv4-translated addr Use the low-order 32 bits for IPv4 addr else Set to (to avoid completely dropping)

Translating IPv6 Headers to IPv4 Headers(4/6) Destination Address: Low-order 32 bits of the IPv6 destination address IPv6 hop-by-hop options header, destination options header, or routing header (with Segments Left field equal to zero) are ignored with Total Length adjusted Routing header with a non-zero Segments Left field: Error

Translating IPv6 Headers to IPv4 Headers(5/6) IPv6 packets with Fragment header Total Length: Payload length value from IPv6 header – 8 (Fragment header) + size of IPv4 header Identification: Copy from the low-order 16 bits of the ID field in the Fragment header

Translating IPv6 Headers to IPv4 Headers(6/6) Flags: More Flag = M flag in the Fragment header Don’t Fragment Flag = 0 Fragment Offset: Copied from the Fragment Offset field in the Fragment header Protocol: Next Header field copied from Fragment header

When to Translate Receives an IPv6 packet with an IPv4- mapped destination address

Network Address Translation – Protocol Translation (NAT-PT) (RFC 2766)

Purpose and Approaches Interoperation of an IPv6-only node with an IPv4-only node Does not mandate dual stacks or tunneling Uses a pool of globally unique v4 addresses for assignment to v6 nodes on a dynamic basis Combines SIIT and NAT

Terminologies (1/2) NAT: translation of an IPv4 addr into an IPv6 addr and vice versa Traditional NAT-PT: allows hosts within a v6 network to access hosts in the v4 network. Sessions are unidirectional, outbound from the v6 network. (Two variations: Basic NAT-PT and NAPT-PT)

Terminologies (2/2) Bi-Directional NAT-PT: Sessions can be initiated from hosts in either v4 or v6 network. Protocol Translation (PT): Detailed in SIIT Application Level Gateway (ALG): An application specific agent that allows a v6 node to communicate with a v4 node and vice versa. Some applications carry network addresses in payloads. NAT-PT is application unaware.

Basic Traditional NAT-PT (1/2) Assume IPv6 Node A (FEDC:BA98::7654:3210) wants to communicate with IPv4 Node C ( ) Node A creates a packet with Src Addr: FEDC:BA98::7654:3210 Dst Addr: PREFIX:: (PREFIX::/96 is advertised in the stub domain by the NAT-PT and packets addressed to this PREFIX is routed to the NAT-PT)

Basic Traditional NAT-PT (2/2) For session initiation packet, an address (e.g., ) is allocated by the NAT-PT The packet is silently discarded if it is not a session initiation packet and there is no established state for the session

NAPT-PT Operation (1/4) Allow multiple v6 nodes to communicate with v4 nodes using a single v4 address Example IPv6 Node A creates a packet with Src Addr: FEDC:BA98::7654:3210 Src TCP Port: 3017 Dst Addr: PREFIX:: Dst TCP Port: 23

NAPT-PT Operation (2/4) At NAPT-PT box, translated into SA = , Src TCP Port = 1025 DA = , Dst TCP Port = 23 Inbound NAPT-PT sessions are restricted to one server per service assigned via static TCP/UDP port mapping. Example: IPv6 Node A may be the only HTTP server (port 80) in the v6 domain

NAPT-PT Operation (3/4) IPv4 Node C sends a packet SA = , Src TCP Port = 1025 DA = , Dst TCP Port = 80 At NAPT-PT box, translated into SA = PREFIX:: , Src TCP Port = 1025 DA = FEDC:BA98::7654:3210, Dst TCP Port = 80

NAPT-PT Operation (4/4) DNS queries and responses are processed by CPU Some static binding for v4 and v6 addresses

Translating IPv4 Headers to IPv6 Headers Same as in SIIT apart from SA : The low-order 32 bits = IPv4 SA. The high-order 96 bits = PREFIX DA: NAT-PT retains a mapping between the IPv4 destination addr and the IPv6 addr of the destination node

Translating IPv6 Headers to IPv4 Headers Same as in SIIT apart from SA: The NAT-PT retains a mapping between the IPv6 SA and an IPv4 address from the pool of IPv4 addresses DA: The low-order 32 bits of the IPv6 DA is copied to the IPv4 DA

TCP/UDP/ICMP Checksum Update from IPv4 to IPv6 (1/2) UDP checksums, when set to a non-zero value, and TCP checksum should be recalculated to reflect the addr change from v4 to v6 (Incremental adjustment is possible) In NAPT-PT, TCP/UDP checksum should be adjusted When the checksum of a v4 packet is set to zero, NAT-PT must evaluate the checksum in its entirety for the v6-translated packet

TCP/UDP/ICMP Checksum Update from IPv4 to IPv6 (2/2) Reassemble fragmented UDP packets with zero checksum before evaluate the checksum for the v6-translated packet ICMPv6 uses pseudo-header in checksum evaluation There might be source and destination address translations in payload of ICMP packets

TCP/UDP/ICMP Checksum Update from IPv6 to IPv4 TCP/UDP checksum should be recalculated to reflect the address change from v6 to v4 (Incremental adjustment is possible) For UDP packets, the checksum may optionally be changed to zero Remove the v6 pseudo header in checksum calculation of v4 ICMP header (Checksum adjustment algorithm is possible)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.