IPv6 - The Way Ahead Christian Huitema Architect Windows Networking & Communications

Agenda We must unleash the Internet We must unleash the Internet  New devices,  new P2P applications. There are blocking problems, today There are blocking problems, today IPv6 enables growth, and P2P. IPv6 enables growth, and P2P. Microsoft enables IPv6. Microsoft enables IPv6.

Trends – Computing devices Small form factor devices Small form factor devices  PDAs, Smart Phones, Web Pads Always On, Always connected Always On, Always connected Enable new and interesting usage scenarios Enable new and interesting usage scenarios

Trends - Applications Peer-to-Peer enables compelling scenarios Peer-to-Peer enables compelling scenarios  Require end to end connectivity  Blocked by Network Address Translators (NATs) Net attached Consumer Electronics and Gaming appliances emerging Net attached Consumer Electronics and Gaming appliances emerging Applications assuming always on connectivity, anywhere Applications assuming always on connectivity, anywhere  Voice, Video, Collaboration

Unleashing the Internet Internet access devices applications Services More bandwidth More demand More equipment

Key Problems Address Shortage Most promising applications are peer-to-peer Most promising applications are peer-to-peer Peer to Peer applications require: Peer to Peer applications require:  Addressability of each end point  Unconstrained inbound and outbound traffic  Direct communication between end points using multiple concurrent protocols NATs are evil NATs are evil  Block inbound traffic on listening ports  Constrain traffic to “understood” protocols  Create huge barrier to deployment of P2P applications

Key Problems Lack of Mobility Existing applications and networking protocols do not work with changing IP addresses Existing applications and networking protocols do not work with changing IP addresses  Applications do not “reconnect” when a new IP address appears  TCP drops session when IP address changes  IPSec hashes across IP addresses, changing address breaks the Security Association Mobile IPv4 solution is not deployable Mobile IPv4 solution is not deployable  Reliance on “Foreign Agent” is not realistic  NATs and Mobile IPv4? Just say NO

Key Problems Network Security Always On == Always attacked! Always On == Always attacked!  Consumers deploying NATs and Personal Firewalls  Enterprises deploying Network Firewalls NATs and Network Firewalls break end-to-end semantics NATs and Network Firewalls break end-to-end semantics  Barrier to deploying Peer to Peer applications  Barrier to deploying new protocols  Block end-to-end, authorized, tamper-proof, private communication No mechanisms for privacy at the network layer No mechanisms for privacy at the network layer  IP addresses expose information about the user No transparent way to restrict communication within network boundaries No transparent way to restrict communication within network boundaries

The Promise of IPv6 Enough addresses Enough addresses  20 networks per m 2 of Earth (2 per ft 2 )  Enough addresses for all new devices  Peer-to-peer applications “just work” True mobility True mobility  Global IPv6 addresses enable mobility  No reliance on Foreign Agents Better network layer security Better network layer security  IPSec delivers end-to-end security  Link/Site Local addresses allow partitioning  Anonymous addresses provide privacy

If IPv6 is so great, how come it is not there yet? Applications Applications  IPv6 compatible “sockets”, “cookies”, UI  Somewhat similar to Y2K Network Network  Need to ramp-up investment  No “push-button” transition networks applications

Start with tunnels Applications first! Applications first!  Don’t wait for the network  Make IPv6 available everywhere When IPv6 is not available, use tunnels! When IPv6 is not available, use tunnels!  Overlay IPv6 over IPv4 IPv4 IPv4 V6 V6 IPv6

IPv6 Migration End to End Connectivity: End to End Connectivity:  6to4: Automatic tunneling of IPv6 over IPv4  Derives IPv6 /48 network prefix from IPv4 global address  Teredo: Automatic tunneling of IPv6 over UDP/IPv4  Works through NAT, may be blocked by firewalls  ISATAP: Automatic tunneling of IPv6 over IPv4  For connecting IPv6 islands to IPv4 network in the enterprise  Enables gradual migration to IPv6 Applications: Applications:  Native sockets based applications need change  Checkv4 tool helps identify changes  Applications using high level programming paradigms are already IPv6 ready  E.g. RPC, DPlay etc. .NET Framework is IPv6-ready

Deploying IPv6 Recommended Strategies In the home In the home  Use native IPv6 if available  Or use 6to4 if global IPv4 address  Or use IPv6 over UDP if private IPv4 address In the enterprise In the enterprise  Use IPv6 ISP or 6to4 for external access  Use ISATAP while upgrading the network

What is Microsoft doing ? Building a complete IPv6 stack in Windows Building a complete IPv6 stack in Windows  Technology Preview stack in Win2000  Developer stack in Windows XP  Deployable stack in.NET Server & update for Windows XP  Windows CE.NET Supporting IPv6 with key applications protocols Supporting IPv6 with key applications protocols  File sharing, Web (IIS, IE), Games (DPlay), Peer to Peer platform, UPnP Building v4->v6 transition strategies Building v4->v6 transition strategies  Scenario focused tool-box

Call to Action IPv6 is here already!! IPv6 is here already!! Enable applications to use IPv6 now! Enable applications to use IPv6 now!  Use IPv6 stack in Windows XP,.Net Server  Take advantage of IPv6 for peer-to-peer Start deploying IPv6 now! Start deploying IPv6 now!  ISP: 6to4 relays, Teredo relays & servers  Enterprises: 6to4, ISATAP Support IPv6 in your products Support IPv6 in your products Join us to move the world to a simple ubiquitous network based on IPv6

© 2002 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.