Presentation is loading. Please wait.

Presentation is loading. Please wait.

“IPv4 to IPv6 Transition”

Published byEthan Powers Modified over 8 years ago

Similar presentations

Presentation on theme: "“IPv4 to IPv6 Transition”"— Presentation transcript:

1 “IPv4 to IPv6 Transition”
Babu Ram Dawadi @IOE Pulchowk Campus 4/26/2017

2 Transition Mechanisms
Immediate migration to IPv6-only network is not possible IPv4 and IPv6 Coexists for long period of time. Some transition mechanisms have been standardized TUNNELING DUAL STACK & TRANSLATION (network address & protocol translation) Currently: IPv6 exists over IPv4 Islands Future: IPv4 exists over IPv6 Islands Finally IPv6-only Islands 4/26/2017

3 What is a tunnel? A tunnel identifies packets in a data stream
Identify by encapsulation (new header possibly new trailer) Identify by labeling. Entry into a tunnel gives the data stream different characteristics E.g., Privacy, authentication, different routing characteristics Security is not always the goal of the tunnel Also called virtual private networks (VPNs) in many situations

4 Tunneling Tunneling enables IPv6 hosts/routers to communicate with other IPv6 hosts/router over IPv4 network Tunneling encapsulates IPv6 datagrams within IPv4 packets 4/26/2017

5 Tunneling… IPv4/IPv6 hosts and routers can tunnel IPv6 datagram over regions of IPv4 routing topology by encapsulating them within IPv4 packets. Tunneling techniques are classified by the way the encapsulating node determines the address of the node at the end of the tunnel: Host-to-host Host-to-router Router-to-router Router-to-host In router-to-router and host-to-router tunneling methods, the IPv6 packet is tunneled to a router 4/26/2017

6 IPv6 over IPv4 Tunneling The IPv4 Protocol field is set to 41 to indicate an encapsulated IPv6 packet. The Source and Destination fields are set to IPv4 addresses of the tunnel endpoints. The tunnel endpoints are either manually configured as part of the tunnel interface or are automatically derived from the next-hop address of the matching route for the destination and the tunneling interface. 4/26/2017

7 Host-to-Host In the host-to-host tunneling configuration, an IPv6/IPv4 node that resides within an IPv4 infrastructure creates an IPv6 over IPv4 tunnel to reach another IPv6/IPv4 node that resides within the same IPv4 infrastructure. IPv6/IPv4 hosts that use ISATAP addresses to tunnel across an organization’s IPv4 infrastructure. IPv6/IPv4 hosts that use IPv4-compatible addresses to tunnel across an organization’s IPv4 infrastructure. 4/26/2017

8 Host-to-Router and Router-to-Host
In the host-to-router tunneling configuration, an IPv6/IPv4 node that resides within an IPv4 infrastructure creates an IPv6 over IPv4 tunnel to reach an IPv6/IPv4 router In the router-to-host tunneling configuration, an IPv6/IPv4 router creates an IPv6 over IPv4 tunnel across an IPv4 infrastructure to reach an IPv6/IPv4 node Figure below shows host-to-router (for traffic traveling from Node A to Node B) and router-to-host (for traffic traveling from Node B to Node A) tunneling. 4/26/2017

9 Router to Router Tunneling
In the router-to-router tunneling configuration, two IPv6/IPv4 routers connect two IPv6-capable infrastructures over an IPv4 infrastructure The IPv6 over IPv4 tunnel between the two routers acts as a single hop. For each IPv6/IPv4 router, there is a tunnel interface representing the IPv6 over IPv4 tunnel and routes that use the tunnel interface 4/26/2017

10 Tunneling (Contd…) Configured Tunneling Automatic Tunneling
Tunnel end point address must be determined from configuration in the encapsulating node Automatic Tunneling Tunnel End Points address is determined by IPv4 compatible Destination address (0::IPv4-address) The packet being processed on the router will be redirected if the destination IPv6 address is an IPv4 compatible address and automatic tunneling is then used 4/26/2017

11 IPv4 Compatible IPv6 Address Format
Automatic Tunneling The nodes performing automatic tunneling are assigned an IPv4 compatible address. This sort of address is identified by a 96 bit prefix consisting only of zeros and an IPv4 address in the low-order 32 bits IPv4 Compatible IPv6 Address Format When the packet is being processed in the router, it is redirected if the destination IPv6 address is an IPv4 compatible address, and automatic tunneling is then used If the destination address is a native IPv6 address, automatic tunneling cannot be used. 96-bits 32-bits 0:0:0:0:0:0 IPv4 Address 4/26/2017

12 Packet from Host A  Host B
Automatic Tunneling 6to4, 6over4 and ISATAP are examples of automatic Tunneling Description Source Address Destination Address Packet from Host A  Host B Src=IPv6 Dst=0::IPv4 of B Tunnel from Router  Host B Src=IPv4 Dst=IPv4 Tunnel from Host B  Router Packet from Host B  Host A Src=0::IPv4 of B Dst=IPv6 4/26/2017

13 6to4 Tunneling 6to4 is a mechanism for IPv6 sites to communicate with each other over the IPv4 network without explicit tunnel set-up A relay router is a 6to4 router configured to support transit routing between 6to4 addresses and native IPv6 addresses. The IANA permanently assigned one IPv6 address prefix for “6to4”. It is 2002::/16. The “6to4” prefix 2002::/16 can be prepended to a host or router’s globally-unique 32-bit IPv4 address (<IPv4-Addr>) to form a 48-bit “6to4” prefix 2002:<IPv4-Addr> 4/26/2017

14 6to4 Tunn.. In all scenarios the 6to4 router advertises the prefix 2002:IPv4::/48 to the local net 6to4 is an efficient method for routing between 6to4 networks, but may be inefficient between native IPv6 networks and 6to4 networks 4/26/2017

15 ISATAP Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) is designed to provide connectivity between IPv6 nodes within an IPv4 network that does not have an IPv6 router in the site It uses IPv4 infrastructure and automatic IPv6-in-IPv4 tunneling The ISATAP address has a standard 64 bit IPv6 prefix, which can be link-local, unique local, a 6to4 prefix, or belongs to the global unicast range The interface identifier is :5EFE (32 bits), FE tells that this address contains an IPv4 embedded address. This gives us the ISATAP address format: prefix: 0:5EFE:IPv4 address 4/26/2017

16 ISATAP IPv6 hosts can also communicate with hosts on a native IPv6 network or with hosts on other IPv4 subnets Configuring a border router does this; it can be a 6to4 gateway or an ISATAP router The ISATAP router acts as a default router for the ISATAP hosts 4/26/2017

17 DUAL-STACK Dual-stack node has complete support for both IPv4 & IPv6
In communication with IPv6 host, it acts like IPv6 only node and to communicate with IP4 only host, it acts like IPv4 only node. Three mode of operation: IPv6-stack, IPv4-stack & Dual-stack 4/26/2017

18 DSTM: Dual Stack Transition Mechanism
DSTM is an IPv4 to IPv6 transition proposal based on the use of IPv4 over IPv6 dynamic tunnels and the temporary allocation of IPv4 global addresses to Dual-Stack hosts DSTM is intended for IPv6-only networks in which hosts still need to exchange information with other IPv4 hosts or applications DSTM benefits IPv4 applications are run over an IPv6-only network. Network administration is simplified: only IPv6 is routed inside the domain. Need of IPv4 global addresses are reduced: Hosts are given a global IPv4 address on a temporary basis only when an application requires it. 4/26/2017

19 DSTM: configuration A Dual-stack host in an IPv6-only network wishing to communicate using IPv4; A DSTM server who administrates the IPv4 addresses pool and A DSTM gateway in charge of encapsulation and decapsulation of IPv4 over IPv6 packets. In the architecture required for DSTM, only C needs to have direct IPv4 connectivity and a permanent IPv4 address. 4/26/2017

20 Tunnel Broker Tunnel broker with the dedicated servers to manage automatic tunnel request form end users Tunnel broker is the point where users connects to register and activate tunnels 4/26/2017

21 Tunnel Broker… Tunnel broker clients are the dual stack nodes where TB and clients have to share pre-configured or automatically established security association. TB Share load of network tunnel end points with several tunnel servers by sending configuration orders to relevant tunnel server whenever a tunnel has to be created. Communication between the broker and the servers can take place with IPv4 or IPv6. A tunnel server is a dual stack router connected to the internet 4/26/2017

22 Translation Main goal is to provide transparent routing for nodes in IPv6 to communicate nodes in IPv4. Translate IPv6 packets into IPv4 packets & vice-versa It offer transition mechanism in addition to tunneling/dual-stack. Network Address Translation-Protocol Translation (NAT-PT) is the technique widely been used to overcome the limitation of IPv4 address. IP, TCP, UDP, ICMP header s/messages are translated 4/26/2017

23 Translation… Category
Stateless IP/ICMP Translation (SIIT) & Network Address translator Protocol Translator NAT-PT allows IPv6 only host to talk to IPv4 only hosts and vice versa IPv4 NAT=> Translate one IPv4 address to Another IPv4 address Here NAT refers to translation of IPv4 address to IPv6 and Vice-Versa. Provides routing between IPv4 and IPv6 address realms All NAT-PT configurations are performed on router and hence no changes are made to hosts. 4/26/2017

24 Protocol Translation Translating IPv4 headers to IPv6 headers
Source address: The low-order 32 bits is the IPv4 source address. The high-order 96 bits is the designated PREFIX for all v4 communications. Addresses using this PREFIX will be routed to the NAT-PT gateway PREFIX::/96). Destination address: NAT-PT retains a mapping between the IPv4 destination address and the IPv6 address of the destination node. The IPv4 destination address is replaced by the IPv6 address retained in that mapping. 4/26/2017

25 Protocol Translation Translating IPv6 headers to IPv4 headers
Source address: The NAT-PT retains a mapping between the IPv6 source address and an IPv4 address from the pool of IPv4 addresses available. The IPv6 source address is replaced by the IPv4 address retained in that mapping. Destination address: IPv6 packets that are translated have a destination address of the form PREFIX::IPv4/96. Thus the low-order 32 bits of the IPv6 destination address is copied to the IPv4 destination address. 4/26/2017

26 4/26/2017

27 How NAT-PT works ? IPv6 Host A IPv4 Host B Translation 2-packet
/24 1-packet Src: 2001:d30:119::2 Dst: prefix:: Translation 2-packet Src: Dst: 3-packet Src: Dst: 4-packet Src: prefix:: Dst: 2001:d30:119::2 How NAT-PT works ? To communicate with IPv4 node, NAT-PT generate fake IPv6 address of IPv4 node by appending IPv4 address of destination to the 96-bits prefix. The prefix is supplied on the configuration The fake address can be generated using Application Level gateway Program: Trick-Or-Treat Daemon (DNS-ALG) 4/26/2017

28 DNS-ALG for NAT-PT: Trick Or Treat Daemon
TOTD is a small DNS proxy name server which supports IPv6 and enable IPv6 only sites to access IPv4 sites by using some translation mechanism such as NAT-PT It is a IPv6 DNS proxy which receive DNS queries from clients and forward it to a normal DNS server If the reachable normal DNS server is IPv4 only, TOTD must be configured with dual stack mechanism otherwise for IPv6 reachable DNS server, it can be configured for IPv6 only server 4/26/2017

29 TOTD.. Events made when client make a request to TOTD server
Request an AAAA/A6 records: when a client request an AAAA/A6 record, the TOTD server simply forward the request to the client only if the requested record exists otherwise an A record is requested to normal DNS server and TOTD will receive an answer in IPv4 which will be translated into IPv6 address by adding certain PREFIX to the IPv4 address and forwards it to the client. PTR lookup: when a client tries a PTR lookup, TOTD simply proxies the look up only if the PTR lookup is using normal global IPv6 address. Otherwise if the PTR lookup is using converted IPv6 address, TOTD will convert the address back to IPv4 and the PTR lookup result will be forwarded to the requested client. Other request: other queries will be always ignored and the reply is simply forwarded to the client without modification. 4/26/2017

30 TOTD TOTD generates the fake IPv6 address by appending IPv4 address with IPv6/64 prefix. The prefix is configured with TOTD configuration 4/26/2017

31 NAT-PT & DNS-ALG test TOTD: a DNS-ALG which is an IPv6 DNS proxy
Generates fake IPv6 address of IPv4 only node. A combinational test with NAT-PT, DNS, DNS-ALG has been proposed. Totd Server DNS-ALG NAT PT Client IPv6 Only Normal DNS Server Internet IPv4/IPv6 IPv6 Only IPv4/IPv6 4/26/2017

32 NA-PT,DNS &TOTD [root@tu-soi ~]# cat /etc/totd.conf
forwarder ::1 port 5353 forwarder 2001:d30:101:1::11 port 53 forwarder 2001:d30:102:1000::1001 port 53 prefix 2001:d30:101:624:: NA-PT,DNS &TOTD Users-IPv6 only TOTD Server Issues a DNS query to ask for the IP address of Forward the DNS query DNS Reply DNS Server NAT-PT 2001:D30:101:624:: CA46:5B06 Destination 2001:D30:101:624 ::CA46:5B06 Ioe.edu.np IPv4 only 1 2 3 4 5 6 7 ~]# ping6 PING 56 data bytes 64 bytes from 2001:d30:101:624::ca46:5b06: icmp_seq=0 ttl=44 time=2126 ms 64 bytes from 2001:d30:101:624::ca46:5b06: icmp_seq=1 ttl=47 time=2153 ms

33 NAT-PT, DNS, DNS-ALG, SQUID
IPv6-SQUID: To reduce the processing overhead in NAT-PT Users-IPv6 only TOTD Server DNS Server NAT-PT Ioe.edu.np IPv4 only Others Proxy Server Server DNS Queries and Replies HTTP Traffic

34 IPv4 Only web accessed via IPv6-only Node
~]# tail -f /var/log/squid/access.log :d30:119:0:b091:e66d:22b:dca0 TCP_MISS/ GET - PARENT_HIT/2001:d30:101:1::5 text/css :d30:119:0:b091:e66d:22b:dca0 TCP_MISS/ GET - DEFAULT_PARENT/2001:d30:101:1::5 text/html :d30:119:0:b091:e66d:22b:dca0 TCP_MISS/ GET - PARENT_HIT/2001:d30:101:1::5 text/css Address [2001:d30:119::2] port 3128 IPv4 Only web accessed via IPv6-only Node

35 IPv4 Mail Server accessed via IPv6-only Node

36 Comparison Mechanisms Remarks Tunneling:
Can communicate with remote IPv6 network without supporting IPv6 in ISP network Loads on the router (consumes time & CPU power for encapsulation and dcapsulation) MTU size issue and fragmentation problems Dual-Stack: easy to use and can communicate with both hosts Two separate protocols running over single machine consumes CPU power and memory firewall protection for both protocols (burden) Don’t solve the problem of IPv4 address exhaustion Translation: Does not support Advanced IPv6 feature Easy to implement, single border router acting as NAT-PT IPv6 hosts can directly communicate with IPv4 hosts Independent of Hosts Encourage for transition to IPv6 network 4/26/2017

37 Concluding Remarks Migration to IPv6 network should be done as soon as possible due to IPv4 address inadequacy. IPv6-Network is ready to implement, Though all the applications are not ready with IPv6 like what is available in IPv4. More researches are needed for IPv6 compatible application implementation. Upgrading current network to IPv6 seems difficult, so needs to upgrade by creating IPv6-only sub-network. 4/26/2017

38 Conclusion (Contd…) Currently Tunneling/Dual-Stack seems better because IPv4 network is dominant but NAT-PT is the better approach when IPv6 become dominant. Awareness & Training regarding the implementation is necessary in Nepal from the root by implementing IPv6 from academic research network 4/26/2017

39 Conclusion (Contd…) The current status of IPv4/IPv6 shows that the world will have IPv6-only network beyond 2030 4/26/2017

40 Deployment Challenges and Risk
For the Government Policy Issues Political Issues Cost of overall transition (cost of HW/SW/Training) Lack of Human Resources Private sectors Economical Issues-Cost of Migration (cost of HW/SW/Training) Service Related Issues Quality and Reliability of Service after Migration Level of Trust National Polices Meets with Global Standards 4/26/2017

41 Thank You! 4/26/2017

Download ppt "“IPv4 to IPv6 Transition”"

Similar presentations

1 IPv6 and IPv4 Interoperation and Transition Tony Hain co-chair IETF ngtrans WG

1 IPv6 and IPv4 Interoperation and Transition Tony Hain co-chair IETF ngtrans WG
NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.

NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.
Introduction to IPv6 Network & Application Passakon Prathombutr Next Generation Internet (NGI) National Electronics and Computer Technology Center.

Introduction to IPv6 Network & Application Passakon Prathombutr Next Generation Internet (NGI) National Electronics and Computer Technology Center.
IPv4 - IPv6 Integration and Coexistence Strategies Warakorn Sae-Tang Network Specialist Professional Service Department A Subsidiary.

IPv4 - IPv6 Integration and Coexistence Strategies Warakorn Sae-Tang Network Specialist Professional Service Department A Subsidiary.
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
December 5, 2007 CS-622 IPv6: The Next Generation 1 IPv6 The Next Generation Saroj Patil Nadine Sundquist Chuck Short CS622-F2007 University of Colorado,

December 5, 2007 CS-622 IPv6: The Next Generation 1 IPv6 The Next Generation Saroj Patil Nadine Sundquist Chuck Short CS622-F2007 University of Colorado,
IPv6 – IPv4 Network Address, Port & Protocol Translation & Multithreaded DNS Gateway Navpreet Singh, Abhinav Singh, Udit Gupta, Vinay Bajpai, Toshu Malhotra.

IPv6 – IPv4 Network Address, Port & Protocol Translation & Multithreaded DNS Gateway Navpreet Singh, Abhinav Singh, Udit Gupta, Vinay Bajpai, Toshu Malhotra.
Project by: Palak Baid (pb2358) Gaurav Pandey (gip2103) Guided by: Jong Yul Kim.

Project by: Palak Baid (pb2358) Gaurav Pandey (gip2103) Guided by: Jong Yul Kim.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.
Implementing IPv6 Module B 8: Implementing IPv6

Implementing IPv6 Module B 8: Implementing IPv6
© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—7-1 Address Space Management Transitioning to IPv6.

© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—7-1 Address Space Management Transitioning to IPv6.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.
1 Teredo - Tunneling IPv6 through NATs Date: 2003-10-31 Speaker: Quincy Wu National Chiao Tung University.

1 Teredo - Tunneling IPv6 through NATs Date: Speaker: Quincy Wu National Chiao Tung University.
IPv4 & IPv6 Coexistence & Migration Joe Zhao SW2 Great China R&D Center ZyXEL Communications, Inc.

IPv4 & IPv6 Coexistence & Migration Joe Zhao SW2 Great China R&D Center ZyXEL Communications, Inc.
Enabling IPv6 in Corporate Intranet Networks

Enabling IPv6 in Corporate Intranet Networks
17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.

17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.

1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.
IP Version 6 Next generation IP Prof. P Venkataram ECE Dept. IISc.

IP Version 6 Next generation IP Prof. P Venkataram ECE Dept. IISc.
Understanding Internet Protocol

Understanding Internet Protocol

Similar presentations

Ads by Google