KOM 15032: Arsitektur Jaringan Terkini

advertisement
KOM 15032:
Arsitektur Jaringan Terkini
Bab 2. Pengalamatan IPv6
Course Goal

Memahami konsep dasar pengalamatan IPv6

Mengerti konsep transisi IPv4 ke IPv6
IP Addressing


How many IP address?

IPv4: 2^32 = 4.3 * 109 (Billion)

IPv6: 2^128 = 3.4 * 1038 (Undecillion)
When was IP address standarized?

IPv4 in 1981 (RFC 791)

IPv6 in 1995 (RFC 1883) refined in 1998 (RFC 2460)
o
As early as 1990, IETF started to work on IPng, solving IPv4 address
shortage issue
o
IETF initiated the standard in 1994
o
Why not IPv5?
Major Goal of IPv6

Support billion of hosts

Reduce the size of the routing table

Simplify the protocol

Provide better security (authentication & privacy)

Pay more attention in QoS

High-bandwidth multimedia and fault tolerance applications
(multicast)

Allowing a host to roam without changing its address

Allow the protocol to evolve in future

Permit old and new protocols to coexist for years
Do We Need Larger IP Address Space?
What is the Problem with IPv4?

Rapid increase of the size of routing tables


More than 450.000 entries in the Internet
It was predicted that IPv4 will exhaust by 2008

Theoritical limit  4 billion devices

Practical limit  250 million devices
How to Reduce IPv4 Address Depletion


Classless Inter Domain Routing (CIDR)
Network Address Translation (NAT)
CIDR


Advantages:

IP addressing scheme that replaces the older system based on classes A, B, and C. A
single IP address can be used to designate many unique IP addresses

CIDR can reduce the number of routing table entries
Disadvantages:

Greater complexity

Many unused IP address
NAT

Assign private addresses to the internal systems

Router translate the addresses
NAT (cont.)

Popular on Dial-up, SOHO, and VPN

Save IPv4 address from exhausted

Lost of the end-to-end model

Asymmetric identifier
NAT Drawbacks


NAT breaks end-to-end communication

Routers monitors the communication

Routers changes the data
NAT breaks bi-directional communication

Hosts with global address can’t initiate the communication to the hosts with
private address
Why 128 bit then?

Room for many levels of structured hierarchy and routing
aggegation

Easier address management and delegation than IPv4

Easy address auto-comfiguration

Ability to deploy end-to-end IPsec
What’s Good About IPv6

Larger address space


128 bit  3.4 * 10^38
Re-design to solve the current problem such as:

Efficient and hierarchial addressing and routing

Security

Auto-configuration

Plug & play

Better support for QoS

Extensibility
Is IPv6 really good?

IPv6 can’t easily solve (same as IPv4)

Security

Multicast

Mobile

QoS
IPv6 Addressing
00101010000100100011010001011100
00000000000000000000000000000000
00000000011110000000100110101011
00001100000011011110000011110000
A 128 bit value that representing an interface on the network
IPv6 Address Notation
2A12:345C:0:0:78:9AB:C0D:E0F0
IPv6 Address Notation (cont.)
Eight blocks of 16 bits in hexadecimal separated by colons (:)
2A12:345C:0:0:78:9AB:C0D:E0F0
00101010000100100011010001011100
00000000000000000000000000000000
00000000011110000000100110101011
00001100000011011110000011110000
IPv6 Address Notation (cont.)
Eight blocks of 16 bits in hexadecimal separated by colons (:)
2A12:345C:0:0:78:9AB:C0D:E0F0
00101010000100100011010001011100
00000000000000000000000000000000
00000000011110000000100110101011
00001100000011011110000011110000
IPv6 Address Notation (cont.)
Eight blocks of 16 bits in hexadecimal separated by colons (:)
2A12:345C:0:0:78:9AB:C0D:E0F0
00101010000100100011010001011100
00000000000000000000000000000000
00000000011110000000100110101011
00001100000011011110000011110000
IPv6 Address Notation (cont.)
Eight blocks of 16 bits in hexadecimal separated by colons (:)
2A12:345C:0:0:78:9AB:C0D:E0F0
00101010000100100011010001011100
00000000000000000000000000000000
00000000011110000000100110101011
00001100000011011110000011110000
IPv6 Address Notation (cont.)

Blocks of 0 may be shortened with double colon (::) , but only one ::
is allowed
1234:5678:90AB::5678:0:CDEF
1234:5678:90AB:0:0:5678::CDEF
1234:5678:90AB::5678::CDEF
IPv6 Address Space Notation
<prefix>/<prefix-length>
1234:5678::/48
1234:5678:9ABC:DEF::/64
IPv6 Address Type

Unicast



Single interface
Multicast

Set of interfaces

Packets delivered to all interfaces
Anycast

Set of interfaces

Packets delivered to one (the nearest) interface
Address Type Identification
Global Aggregatable Unicast Address
Format

TLA ID
Top-level aggregation identifier

RES
Reserved for future use

NLA ID
Next-level aggregation identifier

SLA ID
Site-level aggregation identifier

Interface ID Interface identifier
An Interface’s Unicast Address
A link’s prefix length is always 64 bit
Allocationg IPv6 Address Space
2001:df0:ba::/48
16 bits for link’s network prefixes = 65k
Interface Identifier

Interface ID  manual or automatic

Automatic  modified EUI-64 of MAC address

Complement 2nd LSB of 1st byte

Insert 0xfffe between 3rd and 4th bytes

MAC  00-12-34-56-78-9a

Interface ID  212:34ff:fe56:789a
Link-local Address Format
fe80::<Interface-ID>

KAME style
fe80:<Interface-ID>%<ifname>
fe80::212:34ff:fe56:789a%fxp0
Multicast Address Format
Flags:
Scope:
LSB = 0 well-known multicast address
1 interface-link scope
LSB = 1 temporary/transient multicast address
2 link-local scope
5 site-local scope
8 organization-local scope
E global scope
Multicast Address Example

ff02::2


Well-known address, link-local scope
Ff18::100

Temporary address, organization-local scope
A Node’s Address

Loopback Address

Link-local Address for each interface

Additional Unicast and Anycast Addresses

All-Nodes Multicast Addresses (ff02::1)

Solicited-Node Multicast Addresses

Multicast Addresses of groups it joined
A Router’s Address

A Node’s Address

Subnet-Router Anycast Addresses

All other Anycast Addresses

All-Router Multicast Addresses (ff02::2)
IPv4 vs IPv6 Header
What are Missing from IPv4 in IPv6?

Fragmentation/Reassembly


Header checksum


IPv6 doesn’t allow for freagmentation/reassembly
Transport layer and data link layer have handle it
Options

Fixed-length 40 byte IP header

No longer a part of standard IP header

But, there is next header
Transition from IPv4 to IPv6

Generally, there are 3 approaches for transitioning to IPv6:
1.
Dual-stack (running both IPv4 and IPv6 on the same device)

2.
Tunneling (transporting IPv6 traffic through an IPv4 network transparently)

3.
To allow IPv4 and IPv6 to co-exist in the same devices and networks
To avoid dependencies when upgrading hosts, routers, or regions
Translation (converting IPv6 traffic to IPv4 traffic for transport and vice versa)

To allow IPv6-only devices to communicate with IPv4-only devices
Dual-Stack Approach

Dual-stack node means:

Both IPv4 and IPv6 stacks enabled

Applications can talk to both

Choice of the IP version is based on name lookup and application preference
Dual-Stack Approach (cont.)

A system running dual-stack, an application with IPv4 and IPv6 enabled will:

Ask the DNS for an IPv6 address (AAAA record)

If that exists, IPv6 transport will be used

If it doesn’t exist, it will then ask the DNS for an IPv4 address (A record) and use IPv4
transport instead
Tunneling Approach


Manually configured

Manual tunnel (RFC 4213)

GRE (RFC 2473)
Semi-automated


Tunnel broker
Automatic

6to4 (RFC 3056)

6rd

ISATAP (RFC 4214)

TEREDO (RFC 4380)
Translation Approach

Techniques:

NAT-PT  require Application Layer Gateway (ALG) functionality that converts
Domain Name System (DNS) mappings between protocols (not really in use, since
NAT64 came)

NAT64  combined with DNS64
Download