The nuts and bolts of IPv6

Transcript

1. None

2. The nuts and bolts of IPv6 Tom Isaacson Navico @parsley72

3. None
4. None

5. Transmission Control Protocol (TCP) • "A Protocol for Packet Network

   Intercommunication” by Vint Cerf and Bob Kahn – May 1974 • Combination of TCP (Transport, layer 4) and IP (Network, layer 3) • Handshaking, requires acknowledgement • Point to point

6. Internet Protocol (IP) • TCP v1 – December 1974 (RFC

   675) • TCP v2 – March 1977 • Jon Postel suggested the protocol be split in August 1977 (IEN 2) • TCP v3 and IP v3 – February 1978 • IP v4 – September 1981 (RFC 791) • IP v5 – Experimental, abandoned.

7. IPv4 addressing • 32 bits • Decimal, 4 lots of

   3 digits separated by dots: – 192.168.0.1 • Following slash indicates a subnet mask • Private networks: Name Address Range CIDR block 24-bit block 10.0.0.0 – 10.255.255.255 10.0.0.0/8 20-bit block 172.16.0.0 – 172.31.255.255 172.16.0.0/12 16-bit block 192.168.0.0 – 192.168.255.255 192.168.0.0/16

8. User Datagram Protocol (UDP) • Defined in 1980 (RFC 768)

   • No handshaking, no acknowledgement

9. Broadcast • Defined in October 1984 (RFC 1919) • Allows

   UDP packets to be sent to all receivers • Used for service discovery, IPTV, etc.

10. localhost • Defined in November 1986 (RFC 6761) • 127.0.0.0/8

    • 16,777,214 addresses

11. Domain Name System (DNS) • ARPANET had a file called

    HOSTS.TXT at Stanford which operators took copies of. • Defined in November 1983 (RFC 882, 883) • Use nslookup for test: – nslookup orionhealth.com – ping 8.8.8.8 – nslookup orionhealth.com 8.8.8.8

12. Dynamic Host Configuration Protocol (DHCP) • Defined in October 1993

    (RFC 1531) • Small changes in March 1997 (RFC 2131)

13. Multicast • Defined in March 2000? (RFC 5771) • Uses

    the IPv4 address range: – 224.0.0.0/4 • Allows the listener to choose whether to connect and receive multicast packets

14. Link-Local Addresses • Defined in May 2005? (RFC 3927) •

    Uses IPv4 range: – 169.254.1.0 through 169.254.254.255 • RFC 3297 warns against simultaneous use of IPv4 addresses of different scope. Search for a DHCP server before assigning link-local address. • Usually 30 seconds or 1 minute delay.

15. Internet Group Management Protocol (IGMP) Snooping • Defined in May

    2006 (RFC 4541) • Stops multicast being transmitted on Wifi unless a listener has requested it • Bug in earlier versions of Android, some devices still not fixed

16. IPv4 address exhaustion • Classless Inter-Domain Routing (CIDR), 1993 •

    Network Address Translation (NAT), 1996 • Top-level exhaustion was on 31st Jan 2011 – Reclamation of unused IPv4 space – Markets in IP addresses • MS Azure’s use of non-US IPv4 address space in US regions

17. IPv6

18. IPv6 addressing • 128 bits rather than 32 bits •

    In hex, 8 lots of 4 digits separated by colons: 2001:0DA8:E800:0000:0260:3EFF:FE47:0001 • Skip leading zeros: 2001:DA8:E800:0:260:3EFF:FE47:1 • Double colon: 2001:DA8:E800::260:3EFF:FE47:1 • URL: [2001:DA8:E800::260:3EFF:FE47:1]

19. IPv6 changes • Doesn’t replace IPv4 – can be run

    alongside it. • No broadcast • No subnets • Simultaneous usage of addresses of different scope is encouraged.

20. IPv6 localhost • ::1

21. IPv6 Link-Local Addresses • Always assigned immediately • Uses range

    fe80::/10. Next 54 bits set to 0. • Lower 64 bits can be generated from MAC address (EUI-48) by inserting 0xFFFE between Vendor ID and Serial No (to make EUI-64): – Wireless MAC address: 24-77-03-5C-5A-F4 – Vendor ID = 247703 (Intel), Serial No = 5c5af4 – ff80:0000:0000:0000:2477:03ff:fe5c:5af4 – ff80::2477:03ff:fe5c:5af4 • Uses Duplicate Address Detection (DAD) • For security can also be randomly generated

22. IPv6 DNS • nslookup -query=AAAA orionhealth.com • nslookup -query=AAAA google.com

    – Address: 2404:6800:4006:806::1008 – http://[2404:6800:4006:806::1008]

23. IPv6 Multicast • Have the prefix ff00::/8 • Well-known multicast

    addresses: Address Description ff02::1 All nodes on the local network ff02::2 All routers on the local network ff02::1:2 All DHCP servers and relay agents on the local network ff0x::c Simple Service Discovery Protocol (SSDP) ff0x::fb Multicast DNS (Bonjour) ff0x::101 Network Time Protocol

24. Multicast Listener Discovery (MLD) • Defined in RFC 3810 and

    RFC 4604 • Similar idea to IGMP Snooping but applied to switches • Requires level 3 (Network) switch - Router

25. IPv6 DHCP (Stateful)

26. Stateless Address Auto Configuration (SLAAC) • All devices create their

    own Link-Local IP address • Send a multicast Router Solicitation to ff02::2 (All routers) • Router responds with Router Advertisement default gateway and prefixes to use for global or site local addresses. • Router doesn’t manage pool of addresses.

27. IPv6 Support • Supported by all major operating systems: –

    Linux 2.1.8 (November 1996) – Windows XP – OS X 10.1 (Puma) – iOS 4.1 – Windows Phone 8 – Android 5.0 (Lollipop)

28. Are we ready? • Daily Mail story actually about old

    routers • The network nightmare that ate my week – Network issues caused by bad network drivers, lack of layer 3 switches and immature IPv6 support in network software. • Current Status of IPv6 Support for Networking Applications – Big list of networking apps with details of IPv6 support and state of testing.

29. IPv6 – What will the future bring? • CloudFlare –

    Introducing Universal SSL – Added SSL support for every customer by using IPv6. – Original implementation of SSL encrypted the host header, so one certificate per IP address. – Impossible to do with IPv4 because they only have a finite number of IP addresses.