國家節(jié)能減排政策全收錄及點(diǎn)評(píng)Titl.ppt

IPv6 Cisco Systems,Patrick Grossetete Cisco IOS IPv6 Product Manager ,Agenda,IPv6 Rationales IPng Protocols & Standards IPv6 Integration & Co-Existence Cisco IOS IPv6 roadmap IPv6 Deployment,A need for IPv6?,IETF IPv6 WG began in early 90s, to solve addressing growth issues, but CIDR, NAT, were developed IPv4 32 bits address = 4 billion hosts 40% of the IPv4 address space is still unallocated BUT IP is everywhere Data, Voice, Audio and Video integration is a Reality Regional Registries apply a strict allocation control Addressing scheme is not optimum as for any So, lets play with Numbers and focus on Applications,Why a larger address space is needed,Overall Internet traffic is still growing at 400%/year worldwide 320 million users in 2000, 550 million by 2005 Emerging population/geopolitical & Address space China, India, Japan, Korea needs global IP addresses How to move to e-Economy without Global Internet access? 405 million mobile phone users in 2000, over 1 billion by 2005 UMTS Release 5 is Internet Mobility, 1/3 of 1B should get connected 1 Billion cars in 2010, 15% should get GPS and Yellow Page services Billion of new Internet appliances for Home users Always-On,Explosion of New Internet Appliances,Coming Back to an End-to-End Architecture,Global Addressing Realm,New Technologies/Applications for Home Users Always-onCable, DSL, Ethernethome, Wireless,Internet started with End to End connectivity for any applications Today, NAT and Application-Layer Gateways connecting disparate networks Always-on Devices Need an Address When You Call Them, eg. - Mobile Phones - Gaming - Residential Voice over IP gateway,IPv6 Markets,Academic NRN: now Internet-II (Abilene, vBNS+), Canarie*3, Renater-II, Surfnet, DFN, CERNET, 6REN/6TAP Geographies & Politics: Now Prime Minister of Japan called for IPv6 (taxes reduction) EEC summit PR advertised IPv6 as the way to go for Europe President Clinton signed an Executive Memorandum on 3G Wireless (PDA, Mobile, Car,.): now-to-2004 Multiple phases before deployment RFP - Integration - trial - commercial Requires client devices, eg. IPv6 handset ?,IPv6 Markets,Home Networking: CY2002-2003 Set-top box/Cable/xDSL/EtherHome Residential Voice over IP gateway Gaming (10B$ market): 2001-2003 Sony, Sega, Nintendo, Microsoft Consumer PC: H2 CY 2001-2003 Enterprise: H2 CY 2001-2003 Requires Microsoft IPv6 support, as well as other O.S. & Applications Service Providers: Now Regional ISP, Carriers, Mobile ISP, and Greenfield ISPs,Integration of IPv6 Services,The Ubiquitous Internet,Large Address Space,Auto-Configuration,Enhanced Mobility,IPv6 Addresses Bootstrap phase,Where to get address space? Real IPv6 address space now allocated by APNIC, ARIN and RIPE NCC APNIC 2001:0200:/23 ARIN 2001:0400:/23 RIPE NCC 2001:0600:/23 6Bone 3FFE:/16 Have a look at /ipv6 for more information,IPv6 Address Space Current Allocations,APNIC () CONNECT-AU-19990916 2001:210:/35 WIDE-JP-19990813 2001:200:/35 NUS-SG-19990827 2001:208:/35 KIX-KR-19991006 2001:220:/35 ETRI-KRNIC-KR-19991124 2001:230:/35 NTT-JP-19990922 2001:218:/35 HINET-TW-20000208 2001:238:/35 IIJ-JPNIC-JP-20000308 2001:240:/35 CERNET-CN-20000426 2001:250:/35 INFOWEB-JPNIC-JP-2000502 2001:258:/35 JENS-JP-19991027 2001:228:/35 BIGLOBE-JPNIC-JP-20000719 2001:260:/35 6DION-JPNIC-JP-20000829 2001:268:/35 DACOM-BORANET-20000908 2001:270:/35 ODN-JPNIC-JP-20000915 2001:278:/35 KOLNET-KRNIC-KR-20000927 2001:280:/35 HANANET-KRNIC-KR-20001030 2001:290:/35 TANET-TWNIC-TW-20001006 2001:288:/35,January 5th, 2001,SONYTELECOM-JPNIC-JP-20001207 2001:298:/35 TTNET-JPNIC-JP-20001208 2001:2A0:/35 CCCN-JPNIC-JP-20001228 2001:02A8:/35 IMNET-JPNIC-JP-20000314 2001:0248:/35 KORNET-KRNIC-KR-20010102 2001:02B0:/35 ARIN () ESNET-V6 2001:0400:/35 ARIN-001 2001:0400:/23 VBNS-IPV6 2001:0408:/35 CANET3-IPV6 2001:0410:/35 VRIO-IPV6-0 2001:0418:/35 CISCO-IPV6-1 2001:0420:/35 QWEST-IPV6-1 2001:0428:/35 DEFENSENET 2001:0430:/35 ABOVENET-IPV6 2001:0438:/35 SPRINT-V6 2001:0440:/35 UNAM-IPV6 2001:0448:/35 GBLX-V6 2001:0450:/35,IPv6 Address Space Current Allocations,RIPE () UK-BT-19990903 2001:0618:/35 CH-SWITCH-19990903 2001:0620:/35 AT-ACONET-19990920 2001:0628:/35 UK-JANET-19991019 2001:0630:/35 DE-DFN-19991102 2001:0638:/35 NL-SURFNET-19990819 2001:0610:/35 RU-FREENET-19991115 2001:0640:/35 GR-GRNET-19991208 2001:0648:/35 EU-UUNET-19990810 2001:0600:/35 DE-TRMD-20000317 2001:0658:/35 FR-RENATER-20000321 2001:0660:/35,EU-EUNET-20000403 2001:0670:/35 DE-IPF-20000426 2001:0678:/35 DE-NACAMAR-20000403 2001:0668:/35 DE-XLINK-20000510 2001:0680:/35 DE-ECRC-19991223 2001:0650:/35 FR-TELECOM-20000623 2001:0688:/35 PT-RCCN-20000623 2001:0690:/35 SE-SWIPNET-20000828 2001:0698:/35 PL-ICM-20000905 2001:06A0:/35 DE-SPACE-19990812 2001:0608:/35 BE-BELNET-20001101 2001:06A8:/35 SE-SUNET-20001218 2001:06B0:/35 IT-CSELT-20001221 2001:06B8:/35 SE-TELIANET-20010102 2001:06C0:/35,Agenda,IPv6 Rationales IPv6 Protocols & Standards IPv6 Integration & Co-Existence Cisco IOS IPv6 roadmap IPv6 Deployment,IPv6 - So whats really changed ?!,Defined by RFC 2460 Address length quadrupled to 16 bytes Fixed length (Optional headers daisy-chained) No checksumming (Done by Link Layer) No hop-by-hop segmentation (Path MTU discovery) Flow label/class (Integrated QoS support) Concatenated extension headers,IPv4 Header,IPv6 Header,IHL,Type of Service,Options,Total Length,Identification,Flags,Fragment Offset,Protocol,Header Checksum,Source Address,Destination Address,Padding,Traffic Class,Flow Label,Payload Length,Next Header,Hop Limit,Source Address,Destination Address,Version,Time to Live,Version,IPv6 Main Features/Functionality,Expanded Address Space Header Format Simplification Auto-configuration and Multi-Homing Mobile IP without triangular routing Class of Service/Multimedia support Authentication and Privacy Capabilities No more broadcast Multicast IPv4 IPv6 Transition Strategy,IPv6 Addressing,IPv6 Addressing rules are covered by multiples RFCs Architecture defined by RFC 2373 Address Types are : Unicast : One to One (Global, Link local, Site local, Compatible) Anycast : One to Nearest (Allocated from Unicast) Multicast : One to Many Reserved A single interface may be assigned multiple IPv6 addresses of any type (unicast, anycast, multicast) No Broadcast Address - Use Multicast,IPv6 Addressing,Prefix Format (PF) Allocation PF = 0000 0000 : Reserved PF = 0000 001 : Reserved for OSI NSAP Allocation (see RFC 1888) PF = 0000 010 : Was reserved for IPX Allocation (no use) PF = 001 : Aggregatable Global Unicast Address PF = 1111 1110 10 : Link Local Use Addresses PF = 1111 1110 11 : Site Local Use Addresses PF = 1111 1111 : Multicast Addresses Other values are currently Unassigned (approx. 7/8th of total) All Prefix Formats have to have EUI-64 bits Interface ID But Multicast,Text Representation of IPv6 Addresses,“preferred” form: 1080:0:FF:0:8:800:200C:417A compressed form: FF01:0:0:0:0:0:0:43 becomes FF01:43 IPv4-compatible: 0:0:0:0:0:0: or : RFC 2732: Preferred format for literal IPv6 address in URL,Global Unicast Addresses (RFC 2374),Aggregatable Global Unicast Format - RFC2374 Address hierarchy matches Internet Service Provider hierarchy Terminology: FP - Format Prefix: Unicast (001), Multicast, Anycast TLA - Top Level Aggregator Global ISP NLA - Next Level Aggregator ISP SLA - Site Level Aggregator “Customer” Interface ID - Host,Link-local addresses for use during auto-configuration and when no routers are present: Site-local addresses for independence from changes of TLA / NLA*:,Link-Local & Site-Local Unicast Addresses,Multicast Addresses (RFC 2375),low-order flag indicates permanent / transient group; three other flags reserved scope field: 1 - node local 2 - link-local 5 - site-local 8 - organization-local B - community-local E - global (all other values reserved),4,112 bits,8,group ID,scope,flags,11111111,4,IPv6 Addressing Examples,Global unicast address(es) is : 2001:420:101:1:E0:F726:4E58, subnet is 2001:420:101:1:0/64 link-local address is FE80:E0:F726:4E58 Unspecified Address is 0:0:0:0:0:0:0:0 or : Loopback Address is 0:0:0:0:0:0:0:1 or :1 Group Addresses (Multicast), ie: FF02:9 for RIPv6 Joined group address(es): FF02:0:0:0:0:1:FF:xxxx (solicited Node Multicast) Unicast : 4037:01:800:200E:8C6C is FF02:1:FF0E:8C6C,more on IPv6 Addressing,Bootstrap process - RFC2450 Definitions: TLA - special TLA 0x0001 subTLA - Top Level Aggregator Transit ISP NLA - Next Level Aggregator ISP SLA - Site Level Aggregator “Customer” Interface ID - Host,IPv6 Addresses Bootstrap phase,IPv6 Addresses Bootstrap phase,Minimum assignment to ISP is a /35 ISP creates own NLA boundary - or - ISP assigns /48 SLAs to each customer 16 bits for subnetworks 65536 subnetworks per site 64 bits for hosts 18446744073710 million hosts per subnetwork!,IPv6 Addresses Bootstrap phase,subTLA holder ISP allocates SLAs to end-customers subTLA holder ISP creates its own NLA boundary for customer ISPs,IPv6 Header Options (RFC 2460),Processed only by node identified in IPv6 Destination Address field = much lower overhead than IPv4 options exception: Hop-by-Hop Options header Eliminated IPv4s 40-octet limit on options in IPv6, limit is total packet size, or Path MTU in some cases,IPv6 Header Options (RFC2460),Currently defined Headers should appear in the following order : IPv6 header Hop-by-Hop Options header Destination Options header Routing header Fragment header Authentication header (RFC 1826) Encapsulating Security Payload header (RFC 1827) Destination Options header upper-layer header,MTU Issues,minimum link MTU for IPv6 is 1280 octets (versus 68 octets for IPv4) = on links with MTU 1280, link-specific fragmentation and reassembly must be used implementations are expected to perform path MTU discovery to send packets bigger than 1280 minimal implementation can omit PMTU discovery as long as all packets kept 1280 octets a Hop-by-Hop Option supports transmission of “jumbograms” with up to 232 octets of payload,Fragment Header,Though discouraged, can use IPv6 Fragment header to support upper layers that do not (yet) do path MTU discovery IPv6 frag. routers do not fragment packets en-route if too bigthey send ICMP “packet too big” instead,Next Header,Original Packet Identifier,Next Header,Fragment Offset,0 0 M,Neighbour Discovery (RFC 2461),Protocol built on top of ICMPv6 (RFC 2463) combination of IPv4 protocols (ARP, ICMP,) Fully dynamic, interactive between Hosts & Routers defines 5 ICMPv6 packet types Router Solicitation / Router Advertisements Neighbor Solicitation / Neighbor Advertisements Redirect,Neighbour Discovery (RFC 2461),defined mechanisms between nodes attached on the same link Router discovery Prefix discovery Parameters discovery, ie: link MTU, hop limit, Address autoconfiguration Address Resolution (same function as ARP) Next-hop determination Neighbor Unreachability Detection (useful for default routers) Duplicate Address Detection Redirect,(Single Subnet Scope, Formed from Reserved Prefix and Link Layer Address),SUBNET PREFIX,IPv6 Auto-Configuration,Stateless (RFC2462) Host autonomously configures its own address Link local addressing i.e.: FE80:E0:F726:4E58 Stateful DHCPv6 Addressing lifetime Facilitates graceful renumbering Addresses defined as valid, deprecated or invalid,SUBNET PREFIX + MAC ADDRESS,SUBNET PREFIX + MAC ADDRESS,SUBNET PREFIX + MAC ADDRESS,SUBNET PREFIX + MAC ADDRESS,Serverless Autoconfiguration (“Plug-n-Play”),IPv6 Hosts can construct their own addresses: subnet prefix(es) learned from periodic multicast advertisements from neighboring router(s) interface IDs generated locally, e.g., using MAC addresses other IP-layer parameters also learned from router adverts (e.g., router addresses, recommended hop limit, etc.) higher-layer info (e.g., DNS server and NTP server addresses) discovered by multicast / anycast-based service-location protocol details still to be decided,Auto-Reconfiguration (“Renumbering”),New address prefixes can be introduced, and old ones withdrawn we assume some overlap period between old and new, i.e., no “flash cut-over” hosts learn prefix lifetimes and preferability from router advertisements old TCP connections can survive until end of overlap; new TCP connections can survive beyond overlap Router renumbering protocol, to allow domain-interior routers to learn of prefix introduction / withdrawal New DNS structure to facilitate prefix changes,Uses same “l(fā)ongest-prefix match” routing as IPv4 CIDR Key to scalable routinghierarchical addressing Assignment of production IPv6 Sub-TLA address prefixes obtainable from Registries (RIPE-NCC, APNIC, ARIN) since 1999 Existing routing protocols require extensions for IPv6 Neighbor discoverydynamic host router Can use Routing header with anycast addresses to route packets through particular regions e.g., for provider selection, policy, performance, etc.,IPv6 Routing,IPv6 Routing Protocols,Update to existing IPv4 routing protocols to handle bigger addresses RIPv6 (RFC 2080) - Similar to RIPv2 BGP4+ - Multi-Protocols Extensions defined in RFC 2283, 2545 Integrated IS-IS - Large Address support facilitates IPv6 address family. Draft-ietf-isis-ipv6-01. OSPF for IPv6 (RFC 2740) New protocol implementation IPv6 Multicast Routing PIM, MOSPF, MBGP have IPv6 extensions IPv6 Multicast has larger address space removing potential IP addresses collision,Mobile IPv6 Terminology,Internet,MN,HA,Access Router,Home Agent (HA) Mobile Node (MN) Care of Address (COA) Correspondent Node (CN),Overview of Mobile IPv6 Functionality,1. MN obtains IP address using stateless or stateful autoconfiguration 2. MN registers with HA 3. HA tunnels packets from CN to MN 4. MN sends packets from CN directly or via tunnel to HA,HA,1.,2.,MN,CN,4.,3.,Mobile IPv6,Plenty of addresses 2 for Mobile Hosts 2 for Mobile Networks No dependency on specialized access network functionality (Foreign Agent, DHCP) NAT/PT/ALGs needed during migration from IPv4 to IPv6 but decrease with time,What does it do for:,Security Nothing IP4 doesnt do - IPSec runs in both but IPv6 mandates IPSec QoS Nothing IP4 doesnt do - Differentiated and Integrated Services run in both So far, Flow label has no real use,IP Service,IPv4 Solution,IPv6 Solution,Mobile IP with Direct Routing,DHCP, ZeroConf,Mobile IP,PIM/Multicast BGP,IP Multicast,PIM/Multicast BGP, Scope Identifier,Mobility,Autoconfiguration,Serverless, ZeroConf, Renumbering, DHCP,IPv6 Technology Scope,32-bit, Network Address Translation,128-bit, NAT-PT,Addressing Range,Quality-of-Service,Differentiated Service, Integrated Service,Differentiated Service, Integrated Service,Security,IPSec Mandated,IPSec,IPv6 Standards Status,IPv6 documents are at various points in the standards process, core documents are done Document review for completeness, followed by issues or additional work. To know more about IPv6 specifications /html.charters/ipngwg-charter.html Main covered areas are : Architecture, Addressing, Routing, Security, Transition, DNS, Management, Discovery & Auto-Configuration, Mobility, Multicast, Applications API, .,IPv6 Current Status - Standardisation,Several key components now on Standards Track: Specification (RFC2460) Neighbour Discovery (RFC2461) ICMPv6 (RFC2463) IPv6 Addresses (RFC2373/4/5) RIP (RFC2080) BGP (RFC2545) IGMPv6 (RFC2710) OSPF (RFC2740) Router Alert (RFC2711) Jumbograms (RFC2675) Autoconfiguration (RFC2462) IPv6 over: PPP (RFC2023) Ethernet (RFC2464) FDDI (RFC2467) Token Ring (RFC2470) NBMA(RFC2491) ATM (RFC2492) Frame Relay (RFC2590) ARCnet (RFC2549),Agenda,IPv6 Rationales IPng Protocols & Standards IPv6 Integration & Co-Existence Cisco IOS IPv6 roadmap IPv6 Deployment,IPv4-IPv6 Co-Existence / Transition,A wide range of techniques have been identified and implemented, basically falling into three categories: (1) dual-stack techniques, to allow IPv4 and IPv6 to co-exist in the same devices and networks (2) tunneling techniques, to avoid order dependencies when upgrading hosts, routers, or regions (3) translation techniques, to allow IPv6-only devices to communicate with IPv4-only devices Expect all of these to be used, in combination,Dual-Stack Approach,When adding IPv6 to a system, do not delete IPv4 this multi-protocol approach is familiar and well-understood (e.g., for AppleTalk, IPX, etc.) note: in most cases, IPv6 will be bundled with new OS releases, not an extra-cost add-on Applications (or libraries) choose IP version to use when initiating, based on DNS response: if (dest has AAAA or A6 record) use IPv6, else use IPv4 when responding, based on version of initiating packet This allows indefinite co-existence of IPv4 and IPv6, and gradual, app-by-app upgrades to IPv6 usage,Tunnels to Get Through IPv6-Ignorant Routers / Switches,Encapsulate IPv6 packets inside IPv4 packets (or MPLS frames) any methods exist for establishing tunnels: manual configuration “tunnel brokers” (using web-based service to create a tunnel) “6-over-4” (intra-domain, using IPv4 multicast as virtual LAN) “6-to-4” (inter-domain, using IPv4 addr as IPv6 site prefix) Can view this as: IPv6 using IPv4 as a virtual link-layer, or an IPv6 VPN (virtual public network), over the IPv4 Internet (becoming “l(fā)ess virtual” over time, we hope),IPv6 Tunnelling,Configured tunnelsmanual point-2-point links Automatic tunnelsvia 6to4 mechanism 2002:/16 prefix Cisco instrumental in building existing tunneled IPv6 networks,Mobile Data Network,Service Provider IPv4 Backbone,IPv6 Tunnel,IPv6 Tunnel,IPv6 Tunnel,IPv6 Network,IPv6 Network,IPv6 Header,Transport Layer Header,IPv4 Header,IPv6 Header,Transport Layer Header,Data,Data,Translation,May prefer to use IPv6-IPv4 protocol translation for: new kinds o