CIDRCIDR - NAIST Laboratory for Cyber Resilience · 2 0 10000 20000 30000 40000 50000 60000 70000...
Transcript of CIDRCIDR - NAIST Laboratory for Cyber Resilience · 2 0 10000 20000 30000 40000 50000 60000 70000...
1
I / 1
IPv6IPv6
I / 2
IPv4 IPv6
IPv6
ICMPv6
NDP
API
IPv6
I / 3
IPv4IPv4 IPv6IPv6
I / 4
–
–
– CIDR, , NAT
– IP IPv6
I / 5 I / 6
CIDRCIDR
Classless Inter-Domain Routing– RFC1519
IPv4
– CIDR
– IPng (=IPv6)
2
0
10000
20000
30000
40000
50000
60000
70000
80000
90000
Ju
n-8
8
Dec-8
8
Ju
n-8
9
Dec-8
9
Ju
n-9
0
Dec-9
0
Ju
n-9
1
Dec-9
1
Ju
n-9
2
Dec-9
2
Ju
n-9
3
Dec-9
3
Ju
n-9
4
Dec-9
4
Ju
n-9
5
Dec-9
5
Ju
n-9
6
Dec-9
6
Ju
n-9
7
Dec-9
7
Ju
n-9
8
Dec-9
8
Ju
n-9
9
Dec-9
9
Growth in BGP Route TableGrowth in BGP Route Table
Projected routing table
growth without CIDR/NAT
Deployment
Period of CIDR
Moore’s Law and NATs
make routing work today
Source: http//www.telstra.net/
ops/bgptable.html
But they cannot be
relied on forever
I / 8
133.201.2/24
I / 9
VLSM (Variable Length Subnet Mask)
(Super-Netting)
– < >
– (Best-Match)
SupernettingSupernetting
R1
R2 R3
<< Routing table in R3 >>
Destination next-hop
(1) 192.24.1.122 : R2
(2) 192.24.8.36 : R1
I / 11
DHCP ; Dynamic Host Configuration Protocol
NAT ; Network Address Translation
IP
I / 12
3
–
– TELNET
– IP
IP
–
–
3
I / 13
IANA
–
– 10.0.0.0 - 10.255.255.255
– 172.16.0.0 - 172.31.255.255
– 192.168.0.0 - 192.168.255.255
I / 14
NAT (Network Address Translation)NAT (Network Address Translation)
IP (src_IP)(src_port) IP
– (RFC1631)
1. Private Global
– DNS NAT IP
– (dst_IP)
– (src_IP, src_port)
2. Global Private
– (src_IP, src_port)
– (dst_IP)
I / 15
NAT gatewayNAT gateway
Global address
(Internet)
Private address
(LAN)
NAT router:
I / 16
- IPv4- IPv4 --
CIDR– IPv6
•
Private IP – IPv6
– NAT
DHCP
– IP
NAT
– IPv4
– Native IPv6
I / 17
IPIP
I / 18
IPng IPng
–
–
–
–
–
–
–
4
I / 19
IPngIPng
–
–
–
–
–
I / 20
IPngIPng
IP Next Generation
IPv4 IP
– 1991
– 1994 7
IPng IP
IETF
– Internet Engineering Task Force
– IAB(Internet Architecture Board) / IESG(InternetEngineering Steering Group)
–
–
– RFC Internet-draft
I / 21
IPngIPng (RFC1726)(RFC1726)
–
–
–
–
–
I / 22
IPngIPng (RFC1726)(RFC1726)
– 1012
– 109
–
–
– IPv4
( )
–
–
–
–
–
I / 23
IPng IPng
1991 IAB
1992 IPng
– TUBA(TCP and UDP over Bigger Address)
– CATNIP(Common Architecture for the Internet)
– SIPP(Simple Internet Protocol Plus)
1994 SIPP
1995 IPv6 RFC 1883: IPv6 Specification (1995/12)
1998 IPv6 RFC 2460: IPv6 Specification (1998/12)
2003
RFC 3513: IPv6 Address Architecture (2003/4)
2004
I / 24
IPv6IPv6
5
I / 25
IPv6IPv6 IPv4IPv4
– 128bit
• 32bit 4,294,967,296 (40 )
• 128bit 340,282,366,920,938,463,463,374,607,431,768,211,456
–
–
–
–
I / 26
IPv6IPv6 IPv4IPv4 (cont.)(cont.)
–
•
•
•
• IP
–
RouterHOST HOST
I / 27
IPv6IPv6 IPv4IPv4 (cont.)(cont.)
– ARP NDP
–
– IPsec
– IP
• MobileIPv6
• IPsec
• Explicit Multicast
I / 28
IPv6 - IPv6 -
– End-to-End
–
– MobileIP
– IPsec
–
–
I / 29 I / 30
IPv6 – IPv6
IPv6 – IPv6
IPv6 – IPv6 IPv6
–
6
I / 31
(cont.)(cont.)
(Neighbor)
–
IPv6 – IPv6 +
MTU
–
MTU– MTU
I / 32
(cont.)(cont.)
–
IPv6
–
– IPv4 IPv6
I / 33 I / 34
IPv6 IPv6
128bit 16
4 :
– 3ffe:501:100c:e320:2e0:18ff:fe98:936d
0
– 3ffe:0501:100c:e320:0000:0000:0000:0001 3ffe:501:100c:e320::0001
I / 35
IPv6 IPv6
ID – ( 64bit)
•
– ID ( 64bit)
• EUI-64
• Ethernet MAC
I / 36
IPv6 IPv6 (cont.)(cont.)
Interface ID
64bit 64bit
Network Prefix
IPv6 : 2001:218:1800::/48IPv4 : 45.0.0.0/8
(subnet …)2001:218:1800:e100::/642001:218:1800:e200::/6445.0.1.0/24
7
I / 37
Unicast Address
–
Anycast Address
–
Multicast Address
–
I / 38
(cont.)(cont.)
Loopback Address– ::1
IPv4 – ::IPv4 address
– ::203.178.142.1
–
IPv4
– ::ffff:IPv4 address
– ::ffff:203.178.142.1
– IPv4
I / 39
AnycastAnycast
HOSTHOST
HOST
HOST
2001::1
2001::1
2001::1
I / 40
Global address
–
Link-Local address
–
– fe80::1
Site-Local address
–
– fc00::1000:0:0:0:1
(cont.)(cont.)
HOST HOST
Router
HOST
Link-local
Link-local
Site-local
Site-local
Global
I / 42
FP TLA ID RE NLA ID SLA ID Interface ID
3 13 8 24 16 64
FP Format Prefix
RE Reserved
TLA ID Top-Level Aggregation Identifier
NLA ID Next-Level Aggregation Identifier
SLA ID Site-Level Aggregation Identifier
(RFC2374)
8
I / 43
Format PrefixFormat Prefix
Prefix
Reserved 0000 0000 1/256
Unassigned 0000 0001 1/256
Reserved for NSAP Allocation 0000 001 1/128
Reserved for IPX Allocation 0000 010 1/128
Unassigned 0000 011 1/128
Unassigned 0000 1 1/32
Unassigned 0001 1/16
Aggregatable Global Unicast Address 001 1/8
Unassigned 010 1/8
Unassigned 011 1/8
Unassigned 100 1/8
Unassigned 101 1/8
I / 44
Format Prefix (cont.)Format Prefix (cont.)
Prefix
Unassigned 110 1/8
Unassigned 1110 1/16
Unassigned 1111 0 1/32
Unassigned 1111 10 1/64
Unassigned 1111 110 1/128
Unassigned 1111 1110 0 1/512
Link-Local Unicast Address 1111 1110 10 1/1024
Site-Local Unicast Address 1111 1110 11 1/1024
Multicast Address 1111 1111 1/256
Unassigned Unicast
I / 45
ISP A
ISP B
A B
3ffe:500::/24
3ffe:501::/32
3ffe:501:1000:/48 3ffe:501:2000:/48
TLA ID
NLA ID
SLA ID
I / 46
TLA (Top Level Aggregator)TLA (Top Level Aggregator)
TLA ID RE
3 13 8 24
NLA IDFP
TLA ID
3 13 13 19
NLA IDFP SubTLAID
RIRs (ARIN, RIPE, APNIC)
/29
Default-free
I / 47
NLA (Next Level Aggregator)NLA (Next Level Aggregator)
TLA ISP
/30 /48
TLA ID RE
3 13 8 24
NLA IDFP
TLA ID NLA IDFP SubTLAID
3 13 13 19
I / 48
SLA (Site Level Aggregator)SLA (Site Level Aggregator)
NLA
/49 /64
TLA ID NLA IDFP SubTLAID
3 13 13 19 16
SLA ID
9
I / 49
TLA TLA
3 native IPv6
Transit (leaf )
Registry
Registry RIR
IANA
I / 50
SLA has been gone!SLA has been gone!
SLA– NLA
– RFC3513
–
• Global routing prefix + Subnet ID
• Interface ID (64bit)
– APNIC assignment
• Global routing prefix: /32 (= TLA)
• 32bit assignment for networks (= Subnet ID)
I / 51
Ethernet Ethernet IPv6 IPv6
MAC
EUI-64– 00:e0:18:98:93:6d (MAC address)
3ffe:501:100c:e320:2e0:18ff:fe98:936d
I / 52
Unicast Unicast AddressAddress
Link Local Address–
fe80::2e0:18ff:fe98:936d
Site Local Address–
fec0:: 2e0:18ff:fe98:936d
1111111010 00000.........0000
1111111011 00000..0
I / 53
Anycast Anycast AddressAddress
Unicast Address
1
I / 54
11111111
0
1
2
5
8
E
F
0000
0001
10
I / 55
FF00:0:0:0:0:0:0:0
FF01:0:0:0:0:0:0:0
:FF0F:0:0:0:0:0:0:0
FF01:0:0:0:0:0:0:1 IPv6
FF02:0:0:0:0:0:0:1 IPv6
FF01:0:0:0:0:0:0:2 IPv6
FF02:0:0:0:0:0:0:2 IPv6 FF02:0:0:0:0:0:0:C DHCP /
FF02:0:0:0:0:1:x:x
I / 56
IPv6 IPv6
% ping6 ff02::1%eth0
PING ff02::1(ff02::1) from fe80::2e0:18ff:fe98:936d eth0: 56 data bytes
64 bytes from ::1: icmp_seq=0 hops=64 time=1.2 ms
64 bytes from fe80::2d0:b7ff:fe9a:6f27: icmp_seq=0 hops=64 time=1.3 ms (DUP!)
64 bytes from fe80::2e0:18ff:fe01:81f7: icmp_seq=0 hops=64 time=1.4 ms (DUP!)
64 bytes from fe80::2d0:b7ff:fe9a:6b58: icmp_seq=0 hops=64 time=1.7 ms (DUP!)
64 bytes from fe80::2e0:18ff:fea8:c706: icmp_seq=0 hops=64 time=1.8 ms (DUP!)
64 bytes from fe80::240:26ff:fe66:a4: icmp_seq=0 hops=64 time=1.8 ms (DUP!)
64 bytes from fe80::200:86ff:fe42:55ff: icmp_seq=0 hops=64 time=1.9 ms (DUP!)
64 bytes from fe80::2e0:18ff:fea8:34c8: icmp_seq=0 hops=64 time=2.2 ms (DUP!)
64 bytes from fe80::210:4bff:fe92:cc93: icmp_seq=0 hops=64 time=2.2 ms (DUP!)
64 bytes from fe80::250:70ff:fe01:d2c8: icmp_seq=0 hops=64 time=2.3 ms (DUP!)
64 bytes from fe80::2a0:ccff:fe73:34f7: icmp_seq=0 hops=64 time=2.4 ms (DUP!)
64 bytes from fe80::2e0:18ff:fea8:4e0a: icmp_seq=0 hops=64 time=2.6 ms (DUP!)
I / 57
Global Unicast
(Solicited Multicast Address)
I / 58
((NetBSDNetBSD))
de0: flags=8863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: 00:00:f8:03:db:34
media: Ethernet autoselect
status: active
inet 203.178.138.146 netmask 0xfffffff8 broadcast 203.178.138.151
inet6 fe80::200:f8ff:fe03:db34%de0 prefixlen 64 scopeid 0x2
inet6 2001:200:0:4400:200:f8ff:fe03:db34 prefixlen 64
inet6 2001:200:0:4400::1 prefixlen 64
inet6 fec0::4401:0:0:1:1 prefixlen 64
lo0: flags=8009<UP,LOOPBACK,MULTICAST> mtu 33228
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
I / 59
(Linux)(Linux)
% netstat -g
Interface RefCnt Group
--------------- ------ ---------------------
lo 1 ff02::1
eth0 1 ff02::9 <- RIPng
eth0 3 ff02::1:ff98:936d <- Solicited Multicast
eth0 1 ff02::1 <- All node Multicast
eth0 1 ff02::2 <- All router Multicast
I / 60
IPv6 IPv6 2001:200:160::/48 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 0 9180 pvc0
2001:200:161::/48 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 0 9180 pvc0
2001:200:162::/48 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 9 9180 pvc0
2001:200:180::/48 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 0 9180 pvc0
2001:200:180:2::/64 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 3 9180 pvc0
2001:200:180:3::/64 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 0 9180 pvc0
2001:200:1a8:300::/64 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 0 9180 pvc0
2001:200:1a8:a00::/64 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 0 9180 pvc0
2001:200:1a8:88d0::/64 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 0 9180 pvc0
2001:200:1a8:8940::/64 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 0 9180 pvc0
2001:200:200::/40 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 0 9180 pvc0
2001:200:300::/40 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 0 9180 pvc0
2001:200:500::/40 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 0 9180 pvc0
2001:200:600::/40 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 0 9180 pvc0
2001:200:800::/40 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 0 9180 pvc0
2001:200:900::/40 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 0 9180 pvc0
2001:208::/35 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 0 9180 pvc0
2001:218::/35 fe80::2e0:18ff:fe98:a28d%pvc0 UG1 0 10 9180 pvc0
11
I / 61
ISP A
ISP B
C ISP D ISP E
3ffe:500::/24
3ffe:501::/32
3ffe:501:1000::/48 3ffe:501:2000::/48 3ffe:501:3000::/48I / 62
ISP1
ISP2
Multi-Home Network 3ffe:501:1000::/48
2001:218:1800::/48
3ffe:501:1000:1000::/64
2001:218:1800:1000::/64
I / 63
NLA -> TLA Aggregation
TLA
draft-ietf-ipngwg-ipv6-2260-01
– Edge router
I / 64
I / 65
IPv4 IPv4
Ver HL TOS Total Length
Identification FlagFragment
Offset
TTL Protocol Header Checksum
Source Address
Destination Address
Options Padding
IPv4
IPv6
I / 66
IPv6 IPv6
Ver Traffic
ClassFlow Label
Payload LengthNext
HeaderHop Limit
Source Address
Destination Address
IPv6
• IPv4
•
12
I / 67
IPv6 IPv6
Version 6
Traffic Class (diffserv)
Flow Label (real-time)
Payload Length
Next Header (RFC1700)
Hop Limit
Source Address
Destination Address
I / 68
– Hop-by-hop option
–
–
( )
–
I / 69
(2)(2)
Next Header = TCP
Next Header = TCP
IPv6 Header TCP Header
IPv6 Header
Next Header = EXT
EXT Header TCP Header
Next Header
= EXT
IPv6 Header
Next Header
= EXT
EXT Header TCP HeaderEXT Header
Next Header
= TCP
I / 70
(3)(3)
–
–
–
–
ICMP
8
I / 71
Next Header Hdr Ext Len Option
Option Option
8bit 8bit
I / 72
Option Type Option Len Option Data
Option Len
13
I / 73
– type 0
Next Header Hdr Ext Len Routing Type Segment Left
Reserved
Address[0]
Address[1]
Address[n]
I / 74
Hdr Ext Len
–
– 8
Routing Type
– Type 0
Segment Left
–
I / 75
IPv6– Segment Left > Hdr Ext Len / 2
•
– Segment Left = 0
•
– Segment Left < Hdr Ext Len / 2
• IPv6
I / 76
(cont.)(cont.)
IPv6Header
RoutingHeader
Payload
Routing Header
IPv6 address
IPv6 Header
I / 77
Path MTU Discovery
I / 78
MTU
8 ( )
– Fragment Offset (8 )
– M - More bit
• 1: 0:
– Identification
Next Header Reserved Fragment Offset Re M
Identification
14
I / 79
H0
H0
0 F1 F2
M=1
FO=0
M=1
FO=F1
M=0
FO=F2
Next Header Reserved Fragment Offset Re M
Identification
op
t1
H0 op
t2
H0o
pt3
I / 80
Next Header Hdr Ext Len Option
Option Option
8bit 8bit
I / 81
No Next HeaderNo Next Header
I / 82
– 20
–
– QoS
–
–
I / 83
TCP UDP IPv6
Next Headerzero Payload Length
Source Address
Destination Address
I / 84
ICMPv6ICMPv6
15
I / 85
ICMPv6ICMPv6
Internet Control Message Protocol for IPv6
IP
–
–
ICMP – ping, traceroute
IPv4 ICMP
I / 86
ICMPv6 ICMPv6
Type Code checksum
Message Body
Type ValueType Semantics1 Destination unreachable2 Packet is too big3 Time exceeded4 Parameter problem128 Echo request129 Echo reply
I / 87
Path MTUPath MTU
Path MTU– MTU
– ICMP Too Big Message
– 10 )
Path MTU Discovery
I / 88
NDP (Neighbor Discovery Protocol)NDP (Neighbor Discovery Protocol)
I / 89
NDP NDP
ARP(Address Resolution Protocol) NDP(Neighbor Discovery Protocol)
ICMP
IP
–
–
–
– Multicast
I / 90
NDP NDP (cont.)(cont.)
–
–
–
–
–
16
I / 91
NDP NDP
Router Solicitation
–
– Solicited Address
Router Advertisement
–
Neighbor Solicitation
–
Neighbor Advertisement
–
Redirect
–
I / 92
Solicited Multicast AddressSolicited Multicast Address
eth0 : 00:E0:18:98:93:6D
inet :203.178.143.49 :203.178.143.255 :255.255.255.0
inet6 : fe80::2e0:18ff:fe98:936d/10 :
inet6 : 3ffe:505:d::1/64 :
inet6 : 3ffe:505:d:1000:2e0:18ff:fe98:936d/64 :
inet6 : 3ffe:501:100c:d210:2e0:18ff:fe98:936d/64 :
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX :11876764 :6 :0 :4 :0
TX :9069672 :0 :0 :0 :0
(Collisions):0 TX :100
:11
I / 93
NDP NDP
tcpdump: listening on fxp0
09:52:22.010035 2001:218:1800:c050:210:f3ff:fe03:5445 >
ff02::1:ff00:567: icmp6: neighbor sol: who has
2001:218:1800:c050::567
09:52:23.010035 2001:218:1800:c050:210:f3ff:fe03:5445 >
ff02::1:ff00:567: icmp6: neighbor sol: who has
2001:218:1800:c050::567
09:52:24.010037 2001:218:1800:c050:210:f3ff:fe03:5445 >
ff02::1:ff00:567: icmp6: neighbor sol: who has
2001:218:1800:c050::567
09:52:24.010399 fe80::200:87ff:fe28:e090 >
2001:218:1800:c050:210:f3ff:fe03:5445 : icmp6: neighbor adv: tgt is
fe80::200:87ff:fe28:e090
I / 94
NDPNDP
PROBE DELAY
NONE
INCOMPLETE REACHABLE STALE
( )
( )
NA
( )
NS
( )
NS
( )
DELAY_FIRST_PROBE_TIME
I / 95
Solicited AddressSolicited Address
IP
2001:218:1800:c050::1234:5678
– ff02::1:ff34:5678
– 2001:218:1800:c050::1234:5678
ff02::1:ff34:5678
HOST HOST
2001:218:1800:c050::1234:5678
ff02::1:ff34:5678-- ?
I / 96
17
I / 97
Stateless Address Auto Configuration
NDP
EUI-64
RA
Plug & Play
I / 98
draft-ietf-ipngwg-router-renum-10
I / 99 I / 100
IPsec IPsec
– keyed MD5 DES CBC …
3
–
–
–
I / 101
22
AH Authentication Header
–
ESP Encapsulating Security Payload
–
I / 102
(AH)(AH)
AH Authentication Header
IPv6
Next Header Length
Authentication Data
Reserved
Security Parameters Index (SPI)
Sequence Number
18
I / 103
(cont.)(cont.)
Length: Payload
SPI:
Sequence Number:
Authentication Data:
I / 104
Security Parameters IndexSecurity Parameters Index
SecurityAssociation(SA) SPI
SA SPI
–
–
–
–
I / 105
(ESP)(ESP)
ESP Encapsulating Security Payload
IPv6
Security Parameters Index (SPI)
Sequence Number
Initialization Vector (variable len)
Payload Data (variable len)
Padding (0-255byte)
Authentication Data (variable len)
Pad Len NH
I / 106
ESP - ESP -
IP Hdr Ext Hdr TCP DataESP
ESP IP Hdr Ext Hdr ESP TCP DataESPAuth
I / 107
Internet
IP Payload
IP ESP
IP Payload
IP ESP
I / 108
ESP - ESP -
IP Hdr Ext Hdr TCP DataESP
ESP IP Hdr Ext Hdr ESP TCP DataESP
AuthIP Hdr Ext Hdr
19
I / 109
Internet
IP1 Payload
IP2 IP1 ESP
IPsec-GW IPsec-GW
IP2 IP1 ESP
IP1 Payload
I / 110
IPv6
–
–
–
–
–
I / 111 I / 112
Mobile IPv6 Mobile IPv6
draft-ietf-mobileip-ipv6-13
IPv6 address
–
–
I / 113
Mobile IPv6 Mobile IPv6
Mobile Node (MN)
–
Home Link– Mobile Node
Home Address– Home Link IP address
Care of Address– IP address
I / 114
Mobile IPv6 Mobile IPv6 (cont.)(cont.)
Home Agent (HA)– Home Link
Correspondent Node (CN)– Mobile Node
binding– Home Address Care of Address
20
I / 115
Home Agent
Mobile Node
Mobile Node
Mobile IP: Mobile IP: ++
I / 116
Binding Binding
IPv6
Header
Home Address
Option
Authentication
Header
Binding
Update
Option
IPv6
Header
Routing
Header
Authentication
Header
BindingAcknowledgement
OptionPayload
Payload
Binding Update
Binding Acknowledgement
Source Address:
care-of addressto inform the recipient ofthat packet of the mobile
node’s home address
authenticatethis packet
including
BindingInformation
Destination
Address:
MN’s home address
to deliver the packet tothe mobile node through
the care-of address
I / 117
IPv6IPv6
I / 118
IPv4 IPv4 IPv6 IPv6
IPv4 IPv6
IPv6 IPv4
IPv6
I / 119
IPv6IPv6
IPv6 Network
IPv4 Network
IPv6 over IPv4 Tunnel
IPv4 over IPv6 Tunnel
IPv6
IPv6
IPv6
IPv6
IPv4/IPv6
IPv6
IPv6
IPv6
I / 120
– IPv4/IPv6
IPv6 in IPv4
– IPv4 IPv6
–
– IPv4 IPv6
–
21
I / 121
IPv6/IPv4 – IPv6
• NetBSD/FreeBSD/BSDI/Linux/Win2k/Macintosh
–
– IPv4 IPv4
– IPv6 IPv4/IPv6 IPv6
I / 122
IPv6 in IPv4 IPv6 in IPv4
IPv6 – IP Tunneling (IP in IP)
– Mbone IP multicast
– IP IPv6 IPv4
IPv6 site IPv6 siteIPv4 Internet
IPv6 packet IPv6 packetIPv6 packet
IPv4 packet
I / 123
IPv6 IPv6 in IPv4)
IPv6
IPv4
IPv6
Packet FormatPacket Format
I / 124
IPv4 IPv6 – IP (NAT-PT)
– (FAITH)
– (SOCKS64)
IPv6HOST
IPv4HOST
IPv6 Packet IPv4 Packet
I / 125
IPv6 IPv6
RIP RIPng
BGP4 BGP4+
OSPFv2 OSPFv3
IS-IS IS-IS for IPv6
I / 126
DNS for IPv6DNS for IPv6
RFC1886, RFC2874
IPv6 RR
– AAAA
– A6
– DNAME
Inverse zone
– ip6.int. (nibble boundary)
– ip6.arpa. (bitlabel boundary)
22
I / 127
DNS zone file DNS zone file 1)1)
$ORIGIN .
$TTL 3600 ; 1 hour
linux-ipv6.org IN SOA linux6.nezu.wide.ad.jp. sekiya.linux-ipv6.org. (
43 ; serial
1800 ; refresh (30 minutes)
900 ; retry (15 minutes)
172800 ; expire (2 days)
10800 ; minimum (3 hours)
)
NS shaku.sfc.wide.ad.jp.
NS linux6.nezu.wide.ad.jp.
A 203.178.142.218
MX 5 linux6.nezu.wide.ad.jp.
AAAA 2001:200:0:1c01:2b0:d0ff:fe23:d5e5
A6 0 2001:200:0:1c01:2b0:d0ff:fe23:d5e5
I / 128
DNS zone file DNS zone file 2)2)
$TTL 3600 ; 1 hour
d.0.0.0.5.0.5.0.e.f.f.3.IP6.INT IN SOA chiharu.netvillage.ne.jp. sekiya.v6.linux.or.jp. (
100091601 ; serial
3600 ; refresh (1 hour)
900 ; retry (15 minutes)
3600000 ; expire (5 weeks 6 days 16 hours)
3600 ; minimum (1 hour)
)
NS chiharu.netvillage.ne.jp.
NS shaku.sfc.wide.ad.jp.
$ORIGIN d.0.0.0.5.0.5.0.e.f.f.3.IP6.INT.
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR shaku.v6.linux.or.jp.
d.6.3.9.8.9.e.f.f.f.1.8.0.e.2.0.0.0.0.1 PTR shaku.v6.linux.or.jp.
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3 PTR chiharu.v6.linux.or.jp.
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4 PTR ipsmg.v6.linux.or.jp.