Department of Computer Science Southern Illinois University Edwardsville Spring, 2010
description
Transcript of Department of Computer Science Southern Illinois University Edwardsville Spring, 2010
Department of Computer ScienceSouthern Illinois University Edwardsville
Spring, 2010
Dr. Hiroshi FujinokiE-mail: [email protected]
CS 547/490 Network Programming
IP Version 6 (IPv6)
IPv6.PPT/001
CS 547/490 Network Programming
IPv6.PPT/002
History
• IPnG officially became IPv6 in RFC 1752
• A project for IPnG (IP Next Generation) was started to improve the existing IP (IPv4)
• Many modifications were made to the first IPv6 draft
- RFC 2460: Internet Protocol Version 6 (1998)
- RFC 2374: IPv6 Aggregatable Global Unicast Address Format
- RFC 2463: Internet Protocol Version 6 (Revision)
- RFC 2464: Transmission of IPv6 packets over Ethernet
• Latest OSes support IPv6 (Windows XP, Solaris 8 and Linux (krnl: 2.1.2)
CS 547/490 Network Programming
IPv6.PPT/003
IPv6 Goals
1. Extended address space
2. QoS (Quality of Service) support
3. Built-in security mechanisms
4. Better protocol service extendibility
6. More efficient routing
5. State-less DHCP services
7. Backward compatibility to IPv4
8. Network infrastructure for both IPv4 and IPv6
9. More flexible network set up
CS 547/490 Network Programming
IPv6.PPT/004
Extended Address Space
• The address space for IPv4 = 232 = about 4.3 billion unique addresses
• The address space of IPv4 was considered to be large enough
• In the late 90s, the address space of IPv4 was getting starved
- Advent of WWW
- Household electric appliances started connected to the Internet
- There usually are some addresses not used in every network domain
(a group of IP addresses are reserved for every domain)
(Commercial domains became popular)
CIDR (Class-less Internet Domain Routing) proposed
CS 547/490 Network Programming
IPv6.PPT/005
Extended Address Space
Comparisons of IPv4 and IPv6 address spaces
Protocol Unique Addresses
IPv4
IPv6 340, 282, 366, 920, 938, 463, 374, 607, 431, 768, 211, 456 addresses
4, 294, 967, 296 addresses
Using IPv6, we can assign 1028 addresses to every one on the earth!
CS 547/490 Network Programming
IPv6.PPT/006
Extended Address Space
Due to the introduction of 128-bit address space, the available address space is now much larger ….
This is a good thing, since we do not have to worry about address spacestarvation any more.
However, there are something we (engineers) have to take care of ...
CS 547/490 Network Programming
IPv6.PPT/007
Extended Address Space
Routing overhead at routers (especially core routers):
(2) Routing algorithm overhead
(1) Routing table size
- 296 times larger address space than IPv4
- Each entry is now four times larger
- Complexity of routing algorithm usually is in the order of O( nlogkn) and c nlogkn (n is the number of network routers)
- The throughput will go down quickly as n increases ...
Large address space There are something we (engineers) have to take care of
TLA IDFP Reserved NLA ID SLA ID
CS 547/490 Network Programming
IPv6.PPT/008
Extended Address Space
Interface ID
3 13 8 24 16 64
128 bits
Public AddressSite Address
Interface Address (Interface ID)
FP = Format Prefix (Address Format Prefix)
TLA ID = Top Layer Aggregation ID
NLA ID = Next Layer Aggregation ID
SLA ID = Top Layer Aggregation ID
Class ID Domain Address
CS 547/490 Network Programming
IPv6.PPT/009
IP V4 Address Space
Host ID
3 24 5
32 bits
Public Address Interface Address (Interface ID)
This is essentially a two-layer addressing
CS 547/490 Network Programming
IPv6.PPT/010
Extended Address Space
TLA
NLA
SLA
Interface ID
4-layer routing Reduce “n” inO(nlogn)
CS 547/490 Network Programming
IPv6.PPT/013
Security
IPv4 security
• User name and Password
• Initially for recognizing every user, not for authentication
• Not enough system support for security
- Security is performed by “application”
IPv6 security
• Security even at the beginning of protocol design
- Encryption is a part of protocol design
(in IPv4, it’s a part of application-level protocol)
CS 547/490 Network Programming
IPv6.PPT/014
Security
IPv6 Packets
= Packets for data transmission
= Packets for authentication
Each authentication packets should:
1. Have AH (Authentication Header)
2. Have ESP (Encapsulating Security Payload) header
Data Packets
Authentication Packets
CS 547/490 Network Programming
IPv6.PPT/015
Protocol Service Extendibility
In IPv4, header information is all within header
It is difficult to change options without changing packet header format
In IPv6, the header contains pointers to options
Parameters are out of the “fixed” portion of the packet header
CS 547/490 Network Programming
IPv6.PPT/017
Protocol Service Extendibility
IPv6 Header
Version # Traffic Class Flow Label
Data (Payload Data) Length Next Header Pointer Max Hop Count
Sender IPv6 IP Address (128 bits)
Receiver IPv6 IP Address (128 bits)
IPv6 Header
ExtendedHeader
Next header Pointer
CS 547/490 Network Programming
IPv6.PPT/018
Protocol Service Extendibility
Concepts:
• Keep the “IPv6 header core” as small and as simple as possible
• Extension should be made outside of the “header core”
1. Throughput
2. End-to-end delay
will be improved.
3. Delay jitter (variances in end-to-end delay)
CS 547/490 Network Programming
IPv6.PPT/016
Protocol Service Extendibility
IPv4 Header
IPv6 Header
Version # Traffic Class Flow Label
Data (Payload Data) Length Next Header Pointer Max Hop Count
Sender IPv6 IP Address (128 bits)
Receiver IPv6 IP Address (128 bits)
Fragment Offset
IHL Service Type Packet Length
Flags
TTL Transport Protocol Header Check Sum Code
Sender IP Address
Receiver IP Address
Options and Padding
Version #
Packet Sequence Number
CS 547/490 Network Programming
IPv6.PPT/011
Quality of Service Support
• IPv4 does not have any quality of service support
Factors for “quality of service”:
(1) Transmission Rate (Link Bandwidth) Reservation
(2) Guaranteeing Short Delay (end-to-end delay and delay jitter)
(3) Error rate
- end users usually do not see “errors” during data transmissions
(4) Security- encryption methods applied during data transmissions
CS 547/490 Network Programming
IPv6.PPT/012
Quality of Service Support
QoS Support in IPv6: QoS Support by “flow”
• In IPv6, QoS is provided to each “flow” (sometimes called “pipe”)
• “IPv6 flow” is a “path” in virtual circuit
• QoS is managed for “flow”, but not for each packet
• The difference from “path” in the virtual circuit is that it can be a collection of paths.
CS 547/490 Network Programming
IPv6.PPT/017
For each IPv6 flow (pipe), the following QoS parameters can be specified:
• Queuing Priority
• Network Resources
- Memory Buffer- Link Bandwidth
- Processor Time Slice (at routers)• Requirements for Packet Drop
• Accounting
• Security- Better Encryption
CS 547/490 Network Programming
IPv6.PPT/012
Quality of Service Support
QoS Support in IPv6: QoS Support by “flow”
• A “flow” is a virtual pipe uniquely identified by a combination of:
IPv6 Header
Version # Traffic Class Flow Label
Data (Payload Data) Length Next Header Pointer Max Hop Count
Sender IPv6 IP Address (128 bits)
Receiver IPv6 IP Address (128 bits)
- Flow label (20 bits)- Sender IPv6 Address- Receiver IPv6 Address
CS 547/490 Network Programming
IPv6.PPT/017
Router
Router Router
Router Router
Router
IPv6 Pipe
IPv6 Sender IPv6 Receiver
CS 547/490 Network Programming
IPv6.PPT/017
R1 R2 R3 R4 RnSENDER RECEIVER
Path Set-updelay
Data Transmission
Time
ACK Signal
Path Set-up Signal
CS 547/490 Network Programming
IPv6.PPT/017
InternalOperation
External Operation
Virtual Circuit
Virtual Circuit
Datagram
Datagram
A
B C
D
IPv4
IPv6
CS 547/490 Network Programming
IPv6.PPT/019
State-Less DHCP Services
Existing HDCP (State-Full) DHCP Server:
DHCPServer Client A
A 146.163.147.52
“146.163.147.52”
Address Request
• Server keeps state (table)
DHCP Address Pool
CS 547/490 Network Programming
IPv6.PPT/020
DHCPServer Client A
A 146.163.147.52
“146.163.147.52”
Address Request
• Server keeps state (table)
State-Less DHCP Services
• Client does not make a request at the beginning
• A client generates its own IPv6 address
• A client makes sure the address is available with a help of routers
• If the chosen address does not work, then a host talks to IPv6 DHCP server
CS 547/490 Network Programming
IPv6.PPT/021
State-Less DHCP Services
Client AClient BClient CClient D
Generate an IPv6 address from the network address and interface ID
Broadcast the generated IPv6 address within the network
If someone already uses it, the host sends NACK
If no one sends NACK, the host uses it as temporary address
Talk to the gateway router to broadcast the temporary address to all the other routers in the network domain (ACK must be returned)
If no ACK comes back, the joining host talks to IPv6 DHCP server
CS 547/490 Network Programming
IPv6.PPT/022
State-Less DHCP Services
-A When a router receives a polling message, it broadcasts the address in the network
-B If anyone is not using the address, the router sends ACK to the router
-C If someone already uses it, the router sends NACK
-D If the gateway router receives at least one NACK, it sends NACK to the joining node
-E NACK is not received at all, the gateway router sends ACK to joining node
CS 547/490 Network Programming
IPv6.PPT/023
Backward Compatibility to IPv4
- Unfortunately, there is no backward compatibility to IPv4 in the protocol implementation
• IPv4/IPv6 Dual-Protocol Server
• IPv4-mapped IPv6 addresses
• IPv4 Tunneling
There are some techniques to realize IPv4/IPv6 hybrid:
- Source code compatible with minor differences
CS 547/490 Network Programming
IPv6.PPT/024
IPv4/IPv6 Dual-Protocol Servers
• During IPv4/IPv6 transition period, servers should be able to work with both IPv4 and IPv6 routers
- IPv4-mapped addresses allow a host that supports both IPv4 and IPv6 to communicate with a host (or router) that supports only IPv4
- The IPv4-mapped IPv6 address is based on a unique format
CS 547/490 Network Programming
IPv6.PPT/025
Class ID Domain Address Host ID
3 24 5
32 bits IPv4 Address
IPv4-Mapped IPv6 Addresses
“000 … 000” “FFFF” IPv4 Address
80 16 32
128 bits
CS 547/490 Network Programming
IPv6.PPT/026
IPv4/IPv6 Dual-Protocol Servers
Client1
TCP
IPv6
LLC
Client2
TCP
IPv4
LLC
Server
TCP
IPv6
LLC
IPv4
Network
IPv4-mappedIPv6 address
Dual-stack node: define in RFC 1933
CS 547/490 Network Programming
IPv6.PPT/027
IPv4Addresses
IPv6 Addresses
IPv4-mappedIPv6 Addresses
IPv4-Mapped IPv6 Addresses
CS 547/490 Network Programming
IPv6.PPT/028
IPv6 Tunneling
= IPv6 Router= IPv4 Router
Internet
Host A
Host B
Host C
CS 547/490 Network Programming
IPv6.PPT/029
IPv6 Tunneling
= IPv6 Router= IPv4 Router
Internet
Host A
Host B
Host CIPv6 Packet
IPv6 Packet
IPv6 Packet
IPv6 Packet
CS 547/490 Network Programming
IPv6.PPT/030
IPv6 Tunneling
= IPv6 Router= IPv4 Router
Internet
Host A
Host B
Host CIPv6 Packet
IPv6 Packet
IPv6 Packet
IPv4 PacketIPv4 Packet
IPv4 Packet
IPv4 Tunnel
4
6
6
4 6
6
CS 547/490 Network Programming
IPv6.PPT/027
Dual-Stack
Internal Server
IPv6 host
Private LAN
F/WExternal Server
Internet
CS 547/490 Network Programming
IPv6.PPT/027
• If your domain is connected to an ISP that does not support IPv6
• IPv4-mapped IPv6 address must be used for this IPv6 host
• The dual-stack internal server can establish an IPv4 tunnel
• From the public Internet, your IPv6 domain looks like an IPv4 domain!
Internet
Private LAN
F/WExternal Server
IPv6 host
Internal Server
V4-V6 translator
CS 547/490 Network Programming
IPv6.PPT/027
• If your domain is connected to an ISP that does not support IPv6
• Most of your domain is IPv4(only a few LAN segments in your domain is operated by IPv6)
• A technique to make a transition from an IPv4 to an IPv6 domain
(when IPv6 hosts dominate, this domain uses dual-stack server)
• IPv6 extended features are available only in the same segment
IPv6 host
Dual-Stack
Internal Server
F/W
Dual-Stack
Dual-Stack
Private LAN
Internet
External Server
IPv6 over IPv4tunneling
CS 547/490 Network Programming
IPv6.PPT/027
CS 547/490 Network Programming
IPv6.PPT/031
6-Bone 6-bone is a virtual IPv6 network
CS 547/490 Network Programming
IPv6.PPT/032
6-Bone
• Many operating systems and routers start adopting IPv6.
• IPv4 is still the majority
• A virtual IPv6 Internet constructed by IPv4 tunnel
(Something similar to Mbone)
• Your host (local machine) must support IPv6
• You get connected through an 6-Bone access point
• 6-Bonje is an experimental network established by IETF
(Such as Windows XP - you do NOT need IPv6 router)
CS 547/490 Network Programming
IPv6.PPT/036
IPv6 Programming
CS 547/490 Network Programming
IPv6.PPT/037
How can we develop network applications using IPv6?
• IPv6 does not have compatibility to IPv4 in implementation
…….struct sockaddr_in server_addr; ……. server_addr.sin_family = AF_INET;server_addr.sin_len = sizeof (server_addr); ……. …….
IPv4 Address structure
• IPv6 does have compatibility to IPv4 in source code
CS 547/490 Network Programming
IPv6.PPT/038
How can we develop network applications using IPv6?
…….struct sockaddr_in6 server_addr; ……. server_addr.sin6_family = AF_INET6;server_addr.sin6_len = sizeof (server_addr); server_addr.sin6_port = PORT# …….
IPv6 Address structure
CS 547/490 Network Programming
IPv6.PPT/039
How can we develop network applications using IPv6?
socket (AF_INET, SOCK_STREAM, 0);
Creating a socket (IPv4)
Creating a socket (IPv6)
socket (AF_INET6, SOCK_STREAM, 0);