1 rediris – miguel angel sotos [email protected] ipv6 tutorial
TRANSCRIPT
![Page 2: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/2.jpg)
2
Agenda
• History• Why IPv6• IPv6 addresses• Autoconfiguration
• DNS• Transition mechanisms• Security in IPv6• IPv6 in Windows and Linux• IPv6 now
![Page 3: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/3.jpg)
History
3
• 70s• TCP/IP – developed in 1973, part of a project of the
Department of Defense (ARPA agency, USA)• ARPAnet network• Universities and Research centers computers networks connection
![Page 4: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/4.jpg)
History
4
• 80s• 1983, ARPAnet starts using TCP/IP• 1986, NSF (National Science Foundation) begins
the development of NFSnet, it will be the ARPAnet substitute, being the base of the Internet
![Page 5: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/5.jpg)
History
5
• 90s• 1993, first previsions of exhaustion of IPv4
addresses• IETF (Internet Engineegin Task Force) develops
IPv6 specifications• Initially it was IPng
• ¿What happens with IPv5?• Packets were marked with the version number 5, when the packets carried an experimental protocol, called ST, real time streaming.
![Page 6: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/6.jpg)
6
Agenda
• History• Why IPv6• IPv6 addresses• Autoconfiguration
• DNS• Transition mechanisms• Security in IPv6• IPv6 in Windows and Linux• IPv6 now
![Page 7: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/7.jpg)
Why IPv6
7
• The main reason, more addresses
• But, what happens if I don’t need more addresses?– IPv6 is in fashion– Don’t loose the oportunity– Simplify end to end connections– No more NATs for security
• Tecnically:
– All in one– Security in network layer– Autoconfiguration– More efficient and jerarquical routing
– We start again– Headers are more simple
![Page 8: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/8.jpg)
Why IPv6
8
• And now we have a lot of devices connected to a network, even TVs, cameras, fridges…everything!
![Page 9: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/9.jpg)
Why IPv6
9
• Countries with lack of IPv4 addresses
• Increasing demand
• Companies adopting and introducing IPv6
• IPv6 support will be necessary to not be disconnected of part of the network and internet
• IPv6 is robust, no patches
• Anyway…maybe IPv4 will not disappear
![Page 10: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/10.jpg)
10
Agenda
• History• Why IPv6• IPv6 addresses• Autoconfiguration
• DNS• Transition mechanisms• Security in IPv6• IPv6 in Windows and Linux• IPv6 now
![Page 11: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/11.jpg)
IPv6 header
11
• It’s more simple
![Page 12: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/12.jpg)
IPv6 header
12
• CLASS is the Type of Service in IPv4
• HOP LIMIT is the TTL of IPv4
• FLOW LABEL is used in QoS
• PAYLOAD LENGTH is the data length carried by the packet
• NEXT HEADER
• If I have more info, I use more headers…
• No checksum
• No fragmentation, only end to end
• MTU discovery
![Page 13: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/13.jpg)
IPv6 header
13
• Types of header extensions
• Routing
• Fragmentation
• Hop-by-hop options
• Destiny options
• Atuthentication
• ICMP
• Completely new
• Including IGMP
![Page 14: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/14.jpg)
IPv6 addresses
14
• IPv4 – 4000 million of addresses
– Allocation without control
– Fragmentation
• IPv6 – 3.4x10^38 addresses
– Clean slate, we start from scratch. Control, order.
– 128 bits to addres the world
![Page 15: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/15.jpg)
IPv6 addresses
15
• 4 times bigger
– 32 to 128 bits
• Sintax:– aaaa:bbbb:cccc:dddd:eeee:ffff:0000:1111
– Hexadecimal digits in groups of 4– You can substitute a group of 0s by ::– No masks, instead we have /number_of_bits (like
CIDR notation in IPv4)
![Page 16: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/16.jpg)
IPv6 addresses
16
• Addres format:
• Unicast, multicast, anycast
• Global unicast addresses start with 001 (binary) so we have addresses starting with 2 or 3– 2001::… or 3ffe::…
• No broadcast (instead, multicast)
![Page 17: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/17.jpg)
IPv6 addresses
17
• Interface-id• Last 64 bits of the address• Unique in a local network• The IPv6 address is asociated with the
interface, not the host• MAC address is mapped
![Page 18: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/18.jpg)
IPv6 addresses
18
• Hosts addresses• When I have IPv6 configured or enabled
in a host, I automatically have a link-local address
• Starts with fe80::• Not routeable• Is unique in the local network• That address is configured automatially
using the interface-id• Used for autoconfiguration
![Page 19: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/19.jpg)
IPv6 addresses
19
• Multicast addresses
• Start with FF00
• First 0 is Flags – (0,1 – permanent, not permanent)
• Second 0 is scope
• 1 – node
• 2 – link
• 5 – site
• 8 – organization
• E – global
• FF02::1 – all the nodes of a network
• FF02::2 – all the routers of a network
![Page 20: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/20.jpg)
IPv6 addresses
20
• Anycast addresses
• Used for a group of interfaces with the same address
• One packet sent to that address goes to the nearest host with that address
![Page 21: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/21.jpg)
IPv6 addresses
21
• Example of global addresses:
• IPv4: 130.206.1.159
• IPv6: 2001:0720:0418:cafe:cccc:1111:abeb:b0b0
• We can summarize:
• 2001:720:0000:0000:0000:0000:0000:9876 is
• 2001::9876
• 2001:720:0000:0000:0000:0000:0000:0000 is
• 2001:720::
• ¿What will be ::/0 ?
![Page 22: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/22.jpg)
IPv6 addresses
22
• How we can distribute my prefix in my network?
• To each one of the centers I can assign a /48– First 48 bits are fixed
• A network is a /64– Interface ID
• I have 16 bits to distribute the addresses in my center– Network ID
![Page 23: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/23.jpg)
IPv6 addresses
23
• Example, RedIRIS have 2001:0720::/32 for all the Universities and Research centers
Company/Building
Department Department
![Page 24: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/24.jpg)
IPv6 addresses
24
• Special addresses• Loopback (127.0.0.1) is ::1• Default(0.0.0.0/0) is ::/0• IPv6 compatible with IPv4 (for
tunnels) ::130.206.1.159• IPv6 mapped over
IPv4 ::FFFF:130.206.1.159• Link-local address, starts with fe80::
![Page 25: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/25.jpg)
25
Agenda
• History• WhyIPv6• IPv6 addresses• Autoconfiguration
• DNS• Transition mechanisms• Security in IPv6• IPv6 in Windows and Linux• IPv6 now
![Page 26: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/26.jpg)
Autoconfiguration
26
• New IPv6 feature (similar to IPv6 DHCP)• Network administration is easier – plug and
play• The user connects the host to the network
and is automatically configured• Advantage over DHCP
• It’s not necessary an additional server
![Page 27: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/27.jpg)
Autoconfiguration
27
• Protocol used here is neighbor discovery• Hosts and network equipment exchange multicast IPv6 packets to check the host IPv6 address
• Duplicate IPv6 addresses detection• Two types
• Stateful and stateless• Different mechanisms that can be used in a complementary way
![Page 28: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/28.jpg)
Autoconfiguration
28
• Stateful• Manual configuration, or using DHCP
• Like IPv4• Stateless
• Completely automatic configuration• It’s not necessary the manual config of hosts and servers. In some cases, we need minimal network equipment configuration (routers)
![Page 29: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/29.jpg)
Autoconfiguration
29
• Neighbour advertisement• The host send a router request message
• ICMP type 133• The router sends a router advertisement
message • ICMP type 134• Include the prefix announced by the
router with the TTL
![Page 30: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/30.jpg)
Autoconfiguration
30
• The host sends the neighbour request message to check the IPv6 address of the neighbour• ICMP type 135
• A neighbour advertisement message is sent• A router can send a change or redirection
message to find the best hop for a destiny
![Page 31: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/31.jpg)
31
Agenda
• History• Why IPv6• IPv6 addresses• Autoconfiguration
• DNS• Transition mechanisms• Security in IPv6• IPv6 in Windows and Linux• IPv6 now
![Page 32: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/32.jpg)
DNS
32
• Now, applications behave in a different way• First, they request the IPv6 addres(timeout…)• If it’s coded correctly, it will ask for IPv4
– You have to be very careful when putting an IPv6 service in production
• Good connectivity– You have to be very careful when configuring an
IPv6 address in the DNS• Deny of service!
![Page 33: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/33.jpg)
DNS
33
www.ipv6.elmundo.es
2001:800:400:10::71
Access to the web
server (port 80)
Port 80 not
reachable
![Page 34: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/34.jpg)
DNS
34
– I have configured all the hosts in my network,
– Also my router
• DNS is a must, due to the length of the
addresses
– Bind v9 support IPv6 addresses
• IPv6 requests over IPv6:
» options {
listen-on-v6 { any; };
}
• IPv6 requests over IPv4
![Page 35: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/35.jpg)
DNS
35
• It’s better not to create an special zone for IPv6 (like ipv6.my_center.com)
• But, it can be dangerous for production services
• During tests, it’s better ftp.ipv6.my_center.com than ftp.my_center.com
• Anyway, we should go for the same direct zone
– Direct zone– We use the same config files as with IPv4 (AAAA
instead of A)
![Page 36: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/36.jpg)
DNS
36
• Reverse zone• nibble-bit notation with .arpa
– 0.2.7.0.1.0.0.2.ip6.arpa– Root servers are configured to support this format– Recommended and the zone which is delegated
with the Registries (like RIPE)– Latests versions of glibc support this format
![Page 37: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/37.jpg)
37
Agenda
• History• Why IPv6• IPv6 addresses• Autoconfiguration
• DNS• Transition mechanisms• Security in IPv6• IPv6 in Windows and Linux• IPv6 now
![Page 38: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/38.jpg)
Transition
38
• We cannot switch off the Internet and then switch on with IPv6
• There are several mechanisms• IPv4 and IPv6 can live together
• BUT IPv4 and IPv6 are not compatible• Three types of transition mechanisms
• Dual-stack• Based on tunnels• Based on address translation
![Page 39: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/39.jpg)
Transition
39
• Dual-stack• We depend on vendors implementations• My equipment support native IPv4 and native IPv6, at the the same time, parallel.
•More operational effort• I can plan a periodic migration, step by step
•Network•Servers
•Applications and services•Hosts
• The best one• It’s recommended a testing period
![Page 40: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/40.jpg)
Transition
40
• Tunnels
• IPv6 traffic is encapsulated in IPv4 packets
• I connect two IPv6 worlds separated by an IPv4 domain
• Automatic tunnels
• The host has an IPv4 compatible IPv6 address• 6to4: IPv4 address of the tunnel endpoints are
identified in the IPv6 prefix» We use 2002::/16
• Manual tunnels• Explicit configuration
• IPv4 tunnel endpoints• IPv6 address of the tunnel interface
• Tunnel brokers•Automatic configuration to have basic IPv6 connectivity if my network is only IPv4
![Page 41: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/41.jpg)
Transition
41
• 6to4
• I connect two IPv6 worlds isolated (IPv4 between them)
•The router to the Internet creates a 6to4 tunnel to the other domain
•The IPv4 addresses of the tunnel endpoints are included in the IPv6 prefix
•Used 2002::/16
• Teredo
•Provides IPv6 connectivity behind a NAT
•Encapsulates IPv6 packets into UDP IPv4
•They can go through the NAT and the Internet
![Page 42: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/42.jpg)
Transition
42
• To migrate all my network to IPv6 I’ll have the following problems:
• My hardware doesn’t support IPv6– Upgrade it– Use a Linux router – Use an alternate router, with a tunnel to a
provider– I have a firewall
» Not a lot of solutions» Upgrade is important
![Page 43: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/43.jpg)
Transition
43
Level 2 migration, integrating an IPv6 router in
the same vlan
Small IPv6
router
![Page 44: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/44.jpg)
Transition
44
More natural migration, including dual-stack
![Page 45: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/45.jpg)
Transition
45
Migration using Level 3
![Page 46: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/46.jpg)
46
Agenda
• History• Why IPv6• IPv6 addresses• Autoconfiguration
• DNS• Transition mechanisms• Security in IPv6• IPv6 in Windows and Linux• IPv6 now
![Page 47: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/47.jpg)
Security
47
• Support for IPv6+firewalls+tunnels is not widely deployed
• But IPv6 has IPsec…
• The same as with IPv4, but in that case is part of the protocol (security header), less problems
– Security is included, as part of the IPv6 specifications
– Authentication– Encryption
![Page 48: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/48.jpg)
Security
48
• With the right security policies, it’s not a problem to have public addresses for everyone.• It’s easier the network administration
• NAT is not necessary • Problems with multimedia applications• Problems with IPsec• Problems with multicast• Problems with end to end, peer to peer and
point to point applications
![Page 49: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/49.jpg)
49
Agenda
• History• Why IPv6• IPv6 addresses• Autoconfiguration
• DNS• Transition mechanisms• Security in IPv6• IPv6 in Windows and Linux• IPv6 now
![Page 50: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/50.jpg)
IPv6 & Windows
50
• www.microsoft.com/ipv6
• You can create an IPv6 tunnel against Micrsoft
• Good for testing
• With windos 2000 you have to install SP2
• With Windows XP
• With SP1 or higher
• It’s part of the system
• To install it
• Form properties of my network places
• Using CLI
• Netsh interface ipv6 install
• Without SP1
• You cannot do DNS queries using IPv6
• Install it using CLI
• Ipv6 install
![Page 51: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/51.jpg)
IPv6 & Windows
51
• www.microsoft.com/ipv6
• With windows Vista *With MAC (live show)
• Installed by default
• You can deactivate it
![Page 52: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/52.jpg)
IPv6 & Linux
52
• In the latests versions, kernel has complete IPv6 support– If my host has IPv6 activated
• In my loopback address I’ll see:
::1/128 Scope: Host• In the interfaces I’ll see a link-local address
eth0 Link encap:Ethernet HWaddr 00:60:08:3A:9E:B7 inet addr:130.206.1.157 Bcast:130.206.1.255 Mask:255.255.255.128
inet6 addr: fe80::260:8ff:fe3a:9eb7/10 Scope:Link…
– My host will be configured using the prefix that the router announces, having complete IPv6 connectivity
eth0 Link encap:Ethernet HWaddr 00:60:08:3A:9E:B7 inet addr:130.206.1.157 Bcast:130.206.1.255 Mask:255.255.255.128 inet6 addr: 3ffe:3328:5:1:260:8ff:fe3a:9eb7/64 Scope:Global inet6 addr: fe80::260:8ff:fe3a:9eb7/10 Scope:Link
![Page 53: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/53.jpg)
IPv6 & Linux
53
• http://www.bieringer.de/linux/IPv6/• How-to• State of the art• Testing URLs
![Page 54: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/54.jpg)
54
Agenda
• History• Why IPv6• IPv6 addresses• Autoconfiguration
• DNS• Transition mechanisms• Security in IPv6• IPv6 in Windows and Linux• IPv6 now
![Page 55: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/55.jpg)
IPv6 now
55
• Only the lack of addresses promoted the born of IPv6
• When IPv4 addresses are going to be exhausted?• 2012 ¿?
• But:• It seems that we still have the 35% of IPv4
address space available• Internet double its size each year
• NAT allows sharing addresses
![Page 56: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/56.jpg)
IPv6 now
56
• Not equal deployment• Asian countries with expanding economies or
high population density• China/Japan• Quick deployment
• In Europe/USA, no lack of addresses• Very slow deployment
![Page 57: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/57.jpg)
IPv6 now
57
• Academic and research networks• 90% of European and American networks provide native IPv6• Very few traffic, about 5-10%• A good starting point• We have the base for the commercial deployment• The killer application?
![Page 58: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/58.jpg)
IPv6 now
58
• In Spain
• 4% of Telcos provide IPv6 services
• research projects or testbeds
• more or less, ready
•There is no client requirements
•RedIRIS
• We offer IPv6 services since 1997
• 15% of the centers with native IPv6 connection
• 25% of the final users
• Few traffic, about 7% of the total
![Page 59: 1 RedIRIS – Miguel Angel Sotos miguel.sotos@rediris.es IPv6 tutorial](https://reader033.vdocuments.net/reader033/viewer/2022052603/56649c7b5503460f9492f5d5/html5/thumbnails/59.jpg)
Finally
59
• Transition cost
• low CAPEX
• High OPEX
• When IPv4 addresses will be finished?• ¿2020?, ¿2030?
–IPv4 probably will not disappear
–Very large transition period
–IPv6 has to be familiar, we have to start playing with it in our networks