ip v6 sissejuhatus · 2017-03-01 · •192.168.252.200 ipv6 •128 bitti •arvud 16-süsteemis,...

IPv6 harjutusedAadressi kuju, kirjaviis, osad, liigid

Aadressi saamise viisid

IPv6 aadressi kuju

IPv4

• 32 bitti (4 baidi kaupa)

• Kuju – kümnendarvud 4 kaupa punktidega eraldatud

• 192.168.252.200

IPv6

• 128 bitti

• Arvud 16-süsteemis, mis rühmitatakse 4 kaupa ja eraldatakse kooloniga

• Xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx – 16bit x8 =128 bit

• Lühendamise reeglid

Aadressi formaat

• Pannakse kirja kujulxxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx

x – 0 – 9 ja A - F

• Erikujud• Tagasipöördumisaadress (loopback address)

0:0:0:0:0:0:0:1 ehk siis ka ::1

• Määramata aadress (unspecified address)::/128

• IPv4 aadressidele ka kuju0:0:0:0:0:FFFF:192.0.2.1 ehk siis ::FFFF:192.0.2.1

• Dokumentatsioon 2001:db8::/32

3

IPv6 aadressid

4

IPv6 aadresside grupeerimine

• Aadress

2001:0db8:0000:0000:0000:0000:0000:0000

2001:db8:0:0:0:0:0:0

2001:db8::

2001:db8::/32 – dokumentatsioon ja näited

6

Spikker

8

IPv6 aadresside grupeerimine

• Võrk 2001:db8::/32 sisaldab aadresse vahemikus 2001:0db8:0000:0000:0000:0000:0000:0000

2001:0db8:ffff:ffff:ffff:ffff:ffff:ffff

• Võrk 2001:db8:1230::/44 sisaldab aadresse vahemikus 2001:0db8:1230:0000:0000:0000:0000:0000

2001:0db8:123f:ffff:ffff:ffff:ffff:ffff

9

IPv6 aadresside grupeerimine neljaga mittejaguv mask• Võrk 2001:db8::/61 sisaldab aadresse vahemikus:

2001:0db8:0000:0000:0000:0000:0000:0000

2001:0db8:0000:0007:ffff:ffff:ffff:ffff

0 – 0001

7 – 0111

• Võrk 2001:db8:0:8::/61 sisaldab aadresse vahemikus:

2001:0db8:0000:0008:0000:0000:0000:0000

2001:0db8:0000:000f:ffff:ffff:ffff:ffff

10

IPv6 prefiksi lühendamise reeglid

• IPv6 aadressi 60 bitine prefiks 20010DB80000CD3

• Õiged variandid:• 2001:0DB8:0000:CD30:0000:0000:0000:0000/60

• 2001:0DB8::CD30:0:0:0:0/60

• 2001:0DB8:0:CD30::/60

11

IPv6 prefiksi lühendamise reeglid

• Õige variant: 2001:0DB8:0:CD30/60

• Valed variandid:• 2001:0DB8:0:CD3/60

16 bitises aadressi osas ei tohi kõrvale visata lõpus olevaid 0

• 2001:0DB8::CD30/60Aadressi võib lugeda kui2001:0DB8:0000:0000:0000:0000:0000:CD30

• 2001:0DB8::CD3::/60Aadressi võib lugeda kui2001:0DB8:0000:0000:0000:0000:0000:0CD3

12

IPv6 Address Representation

• 16 bit fields in case insensitive colon hexadecimal representation• 2031:0000:130F:0000:0000:09C0:876A:130B

• Leading zeros in a field are optional:• 2031:0:130F:0:0:9C0:876A:130B

• Successive fields of 0 represented as ::, but only once in an address:

13

• The first rule to help reduce the notation of IPv6 addresses is any leading 0s (zeros) in any 16-bit section or hextet can be omitted

• 01AB can be represented as 1AB

• 09F0 can be represented as 9F0

• 0A00 can be represented as A00

• 00AB can be represented as AB

14

• Examples

#1

15

#2

IPv6 Address Representation

• IPv4-compatible (not used any more)• 0:0:0:0:0:0:192.168.30.1

• = ::192.168.30.1

• = ::C0A8:1E01

• In a URL, it is enclosed in brackets (RFC3986)• http://[2001:db8:4f3a::206:ae14]:8080/index.html

• Cumbersome for users

• Mostly for diagnostic purposes

• Use fully qualified domain names (FQDN)

• ⇒ The DNS has to work!!

16

6 commandments of RFC 5952

1. Thou shalt not SHOUT your IPv6 address. • IPv6 must be written in lowercase. 2001:db8::1 not 2001:DB8::1

2. Thou shall destroy leading zeros.• Always truncate leading zeros. 2001:0db8::1 is not acceptable, you must use

2001:db8::1

3. Thou shalt not use the double colon where there is only one 16 bit set of zeros.• If you only have one set of 4 zeros, you can no longer use the double colon, instead

it just gets shortened to one zero. An address such as 2001:db8:0000:4:5:6:7:8 can’t use the double colon and only gets shortened to 2001:db8:0:4:5:6:7:8

17


4. Thou shall use the double colon to it’s greatest potential.• If you have multiple sets of more than 8 zeros, you have to use the set with the

most zeros. So if you have 2001:db8:0000:0000:1:0000:0000:0000 you have to use the double colon on the right set of 0′s – 2001:db8:0:0:1::

5. Wheresoever thou has two places to use the double colon, thou shall use the leftmost.• If there are 2 equal sets of zeros, use the double colon on the one on the left, and

single zeros on the right. 2001:db8:0000:0000:1:0000:0000:1 would become 2001:db8::1:0:0:1

18


6. Thou shall use the square brackets to separate IPv6 address from thy port number.• When writing an IPv6 address with a port number, use square brackets around the

IPv6 address to keep confusion at bay, since ports are appended with a : (the same separator as IPv6 sections): [2001:db8::1]:80 With the square brackets, we know it’s IPv6 address 2001:db8::1 on port 80, not IPv6 address 2001:db8::1:80

19

Aadressi lühendatud kirjaviis ülesanded

ülesanded

• 2001:0db8:0001:acad:0000:fe55:6789:b210

• 0000:0000:0000:0000:0000:0000:0000:0001

• fc00:0022:000a:0002:0000:0cd4:23e4:76fa

• 2033:0db8:0001:0001:0022:a33d:259a:21fe

• fe80:0000:0000:0000:0000:3201:cc01:65b1

• ff00:0000:0000:0000:0000:0000:0000:0000

• ff00:0000:0000:0000:0db7:4322:a231:067c

• FF02:0000:0000:0000:0000:FF00:0000:0000

• 2001:0db8:0000:0000:1000:0000:0000:0001

• 2001:0db8:acad:0001:0000:0000:0000:0010

Aadressi lühendatud kirjaviis ülesanded

ülesanded

• 2001:0db8:0001:acad:0000:fe55:6789:b210

• 0000:0000:0000:0000:0000:0000:0000:0001

• fc00:0022:000a:0002:0000:0cd4:23e4:76fa

• 2033:0db8:0001:0001:0022:a33d:259a:21fe

• fe80:0000:0000:0000:0000:3201:cc01:65b1

• ff00:0000:0000:0000:0000:0000:0000:0000

• ff00:0000:0000:0000:0db7:4322:a231:067c

• FF02:0000:0000:0000:0000:FF00:0000:0000

• 2001:0db8:0000:0000:1000:0000:0000:0001

• 2001:0db8:acad:0001:0000:0000:0000:0010

vastused

• 2001:db8:1:acad:0:fe55:6789:b210

• ::1

• fc00:22:a:2:0:cd4:23e4:76fa

• 2033:db8:1:1:22:a33d:259a:21fe

• fe80::3201:cc01:65b1

• ff00::

• ff00::db7:4322:a231:067c

• FF02:0:0:0:0:FF00:: või FF02::FF00:0:0

• 2001:db8::1000:0:0:1

• 2001:db8:acad:1::10

Aadressi osad

• Võrgu aadress, alamvõrk ja võrguliidese aadressGlobal Routing Prefix, Subnet ID, Interface ID

• Global Routing Prefix (48 bit), Subnet ID (16 bit), Interface ID (64 bit)

• Kui väiksemaid võrke vaja - võtta bitte juurde võrguliidese osast, näiteks• Global Routing Prefix (48 bit), Subnet ID (20 bit), Interface ID (60 bit)

• (Võetakse võrguliidese ID tähistuselt ära nibble ehk 4 bitti ehk 1 hex number)

• Üleskirjutusviis – aadress / võrgu bittide arv.

Adresseerimise paradigma muutus

• Igal liidesel mitu aadressi – vaikimisi eeldus

• Aadressid• Link local

• Unique local

• Global

• Aadressidel eluiga• Valid and preferred lifetime

• Lifetimes are infinite, unless configured to a shorter period

23

IPv6 aadressi kategooriad:

• Üksikedastus (unicast). Üksikedastusaadress näitab ühele kindale liidesele võrgus. Pakett edastatakse täpselt sellele määratud aadressile.

• Multiedastus (multicast). Multiedastusaadress näitab liideste grupile võrgus. Pakett edastatakse kõigile selles grupis.

• Suvaedastus (anycast). Suvaedastusaadress näitab mitmele liidesele. Pakett edastatakse ainult ühele neist, tavaliselt lähimale (arvutused teeb marsruuter, kasutades marsruutimisprotokolli).

• IPv6 korral ei ole leviedastust (broadcast)

24

Formaadi prefiks

• 000 – spetsiaalkasutuse jaoks

• 001 – globaalselt unikaalsete üksikedastusaadresside jaoks

• 111 – multiedastusaadresside ja kohaliku võrguasukoha (local-site) jaoks

25

IPv6 Prefix Length

• IPv6 does not use the dotted-decimal subnet mask notation

• Prefix length indicates the network portion of an IPv6 address using the following format: • IPv6 address/prefix length

• Prefix length can range from 0 to 128

• Typical prefix length is /64

26

Loopback & Unspecified

• Loopback address representation• 0:0:0:0:0:0:0:1=> ::1

• Same as 127.0.0.1 in IPv4

• Identifies self

• Unspecified address representation• 0:0:0:0:0:0:0:0=> ::

• Cannot be assigned to an interface and is only used as a source address

• An unspecified address is used as a source address when the device does not yet have a permanent IPv6 address or when the source of the packet is irrelevant to the destination

• Examples: Initial DHCP request, Duplicate Address Detection (DAD)

27

IPv6 Address Types

• Unicast• Uniquely identifies an interface on an IPv6-enabled device

• A packet sent to a unicast address is received by the interface that is assigned that address.

28

IPv6 Unicast Addresses

29


• Loopback• Used by a host to send a packet to itself and cannot be assigned to a physical

interface

• Ping an IPv6 loopback address to test the configuration of TCP/IP on the local host

• All-0s except for the last bit, represented as ::1/128 or just ::1

• Unspecified address • All-0’s address represented as ::/128 or just ::

• Cannot be assigned to an interface and is only used as a source address

• An unspecified address is used as a source address when the device does not yet have a permanent IPv6 address or when the source of the packet is irrelevant to the destination

30

Global Unicast

• Global Unicast Addresses Are:• Addresses for generic use of IPv6

• Structured as a hierarchy to keep the aggregation

• ISPs /32, to clients /48 - smallest routable

31

Unique-Local

• Unique-Local Addresses Used for: • Local communications & inter-site VPNs

• Local devices such as printers, telephones, etc

• Site Network Management systems connectivity

• Not routable on the Internet

• In the range of FC00::/7 to FDFF::/7

• Private to organization, yet statistically unique• Low probability of address clash, if to sites with ULA merge

32


• Unique local• Similar to private addresses for IPv4

• Used for local addressing within a site or between a limited number of sites

• In the range of FC00::/7 to FDFF::/7

• IPv4 embedded • Used to help transition from IPv4 to IPv6

33

Link-Local

• Link-Local Addresses Used for: • Mandatory Address for Communication between two IPv6 devices (like ARP but at

Layer 3)

• Automatically assigned by Router as soon as IPv6 is enabled – Mandatory Address

• Also used for Next-Hop calculation in Routing Protocols

• Only Link Specific scope

• Remaining 54 bits could be Zero or any manual configured value

34

Link-Local

35

IPv6 Link-Local Unicast Addresses

• Every IPv6-enabled network interface is REQUIRED to have a link-local address

• Enables a device to communicate with other IPv6-enabled devices on the same link and only on that link (subnet)

• FE80::/10 range, first 10 bits are 1111 1110 10xx xxxx

• 1111 1110 1000 0000 (FE80) - 1111 1110 1011 1111 (FEBF)

37

IPv6 Link-Local Unicast Addresses

38

Packets with a source or destination link-local address cannot be routed beyond the link from where the packet originated

Structure of an IPv6 Global Unicast Address

• IPv6 global unicast addresses are globally unique and routable on the IPv6 Internet

• Equivalent to public IPv4 addresses

• ICANN allocates IPv6 address blocks to the five RIRs

39


40

Currently, only global unicast addresses with the first three bits of 001 or 2000::/3 are being assigned


• A global unicast address has three parts:

• Global Routing Prefix- prefix or network portion of the address assigned by the provider, such as an ISP, to a customer or site, currently, RIR’s assign a /48 global routing prefix to customers

• 2001:0DB8:ACAD::/48 has a prefix that indicates that the first 48 bits (2001:0DB8:ACAD) is the prefix or network portion

41


• Subnet ID• Used by an organization to identify subnets within its site

• Interface ID• Equivalent to the host portion of an IPv4 address

• Used because a single host may have multiple interfaces, each having one or more IPv6 addresses

42

Aadressi osad - ülesanded

• 2001:0DB8:0:CD30:123:4567:89AB:CDEF

• 2001:db8::/32

Aadress ja mask (prefiks) ülesanded

Leida võrguosa ja arvutiosa

• 2001:db8:1:acad:0:fe55:6789:b210/48

• 2001:db8:1:acad:0:fe55:6789:b210/64

• 2001:db8:1:acad:0:fe55:6789:b210/68

• 2033:db8:1:1:22:a33d:259a:21fe/68

Aadress ja mask (prefiks) ülesanded

Leida võrguosa ja arvutiosa

• 2001:db8:1:acad:0:fe55:6789:b210/48

• 2001:db8:1:acad:0:fe55:6789:b210/64

• 2001:db8:1:acad:0:fe55:6789:b210/68

• 2033:db8:1:1:22:a33d:259a:21fe/68

Vastused Võrguosa arvutiosa• 2001:db8:1:acad:0:fe55:6789:b210/48

• Võrk (global routing prefix) - 2001:db8:1• Võrguliidese ID - 0:fe55:6789:b210

• 2001:db8:1:acad:0:fe55:6789:b210/64• Võrk (global routing prefix) - 2001:db8:1• Subnet ID - acad• Võrguliidese ID - 0:fe55:6789:b210

• 2001:db8:1:acad:0:fe55:6789:b210/68• Võrk (global routing prefix) - 2001:db8:1• Subnet ID – acad:0• Võrguliidese ID - 000:fe55:6789:b210 (pikalt kirjutatuna)

• 2033:db8:1:1:22:a33d:259a:21fe/68• Võrk (global routing prefix) - 2033:db8:1• Subnet ID – 0001:0 (pikalt kirjutatuna)• Võrguliidese ID - 022:a33d:259a:21fe (pikalt kirjutatuna)

Aadressi tüübid (liigitus)

• Unspecified 00...0 (128 bits) ::/128

• Loopback 00...1 (128 bits) ::1/128

• Multicast 11111111 FF00::/8

• Link-Local unicast 1111111010 FE80::/10

• FE80::/10 range, first 10 bits are 1111 1110 10xx xxxx

• 1111 1110 1000 0000 (FE80) - 1111 1110 1011 1111 (FEBF)

• Global Unicast (2000::/3)

• Anycast addresses are taken from the unicast address spaces (of any scope) and are not syntactically distinguishable from unicast addresses.

Ise luua IPv6 aadress

• IPv4 aadressist koostada uus IPv6 aadress

• MAC aadressist koostada uus IPv6 aadress (slaid 16) lokaalne ja globaalne• Keskele panna ff:fe

EUI-64 aadressi moodustamine - 1

• Pane MAC aadressi keskele FF:FE

Miks FF:FE? – IEEE juhend. Tootjad ei tohi seda aadressi kasutada.

Allikas: http://standards.ieee.org/regauth/oui/tutorials/EUI64.html

48

EUI-64 aadressi moodustamine - 2

• Muuda MAC aadressi lokaalselt hallatavaks

49

EUI-64 või juhuslik

• EUI-64 lihtsalt jälgitav – jälgitav mis võrkudes kasutaja on

• Juhusliku kasutamine sõltub OS• Windows Vista ja uuemad – juhuslik• Windows XP ja vanema - EUI-64• Linux sõltub distrost ja tavaliselt tuleb sisse lülitada

Privacy extension• Rohkem infot

http://superuser.com/questions/243669/how-to-avoid-exposing-my-mac-address-when-using-ipv6

• Põhimõtteliselt iga päring oma aadressiga

• Haldus ja monitooring keerulisem

50

Dynamic Link-local Addresses

51

Link-local Address After a global unicast address is assigned to an interface, IPv6-enabled device

automatically generates its link-local address Must have a link-local address which enables a device to communicate with other

IPv6-enabled devices on the same subnet Uses the link-local address of the local router for its default gateway IPv6 address Routers exchange dynamic routing protocol messages using link-local addresses Routers’ routing tables use the link-local address to identify the next-hop router

when forwarding IPv6 packets

Dynamic Link-local Addresses

52

Dynamically Assigned Link-local address is dynamically created using the FE80::/10 prefix and the

Interface ID

Ise luua IPv6 aadress - ülesanded

• Oma arvuti/nutitelefoni IPv4 aadressist

• Oma arvuti/nutitelefoni MAC aadressist

Aadressi saamine

• SLAAC (Stateless Address Autoconfiguraton)

• DHCPv6

• Mõlemad (alguses SLAAC, siis edasi DHCPv6)

Dynamic Configuration of a Global Unicast Address using SLACC

55

Stateless Address Autoconfiguraton (SLAAC)• A method that allows a device to obtain its prefix, prefix length and default

gateway from an IPv6 router• No DHCPv6 server needed• Rely on ICMPv6 Router Advertisement (RA) messages

IPv6 routers• Forwards IPv6 packets between networks• Can be configured with static routes or a dynamic IPv6 routing protocol• Sends ICMPv6 RA messages

Dynamic Configuration of a Global Unicast Address using SLAAC

56

Command IPv6 unicast routing enables IPv6 routing

RA message can contain one of the following three options• SLAAC Only – use the information contained in the RA message• SLAAC and DHCPv6 – use the information contained in the RA message and get other

information from the DHCPv6 server, stateless DHCPv6 (example: DNS)• DHCPv6 only – device should not use the information in the RA, stateful DHCPv6

Routers send ICMPv6 RA messages using the link-local address as the source IPv6 address

Dynamic Configuration of a Global Unicast Address using SLACC

57

Dynamic Configuration of a Global Unicast Address using DHCPv6

58

Dynamic Host Configuration Protocol for IPv6 (DHCPv6) Similar to IPv4 Automatically receive addressing information including a global unicast address,

prefix length, default gateway address and the addresses of DNS servers using the services of a DHCPv6 server

Device may receive all or some of its IPv6 addressing information from a DHCPv6 server depending upon whether option 2 (SLAAC and DHCPv6) or option 3 (DHCPv6 only) is specified in the ICMPv6 RA message

Host may choose to ignore whatever is in the router’s RA message and obtain its IPv6 address and other information directly from a DHCPv6 server.

Dynamic Configuration of a Global Unicast Address using DHCPv6

59

ip v6 sissejuhatus · 2017-03-01 · •192.168.252.200 ipv6 •128 bitti •arvud 16-süsteemis,...

Documents