IPv6 IPv6 -- Benefits and Benefits and Deployment IssuesDeployment Issues

Dr. Chris Edwards Dr. Chris Edwards Lancaster University, UKLancaster University, UK

ce@comp.lancs.ac.ukce@comp.lancs.ac.uk

Agenda for TodayAgenda for Today

Introduction to IPv6Introduction to IPv6–– Benefits of IPv6Benefits of IPv6

Deployment IssuesDeployment Issues–– TransitioningTransitioning–– A full service?A full service?

Networking TodayNetworking Today

Severe shortage of IP addressesSevere shortage of IP addresses–– Limits growth for existing usersLimits growth for existing users–– Hinders use for new usersHinders use for new users

Routing table explosionRouting table explosionManagement nightmareManagement nightmareNo support for new applicationsNo support for new applications–– Mobility, QoS, etc…Mobility, QoS, etc…

Drive for Drive for commercialisationcommercialisation killed network exp.killed network exp.

What is IPv6What is IPv6

IETF standard for the next generation IETF standard for the next generation IPIP–– AKA AKA IPngIPng

Design goalsDesign goals–– Address the failings of IPv4Address the failings of IPv4–– Namely:Namely:

ScalabilityScalabilityEfficiencyEfficiencyExtensibilityExtensibility

IP and Scalability…IP and Scalability…

IPv4 lacks scalability due to addressingIPv4 lacks scalability due to addressing–– 32 bits address space (4.4 32 bits address space (4.4 BnBn addresses)addresses)–– Most addresses allocated to USMost addresses allocated to US

More addresses, please!More addresses, please!–– Individually address all mobile handsetsIndividually address all mobile handsets–– Growth of “always on”, globally addressable devicesGrowth of “always on”, globally addressable devices–– PeerPeer--toto--peer computing, e.g. ICQ, video/peer computing, e.g. ICQ, video/VoIPVoIP–– Home networking appliances, pervasive computing Home networking appliances, pervasive computing

devicesdevices

Users on the Internet Users on the Internet ––September 2002September 2002

CAN/US

Europe

Asia/Pac

Latin Am

Africa

Mid East

CAN/US CAN/US 182.67M182.67MEurope Europe 190.92M190.92MAsia/Pac Asia/Pac 187.24M187.24MLatin Am Latin Am 33.35M33.35MAfrica Africa 6.31M6.31MMidMid--east east 5.12M5.12M

------------------------------------------------------Total Total 605.6 M605.6 M

Thanks to Vint Cerf, WorldCom, and www.nua.com

Internet User TrendsInternet User Trends

0

500

1000

1500

2000

2500

1995

1997

1999

2001

2003

2005

2007

2009

Year

Use

rs (M

illion

s)

Source: Nua Internet Surveys + Vint Cerf predictions

More Predictions…More Predictions…

0

200

400

600

800

1000

1200

1400

1600

1989_

1991_

1993_

1995_

1997_

1999_

2001_

2003_

2005_

hosts mobiles

605 Million users

Source: Source: CerfCerf, based on , based on www.nw.comwww.nw.com, Jun 2000 + Ericsson, Jun 2000 + Ericsson

IPv6 IPv6 –– Size Matters…Size Matters…

Extended address spaceExtended address space–– 128 bits long128 bits long–– UnicastUnicast, Multicast or Anycast formats, Multicast or Anycast formats–– Written in hex notation as 16Written in hex notation as 16--bit integersbit integers

E.g. 2001:630:80:0:0:0:0:1E.g. 2001:630:80:0:0:0:0:1

–– 3.4 x 103.4 x 103838 AddressesAddresses–– 6.7 x 106.7 x 102323 Addresses / mAddresses / m22 on the earthon the earth

IPv6 Addressing ModelIPv6 Addressing Model

Addresses are assigned to interfacesAddresses are assigned to interfacesInterfaces can have multiple addressesInterfaces can have multiple addressesAddresses have scope: Addresses have scope: link locallink local, , site localsite local, , globalglobal

Addresses are formed through the Addresses are formed through the combination of:combination of:–– Routing Prefix Routing Prefix –– where you are connected towhere you are connected to–– Interface ID Interface ID –– who you arewho you are

Aggregatable AddressesAggregatable Addresses

2001:0630:0080:7030:0000:0000:0000:0001/64

Format prefix3 bits (001)

Reserved8 bits

Prefix length

13 24 16 64

TLA NLA SLA Interface ID

TLA Top Level Aggregation identifierNLA Next Level Aggregation identifierSLA Site Level Aggregation identifier

IPv6 terminology can drop a single string of all 0s…2001:630:80:7030::1/642001:630:80:7030::/64

loopback ::1 unspecified ::0 IPv4 Compatible ::148.88.8.6

IPv6 General ConceptsIPv6 General Concepts

Improved routing techniquesImproved routing techniques–– Aggregated routing entries designed to Aggregated routing entries designed to

reduce routing table sizesreduce routing table sizes

Multicast supported as native Multicast supported as native communication modecommunication modeAuthentication and privacy capabilitiesAuthentication and privacy capabilities–– Authentication headerAuthentication header–– Transport + Tunnel ModeTransport + Tunnel Mode

Efficient Header Efficient Header ConstructionConstruction

IPv4 contains many redundant features…IPv4 contains many redundant features…–– Variable length IP header optionsVariable length IP header options–– IP header checksumIP header checksum

…some inefficient ones……some inefficient ones…–– Packet fragmentationPacket fragmentation

… and some omitted… and some omitted–– Packet classificationPacket classification

All of which impact network performanceAll of which impact network performance

IP: Head to HeadIP: Head to Head

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+|Version| IHL |Type of Service| Total Length |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| Identification |Flags| Fragment Offset |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| Time to Live | Protocol | Header Checksum |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| Source Address |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| Destination Address |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| Options | Padding |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

IP: Head to HeadIP: Head to Head+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+|Version| Traffic Class | Flow Label |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| Payload Length | Next Header | Hop Limit |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| |+ +| |+ Source Address +| |+ +| |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| |+ +| |+ Destination Address +| |+ +| |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

What’s missing?What’s missing?

The IPv6 protocol header is The IPv6 protocol header is streamlined for the commonstreamlined for the common--case…case…–– Fixed format header (no options) Fixed format header (no options) –– No No checksumchecksum -- left to transport and left to transport and

data link layers, no need to data link layers, no need to check/recalculate each hopcheck/recalculate each hop

–– No fragmentation (except at source)No fragmentation (except at source)Agree path Agree path MTUMTU at the source using at the source using Path Path MTU discoveryMTU discovery

What’s newWhat’s newRevised fieldsRevised fields–– Payload lengthPayload length vs. vs. Total lengthTotal length–– Next HeaderNext Header vs. vs. Protocol typeProtocol type–– Hop LimitHop Limit vs. vs. TTLTTL

New fieldsNew fields–– Traffic ClassTraffic Class: :

To support differentiated services (e.g. To support differentiated services (e.g. prioritised best effort queuing)prioritised best effort queuing)

–– Flow LabelFlow Label: : Along with source address, allows identification Along with source address, allows identification of packets which are part of a ‘flow’of packets which are part of a ‘flow’

Extensible headersExtensible headers

Custom headers for specialist Custom headers for specialist functionality…functionality…–– Fragmentation HeadersFragmentation Headers–– Routing HeadersRouting Headers–– Destination OptionsDestination Options–– Hop by Hop HeadersHop by Hop Headers–– Authentication and ESPAuthentication and ESP

IPv6 Extension HeadersIPv6 Extension Headers

In IPv6, Options are daisyIn IPv6, Options are daisy--chained in chained in extension headers…extension headers…

IPv6 HeaderNext header = TCP TCP Header + Data

IPv6 HeaderNext header =

Routing

Routing HdrNext header =

TCPTCP Header + Data

Fragment of TCPHeader + Data

IPv6 HeaderNext header =

Routing

Routing HdrNext header =

Fragment

Fragment HdrNext header =

TCP

AutoconfigurationAutoconfiguration

Plug ‘n’ Play Networking…Plug ‘n’ Play Networking…–– IPv6 host requires three pieces of infoIPv6 host requires three pieces of info

IPv6 AddressIPv6 AddressIPv6 NetworkIPv6 NetworkIPv6 GatewayIPv6 Gateway

–– Router Solicitation and Advertisement…Router Solicitation and Advertisement…

Router Solicitation

AutoconfigurationAutoconfiguration

Plug ‘n’ Play Networking…Plug ‘n’ Play Networking…–– IPv6 host requires three pieces of infoIPv6 host requires three pieces of info

IPv6 AddressIPv6 AddressIPv6 NetworkIPv6 NetworkIPv6 GatewayIPv6 Gateway

–– Router Solicitation and Advertisement…Router Solicitation and Advertisement…

Router Advertisement2001:630:80:7000::/64

AutoconfigurationAutoconfiguration

Host builds IPv6 address from prefixHost builds IPv6 address from prefix–– Using EUIUsing EUI--64 identifier of interface64 identifier of interface–– Or padded MAC address…Or padded MAC address…–– In two frame message exchangeIn two frame message exchange

Router Advertisement2001:630:80:7000::/64

Deployment Issues:Deployment Issues:Transitioning to IPv6…Transitioning to IPv6…

Contrary to popular belief, IPv6 is Contrary to popular belief, IPv6 is notnot backward compatible…backward compatible…

Compatibility IssuesCompatibility Issues

Introduce IPv6 connectivity into the IPv4 worldIntroduce IPv6 connectivity into the IPv4 worldIPv6 hosts must be able to communicate with IPv6 hosts must be able to communicate with each other across IPv4 netseach other across IPv4 netsAs native IPv6 networks become commonplaceAs native IPv6 networks become commonplace–– IPv4 hosts will need to communicate with each other across IPv6 IPv4 hosts will need to communicate with each other across IPv6

networksnetworks–– IPv6 hosts will need to communicate with IPv4 hostsIPv6 hosts will need to communicate with IPv4 hosts

What about dual stacks?What about dual stacks?

Plugging it Together…Plugging it Together…

Three broad categoriesThree broad categories–– TunnellingTunnelling (6to4, 6over4, Tunnel brokers, (6to4, 6over4, Tunnel brokers,

TeredoTeredo, ISATAP), ISATAP)Allowing hosts that support IPv6 to talk IPv6 Allowing hosts that support IPv6 to talk IPv6 to other IPv6 hoststo other IPv6 hosts

–– TranslationTranslation (SIIT, NAT(SIIT, NAT--PT, SOCKS, BIS)PT, SOCKS, BIS)Translation between the twoTranslation between the two

–– Dual StackDual Stack (DSTM)(DSTM)

Dual IP StacksDual IP StacksSimplest method: Both stacks in parallel Simplest method: Both stacks in parallel in hosts and routersin hosts and routersUpgrade routers, and host OSUpgrade routers, and host OS–– Host upgrade can be gradualHost upgrade can be gradual

Application support:Application support:–– Existing applications continue to runExisting applications continue to run–– IPv6 applications (experimental or not…) can IPv6 applications (experimental or not…) can

be introducedbe introduced–– Interoperation of v4 and v6 is another issueInteroperation of v4 and v6 is another issue

Applications to be modified to handle both?Applications to be modified to handle both?

Dual IP Stacks (2)Dual IP Stacks (2)

IssuesIssues–– Solution does not scale:Solution does not scale:

New IPv6 hosts that need IPv4 compatibility New IPv6 hosts that need IPv4 compatibility will quickly eat up IPv4 address spacewill quickly eat up IPv4 address spaceTwo IP routing tables will place a burden on Two IP routing tables will place a burden on routersrouters

–– Entire path dual stack?Entire path dual stack?–– No real stimulus for moving to IPv6No real stimulus for moving to IPv6

Dual Stack Transition Dual Stack Transition Mechanism (DSTM)Mechanism (DSTM)Addresses problem of new dual stack hosts Addresses problem of new dual stack hosts exhausting sparse IPv4 address spaceexhausting sparse IPv4 address spaceAllows IPv6 hosts to temporarily acquire an Allows IPv6 hosts to temporarily acquire an IPv4 global addressIPv4 global address–– Uses a DHCPv6 server within each domainUses a DHCPv6 server within each domain–– Assigns IPv4 address on temporary basisAssigns IPv4 address on temporary basis

In instances where IPv6 hosts remain online, In instances where IPv6 hosts remain online, temporary assignment becomes permanent… temporary assignment becomes permanent… i.e. does not eradicate the problem altogetheri.e. does not eradicate the problem altogether

TunnellingTunnelling

Common mechanism, where one protocol is Common mechanism, where one protocol is encapsulated in anotherencapsulated in anotherIPv6 over IPv4 tunnellingIPv6 over IPv4 tunnelling–– Used to transport IPv6 packets over networks Used to transport IPv6 packets over networks

that can only understand IPv4that can only understand IPv4–– Normally the most common transition Normally the most common transition

mechanism adopted in early stagesmechanism adopted in early stages–– 6BONE is an example of a virtual overlay 6BONE is an example of a virtual overlay

network of interconnected IPv6 over IPv4 network of interconnected IPv6 over IPv4 tunnelstunnels

–– Can work in a variety of ways: Can work in a variety of ways: host to routerhost to router, , router to routerrouter to router, , router to hostrouter to host, , host to hosthost to host

Tunnelling (2)Tunnelling (2)

IPv6 over IPv4 tunnels are classified as either IPv6 over IPv4 tunnels are classified as either configuredconfigured or or automaticautomatic, depending on the way , depending on the way the IPv4 address of the endpoint is determinedthe IPv4 address of the endpoint is determinedApproachesApproaches–– 6to46to4 –– popular, automatic, router to routerpopular, automatic, router to router–– 6over46over4 –– single site, relies on IPv4 multicastsingle site, relies on IPv4 multicast–– TeredoTeredo –– connectivity to v4 hosts behind NATconnectivity to v4 hosts behind NAT–– ISATAPISATAP –– site based, where v6 host and gateway is site based, where v6 host and gateway is

separatedseparated–– Tunnel brokersTunnel brokers –– (web(web--based) mechanism for based) mechanism for

obtaining a tunnelobtaining a tunnel

Translation ToolsTranslation Tools

Translation necessary for IPv6Translation necessary for IPv6--only and only and IPv4IPv4--only hosts to communicate, should be only hosts to communicate, should be done near network edgedone near network edgeTranslates packets from one protocol to Translates packets from one protocol to another, taking form of header processinganother, taking form of header processingCan take place at a number of layersCan take place at a number of layers–– IP layerIP layer–– Transport layerTransport layer–– Application layerApplication layer

Translation Tools (2)Translation Tools (2)

Series of tools availableSeries of tools available–– SIITSIIT –– translates between IPv4 and IPv6 headers translates between IPv4 and IPv6 headers

using a translation algorithm located in the networkusing a translation algorithm located in the network–– NATNAT--PTPT–– maintains a pool of unique v4 add. that maintains a pool of unique v4 add. that

it dynamically allocates to v6 nodesit dynamically allocates to v6 nodes–– BISBIS –– takes NATtakes NAT--PT with SIIT functionality and PT with SIIT functionality and

moves it to the OS protocol stack within each hostmoves it to the OS protocol stack within each host–– SOCKSSOCKS –– application layer IPv6/IPv4 gateway application layer IPv6/IPv4 gateway

based on SOCKS, translating between two based on SOCKS, translating between two terminated v4 and v6 connectionsterminated v4 and v6 connections

The IPv6 Operations The IPv6 Operations IETF Working GroupIETF Working Group (v6ops) (v6ops)

NgtransNgtrans group closed, replaced by v6opsgroup closed, replaced by v6ops–– More “operationally oriented” More “operationally oriented” wgwg–– Operating the “combined net” + avoiding a divisionOperating the “combined net” + avoiding a division–– Develop guidelines:Develop guidelines:

Operation of shared v4/v6 InternetOperation of shared v4/v6 InternetHow to deploy v6 into both v4How to deploy v6 into both v4--only and new installationsonly and new installations

Why?Why?–– V6 is deploying todayV6 is deploying today–– V6 has been hiding in a corner of the IETFV6 has been hiding in a corner of the IETF

Timescales: Oct 2002 Timescales: Oct 2002 –– Aug 2003Aug 2003

Deployment Issues:Deployment Issues:

A full service?A full service?

The bigger questionsThe bigger questions

How long will deployment take?How long will deployment take?–– 2 addressing modes co2 addressing modes co--existingexisting–– 5/ 10 / 15 years?5/ 10 / 15 years?

What support do we have now?What support do we have now?–– HostsHosts–– RoutersRouters–– ApplicationsApplications–– ISPsISPs–– (see Tim and Duncan presentation later)(see Tim and Duncan presentation later)

A Full IPv6 Service? A Full IPv6 Service?

Production service needs commercial Production service needs commercial codecode–– Stability, reliability issues Stability, reliability issues –– On backboneOn backbone

Possible nowPossible nowHardwareHardware--enabled?enabled?

–– ApplicationsApplicationsPerhaps some way off yetPerhaps some way off yet

A Full IPv6 Service? (2)A Full IPv6 Service? (2)

Do we have a significant driver?Do we have a significant driver?–– Less demand where IPv4 address space seen as Less demand where IPv4 address space seen as

being sufficientbeing sufficient–– Users will not demand "IPv6" but demand IPv6Users will not demand "IPv6" but demand IPv6--

based applicationsbased applications–– IPv4 address exhaustion?IPv4 address exhaustion?–– Major network infrastructure deployment (e.g., 3G)Major network infrastructure deployment (e.g., 3G)

Significant research activities in UK and EuropeSignificant research activities in UK and Europe–– Universities, Universities, NRENsNRENs, Consortiums, Consortiums

UK IPv6 Task ForceUK IPv6 Task Force

Thank you…Thank you…

Questions?Questions?