Withstand Atomic Bomb Attacks?

2
Overview
• The road to the Internet
ー Internet Protocol Version 6 ー
• Internet Protocol (IPv4)
• Issues for IPv4
Japan Network Information Center • For the next protocol (IPv6)
Takaharu Ui • IPv6 today
ui@nic.ad.jp
• IPv6 tomorrow
Internet Week 2000 [2000/12/18] ©Copyright 2000 Japan Network Information Center
3 4
ARPA Project Withstand Atomic Bomb Attacks?

• Development begins with a request from the US
Department of Defense for new network terminal terminal
technology that can withstand atomic bomb
attacks
– Fault-
Fault-tolerant, distributed network
– Simple yet reliable transfer protocol terminal terminal
• Ethernet is developed in the 1970s Host Computer
Function A
• The origin of the Internet more than thirty years
Function B
ago terminal Function C terminal
Internet Week 2000 [2000/12/18] ©Copyright 2000 Japan Network Information Center Internet Week 2000 [2000/12/18] ©Copyright 2000 Japan Network Information Center
5 6
Withstand Atomic Bomb Attacks? From an internet to the Internet

• Started with mutual connection among
Independent Independent research and academic institutions in the US
system system
Function C • Spread to business and other organizations
• Became a global network, spanning national
Independent Independent Independent
system borders
system system
Function B Function A • Uses transformed from military to academic
research to commercial applications
Independent Independent
system system
1
7 8
The Road to Standardization RFC

• Internet technology development is made • RFC821: [SMTP] e-
e- mail handling
public and standardized with RFCs • RFC959: [FTP] file transfer protocol
(Request for Comments) • RFC166: [PPP] connecting to an ISP via the
• Technology that everyone selects to use telephone
becomes a standardized spec format • RFC1939: [POP3] using an e-
e- mail mailbox
• The Internet is always a place for • RFC2068: [HTTP] methods to access the Web
experiments • RFC2564: a user security handbook
9 10
The Heart of the Carrier Pigeon

Bonus: Joke RFCs
Protocol
• RFC1149: • Data is rolled and attached to one of the avian
– A Standard for the Transmission of IP Datagrams on carrier’’ s legs
carrier
Avian Carriers • Avian carriers can offer services with a high rate of
– An expansion of RFC2549 to implement QoS delay, low throughput and in low altitude
• RFC2324: HTCPCP
• As opposed to a single dimension network cable,
– The Hyper Text Coffee Pot Control Protocol avian carriers cab use three-
three- dimensional space
• April Fool’
Fool’ s Examples
• Avian carriers can be used without intervention
– Content is very serious (after a fashion) except in early spring
• Avian carriers have a natural collision avoidance
function
11 12
Overview What ’s a Protocol?

• The road to the Internet • Procedures and methodologies for
• Internet Protocol (IPv4) communication
– Letters: write a name, address and zip code,
• Issues for IPv4 affix a stamp and drop in a mailbox
• For the next protocol (IPv6) – Telephone: dial the number, say hello, and
introduce yourself before speaking
• IPv6 today – Interviews: make an appointment, decide on a
• IPv6 tomorrow time and place and arrive 5 minutes before
2
13 14
Protocols for a Network The Secrets of Sending E-

E- mail
• Procedures for getting data through a Application
Application
EE-mail
- mail application EE-mail
- mail application
network to someone else application message
message application
– How does e-e- mail get to the addressee’

addressee’ s mailbox? TCP
TCP
TCP
TCP segment TCP
TCP
– How do your browser and the server interact segment
when you want to view web sites?

IP
IP
– Is data really just flowing through network IP
IP datagram
datagram IP
IP
cables?
Ethernet
Ethernet
Ethernet
Ethernet イーサネット
イーサネット
frame
frame Ethernet
Ethernet
15 16
Why Layered Protocols? Why Layered Protocols?
電子メール
電子メール電子メール
電子メール
WWWサーバ
WWW
Real
WWWサーバ
Real サーバ
Server
Server ブラウザ
WWWブラウザ
WWW
Real Player
WWWブラウザ
Real Player Web
Web Server
Server Web
Web Browser
Browser
アプリケーション
アプリケーションアプリケーション
You don’
don’t need to know this!
TCP
UDP
TCP
UDP TCP
UDP
TCP
UDP TCP
TCP TCP
TCP
IP
IP IP
IP IP
IP IP
IP
Ethernet
Ethernet You don’
don’t need
ATMto know this!
イーサネット
ATM
イーサネット
17 18
Internet Protocols Internet Protocol (IP)

• Divides application data to fit within network
EE-mail
- mail WWW
WWW frames
Application
Applicationlayer
layer SMTP HTTP telnet
telnet ftp
ftp
SMTP HTTP
• Adds header data to identify the addressee, etc.
Transport
Transportlayer
layer TCP
TCP UDP
UDP • Combines the divided data and the header data
IP into an IP datagram
Internet
Internetlayer
layer IP == Internet
IP Protocol
IP
Internet Protocol
Network • Transfers the IP datagram from the first host to the
Network Ethernet ATM FDDI
Interface
Interfacelayer
layer Ethernet ATM FDDI last host
3
19 20
The IP Datagram and the Header How do you specify the Destination?
Data
Data from
from the
the application
application
IP TCP/UDP
TCP/UDP
datagram IP
IPheader
header header Divided
header
Divided application
application data
data
The Internet
IP header Datagram’
Datagram’s sender,
Datagram’s sender, addressee,
addressee, length,
length, etc…
etc…
etc…
21 22
IP Address IPv4 Address

• Telephone numbers specify who you’
you’re • A number to designate the host on the
calling Internet
• Addresses specify a letter’
letter’s destination • A value comprising 32 bits of 1s and 0s
• IP networks need a way to identify targets 11001010 00001100 00011110 00100110

too!
• Every host needs an IP address to
IP Network Address → IP Address communicate via IP
23 24
Expression of IPv4 Addresses The Route to Your Destination?

• Decimal representation of four eight-
eight- bit clusters,
separated by periods
• Each one is eight bits, so it can range from 0 to Network
Network D
D Network
Network C
C
255
The Internet
The Internet is composed of many groups of Networks
11001010 00001100 00011110 00100110
Network
Network B
B
Network
Network A
A
202 . 12 . 30 . 38
4
25 26
Identifying Networks The Significance of an IP Address

32 bits
• Yet the destination is identified via the IP address,
the IP datagram cannot be reached to addressee
Network
Networkpart
part Host
Hostpart
part
• Because the Internet is a collection of networks,
you have to know which network the addressee is Network address
on
• That would be great if the IP address can identify Host address
the target network AND the target host! • An IP address is divided into a network-
network-
identifying segment and a host-
host-identifying
segment
27 28
How Big should the Network

Several Patterns: Class A
Part be?
32 bits 32 bits
Network Class
Networkpart
part Host
Hostpart
part 0 Network part Host
Hostpart
Identifier 0 Network part part
Bit
• The size of the network part determines the 7 bits 24 bits
number of networks and hosts you can use • Class A Address (for large-
large-scale networks)
– With 8 bits you get 256 networks and 16 million hosts
– One network can support up to 16,000,000
– With 16 bits you get 65,000 networks, 65,000 hosts
hosts
• Leaving it unfixed would allow you to support a – 128 networks can be used throughout the
wider variety of networks Internet
29 30
Several Patterns: Class B Several Patterns: Class C

32 bits 32 bits
Class 10 Network Class

Networkpart Host
Hostpart 110 Network
Networkpart Host
Hostpart
Identifier 10 part part Identifier 110 part part
Bit Bit
14 bits 16 bits 21 bits 8 bits
• Class B Address (for medium-

medium-sized • Class C Address (for small-
small-scale networks)
networks)
– One network can support up to 256 hosts
– One network can support up to 65,536 hosts – 2,000,000 networks can be used throughout the
– 16,384 networks can be used throughout the Internet
Internet
5
31 32
Network Addressing Transmitting an IP Datagram

Originating Host Destination Host
• The class identifier bits at the the start of the IP
address allow you to identify the class for the
address, and how many bytes are used for the EE-mail
- mail
Router
EE-mail
- mail
Application
Applicationlayer
layer SMTP
network part SMTP SMTP
SMTP
• Network addresses are expressed putting all zeroes Transport

Transportlayer
layer TCP
TCP TCP
TCP
for the host part Internet
Internetlayer
layer IP
IP IP
IP IP
IP
– 10.0.0.0 (Class A) 00001010…
00001010… Network
Network Ethernet Ethernet
Interface Ethernet Ethernet ATM
ATM ATM
ATM
– 172.16.0.0 (Class B) 10101100…
10101100… Interfacelayer
layer
– 192.168.1.0 (Class C) 11000000…

11000000… Network
Network A
A Network
Network B
B
33 34
Which path does an IP Datagram take? Which path does an IP Datagram take?
経路表
Routing
経路表
Routing Chart
Chart
終点アドレス
終点アドレス
destination
destination 転送先
転送先
transfer
transfer
address
address target
target 192.168.1.0
192.168.1.0
Network 10.0.0.0
10.0.0.0
Network
Network D
D Network C
C 192.168.1.0 192.168.1.0
192.168.1.0 192.168.1.0
Class
Class
ClassCC
192.168.2.0
192.168.2.0 192.168.2.0
192.168.2.0 ClassAA router router
router router
172.16.0.0
172.16.0.0 172.16.0.0
172.16.0.0
192.168.3.0 192.168.1.0
192.168.3.0 192.168.1.0
router
router
Network
Network B
B router
router
Network
Network A
A router
router 192.168.3.0
192.168.3.0
192.168.2.0
192.168.2.0 172.16.0.0
172.16.0.0 Class
ClassCC
Class
ClassCC Class
ClassBB
35 36
Routing Controls IP Datagram Transfer

• How do you know which router to direct the • Routers pass the IP datagram along until it
IP datagram? >> Routing Controls reaches its final destination
• Each router has a list of final destination • Each type of network has a maximum frame
networks and the routers along the way >> size, known as the Maximum Transmission Unit
(MTU)
Route Table
– The Ethernet MTU is 1,500 octets
• In other words, the more networks there are, – The FDDI MTU is 4,470 octets
the more entries there are in the route table What if the IP datagram is bigger than the MTU?
6
37 38
IP Datagram Segmentation Segmentation: an Example

IP Datagram IP
IPHeader
Header TCP
TCPSegment
Segment
MTU=3,000 octets
Network
NetworkBB
Local Network Frame Network
NetworkAA router
router router
router
Local
LocalNetwork
NetworkIP Header Local
LocalNetwork
Network IP
IP Datagram:
Datagram: 3,000
3,000
IP Header TCP
TCPSegment
Segment IP
IP Datagram:
Datagram: 2,000
2,000
Header
Header Trailer
Trailer IP
IP Datagram
Datagram IP
IP Datagram:
Datagram: 1,000
1,000 IP
IP Datagram:
Datagram: 1,000
1,000
Datagram size:
MTU Size Size Overflow 4,000 octets IP
IP Datagram:
Datagram: 1,000
1,000
MTU=2000 octets
Local
LocalNetwork
NetworkIP Header TCP Segment Local
LocalNetwork
Network
IP Header TCP Segment The segment is router
Header
Header Trailer
Trailer
divided to fit
Routers perform router
Local
LocalNetwork
NetworkIP Header TCP Segment Local Network segmentation Network
NetworkCC
IP Header TCP Segment Local Network
Header
Header Trailer
Trailer
39 40
Reviewing IPv4 Overview

• 32 bit IP addresses • The road to the Internet
• Three network part types based on size • Internet Protocol (IPv4)
– Class A, Class B, Class C • Issues for IPv4
• As many routing table entries as there are • For the next protocol (IPv6)
networks
• IPv6 today
• Segmentation can occur as a result of
different MTU sizes • IPv6 tomorrow
– Routers perform Segmentation
41 42
Routing Control Issues One Network, One Class

• As the number of networks increases so does the • A network with 1,000 hosts
routing information
– Class C (with 256 hosts max.) is not enough
• As the routing information increases so does the – Class B (with 65K hosts max.) is too many?
load on the routers
• Four Class C addresses would suffice, but
• How do we control the amount of routing
then you increase the network information
information?
by four
Assign one network address for one network
• So give ‘em a Class B!
7
43 44
No More Class Bs! Get rid of Classes!

• As the Internet grew, so too did the number of • Classes can only define network sizes in
networks connecting to it eight bit units, so there is a lot of waste in
• Class B networks were really popular but we can address use
only create 16,000 networks
• Address classes are one cause of the routing
• We have no choice but to use multiple Class C! information explosion
• There are functional limits for routers, so
An incredible increase in routing
controlling routing information is
information results!
imperative
45 46
CIDR CIDR Notation

• CIDR: Classless Inter-
Inter-Domain Routing 202 . 12 . 30 . 38
• Network address units no longer need to be 11001010
11001010 0001100
0001100 00011110
0001111000100110
00100110
eight bit blocks
Network Address
• The use of leading bits as a class identifier
Since the first three bits are ‘ 110
110’’ , you’
you’ d normally
is abolished think this was Class C:
24-- bit network address
24
From Classful to Classless 256 hosts
47 48
CIDR Notation With CIDR…

CIDR…
202 . 12 . 30 . 38 / 22 • You can assign network addresses that
better fit the network’
network’s size
11001010
11001010 0001100
0001100 000111
00011110
10 00100110
00100110
• Networks that once required several classful
Network Address addresses can now have just one address
block, conserving routing information
202.12.30.38/22
With this CIDR notation, • Assigning addresses based on network
the network address is 22 bits topologies can also reduce routing
1,024 hosts information
8
49 50
Aggregating routing information We eliminate Waste but…

but …
Aggregation
Aggregation The third octet
• The introduction of CIDR eliminates
＊ .＊ .0.0 /23
＊.＊.0.0 /23 00000000 Network
NetworkAA wasteful address assignments
00000000 00 500 /23
＊ .＊ .2.0 /23 500hosts
hosts
＊.＊.2.0 /23
＊ .＊ .4.0 /22
＊.＊.4.0 /22 • We can easily aggregate routing information
Network
NetworkBB
00000001
00000001 00 500 /23
500hosts
hosts
＊ .＊ .0.0 /21
• But…
But… 32
32--bit addresses are too few given the
＊.＊.0.0 /21
Network
NetworkCC
growth of the Internet
0000001
0000001 00
00 1,000 /22
1,000hosts
hosts
51 52
How Big is 32 Bits? We have to Conserve Addresses

• 32 bits = 232 equals roughly four billion • There has to be an IP address for every host
connected to the Internet
• If there are six billion people in the world…
world …
• Can we then eliminate address for hosts with no
– There isn’
isn ’t one for everyone need to directly connect to the Internet?
• What with cell phones, game consoles, – Those corporate hosts connected only to the intranet
xDSLand
xDSL and so on, the demand for IP – Hosts that connect via a proxy server
addresses will only grow
53 54
Global and Private Private Addresses

• There are two different types of IP addresses: • RFC1918 defines the following addresses as
global addresses are needed for hosts connected to private addresses
the Internet and private addresses can be used
– 10.0.0.0 -- 10.255.255.255 (10.0.0.0 /8)
freely in closed environments
– 172.16.0.0 -- 172.31.255.255 (172.16.0.0 /12)
• Private addresses are for networks with no direct – 192.168.0.0 -- 192.168.255.255 (192.168.0.0 /16)
connection to the Internet
• Private addresses can be used freely as long
• Different private networks can use the same as there is no direct connection to the
private addresses
Internet
9
55 56
The Use of Private Addresses Good Uses of Private Addresses

• Private addresses cannot be used for direct
192.168.1.0/24
192.168.1.0/24 192.168.1.0/24
192.168.1.0/24 connections, but indirect connections via
proxy servers or NAT can be used
No
No Problem
Problem in
in Using
Using the
the Same
Same Addresses
Addresses
The Internet
Proxy Access
Proxy
Proxy Private
Private
Internet
Internet //
Network
Network
NAT
NAT
192.168.0.0/16
192.168.0.0/16 192.168.2.0/24
192.168.2.0/24 Global Addresses Address Transcription Private Addresses
57 58
Popularization and Requests for

Reviewing IPv4 Issues
the Internet
• Together with the development and • Not enough addresses
popularization of the Internet, new
application area and a call for new • Increase in routing information
functionality arise • Segmentation and header processing is a
– Plug & Play DHCP +α+α router issue
– Mobility Mobile IP
• New service requests for new file types
– Security IPSec
– Real-- time Telecom
Real Diffserv, RSVP
– Etc. …
59 60
Have the Problems been Resolved? Let’’s Start Over

Let
• CIDR works effectively and has been successful • We need a total review of the IP protocol
to a degree in conserving assignments and
aggregating routing information
– But we will still run out of addresses
• NAT and private addresses help to conserve
addresses
– Many IP applications don’
don’t work with NAT
>> Toward IPv6!
• Segmentation and header processing issues remain
• Compatibility and availability for different file
types is not optimal because it is added later
10
61 62
Overview Thanks, IPv4, Hello, IPv6

• The road to the Internet • IPv4 is a primary technology that has
• Internet Protocol (IPv4) supported the Internet for more than twenty
years
• Issues for IPv4
• For the next protocol (IPv6) • But we can’
can’t hold on to IPv4 forever
• IPv6 today • The danger is clear and present

• IPv6 tomorrow • IPv6 came about for a fundamental
resolution
63 64
IP Next Generation ( IPng

IPng)) Functional Requirements
• July 1991 • More addresses
– IETF began a study when it became known we would • Aggregatable routing information
run out of IP addresses
• November 1992 • Simplified headers, no more segmentation
– RFC1380 Results of the address trend study • Simplified settings for plug & play
– Discussion begins on a next-
next-generation protocol • Default implementation of security and real-
real-
• December 1993 time features, etc.
– RFC1550 Functionality requests for IPng • A simple and flexible transfer from IPv4
65 66
Proposed Protocols The Road to IPv6

• CATNIP Big ideas but incomplete • January 1995
– TCP, OSI, Novell are jointly used – RFC1752 128-
128-bit addresses based on SIPP
– Official name change IPng (next generation) to IPv6
• SIPP Won’’t we run out of 64-
Won 64-bit addresses, too? (IP version 6)
• December 1995
– Expands IPv4, addresses now 64-
64-bit
– RFC1884 IPv6 Addressing Architecture
• Revised in July 1998 to RFC2373
• TUBA Possible problems upgrading from IPv4
• Late 1998 Major revisions of IPv6 - related RFCs
– Protocol to replace IP. Variable-
Variable-length addresses
– RFC2460 IPv6 Specification, etc…
etc…
11
67 68
Functional Requirements The IPv6 Address Space

• More addresses • An 128-
128-bit address length!
• Aggregatable routing information – Four times as long as IPv4
• Simplified headers, no more segmentation – 2 96 times as many addresses as IPv4
• Simplified settings for plug & play • 2128 addresses

• Default implementation of security and real-
real- – Roughly equal to 3.4 x 1038 addresses
time features, etc. – Equivalent to 2.2 x 1020 addresses for every
square centimeter of land on Earth
• A simple and flexible transfer from IPv4
• More addresses than we can imagine!
69 70
IPv6 Abbreviated Address

IPv6 Address Notation
Notation
• Blocks of continuous zeros can be abbreviated
• 128 bits is very long!
– 1080 : 0 : 0 : 0 : 8 : 800 : 200C : 417A
• Written in the same as the IPv4 format: 1080 : : 8 : 800 : 200C : 417A
– 123.123.123.123.123.123.123.123.123.123.123. – 0 : 0 : 0 : 0 : 0 : 0 : FF01 : 9123
123.123.123.123.123 : : FF01 : 9123
• Written in hexadecimal blocks of 16 bits • Abbreviation can only be done once

– 0 : 0 : 0 : FF01 : 9123 : 0 : 0 : 0
• Colon delimiter (:) : : FF01 : 9123 : 0 : 0 : 0
– FFDC:BA98:7654:3210:FEDC:BA98:7654:3210 : : FF01 : 9123 : : << not acceptable
71 72
IPv6 Address Types Functional Requirements

• Address Format Prefixes • More addresses
– Specify IPv6 address types • Aggregatable routing information
１２８ビット
prefix
prefix address
address • Simplified headers, no more segmentation
n bits 128 – n bits
• Simplified settings for plug & play
001 Aggregatable Global Unicast Address • Default implementation of security and real-
real-
1111 1110 10 Link Local Unicast Address
1111 1110 11 Site Local Unicast Address
time features, etc.
1111 1111 Multicast Address
12
73 74
Aggregate routing information Aggregatable Global Unicast Addresses

• In order to aggregate routing information…
information… • Addresses with a layered structure to conform
with network topologies
– Classless address structure
3 13 8 24 16 64
– Assignments based on network structure １２８ビットの
FP
FPTLA
TLAID reservedNLA
ID reserved １
NLA ID
２８
IDSLA
ビッ
SLAID
トID IPv6アドレス
のIPv6 Interface
アドレスInterfaceID
ID
– Assign continuous address blocks for single Site
Public Topology
networks Topology
• IPv6 uses aggregation experiences from FP

FP Address
Addressformat
formatprefix:
prefix:110
110
TLA
TLAIDID Top-
Top - level aggregate
Top-level aggregate
IPv4 for an aggregatable address structure NLA
NLAID ID Next-
Next - level aggregate
Next-level aggregate
SLA
SLAIDID Site-
Site - level aggregate
Site-level aggregate
Interface
InterfaceID
ID Interface
Interfaceidentifier
identifier
75 76
A Sample Assigned Address Layered Assignments

3 13 8 24 16
3 13 8 24 16 64
FP
FPTLA
TLAID
ID reserved
reserved NLA
NLAID
ID SLA
SLAID
ID
FP
FPTLA
TLAID reservedNLA
ID reserved NLAID
IDSLA
SLAID
ID Interface
InterfaceID
ID
TLA
TLA /16
/16 Uses 12 bits 2001::/16
2001::/16
Assigned to ISP Backbone
Backbone TLA
TLAID
ID
NLA
NLA provider
provider
/36
/36
（
（ISP)
ISP) Uses 12 bits 2001:1::/32
2001:1::/32
Assigned to user
user ISP
ISP ISP
ISP ISP
ISP NLA
NLAID
ID
user /48
/48
2001:1:1::/48
2001:1:1::/48
/64 Uses 16 bits End
End-
End-- End
End-
End-- End
End-
End--
/64 Subnet format
SLA
SLAID
ID
user
user user
user user
user
Public
Public Topology
Topology Site
Site Topology
Topology
77 78
Functional Requirements IPv4 Headers

• IHL (header length), options
– Variable length leads to many
• More addresses problems
• Aggregatable routing information Ver
Ver IHL
IHL TOS
TOS Datagram
DatagramLength
Length • TOS
– Not in use
ID
ID flag
flag offset
offset
• Simplified headers, no more segmentation – But its preference is needed
TTL
TTL protocol
protocol header
headerchecksum
checksum
• Simplified settings for plug & play • ID, Flag, Offset
Originating
OriginatingIP
IPAddress
Address – Needed for segmentation
real- Destination
DestinationIP
IPAddress
Address • Protocol
time features, etc. Options
Options(variable
(variablelength)
length) – No need to know the top-
top-
level protocols
• A simple and flexible transfer from IPv4 • Header checksum
– Meaningless
13
79 80
Various Functionality Becomes

IPv6 Headers
Optional
• Class, flow label • IPv6 headers are of a fixed size with basic data
– Priority Settings only
Ver
Ver Class
Class Flow
FlowLabel
Label • Payload length
Payload
• Different features will use contiguous headers
PayloadLength
Length Next header limit
Nextheader limit – Length of everything after
the header
Originating
IPv6
IPv6 IPv6
IPv6 IPv6拡張
Feature
IPv6
Feature拡張Feature
TCP
TCPTCP
Feature アプリケーション
TCPTCP アプリケーション
TCP アプリケーション
Application data
OriginatingIP
IPAddress
Address • Next header header
headerヘッダ
ヘッダヘッダ
header
ヘッダ
headerヘッダヘッダ
header
ヘッダヘッダヘッダ
headerヘッダheaderデータ
header データApplication
データ
データ data
The type of option headers,
Destination
DestinationIP
IPAddress
Address
when used A fixed
fixed--length header makes for easier handling
• Transfer limit Only required feature data is added on
– The maximum number of
the datagram transfer
Makes for easier extensibility in the future
81 82
Prohibition of mid-
mid-route
Functional Requirements
segmentation
• Prohibit segmentation that causes router overload • More addresses
• To prevent mid-
mid- route segmentation: • Aggregatable routing information
– Networks have MTUs • Simplified headers, no more segmentation
– And we can never send an IP datagram larger than an
MTU • Simplified settings for plug & play
– We need to know the length of all the MTUs along the • Default implementation of security and real-
real-
route and pick the smallest one ahead of time
time features, etc.
• IPv6 searches out the smallest MTU on the route
83 84
Routers tell Us! Why is it so Easy?

• When you connect to the Internet with IPv6, the • Network interfaces already have a unique
routers provide the necessary settings data number assigned to them
• The interface generates an address using the • It’
It ’s easy to create a unique Internet address
network data from the router and its own interface if you use that
ID
• The interface ID alone has as many as 64
bits
Network
NetworkID
ID Interface
InterfaceID
ID • The purpose of the network ID is to
128--bit IPv6 Address
128 aggregate routing information
14
85 86
How is this Different from DHCP? Functional Requirements

• DHCP (Dynamic Host Configuration Protocol) • More addresses
takes addresses from a pre-
pre- assigned pool
• Aggregatable routing information
– You need to reserve addresses for DHCP use
– It
It’’ s possible to get a different address each time • Simplified headers, no more segmentation
• Automatic settings in IPv6 works because the
address is generated by combining network data
• Simplified settings for plug & play
with the interface ID • Default implementation of security and real-
real-
– The interface has the address from the beginning time features, etc.
– The address will never change as long as it’
it’ s on the same
network • A simple and flexible transfer from IPv4
87 88
Protocol-Level Extended
Protocol-
IPsec
Function
• Security Features • Allows you to confirm that the individual
– Maintains verification and confidentiality you communicate with is who he or she
among communicating interfaces says she is. (Verification)
– Always implements the IPsec from IPv4 • Allows you to prevent your communication
• Allows you to specify Priority from being spied on mid-
mid -route. (Encryption)
– Enables higher priorities for real-
real-time • Made possible with IPv6’
IPv6’s extended
communications headers
– Use methodologies are still being researched
89 90
Functional Requirements Moving from IPv4 to IPv6

• More addresses • What do we need to make the move?
• Aggregatable routing information • What service changes are needed to change
• Simplified headers, no more segmentation the IP protocol?
• Simplified settings for plug & play • How do we decide the timing for a move?
real- • Will we become unable to use IPv4?
time features, etc.
15
91 92
The Effects of an IP Change Where the Changes are Needed

• Applications
EE-mail
- mail WWW ルータ制御
Router control – Input/output of IPv6 address notation
Application WWW アプリケーションルータ制御
Router control
Applicationlayer
layer SMTP Application
Application
SMTP HTTP
HTTP アプリケーション
application
application – The application’
application’ s interface with TCP/IP
Transport TCP UDP ルータ制御
Router
ルータ制御
Router control
control • Operating Systems
Transportlayer
layer TCP UDP OS
オペレーティング
オペレーティング OS
Operating
Operating System
System – Understanding IPv6 address notation
システム
システム Routing
Routing control
control
Internet
Internetlayer
layer IP
IP 経路制御部
経路制御部 – Implementing IPv6
IPv6--original functionality
program
program
– IPv6 support of interface drivers
Network
NetworkInterface
InterfaceEthernet ネットワーク
Network
ネットワーク
Network ネットワーク
Network
ネットワーク
Network
layer Ethernet ATM
ATM インタフェース
Interface インタフェース
Interface • Routers
layer インタフェース
Interface インタフェース
Interface
All parts that use the IP need to change! – Managing IPv6 routing information
93 94
IPv6 Support in DNS How the Move would Work

• The primary Internet service is DNS • We can’
can ’t simultaneously transfer all IPv4
– DNS converts domain names and IP addresses networks to IPv6 at any given time
– Need to register IPv6 data (AAAA records) for DNS
forward--conversion (domain name to IP address)
forward • The move should be on a network basis
– Need to create a new IPv6 address space for DNS • Within networks there would be a gradual
backward--conversion (IP address to domain name)
backward
change from IPv4 to IPv6
• BIND functionality in DNS already supports IPv6
• Regardless, all will eventually be IPv6
95 96
Moving Communications
Moving within a Network
between Networks
• Dual IP Stacks • How do IPv6 networks communicate in an
– Handles both IPv4 and IPv6 protocols IPv4 world?
Application Some hosts and routers can IPv6 tunneling in IPv4
Applicationlayer
layer
handle both IPv4 and IPv6
Transport
Transportlayer IPv4
layer IPv6
IPv6 IPv4 network
network IPv6
IPv6
IPv4 and IPv6 can coexist
Network
Network Network
Network
インターネット層
IPv4
IPv4 IPv6
インターネット層
IPv6 within networks Tunnel to connect IPv6
ネットワーク
Network
ネットワーク
Network Gradually move everything Dual- Stack
Dual- Dual- Stack
Dual-
インタフェース層
Interface
Interfacelayer
インタフェース層 layer to IPv6 Router Router
16
97 98
What is Tunneling? Move Scenario (1)

• A technology to encapsulate packets from a IPv4
different protocol within the protocol of the
IPv6
route that delivers it to the target network
IPv6 network Dual- Stack

Dual- IPv4 network
Router Tunneling
IPv6
IPv6 IPv4
IPv4 IPv6
IPv6
IPv6
IPv6 data
data IPv6
IPv6data
data
header
header header
header header
header
IPv6 datagram Encapsulated IPv4 data

IPv4 datagram Bridges that connect IPv6 islands
on a sea of IPv4
99 100
Move Scenario (2) Move Scenario (3)

IPv4 IPv4
IPv6 IPv6
Tunneling
Bridges that connect IPv4 islands

Form a global IPv6 network on a sea of IPv6
101 102
Will we become Unable to Use IPv4? Overview

• We believe IPv6 will gradually replace IPv4, • The road to the Internet
but IPv4 shouldn’
shouldn ’t become unusable • Internet Protocol (IPv4)
• Once the backbone of the Internet runs on • Issues for IPv4
IPv6, IPv4 can be used to communicate • For the next protocol (IPv6)
using tunneling, etc.
• IPv6 today
• Ultimately we will all move to IPv6. We
• IPv6 tomorrow
need to focus on services and networks that
do not depend on IPv4
17
103 104
IPv6 at Present 6bone

• The basic IP portions are nearly all set • An experimental network running since the
protocol design phase for IPv6
• Many extensible portions are still in • Assigns experimental address blocks known as
discussion pseudo-- TLAs (pTLA)
pseudo
– Protocols for routing controls • Plays a major role in verifying the IPv6 protocol
– Security algorithms/key management spec, checking implementation interconnectability,
and software and hardware testing
– Specifications for datagram transport priorities
• The WIDE Project leads the formation of 6bone-
6bone- jp
for connecting to 6bone in Japan
105 106
6bone
bone--jp and NSPIXP-
NSPIXP -6 IPv6 Official Operations
• 6bone
bone--jp • 6 bone has been running an IPv6 network with
experimental addresses
– WIDE obtains the pTLA from 6bone to operate
– Connecting organizations obtain an NLA from • Based on IPv6 address assignment standards,
WIDE official addresses started being assigned in July of
1999
• NSPIXP
NSPIXP--6
• ISPs obtain these official addresses and are
– An inter-
inter- connection point for IPv6 started continuing to start IPv6 connection services
operations in August of 1999
– The basis of a primary IPv6 network structure
107 108
IP Address Layered Distribution IPv6 Address Assignment Layers

• To assign unique IP addresses for the Internet, a IANA
IANA Internet Assigned Numbers Authority
layered registry structure is being built
RIR
RIPE
RIPE--NCC APNIC
RIPE-NCC APNIC ARIN
ARIN Regional Internet Registry
• Users don’
don’ t get addresses based on desire, but
must apply to use an address within the registry, TLA
TLA TLA
TLA
and then they must use a distributed address from
there NLA
NLA NLA
NLA
End
End-- Site
End-Site End
End-- Site
End-Site End
End-- Site
End-Site
18
109 110
I Want an IPv6 Address! IPv6 is Brand-

Brand- New
New…
…
• I want to build an IPv6 network so I need an • A TLA is too big to be an assignment unit
address…
address … 3 13 8 24 16 64
– How big of an address block would I get? FP

FPTLA reserved NLA
TLA reserved NLA SLA
SLA Interface
InterfaceID
ID
– Would that be a TLA, an NLA or an SLA?

/16
– To where do I request an address?
3 13 13 6 13 16 64
FP
FPTLA
TLA sTLA reservedNLA
sTLAreserved NLA SLA
SLA Interface
InterfaceID
ID
/35 Assignments will be made on a sub-

sub -TLA basis
111 112
Initial Assignment Conditions

sub-- TLA Assignment Conditions
sub
for sub-
sub - TLAs
• Already running an IPv6 network and peering • Peering with at least three other IPv4 networks
with at least 3 other sub-
sub- TLA IPv6 networks • Provide IPv6 services within 12 months of
– In addition, one of the following must be fulfilled: receiving a sub-
sub- TLA
– And in addition, fulfill one of the following:
• IPv6 addresses have been assigned to 40 SLA • Have already assigned IUPv4 addresses to at least
client sites 40 customers
• Will begin providing IPv6 services within 12 • Have participated in 6bone for at least 6 months
months of receiving sub-
sub- TLA and have been running pTLA for at least 3 months
113 114
How can I get an Address? sub-- TLA Assignments to Date

sub
• To obtain a sub-
sub-TLA, apply directly to RIR • APNIC
APNIC…… 2001:200::/23
• APNIC only assigns sub-
sub -TLAs to APNIC – 19 organizations (JP:9, KR:5, TW:2, CN:1,
members, so if you want an address from SG:1, AU:1)
APNIC you need to join APNIC • ARIN
ARIN…
… 2001::400::/23
• JPNIC is a member of APNIC, and JPNIC MX1）
– 10 organizations (US:8, CA:1, MX1）
members can apply through JPNIC without • RIPE
RIPE--NCC
NCC…… 2001:600::/23
becoming members of APNIC directly – 22 organizations （DE:7, FR:2, GB:2, etc…
etc…）
As of September 9, 2000
19
115 116
I Can’
Can’t Get a Sub-
Sub- TLA
TLA…
… JPNIC IPv6 Center
• Only major providers are qualified to apply for • Questions about IPv6 sub-
sub -TLA applications,
sub-- TLAs
sub and IPv6 in general can be brought to:
• Most ISPs work like NLAs to get addresses from
organizations with sub-
sub- TLAs ipv6--support@nic.ad.jp
ipv6
• Each organization with a sub-
sub- TLA decides how to
assign address at the NLA level and lower • Information on IPv6:
• However, there is a need to conform with global http://www.nic.ad.jp/jp/regist/ip/index.html
assignment policies Look for the IPv6 page
117 118
Hardware/Software Support for

Service Support for IPv6
IPv6
• Operating Systems • The major ISPs in Japan already have sub-
sub-
– Windows2000 and later are IPv6-
IPv6-ready TLAs
– UNIX has standardized implementation with WIDE’
WIDE’ s
KAME Project • There are already ISPs that have begun IPv6
• Routers connection services
– Hitachi, NEC, Fujitsu, et al.,
al. , have developed primary • Most connection formats use tunneling, but
routers some have begun to use native connections
– Matsushita, Yamaha, et al.,al., have developed SOHO
routers • Important: what kinds of services are
– Cisco, Ericsson, et al.,
al. , are moving forward with IPv6 available with IPv6 use?
support
119 120
Risks for the /48 fixed-

fixed-length
Overview
Assignments
• IPv6 policy includes a minimum use of /48 • The road to the Internet
address assignments for end-
end -sites • Internet Protocol (IPv4)
• RIR released an opinion that assignments • Issues for IPv4
for end-
end-sites on a scale smaller than /48 • For the next protocol (IPv6)
would be better
• IPv6 today
• Continuing to firm up the direction of /48
• IPv6 tomorrow
assignments for end-
end -sites
20
121 122
IPv6 Tomorrow Is 2001 the Dawn of the IPv6 Era?

• The Internet will inexorably move from IPv4 to • A network environment for IPv6 continues to be
IPv6 built
• It ’ s hard to predict for how long IPv4 networks • Next we talk about what we use IPv6 for
will hold sway • With the right trigger, IPv6 could potentially
• A lot of IPv6 functionality, including extensible explode in popularity
functionality, is in discussion, but there is great
merit in moving to the new basic protocol part
123 124
Related Sites Related RFCs

• IETF (Internet Engineering Task Force) • RFC2373: IPv6 Addressing Architecture
– http://www.ietf.org/ • RFC2374: An IPv6 Aggregatable Global Unicast
Address Format
• IETF IPng working group
– http://playground.sun.com/pub/ipng/html/ipng
http://playground.sun.com/pub/ipng/html/ipng-- main.html • RFC2401: Security Architecture for the Internet
Protocol
• 6bone
• RFC2460: IPv6 Specification
– http://www.6bone.net/
• RFC2461: Neighbor Discovery for IPv6
• 6bone
6bone--jp
• RFC2462: IPv6 Stateless Address Autoconfiguration
– http://www.v6.sfc.wide.ad.jp/
• RFC2463: ICMPv6 for IPv6
21

Withstand Atomic Bomb Attacks?

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Withstand Atomic Bomb Attacks?

Uploaded by

Copyright:

Available Formats

2

ARPA Project Withstand Atomic Bomb Attacks?

Withstand Atomic Bomb Attacks? From an internet to the Internet

The Road to Standardization RFC

The Heart of the Carrier Pigeon

Overview What ’s a Protocol?

Protocols for a Network The Secrets of Sending E-

– How does e-e- mail get to the addressee’

when you want to view web sites?

Why Layered Protocols? Why Layered Protocols?

Internet Protocols Internet Protocol (IP)

IP Address IPv4 Address

• IP networks need a way to identify targets 11001010 00001100 00011110 00100110

Expression of IPv4 Addresses The Route to Your Destination?

Identifying Networks The Significance of an IP Address

How Big should the Network

Several Patterns: Class B Several Patterns: Class C

Class 10 Network Class

• Class B Address (for medium-

Network Addressing Transmitting an IP Datagram

• Network addresses are expressed putting all zeroes Transport

– 192.168.1.0 (Class C) 11000000…

Routing Controls IP Datagram Transfer

IP Datagram Segmentation Segmentation: an Example

Reviewing IPv4 Overview

Routing Control Issues One Network, One Class

No More Class Bs! Get rid of Classes!

CIDR CIDR Notation

CIDR Notation With CIDR…

Aggregating routing information We eliminate Waste but…

How Big is 32 Bits? We have to Conserve Addresses

Global and Private Private Addresses

The Use of Private Addresses Good Uses of Private Addresses

Popularization and Requests for

Have the Problems been Resolved? Let’’s Start Over

Overview Thanks, IPv4, Hello, IPv6

• IPv6 today • The danger is clear and present

IP Next Generation ( IPng

Proposed Protocols The Road to IPv6

Functional Requirements The IPv6 Address Space

• Simplified settings for plug & play • 2128 addresses

IPv6 Abbreviated Address

• Written in hexadecimal blocks of 16 bits • Abbreviation can only be done once

IPv6 Address Types Functional Requirements

Aggregate routing information Aggregatable Global Unicast Addresses

• IPv6 uses aggregation experiences from FP

A Sample Assigned Address Layered Assignments

Functional Requirements IPv4 Headers

Various Functionality Becomes

Routers tell Us! Why is it so Easy?

How is this Different from DHCP? Functional Requirements

Functional Requirements Moving from IPv4 to IPv6

The Effects of an IP Change Where the Changes are Needed

IPv6 Support in DNS How the Move would Work

What is Tunneling? Move Scenario (1)

IPv6 network Dual- Stack

IPv6 datagram Encapsulated IPv4 data

Move Scenario (2) Move Scenario (3)

Bridges that connect IPv4 islands

Will we become Unable to Use IPv4? Overview

IPv6 at Present 6bone

IP Address Layered Distribution IPv6 Address Assignment Layers