SlideShare a Scribd company logo

IPv6: Why "next year" is now

Savvius, Inc
Savvius, Inc

Watch the full OnDemand Webcast: http://bit.ly/IPv6NextYear IPv6 has been on almost every IT team's list to implement "next year" for the past 10 years. Two trends have recently converged to make this the year to implement IPv6: vendor support has been getting better, and available IPv4 addresses have been getting rarer. Currently all new PCs ship with IPv6 enabled by default, and the global pool of IPv4 numbers at IANA is empty. Deployment of IPv6 has been getting easier thanks to strategies like dual-stack, NAT, and tunneling, but those strategies will start to get more difficult as allocating IPv4 addresses becomes harder and security concerns increase on IPv6. Right now it’s the easiest it’s ever been to roll out IPv6, and may be the easiest it will ever be. Now is the time to stop deferring IPv6 deployment. This webinar will focus on how WildPackets OmniPeek network analyzer provides Expert analysis, visibility, and insight for IPv6 as you begin the transition. What we’ll cover: IPv6 addressing, address format, SLAAC auto-addressing, and DHCPv6 ICMPv6, including neighbor discovery (previously ARP) and router discovery Interoperability between IPv4 and IPv6 via tunnels and NAT DNS over IPv6 What you will learn: Common deployment pains, how to identify them, how to fix them Security considerations for IPv6 How to find and control IPv6 on your network

Technology
1 of 47
Download to read offline
IPv6 “Next Year” is Now! Jim MacLeod Show us your tweets! Use today’s webinar hashtag: Product Manager WildPackets #wp_ipv6 jmacleod@wildpackets.com with any questions, comments, or feedback. Follow me @shewfig Follow us @wildpackets © WildPackets, Inc. www.wildpackets.com
Agenda • Primer ‒ Address types ‒ Address format ‒ Address resolution • Issues ‒ Implementation ‒ Interoperability ‒ Security • WildPackets © WildPackets, Inc. 2
Primer: IPv6 Addressing © WildPackets, Inc. www.wildpackets.com
Address Lexical Conventions • 128 bits of hexadecimal ‒ IPv4 had 32 bits in dotted-decimal • Separated by colons ‒ 8 groups of 16 bits ‒ 8 bits = “octet” ‒ 16 bits = “sedectet” or “hexadectet” • Shortcuts ‒ Leading zeros can be omitted • 2001:0db8::/32 same as 2001:db8::/32 ‒ Multiple consecutive zeros written as “::” • 2001:db8:0:0:0:0:0:1 same as 2001:db8::1 ‒ Localhost is ::1, default route is ::/0 © WildPackets, Inc. 4
Address Sections • Sections ‒ Network • RIR-assigned or local ‒ Subnet • Subnetting within org/site ‒ Host • 64-bit interface identifier • Example ‒ 2001:db8::/32 • 32 bit prefix, 32 bits of subnet, 64 bits of interface ID • 32 bits of subnet =~ entire size of IPv4, each with 64 bits of host ‒ 2001:db8:de30::/48 • 48 bits of prefix, 16 bits of subnet, 64 bits of interface ID • 16 bits of subnet =~ class B IPv4 address block © WildPackets, Inc. 5
Address Types • Unicast ‒ “Normal” address • Local ‒ Link-Local: not-routable, subnet only ‒ ULA (Unique Local Addresses): private address • Multicast ‒ Multiple scopes from host-internal to Internet-wide • NO explicit Broadcast ‒ Implemented as local-scope multicast ‒ Several specific multicast addresses defined and used • All Routers, All DHCP servers, etc… © WildPackets, Inc. 6
Local Addresses • Link-Local: non-routable, subnet only ‒ Defined as fe80::/10. In practice, fe80::/64 ‒ Nodes auto-generate address for each interface ‒ On-box, append interface ID to address (e.g. %eth0) • Similar in concept to 169.254.0.0/16 ‒ Auto-defined, unique per subnet • Why? ‒ Bootstrap addressing: no “naked” protocols like ARP ‒ Used by ICMPv6 Neighbor Discovery (“ARPv6”) ‒ Used by DHCPv6, no need for broadcast • Impact ‒ Every IPv6 interface will have at least 2 addresses © WildPackets, Inc. 7
Unique Local Addresses (ULA) • Routable private address space ‒ fd00::/8, plus 40 “random” bits -> fdx:y:z:://48 ‒ Like 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 • Can be used to create isolated networks ‒ Potentially routable among connected systems ‒ Non-routable across the Internet • Potential uses ‒ Lab networks ‒ Air-gapped networks ‒ Pilot projects • NOT intended for use with NAT ‒ NAT was a work-around on IP, IPv6 is the solution © WildPackets, Inc. 8
Subnetting Review • Q: Does 2001::/32 contain 2001:db8::/32? ‒ 2001::/32 • 2001:0:0:0:0:0:0:0 – 2001:0:ffff:ffff:ffff:ffff:ffff:ffff ‒ 2001:db8::/32 • 2001:db8:0:0:0:0:0:0 – 2001:db8:ffff:ffff:ffff:ffff:ffff:ffff ‒ A: no, the 2nd sedectet is different • Q: How large is fe80::/10 ? ‒ fe80::/16 – febf::/16 ‒ 64 /16 blocks, 4B /32 blocks, 18 quadrillion /64 blocks © WildPackets, Inc. 9
Address “Magic Numbers” • Node ‒ ::1/128 – localhost ‒ ::/0 – default route (like 0.0.0.0/0) • Local ‒ fe80::/10 – Link-local ‒ fc::/7 – ULA • Likely deployment: fd::/8 • Global ‒ 2001:db8::/32 – “Example” addresses ‒ 2001::/32 – Teredo ‒ 2001:678::/29 – Provider-independent (Multihomed end-users) ‒ 2001:7f8::/29 – Internet Exchange Points (ISP interconnect) © WildPackets, Inc. 10
IP to IPv6 “Magic Numbers” • ::ffff:0:0/96 – IPv4-mapped IPv6 ‒ server socket-level compliance for application compatibility ‒ Can be written ::ffff:0:0:a.b.c.d • ::ffff:0:0:0/96 – Stateless IP/ICMP Translation (SIIT) ‒ To allow an IPv6 client to connect to IPv4 hosts • 64:ff9b::/96 – “Well-Known” Prefix ‒ NAT64 address translation, connect IPv6 island to IPv4 • 2002::/16 – 6to4 translation ‒ To connect IPv6 islands via IPv4 • Over time, these should all go away ‒ Dual stack makes all of these unnecessary © WildPackets, Inc. 11
Address Resolution © WildPackets, Inc. www.wildpackets.com
Resolving Addresses • ICMPv6 Neighbor Discovery Protocol (NDP) ‒ Replaces ARP ‒ Runs over IPv6, not over DLC/Ethernet ‒ Uses Link-local addresses • Neighbor solicitation ‒ Unicast fe80::/10 source (unique to interface) ‒ Link-local multicast destination at both L2 and L3 ‒ last 24 bits of multicast are last 24 bits of target address • Allows quick validation on receiver node: keep/discard • Neighbor Announcement ‒ Response is unicast-unicast © WildPackets, Inc. 13
NDP in Action Search for 2001:db8:2::4 • L2 address (MAC) • OUI is IPv6 multicast prefix (33:33:FF) • Least significant 24 bits of target address (00:00:04) • L3 address – targeted multicast • Local-scope IPv6 multicast (ff02) • Least significant 48 bits • Header is ::1:ff • Same least-significant bits (00:00:04) Implication: IPv6 is optimized to reduce broadcast at both L2 and L3 • Frame is delivered to all nodes in broadcast domain • Frame is quickly rejected by NIC except on target node © WildPackets, Inc. 14
Getting an Address • Static ‒ All parameters configured by hand • Dynamic ‒ Node bootstrap includes Router Discovery ‒ Similar to Neighbor Discovery ‒ Destination is link-local “all routers” address • Router Advertisement includes flags to use either: ‒ Stateless Address Autoconfiguration (SLAAC) ‒ DHCPv6 © WildPackets, Inc. 15
SLAAC • Network info from Router • Node portion of address ‒ Use MAC, insert “ff:fe” in the middle ‒ Alternatively use Privacy Extensions • Pseudo-random instead of extended MAC • Implications ‒ Track IPv6 nodes by MAC • Good for network management, bad for privacy ‒ Addresses distributed nearly randomly in subnet © WildPackets, Inc. 16
DHCPv6 • Controlled by Router Advertisement ‒ Managed Address flag – get address from DHCPv6 ‒ Other Stateful Config flag • Generate address using SLAAC • Get other configs from DHCP • Similar to DHCP in IPv4 • Link-local multicast for DHCP ‒ ff02:1::2 – all DHCP servers and relays ‒ ff02:1:3 – all DHCP servers • Implications ‒ Managed IPv6 addresses ‒ Potential point of failure © WildPackets, Inc. 17
IPv6 Issues © WildPackets, Inc. www.wildpackets.com 18
Implementation Issues • Two address scopes • Packet size issues • DNS • Global routing © WildPackets, Inc. 19
Two Address Scopes • Every interface on a node has at least 2 addresses ‒ Link-local (fe80::) ‒ Unicast • Data uses unicast address ‒ Just like IPv4 address • Net administrative protocols may use link-local ‒ NDP ‒ DHCP ‒ Sometime other ICMPv6 © WildPackets, Inc. 20
What’s Going On Here? How many data frames are there? What protocol? 3 Data frames: 1, 6, 10. HTTP. What’s going on in packets 2-3? 4-5? 8-9? NDP for 2001:db8:2::4, ::253, and ::253 again © WildPackets, Inc. 21
Tracking What’s Going On Use Horizontal Split to show Nodes on left, Packets on right © WildPackets, Inc. 22
Packet Size • Minimum MTU raised from 576 to 1280 ‒ Not a problem for anything modern • Longer header, less room for data ‒ IPv6 header 20+ bytes longer than IP ‒ TCP MSS reduced by 20 bytes ‒ Some applications may be hard-coded to 1460 • No router fragmentation allowed in IPv6 ‒ Node must fragment own datagrams • Overhead in transit = Oversized packet ‒ MPLS and similar ok, internal to network, use Jumbo frames ‒ IPSec across the Internet, no Jumbos allowed ‒ Oversized packets will be discarded © WildPackets, Inc. 23
Packet Size – How to fix • Path MTU Discovery ‒ Inline during transmission • MTU violation reported by ICMPv6 ‒ “Packet Too Big” from router, e.g. VPN ingress • ICMPv6 MUST be allowed ‒ ICMP in IPv4 sometimes blocked for security reasons ‒ Will cause black holes in IPv6 if blocked © WildPackets, Inc. 24
DNS • Same protocol, New record type: AAAA ‒ Can resolve IPv6 addresses over IPv4 ‒ Default behavior on Windows: DNS over IPv4, even for AAAA • Host-driven choice: ‒ Explicit resolution of IPv4 A or IPv6 AAAA ‒ Multiple packets each way • Server-driven choice: ‒ Single generic query from client ‒ DNS responses vary by implementation ‒ Google does reverse lookup on client ‒ Many DNS servers return both A and AAAA • Single query, dual response most common © WildPackets, Inc. 25
Routing • BGP tables are huge on IPv4, what about IPv6? • Solution: aggregation via allocation ‒ Fully hierarchical • IANA global  RIR regional  LIR local • LIR can be ISP, university, large company, etc. • Allows much better aggregation ‒ Special allocation for small multihomed blocks • 2001:678::/29 • Minimum allocation /48 • Hardware-based forwarding ‒ Anecdotal evidence IPv6 slow on current equipment ‒ Future devices will be optimized for IPv6, not IPv4 ‒ IPv6: no checksum, no router fragmentation  faster routing © WildPackets, Inc. 26
Interoperability Issues • Network versus Application • 6-4 failback © WildPackets, Inc. 27
Network versus Application • Different protocols ‒ IPv4 and IPv6 don’t interact on the wire ‒ Lots of transition mechanisms • Unclear whether will ever be used • Applications may have issues ‒ Socket level APIs “should” be compatible ‒ Greatest challenges: • Legacy applications • Custom / homegrown applications • Solution: keep using IPv4 for incompatible apps ‒ Enabling IPv6 doesn’t disable IPv4 © WildPackets, Inc. 28
6-4 Fallback • Most visible IPv6 issue when using the Web! • Primary issue: 6 or 4? ‒ DNS AAAA or A record? ‒ Old method: try IPv6 first, wait for timeout • Windows: 20s. MacOS: 75s. Linux: 75-180s. • Impact on Web ‒ Web pages cross-link locations (average of 8 sites/page!) ‒ Will IPv6 pages contain IPv4 content? • Pages already load slowly, add MULTIPLE 20s+ delays… • Great research ‒ Geoff Huston at APNIC, “Bemused Eyeballs” ‒ Prior research from NTT, presented at NANOG39, 2007 © WildPackets, Inc. 29
6-4 Fallback Solution • “Happy Eyeballs” – dual stack fastest first ‒ Proposed by Dan Wing, Andrew Yourtchenko at Cisco ‒ Resolve both IPv4 and IPv6 addresses ‒ TCP SYN connect to both at once ‒ Use first to connect, RST other socket • Solution: Switch browsers! ‒ Chrome: 300ms (aggressive IPv6 timeout) ‒ Firefox: instant (Happy Eyeballs) ‒ Safari on MacOS: 270ms (aggressive RTT-based timer) • Potential work-arounds on Enterprise networks ‒ Local DNS server tweaks – but probably insufficient ‒ Gateway proxy – but maybe not fast enough © WildPackets, Inc. 30
Security Issues • Addresses • Enforcement © WildPackets, Inc. 31
IPv6 Address Security Issues • All routable addresses are global ‒ Can we feel safe without NAT? ‒ Remember: NAT is a security placebo (with side-effects) • Address spacing ‒ 64 bits dedicated to host = 18 x 10^18 nodes per network • “Impossible” to scan that range, can nodes “hide”? ‒ Enterprise network management • Cross-layer view: MAC, IP/IPv6, name, etc. • Even “stealth” hosts must use switches • Secure Neighbor Discovery (SEND) ‒ Uses public/private keys to validate ND (“ARPv6”) ‒ Doesn’t need PKI, but no standard method to list public keys © WildPackets, Inc. 32
IPv6 Security Enforcement Issues • DPI / layer 7 application security scanning ‒ IPv6 header different than IPv4 ‒ IPv6 header longer than IPv4 • Changes offset for upper layers • Biggest impact on hardware-based devices ‒ Transition and Interoperability Issues • Multiple different tunnel standards • Multiple different translation standards • Teredo – IPv6 over IPv4 w/ NAT traversal ‒ Node gets IPv6 address directly on Internet ‒ Bypass network firewall controls • There have already been IPv6 DoS attacks © WildPackets, Inc. 33
Company Overview © WildPackets, Inc. www.wildpackets.com
Corporate Background • Experts in network monitoring, analysis, and troubleshooting ‒ Founded: 1990 / Headquarters: Walnut Creek, CA ‒ Offices throughout the US, EMEA, and APAC • Our customers are leading edge organizations ‒ Mid-market, and enterprise lines of business ‒ Financial, manufacturing, ISPs, major federal agencies, state and local governments, and universities ‒ Over 7,000 customers / 60+ countries / 80% of Fortune 1,000 • Award-winning solutions that improve network performance ‒ Internet Telephony, Network Magazine, Network Computing Awards ‒ United States Patent 5,787,253 issued July 28, 1998 • Different approach to maintaining availability of network services © WildPackets, Inc.
Real-World Deployments Education Financial Government Health Care / Retail Telecom Technology © WildPackets, Inc.
Product Line Overview © WildPackets, Inc. www.wildpackets.com
Product Line Overview OmniPeek/Compass Enterprise Packet Capture, Decode and Analysis • 10/100/1000 Ethernet, Wireless, WAN, 10G • Portable capture and OmniEngine console • VoIP analysis and call playback Omnipliance / TimeLine Distributed Enterprise Network Forensics • Packet capture and real-time analysis • Stream-to-disk for forensics analysis • Integrated OmniAdapter network analysis cards WatchPoint Centralized Enterprise Network Monitoring Appliance • Aggregation and graphical display of network data • WildPackets OmniEngines • NetFlow and sFlow © WildPackets, Inc.
OmniPeek Network Analyzer • OmniEngine Manager – Connect and configure distributed OmniEngines/Omnipliances • Comprehensive dashboards present network traffic in real-time – Vital statistics and graphs display trends on network and application performance – Visual peer-map shows conversations and protocols – Intuitive drill-down for root-cause analysis of performance bottlenecks • Visual Expert diagnosis speeds problem resolution – Packet and Payload visualizers provide business-centric views • Automated analytics and problem detection 24/7 – Easily create filters, triggers, scripting, advanced alarms and alerts © WildPackets, Inc.
Omnipliance Network Recorders • Captures and analyzes all network traffic 24x7 – Runs our OmniEngine software probe – Generates vital statistics on network and application performance – Intuitive root-cause analysis of performance bottlenecks • Expert analysis speeds problem resolution – Fault analysis, statistical analysis, and independent notification • Multiple Issue Digital Forensics – Real-time and post capture data mining for compliance and troubleshooting • Intelligent data transport – Network data analyzed locally – Detailed analysis passed to OmniPeek on demand – Summary statistics sent to WatchPoint for long term trending and reporting – Efficient use of network bandwidth • User-Extensible Platform – Plug-in architecture and SDK © WildPackets, Inc.
Omnipliance Network Recorders Price/performance solutions for every application Portable Edge Core Ruggedized Small Networks Datacenter Workhorse Troubleshooting Remote Offices Easily Expandable Aluminum chassis / 17” LCD 1U rack mountable chassis 3U rack mountable chassis Quad-Core Xeon 2.5GHz Quad-Core Intel Xeon Two Quad-Core Intel Xeon X3460 2.80Ghz E5530 2.4Ghz 4GB RAM 4GB RAM 6GB RAM 2 PCI-E Slots 2 PCI-E Slots 4 PCI-E Slots 2 Built-in Ethernet Ports 2 Built-in Ethernet Ports 2 Built-in Ethernet Ports 500GB and 2.5TB SATA 1TB SATA storage capacity 2TB SATA storage capacity storage capacity © WildPackets, Inc.
TimeLine • Fastest network recording and real-time statistical display — simultaneously ‒ 11.7Gbps sustained capture with zero packet loss ‒ Network statistics display in TimeLine visualization format • Rapid, intuitive forensics search and retrieval ‒ Historical network traffic analysis and quick data rewinding ‒ Several pre-defined forensics search templates making searches easy and fast • A natural extension to the WildPackets product line • Turnkey bundled solution ‒ Appliance + OmniEngine, OmniAdapter, OmniPeek Connect © WildPackets, Inc.
TimeLine For the most demanding network analysis tasks TimeLine 10g Network Forensics 3U rack mountable chassis Two Quad-Core Intel Xeon 5560 2.8Ghz 18GB RAM 4 PCI-E Slots 2 Built-in Ethernet Ports 8/16/32TB SATA storage capacity © WildPackets, Inc.
WatchPoint Centralized Monitoring for Distributed Enterprise Networks • High-level, aggregated view of all network segments – Monitor per campus, per region, per country • Wide range of network data – NetFlow, sFlow, OmniFlow • Web-based, customizable network dashboards • Flexible detailed reports • Omnipliances must be configured for continuous capture © WildPackets, Inc.
WildPackets Key Differentiators • Visual Expert Intelligence with Intuitive Drill-down – Let computer do the hard work, and return results, real-time – Packet / Payload Visualizers are faster than packet-per-packet diagnostics – Experts and analytics can be memorized and automated • Automated Capture Analytics – Filters, triggers, scripting and advanced alarming system combine to provide automated network problem detection 24x7 • Multiple Issue Network Forensics – Can be tracked by one or more people simultaneously – Real-time or post capture • User-Extensible Platform – Plug-in architecture and SDK • Aggregated Network Views and Reporting – NetFlow, sFlow, and OmniFlow © WildPackets, Inc.
Q&A Show us your tweets! Use today’s webinar hashtag: Follow us on SlideShare! Check out today’s slides on SlideShare #wp_ipv6 www.slideshare.net/wildpackets with any questions, comments, or feedback. Follow us @wildpackets © WildPackets, Inc. www.wildpackets.com
Thank You! WildPackets, Inc. 1340 Treat Boulevard, Suite 500 Walnut Creek, CA 94597 (925) 937-3200 © WildPackets, Inc. www.wildpackets.com

Recommended

Internet Protocol Version 6
Internet Protocol Version 6Internet Protocol Version 6
Internet Protocol Version 6sandeepjain
 
IPv6 at 1&1
IPv6 at 1&1 IPv6 at 1&1
IPv6 at 1&1 1&1
 
Ipv6 the next generation protocol
Ipv6 the next generation protocolIpv6 the next generation protocol
Ipv6 the next generation protocolPRADEEP Cheekatla
 
Ipv6
Ipv6Ipv6
Ipv6satish 486
 
ipv6 ppt
ipv6 pptipv6 ppt
ipv6 pptShiva Kumar
 
IPV6 INTRODUCTION
IPV6 INTRODUCTIONIPV6 INTRODUCTION
IPV6 INTRODUCTIONAVINASH JURIANI
 
IPv6
IPv6IPv6
IPv6Peter R. Egli
 
Introducing Savvius Vigil
Introducing Savvius VigilIntroducing Savvius Vigil
Introducing Savvius VigilSavvius, Inc
 

Recommended

Internet Protocol Version 6
Internet Protocol Version 6Internet Protocol Version 6
Internet Protocol Version 6sandeepjain
 
IPv6 at 1&1
IPv6 at 1&1 IPv6 at 1&1
IPv6 at 1&1 1&1
 
Ipv6 the next generation protocol
Ipv6 the next generation protocolIpv6 the next generation protocol
Ipv6 the next generation protocolPRADEEP Cheekatla
 
Ipv6
Ipv6Ipv6
Ipv6satish 486
 
ipv6 ppt
ipv6 pptipv6 ppt
ipv6 pptShiva Kumar
 
IPV6 INTRODUCTION
IPV6 INTRODUCTIONIPV6 INTRODUCTION
IPV6 INTRODUCTIONAVINASH JURIANI
 
IPv6
IPv6IPv6
IPv6Peter R. Egli
 
Introducing Savvius Vigil
Introducing Savvius VigilIntroducing Savvius Vigil
Introducing Savvius VigilSavvius, Inc
 
Long Term Reporting with Savvius and Splunk
Long Term Reporting with Savvius and SplunkLong Term Reporting with Savvius and Splunk
Long Term Reporting with Savvius and SplunkSavvius, Inc
 
Network Forensics Backwards and Forwards
Network Forensics Backwards and ForwardsNetwork Forensics Backwards and Forwards
Network Forensics Backwards and ForwardsSavvius, Inc
 
Network Analysis Tips & Tricks with Omnipeek
Network Analysis Tips & Tricks with OmnipeekNetwork Analysis Tips & Tricks with Omnipeek
Network Analysis Tips & Tricks with OmnipeekSavvius, Inc
 
Why Every Engineer Needs WLAN Packet Analysis
Why Every Engineer Needs WLAN Packet AnalysisWhy Every Engineer Needs WLAN Packet Analysis
Why Every Engineer Needs WLAN Packet AnalysisSavvius, Inc
 
Bright talk voip vofi webinar jan2015-v2
Bright talk voip vofi webinar jan2015-v2Bright talk voip vofi webinar jan2015-v2
Bright talk voip vofi webinar jan2015-v2Savvius, Inc
 
You Suspect a Security Breach. Network Forensic Analysis Gives You the Answers
You Suspect a Security Breach. Network Forensic Analysis Gives You the AnswersYou Suspect a Security Breach. Network Forensic Analysis Gives You the Answers
You Suspect a Security Breach. Network Forensic Analysis Gives You the AnswersSavvius, Inc
 
Are you ready for 802.11ac?
Are you ready for 802.11ac?Are you ready for 802.11ac?
Are you ready for 802.11ac?Savvius, Inc
 
Are You Missing Something?
Are You Missing Something?Are You Missing Something?
Are You Missing Something?Savvius, Inc
 
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...Savvius, Inc
 
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...Savvius, Inc
 
Managing a Widely Distributed Network
Managing a Widely Distributed Network Managing a Widely Distributed Network
Managing a Widely Distributed Network Savvius, Inc
 
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...Savvius, Inc
 
WildPackets EMA Whitepaper Preview
WildPackets EMA Whitepaper PreviewWildPackets EMA Whitepaper Preview
WildPackets EMA Whitepaper PreviewSavvius, Inc
 
Gigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN AnalysisGigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN AnalysisSavvius, Inc
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSavvius, Inc
 
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...Savvius, Inc
 
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)Savvius, Inc
 
The Changing Landscape in Network Performance Monitoring
The Changing Landscape in Network Performance Monitoring The Changing Landscape in Network Performance Monitoring
The Changing Landscape in Network Performance Monitoring Savvius, Inc
 
Wired and Wireless Network Forensics
Wired and Wireless Network ForensicsWired and Wireless Network Forensics
Wired and Wireless Network ForensicsSavvius, Inc
 
802.11ac: Technologies and Deployment Strategies with FarPoint Group
802.11ac: Technologies and Deployment Strategies with FarPoint Group802.11ac: Technologies and Deployment Strategies with FarPoint Group
802.11ac: Technologies and Deployment Strategies with FarPoint GroupSavvius, Inc
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

More Related Content

More from Savvius, Inc

Long Term Reporting with Savvius and Splunk
Long Term Reporting with Savvius and SplunkLong Term Reporting with Savvius and Splunk
Long Term Reporting with Savvius and SplunkSavvius, Inc
 
Network Forensics Backwards and Forwards
Network Forensics Backwards and ForwardsNetwork Forensics Backwards and Forwards
Network Forensics Backwards and ForwardsSavvius, Inc
 
Network Analysis Tips & Tricks with Omnipeek
Network Analysis Tips & Tricks with OmnipeekNetwork Analysis Tips & Tricks with Omnipeek
Network Analysis Tips & Tricks with OmnipeekSavvius, Inc
 
Why Every Engineer Needs WLAN Packet Analysis
Why Every Engineer Needs WLAN Packet AnalysisWhy Every Engineer Needs WLAN Packet Analysis
Why Every Engineer Needs WLAN Packet AnalysisSavvius, Inc
 
Bright talk voip vofi webinar jan2015-v2
Bright talk voip vofi webinar jan2015-v2Bright talk voip vofi webinar jan2015-v2
Bright talk voip vofi webinar jan2015-v2Savvius, Inc
 
You Suspect a Security Breach. Network Forensic Analysis Gives You the Answers
You Suspect a Security Breach. Network Forensic Analysis Gives You the AnswersYou Suspect a Security Breach. Network Forensic Analysis Gives You the Answers
You Suspect a Security Breach. Network Forensic Analysis Gives You the AnswersSavvius, Inc
 
Are you ready for 802.11ac?
Are you ready for 802.11ac?Are you ready for 802.11ac?
Are you ready for 802.11ac?Savvius, Inc
 
Are You Missing Something?
Are You Missing Something?Are You Missing Something?
Are You Missing Something?Savvius, Inc
 
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...Savvius, Inc
 
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...Savvius, Inc
 
Managing a Widely Distributed Network
Managing a Widely Distributed Network Managing a Widely Distributed Network
Managing a Widely Distributed Network Savvius, Inc
 
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...Savvius, Inc
 
WildPackets EMA Whitepaper Preview
WildPackets EMA Whitepaper PreviewWildPackets EMA Whitepaper Preview
WildPackets EMA Whitepaper PreviewSavvius, Inc
 
Gigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN AnalysisGigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN AnalysisSavvius, Inc
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSavvius, Inc
 
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...Savvius, Inc
 
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)Savvius, Inc
 
The Changing Landscape in Network Performance Monitoring
The Changing Landscape in Network Performance Monitoring The Changing Landscape in Network Performance Monitoring
The Changing Landscape in Network Performance Monitoring Savvius, Inc
 
Wired and Wireless Network Forensics
Wired and Wireless Network ForensicsWired and Wireless Network Forensics
Wired and Wireless Network ForensicsSavvius, Inc
 
802.11ac: Technologies and Deployment Strategies with FarPoint Group
802.11ac: Technologies and Deployment Strategies with FarPoint Group802.11ac: Technologies and Deployment Strategies with FarPoint Group
802.11ac: Technologies and Deployment Strategies with FarPoint GroupSavvius, Inc
 

More from Savvius, Inc (20)

Long Term Reporting with Savvius and Splunk
Long Term Reporting with Savvius and SplunkLong Term Reporting with Savvius and Splunk
Long Term Reporting with Savvius and Splunk
 
Network Forensics Backwards and Forwards
Network Forensics Backwards and ForwardsNetwork Forensics Backwards and Forwards
Network Forensics Backwards and Forwards
 
Network Analysis Tips & Tricks with Omnipeek
Network Analysis Tips & Tricks with OmnipeekNetwork Analysis Tips & Tricks with Omnipeek
Network Analysis Tips & Tricks with Omnipeek
 
Why Every Engineer Needs WLAN Packet Analysis
Why Every Engineer Needs WLAN Packet AnalysisWhy Every Engineer Needs WLAN Packet Analysis
Why Every Engineer Needs WLAN Packet Analysis
 
Bright talk voip vofi webinar jan2015-v2
Bright talk voip vofi webinar jan2015-v2Bright talk voip vofi webinar jan2015-v2
Bright talk voip vofi webinar jan2015-v2
 
You Suspect a Security Breach. Network Forensic Analysis Gives You the Answers
You Suspect a Security Breach. Network Forensic Analysis Gives You the AnswersYou Suspect a Security Breach. Network Forensic Analysis Gives You the Answers
You Suspect a Security Breach. Network Forensic Analysis Gives You the Answers
 
Are you ready for 802.11ac?
Are you ready for 802.11ac?Are you ready for 802.11ac?
Are you ready for 802.11ac?
 
Are You Missing Something?
Are You Missing Something?Are You Missing Something?
Are You Missing Something?
 
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
 
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
 
Managing a Widely Distributed Network
Managing a Widely Distributed Network Managing a Widely Distributed Network
Managing a Widely Distributed Network
 
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...
 
WildPackets EMA Whitepaper Preview
WildPackets EMA Whitepaper PreviewWildPackets EMA Whitepaper Preview
WildPackets EMA Whitepaper Preview
 
Gigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN AnalysisGigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN Analysis
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network Attacks
 
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...
 
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)
 
The Changing Landscape in Network Performance Monitoring
The Changing Landscape in Network Performance Monitoring The Changing Landscape in Network Performance Monitoring
The Changing Landscape in Network Performance Monitoring
 
Wired and Wireless Network Forensics
Wired and Wireless Network ForensicsWired and Wireless Network Forensics
Wired and Wireless Network Forensics
 
802.11ac: Technologies and Deployment Strategies with FarPoint Group
802.11ac: Technologies and Deployment Strategies with FarPoint Group802.11ac: Technologies and Deployment Strategies with FarPoint Group
802.11ac: Technologies and Deployment Strategies with FarPoint Group
 

Recently uploaded

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 

Recently uploaded (20)

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 

IPv6: Why "next year" is now

  • 1. IPv6 “Next Year” is Now! Jim MacLeod Show us your tweets! Use today’s webinar hashtag: Product Manager WildPackets #wp_ipv6 jmacleod@wildpackets.com with any questions, comments, or feedback. Follow me @shewfig Follow us @wildpackets © WildPackets, Inc. www.wildpackets.com
  • 2. Agenda • Primer ‒ Address types ‒ Address format ‒ Address resolution • Issues ‒ Implementation ‒ Interoperability ‒ Security • WildPackets © WildPackets, Inc. 2
  • 3. Primer: IPv6 Addressing © WildPackets, Inc. www.wildpackets.com
  • 4. Address Lexical Conventions • 128 bits of hexadecimal ‒ IPv4 had 32 bits in dotted-decimal • Separated by colons ‒ 8 groups of 16 bits ‒ 8 bits = “octet” ‒ 16 bits = “sedectet” or “hexadectet” • Shortcuts ‒ Leading zeros can be omitted • 2001:0db8::/32 same as 2001:db8::/32 ‒ Multiple consecutive zeros written as “::” • 2001:db8:0:0:0:0:0:1 same as 2001:db8::1 ‒ Localhost is ::1, default route is ::/0 © WildPackets, Inc. 4
  • 5. Address Sections • Sections ‒ Network • RIR-assigned or local ‒ Subnet • Subnetting within org/site ‒ Host • 64-bit interface identifier • Example ‒ 2001:db8::/32 • 32 bit prefix, 32 bits of subnet, 64 bits of interface ID • 32 bits of subnet =~ entire size of IPv4, each with 64 bits of host ‒ 2001:db8:de30::/48 • 48 bits of prefix, 16 bits of subnet, 64 bits of interface ID • 16 bits of subnet =~ class B IPv4 address block © WildPackets, Inc. 5
  • 6. Address Types • Unicast ‒ “Normal” address • Local ‒ Link-Local: not-routable, subnet only ‒ ULA (Unique Local Addresses): private address • Multicast ‒ Multiple scopes from host-internal to Internet-wide • NO explicit Broadcast ‒ Implemented as local-scope multicast ‒ Several specific multicast addresses defined and used • All Routers, All DHCP servers, etc… © WildPackets, Inc. 6
  • 7. Local Addresses • Link-Local: non-routable, subnet only ‒ Defined as fe80::/10. In practice, fe80::/64 ‒ Nodes auto-generate address for each interface ‒ On-box, append interface ID to address (e.g. %eth0) • Similar in concept to 169.254.0.0/16 ‒ Auto-defined, unique per subnet • Why? ‒ Bootstrap addressing: no “naked” protocols like ARP ‒ Used by ICMPv6 Neighbor Discovery (“ARPv6”) ‒ Used by DHCPv6, no need for broadcast • Impact ‒ Every IPv6 interface will have at least 2 addresses © WildPackets, Inc. 7
  • 8. Unique Local Addresses (ULA) • Routable private address space ‒ fd00::/8, plus 40 “random” bits -> fdx:y:z:://48 ‒ Like 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 • Can be used to create isolated networks ‒ Potentially routable among connected systems ‒ Non-routable across the Internet • Potential uses ‒ Lab networks ‒ Air-gapped networks ‒ Pilot projects • NOT intended for use with NAT ‒ NAT was a work-around on IP, IPv6 is the solution © WildPackets, Inc. 8
  • 9. Subnetting Review • Q: Does 2001::/32 contain 2001:db8::/32? ‒ 2001::/32 • 2001:0:0:0:0:0:0:0 – 2001:0:ffff:ffff:ffff:ffff:ffff:ffff ‒ 2001:db8::/32 • 2001:db8:0:0:0:0:0:0 – 2001:db8:ffff:ffff:ffff:ffff:ffff:ffff ‒ A: no, the 2nd sedectet is different • Q: How large is fe80::/10 ? ‒ fe80::/16 – febf::/16 ‒ 64 /16 blocks, 4B /32 blocks, 18 quadrillion /64 blocks © WildPackets, Inc. 9
  • 10. Address “Magic Numbers” • Node ‒ ::1/128 – localhost ‒ ::/0 – default route (like 0.0.0.0/0) • Local ‒ fe80::/10 – Link-local ‒ fc::/7 – ULA • Likely deployment: fd::/8 • Global ‒ 2001:db8::/32 – “Example” addresses ‒ 2001::/32 – Teredo ‒ 2001:678::/29 – Provider-independent (Multihomed end-users) ‒ 2001:7f8::/29 – Internet Exchange Points (ISP interconnect) © WildPackets, Inc. 10
  • 11. IP to IPv6 “Magic Numbers” • ::ffff:0:0/96 – IPv4-mapped IPv6 ‒ server socket-level compliance for application compatibility ‒ Can be written ::ffff:0:0:a.b.c.d • ::ffff:0:0:0/96 – Stateless IP/ICMP Translation (SIIT) ‒ To allow an IPv6 client to connect to IPv4 hosts • 64:ff9b::/96 – “Well-Known” Prefix ‒ NAT64 address translation, connect IPv6 island to IPv4 • 2002::/16 – 6to4 translation ‒ To connect IPv6 islands via IPv4 • Over time, these should all go away ‒ Dual stack makes all of these unnecessary © WildPackets, Inc. 11
  • 12. Address Resolution © WildPackets, Inc. www.wildpackets.com
  • 13. Resolving Addresses • ICMPv6 Neighbor Discovery Protocol (NDP) ‒ Replaces ARP ‒ Runs over IPv6, not over DLC/Ethernet ‒ Uses Link-local addresses • Neighbor solicitation ‒ Unicast fe80::/10 source (unique to interface) ‒ Link-local multicast destination at both L2 and L3 ‒ last 24 bits of multicast are last 24 bits of target address • Allows quick validation on receiver node: keep/discard • Neighbor Announcement ‒ Response is unicast-unicast © WildPackets, Inc. 13
  • 14. NDP in Action Search for 2001:db8:2::4 • L2 address (MAC) • OUI is IPv6 multicast prefix (33:33:FF) • Least significant 24 bits of target address (00:00:04) • L3 address – targeted multicast • Local-scope IPv6 multicast (ff02) • Least significant 48 bits • Header is ::1:ff • Same least-significant bits (00:00:04) Implication: IPv6 is optimized to reduce broadcast at both L2 and L3 • Frame is delivered to all nodes in broadcast domain • Frame is quickly rejected by NIC except on target node © WildPackets, Inc. 14
  • 15. Getting an Address • Static ‒ All parameters configured by hand • Dynamic ‒ Node bootstrap includes Router Discovery ‒ Similar to Neighbor Discovery ‒ Destination is link-local “all routers” address • Router Advertisement includes flags to use either: ‒ Stateless Address Autoconfiguration (SLAAC) ‒ DHCPv6 © WildPackets, Inc. 15
  • 16. SLAAC • Network info from Router • Node portion of address ‒ Use MAC, insert “ff:fe” in the middle ‒ Alternatively use Privacy Extensions • Pseudo-random instead of extended MAC • Implications ‒ Track IPv6 nodes by MAC • Good for network management, bad for privacy ‒ Addresses distributed nearly randomly in subnet © WildPackets, Inc. 16
  • 17. DHCPv6 • Controlled by Router Advertisement ‒ Managed Address flag – get address from DHCPv6 ‒ Other Stateful Config flag • Generate address using SLAAC • Get other configs from DHCP • Similar to DHCP in IPv4 • Link-local multicast for DHCP ‒ ff02:1::2 – all DHCP servers and relays ‒ ff02:1:3 – all DHCP servers • Implications ‒ Managed IPv6 addresses ‒ Potential point of failure © WildPackets, Inc. 17
  • 18. IPv6 Issues © WildPackets, Inc. www.wildpackets.com 18
  • 19. Implementation Issues • Two address scopes • Packet size issues • DNS • Global routing © WildPackets, Inc. 19
  • 20. Two Address Scopes • Every interface on a node has at least 2 addresses ‒ Link-local (fe80::) ‒ Unicast • Data uses unicast address ‒ Just like IPv4 address • Net administrative protocols may use link-local ‒ NDP ‒ DHCP ‒ Sometime other ICMPv6 © WildPackets, Inc. 20
  • 21. What’s Going On Here? How many data frames are there? What protocol? 3 Data frames: 1, 6, 10. HTTP. What’s going on in packets 2-3? 4-5? 8-9? NDP for 2001:db8:2::4, ::253, and ::253 again © WildPackets, Inc. 21
  • 22. Tracking What’s Going On Use Horizontal Split to show Nodes on left, Packets on right © WildPackets, Inc. 22
  • 23. Packet Size • Minimum MTU raised from 576 to 1280 ‒ Not a problem for anything modern • Longer header, less room for data ‒ IPv6 header 20+ bytes longer than IP ‒ TCP MSS reduced by 20 bytes ‒ Some applications may be hard-coded to 1460 • No router fragmentation allowed in IPv6 ‒ Node must fragment own datagrams • Overhead in transit = Oversized packet ‒ MPLS and similar ok, internal to network, use Jumbo frames ‒ IPSec across the Internet, no Jumbos allowed ‒ Oversized packets will be discarded © WildPackets, Inc. 23
  • 24. Packet Size – How to fix • Path MTU Discovery ‒ Inline during transmission • MTU violation reported by ICMPv6 ‒ “Packet Too Big” from router, e.g. VPN ingress • ICMPv6 MUST be allowed ‒ ICMP in IPv4 sometimes blocked for security reasons ‒ Will cause black holes in IPv6 if blocked © WildPackets, Inc. 24
  • 25. DNS • Same protocol, New record type: AAAA ‒ Can resolve IPv6 addresses over IPv4 ‒ Default behavior on Windows: DNS over IPv4, even for AAAA • Host-driven choice: ‒ Explicit resolution of IPv4 A or IPv6 AAAA ‒ Multiple packets each way • Server-driven choice: ‒ Single generic query from client ‒ DNS responses vary by implementation ‒ Google does reverse lookup on client ‒ Many DNS servers return both A and AAAA • Single query, dual response most common © WildPackets, Inc. 25
  • 26. Routing • BGP tables are huge on IPv4, what about IPv6? • Solution: aggregation via allocation ‒ Fully hierarchical • IANA global  RIR regional  LIR local • LIR can be ISP, university, large company, etc. • Allows much better aggregation ‒ Special allocation for small multihomed blocks • 2001:678::/29 • Minimum allocation /48 • Hardware-based forwarding ‒ Anecdotal evidence IPv6 slow on current equipment ‒ Future devices will be optimized for IPv6, not IPv4 ‒ IPv6: no checksum, no router fragmentation  faster routing © WildPackets, Inc. 26
  • 27. Interoperability Issues • Network versus Application • 6-4 failback © WildPackets, Inc. 27
  • 28. Network versus Application • Different protocols ‒ IPv4 and IPv6 don’t interact on the wire ‒ Lots of transition mechanisms • Unclear whether will ever be used • Applications may have issues ‒ Socket level APIs “should” be compatible ‒ Greatest challenges: • Legacy applications • Custom / homegrown applications • Solution: keep using IPv4 for incompatible apps ‒ Enabling IPv6 doesn’t disable IPv4 © WildPackets, Inc. 28
  • 29. 6-4 Fallback • Most visible IPv6 issue when using the Web! • Primary issue: 6 or 4? ‒ DNS AAAA or A record? ‒ Old method: try IPv6 first, wait for timeout • Windows: 20s. MacOS: 75s. Linux: 75-180s. • Impact on Web ‒ Web pages cross-link locations (average of 8 sites/page!) ‒ Will IPv6 pages contain IPv4 content? • Pages already load slowly, add MULTIPLE 20s+ delays… • Great research ‒ Geoff Huston at APNIC, “Bemused Eyeballs” ‒ Prior research from NTT, presented at NANOG39, 2007 © WildPackets, Inc. 29
  • 30. 6-4 Fallback Solution • “Happy Eyeballs” – dual stack fastest first ‒ Proposed by Dan Wing, Andrew Yourtchenko at Cisco ‒ Resolve both IPv4 and IPv6 addresses ‒ TCP SYN connect to both at once ‒ Use first to connect, RST other socket • Solution: Switch browsers! ‒ Chrome: 300ms (aggressive IPv6 timeout) ‒ Firefox: instant (Happy Eyeballs) ‒ Safari on MacOS: 270ms (aggressive RTT-based timer) • Potential work-arounds on Enterprise networks ‒ Local DNS server tweaks – but probably insufficient ‒ Gateway proxy – but maybe not fast enough © WildPackets, Inc. 30
  • 31. Security Issues • Addresses • Enforcement © WildPackets, Inc. 31
  • 32. IPv6 Address Security Issues • All routable addresses are global ‒ Can we feel safe without NAT? ‒ Remember: NAT is a security placebo (with side-effects) • Address spacing ‒ 64 bits dedicated to host = 18 x 10^18 nodes per network • “Impossible” to scan that range, can nodes “hide”? ‒ Enterprise network management • Cross-layer view: MAC, IP/IPv6, name, etc. • Even “stealth” hosts must use switches • Secure Neighbor Discovery (SEND) ‒ Uses public/private keys to validate ND (“ARPv6”) ‒ Doesn’t need PKI, but no standard method to list public keys © WildPackets, Inc. 32
  • 33. IPv6 Security Enforcement Issues • DPI / layer 7 application security scanning ‒ IPv6 header different than IPv4 ‒ IPv6 header longer than IPv4 • Changes offset for upper layers • Biggest impact on hardware-based devices ‒ Transition and Interoperability Issues • Multiple different tunnel standards • Multiple different translation standards • Teredo – IPv6 over IPv4 w/ NAT traversal ‒ Node gets IPv6 address directly on Internet ‒ Bypass network firewall controls • There have already been IPv6 DoS attacks © WildPackets, Inc. 33
  • 34. Company Overview © WildPackets, Inc. www.wildpackets.com
  • 35. Corporate Background • Experts in network monitoring, analysis, and troubleshooting ‒ Founded: 1990 / Headquarters: Walnut Creek, CA ‒ Offices throughout the US, EMEA, and APAC • Our customers are leading edge organizations ‒ Mid-market, and enterprise lines of business ‒ Financial, manufacturing, ISPs, major federal agencies, state and local governments, and universities ‒ Over 7,000 customers / 60+ countries / 80% of Fortune 1,000 • Award-winning solutions that improve network performance ‒ Internet Telephony, Network Magazine, Network Computing Awards ‒ United States Patent 5,787,253 issued July 28, 1998 • Different approach to maintaining availability of network services © WildPackets, Inc.
  • 36. Real-World Deployments Education Financial Government Health Care / Retail Telecom Technology © WildPackets, Inc.
  • 37. Product Line Overview © WildPackets, Inc. www.wildpackets.com
  • 38. Product Line Overview OmniPeek/Compass Enterprise Packet Capture, Decode and Analysis • 10/100/1000 Ethernet, Wireless, WAN, 10G • Portable capture and OmniEngine console • VoIP analysis and call playback Omnipliance / TimeLine Distributed Enterprise Network Forensics • Packet capture and real-time analysis • Stream-to-disk for forensics analysis • Integrated OmniAdapter network analysis cards WatchPoint Centralized Enterprise Network Monitoring Appliance • Aggregation and graphical display of network data • WildPackets OmniEngines • NetFlow and sFlow © WildPackets, Inc.
  • 39. OmniPeek Network Analyzer • OmniEngine Manager – Connect and configure distributed OmniEngines/Omnipliances • Comprehensive dashboards present network traffic in real-time – Vital statistics and graphs display trends on network and application performance – Visual peer-map shows conversations and protocols – Intuitive drill-down for root-cause analysis of performance bottlenecks • Visual Expert diagnosis speeds problem resolution – Packet and Payload visualizers provide business-centric views • Automated analytics and problem detection 24/7 – Easily create filters, triggers, scripting, advanced alarms and alerts © WildPackets, Inc.
  • 40. Omnipliance Network Recorders • Captures and analyzes all network traffic 24x7 – Runs our OmniEngine software probe – Generates vital statistics on network and application performance – Intuitive root-cause analysis of performance bottlenecks • Expert analysis speeds problem resolution – Fault analysis, statistical analysis, and independent notification • Multiple Issue Digital Forensics – Real-time and post capture data mining for compliance and troubleshooting • Intelligent data transport – Network data analyzed locally – Detailed analysis passed to OmniPeek on demand – Summary statistics sent to WatchPoint for long term trending and reporting – Efficient use of network bandwidth • User-Extensible Platform – Plug-in architecture and SDK © WildPackets, Inc.
  • 41. Omnipliance Network Recorders Price/performance solutions for every application Portable Edge Core Ruggedized Small Networks Datacenter Workhorse Troubleshooting Remote Offices Easily Expandable Aluminum chassis / 17” LCD 1U rack mountable chassis 3U rack mountable chassis Quad-Core Xeon 2.5GHz Quad-Core Intel Xeon Two Quad-Core Intel Xeon X3460 2.80Ghz E5530 2.4Ghz 4GB RAM 4GB RAM 6GB RAM 2 PCI-E Slots 2 PCI-E Slots 4 PCI-E Slots 2 Built-in Ethernet Ports 2 Built-in Ethernet Ports 2 Built-in Ethernet Ports 500GB and 2.5TB SATA 1TB SATA storage capacity 2TB SATA storage capacity storage capacity © WildPackets, Inc.
  • 42. TimeLine • Fastest network recording and real-time statistical display — simultaneously ‒ 11.7Gbps sustained capture with zero packet loss ‒ Network statistics display in TimeLine visualization format • Rapid, intuitive forensics search and retrieval ‒ Historical network traffic analysis and quick data rewinding ‒ Several pre-defined forensics search templates making searches easy and fast • A natural extension to the WildPackets product line • Turnkey bundled solution ‒ Appliance + OmniEngine, OmniAdapter, OmniPeek Connect © WildPackets, Inc.
  • 43. TimeLine For the most demanding network analysis tasks TimeLine 10g Network Forensics 3U rack mountable chassis Two Quad-Core Intel Xeon 5560 2.8Ghz 18GB RAM 4 PCI-E Slots 2 Built-in Ethernet Ports 8/16/32TB SATA storage capacity © WildPackets, Inc.
  • 44. WatchPoint Centralized Monitoring for Distributed Enterprise Networks • High-level, aggregated view of all network segments – Monitor per campus, per region, per country • Wide range of network data – NetFlow, sFlow, OmniFlow • Web-based, customizable network dashboards • Flexible detailed reports • Omnipliances must be configured for continuous capture © WildPackets, Inc.
  • 45. WildPackets Key Differentiators • Visual Expert Intelligence with Intuitive Drill-down – Let computer do the hard work, and return results, real-time – Packet / Payload Visualizers are faster than packet-per-packet diagnostics – Experts and analytics can be memorized and automated • Automated Capture Analytics – Filters, triggers, scripting and advanced alarming system combine to provide automated network problem detection 24x7 • Multiple Issue Network Forensics – Can be tracked by one or more people simultaneously – Real-time or post capture • User-Extensible Platform – Plug-in architecture and SDK • Aggregated Network Views and Reporting – NetFlow, sFlow, and OmniFlow © WildPackets, Inc.
  • 46. Q&A Show us your tweets! Use today’s webinar hashtag: Follow us on SlideShare! Check out today’s slides on SlideShare #wp_ipv6 www.slideshare.net/wildpackets with any questions, comments, or feedback. Follow us @wildpackets © WildPackets, Inc. www.wildpackets.com
  • 47. Thank You! WildPackets, Inc. 1340 Treat Boulevard, Suite 500 Walnut Creek, CA 94597 (925) 937-3200 © WildPackets, Inc. www.wildpackets.com