SlideShare uma empresa Scribd logo

IPv6 im Jahre 2018

Maximilan Wilhelm
Maximilan Wilhelm

Nach 20 Jahren IPv6 (RFC2460 erschien im Dezember 1998) und knapp 40% Verbreitung an Deutschlands Internetzugängen stellt sich IPv6 für die meisten Admins immer noch als Mysterium dar. Teilweise wird sogar von führenden Experten empfohlen IPv6 abzuschalten "weil das nur Probleme macht". Warum das nicht so ist, und warum man sich doch auf die "neue" Welt einlassen sollte erklärt dieser praxisorientierte Vortrag. Der Vortag führt ein in Adresskonzepte, Adressvergabe und -auflösung (SLAAC, DHCPv6, DHCPv6-PD, ND, RDNSS, etc.) und zeigt einen typischen Adressierunsplan auf. Brückentechnologien wie NAT64, DS-lite und Teredo werden vorgestellt und eingeordnet. Die Konfiguration von IPv6 unter Linux wird am Beispiel von iproute2 bzw. Debian Netzwerkkonfiguration sowie sysctls aufgezeigt.

Internet
1 de 26
Baixar para ler offline
IPv6 in 2018 FrOSCon 13 Network Track Falk Stern, Maximilian Wilhelm 1 / 26
Agenda 1. Who's who 2. History 3. IPv6 1. Addressing 2. Packet Format 3. ICMP, Neighbour Discovery, Autoconfig 4. Transition Technologies 2 / 26
Who's who Falk Stern Full Stack Infrastructure Engineer IPv6 fanboy Runs his own Kubernetes cluster in his basement Consultant @ Profi Engineering Systems AG Contact @wrf42 falk@fourecks.de 3 / 26
Who's who Maximilian Wilhelm Networker OpenSource Hacker Fanboy of (Debian) Linux ifupdown2 Occupation: By day: Senior Infrastructure Architect, Uni Paderborn By night: Infrastructure Archmage, Freifunk Hochstift In between: Freelance Solution Architect for hire Contact @BarbarossaTM max@sdn.clinic 4 / 26
Who's who History IPv4 allocations have been made NAT is everywhere, even in your Fritz!Box CGN/LSN breaks your applications Some devices still don't support IPv6 State of the InterNAT 5 / 26
Who's who History IPv6 history Introduced in RFC2460, December 1998 Adressing Diminishing IPv4 address space Use of NAT/PAT Growing routing tables First deployment was with 6bone, stopped on 6.6.2006 Hurricane Electric, SixXs pushed IPv6 tunnels Germany has >35% IPv6 adoption per https://google.com/ipv6 Global IPv6 Adoption is at 22% 6 / 26
Who's who History IPv6 What's "new" Different address format Different header Stateless autoconfiguration no need for DHCP Broadcast replaced by multicast Global address hierarchy 7 / 26
Who's who History IPv6 Address format Standard form 8 x 16bit hexadecimal 2001:0db8:affe:c0d4:0000:0000:00c0:fffe Short form Sequence of 0 replaced by ::, leading 0 can be omitted 2001:db8:affe:c0d4::c0:fffe 8 / 26
Who's who History IPv6 Address format IPv4 compatible addresses 0000:0000:0000:0000:0000:ffff:192.0.2.4 or ::ffff:192.0.2.4 CIDR notation for pre xes 2001:db8:affe:c0d4::/64 9 / 26
Who's who History IPv6 Address types Unicast Global (everything not specified elsewhere) unique local (ULA) - FC00::/7 link-local (LLA) - FE80::/10 IPv4 mapped - ::ffff:192.0.2.4 Loopback - ::1/128 unspecified - ::/128 Multicast FF00::/8 No broadcast 10 / 26
Who's who History IPv6 Header format 11 / 26
Who's who History IPv6 ICMPv6 Defined in RFC4443 Informational (Type > 127) Echo Request (128) Echo Reply (129) ... Error (Type < 128) Destination Unreachable (1) Packet Too Big (2) Time Exceeded (3) Parameter Problem (4) If you really want to filter ICMPv6, please read RFC4890 12 / 26
Who's who History IPv6 IPv6 Neighbour Discovery Protocol over ICMPv6 Router Solicitation / Advertisement Neighbour Solicitation / Advertisement Redirect Replaces ARP and certain ICMPv4 messages Implemented through Multicast 13 / 26
Who's who History IPv6 64-Bit Extended Unique Identifier First 24, 28 or 36 bit identify the vendor Modified EUI-64 is used by IPv6 to generate an interface identifier MAC address is split into 24 bit parts, FFFE inserted in-between seventh bit from the left is inverted 1st octet 2nd octet 3rd octet 4th octet 5th octet 6th octet 6 octets or Organisationally Unique Identifier (OUI) Network Interface Controller (NIC) Specific 3 octets 3 octets b7 b6 b5 b4 b3 b2 b1 b0 8 bits 0: 1: unicast multicast 0: 1: globally unique (OUI enforced) locally administered EUI-64 14 / 26
Who's who History IPv6 Stateless Autocon guration (SLAAC) 1. Interface assigns a link-local address w/ interface identifier 2. Interface sends router solicitation 3. Router sends router advertisement, including prefix, default gateway, etc. 4. Interface creates global address from prefix and interface identifier 5. Interface sends a neighbour solicitation for Duplicate Address Detection Router advertisement can contain: Prefix Lifetime DNS Server Default Gateway MTU 15 / 26
Who's who History IPv6 Stateful Autocon guration (DHCPv6) IPv6 can use DHCP to configure all parameters Required for UEFI netbooting Only way to configure a nameserver if the router does not support RDNSS (RFC8106) Required for Prefix Delegation (DHCPv6-PD) 16 / 26
Who's who History IPv6 Stateless Autocon guration with DHCPv6 Address is configured through SLAAC DNS Server is configured through DHCPv6 Android doesn't support this 17 / 26
Who's who History IPv6 Privacy extensions (RFC4941) As a global IPv6 address can be used to identify a single computer, there is a privacy issue. Hosts can generate additional random interface identifiers for outgoing connections. These addresses expire after a certain amount of time. A host can have a number of addresses configured at the same time. 18 / 26
Who's who History IPv6 Subnetting Your LAN should have a /64 That's more than 18 quintillion addresses Deutsche Telekom delegates you a /56 That's 256 times 18 quintillion addresses A site should use a /48 That's 65536 times 18 quintillion addresses RIPE delegates a /29 That's 524288 sites with 65536 subnets with 18 quintillion addresses You can use a /127* on a link, if you want to. The legacy internet fits in a /96 18 quintillion = 18.446.744.073.709.551.616 * That's 2 addresses 19 / 26
Who's who History IPv6 Transition Getting from 4 to 6 There are a lot of transition technologies to get to IPv6 Tunnelbrokers Dual Stack DS-Lite NAT64/DNS64 464XLAT 20 / 26
Who's who History IPv6 Transition Tunnel Brokers Tunnelbrokers provide a IPv6 enabled tunnel over IPv4 and route several subnets. Dual Stack Nodes have 2 IP stacks and several IP addresses 21 / 26
Who's who History IPv6 Transition DS-Lite ISP Network IPv6(IPv4)IPv4 IPv6 IPv6 Internet IPv4 Internet IPv6 DS-Lite CGN Source: Wikipedia 22 / 26
Who's who History IPv6 Transition NAT64/DNS64 The IPv4 internet is mapped to a well-known prefix 64:FF9B::/96 DNS64 translates A records to AAAA records NAT64 translates requests to 64:FF9B::/96 to IPv4 23 / 26
Who's who History IPv6 Transition "Happy Eyeballs" Selection mechanism which protocol to prefer (RFC8305) Tries both address families in parallel, prefers faster TCP answer "Happy Eyeballs Version 2: Better Connectivity Through Concurrency" Implemented in Chrome, Opera, Firefox macOS cURL 24 / 26
Who's who History IPv6 Transition Who is using IPv6? Heise, Google, Youtube, Facebook, Microsoft NAT64 support is mandatory for Apple iOS Apps Microsoft is migrating to IPv6 only internally https://labs.ripe.net/Members/mirjam/ipv6-only-at-microsoft 25 / 26
Who's who History IPv6 Transition Questions Questions? 26 / 26

Recomendados

Dynamische Routingprotokolle Aufzucht und Pflege - BGP
Dynamische Routingprotokolle Aufzucht und Pflege - BGPDynamische Routingprotokolle Aufzucht und Pflege - BGP
Dynamische Routingprotokolle Aufzucht und Pflege - BGPMaximilan Wilhelm
 
Netzwerkgrundlagen - Von Ethernet bis IP
Netzwerkgrundlagen - Von Ethernet bis IPNetzwerkgrundlagen - Von Ethernet bis IP
Netzwerkgrundlagen - Von Ethernet bis IPMaximilan Wilhelm
 
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3Maximilan Wilhelm
 
Dynamische Routingprotokolle Aufzucht und Pflege - OSPF
Dynamische Routingprotokolle Aufzucht und Pflege - OSPFDynamische Routingprotokolle Aufzucht und Pflege - OSPF
Dynamische Routingprotokolle Aufzucht und Pflege - OSPFMaximilan Wilhelm
 
L2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-Netzwerkstack
L2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-NetzwerkstackL2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-Netzwerkstack
L2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-NetzwerkstackMaximilan Wilhelm
 
Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...
Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...
Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...Maximilan Wilhelm
 
Anycast all the things
Anycast all the thingsAnycast all the things
Anycast all the thingsMaximilan Wilhelm
 
Best Current Operational Practices - Dos, Don’ts and lessons learned
Best Current Operational Practices - Dos, Don’ts and lessons learnedBest Current Operational Practices - Dos, Don’ts and lessons learned
Best Current Operational Practices - Dos, Don’ts and lessons learnedMaximilan Wilhelm
 

Recomendados

Dynamische Routingprotokolle Aufzucht und Pflege - BGP
Dynamische Routingprotokolle Aufzucht und Pflege - BGPDynamische Routingprotokolle Aufzucht und Pflege - BGP
Dynamische Routingprotokolle Aufzucht und Pflege - BGPMaximilan Wilhelm
 
Netzwerkgrundlagen - Von Ethernet bis IP
Netzwerkgrundlagen - Von Ethernet bis IPNetzwerkgrundlagen - Von Ethernet bis IP
Netzwerkgrundlagen - Von Ethernet bis IPMaximilan Wilhelm
 
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3Maximilan Wilhelm
 
Dynamische Routingprotokolle Aufzucht und Pflege - OSPF
Dynamische Routingprotokolle Aufzucht und Pflege - OSPFDynamische Routingprotokolle Aufzucht und Pflege - OSPF
Dynamische Routingprotokolle Aufzucht und Pflege - OSPFMaximilan Wilhelm
 
L2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-Netzwerkstack
L2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-NetzwerkstackL2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-Netzwerkstack
L2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-NetzwerkstackMaximilan Wilhelm
 
Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...
Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...
Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...Maximilan Wilhelm
 
Anycast all the things
Anycast all the thingsAnycast all the things
Anycast all the thingsMaximilan Wilhelm
 
Best Current Operational Practices - Dos, Don’ts and lessons learned
Best Current Operational Practices - Dos, Don’ts and lessons learnedBest Current Operational Practices - Dos, Don’ts and lessons learned
Best Current Operational Practices - Dos, Don’ts and lessons learnedMaximilan Wilhelm
 
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...Maximilan Wilhelm
 
Contemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ngContemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ngMaximilan Wilhelm
 
Building your own CGN boxes with Linux
Building your own CGN boxes with LinuxBuilding your own CGN boxes with Linux
Building your own CGN boxes with LinuxMaximilan Wilhelm
 
Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...Maximilan Wilhelm
 
6.Routing
6.Routing6.Routing
6.Routingphanleson
 
Operationalizing VRF in the Data Center
Operationalizing VRF in the Data CenterOperationalizing VRF in the Data Center
Operationalizing VRF in the Data CenterCumulus Networks
 
Building your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and pythonBuilding your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and pythonMaximilan Wilhelm
 
Contemporary Linux Networking
Contemporary Linux NetworkingContemporary Linux Networking
Contemporary Linux NetworkingMaximilan Wilhelm
 
Morphology of Modern Data Center Networks - YaC 2013
Morphology of Modern Data Center Networks - YaC 2013Morphology of Modern Data Center Networks - YaC 2013
Morphology of Modern Data Center Networks - YaC 2013Cumulus Networks
 
Networking Fundamentals: Local Networks
Networking Fundamentals: Local NetworksNetworking Fundamentals: Local Networks
Networking Fundamentals: Local NetworksAndriy Berestovskyy
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheetjulianlz
 
VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)Netwax Lab
 
Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_Jide Akintola JNCIE-M&T/SP #496 CCIE-SP#28552
 
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...OpenNebula Project
 
Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)NetProtocol Xpert
 
Networking Fundamentals: Transport Protocols (TCP and UDP)
Networking Fundamentals: Transport Protocols (TCP and UDP)Networking Fundamentals: Transport Protocols (TCP and UDP)
Networking Fundamentals: Transport Protocols (TCP and UDP)Andriy Berestovskyy
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheetbalamurugan N
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheetSwarup Hait
 
Internet innovation with Multipath TCP
Internet innovation with Multipath TCPInternet innovation with Multipath TCP
Internet innovation with Multipath TCPOlivier Bonaventure
 
CCNA 200-120 Exam Quick Notes
CCNA 200-120 Exam Quick NotesCCNA 200-120 Exam Quick Notes
CCNA 200-120 Exam Quick NotesEng. Emad Al-Atoum
 
Introduction to IPv6-UoN
Introduction to IPv6-UoNIntroduction to IPv6-UoN
Introduction to IPv6-UoNMwendwa Kivuva
 
DCN 5th ed. slides ch22 Next Generation IP.pdf
DCN 5th ed. slides ch22 Next Generation IP.pdfDCN 5th ed. slides ch22 Next Generation IP.pdf
DCN 5th ed. slides ch22 Next Generation IP.pdfBilal Munir Mughal
 

Mais conteúdo relacionado

Mais procurados

Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...Maximilan Wilhelm
 
Contemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ngContemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ngMaximilan Wilhelm
 
Building your own CGN boxes with Linux
Building your own CGN boxes with LinuxBuilding your own CGN boxes with Linux
Building your own CGN boxes with LinuxMaximilan Wilhelm
 
Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...Maximilan Wilhelm
 
Operationalizing VRF in the Data Center
Operationalizing VRF in the Data CenterOperationalizing VRF in the Data Center
Operationalizing VRF in the Data CenterCumulus Networks
 
Building your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and pythonBuilding your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and pythonMaximilan Wilhelm
 
Contemporary Linux Networking
Contemporary Linux NetworkingContemporary Linux Networking
Contemporary Linux NetworkingMaximilan Wilhelm
 
Morphology of Modern Data Center Networks - YaC 2013
Morphology of Modern Data Center Networks - YaC 2013Morphology of Modern Data Center Networks - YaC 2013
Morphology of Modern Data Center Networks - YaC 2013Cumulus Networks
 
Networking Fundamentals: Local Networks
Networking Fundamentals: Local NetworksNetworking Fundamentals: Local Networks
Networking Fundamentals: Local NetworksAndriy Berestovskyy
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheetjulianlz
 
VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)Netwax Lab
 
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...OpenNebula Project
 
Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)NetProtocol Xpert
 
Networking Fundamentals: Transport Protocols (TCP and UDP)
Networking Fundamentals: Transport Protocols (TCP and UDP)Networking Fundamentals: Transport Protocols (TCP and UDP)
Networking Fundamentals: Transport Protocols (TCP and UDP)Andriy Berestovskyy
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheetSwarup Hait
 
Internet innovation with Multipath TCP
Internet innovation with Multipath TCPInternet innovation with Multipath TCP
Internet innovation with Multipath TCPOlivier Bonaventure
 

Mais procurados (20)

Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
 
Contemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ngContemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ng
 
Building your own CGN boxes with Linux
Building your own CGN boxes with LinuxBuilding your own CGN boxes with Linux
Building your own CGN boxes with Linux
 
Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...
 
6.Routing
6.Routing6.Routing
6.Routing
 
Operationalizing VRF in the Data Center
Operationalizing VRF in the Data CenterOperationalizing VRF in the Data Center
Operationalizing VRF in the Data Center
 
Building your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and pythonBuilding your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and python
 
Contemporary Linux Networking
Contemporary Linux NetworkingContemporary Linux Networking
Contemporary Linux Networking
 
Morphology of Modern Data Center Networks - YaC 2013
Morphology of Modern Data Center Networks - YaC 2013Morphology of Modern Data Center Networks - YaC 2013
Morphology of Modern Data Center Networks - YaC 2013
 
Networking Fundamentals: Local Networks
Networking Fundamentals: Local NetworksNetworking Fundamentals: Local Networks
Networking Fundamentals: Local Networks
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheet
 
VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)
 
Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_
 
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
 
Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)
 
Networking Fundamentals: Transport Protocols (TCP and UDP)
Networking Fundamentals: Transport Protocols (TCP and UDP)Networking Fundamentals: Transport Protocols (TCP and UDP)
Networking Fundamentals: Transport Protocols (TCP and UDP)
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheet
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheet
 
Internet innovation with Multipath TCP
Internet innovation with Multipath TCPInternet innovation with Multipath TCP
Internet innovation with Multipath TCP
 
CCNA 200-120 Exam Quick Notes
CCNA 200-120 Exam Quick NotesCCNA 200-120 Exam Quick Notes
CCNA 200-120 Exam Quick Notes
 

Semelhante a IPv6 im Jahre 2018

Introduction to IPv6-UoN
Introduction to IPv6-UoNIntroduction to IPv6-UoN
Introduction to IPv6-UoNMwendwa Kivuva
 
DCN 5th ed. slides ch22 Next Generation IP.pdf
DCN 5th ed. slides ch22 Next Generation IP.pdfDCN 5th ed. slides ch22 Next Generation IP.pdf
DCN 5th ed. slides ch22 Next Generation IP.pdfBilal Munir Mughal
 
10 IP VERSION SIX (6) WEEK TEN notes.pptx
10 IP VERSION SIX (6) WEEK TEN notes.pptx10 IP VERSION SIX (6) WEEK TEN notes.pptx
10 IP VERSION SIX (6) WEEK TEN notes.pptxJoshuaAnnan5
 
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?Mark Smith
 
Gohil-Network layer & Address Resolution Protocol.pptx
Gohil-Network layer & Address Resolution Protocol.pptxGohil-Network layer & Address Resolution Protocol.pptx
Gohil-Network layer & Address Resolution Protocol.pptxJuvil2
 
Why We Need IPv6
Why We Need IPv6Why We Need IPv6
Why We Need IPv6Netwax Lab
 
Introduction to IPV6
Introduction to IPV6Introduction to IPV6
Introduction to IPV6Sean Collins
 
Cisco presentation2
Cisco presentation2Cisco presentation2
Cisco presentation2ehsan nazer
 
Moushumi Maria (071464056)
Moushumi Maria (071464056)Moushumi Maria (071464056)
Moushumi Maria (071464056)mashiur
 
IPv6 - The Next next generation protocol
IPv6 - The Next next generation protocolIPv6 - The Next next generation protocol
IPv6 - The Next next generation protocolMohit Sharma
 
Lightweight 4-over-6: One step further Dual-Stack Lite Networks (RIPE 76)
Lightweight 4-over-6: One step further Dual-Stack Lite Networks (RIPE 76)Lightweight 4-over-6: One step further Dual-Stack Lite Networks (RIPE 76)
Lightweight 4-over-6: One step further Dual-Stack Lite Networks (RIPE 76)Igalia
 

Semelhante a IPv6 im Jahre 2018 (20)

Introduction to IPv6-UoN
Introduction to IPv6-UoNIntroduction to IPv6-UoN
Introduction to IPv6-UoN
 
DCN 5th ed. slides ch22 Next Generation IP.pdf
DCN 5th ed. slides ch22 Next Generation IP.pdfDCN 5th ed. slides ch22 Next Generation IP.pdf
DCN 5th ed. slides ch22 Next Generation IP.pdf
 
Network Layer
Network LayerNetwork Layer
Network Layer
 
10 IP VERSION SIX (6) WEEK TEN notes.pptx
10 IP VERSION SIX (6) WEEK TEN notes.pptx10 IP VERSION SIX (6) WEEK TEN notes.pptx
10 IP VERSION SIX (6) WEEK TEN notes.pptx
 
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
 
Gohil-Network layer & Address Resolution Protocol.pptx
Gohil-Network layer & Address Resolution Protocol.pptxGohil-Network layer & Address Resolution Protocol.pptx
Gohil-Network layer & Address Resolution Protocol.pptx
 
Introduction to IPv6
Introduction to IPv6Introduction to IPv6
Introduction to IPv6
 
IPV6
IPV6 IPV6
IPV6
 
Why We Need IPv6
Why We Need IPv6Why We Need IPv6
Why We Need IPv6
 
01 Ipv6 Addressing
01 Ipv6 Addressing01 Ipv6 Addressing
01 Ipv6 Addressing
 
Introduction to IPV6
Introduction to IPV6Introduction to IPV6
Introduction to IPV6
 
UNIT-2.pptx
UNIT-2.pptxUNIT-2.pptx
UNIT-2.pptx
 
Cisco presentation2
Cisco presentation2Cisco presentation2
Cisco presentation2
 
IPv6
IPv6IPv6
IPv6
 
Moushumi Maria (071464056)
Moushumi Maria (071464056)Moushumi Maria (071464056)
Moushumi Maria (071464056)
 
AF-23- IPv6 Security_Final
AF-23- IPv6 Security_FinalAF-23- IPv6 Security_Final
AF-23- IPv6 Security_Final
 
Ipv4 address
Ipv4 addressIpv4 address
Ipv4 address
 
IPv6 - The Next next generation protocol
IPv6 - The Next next generation protocolIPv6 - The Next next generation protocol
IPv6 - The Next next generation protocol
 
Lightweight 4-over-6: One step further Dual-Stack Lite Networks (RIPE 76)
Lightweight 4-over-6: One step further Dual-Stack Lite Networks (RIPE 76)Lightweight 4-over-6: One step further Dual-Stack Lite Networks (RIPE 76)
Lightweight 4-over-6: One step further Dual-Stack Lite Networks (RIPE 76)
 
CCNA_ITN_Chp5.pptx
CCNA_ITN_Chp5.pptxCCNA_ITN_Chp5.pptx
CCNA_ITN_Chp5.pptx
 

Último

PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书rnrncn29
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxeditsforyah
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
NSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationNSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationMarko4394
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书rnrncn29
 

Último (17)

PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptx
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
NSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationNSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentation
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
 

IPv6 im Jahre 2018

  • 1. IPv6 in 2018 FrOSCon 13 Network Track Falk Stern, Maximilian Wilhelm 1 / 26
  • 2. Agenda 1. Who's who 2. History 3. IPv6 1. Addressing 2. Packet Format 3. ICMP, Neighbour Discovery, Autoconfig 4. Transition Technologies 2 / 26
  • 3. Who's who Falk Stern Full Stack Infrastructure Engineer IPv6 fanboy Runs his own Kubernetes cluster in his basement Consultant @ Profi Engineering Systems AG Contact @wrf42 falk@fourecks.de 3 / 26
  • 4. Who's who Maximilian Wilhelm Networker OpenSource Hacker Fanboy of (Debian) Linux ifupdown2 Occupation: By day: Senior Infrastructure Architect, Uni Paderborn By night: Infrastructure Archmage, Freifunk Hochstift In between: Freelance Solution Architect for hire Contact @BarbarossaTM max@sdn.clinic 4 / 26
  • 5. Who's who History IPv4 allocations have been made NAT is everywhere, even in your Fritz!Box CGN/LSN breaks your applications Some devices still don't support IPv6 State of the InterNAT 5 / 26
  • 6. Who's who History IPv6 history Introduced in RFC2460, December 1998 Adressing Diminishing IPv4 address space Use of NAT/PAT Growing routing tables First deployment was with 6bone, stopped on 6.6.2006 Hurricane Electric, SixXs pushed IPv6 tunnels Germany has >35% IPv6 adoption per https://google.com/ipv6 Global IPv6 Adoption is at 22% 6 / 26
  • 7. Who's who History IPv6 What's "new" Different address format Different header Stateless autoconfiguration no need for DHCP Broadcast replaced by multicast Global address hierarchy 7 / 26
  • 8. Who's who History IPv6 Address format Standard form 8 x 16bit hexadecimal 2001:0db8:affe:c0d4:0000:0000:00c0:fffe Short form Sequence of 0 replaced by ::, leading 0 can be omitted 2001:db8:affe:c0d4::c0:fffe 8 / 26
  • 9. Who's who History IPv6 Address format IPv4 compatible addresses 0000:0000:0000:0000:0000:ffff:192.0.2.4 or ::ffff:192.0.2.4 CIDR notation for pre xes 2001:db8:affe:c0d4::/64 9 / 26
  • 10. Who's who History IPv6 Address types Unicast Global (everything not specified elsewhere) unique local (ULA) - FC00::/7 link-local (LLA) - FE80::/10 IPv4 mapped - ::ffff:192.0.2.4 Loopback - ::1/128 unspecified - ::/128 Multicast FF00::/8 No broadcast 10 / 26
  • 12. Who's who History IPv6 ICMPv6 Defined in RFC4443 Informational (Type > 127) Echo Request (128) Echo Reply (129) ... Error (Type < 128) Destination Unreachable (1) Packet Too Big (2) Time Exceeded (3) Parameter Problem (4) If you really want to filter ICMPv6, please read RFC4890 12 / 26
  • 13. Who's who History IPv6 IPv6 Neighbour Discovery Protocol over ICMPv6 Router Solicitation / Advertisement Neighbour Solicitation / Advertisement Redirect Replaces ARP and certain ICMPv4 messages Implemented through Multicast 13 / 26
  • 14. Who's who History IPv6 64-Bit Extended Unique Identifier First 24, 28 or 36 bit identify the vendor Modified EUI-64 is used by IPv6 to generate an interface identifier MAC address is split into 24 bit parts, FFFE inserted in-between seventh bit from the left is inverted 1st octet 2nd octet 3rd octet 4th octet 5th octet 6th octet 6 octets or Organisationally Unique Identifier (OUI) Network Interface Controller (NIC) Specific 3 octets 3 octets b7 b6 b5 b4 b3 b2 b1 b0 8 bits 0: 1: unicast multicast 0: 1: globally unique (OUI enforced) locally administered EUI-64 14 / 26
  • 15. Who's who History IPv6 Stateless Autocon guration (SLAAC) 1. Interface assigns a link-local address w/ interface identifier 2. Interface sends router solicitation 3. Router sends router advertisement, including prefix, default gateway, etc. 4. Interface creates global address from prefix and interface identifier 5. Interface sends a neighbour solicitation for Duplicate Address Detection Router advertisement can contain: Prefix Lifetime DNS Server Default Gateway MTU 15 / 26
  • 16. Who's who History IPv6 Stateful Autocon guration (DHCPv6) IPv6 can use DHCP to configure all parameters Required for UEFI netbooting Only way to configure a nameserver if the router does not support RDNSS (RFC8106) Required for Prefix Delegation (DHCPv6-PD) 16 / 26
  • 17. Who's who History IPv6 Stateless Autocon guration with DHCPv6 Address is configured through SLAAC DNS Server is configured through DHCPv6 Android doesn't support this 17 / 26
  • 18. Who's who History IPv6 Privacy extensions (RFC4941) As a global IPv6 address can be used to identify a single computer, there is a privacy issue. Hosts can generate additional random interface identifiers for outgoing connections. These addresses expire after a certain amount of time. A host can have a number of addresses configured at the same time. 18 / 26
  • 19. Who's who History IPv6 Subnetting Your LAN should have a /64 That's more than 18 quintillion addresses Deutsche Telekom delegates you a /56 That's 256 times 18 quintillion addresses A site should use a /48 That's 65536 times 18 quintillion addresses RIPE delegates a /29 That's 524288 sites with 65536 subnets with 18 quintillion addresses You can use a /127* on a link, if you want to. The legacy internet fits in a /96 18 quintillion = 18.446.744.073.709.551.616 * That's 2 addresses 19 / 26
  • 20. Who's who History IPv6 Transition Getting from 4 to 6 There are a lot of transition technologies to get to IPv6 Tunnelbrokers Dual Stack DS-Lite NAT64/DNS64 464XLAT 20 / 26
  • 21. Who's who History IPv6 Transition Tunnel Brokers Tunnelbrokers provide a IPv6 enabled tunnel over IPv4 and route several subnets. Dual Stack Nodes have 2 IP stacks and several IP addresses 21 / 26
  • 22. Who's who History IPv6 Transition DS-Lite ISP Network IPv6(IPv4)IPv4 IPv6 IPv6 Internet IPv4 Internet IPv6 DS-Lite CGN Source: Wikipedia 22 / 26
  • 23. Who's who History IPv6 Transition NAT64/DNS64 The IPv4 internet is mapped to a well-known prefix 64:FF9B::/96 DNS64 translates A records to AAAA records NAT64 translates requests to 64:FF9B::/96 to IPv4 23 / 26
  • 24. Who's who History IPv6 Transition "Happy Eyeballs" Selection mechanism which protocol to prefer (RFC8305) Tries both address families in parallel, prefers faster TCP answer "Happy Eyeballs Version 2: Better Connectivity Through Concurrency" Implemented in Chrome, Opera, Firefox macOS cURL 24 / 26
  • 25. Who's who History IPv6 Transition Who is using IPv6? Heise, Google, Youtube, Facebook, Microsoft NAT64 support is mandatory for Apple iOS Apps Microsoft is migrating to IPv6 only internally https://labs.ripe.net/Members/mirjam/ipv6-only-at-microsoft 25 / 26