Enviar pesquisa
Carregar
Fedv6tf-IPv6-new-friends
•
0 gostou
•
727 visualizações
Tim Martin
Seguir
IPv6 has some new friends NDP, EH, MLD
Leia menos
Leia mais
Internet
Vista de apresentação de diapositivos
Denunciar
Compartilhar
Vista de apresentação de diapositivos
Denunciar
Compartilhar
1 de 35
Baixar agora
Baixar para ler offline
Recomendados
Fedv6tf-fhs
Fedv6tf-fhs
Tim Martin
IPv6 address-planning
IPv6 address-planning
Tim Martin
IPv6-strategic-planning-framework
IPv6-strategic-planning-framework
Tim Martin
OSPF v3
OSPF v3
Irsandi Hasan
From NAT to NAT Traversal
From NAT to NAT Traversal
Li-Wei Yao
Ice
Ice
Tony Deng
Eric Vyncke - Layer-2 security, ipv6 norway
Eric Vyncke - Layer-2 security, ipv6 norway
IKT-Norge
ICE basic
ICE basic
Vu Nguyen
Recomendados
Fedv6tf-fhs
Fedv6tf-fhs
Tim Martin
IPv6 address-planning
IPv6 address-planning
Tim Martin
IPv6-strategic-planning-framework
IPv6-strategic-planning-framework
Tim Martin
OSPF v3
OSPF v3
Irsandi Hasan
From NAT to NAT Traversal
From NAT to NAT Traversal
Li-Wei Yao
Ice
Ice
Tony Deng
Eric Vyncke - Layer-2 security, ipv6 norway
Eric Vyncke - Layer-2 security, ipv6 norway
IKT-Norge
ICE basic
ICE basic
Vu Nguyen
Getting started with IPv6
Getting started with IPv6
Private
Ipv6
Ipv6
maha5960
NAT Traversal
NAT Traversal
Davide Carboni
Nat traversal in WebRTC context
Nat traversal in WebRTC context
AudioCodes
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 7
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 7
Waqas Ahmed Nawaz
IPv6
IPv6
Deepraj Bhujel
IPv6 Address Planning
IPv6 Address Planning
Deploy360 Programme (Internet Society)
Stun turn poc_pilot
Stun turn poc_pilot
Mihály Mészáros
Service Function Chaining with SRv6
Service Function Chaining with SRv6
Ahmed AbdelSalam
Eric Vyncke - IPv6 security in general
Eric Vyncke - IPv6 security in general
IKT-Norge
IPv6 in Cellular Networks
IPv6 in Cellular Networks
APNIC
Dynamic Host Configuration Protocol
Dynamic Host Configuration Protocol
newbie2019
Introduction of ipv6
Introduction of ipv6
KaushikMajumder22
IPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi Palet
Регистар националног Интернет домена Србије - РНИДС
I Pv6 Enabling Menog 0.4
I Pv6 Enabling Menog 0.4
Hussein Elmenshawy
IPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi Palet
Регистар националног Интернет домена Србије - РНИДС
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
Waqas Ahmed Nawaz
It nv51 instructor_ppt_ch7
It nv51 instructor_ppt_ch7
newbie2019
Cisco IPv6 Tutorial
Cisco IPv6 Tutorial
kriz5
Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0
Fred Bovy
Cisco presentation2
Cisco presentation2
ehsan nazer
Deploy ipv6 multicast_v0_1
Deploy ipv6 multicast_v0_1
Nguyen Thanh
Mais conteúdo relacionado
Mais procurados
Getting started with IPv6
Getting started with IPv6
Private
Ipv6
Ipv6
maha5960
NAT Traversal
NAT Traversal
Davide Carboni
Nat traversal in WebRTC context
Nat traversal in WebRTC context
AudioCodes
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 7
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 7
Waqas Ahmed Nawaz
IPv6
IPv6
Deepraj Bhujel
IPv6 Address Planning
IPv6 Address Planning
Deploy360 Programme (Internet Society)
Stun turn poc_pilot
Stun turn poc_pilot
Mihály Mészáros
Service Function Chaining with SRv6
Service Function Chaining with SRv6
Ahmed AbdelSalam
Eric Vyncke - IPv6 security in general
Eric Vyncke - IPv6 security in general
IKT-Norge
IPv6 in Cellular Networks
IPv6 in Cellular Networks
APNIC
Dynamic Host Configuration Protocol
Dynamic Host Configuration Protocol
newbie2019
Introduction of ipv6
Introduction of ipv6
KaushikMajumder22
IPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi Palet
Регистар националног Интернет домена Србије - РНИДС
I Pv6 Enabling Menog 0.4
I Pv6 Enabling Menog 0.4
Hussein Elmenshawy
IPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi Palet
Регистар националног Интернет домена Србије - РНИДС
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
Waqas Ahmed Nawaz
It nv51 instructor_ppt_ch7
It nv51 instructor_ppt_ch7
newbie2019
Cisco IPv6 Tutorial
Cisco IPv6 Tutorial
kriz5
Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0
Fred Bovy
Mais procurados
(20)
Getting started with IPv6
Getting started with IPv6
Ipv6
Ipv6
NAT Traversal
NAT Traversal
Nat traversal in WebRTC context
Nat traversal in WebRTC context
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 7
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 7
IPv6
IPv6
IPv6 Address Planning
IPv6 Address Planning
Stun turn poc_pilot
Stun turn poc_pilot
Service Function Chaining with SRv6
Service Function Chaining with SRv6
Eric Vyncke - IPv6 security in general
Eric Vyncke - IPv6 security in general
IPv6 in Cellular Networks
IPv6 in Cellular Networks
Dynamic Host Configuration Protocol
Dynamic Host Configuration Protocol
Introduction of ipv6
Introduction of ipv6
IPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi Palet
I Pv6 Enabling Menog 0.4
I Pv6 Enabling Menog 0.4
IPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi Palet
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 9
It nv51 instructor_ppt_ch7
It nv51 instructor_ppt_ch7
Cisco IPv6 Tutorial
Cisco IPv6 Tutorial
Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0
Semelhante a Fedv6tf-IPv6-new-friends
Cisco presentation2
Cisco presentation2
ehsan nazer
Deploy ipv6 multicast_v0_1
Deploy ipv6 multicast_v0_1
Nguyen Thanh
IPv6 networking training sduffy v3
IPv6 networking training sduffy v3
Shane Duffy
Lesson 3: IPv6 Fundamentals
Lesson 3: IPv6 Fundamentals
Mahmmoud Mahdi
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime
10 routing-bgp
10 routing-bgp
Olivier Bonaventure
IPv6
IPv6
edgarjgonzalezg
IPV6 IPv6 Routing Lab By Rob Hamm
IPV6 IPv6 Routing Lab By Rob Hamm
Information and Communications Technology Council
I pv4 versus ipv6
I pv4 versus ipv6
ahmad abdelhafeez
Deploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack Environments
Shannon McFarland
Ipv6
Ipv6
Yan Drugalya
IPv6 Addressing Architecture
IPv6 Addressing Architecture
Shreehari Dhat
Ipv6 1-091110143246-phpapp01
Ipv6 1-091110143246-phpapp01
Rimba Ari
06 tk 1073 network layer
06 tk 1073 network layer
Setia Juli Irzal Ismail
IPv6 Security - Hacker Halted 2013
IPv6 Security - Hacker Halted 2013
Zivaro Inc
ipv6 introduction & environment buildup
ipv6 introduction & environment buildup
psychesnet Hsieh
IoT Field Area Network Solutions & Integration of IPv6 Standards by Patrick G...
IoT Field Area Network Solutions & Integration of IPv6 Standards by Patrick G...
gogo6
ipv6_cheat_sheet.pdf
ipv6_cheat_sheet.pdf
pradeeppotter
PLNOG 13: Krzysztof Mazepa: BGP FlowSpec
PLNOG 13: Krzysztof Mazepa: BGP FlowSpec
PROIDEA
Networking Basics with Linux
Networking Basics with Linux
Henry Osborne
Semelhante a Fedv6tf-IPv6-new-friends
(20)
Cisco presentation2
Cisco presentation2
Deploy ipv6 multicast_v0_1
Deploy ipv6 multicast_v0_1
IPv6 networking training sduffy v3
IPv6 networking training sduffy v3
Lesson 3: IPv6 Fundamentals
Lesson 3: IPv6 Fundamentals
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
10 routing-bgp
10 routing-bgp
IPv6
IPv6
IPV6 IPv6 Routing Lab By Rob Hamm
IPV6 IPv6 Routing Lab By Rob Hamm
I pv4 versus ipv6
I pv4 versus ipv6
Deploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack Environments
Ipv6
Ipv6
IPv6 Addressing Architecture
IPv6 Addressing Architecture
Ipv6 1-091110143246-phpapp01
Ipv6 1-091110143246-phpapp01
06 tk 1073 network layer
06 tk 1073 network layer
IPv6 Security - Hacker Halted 2013
IPv6 Security - Hacker Halted 2013
ipv6 introduction & environment buildup
ipv6 introduction & environment buildup
IoT Field Area Network Solutions & Integration of IPv6 Standards by Patrick G...
IoT Field Area Network Solutions & Integration of IPv6 Standards by Patrick G...
ipv6_cheat_sheet.pdf
ipv6_cheat_sheet.pdf
PLNOG 13: Krzysztof Mazepa: BGP FlowSpec
PLNOG 13: Krzysztof Mazepa: BGP FlowSpec
Networking Basics with Linux
Networking Basics with Linux
Último
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
HenryBriggs2
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
pxcywzqs
75539-Cyber Security Challenges PPT.pptx
75539-Cyber Security Challenges PPT.pptx
Asmae Rabhi
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
meghakumariji156
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
ydyuyu
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Digicorns Technologies
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
ydyuyu
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Monica Sydney
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
ydyuyu
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Monica Sydney
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck Microsoft
AanSulistiyo
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
rahman018755
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
kajalverma014
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
krishnachandrapal52
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
Matthew Sinclair
Power point inglese - educazione civica di Nuria Iuzzolino
Power point inglese - educazione civica di Nuria Iuzzolino
nuriaiuzzolino1
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
meghakumariji156
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
EleniIlkou
Último
(20)
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
75539-Cyber Security Challenges PPT.pptx
75539-Cyber Security Challenges PPT.pptx
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency Dallas
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck Microsoft
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
Power point inglese - educazione civica di Nuria Iuzzolino
Power point inglese - educazione civica di Nuria Iuzzolino
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
Fedv6tf-IPv6-new-friends
1.
© 2012 Cisco
and/or its affiliates. All rights reserved. 1 Cisco “Tech Session” IPv6 Has New Friends Tim Martin CCIE #2020 Solutions Architect Spring 2015
2.
© 2012 Cisco
and/or its affiliates. All rights reserved. 2 • IPv6 Address Refresh • Neighbor Discovery Protocol • Extension Headers • Multicast Listener Discovery • Summary
3.
© 2012 Cisco
and/or its affiliates. All rights reserved. 3 IPv6 IPv4 Address Depletion 2011 National IPv6 Strategies STEM Mandate Infrastructure Evolution 4G, DOCSIS 3.0, CGN IPv6 OS, Content & Applications Pref. by App’s in W7, S2008, OSX
4.
© 2012 Cisco
and/or its affiliates. All rights reserved. 4 • Early Adopters, from ~2001-2005 (6bone) • Chasm, Refinement from 2005-2009 (Tunneling) • Early Majority, Launch June 2012 (Transitioning) 54%37%70% 53% 17%
5.
© 2012 Cisco
and/or its affiliates. All rights reserved. 5 IPv6 Address Family Multicast AnycastUnicast Assigned Solicited Node Unique Local Link Local Global Special Embedded *IPv6 does not use broadcast addressing Well Known Temp
6.
© 2012 Cisco
and/or its affiliates. All rights reserved. 6 • IPv6 addresses are 128 bits long Segmented into 8 groups of 16 bits separated by (:) 32 HEX characters – a Prefix, not a mask • Word, Group or Quad • 4 Hex characters, each contain 4 bits Host PortionNetwork Portion 2001:0db8:0100:1111:0000:0000:0000:0001 2001 : 0db8 : 0100 : 1111 : 0000 : 0000 : 0000 : 0001 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits Host IdSubnet IdGlobal Routing Prefix
7.
© 2012 Cisco
and/or its affiliates. All rights reserved. 7 • Leading 0’s can be omitted • The double colon (::) can appear only once 2001:0db8:0000: :0000:0000:0000:1e2a00a4 Full Format 2001:db8:0: :0:0:0:1e2aa4 Abbreviated Formats 2001:db8:0: ::1e2aa4
8.
© 2012 Cisco
and/or its affiliates. All rights reserved. 8 Link-Local – Non routable exists on single layer 2 domain (fe80::/10) fe80:0000:0000:0000 :: xxxx:xxxx:xxxx:xxxx fc00:gggg:gggg: xxxx:xxxx:xxxx:xxxxssss: fd00:gggg:gggg: xxxx:xxxx:xxxx:xxxxssss: Unique-Local – Routable within administrative domain (fc00::/7) 2000:NNNN:NNNN HHHH:HHHH:HHHH:HHHH Global – Routable across the Internet (2000::/3) :SSSS: 3fff:NNNN:NNNN HHHH:HHHH:HHHH:HHHH:SSSS:
9.
© 2012 Cisco
and/or its affiliates. All rights reserved. 9 • Always uses Link Local (fe80::/64) as its source • Hop Limit must be set to 255 Generalized TTL Security Mechanism • Neighbor discovery messages • Router solicitation (ICMPv6 type 133) • Router advertisement (ICMPv6 type 134) • Neighbor solicitation (ICMPv6 type 135) • Neighbor advertisement (ICMPv6 type 136) • Redirect (ICMPv6 type 137) IPv4 IPv6 ARP Request Neighbor Solicitation Broadcast Solicited Node Multicast ARP Reply Neighbor Advertisement Unicast Unicast NDP RARS NS NA Redirects NUD DAD IPv6
10.
© 2012 Cisco
and/or its affiliates. All rights reserved. 10 • Router solicitations (RS) are sent by nodes at bootup • Routers forward packets as well as provide provisioning services RS ICMP Type 133 IPv6 Source fe80::a IPv6 Destination ff02::2 Opt. 1 SLLA SRC Link Layer Address RA ICMP Type 134 IPv6 Source fe80::2 IPv6 Destination fe80::a Data Options, subnet prefix, lifetime, autoconfig flag RS RA A
11.
© 2012 Cisco
and/or its affiliates. All rights reserved. 11 • M-Flag – Stateful DHCPv6 to acquire IPv6 address • O-Flag – Stateless DHCPv6 in addition to SLAAC • Preference Bits – Low, Med, High • Router Lifetime – Must be >0 for Default • Options - Prefix Information, Length, Flags • L bit – Only way a host get a On Link Prefix • A bit – Set to 0 for DHCP to work properly Type: 134 (RA) Code: 0 Checksum: 0xff78 [correct] Cur hop limit: 64 ∞ Flags: 0x84 1… …. = Managed (M flag) .0.. …. = Not other (O flag) ..0. …. = Not Home (H flag) …0 1… = Router pref: High Router lifetime: (s)1800 Reachable time: (ms) 3600000 Retrans timer: (ms) 1000 ICMPv6 Option 3 (Prefix Info) Prefix length: 64 ∞ Flags: 0x80 1… …. = On link (L Bit) .1.. …. = No Auto (A Bit) Prefix: 2001:0db8:4646:1234::/64 RA
12.
© 2012 Cisco
and/or its affiliates. All rights reserved. 12 RA type = 134 code = 0 checksum hop limit M|O|H|pref router lifetime reachable time retransmit timer options (variable) • ICMPv6 – Type, Code, Checksum, Data • Data – Body of the Message Type (Required) • Option 1 – Source MAC, Option 5 – MTU • Option 3 – Prefix and Host Provisioning • Option 25 – Recursive DNS Servers, DNS Search List
13.
© 2012 Cisco
and/or its affiliates. All rights reserved. 13 Node A can start using address A BA C • Unspecified Source (::), No Option 1 SLLA • Probing the Local Link to Verify Address Uniqueness • An NA Indicates Address in Use, Administrative Intervention Required ICMP Type 135 NS IPv6 Source UNSPEC = :: IPv6 Dest. A Solicited Node Multicast ff02::1:ff00:a Query Anyone Using “a” NS ICMP Type 136 NA IPv6 Source fe80::a IPv6 Dest. 02::1 Flags S = 0 O = 1 NA
14.
© 2012 Cisco
and/or its affiliates. All rights reserved. 14 • Unicast address MUST build corresponding solicited-node multicast • Solicited-node multicast consists of ff02::1:ff/104 {lower 24 bits from IPv6 Unicast} ff02 0000 0000 0000 0000 0001 ffbc fc0f fe80 0000 0000 0000 1234 5678 9abc fc0f 33 33 BC FC 0FFF Every layer 3 IPv6 Multicast address Must map to the corresponding layer 2 Multicast address
15.
© 2012 Cisco
and/or its affiliates. All rights reserved. 15 R1#sh ipv6 int e0 Ethernet0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::200:CFF:FE3A:8B18 Global unicast address(es): 2001:DB8:0:1234::1 subnet is 2001:DB8:0:1234::/64 Joined group address(es): FF02::1 FF02::2 FF02::1:FF00:1 FF02::1:FF3A:8B18 MTU is 1500 bytes ICMP error messages limited to one every 100 milliseconds ICMP redirects are enabled ND DAD is enabled, number of DAD attempts: 1 ND reachable time is 30000 milliseconds ND router advertisements are sent every 200 seconds *If EUI format is used then the 1rst solicited node mcast addr is used for both the LL & GU Solicited-Node Multicast Address*
16.
© 2012 Cisco
and/or its affiliates. All rights reserved. 16 A! B! ICMP Type 135 NS IPv6 Source fe80::a IPv6 Destination ff02::1:ff00:b Hop Limit 255 Target Address 2001:db8:1:46::b Query What is B link layer address? Opt. 1 SLLA A’s Link Layer Address ICMP Type 136 NA IPv6 Source fe80::b IPv6 Destination fe80::a Target Address 2001:db8:1:46::b Option 2 TLLA B’s Link Layer Address *Flags R = Router S = Response to Solicitation O = Override cache information NS NA • ARP replacement, Map’s L3 to L2. • Node B will add node A to it’s neighbor cache during this process w/o sending NS • Multicast for resolution (new), Unicast for reachability (cache) DfGW
17.
© 2012 Cisco
and/or its affiliates. All rights reserved. 17 R2 A B Packet IPv6 Source 2001:db8:4646:1::b IPv6 Dest. 2001:db8:4646:1::a ULP variable Redirect 137 IPv6 Source fe80::2 IPv6 Dest. 2001:db8:4646:1::b ICMPv6 Type 137 Target Addr. 2001:db8:4636:1::a Opt. 2 TLLA 001C.2D3E.00AA Redirect Packet • Cannot be used if destination is multicast • Hosts should not send redirects, Should be turned off on routed links • IPv6 Hosts Don’t Use Bitwise Masking, TLLA Avoids ND Round
18.
© 2012 Cisco
and/or its affiliates. All rights reserved. 18 IPv6 Header Hop-by-Hop Destination Opt TCP Header Payload • EH are daisy chained, processed in order • Length is variable, must be on 8 byte boundary, typically 24 bytes • If HbH is present, must be first, MUST (2460), Should be processed (7045)
19.
© 2012 Cisco
and/or its affiliates. All rights reserved. 19 Extension Header Type Hop-by-Hop Options 0 Destination Options* 60 Routing Header 43 Fragment Header 44 Authentication Header 51 ESP Header 50 Destination Options* 60 Mobility Header 135 Shim6 140 Experimental 253,254 No Next Header 59
20.
© 2012 Cisco
and/or its affiliates. All rights reserved. 20 Extension Header Type Hop-by-Hop Options Process by every router, must appear first Routing Header List or routers to cross Destination Options Processed by routers listed in 43 Fragment Header Processed by destination Authentication Header Authenticate packet after reassembly ESP Header Cipher the content of remaining information Destination Options Process only by destination • Fragmentation EH is applied on the source • Destination Option is the only EH allowed to appear more than once
21.
© 2012 Cisco
and/or its affiliates. All rights reserved. 21 • Potential DoS with poor IPv6 stack implementations • PadN in DO, covert channeling – RFC 2460 states a max of 5 bytes (0x00) • IPv6 Inspection – Only known EH, strict order, granular filtering • Accept fragmentation, possibly ESP/AH, others as needed Perfectly Valid IPv6 Packet According to the Sniffer Routing Header out of order. DH should be last Header Should Only Appear Once Destination Header Which Should Occur at Most Twice 21
22.
© 2012 Cisco
and/or its affiliates. All rights reserved. 22 • Forwarding nodes should not inspect EH’s (2460) • Discarding EH’s may cause connectivity failures • Firewalls, Load balancers, Packet classifiers (7045) Drops valid EH’s If part of the operators policy Router “Should” process hop-by-hop EH’s Drop deprecated RH types 0,1 • RFC 6564 – uniformed format for extension headers
23.
© 2012 Cisco
and/or its affiliates. All rights reserved. 23 • Header Chains {IPv6, EH’s, Upper Layer Header} • ULP Present or {NH = 59} Terminates the Chain • IP in IP (2nd IPv6 Header) May Also Terminate • First Fragment {Offset = 0, M = 1}, Must Include ULP • ICMPv6 Type 4, Code 3. Incomplete Header Chain IPv6 NH = 60 DO NH = 60 DO NH = 60 DO NH = 60 DO NH = 60 DO NH = 60 DO NH = 60 DO NH = 60 IPv6 Header NH = 44 Frag NH = 60 DO NH = 6, >1400B
24.
© 2012 Cisco
and/or its affiliates. All rights reserved. 24 • Segment Routing Header: Segment List describes the path of the packet: list of segments (IPv6 addresses) Next Segment: a pointer to the segment list element identifying the next segment HMAC & Flags fields • The Active Segment is set as the DA of the packet, using the “Next Segment” • Segments are identified by IPv6 addresses, no specific signaling is needed An SR node can be a router, a server, any appliance, application, … X A F CB E Y G D PAYLOAD IPv6 Hdr: DA=Y, SA=X H IPv6 Hdr: DA=C, SA=X SR Hdr: SL= C, F, H, Y PAYLOAD IPv6 Hdr: DA=F, SA=X SR Hdr: SL= C, F, H, Y PAYLOAD IPv6 Hdr: DA=H, SA=X SR Hdr: SL= C, F, H, Y PAYLOAD PAYLOAD IPv6 Hdr: DA=Y, SA=X
25.
© 2012 Cisco
and/or its affiliates. All rights reserved. 25 Stop probing the wrong path with “ping” Trace the live traffic: Detect the flaky link! ! Debug ECMP Networks Simplify Operations Always on app visibility Enhance Applications Charge level for battery-operated devices (sensors) included in data traffic: No need to drain battery for OAM R1 R2 R4 R5 R3 R6 Derive IPv6 Traffic Matrix Optimize Planning Delay Trend Analysis Enhance Visibility A trip-recorder for your traffic at line rate performance, using HBH in fast path
26.
© 2012 Cisco
and/or its affiliates. All rights reserved. 26 • MLD uses LL source addresses • MLD packets use “Router Alert” in HBH Destination is not the routers interface • 3 msg types: Query, Report, Done • MLDv1 = (*,G) shared, MLDv2 = (S,G) source MLD snooping MLD IGMP Message Type ICMPv6 Type Function MLDv1 (RFC2710) IGMPv2 (RFC 2236) Listener Query Listener Report Listener Done 130 131 132 Used to find out if there are any multicast listeners Response to a query, joins a group Sent by node to report it has stopped listening MLDv2 (RFC 3810) IGMPv3 (RFC 3376) Listener Query Listener Report 130 143 Used to find out if there are any multicast listeners Enhanced reporting, multiple groups and sources
27.
© 2012 Cisco
and/or its affiliates. All rights reserved. 27 • Hosts send MLD report to alert router they wish to join a multicast group • Router then joins the tree to the source or RP MLD Report (A) ICMP Type 131 IPv6 Source fe80::209:5bff:fe08:a674 IPv6 Destination ff38::276 Hop Limit 1 Group Address ff38::276 Hop-by-Hop Header Router Alert Yes MLD Report A MLD Report B I wish to receive ff38::276 I wish to receive ff38::276 MLD Report (B) ICMP Type 131 IPv6 Source fe80::250:8bff:fE55:78de IPv6 Destination ff38::276 Hop Limit 1 Group Address ff38::276 Hop-by-Hop Header Router Alert Yes (S,G) Source for multicast ff38::276 fe80::209:5bff:fe08:a674 fe80::250:8bff:fE55:78de fe80::207:85ff:fe80:692
28.
© 2012 Cisco
and/or its affiliates. All rights reserved. 28 MLD Done (A) ICMP Type 132 IPv6 Source fe80::209:5bff:fe08:a674 IPv6 Destination ff02::2 (All routers) Hop Limit 1 Group Address ff38::276 Hop-by-Hop Header Router Alert Yes MLD Done (A) A fe80::209:5bff:fe08:a674 MLD Report (B) B fe80::250:8bff:fE55:78de I wish to leave ff38::276 I am watching ff38::276 MLD Query (C) ICMP Type 130 IPv6 Source fe80::207:85ff:fe80:692 IPv6 Destination ff38::276 Hop Limit 1 Hop-by-Hop Header Router Alert Yes Query(C) fe80::207:85ff:fe80:692 C MLD Report (B) ICMP Type 131 IPv6 Source fe80::250:8bff:fE55:78de IPv6 Destination ff38::276 Hop Limit 1 Group Address ff38::276 Hop-by-Hop Header Router Alert Yes
29.
© 2012 Cisco
and/or its affiliates. All rights reserved. 29 MLD Report (A) ICMP Type 143 IPv6 Source fe80::209:5bff:fe08:a674 IPv6 Destination ff02::16 Hop Limit 1 # of Records Include/exclude Group Address ff38::4000:ba11 Hop-by-Hop Header Router Alert Yes MLD Report A I wish to receive FF38:4000:BA11 (S,G) Source for multicast FF38::4000:BA11 fe80::209:5bff:fe08:a674
30.
© 2012 Cisco
and/or its affiliates. All rights reserved. 30 • General Query ff02::1 Group list empty, who’s listening? • Group Specific Query ff38::4000:ba11 Anyone still interested in this stream? • Group & Source Specific Query 2001:db8:cafe::1, ff38::4000:ba11 • Filter Mode, Change Record • Multiple routers on link Lowest address value assumes Querier role A Query Source for multicast ff38::4000:ba11
31.
© 2012 Cisco
and/or its affiliates. All rights reserved. 31
32.
© 2012 Cisco
and/or its affiliates. All rights reserved. 32
33.
© 2012 Cisco
and/or its affiliates. All rights reserved. 33 • Gain Operational Experience now • Security enforcement is possible • Control IPv6 traffic as you would IPv4 • “Poke” your Provider’s • IPv6 is here now are you? 33
34.
© 2012 Cisco
and/or its affiliates. All rights reserved. 34 • NANOG On The Road – Herndon, VA • FREE event, but registration required • Tuesday June 23rd 8:30 to 5:00PM, Evening reception 5:00PM to 6:30PM • Westin Washington Dulles: 2520 Wasser Terrace, Herndon, VA 20171 • NANOG sits at the junction of Internet infrastructure and network operations in North America, sharing a rich cooperative history with the operator. • Several presentations on IPv6, DNSSEC, RPKI and other networking topics • See more at: https://www.nanog.org/meetings/road7/home
35.
© 2012 Cisco
and/or its affiliates. All rights reserved. 35
Baixar agora