IPv6 Addresses So#a Silva Berenguer sofi[email protected] Addresses l An IPv4 address is formed by 32 bits. 232 = 4.294.967.296 l An IPv6 address is formed by 128 bits. 2128 = 340.282.366.920.938.463.463.374.607.431.768.211.456 ~ 5,6x1028 IP addresses for each human being. ~ 7,9x1028 times the number of IPv4 addresses. Addresses The IPv6 addresses representation divides an address in 8 groups of 16 bits, separated by “:”, represented by hexadecimal digits. 2001:0DB8:AD1F:25E2:CADE:CAFE:F0CA:84C1 2 bytes When representing an IPv6 address it is allowed: l To use lowercase or uppercase letters l Omit leading zeros and ... l Represent groups of contiguous zeros by “::”. Example: 2001:0DB8:0000:0000:130F:0000:0000:140B 2001:db8:0:0:130f::140b Not valid format: 2001:db8::130f::140b (generates ambiguity) Addresses l l Prefix representation Like CIDR (IPv4) l “IPv6 address/prefix size” l Example: l Prefix 2001:db8:3003:2::/64 l Global Prefix 2001:db8::/32 l Subnet ID 3003:2 • URL l l http://[2001:12ff:0:4::22]/index.html http://[2001:12ff:0:4::22]:8080 Addresses Three types of addresses have been defined for IPv6: l Unicast → Individual Identification l Anycast → Selective Identification l Multicast → Group Identification Broadcast addresses don’t exist anymore. Addresses Unicast l Global Unicast n Global Routing Prefix 64 - n Subnet ID 64 Interface identifier 2000::/3 • Globally routable (similar to public IPv4 addresses) • 13% of the total of possible addresses; • 2(45) = 35.184.372.088.832 different /48 networks. Addresses Unicast l Link local FE80 0 Interface identifier l FE80::/64 l It shall only be used locally; l Automatic set-up (Stateless autoconfiguration); Addresses Unicast • Interface identifier (IID) § Must be unique in the same subnet prefix § The same IID can be used for different interfaces of the same node, only if they are associated to different subnets. § Usually a 64-bit IID is used This IID can be obtained: § Manually § Stateless autoconfiguration § DHCPv6 (stateful) § From a public key (CGA) § The IID may be temporary and randomly generated § Usually it’s based on the interface’s MAC address (EUI-64 format). Addresses Unicast l MAC Address EUI-64 EUI-64 Address 0 1 0 0 1 0 0 0 1 0 48 48 1E 1E C9 C9 21 FF FE FF FE 85 0C 21 85 0C 21 85 0C Bit U/L 0 1 0 0 1 0 Interface ID Link Local Address: 4A 1E C9 FE80::4A1E:C9FF:FE21:850C Addresses Unicast l Unique local 7 Pref. L Global identifier Subnet ID Interface ID FC00::/7 l l l Globally unique prefix (with high probability of being unique); It’s used only for communications on a link or on a limited set of links; It’s not expected to be routed in the Internet. Addresses Unicast l Special addresses l l l l l Localhost - ::1/128 (0:0:0:0:0:0:0:1) Unspecified - ::/128 (0:0:0:0:0:0:0:0) IPv4-mapped - ::FFFF:wxyz Special ranges l 6to4 - 2002::/16 l Documentation - 2001:db8::/32 l Teredo - 2001:0000::/32 Obsoletes l Site local - FEC0::/10 IPv4-compatible - ::wxyz l 6Bone - 3FFE::/16 (Test network deactivated on 06/06/06) l Addresses Anycast l Identifies a group of interfaces l l The packet is delivered only to the interface that is nearest the source Anycast addresses are syntactically equal to unicast addresses. They are used differently. Possible uses l To discover services in the network (DNS, proxy HTTP, etc.) l For load balancing l To locate routers that provide access to a certain subnet l In networks supporting IPv6 mobility, anycast addresses are used to locate Home Agents Addresses Multicast l Identify a group of interfaces. l Multicast support is mandatory in all the IPv6 nodes. l Multicast addresses come from the block FF00::/8. l The prefix FF is followed by 4 bits used as flags and 4 more bits that define the scope of the multicast address. The remaining 112 bits are used to identify the multicast group. 8 FF 4 4 Flags 0RPT Scope 112 Multicast group identifier Mul8cast Address Scope Description FF01::1 FF01::2 FF02::1 FF02::2 FF02::5 FF02::6 FF02::9 FF02::D FF02::1:2 FF02::1:FFXX:XXXX FF05::2 FF05::1:3 FF05::1:4 FF0X::101 Interface All the interfaces(all-nodes) Interface All the routers (all-routers) Link All the nodes (all-nodes) Link All the routers (all-routers) Link OSPF Routers Link Designated OSPF Routers Link RIP Routers Link PIM Routers Link DHCP Agents Link Solicited-node Site All the routers (all-routers) Site DHCP servers at a site Site DHCP agents at a site Diverse NTP (Network Time Protocol) Addresses l l l l As in IPv4, IPv6 addresses are assigned to the physical interfaces and not to the nodes. With IPv6 it’s possible to assign multiple addresses to a single interface, independently from it’s type. Thus a node can be identified by any address of it’s interfaces. l Loopback ::1 l Link Local FE80:.... l Unique local FD07:... l Global 2001:.... RFC 3484 determines the algorithm used to choose the source and destination addresses. Resource Allocation and Distribution Policy Allocation and Distribution Policy l Each RIR received from IANA a /12 block l The block 2800::/12 is the space reserved for LACNIC l l Bigger distributions could be done if the current utilization is justified ATENTION! Unlike what happens in IPv4, in IPv6 the utilization is measured considering the number of address blocks assigned to end users and not the number of addresses assigned to end users. Recommendations Recommendations for the assignment of addresses (RFC3177) • In general /48 networks are recommended for all the different types of users: domestic users, small or big companies. • Big companies can get a /47 block or several /48 blocks • If there is certainty that only one subnet is needed, /64 networks are recommended, i.e., for 3G users. • A /128 network may be used when there is absolut certainty that only one interface will be connected. Providers l l NTT Communications l Japan l Native IPv6 (ADSL) l /48 to end users l http://www.ntt.com/business_e/service/category/nw_ipv6.html Internode l Australia l IPv6 nativo (ADSL) l /64 dinámico para sesiones PPP l Delega /60 fijos l h:p://ipv6.internode.on.net/configura8on/adsl-­‐faq-­‐guide/ Proveedores IIJ l l l l l l Japón Túneles /48 a usuarios finales http://www.iij.ad. jp/en/service/IPv6/index.html Arcnet6 l Malasia l IPv6 nativo (ADSL) o túneles l /48 a usuarios finales l se pueden distribuir bloques /40 y /44 (sujeto a aprobación) l http://arcnet6.net.my/how.html Consideraciones /32 • 65 thousand /48 networks (33 thousand if waste is considered) • 16 million /56 networks (6 millones, si consideramos hd ratio) es suficiente para su proveedor? • Reservar un bloque (/48 ?) para infraestrutura… Links punto a punto: /64? /112? /120? /126? /127? RFC 3531 HERRAMIENTAS 22 Gestión de direcciones IPv6 l l El tamaño de las nuevas direcciones hace mas engorrosa su manipulación en forma directa Veremos el uso de dos herramientas para implementar un caso de estudio simple l IPPlan - l Implementación de la numeración a alto nivel SIPCalc - Implementación a nivel detallado para un punto de presencia IPPlan IPPlan l l l l l IPPlan es una herramienta open source muy conocida para la gestión de espacio IP La versión 6 en adelante soporta IPv6 Se puede bajar desde http://iptrack.sourceforge.net Algunas características: l Interfaz web l Capacidad de importar tablas de enrutamiento Requisitos: l Apache + PHP (4 o 5) + MySQL IPPlan l Paso 1: Crear un “cliente” o “sistema autónomo” IPPlan l Crear un rango de direcciones IPv6 asociado al cliente / sistema autónomo l “Create a new network area” IPPlan l Crear subnets de acuerdo al plan de numeración l En nuestro ejemplo dividimos 2001:db8::/32 en 16 subredes /36 IPPlan l Visualizar las subredes para trabajar sobre ellas SIPCalc SIPCalc l l l SIPCalc es una herramienta de línea de comando que permite trabajar con direcciones IPv6 y realizar algunas tareas comunes Se puede bajar de: http://www.routemeister.net/projects/sipcalc/ También esta en los repositorios de las distribuciones de Linux/ Unix mas comunes: l l l Debian / Ubuntu Fedora / CentOS MacPorts SIPCalc l Dividiendo el /36 en dos /37: SIPCalc l Los primeros 5 clientes empresariales (asumiendo /52 por cliente) SIPCalc l Los primeros 6 clientes residenciales (asumiendo /56 por cliente) SIPCalc – DNS Reverso l SIPCalc puede utilizarse para generar reversos de DNS Comentarios finales l IPPlan y SIPCalc comparten la mayoría de sus funcionalidades. l Ambos son útiles en diferentes escenarios l l IPPlan es una herramienta de gestión y de planificación SIPCalc es una herramienta muy importante para los administradores de redes en su trabajo diario