View
67
Download
0
Category
Preview:
Citation preview
IPv6 Mechanism
SHIVAM SINGH(M.TECH. CYBER SECURITY)
ContentsIPv6
Why IPv6 ?
IPv6 Addresses Unicast Multicast Anycast
IPv4
NAT
Why Not IPv4 ?
Difference between IPv4 and IPv6
IPv6
Next development version of Internet ProtocolAddress size is 128 bitsIPv6 address representation: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx Each x is a 4bit Hexadecimal Digit IPv6 addresses range from 0000:0000:0000:0000:0000:0000:0000:0000 to
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff.
What’s Good about IPv6 ?
Bigger Address Space 128 bits for addressing No NATs are needed Allows full IP connectivity
For Computers, Mobile devices
Mobility Facility for mobile devices Allows roaming between different networks
…
Built-in security Includes IPsec
Authentication Encryption Compression
Types of addressesUnicast
Communicate specified 1 computerMulticast
Communicate group of computersAnycast
Send group address that can receive multiple computers, but receive 1 computer
s dg
s
g
g
as
a
a
a) Unicast b) Multicast c) Anycast
IPv6 Unicast
To transmit data from one point to another.Multiple users might request
Same data From the same server At the same time Duplicate data streams are transmitted one to each user
Scope may be Global or Local Global for worldwide communication Local for communication within a site
IPv6 multicastAbility to send a single packet to multiple destinationsNo broadcast
Ability to send a packet to all hosts on the attached link same effect can be achieved by sending a packet to the link-local all hosts multicast
group
Applications Telephony and video conference Database simultaneous update Parallel computing Real time news
Uses Anycast address Identifies a set of nodes Packet will reach only one out of many (usually, topologically closest one)
Anycast address can be assigned to routers only Anycast address cannot be used as a source
Anycast
IPv4Forth revision of development of Internet Protocol(IP)Most widely used protocol at presentConnection-less protocol used on packet-switched Link Layer networksA system of addresses
To identify devices 32 bits 232 combinations Nearly 4.3 billion
Not enough and more addresses are needed
Network Address Translation(NAT)Allows to maintain public IP addresses and private IP addresses separatelyAlso used in server load balancingThis operates in side the routerMaintains an address poolFirst the destination is checkedThe address is translated The network address information in the datagram is modified
When a client on the internal network contacts a machine on the Internet, it sends out IP packets destined for that machine.When the packets pass through the NAT gateway they will be modified so that they appear to be coming from the NAT gateway itself.Neither the internal machine nor the Internet host is aware of these translation steps.When the Internet host replies to the internal machine's packets, they will be addressed to the NAT gateway's external IP (198.51.100.1) at the translation port (53136).
How NAT Work ?
Problems of IPv41.Insuffieciency
- Only four bytes◦ Maximum nodes ~ 4.3 billion◦ Much less than the human population (6.799 billion)
- Not enough for growing number of users- Will be exhausted in near future
2.Increasing routing information - Rapid growth of routing tables in backbones
3. Increasing the number of Network Address Translation (NAT)
- Breaking the Internet architecture
4.Security issues
- Number of ways to encrypt IPv4 traffic◦ Example: IPSec
- No real standard encryption method
5.Real-time delivery of multimedia content and necessary bandwidth allocation◦ Quality of Service (QoS) ◦ Different interpretations◦ QoS compliant devices are not compatible one another
IPv4 vs IPv6
Header is simplified, has fixed size (40bytes); IPv6 introduces the concept of (optional) extension headers for fragmentation, header options etc. Header checksum removed; this function is already covered by layer 2 protocols (e.g. Ethernet and Frame Relay). Anyway, the IPv4 checksum does not provide Forward Error Correction (possibility to correct errors based on the checksum) thus it is basically useless (routers have to drop errored packet anyway). Bigger addresses (128 bits as opposed to 32 bits in IPv4).
Thank You!
Recommended