SlideShare ist ein Scribd-Unternehmen logo

Tlcm513 ipv6

Als PPT, PDF herunterladen
CAL
CAL

IPv6 project IPv6 integration

Technologie
1 von 34
Internet Protocol Version 6 Parvin Beekharry Pascal Chrispeels
Introduction What is wrong with IPv4 ? The address issue: IPv6 128 bit address = 296 (7.92282 1028 ) Unicast Anycast Multicast IPv4 32 bit address = 232 (4 294 967 296) Class A between 1 and 126 Class B between 128 and 191 Class C between 192 and 223
The header problem: Version n o IHL Type of Service Total Length Identification Flags Fragment offset Time-to-live Protocol Header Checksum Source Address 32 bits Destination Address 32 bits Options Padding IPv4 Header IPv6 Header Version no Class (priority) Flow label Payload Length Next Header Hop Limit Source Address 128 bits Destination Address 128 bits Headers
Major changes from IPv4 to IPv6: Expanded addressing capabilities New type of addresses (unicast) Header format simplification Improved support of option (extension headers) Authentication and privacy capabilities Improvements
Addressing
Architecture IPv6 addresses are 128 bits long There are 3 types of IPv6 addresses: Unicast: An identifier for a single interface Anycast: An identifier for a set of interfaces (typically belonging to different nodes) Multicast: An identifier for a set of interfaces (typically belonging to different nodes)
Address Notation 8 * (16 bit field) = 128 bits The designers of the protocol chose to write the 128 bits as eight 16-bit integers separated by colons, each integer is rep by 4 hex digits, e.g: FEDC:BA98:7654:3210:FEDC:BA98:7654:3210
Address Assignments The first field of any IPv6 address is a variable- length format prefix, which identifies various categories of addresses. Some current allocation of addresses based on the format prefix are: Provider-Based Unicast Address: 010 Link Local Use Addresses: 1111 1110 10 Site Local Use Addresses: 1111 1110 11 Multicast Addresses: 1111 1111
Unicast Format of an IPv6 Provider-based global Unicast address: TLA: Top level aggregate(provider ID) NLA: Next level aggregate(subscriber ID) SLA: Site local aggregate(subnet ID) IPv4: 010 TLA NLA SLA Interface ID 3 13 32 16 64 bits Network Subnet Interface ID 32bits
Special Unicast Addresses. In addition to provider based addresses, there are 5 other unicast addresses: Unspecified addresses Loopback addresses IPv4 -based addresses Site local addresses Link local addresses E.g. IPv4-Compatible IPv6 addresses consists of a 32-bit IPv4 address prefixed by 96 zeroes. Bits: IPv4 Address0.0…. …..0.0 96 32
Anycast Address An anycast address enables a source to specify that it wants to contact any one node from a group of nodes via a single address. A packet with such an address will be routed to the nearest interface in the group, according to the router's measure of distance (hop count, cost, etc) One particular form of anycast address is the subnet-router anycast address Bits: n 128-n 000……….000Subnet prefix
Multicast Address IPv6 includes the capability to address a predefined group of interfaces with a single multicast address. A multicast address consists of an 8-bit prefix of ones, a 4-bit flag field, a 4-bit scope field and a 112-bit group ID. Flags: T = 0: Indicates a permanently assigned or well-known multicast address, assigned by the global internet numbering authority T = 1: Indicates a nonpermanently-assigned, or transient, multicast address Group ID 4 11248 Bits 1111111 Flgs Scope 000T
The IPV6 protocol consists of two headers: The Basic IP Header The Extension Header. Routing Basic IP Header Extension Header Data
Basic IP header Version no Class (priority) Flow label Payload Length Next Header Hop Limit Source Address 128 bits Destination Address 128 bits 4 bit Version N0 4 bit Priority N0 Flow Label Payload Length Next Header Hop Limit 128 bit Source 128 bit Destination
4 bit Version N0 4 bit Priority N0 Flow Label Payload Length Next Header Hop Limit 128 bit Source 128 bit Destination Four bit version number: Four bit Internet Protocol version number. In this case no 6. Four bit Priority number: Identifies the desired delivery priority of its packet. The priority values are divided into two sets. Value 0 through 7 are used to specify the priority of traffic for which the source is providing congestion control, that is traffic that “backs off” in case of congestion (for example TCP traffic). Values 8 through 15 are used to specify the priority of traffic that does not back off in response to congestion (for example real time packets being sent at a constant rate.) For congestion control traffic, the following priority values are recommended for particular applications categories: 0 Uncharacterized Traffic 1 Filler Traffic (Netnews) 2 Unattended data transfer (e-mail) 3 (Reserved) 4 Attended bulk transfer (FTP, HTTP, NFS) 5 (Reserved) 6 Interactive Traffic (Telnet) 7 Internet Control Traffic (SNMP) Flow Label: A flow is a sequence of packets sent from a particular source to a particular destination for which the source desires special handling by the routers. The 24 bit flow label field in the IPV6 header may be used by a source to label those packets for which it requests special handling by the IPV6 routers. This includes non default quality of service or “real-time” service. All packets belonging to the same flow must be sent with the same source address, same destination address and same non- zero flow label. Payload Length: 16 bit field. The payload length does exactly what it says, give the exact length of the payload (i.e., the rest of the packet following the IPV6 header) in bytes. Next Header: An 8 bit selector. The next header identifies the type of header (Extension Header) immediately following the basic IP Header. It uses the same values as the IPV4 Protocol field. Hop Limit: The Hop limit is used to prevent a misrouted packet to travel around the network forever without being discarded. It is actually a counter decremented by one each time it reaches a node. The packet will be discarded when the Hop Limit reaches zero. Source Address: 128 bit address of the originator packet. Destination address: 128 bit address of the intended recipient of the packet.
Basic IP Header Next value = TCP Extension Header = TCP Data Extension header Basic IP Header Next value = Routing DataExtension Header = TCP Extension Header = Routing Next Header value = TCP In IPV6, optional information is encoded in one or multiple separate headers that are placed between the Basic IP Header and the Payload. There are multiple Extension headers. Each one is identified by a unique figure in the Next Header value of the Basic IP Header or preceding Extension headers. The improvement compare to IPV4 is that Extension Headers can be of arbitrary length. The total amount of options carried in a packet is not limited and can even be fragmented. IPV6 packets may carry zero, one or multiple Extension headers.
Extension header There are six different Extension headers: Hop by Hop header Routing header Fragment header Destination header Authentication header Encapsulation header Security
The hop-by-hop option handles every special option which requires hop by hop processing. For example, the PadN option will be inserted in the Hop-by-Hop header when needed (the PadN option is used to insert two or more bytes of padding. To pad out a packet consists of adding one or two bit to a packet to obtain a final bit number of 8 or a multiple of 8). Hop by Hop header
Routing header Identified by a Next Header label of 43, the Routing Header is used by IPV6 to list one or more intermediate nodes to “go through” on the way to the packet’s destination. This new technique is called address sequencing. Suppose that address sequences are shown by a list of individual addresses separated by a comma like the one here underneath. SRC, I1, I2, I3, DST The first Address is the source, the last is the destination and the middle addresses are intermediate nodes.
Address Sequencing Assume that H1 and H2’s sites are both connected to providers P1 and P2. A third wireless provider, PR, is connected to both. P1 H1 PR H2 P2 The simplest case (no use of address sequences) is when H1 wants to send a packet to H2 containing the addresses: H1, H2 When H2 replies it reverses the addresses and construct a packet containing the addresses: H2, H1 In this example either provider could be used, and H1 and H2 would not be able to select which provider traffic would be send and received from. If H1 decides that it wants to enforce a policy that all communications from/to H2 can only use provider P1, it would construct a packet containing the address sequence: H1, P1, H2 This ensures that when H2 replies to H1, it will reverse the route and the reply would also travel over P1. The addresses in H2’s reply would look like: H2, P1, H1 If H1 became mobile and moved to provider PR, it could maintain (not breaking any transport connections) communication with H2, by sending packets that contain the address sequence: H1, PR, P1, H2 This would ensure that when H2 replies, it would enforce H1’s policy of exclusive use of provider P1 and send the packet to H1 new location on provider PR. The reversed address sequence would be: H2, P1, PR, H1
Fragment Header The fragment Option is used by an IPV6 source to send a packet larger than would fit in the path to its destination. In order to send a packet that is too large, a source node may divide the packet into fragments and send each fragment as a separate packet to be reassembled at the receiver’s point.
Fragment Header The initial packet is referred to as the original packet and consists of two parts: the unfragmentable part and the fragmentable part. The unfragmentable part consists of the IPV6 header plus any extension headers that must be processed by nodes along the path to destination. Unfragmentable Part Fragmentable Part The fragmentable part is made out of the rest of the packet, that is, any extension header that only needs to be processed by the final destination. Unfragmentable Part Fragment Header First Fragment Unfragmentable Part Fragment Header Second Fragment
Destination Header The destination option is used to carry optional information that need to be examined only by a packet’s destination node. This header is identified by a next header value of 60. Different actions will be available in the destination header but have yet to be defined.
IPv6 Security
Security Application-specific security mechanisms, e.g: secure HTTP & Secure Socket Layer for web access SNMPv2 security for network management & Privacy enhanced mail, PGP for electronic mail However the security concerns that cuts across protocol layers still has to be addressed. Solution: By implementing security at the IP level, an organization can ensure secure networking not only for applications that have security mechanisms but for the many security-ignorant applications.
IETF standards RFC 1825: An overview of a security architecture RFC 1826: Description of a packet authentication extension to IP RFC 1828: A specific authentication mechanism RFC 1827: Description of a packet encryption extension to IP RFC 1829: A specific encryption mechanism
IP level security Authentication:The authentication mechanism ensures that a received packet was in fact transmitted by the party identified as the source in the packet header. Privacy: The privacy facility enables communicating nodes to encrypt messages to prevent eavesdropping by third parties. The security features are implemented as extension headers that follow the main IP header. The extension header for authentication is known as the authentication header; that for privacy, the encapsulating security payload (ESP) header.
Security Association A security association is uniquely identified by an internet destination address and a security parameter index (SPI). Hence, in any IP packet, the security association is uniquely identified by the destination address in the IPv4 or IPv6 header and the SPI in the enclosed extension header (authentication header, AH, or ESP header). Ex. Authenticated & Encrypted packets: IPv6 H ---Routing H A H ESP H TCP H +Data
Authentication The authentication header provides support for data integrity and authentication of IP packets. The AH consists of the following fields :
ESP The AH header does not transform data. When confidentiality is desired, the ESP header should be used. This Header is always the last one in the chain of IPv6 extension headers. Format of the ESP header: 32-bit SPI 32-bit Sequence number Encrypted Data &Parameters Authentication Data
ESP The use of ESP provides support for privacy and data integrity for IP packets. ESP can operate in two different modes: Transport-mode ESP, encrypt either a TCP, UDP or ICMP segment Tunnel-mode ESP, encrypts an entire IP packet
ESP Transport-mode operation provides privacy for any application that uses it, thus avoiding the need to implement privacy in every individual application. Tunnel-Mode ESP -- Tunnel-mode ESP is used to encrypt an entire IP packet. For this mode, the ESP is prefixed to the packet and then the packet plus a trailing portion of the ESP header is encrypted. This method can be used to counter traffic analysis.
Authentication plus Privacy The two IP security mechanisms can be combined in order to transmit an IP packet that has both privacy and authentication. Encryption Before Authentication: The entire transmitted IP packet is authenticated, including both encrypted & unencrypted parts. Authentication Before Encryption: The AH is placed inside the inner IP packet, this inner packet is both authenticated and protected by the privacy mechanism.
Authentication plus Privacy

Empfohlen

IPv6 header
IPv6 headerIPv6 header
IPv6 headerHeba_a
 
Ippptspk 3
Ippptspk 3Ippptspk 3
Ippptspk 3SupriyaKurlekar2
 
Unit 4 tansport layer in the internat
Unit 4 tansport layer in the internatUnit 4 tansport layer in the internat
Unit 4 tansport layer in the internatKritika Purohit
 
Ipv6 1-091110143246-phpapp01
Ipv6 1-091110143246-phpapp01Ipv6 1-091110143246-phpapp01
Ipv6 1-091110143246-phpapp01Rimba Ari
 
Nd
NdNd
NdRam Dutt Shukla
 
Ipv4 packet structure
Ipv4 packet structureIpv4 packet structure
Ipv4 packet structurevlsirajagopal
 
Internet Protocol Version 4
Internet Protocol Version 4Internet Protocol Version 4
Internet Protocol Version 4Purushottam Kamble
 
I.p. protocol
I.p. protocolI.p. protocol
I.p. protocolJitendra Shishangiya
 

Empfohlen

IPv6 header
IPv6 headerIPv6 header
IPv6 headerHeba_a
 
Ippptspk 3
Ippptspk 3Ippptspk 3
Ippptspk 3SupriyaKurlekar2
 
Unit 4 tansport layer in the internat
Unit 4 tansport layer in the internatUnit 4 tansport layer in the internat
Unit 4 tansport layer in the internatKritika Purohit
 
Ipv6 1-091110143246-phpapp01
Ipv6 1-091110143246-phpapp01Ipv6 1-091110143246-phpapp01
Ipv6 1-091110143246-phpapp01Rimba Ari
 
Nd
NdNd
NdRam Dutt Shukla
 
Ipv4 packet structure
Ipv4 packet structureIpv4 packet structure
Ipv4 packet structurevlsirajagopal
 
Internet Protocol Version 4
Internet Protocol Version 4Internet Protocol Version 4
Internet Protocol Version 4Purushottam Kamble
 
I.p. protocol
I.p. protocolI.p. protocol
I.p. protocolJitendra Shishangiya
 
Lec 2(intoduction of computer networkes)
Lec 2(intoduction of computer networkes)Lec 2(intoduction of computer networkes)
Lec 2(intoduction of computer networkes)maamir farooq
 
Final Presentation
Final PresentationFinal Presentation
Final PresentationA&U Trading Corporation
 
Lec 12(Transport Layer)
Lec 12(Transport Layer)Lec 12(Transport Layer)
Lec 12(Transport Layer)maamir farooq
 
The Internet Protocol version 4 (IPv4)
The Internet Protocol version 4 (IPv4)The Internet Protocol version 4 (IPv4)
The Internet Protocol version 4 (IPv4)Thesis Scientist Private Limited
 
84486335 address-resolution-protocol-case-study
84486335 address-resolution-protocol-case-study84486335 address-resolution-protocol-case-study
84486335 address-resolution-protocol-case-studyhomeworkping3
 
IP Datagram Structure
IP Datagram StructureIP Datagram Structure
IP Datagram StructureHitesh Mohapatra
 
IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6Ankita Mahajan
 
I pv6(internet protocol version 6)
I pv6(internet protocol version 6)I pv6(internet protocol version 6)
I pv6(internet protocol version 6)Subrata Kumer Paul
 
Ipv4 header
Ipv4 headerIpv4 header
Ipv4 headerPouyan Zamani
 
Understanding TCP and HTTP
Understanding TCP and HTTP Understanding TCP and HTTP
Understanding TCP and HTTP Nicole Gaehle, MSIST
 
Network Layer
Network LayerNetwork Layer
Network LayerGhaffar Khan
 
Wireshark Lab HTTP, DNS and ARP v7 solution
Wireshark Lab HTTP, DNS and ARP v7 solutionWireshark Lab HTTP, DNS and ARP v7 solution
Wireshark Lab HTTP, DNS and ARP v7 solutionUnited International University
 
I pv4 and ipv6
I pv4 and ipv6I pv4 and ipv6
I pv4 and ipv6manirajan12
 
Ipv4 and Ipv6
Ipv4 and Ipv6Ipv4 and Ipv6
Ipv4 and Ipv6rahul kundu
 
INTERNET PROTOCOL VERSION 6
INTERNET PROTOCOL VERSION 6INTERNET PROTOCOL VERSION 6
INTERNET PROTOCOL VERSION 6Chaitanya Ram
 
Comparative study of IPv4 & IPv6 Point to Point Architecture on various OS pl...
Comparative study of IPv4 & IPv6 Point to Point Architecture on various OS pl...Comparative study of IPv4 & IPv6 Point to Point Architecture on various OS pl...
Comparative study of IPv4 & IPv6 Point to Point Architecture on various OS pl...IOSR Journals
 
IPV6 Addressing
IPV6 Addressing IPV6 Addressing
IPV6 Addressing Heba_a
 
Wireshark udp solution
Wireshark udp solutionWireshark udp solution
Wireshark udp solutionYasin Abdullah
 
Transport Layer
Transport LayerTransport Layer
Transport LayerRam Dutt Shukla
 
01 Ipv6 Addressing
01 Ipv6 Addressing01 Ipv6 Addressing
01 Ipv6 AddressingHaris Padinharethil
 
Ipv6up
Ipv6upIpv6up
Ipv6upasimnawaz54
 
IP Address
IP AddressIP Address
IP AddressRahul P
 

Weitere ähnliche Inhalte

Was ist angesagt?

Lec 2(intoduction of computer networkes)
Lec 2(intoduction of computer networkes)Lec 2(intoduction of computer networkes)
Lec 2(intoduction of computer networkes)maamir farooq
 
Lec 12(Transport Layer)
Lec 12(Transport Layer)Lec 12(Transport Layer)
Lec 12(Transport Layer)maamir farooq
 
84486335 address-resolution-protocol-case-study
84486335 address-resolution-protocol-case-study84486335 address-resolution-protocol-case-study
84486335 address-resolution-protocol-case-studyhomeworkping3
 
IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6Ankita Mahajan
 
I pv6(internet protocol version 6)
I pv6(internet protocol version 6)I pv6(internet protocol version 6)
I pv6(internet protocol version 6)Subrata Kumer Paul
 
INTERNET PROTOCOL VERSION 6
INTERNET PROTOCOL VERSION 6INTERNET PROTOCOL VERSION 6
INTERNET PROTOCOL VERSION 6Chaitanya Ram
 
Comparative study of IPv4 & IPv6 Point to Point Architecture on various OS pl...
Comparative study of IPv4 & IPv6 Point to Point Architecture on various OS pl...Comparative study of IPv4 & IPv6 Point to Point Architecture on various OS pl...
Comparative study of IPv4 & IPv6 Point to Point Architecture on various OS pl...IOSR Journals
 
IPV6 Addressing
IPV6 Addressing IPV6 Addressing
IPV6 Addressing Heba_a
 
Wireshark udp solution
Wireshark udp solutionWireshark udp solution
Wireshark udp solutionYasin Abdullah
 

Was ist angesagt? (20)

Lec 2(intoduction of computer networkes)
Lec 2(intoduction of computer networkes)Lec 2(intoduction of computer networkes)
Lec 2(intoduction of computer networkes)
 
Final Presentation
Final PresentationFinal Presentation
Final Presentation
 
Lec 12(Transport Layer)
Lec 12(Transport Layer)Lec 12(Transport Layer)
Lec 12(Transport Layer)
 
The Internet Protocol version 4 (IPv4)
The Internet Protocol version 4 (IPv4)The Internet Protocol version 4 (IPv4)
The Internet Protocol version 4 (IPv4)
 
84486335 address-resolution-protocol-case-study
84486335 address-resolution-protocol-case-study84486335 address-resolution-protocol-case-study
84486335 address-resolution-protocol-case-study
 
IP Datagram Structure
IP Datagram StructureIP Datagram Structure
IP Datagram Structure
 
IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6
 
I pv6(internet protocol version 6)
I pv6(internet protocol version 6)I pv6(internet protocol version 6)
I pv6(internet protocol version 6)
 
Ipv4 header
Ipv4 headerIpv4 header
Ipv4 header
 
Understanding TCP and HTTP
Understanding TCP and HTTP Understanding TCP and HTTP
Understanding TCP and HTTP
 
Network Layer
Network LayerNetwork Layer
Network Layer
 
Wireshark Lab HTTP, DNS and ARP v7 solution
Wireshark Lab HTTP, DNS and ARP v7 solutionWireshark Lab HTTP, DNS and ARP v7 solution
Wireshark Lab HTTP, DNS and ARP v7 solution
 
I pv4 and ipv6
I pv4 and ipv6I pv4 and ipv6
I pv4 and ipv6
 
Ipv4 and Ipv6
Ipv4 and Ipv6Ipv4 and Ipv6
Ipv4 and Ipv6
 
INTERNET PROTOCOL VERSION 6
INTERNET PROTOCOL VERSION 6INTERNET PROTOCOL VERSION 6
INTERNET PROTOCOL VERSION 6
 
Comparative study of IPv4 & IPv6 Point to Point Architecture on various OS pl...
Comparative study of IPv4 & IPv6 Point to Point Architecture on various OS pl...Comparative study of IPv4 & IPv6 Point to Point Architecture on various OS pl...
Comparative study of IPv4 & IPv6 Point to Point Architecture on various OS pl...
 
IPV6 Addressing
IPV6 Addressing IPV6 Addressing
IPV6 Addressing
 
Wireshark udp solution
Wireshark udp solutionWireshark udp solution
Wireshark udp solution
 
Transport Layer
Transport LayerTransport Layer
Transport Layer
 
01 Ipv6 Addressing
01 Ipv6 Addressing01 Ipv6 Addressing
01 Ipv6 Addressing
 

Ähnlich wie Tlcm513 ipv6

IP Address
IP AddressIP Address
IP AddressRahul P
 
IPv6 Community Event: IPv6 Protocol Architecture
IPv6 Community Event: IPv6 Protocol ArchitectureIPv6 Community Event: IPv6 Protocol Architecture
IPv6 Community Event: IPv6 Protocol ArchitectureAPNIC
 
Complete notes of computer networks. Bca or bsc students
Complete notes of computer networks. Bca or bsc studentsComplete notes of computer networks. Bca or bsc students
Complete notes of computer networks. Bca or bsc studentssreejasethu1
 
2 logical addressing
2 logical addressing2 logical addressing
2 logical addressinggafurov_x
 
6 ccna (fundamentals of i pv4 addressing and routing)
6 ccna (fundamentals of i pv4 addressing and routing)6 ccna (fundamentals of i pv4 addressing and routing)
6 ccna (fundamentals of i pv4 addressing and routing)Ulaş Ural
 
Computer network (12)
Computer network (12)Computer network (12)
Computer network (12)NYversity
 
Clase 1 Direccionamiento IPv4.pdf
Clase 1 Direccionamiento IPv4.pdfClase 1 Direccionamiento IPv4.pdf
Clase 1 Direccionamiento IPv4.pdfFERNANDOBONILLA43
 
Internet Protocol version 6
Internet Protocol version 6Internet Protocol version 6
Internet Protocol version 6Rekha Yadav
 
IPV6 EXPLANATION BY FOROUZANN DATA COMMUNICATION
IPV6 EXPLANATION BY FOROUZANN DATA COMMUNICATIONIPV6 EXPLANATION BY FOROUZANN DATA COMMUNICATION
IPV6 EXPLANATION BY FOROUZANN DATA COMMUNICATIONgopi5692
 
IPv6 - The Next next generation protocol
IPv6 - The Next next generation protocolIPv6 - The Next next generation protocol
IPv6 - The Next next generation protocolMohit Sharma
 
Briefly explain the three types of IPv6 addresses-SolutionThree types.docx
Briefly explain the three types of IPv6 addresses-SolutionThree types.docxBriefly explain the three types of IPv6 addresses-SolutionThree types.docx
Briefly explain the three types of IPv6 addresses-SolutionThree types.docxgilliandunce53776
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheetSwarup Hait
 
ipv6_cheat_sheet.pdf
ipv6_cheat_sheet.pdfipv6_cheat_sheet.pdf
ipv6_cheat_sheet.pdfpradeeppotter
 

Ähnlich wie Tlcm513 ipv6 (20)

Ipv6up
Ipv6upIpv6up
Ipv6up
 
IP Address
IP AddressIP Address
IP Address
 
IPv6 Community Event: IPv6 Protocol Architecture
IPv6 Community Event: IPv6 Protocol ArchitectureIPv6 Community Event: IPv6 Protocol Architecture
IPv6 Community Event: IPv6 Protocol Architecture
 
IPv4.pdf
IPv4.pdfIPv4.pdf
IPv4.pdf
 
Complete notes of computer networks. Bca or bsc students
Complete notes of computer networks. Bca or bsc studentsComplete notes of computer networks. Bca or bsc students
Complete notes of computer networks. Bca or bsc students
 
Ipv4 and Ipv6
Ipv4 and Ipv6Ipv4 and Ipv6
Ipv4 and Ipv6
 
2 logical addressing
2 logical addressing2 logical addressing
2 logical addressing
 
Chapter6
Chapter6Chapter6
Chapter6
 
6 ccna (fundamentals of i pv4 addressing and routing)
6 ccna (fundamentals of i pv4 addressing and routing)6 ccna (fundamentals of i pv4 addressing and routing)
6 ccna (fundamentals of i pv4 addressing and routing)
 
Computer network (12)
Computer network (12)Computer network (12)
Computer network (12)
 
Clase 1 Direccionamiento IPv4.pdf
Clase 1 Direccionamiento IPv4.pdfClase 1 Direccionamiento IPv4.pdf
Clase 1 Direccionamiento IPv4.pdf
 
Internet Protocol
Internet ProtocolInternet Protocol
Internet Protocol
 
Internet Protocol version 6
Internet Protocol version 6Internet Protocol version 6
Internet Protocol version 6
 
IPV6 EXPLANATION BY FOROUZANN DATA COMMUNICATION
IPV6 EXPLANATION BY FOROUZANN DATA COMMUNICATIONIPV6 EXPLANATION BY FOROUZANN DATA COMMUNICATION
IPV6 EXPLANATION BY FOROUZANN DATA COMMUNICATION
 
IPV6.ppt
IPV6.pptIPV6.ppt
IPV6.ppt
 
IPv6 - The Next next generation protocol
IPv6 - The Next next generation protocolIPv6 - The Next next generation protocol
IPv6 - The Next next generation protocol
 
Briefly explain the three types of IPv6 addresses-SolutionThree types.docx
Briefly explain the three types of IPv6 addresses-SolutionThree types.docxBriefly explain the three types of IPv6 addresses-SolutionThree types.docx
Briefly explain the three types of IPv6 addresses-SolutionThree types.docx
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheet
 
ipv6_cheat_sheet.pdf
ipv6_cheat_sheet.pdfipv6_cheat_sheet.pdf
ipv6_cheat_sheet.pdf
 
Network Layer And I Pv6
Network Layer And I Pv6Network Layer And I Pv6
Network Layer And I Pv6
 

Kürzlich hochgeladen

How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 

Kürzlich hochgeladen (20)

How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 

Tlcm513 ipv6

  • 1. Internet Protocol Version 6 Parvin Beekharry Pascal Chrispeels
  • 2. Introduction What is wrong with IPv4 ? The address issue: IPv6 128 bit address = 296 (7.92282 1028 ) Unicast Anycast Multicast IPv4 32 bit address = 232 (4 294 967 296) Class A between 1 and 126 Class B between 128 and 191 Class C between 192 and 223
  • 3. The header problem: Version n o IHL Type of Service Total Length Identification Flags Fragment offset Time-to-live Protocol Header Checksum Source Address 32 bits Destination Address 32 bits Options Padding IPv4 Header IPv6 Header Version no Class (priority) Flow label Payload Length Next Header Hop Limit Source Address 128 bits Destination Address 128 bits Headers
  • 4. Major changes from IPv4 to IPv6: Expanded addressing capabilities New type of addresses (unicast) Header format simplification Improved support of option (extension headers) Authentication and privacy capabilities Improvements
  • 6. Architecture IPv6 addresses are 128 bits long There are 3 types of IPv6 addresses: Unicast: An identifier for a single interface Anycast: An identifier for a set of interfaces (typically belonging to different nodes) Multicast: An identifier for a set of interfaces (typically belonging to different nodes)
  • 7. Address Notation 8 * (16 bit field) = 128 bits The designers of the protocol chose to write the 128 bits as eight 16-bit integers separated by colons, each integer is rep by 4 hex digits, e.g: FEDC:BA98:7654:3210:FEDC:BA98:7654:3210
  • 8. Address Assignments The first field of any IPv6 address is a variable- length format prefix, which identifies various categories of addresses. Some current allocation of addresses based on the format prefix are: Provider-Based Unicast Address: 010 Link Local Use Addresses: 1111 1110 10 Site Local Use Addresses: 1111 1110 11 Multicast Addresses: 1111 1111
  • 9. Unicast Format of an IPv6 Provider-based global Unicast address: TLA: Top level aggregate(provider ID) NLA: Next level aggregate(subscriber ID) SLA: Site local aggregate(subnet ID) IPv4: 010 TLA NLA SLA Interface ID 3 13 32 16 64 bits Network Subnet Interface ID 32bits
  • 10. Special Unicast Addresses. In addition to provider based addresses, there are 5 other unicast addresses: Unspecified addresses Loopback addresses IPv4 -based addresses Site local addresses Link local addresses E.g. IPv4-Compatible IPv6 addresses consists of a 32-bit IPv4 address prefixed by 96 zeroes. Bits: IPv4 Address0.0…. …..0.0 96 32
  • 11. Anycast Address An anycast address enables a source to specify that it wants to contact any one node from a group of nodes via a single address. A packet with such an address will be routed to the nearest interface in the group, according to the router's measure of distance (hop count, cost, etc) One particular form of anycast address is the subnet-router anycast address Bits: n 128-n 000……….000Subnet prefix
  • 12. Multicast Address IPv6 includes the capability to address a predefined group of interfaces with a single multicast address. A multicast address consists of an 8-bit prefix of ones, a 4-bit flag field, a 4-bit scope field and a 112-bit group ID. Flags: T = 0: Indicates a permanently assigned or well-known multicast address, assigned by the global internet numbering authority T = 1: Indicates a nonpermanently-assigned, or transient, multicast address Group ID 4 11248 Bits 1111111 Flgs Scope 000T
  • 13. The IPV6 protocol consists of two headers: The Basic IP Header The Extension Header. Routing Basic IP Header Extension Header Data
  • 14. Basic IP header Version no Class (priority) Flow label Payload Length Next Header Hop Limit Source Address 128 bits Destination Address 128 bits 4 bit Version N0 4 bit Priority N0 Flow Label Payload Length Next Header Hop Limit 128 bit Source 128 bit Destination
  • 15. 4 bit Version N0 4 bit Priority N0 Flow Label Payload Length Next Header Hop Limit 128 bit Source 128 bit Destination Four bit version number: Four bit Internet Protocol version number. In this case no 6. Four bit Priority number: Identifies the desired delivery priority of its packet. The priority values are divided into two sets. Value 0 through 7 are used to specify the priority of traffic for which the source is providing congestion control, that is traffic that “backs off” in case of congestion (for example TCP traffic). Values 8 through 15 are used to specify the priority of traffic that does not back off in response to congestion (for example real time packets being sent at a constant rate.) For congestion control traffic, the following priority values are recommended for particular applications categories: 0 Uncharacterized Traffic 1 Filler Traffic (Netnews) 2 Unattended data transfer (e-mail) 3 (Reserved) 4 Attended bulk transfer (FTP, HTTP, NFS) 5 (Reserved) 6 Interactive Traffic (Telnet) 7 Internet Control Traffic (SNMP) Flow Label: A flow is a sequence of packets sent from a particular source to a particular destination for which the source desires special handling by the routers. The 24 bit flow label field in the IPV6 header may be used by a source to label those packets for which it requests special handling by the IPV6 routers. This includes non default quality of service or “real-time” service. All packets belonging to the same flow must be sent with the same source address, same destination address and same non- zero flow label. Payload Length: 16 bit field. The payload length does exactly what it says, give the exact length of the payload (i.e., the rest of the packet following the IPV6 header) in bytes. Next Header: An 8 bit selector. The next header identifies the type of header (Extension Header) immediately following the basic IP Header. It uses the same values as the IPV4 Protocol field. Hop Limit: The Hop limit is used to prevent a misrouted packet to travel around the network forever without being discarded. It is actually a counter decremented by one each time it reaches a node. The packet will be discarded when the Hop Limit reaches zero. Source Address: 128 bit address of the originator packet. Destination address: 128 bit address of the intended recipient of the packet.
  • 16. Basic IP Header Next value = TCP Extension Header = TCP Data Extension header Basic IP Header Next value = Routing DataExtension Header = TCP Extension Header = Routing Next Header value = TCP In IPV6, optional information is encoded in one or multiple separate headers that are placed between the Basic IP Header and the Payload. There are multiple Extension headers. Each one is identified by a unique figure in the Next Header value of the Basic IP Header or preceding Extension headers. The improvement compare to IPV4 is that Extension Headers can be of arbitrary length. The total amount of options carried in a packet is not limited and can even be fragmented. IPV6 packets may carry zero, one or multiple Extension headers.
  • 17. Extension header There are six different Extension headers: Hop by Hop header Routing header Fragment header Destination header Authentication header Encapsulation header Security
  • 18. The hop-by-hop option handles every special option which requires hop by hop processing. For example, the PadN option will be inserted in the Hop-by-Hop header when needed (the PadN option is used to insert two or more bytes of padding. To pad out a packet consists of adding one or two bit to a packet to obtain a final bit number of 8 or a multiple of 8). Hop by Hop header
  • 19. Routing header Identified by a Next Header label of 43, the Routing Header is used by IPV6 to list one or more intermediate nodes to “go through” on the way to the packet’s destination. This new technique is called address sequencing. Suppose that address sequences are shown by a list of individual addresses separated by a comma like the one here underneath. SRC, I1, I2, I3, DST The first Address is the source, the last is the destination and the middle addresses are intermediate nodes.
  • 20. Address Sequencing Assume that H1 and H2’s sites are both connected to providers P1 and P2. A third wireless provider, PR, is connected to both. P1 H1 PR H2 P2 The simplest case (no use of address sequences) is when H1 wants to send a packet to H2 containing the addresses: H1, H2 When H2 replies it reverses the addresses and construct a packet containing the addresses: H2, H1 In this example either provider could be used, and H1 and H2 would not be able to select which provider traffic would be send and received from. If H1 decides that it wants to enforce a policy that all communications from/to H2 can only use provider P1, it would construct a packet containing the address sequence: H1, P1, H2 This ensures that when H2 replies to H1, it will reverse the route and the reply would also travel over P1. The addresses in H2’s reply would look like: H2, P1, H1 If H1 became mobile and moved to provider PR, it could maintain (not breaking any transport connections) communication with H2, by sending packets that contain the address sequence: H1, PR, P1, H2 This would ensure that when H2 replies, it would enforce H1’s policy of exclusive use of provider P1 and send the packet to H1 new location on provider PR. The reversed address sequence would be: H2, P1, PR, H1
  • 21. Fragment Header The fragment Option is used by an IPV6 source to send a packet larger than would fit in the path to its destination. In order to send a packet that is too large, a source node may divide the packet into fragments and send each fragment as a separate packet to be reassembled at the receiver’s point.
  • 22. Fragment Header The initial packet is referred to as the original packet and consists of two parts: the unfragmentable part and the fragmentable part. The unfragmentable part consists of the IPV6 header plus any extension headers that must be processed by nodes along the path to destination. Unfragmentable Part Fragmentable Part The fragmentable part is made out of the rest of the packet, that is, any extension header that only needs to be processed by the final destination. Unfragmentable Part Fragment Header First Fragment Unfragmentable Part Fragment Header Second Fragment
  • 23. Destination Header The destination option is used to carry optional information that need to be examined only by a packet’s destination node. This header is identified by a next header value of 60. Different actions will be available in the destination header but have yet to be defined.
  • 25. Security Application-specific security mechanisms, e.g: secure HTTP & Secure Socket Layer for web access SNMPv2 security for network management & Privacy enhanced mail, PGP for electronic mail However the security concerns that cuts across protocol layers still has to be addressed. Solution: By implementing security at the IP level, an organization can ensure secure networking not only for applications that have security mechanisms but for the many security-ignorant applications.
  • 26. IETF standards RFC 1825: An overview of a security architecture RFC 1826: Description of a packet authentication extension to IP RFC 1828: A specific authentication mechanism RFC 1827: Description of a packet encryption extension to IP RFC 1829: A specific encryption mechanism
  • 27. IP level security Authentication:The authentication mechanism ensures that a received packet was in fact transmitted by the party identified as the source in the packet header. Privacy: The privacy facility enables communicating nodes to encrypt messages to prevent eavesdropping by third parties. The security features are implemented as extension headers that follow the main IP header. The extension header for authentication is known as the authentication header; that for privacy, the encapsulating security payload (ESP) header.
  • 28. Security Association A security association is uniquely identified by an internet destination address and a security parameter index (SPI). Hence, in any IP packet, the security association is uniquely identified by the destination address in the IPv4 or IPv6 header and the SPI in the enclosed extension header (authentication header, AH, or ESP header). Ex. Authenticated & Encrypted packets: IPv6 H ---Routing H A H ESP H TCP H +Data
  • 29. Authentication The authentication header provides support for data integrity and authentication of IP packets. The AH consists of the following fields :
  • 30. ESP The AH header does not transform data. When confidentiality is desired, the ESP header should be used. This Header is always the last one in the chain of IPv6 extension headers. Format of the ESP header: 32-bit SPI 32-bit Sequence number Encrypted Data &Parameters Authentication Data
  • 31. ESP The use of ESP provides support for privacy and data integrity for IP packets. ESP can operate in two different modes: Transport-mode ESP, encrypt either a TCP, UDP or ICMP segment Tunnel-mode ESP, encrypts an entire IP packet
  • 32. ESP Transport-mode operation provides privacy for any application that uses it, thus avoiding the need to implement privacy in every individual application. Tunnel-Mode ESP -- Tunnel-mode ESP is used to encrypt an entire IP packet. For this mode, the ESP is prefixed to the packet and then the packet plus a trailing portion of the ESP header is encrypted. This method can be used to counter traffic analysis.
  • 33. Authentication plus Privacy The two IP security mechanisms can be combined in order to transmit an IP packet that has both privacy and authentication. Encryption Before Authentication: The entire transmitted IP packet is authenticated, including both encrypted & unencrypted parts. Authentication Before Encryption: The AH is placed inside the inner IP packet, this inner packet is both authenticated and protected by the privacy mechanism.

Hinweis der Redaktion

  1. Unicast :An identifier for a single interface. A packet sent to a unicast address is delivered to the interface identified by that address. Anycast: An identifier for a set of interfaces (typically belonging to different nodes). A packet sent to an anycast address is delivered to one of the interfaces identified by that address (the "nearest" according to the routing protocols' measure of distance). Multicast: An identifier for a set of interfaces (typically belonging to different nodes). A packet sent to a multicast address is delivered to all interfaces identified by that address.
  2. These standards are mandatory for IPv6 and optional for IPv4.
  3. Longer IPv6 addresses allow for aggregating add by hierarchies of network, access provider, geography, corporation, and so on. Such aggregation should make for smaller routing tables and faster table look-ups.
  4. Transition Process: During the transition from IPv4 to IPv6, there will be a lengthy transition period when IPv6 & IPv4 must coexist. IPv4-compatible IPv6 addresses accomodates for this coexistence period. It consists of a 32-bit IPv4 address prefixed by 96 Zeroes.
  5. An anycast address enables a source to specify that it wants to contact any one node from a group of nodes via a single address. A packet with such an address will be routed to the nearest interface in the group, according to the router's measure of distance. An example of the use of an anycast address is within a routing header to specify an intermediate address along a route. The anycast address could refer to the group of routers associated with a particular provider or particular subnet, thus dictating that the packet be routed through that provider or internet in the most efficient manner.
  6. Multicasting is a useful capability in a number of contexts. For example, it allows hosts and routers to send neighbor discovery messages only to those machines that are registered to receive them, removing the necessity for all other machines to examine and discard irrelevant packets. As another example, most LANs provide a natural broadcast capability. A multicast address can be assigned that has a scope of link-local with a group ID configured on all nodes on the LAN to be a subnet broadcast address.
  7. Address sequencing gives a lot of QOS capabilities to IPV6. For example, it could be used for provider selection (based on policy, performance, cost , etc…), mobility (best route to a current location) or re-addressing (route to a new address).
  8. Each fragment packet is composed of: The unfragmentable part of the original packet , with the Payload Length of the original IPV6 header changed to contain the length of this fragment packet. A fragment header containing the header value that identifies the first header of the fragmentable part of the original packet. And finally, the fragment packet itself. At the destination, fragment packets are reassembled into their original, unfragmented form. An original packet is reassembled only from fragment packets that have the same source address, destination address and fragment identification.
  9. Until now, the internet community has only developed application-specific security mechanisms
  10. These standards are mandatory for IPv6 and optional for IPv4.
  11. IP-level security encompasses two functional areas; Authentication and Privacy. In addition, this mechanism ensures that the packet has not been altered in transit.
  12. Security parameters index (32 bits): Identifies a security association. The authentication data field contents will depend on the authentication algorithm specified. Authentication Using Keyed MD5 -- RFC 1828 specifies the use of MD5 for authentication. The MD5 algorithm is performed over the IP packet plus a secret key by the source and then inserted into the IP packet. At the destination, the same calculation is performed on the IP packet plus the secret key and compared to the received value. This procedure provides both authentication and data integrity.
  13. One drawback to this mode is that it is possible to do traffic analysis on the transmitted packets. Because the IP header contains the destination address and possibly source routing directives and hop-by-hop option information, it is not possible to simply transmit the encrypted IP packet prefixed by the ESP header. Intermediate routes would be unable to process such a packet. Therefore, it is necessary to encapsulate the entire block (ESP header plus encrypted IP packet) with a new IP header that will contain sufficient information for routing but not for traffic analysis. Whereas the transport mode is suitable for protecting connections between hosts that support the ESP feature, the tunnel mode is useful in a configuration that includes a firewall or other sort of security gateway which protects a trusted network from external networks.
  14. 2 approaches: Encryption before Authentication Authentication before Encryption