IPv6 Basic Services - PowerPoint PPT Presentation

1 / 13
About This Presentation
Title:

IPv6 Basic Services

Description:

... also use Neighbour Discovery to check that addresses are unique on ... basic things like nameserver and domain name (also SIP server options in image I checked) ... – PowerPoint PPT presentation

Number of Views:75
Avg rating:3.0/5.0
Slides: 14
Provided by: 6jou
Category:
Tags: address | basic | check | domain | hosting | ipv6 | name | services | uk | web

less

Transcript and Presenter's Notes

Title: IPv6 Basic Services


1
IPv6 Basic Services
  • Stig Venaas
  • sv_at_ecs.soton.ac.uk
  • University of Southampton/UNINETT

2
Overview
  • Neighbour discovery
  • Autoconfiguration
  • PathMTU discovery
  • DHCP
  • DNS
  • NTP

3
Multicast addresses
  • 4 bits flags (well known/transient), 4 bits
    scope, 32 bits group ID
  • Node local ff01, link local ff02, site local
    ff05, organization local ff08
  • Some special multicast addresses
  • All nodes addresses ff011, ff021
  • All routers addresses ff012, ff022, ff052
  • Solicited-node address ff021ffXXXXXX
  • For each unicast address a node responds to the
    solicited-node address where the Xes are the
    last 24 bits of the unicast address.

4
Neighbour discovery
  • RFC 2461, Replaces IPv4 ARP, no broadcast
  • Uses multicast and ICMP
  • Address resolution
  • Sends solicitation message to the solicited-node
    multicast address of the target address (sender
    includes its link layer address). Target responds
    with an advertisement message containing its link
    layer address
  • Individual hosts will receive much less address
    resolution packets than in IPv4
  • Using ICMP is more media-independent than ARP and
    allows for IP security mechanisms.

5
Auto configuration(1)
  • RFC 2462, stateless autoconfiguration of
    addresses, default router, MTU etc. Not DHCPv6
    (separate protocol)
  • Uses multicast and ICMP
  • Router advertisement messages
  • Sent by routers at regular intervals or when
    prompted
  • Info about prefixes, hop limit, MTU, life time
    etc.
  • Sent to all-nodes multicast address or a specific
    host
  • Router solicitation messages
  • Prompts for a router advertisement, advertisement
    is sent to the source address.

6
Auto configuration (2)
  • Interface identifier
  • 64 bit identifier, required to be unique on the
    link
  • One way is IEEE EUI-64, for ethernet EUI-64 gives
    a way of creating 64 bits identifier from 48 bits
    MAC
  • Link local address FE80EUI-64
  • Check uniqueness by sending neighbor solicitation
  • Global and site-local addresses
  • Append interface identifier to known prefixes
  • Prefixes usually known from router advertisements
  • Hosts also use Neighbour Discovery to check that
    addresses are unique on the link (Duplicate
    Address Detection)

7
PathMTU discovery
  • IPv6 requires MTU to be at least 1280 bytes
  • PathMTU discovery always done
  • Minimal implementations can avoid it by using the
    minimal MTU of 1280
  • Done similar to IPv4
  • Only sender fragments (like IPv4 with DF) and
    usually only receiver reassembles
  • If router is about to forward a packet out an
    interface with MTU less than packet size, it will
    send ICMP Packet Too Big to the packets source
    address
  • Fragmentation should be avoided, better that the
    application reduces packet size

8
DHCP (1)
  • IPv6 has stateless address autoconfiguration but
    DHCPv6 (RFC 3315) is available too
  • DHCPv6 can be used both for assigning addresses
    and providing other information like nameserver,
    ntpserver etc
  • If not using DHCPv6 for addresses, no state is
    required on server side and only part of the
    protocol is needed. This is called Stateless
    DHCPv6 (RFC 3736)
  • Some server and client implementations only do
    Stateless DHCPv6 while others do the full DHCP
    protocol
  • The two main approaches are
  • Stateless address autoconfiguration with
    stateless DHCPv6 for other information
  • Using DHCPv6 for both addresses and other
    information to obtain better control of address
    assignment

9
DHCP (2)
  • One possible problem for DHCP is that DHCPv4 only
    provides IPv4 information (addresses for servers
    etc) while DHCPv6 only provides IPv6 information.
    Should a dual-stack host run both or only one
    (which one)?
  • Several vendors working on DHCP but only a few
    implementations available at the moment
  • DHCPv6 http//dhcpv6.sourceforge.net/
  • dibbler http//klub.com.pl/dhcpv6/
  • NEC, Lucent etc. are working on their own
    implementations
  • Cisco routers have a built-in stateless server
    that provides basic things like nameserver and
    domain name (also SIP server options in image I
    checked).
  • DHCP can also be used between routers for prefix
    delegation (RFC 3633). There are several
    implementations. E.g. Cisco routers can act as
    both client and server

10
DNS IPv6 transport
  • Most name servers are not accessible over IPv6
  • Situation is improving. Several TLD servers are
    accessible over IPv6 (including .com)
  • A few root servers are now accessible with IPv6
    but not registered with AAAA in DNS
  • I believe the issue is that if you ask for NS for
    . The additional section with addresses should
    fit within a single packet (512 bytes when not
    supporting EDNS0)
  • IPv6-only hosts will need help of a dual-stack
    name server for resolving (translation possible
    solution but not recommended)
  • This may be as simple as putting the IPv6 address
    of recursive dual-stack nameserver in named.conf
  • Only a few stub resolver libraries support IPv6
    transport, glibc on Linux does. One solution is
    using another resolver library or running a
    purely caching nameserver locally
  • BIND9 and possibly nsd supports IPv6 transport as
    standard
  • Patches available for djbdns (dont think native
    yet)

11
DNS storing IPv6 info
  • Practically all up to date nameservers allow you
    to store DNS data
  • Almost like IPv4, e.g.
  • sverresborg AAAA 2001700e000020475fffee4423
    b
  • storhaugen AAAA 2001700e000029027fffe22
    7186
  • ORIGIN 0.0.0.0.0.0.0.e.0.0.7.0.1.0.0.2.ip6.arpa
  • b.3.2.4.4.e.e.f.f.f.5.7.4.0.2.0 PTR
    sverresborg.uninett.no.
  • 6.8.1.7.2.2.e.f.f.f.7.2.0.9.2.0 PTR
    storhaugen.uninett.no.
  • ORIGIN as above or a zone per /64 makes things a
    little easier
  • Some resolvers still use ip6.int, if you really
    want you can register both. If no ORIGIN in
    zone file you can use same file for ip6.arpa and
    ip6.int

12
DNS named.conf for BIND9
  • For IPv6 transport add e.g.
  • listen-on-v6 any
  • transfer-source-v6 to specify IPv6 source
    address for transfers
  • query-source-v6 address port to specify
    IPv6 source for queries
  • IPv6 addresses can be used in ACLs
  • Rest as normal. With a zone for each /64 you
    might have e.g.
  • zone 0.0.0.0.0.0.0.e.0.0.7.0.1.0.0.2.ip6.arpa (
  • type master
  • file pz/0.0.0.0.0.0.0.e.0.0.7.0.1.0.0
    .2.ip6.arpa
  • )
  • If want to support ip6.int and no ORIGIN in the
    file, we can also do
  • zone 0.0.0.0.0.0.0.e.0.0.7.0.1.0.0.2.ip6.int (
  • type master
  • file pz/0.0.0.0.0.0.0.e.0.0.7.0.1.0.0
    .2.ip6.arpa
  • )

13
NTP
  • NTP server and client from http//www.ntp.org/
  • IPv6 addresses can be used all places where IPv4
    is used, except for reference clock addresses
    which always are IPv4
  • -4 or -6 can specified in front of hostnames to
    force v4 or v6
  • Can also use IPv6 multicast. IANA has reserved
    the site-local multicast address ff05101
  • The IPv6 enabled RIPE TTM can also be used as an
    IPv6 NTP server
  • Also commercial Meinberg NTP server
  • See http//eng.hexago.com/services/ntp.shtml for
    list of public IPv6 NTP servers
Write a Comment
User Comments (0)
About PowerShow.com