IPv4 to IPv6 Network Address Translation - PowerPoint PPT Presentation

About This Presentation
Title:

IPv4 to IPv6 Network Address Translation

Description:

A new addressing scheme that would resolve the limitations, and an ... Network Address translation of private address to global ... superseded by ... – PowerPoint PPT presentation

Number of Views:493
Avg rating:3.0/5.0
Slides: 30
Provided by: msa79
Category:

less

Transcript and Presenter's Notes

Title: IPv4 to IPv6 Network Address Translation


1
IPv4 to IPv6 Network Address Translation
2
Introduction
  • What is the current internet addressing scheme
    and what limitations does it face.
  • A new addressing scheme that would resolve the
    limitations, and an interim path towards the new
    scheme.

3
What we will cover during this presentation
  • IPv4 Address structure
  • The IPv4 address resource problem
  • Network Address translation of private address to
    global addresses for IPv4 address conservation.
  • IPv6 Specifications (rfc1883)
  • IPv6 addressing structure (rfc1884)
  • IPv4 to IPv6 transition and NAT considerations
  • IPv6 to IPv4 address translation at the edge
    router and higher layer consideration.
  • Need for port number translations in IPv4 to IPv6
    NAT(rfc2766)

4
IPv4 Address Scheme
  • IP Packet Format
  • An IP packet contains several types of
    information, as illustrated.

5
  • Version---Indicates the version of IP currently
    used.
  • IP Header Length (IHL)---Indicates the datagram
    header length in 32-bit words.
  • Type-of-Service---Assigns datagrams various
    levels of importance.
  • Total Length---Specifies the length, in bytes, of
    the entire IP packet.
  • Identification---Contains an integer that
    identifies the current datagram.
  • Flags---The two low-order (least-significant)
    bits control fragmentation. The low-order bit
    specifies whether the packet can be fragmented.
    The middle bit specifies whether the packet is
    the last fragment in a series of fragmented
    packets. The third or high-order bit is not used.
  • Fragment Offset---Indicates the position of the
    fragment's data relative to the beginning of the
    data in the original datagram.
  • Time-to-Live---Maintains a counter that gradually
    decrements down to zero, at which point the
    datagram is discarded. This keeps packets from
    looping endlessly.
  • Protocol---Indicates which upper-layer protocol
    receives incoming packets after IP processing is
    complete.
  • Header Checksum---Helps ensure IP header
    integrity.
  • Source Address---Specifies the sending node.
  • Destination Address---Specifies the receiving
    node.
  • Options---Allows IP to support various options,
    such as security.
  • Data---Contains upper-layer information.

6
  • IPv4 Addressing
  • As with any other network-layer protocol, the IP
    addressing scheme is integral to the process of
    routing IP datagrams through an internetwork.
    Each IP address has specific components and
    follows a basic format. These IP addresses can be
    subdivided and used to create addresses for
    subnetworks, as discussed in more detail later.
  • Each host on a TCP/IP network is assigned a
    unique 32-bit logical address that is divided
    into two main parts the network number and the
    host number. The network number identifies a
    network and must be assigned by the Internet
    Network Information Center (InterNIC) if the
    network is to be part of the Internet. An
    Internet Service Provider (ISP) can obtain blocks
    of network addresses from the InterNIC and can
    itself assign address space as necessary. The
    host number identifies a host on a network and is
    assigned by the local network administrator.
  • The 32-bit IP address is grouped eight bits at a
    time, separated by dots, and represented in
    decimal format (known as dotted decimal
    notation). Each bit in the octet has a binary
    weight (128, 64, 32, 16, 8, 4, 2, 1). The minimum
    value for an octet is 0, and the maximum value
    for an octet is 255.The figure below illustrates
    the basic format of an IP address.

7
Private addresses to assign within a network(Not
globally routable)
  • 172.16.0.0/255.255.0.0
  • 192.168.0.0/255.255.255.0
  • 10.0.0.0/255.0.0.0
  • So in order to resolve the shortage of IPv4
    addresses so far the solution has been Network
    Address Translation as follows. With the
    following scheme a network can have almost
    infinite IP addresses yet never contribute to
    the finite globally routable IP addresses
    shortage.
  • In its simplest configuration, the Network
    Address Translator (NAT) operates on a router
    connecting two networks together one of these
    networks (designated as inside) is addressed with
    either private or obsolete addresses that need to
    be converted into legal addresses before packets
    are forwarded onto the other network (designated
    as outside). The translation operates in
    conjunction with routing, so that NAT can simply
    be enabled on an Internet access router when
    translation is desired.
  • Use of a NAT device provides RFC 1631-style
    network address translation on the router
    platform. The goal of NAT is to provide
    functionality as if the private network had
    globally unique addresses and the NAT device was
    not present.

8
  • Schema diagram

9
  • The above method is useful yet lacks a viable
    solution to globally routable IP address problem.
  • Since for every private IP address a globally
    routable IP address is needed for direct
    translation. Well in most cases it is not very
    profitable or at all possible to contain many IP
    addresses.
  • Dynamic Network address translation
  • One way to resolve this issue would be through
    Port Address Translation (PAT) as follows

10
  • PAT (Port Address Translation)
  • PAT does not work with H.323 applications,
    multimedia applications, and caching nameservers.
  • PAT works with DNS, FTP and passive FTP, HTTP,
    mail, RPC, rshell, Telnet, URL filtering, and
    outbound traceroute.
  • Finally when we have completely exhausted all
    available IPv4 resources we need to explore the
    new version of Ipng

11
  • NAT Enroute to translate
  • Host-A NAT router
    Host-X
  • ------ -----------
    ------
  • ltOuter IP header, with
  • srcAddr-A, DestAddr-Xgt,
  • embedding
  • ltEnd-to-end packet, with
  • srcAddr-k, DestAddr-Xgt
  • -----------------------------gt
  • ltOuter IP header, with
  • srcAddr-k, DestAddr-Xgt,
  • embedding
  • ltEnd-to-end packet, with
  • srcAddr-k, DestAddr-Xgt
  • --------------------------
    -gt

12
  • NAPT router enroute to translate
  • Host-A NAPT router
    Host-X
  • ------ -----------
    ------
  • ltOuter TCP/UDP packet, with
  • srcAddr-A, Src PortT-Na,
  • DestAddr-Xgt,
  • embedding
  • ltEnd-to-end packet, with
  • srcAddr-Nx, Src PortT-Nx, DestAddr-Xgt
  • -----------------------------gt
  • ltOuter TCP/UDP packet,
    with
  • srcAddr-Nx, Src
    PortT-Nxa,
  • DestAddr-Xgt,
  • embedding

13
  • IPv6 Specification (rfc1883)
  • IP version 6 (IPv6) is a new version of the
    Internet Protocol, designed as a successor to IP
    version 4 (IPv4) RFC-791. The changes from IPv4
    to IPv6 fall primarily into the following
    categories
  • Expanded Addressing Capabilities IPv6 increases
    the IP address size from 32 bits to 128 bits, to
    support more levels of addressing hierarchy, a
    much greater number of addressable nodes, and
    simpler auto-configuration of addresses.
  • The scalability of multicast routing is improved
    by adding a "scope" field to multicast addresses.
  • And a new type of address called an "anycast
    address" is defined, used to send a packet to any
    one of a group of nodes.
  • Header Format Simplification Some IPv4 header
    fields have been dropped or made optional, to
    reduce the common-case processing cost of packet
    handling and to limit the bandwidth cost of the
    IPv6 header.
  • Improved Support for Extensions and Options
    Changes in the way IP header options are encoded
    allows for more efficient forwarding, less
    stringent limits on the length of options, and
    greater flexibility for introducing new options
    in the future.
  • Flow Labeling Capability A new capability is
    added to enable the labeling of packets belonging
    to particular traffic "flows" for which the
    sender requests special handling, such as
    non-default quality of service or "real-time"
    service.
  • Authentication and Privacy Capabilities
    Extensions to support authentication, data
    integrity, and (optional) data confidentiality
    are specified for IPv6.

14
(No Transcript)
15
(No Transcript)
16
(No Transcript)
17
  • IPv6 Addressing scheme overview
  • IPv6 addresses are 128-bit identifiers for
    interfaces and sets of
  • interfaces. There are three types of
    addresses
  • Unicast An identifier for a single interface.
    A packet sent
  • to a unicast address is delivered
    to the interface
  • identified by that address.
  • Anycast An identifier for a set of interfaces
    (typically
  • belonging to different nodes).
    A packet sent to an
  • anycast address is delivered to
    one of the interfaces
  • identified by that address (the
    "nearest" one,
  • according to the routing
    protocols' measure of
  • distance).
  • Multicast An identifier for a set of interfaces
    (typically
  • belonging to different nodes).
    A packet sent to a

18
  • An example of a Unicast address format which will
    likely be common on
  • LANs and other environments where IEEE 802 MAC
    addresses are
  • available is
  • n bits 80-n bits
    48 bits
  • -------------------------------------------
    --------------------
  • subscriber prefix subnet ID
    interface ID
  • -------------------------------------------
    --------------------
  • Where the 48-bit Interface ID is an IEEE-802
    MAC address. The use of
  • IEEE 802 MAC addresses as a interface ID is
    expected to be very
  • common in environments where nodes have an
    IEEE 802 MAC address. In

19
(No Transcript)
20
(No Transcript)
21
(No Transcript)
22
  • Traditional-NAT-PT Operation (V6 to V4)
  • NAT-PT offers a straight forward solution
    based on transparent
  • routing NAT-TERM and address/protocol
    translation, allowing a large
  • number of applications in V6 and V4 realms to
    inter-operate without
  • requiring any changes to these applications.
  • In the following paragraphs we describe the
    operation of
  • traditional-NAT-PT and the way that
    connections can be initiated from
  • a host in IPv6 domain to a host in IPv4 domain
    through a
  • traditional-NAT-PT
  • Basic-NAT-PT Operation
  • IPv6-B-


23
  • The V4 addresses in the address pool could be
    allocated one-to-one to
  • the V6 addresses of the V6 end nodes in which
    case one needs as many
  • V4 addresses as V6 end points. In this
    document we assume that the V6
  • network has less V4 addresses than V6 end
    nodes and thus dynamic
  • address allocation is required for at least
    some of them.
  • Say the IPv6 Node A wants to communicate with
    the IPv4 Node C. Node
  • A creates a packet with
  • Source Address, SAFEDCBA9876543210 and
    Destination
  • Address, DA PREFIX132.146.243.30
  • NOTE The prefix PREFIX/96 is advertised in
    the stub domain by the
  • NAT-PT, and packets addressed to this PREFIX
    will be routed to the
  • NAT-PT. The pre-configured PREFIX only needs
    to be routable within
  • the IPv6 stub domain and as such it can be any
    routable prefix that
  • the network administrator chooses.
  • The packet is routed via the NAT-PT gateway,
    where it is translated

24
(No Transcript)
25
(No Transcript)
26
(No Transcript)
27
(No Transcript)
28
(No Transcript)
29
Close
  • Even with 20 years of TCP networks UUCP still
    exists
  • IPv6 to IPv4 NAT is just an iterim solution, will
    not work with all protocols.
  • Yet as a knowledgeable network professional we
    need to know about IPv6 issues.
Write a Comment
User Comments (0)
About PowerShow.com