Getting Ipv6 to the End-User
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
A Review and Qualitative Analysis of Ipv6 and Ipv4 Interoperability Technologies
A Review and Qualitative Analysis of IPv6 and IPv4 Interoperability Technologies Antti Maula Helsinki University of Technology [email protected] Abstract structured as follows: section 2 contains descriptions of ex- isting solutions and their main technical features. Section 3 Deployment of IPv6 has been delayed even though the stan- presents some discussion about the state of the technologies dard has existed for over ten years and the number of free and section 4 presents the required future work and the final IPv4 addresses is decreasing fast. Some obstacles in deploy- conclusions are drawn in section 5. ment are economic but also technical issues remain. The Internet cannot be converted to IPv6 overnight, thus a transi- tion period is required during which both protocols co-exist 2 Related technologies and work together seamlessly. There is a vast amount of in- teroperability technologies available and this paper presents This section presents the existing IPv6 and IPv4 interop- proposed solutions to operate IPv6-only network segments erability technologies and their technical details. Interop- in cooperation with IPv4-only network segments. erability technologies include techniques which allow use of isolated IPv6 subnets in mostly IPv4 based Internet and KEYWORDS: IPv6, IPv4, interoperability, technology re- all of these technologies are intended to be used only dur- view, qualitative analysis ing the transition period and they should automatically stop working when underlying network infrastructure has imple- mented full IPv6 support. Some of the methods presented 1 Introduction here are implemented only by software while others re- quire additional hardware to function. These two models IP protocol version 4 (IPv4), which is currently used in most are namely “End-host” and “Middlebox” architectures, in parts of the internet, is becoming outdated. -
Ipv6 – from Assessment to Pilot
IPv6 – From Assessment to Pilot James Small CDW Advanced Technology Services Session Objectives State of Things Business Case Plan Design Implement Security & Operations Current Trends Depletion replaced by Growth Population penetration Geoff Huston’s IPv4 Address Report Multiple mobile device penetration The Internet of Things – M2M The Internet of Everything Current Trends Global growth: Penetration doubling every 9 months US penetration: IPv6 Deployment: 24.76% Prefixes: 40.78% Transit AS: 59.48% Content: 47.72% Google’s global IPv6 statistics graph Users: 3.92% Relative Index: 6.2 out of 10 Global IPv6 growth Graphs from Cisco Live Orlando 2013 – PSOSPG 1330 • US Growth/Penetration is Double the Global Rate • Critical mass in US next year (10% penetration) Opinions on Action Gartner – Enterprises must start upgrading their Internet presence to IPv6 now Deloitte – In short, we recommend starting (v6 deployment) now “Starting sooner can give organizations enough lead-time for a deliberate, phased roll-out, while waiting could lead to a costly, risky fire drill.” Roadmap State of things Business Case Plan Design Implement Security & Operations New Trends IPv6-Only Data Centers and Networks (especially mobile ones) on the rise Internet-of-Things – many key protocols are IPv6 only (IPv4 doesn’t have necessary scale) Many new trends are IPv6-Only (e.g. IoT) Smart Factories/Buildings/Cities/Grid Intelligent Transportation System General Business Case 65% of Cisco Enterprise Technology Advisory Board members will have IPv6 web sites by the end of this year (2013) Top drivers for IPv6 BYOD Globalization Internet Evolution/Internet Business Continuity (B2B/B2C) Legal Business Cases Mobile (Tablets/Smartphones) LTE/4G an IPv6 technology Multinational Firms – Europe far down the IPv6 path, where are you compared to your counterparts? Federal – Goal for full IPv6 deployment by 2014 with some trying to eliminate IPv4 by years end (VA) Legal Business Cases IPv6 Critical mass is coming next year (2014) – B2B, B2C, M2M, and other innovation will follow. -
Área De Ingeniería Telemática Dpto. Automática Y Computación Soluciones
Transición a IPv6 Área de Ingeniería Telemática Dpto. Automática y Computación http://www.tlm.unavarra.es/ Soluciones ‣ Doble pila ‣ Dispositivos con IPv4 e IPv6 ‣ Túneles ‣ Comunicar IPv6 a través de zonas IPv4 ‣ Traducción ‣ Comunicar hosts IPv6 con IPv4 IPv6 Dual stack Área de Ingeniería Telemática Dpto. Automática y Computación http://www.tlm.unavarra.es/ Dual stack (Doble pila) ‣ Hosts con pila IPv4 e IPv6 ‣ Las aplicaciones deciden: PF/AF_INET o PF/AF_INET6 ‣ Si manejan direcciones pueden elegir ‣ Si manejan nombres según que devuelva el DNS ‣ RFC para elegir según reglas Dual stack ‣ Primero IPv6 ‣ Primero IPv4? ‣ Elegir según reglas? IPv6 Túneles Área de Ingeniería Telemática Dpto. Automática y Computación http://www.tlm.unavarra.es/ Tunel manual ‣ Cualquier protocolo de VPN/tunnel que soporte IPv6 sobre paquetes IPv4 ‣ Tuneles IPv6 sobre IPv4 (RFC 4213) proto=41 ‣ GRE (RFC 2473) ‣ OpenVPN, socat o similares ‣ … ‣ Túneles estáticos (entre IPs conocidas) ‣ Túneles dinámicos? ‣ De un cliente en cualquier IP a un proveedor? ‣ road-warriors, clientes residenciales con IP dinámica… Tuneles semi-automáticos/dinámicos ‣ Un lado se mantiene conectado a un proveedor ‣ AICCU (Automatic IPv6 Connectivity Client Utility) ‣ Tuneles ‣ 6in4 IPv6 sobre IPv4 ‣ 6in4 con heartbeat (el proveedor deshabilita el túnel si no le llegan heartbeats) ‣ AYIYA (anything in anything) para IPv6 sobre UDP para poder saltar NATs ‣ Tunnel brokers Tunnel broker Túneles automáticos ‣ Configurar tuneles automaticamente para que hosts en islas IPv6 se puedan comunicar -
Security Vulnerabilities of Ipv6 Tunnels
Security Vulnerabilities of IPv6 Tunnels This article talks about novel security vulnerabilities of IPv6 tunnels – an important type of migration mechanisms from IPv4 to IPv6 implemented by all major operating systems and routers. The vulnerabilities allow an attacker to form routing loops which can easily produce DoS attacks. I will describe the principles of the attack and then show how to actually implement it. The vulnerabilities were first presented at Usenix W00T ’09 in a paper I co-authored with Michael Arov. IPv6 background IPv6 is the next generation version of the omnipresent Internet Protocol. It was designed to answer the future exhaustion of the IPv4 address pool. IPv4 address space is 32 bits which translates to just above 4 billion addresses. IPv6 address space is 128 bits. This roughly translates to the entire address space of the IPv4 for every square nanometer on planet earth (a square nanometer is about the size of a molecule!). The IPv6 specification has been released almost 13 years ago, however it has seen little adoption so far since the IPv4 address space hasn’t depleted yet. But this is about to change very soon. ISPs in Asia-Pacific are already unable to request new IPv4 addresses for their customers. In other regions of the world IPv4 address pools are expected to drain within a year or so. So IPv6 is definitely here to stay. Migration to IPv6 using tunnels As one might imagine the migration to IPv6 will be very gradual. Some estimate that IPv4 and IPv6 will co-exist on the Internet for decades. -
Ipv6 at Home
IPv6 at Home Jeremy Duncan 20 November 2014 tachyondynamics.com © Tachyon Dynamics – Confidential 1 11-5-23 Overview • IPv6 and the residential service providers • IPv6 residential deployment scenarios • Hurricane Electric • SixXs • GoGo6 • Tunnel providers to never use • Demo with Hurricane Electric and PFSense © Tachyon Dynamics – Confidential 2 Service Provider Status • Comcast • Verizon FiOS • Cox • Time Warner • Mobile • Anyone else? © Tachyon Dynamics – Confidential 3 Comcast • The largest IPv6 residential deployment in the world to date • Information page: http://www.comcast6.net/ • Provides an extensive set of tools for IPv6 • Can test IPv6 capability: http://test- ipv6.comcast.net/ • Can test IPv6 speed using custom Ookla on native XFINITY speed test site: http://speedtest.comcast.net/ © Tachyon Dynamics – Confidential 4 Comcast © Tachyon Dynamics – Confidential 5 Comcast © Tachyon Dynamics – Confidential 6 Verizon FiOS “Verizon is rolling out IPv6 address space in a "dual stack" mode … The upgrades will start in 2013 and the first phase will include Verizon FiOS customers who have a dynamic IP address. Unless there is a need to enter an IP address directly, these changes will generally be transparent our customers” • Some limited commercial deployments, no residential – very far behind • Virtually no communication – no roadmap © Tachyon Dynamics – Confidential 7 Verizon FiOS Moving to new Greenwave G110 • 802.11ac (1.3 Gbps WiFi), Zigbee, IPv6 © Tachyon Dynamics – Confidential 8 Verizon FiOS ActionTech - MI424WR-GEN3I © Tachyon -
Applicability of the Tunnel Setup Protocol (TSP) for the Hubs and Spokes Problem Draft-Blanchet-V6ops-Tunnelbroker-Tsp-03.Txt
Applicability of the Tunnel Setup Protocol (TSP) for the Hubs and Spokes Problem draft-blanchet-v6ops-tunnelbroker-tsp-03.txt IETF Softwire interim meeting Hong Kong, Feb. 2006 [email protected] [email protected] 1.0 IETF Softwire Interim – February 2006 – Hong Kong ::1 Overview • TSP and softwires requirements – Non-technical • Relation to existing standards and documentation • Document status • Independent implementations • Deployments • Time to market – Technical • NAT traversal and encapsulation types • Nomadicity, address allocation and prefix delegation •Scalability • Multicast •AAA •O&M • Additional benefits – Extensibility – Debugging and to diagnostics – Optimal encapsulation IETF Softwire Interim – February 2006 – Hong Kong ::2 Standards And Documentation • TSP is based on existing standards – Based on the tunnel broker model (RFC3053). – SASL (RFC2222) is used as authentication framework. • Supports SASL anonymous (RFC2245) • Supports Digest-MD5 (RFC2831). – Uses standard v6v4 encapsulation as specified in RFC4213. • Documentation – First published as draft-vg-ngtrans-tsp-00.txt in 2001. – Version 2.0 of the protocol (with NAT traversal) as draft-blanchet-v6ops-tunnelbroker-tsp-00.txt. – Now published as draft-blanchet-v6ops-tunnelbroker-tsp-03.txt. • Status – No issue presently documented concerning the protocol. IETF Softwire Interim – February 2006 – Hong Kong ::3 Implementations • Implemented on diverse client operating systems – Windows, MacOSX, Linux, FreeBSD, OpenBSD, NetBSD, VxWorks. • Manufacturers -
An Ipv4 End of Life Plan a Shared Vision for Ipv6
An IPv4 End of Life Plan A Shared Vision for IPv6 from IETF IntArea with Mark Townsley (tunnels) & Dan Wing (nats) APRICOT / Delhi 2012.02.29 Randy Bush <[email protected]> 2012.02.29 IPv6 Transition Vision 1 Why Has the Transition to IPv6 Been Soooo Slow? 2012.02.29 IPv6 Transition Vision 2 Is it the Vendors? 2012.02.29 IPv6 Transition Vision 3 Is it Lazy Operators, as the IPv6 Idealists Complain? 2012.02.29 IPv6 Transition Vision 4 Is it Lack of Content? 2012.02.29 IPv6 Transition Vision 5 Is it That Applications do not Support IPv6? 2012.02.29 IPv6 Transition Vision 6 Is it CPE? 2012.02.29 IPv6 Transition Vision 7 Is it the End User Host Stack? 2012.02.29 IPv6 Transition Vision 8 Is it Because There Are Only 430 Transition Mechanisms? 2012.02.29 IPv6 Transition Vision 9 Transition Depended on All of Those at the Same Time! a Recipe for Failure 2012.02.29 IPv6 Transition Vision 10 But There is One Much Larger Problem 2012.02.29 IPv6 Transition Vision 11 2012.02.29 IPv6 Transition Vision 12 IPv6 is On the Wire INCOMPATIBLE with IPv4 2012.02.29 IPv6 Transition Vision 13 And it had a New Business Model (remember TLA/NLA) and No Feature Parity with IPv4 2012.02.29 IPv6 Transition Vision 14 It Was Not Transition, It Was a Leap! 2012.02.29 IPv6 Transition Vision 15 How Did This Happen? Arrogance & Operational Cluelessness in the IETF 2012.02.29 IPv6 Transition Vision 16 IPv6 is Incompatible With IPv4 and There Was No Realistic Transition Plan! 2012.02.29 IPv6 Transition Vision 17 But it is Too Late We Have No Alternative We are Out of IPv4 Space -
Ipv6 Transition and Coexistence Ipv6-Only and Ipv4 As-A-Service
IPv6 Transition and Coexistence IPv6-only and IPv4 as-a-Service APNIC46 September, 2018 Noumea, New Caledonia Jordi Palet ([email protected]) - 1 Transition / Co-Existence Techniques • IPv6 has been designed for easing the transition and coexistence with IPv4 • Several strategies have been designed and implemented for coexisting with IPv4 hosts, grouped in three categories: – Dual stack: Simultaneous support for both IPv4 and IPv6 stacks – Tunnels: IPv6 packets encapsulated in IPv4 ones • This has been the commonest choice • Today expect IPv4 packets in IPv6 ones! – Translation: Communication of IPv4-only and IPv6- only. Initially discouraged and only “last resort” (imperfect). Today no other choice! • Expect to use them in combination! - 2 Dual-Stack Approach • When adding IPv6 to a system, do not delete IPv4 – This multi-protocol approach is familiar and well-understood (e.g., for AppleTalk, IPX, etc.) – In the majority of the cases, IPv6 is be bundled with all the OS release, not an extra-cost add-on • Applications (or libraries) choose IP version to use – when initiating, based on DNS response: • if (dest has AAAA record) use IPv6, else use IPv4 – when responding, based on version of initiating packet • This allows indefinite co-existence of IPv4 and IPv6, and gradual app-by-app upgrades to IPv6 usage • A6 record is experimental - 3 Dual-Stack Approach IPv6 IPv6 IPv4 IPv4 Application Application Application Application TCP/UDP TCP/UDP TCP/UDP IPv6 IPv6 IPv4 IPv4 IPv6-only stack Dual-stack (IPv4 & IPv6) IPv4-only stack -
Using 464XLAT in Residential Networks
Using 464XLAT in Residential Networks RIPE 74, Budapest May 2017 Jordi Palet ([email protected]) - 1 Do you know … • We already run out of IPv4? • How you keep deploying Internet access to your residential customers? • Are you using IPv4 to deploy IPv6? – such as tunnel broker, 6RD and so? - 2 Once upon a time … • IETF was considering to solve this problem by more tunneling … • So we build up softwires, which decided to use L2TP, so we could do – IPv6 in IPv4, IPv4 in IPv6 – (as well IPv4 in IPv4 and IPv6 in IPv6 for multicast in unicast) • As a result we have, among others: – DS-Lite – Carrier Grade NAT (AFTR) – lw4o6 - 3 NAT444 Internet Internet IPv6 IPv4 Public IPv4 NAT44 Level 2 AFTR AFTR ISP network Private IPv4 192.168.1.x “plain” IPv6 NAT NAT44 Level 1 NAT v4 v4 v4 v4/v6 10.0.0.x/24 10.0.0.x/24 - 4 DS-Lite Internet Internet IPv6 IPv4 Public IPv4 NAT44 Level 1 AFTR AFTR IPv4-in-IPv6 ISP network tunnel “plain” IPv6 IPv6-only access CPE (B4) CPE (B4) v4 v4 v4 v4/v6 10.0.0.x/24 10.0.0.x/24 - 5 lw4o6 Internet Internet IPv6 IPv4 Public IPv4 lwAFTR lwAFTR IPv4-in-IPv6 ISP network tunnel “plain” IPv6 IPv6-only access NAT44 Level 1 CPE CPE (lwB4) (lwB4) v4 v4 v4 v4/v6 10.0.0.x/24 10.0.0.x/24 - 6 Tunnels per subscribers • DS-Lite/lw4o6 BGP prefixes: Tens AFTR Tunnels: Millions IGP prefixes: Hundreds … BNG routes: Thousands … Subscribers: Millions - 7 CGN breaks … • UPnP-IGD (Universal Plug & Play - Internet Gateway Device protocol) • NAT-PMP (NAT Port Mapping Protocol) • Other NAT Traversal mechs • Security • AJAX (Asyncronous Javascript And XML) • FTP (big files) • BitTorrent/Limewire (seeding – uploading) • On-line gaming • Video streaming (Netflix, Hulu, …) • IP cameras • Tunnels, VPN, IPsec, .. -
Ipv6 User's Guide
Embedding it better... µTasker Document IPv6 uTaskerIPv6.doc/1.01 Copyright © 2012 M.J.Butcher Consulting www.uTasker.com µTasker – Internet Protocol V6 Table of Contents 1. Introduction .....................................................................................................................3 2. Can your PC connect to the IPv6 Internet?.......................................................................4 3. Does your Internet Connection support IPv6? ..................................................................5 4. IPv6 Tunnelling ...............................................................................................................6 5. How 6in4 operates ...........................................................................................................7 6. Tunnel Broker Service and Configuring a Windows Vista PC ....................................... 10 7. Testing Tunnelled IPv6 Connectivity ............................................................................. 12 8. Introducing the 6in4 Relay Agent .................................................................................. 14 9. Installing and Configuring the Relay Agent ................................................................... 17 10. IPv6 Address Space ................................................................................................... 18 11. IPv6 Addresses .......................................................................................................... 19 12. Operating a TCP Server over IPv6 ............................................................................ -
Ipv6 Tunnel Brokers How to Setup an Ipv6 Tunnel Using a Public Tunnel Broker and Windows
IPv6 Tunnel Brokers How to Setup an IPv6 Tunnel Using a Public Tunnel Broker and Windows Matt Ryanczak Network Operations Manager What is an IPv6 Tunnel? • IPv6 encapsulated in another protocol – Usually IPv4 but other protocols work too • Common implementations – 6in4 (RFC3056) – Protocol 41 (RFC2893 & RFC1933) – Anything in Anything (AYIYA) (http://www.sixxs.net/tools/ayiya) IPv6 in IPv4 Tunnel What is a Tunnel Broker? • A provider of IPv6 tunneling services • At least 12 public tunnel brokers • Use various provisioning techniques – Static – Dynamic (via helpers) • Some provide /48s, reverse DNS, BGP • Most are FREE List of Tunnel Brokers Provider Website Region Hurricane Electric http://www.tunnelbroker.net US (Global) SixXS http://www.sixxs.net Europe (Global) Go6 (Hexago) http://www.go6.net Canada (Global) IIJ http://www.iij.ad.jp/en/service/IPv6/ Japan index.html IPv6Now http://www.ipv6now.com.au/ Australia Renater http://tunnel-broker.renater.fr/ France Setting up a Tunnel with Go6 Why Go6? • Easy to setup client for many Oses • Supports clients behind NATs • Provides /48 networks • Support forum 3 Easy Steps 1. Create Account 2. Download and Install Software 3. Run Software Create an Account Create an Account • Enter Your Information • Required Fields: - Name - Username - E-mail - Password You are automatically signed in once you submit the form Download Go6 Client Install Go6 Client Run the Go6 Client Works out of the box if: - You have public IP address - No Filters / Firewalls Notice that: - Configured for anonymous access -
RFC 3053 Ipv6 Tunnel Broker January 2001
Network Working Group A. Durand Request for Comments: 3053 SUN Microsystems, Inc Category: Informational P. Fasano I. Guardini CSELT S.p.A. D. Lento TIM January 2001 IPv6 Tunnel Broker Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2001). All Rights Reserved. Abstract The IPv6 global Internet as of today uses a lot of tunnels over the existing IPv4 infrastructure. Those tunnels are difficult to configure and maintain in a large scale environment. The 6bone has proven that large sites and Internet Service Providers (ISPs) can do it, but this process is too complex for the isolated end user who already has an IPv4 connection and would like to enter the IPv6 world. The motivation for the development of the tunnel broker model is to help early IPv6 adopters to hook up to an existing IPv6 network (e.g., the 6bone) and to get stable, permanent IPv6 addresses and DNS names. The concept of the tunnel broker was first presented at Orlando's IETF in December 1998. Two implementations were demonstrated during the Grenoble IPng & NGtrans interim meeting in February 1999. 1. Introduction The growth of IPv6 networks started mainly using the transport facilities offered by the current Internet. This led to the development of several techniques to manage IPv6 over IPv4 tunnels. At present most of the 6bone network is built using manually configured tunnels over the Internet. The main drawback of this approach is the overwhelming management load for network administrators, who have to perform extensive manual configuration for each tunnel.