DOCSLIB.ORG

Study of Packet Level UDP Performance of NAT44, NAT64 and Ipv6 Using Iperf in the Context of Ipv6 Migration

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Study of Packet Level UDP Performance of NAT44, NAT64 and Ipv6 Using Iperf in the Context of Ipv6 Migration Study of packet level UDP performance of NAT44, NAT64 and IPv6 using iperf in the context of IPv6 migration Vitruvius John D. Barayuga William Emmanuel S. Yu Institute of Computing Studies Department of Information Systems and Computer Science Ilocos Sur Polytechnic State College Ateneo de Manila Univeristy Santa Maria, Ilocos Sur, Philippines Quezon City [email protected] [email protected] Abstract— The Internet Assigned Number Authority (IANA) The initial design specification did not take into account the allocated the last of the available /8's of the IPv4 address space to need for the protocol to handle video-on-demand services, or the Regional Internet Registries (RIR's) on February 2011. It other types of large scale data, also with the advent of mobile could not be denied that IPv6 is the Internet of the next communications, set top boxes that have internet access taking generation, however its utilization and implementation in a wide presence in the home, each device requires an IP address, each scale had brought hesitation to the users since it will take time device requires an IP address. and there are concerns that need to be explored in the future. However, the need for a new technology is not paramount; Hence, this paper will lead the way for the acceptance of Internet the current 30-year-old technology has been modified to Protocol version 6 (IPv6) migration in the Philippines using a coincide with new ideas and ways of working. For a similar Network Address Translation (NAT) that there is an sustainable network to be developed and evolve over the next apparent means to be taken into consideration and NAT IPv6 to IPv4 (NAT64) can be a good choice for computer networks with few years a seamless migration over to IPv6 needs to be made. the similar situation like the Philippines which is behind NAT44, It would be foolish to believe that this could be done overnight showing service providers and institutions in putting NAT64 as a in the infrastructure of the Internet along with the associated viable option to be used. Therefore it is concluded, where overall cost of upgrading hardware and software [2]. IPv6 was performance revealed that IPv6 and NAT64 network offered developed to solve the problem of IPv4 depletion. The question better performance against the NAT44 network in almost all of is, are we ready to replace the dotted decimal IP to a new the metrics in the iperf generic UDP mode test. For time transfer, address scheme? Aside from the evident change in addressing IPv6 had 19% less and NAT64 with 31% less where both scheme, the change will not be felt by normal user, this burden executed the transfer in a lesser time compared to NAT44 will fall upon network engineers and administrators. But the networks with 48% which is longer than the results of the change are even better, aside from limitless address space (32- aforementioned networks. In the bandwidth utilization, it is bit address to 128 bit address). presented that IPv6 network had 43% and NAT64 network with This paper aims to embolden NAT44 networks to take the 41% offered better bandwidth utilization as compared to NAT44 challenge or even taking the small step to prepare and switch to network with 15%. IPv6 network had 49% showed faster IPv6 by considering the idea of using NAT64 as a suitable transfer rate along with NAT64 network with 39% in transition mechanism to take the place of the current NAT44 comparison to the NAT44 network with only 10% transfer. For networks. The need of the hour has now come, it is to enable jitter, IPv6 network had lesser average with 28% and so with IPv6 capabilities on all existing networks. NAT64 network with 31% compared to NAT44 with 40% jitter which is a quite bigger than the other experimental networks. II. RELATED WORK For packet loss, IPv6 network had 26% and NAT64 network This section contains literature and studies, reviewed by the with 33% compared to NAT44 network that had 40% bigger than the other experimental networks. researcher, which have been found relevant to this paper. The discussion focuses on IPv4 Depletion, IPv6 Migration Keywords—IPv6 migration, NAT44, NAT64, IPv6 transition Techniques as well as pertinent information that could be mechanism useful in the experimental network environments. I. INTRODUCTION A. IPv4 Depletion IPv4 has been the networking protocol of the Internet since The IPv4 depletion is now at hand. IANA has just recently the 1970s. The 32-bit protocol which provides 4.3 billion allocated the last five /8 blocks of unassigned IPv4 addresses to the world’s five RIR’s [1]. Some networks are still hiding unique IP addresses for the Internet users for more than 30 inside NAT. It has been and still present in many networks in years is nearing its expiration date. Hidden from the view of the Philippines, though it has lengthened the life of IPv4 for typical users, every Internet communication relies on an several year, but is not actually the solution. This is where IPv6 underlying system of numbers to identify data sources and comes to action, the next generation internet protocol to replace destinations. Users typically specify online destinations by IPv4. This research came about to show a clear path to IPv6 entering domain names (e.g. "congress.gov"). But the migration. The use of IPv4 has changed dramatically over the Internet's routers forward data according to numeric IP last 30 years, and the protocol was never designed to deal with addresses (e.g. 140.147.249.9). To date, the Internet has the stress and strains it has to endure over the last few years. enjoyed an ample supply of "IPv4" IP addresses, but demand Manuscript received July 15, 2014; acceptance August 27, 2014. This work was supported in part by the Commission on Higher Education of the Philippines and the University of the Cordilleras, Baguio City, Philippines. 978-1-4799-6541-0/14/$31.00 ©2014 IEEE is substantial and growing. Current allocation rates suggest performance comparison regarding latency and packet loss, IPv4 exhaustion by approximately 2011 [3]. been discussed in [11]. IPv6 addresses inherent problems in the earlier version protocol and it provides new opportunities B. IPv6 Migration Techniques too. However, due to the increased overhead in IPv6 and its This section contains review of the papers and articles that interaction with the operating system that hosts this are relevant to IPv6. The following gave more than the basic communication protocol, there may be network performance information needed about the next generation protocol and the issues such as bandwidth and jitter performance comparison migration strategies currently available. A more detailed which was discussed in [12]. As discussed from the paper by account on what companies should do in preparation for IPv6 Llanto [13], the study was done through live laboratory migration was suggested in the article by Steve Harris [4]. network tests using NAT44, NAT64 and IPv6 technologies to These strategies are divided into three (3) types namely: 1) show that NAT64s performance is comparable to current Dual-stack mechanisms; 2) Tunneling techniques and 3) NAT44 networks with application testing on HTPP requests Translation techniques. scenario using apachebench which is a Hypertext Transfer The migration of IPv6 had not gone well as planned not Protocol (HTTP) server benchmarking tool. only within the Philippines but on several countries using On other hand, this study focused on the experimental NAT44 as well. There are lots of networks which are still network tests using NAT44, NAT64 and IPv6 technologies to using IPv4 and have not made any move to switch to IPv6. In show that NAT64 performance is comparable to current order to boost IPv6 adoption, NAT for IPv6 has been taken NAT44 networks through a load test scenario for the generic into consideration so that IPv4 and IPv6 networks can be UDP traffic by the use of iperf including factors on time connected. Several of these NAT solutions have been transfer, bandwidth, transfer rate, jitter and packet loss using proposed and these are discussed in [5]. different sets of payload size and concurrency level. Some of the most popular research topics over the past years was using NAT-PT for IPv6. An implementation of a III. METHODOLOGY NAT-PT gateway for IPv6 and IPv4 is discussed in [6] and a The purpose of this paper is to encourage other NAT44 research on how to design and realize the translation gateway networks to move to IPv6 using a possible option which is based on NAT-PT technology in detail, it compares various NAT64. In order to accomplish the paper, an experimental current transition technologies and points out that NAT-PT network had been done. Prior to the experimental networks technology is a more feasible project to carry out the transition using NAT44, NAT64 and native IPv6 had been configured to from IPv4 network to IPv6 network on the present stage [7]. test the viability of the research. Llano [13] mentioned in this paper that the Philippines and A. Procedures other market dependent and behind NAT would consider The following experimental network set-ups were created: NAT64 as a viable option to implement IPv6 within current NAT44, native IPv6 and NAT64. To evaluate the NAT44 networks as the start of the adjustment in accepting experimental networks iperf was used in the generic UDP the next generation of the internet protocol which is IPv6. mode. Each of the NAT44, NAT64 and IPV6 network was This paper used NAT64, which is another NAT translation executed in load test scenario with payload of 100 MB, 500 mechanism for IPv6 which allows IPv6 clients to get MB and 1000 MB sent to the server along concurrency levels connected to IPv4 servers.
Load more

Recommended publications
  • Ipv6 Security: Myths & Legends
    IPv6 security: myths & legends Paul Ebersman – [email protected] 21 Apr 2015 NANOG on the Road – Boston So many new security issues with IPv6! Or are there… IPv6 Security issues • Same problem, different name • A few myths & misconceptions • Actual new issues • FUD (Fear Uncertainty & Doubt) Round up the usual suspects! Remember these? • ARP cache poisoning • P2p ping pong attacks • Rogue DHCP ARP cache poisoning • Bad guy broadcasts fake ARP • Hosts on subnet put bad entry in ARP Cache • Result: MiM or DOS Ping pong attack • P2P link with subnet > /31 • Bad buy sends packet for addr in subnet but not one of two routers • Result: Link clogs with routers sending packet back and forth Rogue DHCP • Client broadcasts DHCP request • Bad guy sends DHCP offer w/his “bad” router as default GW • Client now sends all traffic to bad GW • Result: MiM or DOS Look similar? • Neighbor cache corruption • P2p ping pong attacks • Rogue DHCP + rogue RA Solutions? • Lock down local wire • /127s for p2p links (RFC 6164) • RA Guard (RFC 6105) And now for something completely different! So what is new? • Extension header chains • Packet/Header fragmentation • Predictable fragment headers • Atomic fragments The IPv4 Packet 14 The IPv6 Packet 15 Fragmentation • Minimum 1280 bytes • Only source host can fragment • Destination must get all fragments • What happens if someone plays with fragments? IPv6 Extension Header Chains • No limit on length • Deep packet inspection bogs down • Confuses stateless firewalls • Fragments a problem • draft-ietf-6man-oversized-header-chain-09
    [Show full text]
  • Guidelines for the Secure Deployment of Ipv6
    Special Publication 800-119 Guidelines for the Secure Deployment of IPv6 Recommendations of the National Institute of Standards and Technology Sheila Frankel Richard Graveman John Pearce Mark Rooks NIST Special Publication 800-119 Guidelines for the Secure Deployment of IPv6 Recommendations of the National Institute of Standards and Technology Sheila Frankel Richard Graveman John Pearce Mark Rooks C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 December 2010 U.S. Department of Commerce Gary Locke, Secretary National Institute of Standards and Technology Dr. Patrick D. Gallagher, Director GUIDELINES FOR THE SECURE DEPLOYMENT OF IPV6 Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems. This Special Publication 800-series reports on ITL’s research, guidance, and outreach efforts in computer security and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-119 Natl. Inst. Stand. Technol. Spec. Publ. 800-119, 188 pages (Dec. 2010) Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experimental procedure or concept adequately.
    [Show full text]
  • Ipv6, the DNS and Big Packets
    IPv6, the DNS and Big Packets Geoff Huston, APNIC The IPv6 Timeline… 2010 1990 2000 2020 The IPv6 Timeline… Yes, we’ve been working on this for close to 30 years! 2010 1990 2000 2020 The IPv6 Timeline… Yes, we’ve been working on this for close to 30 years! 2010 1990 2000 2020 In-situ transition… In-situ transition… Phase 1 – Early Deployment IPv4 Internet Edge Dual -Stack Networks IPv6 networks interconnect by IPv6-over-IPv4 tunnels In-situ transition… Phase 2 – Dual Stack Deployment Transit Dual-Stack Networks Edge Dual-Stack Networks IPv6 networks interconnect by Dual Stack transit paths In-situ transition… Phase 3 – IPv4 Sunset IPv6 Internet Edge Dual Stack Networks IPv4 networks interconnect by IPv4-over-IPv6 tunnels We are currently in Phase 2 of this transition Some 15% - 20% of Internet users have IPv6 capability Most new IP deployments use IPv6+ (NATTED) IPv4 IPv4-only Legacy networks are being (gradually) migrated to dual stack The Map of IPv6 penetration – August 2017 The Map of IPv6 penetration – August 2017 We are currently in Phase 2 of this transition Some 15% of Internet users have IPv6 capability Most new IP deployments use IPv6 IPv4-only Legacy networks are being (gradually) migrated to dual stack Today We appear to be in the middle of the transition! Dual Stack networks use apps that prefer to use a IPv6 connection over an IPv4 connection when both are available (*) This implies that the higher the IPv6 deployment numbers the less the level of use of V4 connection, and the lower the pressure on the NAT binding clients * Couple of problems with this: This preference is often relative, and in the quest for ever faster connections the ante keeps rising – Apple is now pressing for a 50ms differential.
    [Show full text]
  • Ipv6 Addressing and Basic Connectivity Configuration Guide Cisco IOS Release 15.1SG
    IPv6 Addressing and Basic Connectivity Configuration Guide Cisco IOS Release 15.1SG Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
    [Show full text]
  • Ipv6: the Next Generation Internet Protocol 2
    GENERAL I ARTICLE IPv6: The Next Generation Internet Protocol 2. New Features in IPv6 Harsha Srinath IPv4, the workhorse protocol of the currently popular TePI IP protocol suite, is fast becoming obsolete. The exponen­ tial growth of the Internet is the main reason that has required the creation of the next generation of Internet Protocol-IPv6. IPv6 is ~uch more flexible and promises to take care of the address space and security issues in the Harsha Srinath is currently pursuing his MS foreseeable future. degree in Computer Science at the Center for In this part we explain the new features introduced in the Advanced Computer emerging Internet Protocol standard and why they have Studies (CACS) in been introduced. University of Louisiana at Lafayette, USA. His Birth of IPv6 research interests include networking with an As mentioned in Part 11 of the paper, the growth of the global emphasis on wireless Internet was exponential since its inception in the 1980's. The networks, distributed databases and data designers of this Internet Protocol (lPv4) never envisioned the mining. scale of the Internet, nor could they imagine its potential for growth. Unfortunately, this unprecedented growth apart from benefiting millions of users was not without ill consequences. It posed a potential threat that a day might come when virtually all Part 1, IPv4 and its shortcom­ IP address are exhausted. Further, with increasing monetary ings, Resonance, Vol.8, NO.3, pp.33-41,2003. transactions being done using the Internet, there was a need for more security features in the Internet Protocol. A development of a potential solution for this problem began during the late 1990s;The creation of a new version of the Internet Protocol, IPv6, the next-generation Internet Protocol (IPng), was approved by the Internet Engineering Steering Keywords Group on November 17, 1994 as a proposed standard.
    [Show full text]
  • ICMP for Ipv6
    ICMP for IPv6 ICMP in IPv6 functions the same as ICMP in IPv4. ICMP for IPv6 generates error messages, such as ICMP destination unreachable messages, and informational messages, such as ICMP echo request and reply messages. • Information About ICMP for IPv6, on page 1 • Additional References for IPv6 Neighbor Discovery Multicast Suppress, on page 3 Information About ICMP for IPv6 ICMP for IPv6 Internet Control Message Protocol (ICMP) in IPv6 functions the same as ICMP in IPv4. ICMP generates error messages, such as ICMP destination unreachable messages, and informational messages, such as ICMP echo request and reply messages. Additionally, ICMP packets in IPv6 are used in the IPv6 neighbor discovery process, path MTU discovery, and the Multicast Listener Discovery (MLD) protocol for IPv6. MLD is used by IPv6 devices to discover multicast listeners (nodes that want to receive multicast packets destined for specific multicast addresses) on directly attached links. MLD is based on version 2 of the Internet Group Management Protocol (IGMP) for IPv4. A value of 58 in the Next Header field of the basic IPv6 packet header identifies an IPv6 ICMP packet. ICMP packets in IPv6 are like a transport-layer packet in the sense that the ICMP packet follows all the extension headers and is the last piece of information in the IPv6 packet. Within IPv6 ICMP packets, the ICMPv6 Type and ICMPv6 Code fields identify IPv6 ICMP packet specifics, such as the ICMP message type. The value in the Checksum field is derived (computed by the sender and checked by the receiver) from the fields in the IPv6 ICMP packet and the IPv6 pseudoheader.
    [Show full text]
  • Empirical Analysis of Ipv4 and Ipv6 Networks Through Dual-Stack Sites
    information Article Empirical Analysis of IPv4 and IPv6 Networks through Dual-Stack Sites Kwun-Hung Li and Kin-Yeung Wong * School of Science and Technology, The Open University of Hong Kong, Hong Kong, China; [email protected] * Correspondence: [email protected] Abstract: IPv6 is the most recent version of the Internet Protocol (IP), which can solve the problem of IPv4 address exhaustion and allow the growth of the Internet (particularly in the era of the Internet of Things). IPv6 networks have been deployed for more than a decade, and the deployment is still growing every year. This empirical study was conducted from the perspective of end users to evaluate IPv6 and IPv4 performance by sending probing traffic to 1792 dual-stack sites around the world. Connectivity, packet loss, hop count, round-trip time (RTT), and throughput were used as performance metrics. The results show that, compared with IPv4, IPv6 has better connectivity, lower packet loss, and similar hop count. However, compared with IPv4, it has higher latency and lower throughput. We compared our results with previous studies conducted in 2004, 2007, and 2014 to investigate the improvement of IPv6 networks. The results of the past 16 years have shown that the connectivity of IPv6 has increased by 1–4%, and the IPv6 RTT (194.85 ms) has been greatly reduced, but it is still longer than IPv4 (163.72 ms). The throughput of IPv6 is still lower than that of IPv4. Keywords: IPv6; IPv4; network performance; Internet; IoT Citation: Li, K.-H.; Wong, K.-Y. Empirical Analysis of IPv4 and IPv6 1.
    [Show full text]
  • Ipv6 Tunneling Over an Ipv4 Network
    IPv6 Tunneling Over an IPv4 Network James M. Moscola, David Lim, Alan Tetley Department of Computer Science Washington University Campus Box 1045 One Brookings Drive Saint Louis, MO 63130 December 13, 2001 Abstract Due to the growth of the internet, the current address space provided provided by IPv4, with only 4; 294; 967; 296 addresses, has proven to be inadequate. Because of IPv4’s shortcomings, a new protocol, IPv6, has been created to take its place. This new protocol, using its 128-bit address scheme (thats 7x1023 addresses per square meter of earth!), should provide enough addresses for everyone’s computer, refrigerator and their toaster to have a connection to the internet. To help facilitate the movement from an IPv6 internet to an IPv4 internet we have created a module for the the Field Programmable Port Extender (FPX) in accordance with RFC1933. This module allows IPv6 packets coming from an IPv6 network to be packed into IPv4 packets, tunneled through an IPv4 network and then unpacked at the other end of the tunnel before reentering an IPv6 network. This approach to incorporating the new IPv6 specification allows a progressive changeover of networks from IPv4 to the newer IPv6. The current implementation runs at 80 MHz. 1 1 Introduction Due to the growth of the internet, the current address space provided by IPv4, with only 4; 294; 967; 296 addresses, has proven to be inadequate. A new protocol, IPv6 [1], has been developed and promises to facilitate the continual growth of the internet community. IPv6 is capable of offering 2128 internet addresses which amounts to approximately 340 trillion trillion trillion addresses (no that is not a typo, it is truly 340 trillion3).
    [Show full text]
  • Mobile IP Constraints
    EvolutionEvolution ofof thethe InternetInternet CoreCore andand EdgeEdge IPIP WirelessWireless NetworkingNetworking USENIX Annual Technical Conference June 28, 2001 Boston, MA JimJim BoundBound PrinciplePrinciple MemberMember ofof TechnicalTechnical StaffStaff [email protected]@compaq.comom CharlieCharlie PerkinsPerkins NokiaNokia FellowFellow charliepcharliep@@iprgiprg..nokianokia.com.com 1 DiscussionDiscussion § Internet and Current Wireline IP Evolution § Wireless Evolution § IPv6 Evolution § Mobile IP Evolution § The Future: Wireless and Wireline Integrated 2 Internet and Current Wireline IP Evolution 3 InternetInternet CoreCore andand EdgeEdge Edge Communications Core Communications 4 InternetInternet AccessAccess PointPoint End User Wireline Internet Edge and Core Internet Services Workstation Workstation Workstation Access Points Access Points Wireless IP SS7 IP Gateway Gateway Comm. Tower Comm. Tower Comm. Tower 5 End User Wireless End User Telephony InternetInternet CharacterizationCharacterization TodayToday § Virtual Private Networks – Tunnels – Private Addresses – Secure at Edge or Access Only § Network Address Translation (NAT) Required § End-2-End Model is Lost § Try getting a Globally Routable IPv4 Address in Europe or Asia; or a set of them for your business !!! § These are not optimal conditions for the evolution of the Internet 6 InternetInternet engineersengineers areare workingworking onon itit !!!!!! § The Next Generation Internet Protocol is IPv6 and will restore the End-2-End model of the Internet § 2.5G
    [Show full text]
  • Fortios™ Handbook - Ipv6
    IPv6 FortiOS™ Handbook - IPv6 5.6.3 FORTINET DOCUMENT LIBRARY http://docs.fortinet.com FORTINET VIDEO GUIDE http://video.fortinet.com FORTINET BLOG https://blog.fortinet.com CUSTOMER SERVICE & SUPPORT https://support.fortinet.com http://cookbook.fortinet.com/how-to-work-with-fortinet-support/ FORTIGATE COOKBOOK http://cookbook.fortinet.com FORTINET TRAINING SERVICES http://www.fortinet.com/training FORTIGUARD CENTER http://www.fortiguard.com FORTICAST http://forticast.fortinet.com END USER LICENSE AGREEMENT http://www.fortinet.com/doc/legal/EULA.pdf FORTINET PRIVACY POLICY https://www.fortinet.com/corporate/about-us/privacy.html FEEDBACK Email: [email protected] Wednesday, January 24, 2018 FortiOS™ Handbook - IPv6 01-560-112805-20180124 TABLE OF CONTENTS Change Log 5 Introduction 6 IPv6 packet structure 7 Jumbograms and jumbo payloads 7 Fragmentation and reassembly 7 Benefits of IPv6 7 What's new for IPv6 in FortiOS 5.6 8 IPv6 (5.6.3) 8 IPv6 RADIUS support (402437, 439773) 8 Added support for IPv6 Fortisandbox (424290) (447153) 8 IPv6 captive portal support (435435) 8 FortiGate can reply to an anycast probe from the interface’s unicast address (308872) 8 Secure Neighbor Discovery (355946) 8 Add multicast-PMTU to allow FGT to send ICMPv6 Too Big Message (373396) 10 IPv6 Features 11 IPv6 policies 11 IPv6 policy routing 12 IPv6 security policies 13 IPv6 explicit web proxy 14 VIP64 15 IPv6 Network Address Translation 20 NAT64 and DNS64 (DNS proxy) 20 NAT66 23 NAT64 and NAT66 session failover 25 NAT46 25 ICMPv6 26 ICMPv6 Types and Codes
    [Show full text]
  • Ipv6 on HP E- SERIES WIRELESS NETWORKING DEVICES
    IPv6 ON HP E- SERIES WIRELESS NETWORKING DEVICES A Project Presented to the faculty of the Department of Electrical and Electronics Engineering California State University, Sacramento Submitted in partial satisfaction of the requirements for the degree of MASTER OF SCIENCE in Electrical and Electronics Engineering by Vaishnavi Venkataramanan SPRING 2013 © 2013 Vaishnavi Venkataramanan ALL RIGHTS RESERVED ii IPv6 ON HP E- SERIES WIRELESS NETWORKING DEVICES A Project by Vaishnavi Venkataramanan Approved by: __________________________________, Committee Chair Dr. Suresh Vadhva __________________________________, Second Reader Mehul Pandya ____________________________ Date iii Student: Vaishnavi Venkataramanan I certify that this student has met the requirements for format contained in the University format manual, and that this project is suitable for shelving in the Library and credit is to be awarded for the project. __________________________, Graduate Coordinator ___________________ Dr. Preetham Kumar Date Department of Electrical and Electronics Engineering iv Abstract of IPv6 ON HP E-SERIES WIRELESS NETWORKING DEVICES by Vaishnavi Venkataramanan World today is incomplete without being able to be connected to the internet enabling people from different parts of the world to connect with one and another. This is all made possible with the growing networking technology especially to mention the wireless technology where internet is at one’s service no matter where one is present across the globe anywhere. Wireless networking enables easy and faster access to the internet wirelessly and proving greater amount of security and flexibility of roaming. Earlier it was just one computer in one house, but presently every home has at least 3 computers. The increasing use of computers is very high.
    [Show full text]
  • Efficient Ipv6 Neighbor Discovery in Wireless Environment
    Dragos Neagoe & Antonios Pateas Efficient IPv6 Neighbor Discovery in Wireless Environment Master’s Thesis Efficient IPv6 Neighbor Discovery in Wireless Environment Dragos Neagoe Antonios Pateas Series of Master’s theses Department of Electrical and Information Technology LU/LTH-EIT 2016-550 http://www.eit.lth.se Department of Electrical and Information Technology, Faculty of Engineering, LTH, Lund University, 2016. “main” — 2016/11/20 — 14:43 — page 1 — #1 Efficient IPv6 Neighbor Discovery in Wireless Environment Dragoş Neagoe & Antonios Pateas [email protected] & [email protected] Department of Electrical and Information Technology Lund University Advisors: Jens A Andersson (EIT LTH) Stefan Höst (EIT LTH) Samita Chakrabarti (Ericsson AB, San Jose) Jaume Rius I Riu (Ericsson AB, Stockholm) Examiner: Maria Kihl (EIT LTH) November 20, 2016 “main” — 2016/11/20 — 14:43 — page 2 — #2 Printed in Sweden E-huset, Lund, 2016 “main” — 2016/11/20 — 14:43 — page i — #3 Abstract As the address space of IPv4 is being depleted with the development of IoT (Inter- net Of Things), there is an increasing need for permanent transition to the IPv6 protocol as soon as possible. Nowadays, many 3GPP (3rd Generation Partnership Project) Networks have implemented or will implement IPv6 in the near future for Internet access. These networks will also use NDP (Neighbor Discovery Pro- tocol), which is the IPv6 tailored version of ARP (Address Resolution Protocol). The protocol is responsible for address auto-configuration, maintaining lists of all neighbors connected to a network, verifying if they are still reachable, managing prefixes and duplicate address detection. The protocol is defined in RFC 4861 and although it works fine for wired connected devices, it has been proven highly inefficient in terms of battery lifetime saving, when wireless networks came to the market and its use increased tremendously.
    [Show full text]