DOCSLIB.ORG

Ipv6 Enabling CIFS/SMB Applications

Ipv6 Enabling CIFS/SMB Applications

IPv6 Enabling CIFS/SMB Applications 2010 Storage Developers Conference Santa Clara Dr David Holder CEng FIET MIEEE [email protected] http://www.erion.co.uk © Erion Ltd 2010 - All rights reserved Background – Erion David Holder Over twelve years in IPv6 Over twenty years Windows networking Author Erion Director IPv6 enabling Samba Erion Ltd Over twelve years providing IPv6 training and consultancy World’s leading IPv6 training company © Erion Ltd 2010 - All rights reserved BACK GROUND AND HISTORY © Erion Ltd 2010 - All rights reserved Why is IPv6 so Important Now? Ubiquitous support for IPv6 IPv4 addresses are finally running out Widespread mandates for IPv6 Default on Windows Server 2008 & Windows 7 Default on Linux and Unix You may be using IPv6 and don’t know it! © Erion Ltd 2010 - All rights reserved IPv6 and Windows Networking NetBIOS cannot be IPv6 enabled Windows Networking Raw SMB over IPv6 works Pre Active Directory (NT etc) Port Protocol Description NetBIOS 137 UDP NBT Name Service NBT WINS 137 TCP NBT Name Service NetBIOS 138 UDP Datagram service Over TCP/IP (NBT) SMB 138 TCP Unused 139 UDP Unused IPv4 Specific IPv4 Active Directory 139 TCP Session Service DNS 445 TCP Raw SMB over TCP/IP LDAP CLDAP Kerberos Active Directory: DNS, LDAP, Active Directory SMB/CIFS CLDAP, Kerberos, SMB/CIFS can operate over IPv6 NOTE: Active Directory is more than the sum of the individual protocols © Erion Ltd 2010 - All rights reserved History of Windows and IPv6 Windows Server 2008 Fully Integrated IPv6 Fully Integrated IPv6 Stack and Functionality Services Windows Vista Windows 7 SP1 Production Production Stack + Firewall Stack & IPv6 Teredo and Windows 2003 Components CIFS Peer to Peer Works! Advanced Networking Pack SP2 Production + Firewall Stack + Teredo Peer Firewall to Peer Teredo and Windows XP SP1 Peer to Peer Developer Production Preview & Stack & Components Components Microsoft Research Technology Stack Preview Windows 2000 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 © Erion Ltd 2010 - All rights reserved Windows Networking & IPv6 IPv4 IPv6 NBT/NetBIOS Yes No WINS Yes No NT Domains Yes No SMB/CIFS Windows XP Yes Yes File Sharing Windows 2003 Yes Yes Active Directory Windows Vista Yes Yes Including file sharing and everything… Windows 7 Yes Yes Windows Server 2008 Yes Yes © Erion Ltd 2010 - All rights reserved History of Samba and IPv6 Vista and Windows Windows with Server 2008 Production support for IPv6 Stack & CIFS and AD Components over IPv6 Early versions: IPv6 name resolution CIFS Linux Client possible with Erion Patch IPv6 Support Works IPv6 support possible with Erion Patch Samba 4 Samba 3.2 IPv6 Support Added Samba 3 No IPv6 support (pre 3.2) (IPv6 support will IPv6 Patch Samba 2.2 Not be added) Not Recommended (historic version) 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 © Erion Ltd 2010 - All rights reserved IPv6 PROGRAMMING © Erion Ltd 2010 - All rights reserved History of IPv6 Socket API API Changes RFC 2292 RFC 3542 Advanced Advanced Sockets Sockets API for API for IPv6 IPv6 Definitive Networking IEEE Std. Services 1003.1-2001 Standards (XNS) 5.2 The Open ISO/IEC Group 9945:2002 RFC 2133 RFC 2553 RFC 3493 Work started Basic Basic Basic on API in IPng Socket Socket Socket Working Extensions Extensions Extensions Group For IPv6 For IPv6 For IPv6 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 © Erion Ltd 2010 - All rights reserved Socket API IPv4 vs IPv6 (1) IPv4 IPv6 Socket API Socket API Protocol Independent Name Resolution No Yes Protocol Independent Address Structure No Yes Supports IPv4 & IPv6 Protocols No Yes Supports IPv4 & IPv6 Applications No Yes Source & binary compatibility for IPv4 Apps Yes it is IPv4! Yes Protocol Independent Interface Identification No Yes Thread safe Depends… Yes © Erion Ltd 2010 - All rights reserved Socket API IPv4 vs IPv6 (2) IPv4 only Dual IPv6 & IPv4 Protocol Family PF_INET PF_INET6 Address Family AF_INET AF_INET6 Socket Address Structure sockaddr_in sockaddr_in6 Generic Address Structure sockaddr_storage IP Address Structure in_addr in_addr6 Resolve Name to Address gethostbyname getaddrinfo Resolve Address to Name gethostbyaddr getnameinfo Text to Binary Conversion inet_aton inet_pton Binary to Text Conversion inet_ntoa inet_ntop © Erion Ltd 2010 - All rights reserved Dual Stack and IPv6 API New socket API explicitly dual stack only New API supports both IPv6 and IPv4 IPv6 applications can also be IPv4 applications IPv6 Application IPv4 Application (supports IPv4) IPv4 Socket IPv4 API is subset IPv6 Socket API API of Transport (TCP/UDP) IPv6 socket library IPv6 IPv4 Stack Stack IPv6 DataLink IPv4 IPv6 Host IPv4 Host © Erion Ltd 2010 - All rights reserved Creating a Socket Creating an IPv4 socket socket(PF_INET, SOCK_STREAM, 0); /* TCP socket */ socket(PF_INET, SOCK_DGRAM, 0); /* UDP socket */ Creating an IPv6 (or IPv4) socket socket(PF_INET6, SOCK_STREAM, 0); /* TCP socket */ socket(PF_INET6, SOCK_DGRAM, 0); /* UDP socket */ © Erion Ltd 2010 - All rights reserved Passing Addresses to API IPv4 Code struct sockaddr_in addr; socklen_t addrlen = sizeof(addr); /* Put an IPv4 address in addr structure */ bind(sockfd,(struct sockaddr *)&addr, addrlen); IPv6 Code struct sockaddr_in6 addr; socklen_t addrlen = sizeof(addr); IPv6 & IPv4 /* Put an IPv6 address in addr structure */ bind(sockfd,(struct sockaddr *)&addr, addrlen); Portable Code struct sockaddr_storage addr; socklen_t addrlen = sizeof(addr); IPv6 & IPv4 /* Put an IPv4 or IPv6 address in addr structure and set addrlen */ bind(sockfd,(struct sockaddr *)&addr, addrlen); © Erion Ltd 2010 - All rights reserved Passing Addresses to Application IPv4 Code struct sockaddr_in addr; socklen_t addrlen = sizeof(addr); accept(sockfd,(struct sockaddr *)&addr, &addrlen); IPv6 Code struct sockaddr_in6 addr; socklen_t addrlen = sizeof(addr); IPv6 & IPv4 accept(sockfd,(struct sockaddr *)&addr, &addrlen); Portable Code struct sockaddr_storage addr; socklen_t addrlen = sizeof(addr); IPv6 & IPv4 accept(sockfd,(struct sockaddr *)&addr, &addrlen); © Erion Ltd 2010 - All rights reserved Dual Stack and IPv6 API (1) sockaddr_in6 or sockaddr_storage sockaddr_in6 or sockaddr_storage IPv6 Socket IPv6 Application IPv6 Socket SRC = 3000::1 SRC = ::FFFF:192.168.1.2 DST = 3000::2 DST = ::FFFF:192.168.1.3 IPv4-mapped IPv6 addresses IPv6 Socket API Transport (TCP/UDP) ::FFFF:192.168.1.2 IPv4 IPv6 IPv4 Stack Stack 3000::1 192.168.1.2 DataLink IPv6 Host IPv4 Host 3000::2 192.168.1.3 IPv6 Socket IPv4 Socket SRC = 3000::2 SRC = 192.168.1.3 DST = 3000::1 DST = 192.168.1.2 © Erion Ltd 2010 - All rights reserved Dual Stack and IPv6 API (2) sockaddr_in6 or sockaddr_storage sockaddr_in or sockaddr_storage IPv6 Socket IPv6 Application IPv4 Socket SRC = 3000::1 SRC = 192.168.1.2 DST = 3000::2 DST = 192.168.1.3 IPv6 Socket API Transport (TCP/UDP) ::FFFF:192.168.1.2 IPv4 IPv6 IPv4 Stack Stack 3000::1 192.168.1.2 DataLink IPv6 Host IPv4 Host 3000::2 192.168.1.3 IPv6 Socket IPv4 Socket SRC = 3000::2 SRC = 192.168.1.3 DST = 3000::1 DST = 192.168.1.2 © Erion Ltd 2010 - All rights reserved Address Conversion Conversion from binary representation to textual and vice versa IPv4 Code To Binary int inet_aton (const char *cp, struct in_addr *inp); in_addr_t inet_addr( const char *cp); To Text char *inet_ntoa(struct in_addr in); IPv6 Code To Binary int inet_pton(int family, const char *src, void *dst); const char *inet_ntop(int family, const void *src, To Text char *dst, size_t cnt); These functions are not protocol independent and should be avoided – if possible! Use getaddrinfo() and getnameinfo() © Erion Ltd 2010 - All rights reserved Textual Address Formats (1) Global and Link Local addresses Prefix obscured for slide Global Addresses Link local Addresses Note: Windows Server 2008 IPv6 Address dialog box is not (hex separated by colons) wide enough for IPv6 addresses! Interface ID (Number or name) IPv6 interfaces have unique interface ID and name # smbclient -L //fe80::9416:bd6b:8d9c:7490%eth0 -U Administrator IPv4-mapped IPv6 addresses ::ffff:192.168.1.1 © Erion Ltd 2010 - All rights reserved Textual Address Formats (2) URLs, URIs and UNCs Use IPv6 in square brackets in URIs and URLs [3000:0:20:0:3de2:17ca:d07d:5f10] Not in UNCs (use ipv6-literal.net. names instead) 3000-0-20-0-3de2-17ca-d07d-5f10.ipv6-literal.net. © Erion Ltd 2010 - All rights reserved Name Resolution API has evolved over time Use getaddrinfo() and getnameinfo() Protocol independent Thread safe (some other functions are not) Don’t use getipnodebyname() or getipnodebyaddr() DNS Resolver NIS LDAP etc… © Erion Ltd 2010 - All rights reserved Windows IPv6 Name Resolution Options NetBIOS name resolution IPv4 Only WINS IPv4 Only Hosts file IPv4 and IPv6 Link-local Multicast Name IPv4 and IPv6 Resolution (LLMNR) Note: Windows Only DNS IPv4 and IPv6 Literal Addresses IPv4 and IPv6 Linux/Unix NSS module © Erion Ltd 2010 - All rights reserved Literal Addresses In UNCs can use ipv6-literal.net. names 2045-5249-4f4e--1.ipv6-literal.net Literal DNS name converts to IPv6 addresses Hyphens replace colons in domain name s indicates interface (replaces %) NSS module nss-ipv6literal provides this on Linux/Unix © Erion Ltd 2010 - All rights reserved Link-local Multicast Name Resolution (LLMNR) Performs name resolution without DNS DNS over multicast (not mDNS) Works for IPv4 and IPv6 hosts Uses multicast addresses IPv6 FF02::1:3 IPv4 224.0.0.252 © Erion Ltd 2010 - All rights reserved getaddrinfo() Returns linked list

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    42 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us