新一代互聯(lián)網(wǎng)網(wǎng)絡(luò)層協(xié)議ipv6-文庫(kù)吧資料
2025-01-12 19:55本頁(yè)面
【正文】 t Header Original Packet Identifier Reserved Fragment Offset 0 0 M 28 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) Routing ? Same “ longestprefix match” routing as IPv4 CIDR ? Straightforward changes to existing IPv4 routing protocols to handle bigger addresses – unicast: OSPFv3, RIPng, ISIS, BGP4+, … – multicast: PIM, MOSPF, … ? Use of Routing header with anycast addresses allows routing packets through particular regions – ., for provider selection, policy, performance, etc. 29 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) Routing Header Address[1] Reserved Address[0] Next Header Hdr Ext Len Routing Type Segments Left ? ? ? 30 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) S A B D Example of Using the Routing Header 31 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) S A B D Example of Using the Routing Header 32 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) S A B D Example of Using the Routing Header 33 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) S A B D Example of Using the Routing Header 34 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) Some Terminology node a protocol module that implements IPv6 router a node that forwards IPv6 packets not explicitly addressed to itself host any node that is not a router link a munication facility or medium over which nodes can municate at the link layer, ., the layer immediately below IPv6 neighbors nodes attached to the same link interface a node’ s attachment to a link address an IPv6layer identifier for an interface or a set of interfaces 35 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) Text Representation of Addresses “ Preferred” form: 1080:0:FF:0:8:800:200C:417A Compressed form: FF01:0:0:0:0:0:0:43 bees FF01::43 IPv4patible: 0:0:0:0:0:0: or :: 36 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) IPv6 Addressing Model LinkLocal SiteLocal Global ? Addresses are assigned to interfaces No change from IPv4 Model ? Interface ‘expected’ to have multiple addresses ? Addresses have scope Link Local Site Local Global ? Addresses have lifetime Valid and Preferred lifetime 37 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) Types of IPv6 Addresses ? Unicast – Address of a single interface – Delivery to single interface ? Multicast – Address of a set of interfaces – Delivery to all interfaces in the set ? Anycast – Address of a set of interfaces – Delivery to a single interface in the set ? No more broadcast addresses 38 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) Address Type Prefixes Address type Binary prefix IPv4patible 0000...0 (96 zero bits) global unicast 001 linklocal unicast 1111 1110 10 sitelocal unicast 1111 1110 11 multicast 1111 1111 ?all other prefixes reserved (approx. 7/8ths of total) ?anycast addresses allocated from unicast prefixes 39 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) site topology (16 bits) interface identifier (64 bits) public topology (45 bits) interface ID SLA* NLA* TLA 001 Global Unicast Addresses ? TLA = TopLevel Aggregator NLA* = NextLevel Aggregator(s) SLA* = SiteLevel Aggregator(s) ? all subfields variablelength, nonselfencoding (like CIDR) ? TLAs may be assigned to providers or exchanges 40 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) Linklocal addresses for use during autoconfiguration and when no routers are present Sitelocal addresses for independence from changes of TLA / NLA LinkLocal SiteLocal Unicast Addresses 1111111010 0 interface ID 1111111011 0 interface ID SLA* 41 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) Interface IDs Lowestorder 64bit field of unicast address may be assigned in several different ways: – autoconfigured from a 64bit EUI64, or expanded from a 48bit MAC address (., Ether address) – autogenerated pseudorandom number (to address privacy concerns) – assigned via DHCP – manually configured – possibly other methods in the future 42 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) Some SpecialPurpose Unicast Addresses ? The unspecified address, used as a placeholder when no address is available: 0:0:0:0:0:0:0:0 ? The loopback address, for sending packets to self: 0:0:0:0:0:0:0:1 43 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) Multicast Address Format ? flag field – loworder bit indicates permanent/transient group – (three other flags reserved) ? scope field: – 1 node local 8 anizationlocal – 2 linklocal B munitylocal – 5 sitelocal E global – (all other values reserved) ? map IPv6 multicast addresses directly into low order 32 bits of the IEEE 802 MAC FP (8bits) Flags (4bits) Scope (4bits) Group ID (32bits) 11111111 000T Lcl/Sit/Gbl Locally administered RESERVED (80bits) MUST be 0 44 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) Outline ?Protocol Background ?Technology Highlights ?Enhanced Capabilities ?Transition Issues ?Next Steps 45 清華大學(xué) 研究生課程 IPv6 Security 46 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) IPv6 Security ? All implementations required to support authentication and encryption headers (“ IPsec” ) ? Authentication separate from encryption for use in situations where encryption is prohibited or prohibitively expensive ? Key distribution protocols are under development (independent of IP v4/v6) ? Support for manual key configuration required 47 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) Authentication Header ? Destination Address + SPI identifies security association state (key, lifetime, algorithm, etc.) ? Provides authentication and data integrity for all fields of IPv6 packet that do not change enroute ? Default algorithm is Keyed MD5 Next Header Hdr Ext Len Security Parameters Index (SPI) Reserved Sequence Number Authentication Data 48 清華大學(xué) 研究生課程 上一頁(yè) 下一頁(yè) Encapsulating Security Payload (ESP) Payload Next Header Security Parameters Index (SPI) Sequence Number Authentication Data Paddi
法律信息相關(guān)推薦
鄂ICP備17016276號(hào)-1