Presentation is loading. Please wait.

Presentation is loading. Please wait.

IPv6 and Tunnels. IPv6 and Tunnels in the same presentation? The work for both was done around the same time Most IPv6 traffic at the time was still tunneled.

Published byJustus Pound Modified over 9 years ago

Similar presentations

Presentation on theme: "IPv6 and Tunnels. IPv6 and Tunnels in the same presentation? The work for both was done around the same time Most IPv6 traffic at the time was still tunneled."— Presentation transcript:

1 IPv6 and Tunnels

2 IPv6 and Tunnels in the same presentation? The work for both was done around the same time Most IPv6 traffic at the time was still tunneled (and likely still is at most sites) 2

3 IPv6 It’s turned on like you’d expect it to be and you can’t turn it off Not overly exciting – Different addresses in your logs Lots of strange edge cases supported 3

4 Tunnels Everyone has tunnels – Even if you don’t know it Most tunnels are for locally enabling IPv6 on end hosts 4

5 Tunnel Decapsulators Teredo IP-in-IP (includes 6to4) AYIYA GTPv1 SOCKS – Yes, SOCKS is a proxy protocol but internally we treat it similar to a tunnel 5

6 Tunnel Recursion Tunnels in tunnels 6

7 Forensic Logs - tunnel.log 7 ts1232039480.93499 uidYQCEFJ6DEh1 id99.241.86.2375036110.0.0.25465123 tunnel_typeTunnel::TEREDO actionTunnel::DISCOVER ts1232039548.03295 uidYQCEFJ6DEh1 id99.241.86.2375036110.0.0.25465123 tunnel_typeTunnel::TEREDO actionTunnel::CLOSE

8 Forensic Logs - conn.log 8 ts1232039480.93499 uidYQCEFJ6DEh1 id99.241.86.2375036110.0.0.25465123 protoudp serviceteredo duration66.901215 orig_bytes100565 resp_bytes23818

9 Forensic Logs - conn.log 9 ts1232039480.93499 uidmYlaTkpbEY9 id 2001:0:4137:9e50:3c6e:3b46:9c0e:a91251232 2001:0:4137:9e50:414:19c:5b94:3ca221050 protoudp service- duration66.901215 orig_bytes85545 resp_bytes10386 tunnel_parentsYQCEFJ6DEh1

10 Summary Awareness of IPv6 and Tunnels in Bro Normally don’t need to worry about them 10

Download ppt "IPv6 and Tunnels. IPv6 and Tunnels in the same presentation? The work for both was done around the same time Most IPv6 traffic at the time was still tunneled."

Similar presentations

IPv6 View video on IPv6 compared to IPv4 https://www.youtube.com/watch?v=vPeOk1f SHMU.

IPv6 View video on IPv6 compared to IPv4 SHMU.
The Bro Network Security Monitor Overview and Recent Developments.

The Bro Network Security Monitor Overview and Recent Developments.
1 IPv6 and IPv4 Interoperation and Transition Tony Hain co-chair IETF ngtrans WG

1 IPv6 and IPv4 Interoperation and Transition Tony Hain co-chair IETF ngtrans WG
IPv4 - IPv6 Integration and Coexistence Strategies Warakorn Sae-Tang Network Specialist Professional Service Department A Subsidiary.

IPv4 - IPv6 Integration and Coexistence Strategies Warakorn Sae-Tang Network Specialist Professional Service Department A Subsidiary.
1 Features of IPv6 Larger Address Extended Address Hierarchy Flexible Header Format Improved Options Provision For Protocol Extension Support for Auto-configuration.

1 Features of IPv6 Larger Address Extended Address Hierarchy Flexible Header Format Improved Options Provision For Protocol Extension Support for Auto-configuration.
Chapter 6-7 IPv6 Addressing. IPv6 IP version 6 (IPv6) is the proposed solution for expanding the possible number of users on the Internet. IPv6 is also.

Chapter 6-7 IPv6 Addressing. IPv6 IP version 6 (IPv6) is the proposed solution for expanding the possible number of users on the Internet. IPv6 is also.
Project by: Palak Baid (pb2358) Gaurav Pandey (gip2103) Guided by: Jong Yul Kim.

Project by: Palak Baid (pb2358) Gaurav Pandey (gip2103) Guided by: Jong Yul Kim.
Socket Programming with IPv6. Why IPv6? Addressing and routing scalability Address space exhaustion Host autoconfiguration QoS of flow using flowlabel.

Socket Programming with IPv6. Why IPv6? Addressing and routing scalability Address space exhaustion Host autoconfiguration QoS of flow using flowlabel.
1 Computer Communication & Networks Lecture 17 & 18 Network Layer: Logical Addressing Waleed Ejaz.

1 Computer Communication & Networks Lecture 17 & 18 Network Layer: Logical Addressing Waleed Ejaz.
Understanding Internet Protocol

Understanding Internet Protocol
IP Subnetting.

IP Subnetting.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Weakening Aggregated Traffic of DHCP Discover Messages draft-yang-sunset4-weaken-dhcp-00 Tianle Yang, Lianyuan Li, Qiongfang Ma China Mobile 2012.11 1.

Weakening Aggregated Traffic of DHCP Discover Messages draft-yang-sunset4-weaken-dhcp-00 Tianle Yang, Lianyuan Li, Qiongfang Ma China Mobile
An Overview of IPv6 Transition/Co-existence Technologies Fernando Gont UTN/FRH LACNOG 2010 Sao Paulo, Brazil, October 19-22, 2010.

An Overview of IPv6 Transition/Co-existence Technologies Fernando Gont UTN/FRH LACNOG 2010 Sao Paulo, Brazil, October 19-22, 2010.
138.38.228.53255.255.254.0 10001010.00100110.11100010.0011010111111111.11111111.11111110.00000000 IP addressSubnet mask AND 10001010.00100110.11100010.00000000.

IP addressSubnet mask AND
King of Limitations Present by: Ao-Jan Su. Accuracy? Accuracy depends on the distance of end hosts and their authoritative name servers. Not true for.

King of Limitations Present by: Ao-Jan Su. Accuracy? Accuracy depends on the distance of end hosts and their authoritative name servers. Not true for.
1 Computer Networks IP: The Internet Protocol. 2 IP is a connection-less, unreliable network layer protocol IP provides best effort services in the sense.

1 Computer Networks IP: The Internet Protocol. 2 IP is a connection-less, unreliable network layer protocol IP provides best effort services in the sense.
Transition Mechanisms for Ipv6 Hosts and Routers RFC2893 By Michael Pfeiffer.

Transition Mechanisms for Ipv6 Hosts and Routers RFC2893 By Michael Pfeiffer.
1 Reminding - ARP Two machines on a given network can communicate only if they know each other’s physical network address ARP (Address Resolution Protocol)

1 Reminding - ARP Two machines on a given network can communicate only if they know each other’s physical network address ARP (Address Resolution Protocol)
TDC 375 Winter 2002John Kristoff1 Network Protocols IPv6.

TDC 375 Winter 2002John Kristoff1 Network Protocols IPv6.

Similar presentations

Ads by Google