Presentation is loading. Please wait.

Presentation is loading. Please wait.

Deploying IPv6, Now Christian Huitema Architect Windows Networking & Communications Microsoft Corporation.

Published byMagdalen Wright Modified over 8 years ago

Similar presentations

Presentation on theme: "Deploying IPv6, Now Christian Huitema Architect Windows Networking & Communications Microsoft Corporation."— Presentation transcript:

1 Deploying IPv6, Now Christian Huitema Architect Windows Networking & Communications Microsoft Corporation

2 ©1985-2001 Microsoft CorporationAgenda  The Opportunity  Key Problems  The Promise of IPv6  What is Microsoft doing  Call to Action

3 ©1985-2001 Microsoft Corporation The Opportunity

4 ©1985-2001 Microsoft Corporation Key Problems Address Shortage Extrapolating the number of DNS registered addresses shows total exhaustion in 2009. But the practical maximum is about 240 M addresses, in 2002-2003.

5 ©1985-2001 Microsoft Corporation Key Problems Address Shortage  Peer to Peer applications require Addressability of each end point Addressability of each end point Unconstrained inbound and outbound traffic Unconstrained inbound and outbound traffic Direct communication between end points using multiple concurrent protocols Direct communication between end points using multiple concurrent protocols  NATs are a band-aid to address shortage Block inbound traffic on listening ports Block inbound traffic on listening ports Constrain traffic to “understood” protocols Constrain traffic to “understood” protocols Create huge barrier to deployment of P2P applications Create huge barrier to deployment of P2P applications

6 ©1985-2001 Microsoft Corporation Key Problems Lack of Mobility  Existing applications and networking protocols do not work with changing IP addresses Applications do not “reconnect” when a new IP address appears Applications do not “reconnect” when a new IP address appears TCP drops session when IP address changes TCP drops session when IP address changes IPSEC hashes across IP addresses, changing address breaks the Security Association IPSEC hashes across IP addresses, changing address breaks the Security Association  Mobile IPv4 solution is not deployable Foreign agent reliance not realistic Foreign agent reliance not realistic NATs and Mobile IPv4? Just say NO NATs and Mobile IPv4? Just say NO

7 ©1985-2001 Microsoft Corporation Key Problems Network Security  Always On == Always attacked! Consumers deploying NATs and Personal Firewalls Consumers deploying NATs and Personal Firewalls Enterprises deploying Network Firewalls Enterprises deploying Network Firewalls  NATs and Network Firewalls break end-to-end semantics Barrier to deploying Peer to Peer applications Barrier to deploying Peer to Peer applications Barrier to deploying new protocols Barrier to deploying new protocols Block end-to-end, authorized, tamper-proof, private communication Block end-to-end, authorized, tamper-proof, private communication  No mechanisms for privacy at the network layer IP addresses expose information about the user IP addresses expose information about the user  No transparent way to restrict communication within network boundaries

8 ©1985-2001 Microsoft Corporation The Promise of IPv6  Enough addresses 64+64 format: 1.8E+19 networks, units 64+64 format: 1.8E+19 networks, units assuming IPv4 efficiency: 1E+16 networks, 1 million networks per human assuming IPv4 efficiency: 1E+16 networks, 1 million networks per human 20 networks per m2 of Earth (2 per sqft ) 20 networks per m2 of Earth (2 per sqft ) Removes need to stretch addresses with NATs Removes need to stretch addresses with NATs  True mobility No reliance on Foreign Agents No reliance on Foreign Agents  Better network layer security IPSec delivers end-to-end security IPSec delivers end-to-end security Link/Site Local addresses allow partitioning Link/Site Local addresses allow partitioning Anonymous addresses provide privacy Anonymous addresses provide privacy

9 ©1985-2001 Microsoft Corporation The Promise of IPv6 Example: Multiparty Conference, using IPv6  With a NAT: Brittle “workaround”. Brittle “workaround”.  With IPv6: Just use IPv6 addresses Just use IPv6 addresses P1P2 P3 Home LAN Internet Home Gateway Home LAN Home Gateway

10 ©1985-2001 Microsoft Corporation The Promise of IPv6 If IPv6 is so great, how come it is not there yet?  Applications Need upfront investment, stacks, etc. Need upfront investment, stacks, etc. Similar to Y2K, 32 bit vs. “clean address type” Similar to Y2K, 32 bit vs. “clean address type”  Network Need to ramp-up investment Need to ramp-up investment No “push-button” transition No “push-button” transition networks applications

11 ©1985-2001 Microsoft Corporation What is Microsoft doing  Building a complete IPv6 stack in Windows Technology Preview stack in Win2000 Technology Preview stack in Win2000 Developer stack in Windows XP Developer stack in Windows XP Deployable stack in.NET Server & update for Windows XP Deployable stack in.NET Server & update for Windows XP Windows CE planned Windows CE planned  Supporting IPv6 with key applications protocols File sharing, Web (IIS, IE), Games (DPlay), Peer to Peer platform, UPnP File sharing, Web (IIS, IE), Games (DPlay), Peer to Peer platform, UPnP  Building v4->v6 transition strategies Scenario focused tool-box Scenario focused tool-box

12 ©1985-2001 Microsoft Corporation What is Microsoft doing IPv6 deployment tool-box  IPv6 stateless address auto-configuration Router announces a prefix, client configures an address Router announces a prefix, client configures an address  6to4: Automatic tunneling of IPv6 over IPv4 Derives IPv6 /48 network prefix from IPv4 global address Derives IPv6 /48 network prefix from IPv4 global address  Automatic tunneling of IPv6 over UDP/IPv4 Works through NAT, may be blocked by firewalls Works through NAT, may be blocked by firewalls  ISATAP: Automatic tunneling of IPv6 over IPv4 For use behind a firewall. For use behind a firewall.

13 ©1985-2001 Microsoft Corporation What is Microsoft doing Recommended Strategies  In the home Use IPv6 if available, Use IPv6 if available, Or use 6to4 if global IPv4 address, Or use 6to4 if global IPv4 address, Or use IPv6 over UDP Or use IPv6 over UDP  In the enterprise Use IPv6 ISP or 6to4 for external access, Use IPv6 ISP or 6to4 for external access, Use ISATAP while upgrading the network Use ISATAP while upgrading the network

14 ©1985-2001 Microsoft Corporation What is Microsoft doing Addressing hard problems  Domain Names and IPv6 have issues Peer to Peer applications require dynamic registration of IPv6 address Peer to Peer applications require dynamic registration of IPv6 address DDNS is hard to deploy securely on the internet DDNS is hard to deploy securely on the internet Workarounds require building alternate namespaces or avoiding names altogether Workarounds require building alternate namespaces or avoiding names altogether  Ease of use is a must Need an easy way to get Mobile IPv6 addresses Need an easy way to get Mobile IPv6 addresses Need an easy way to resolve names in a IPv6 Ad- hoc network (DNS Server not reachable) Need an easy way to resolve names in a IPv6 Ad- hoc network (DNS Server not reachable)

15 ©1985-2001 Microsoft Corporation In Summary … We Build Together  Microsoft is moving quickly to enable Windows platforms for IPv6 Up to date information on: Up to date information on: http://www.microsoft.com/ipv6/ Send us feedback and requirements Send us feedback and requirements mailto:ipv6-fb@microsoft.com  We need your help to move the world to a simple ubiquitous network based on IPv6

16 ©1985-2001 Microsoft Corporation Call to Action  Network Providers: Build it and they will come Do not settle for NATs for new designs Do not settle for NATs for new designs Demand IPv6 support on all equipment Demand IPv6 support on all equipment Offer native IPv6 services Offer native IPv6 services  Device Vendors: Design for the simpler, ubiquitous IPv6 internet  Application Writers: Don’t wait on the above Use Windows XP and Windows.NET Server NOW! Use Windows XP and Windows.NET Server NOW!

17 Microsoft Vision Empower people through great software anytime, anyplace, and on any device

18

19 ©1985-2001 Microsoft Corporation Background Material

20 ©1985-2001 Microsoft Corporation 6to4: tunnel IPv6 over IPv4  6to4 router derive IPv6 prefix from IPv4 address,  6to4 relays advertise reachability of prefix 2002::/16  Automatic tunneling from 6to4 routers or relays  Single address (192.88.99.1) for all relays IPv4 Internet 6to4-A 6to4-B Relay Native IPv6 Relay C B A 1.2.3.4 5.6.7.8 192.88.99.1 3001:2:3:4:c… 2002:506:708::b… 2002:102:304::b…

21 ©1985-2001 Microsoft Corporation ISATAP: IPv6 behind firewall  ISATAP router provides IPv6 prefix  Host complements prefix with IPv4 address  Direct tunneling between ISATAP hosts  Relay through ISATAP router to IPv6 local or global Firewalled IPv4 network IPv4 FW A Local “native” IPv6 network IPv6 FW ISATAP B IPv6 Internet C D IPv4 Internet

22 ©1985-2001 Microsoft Corporation IPv6 over UDP through NAT  IPv6 / UDP IPv6 prefix: IP address & UDP port IPv6 prefix: IP address & UDP port  Servers Address discovery Address discovery Default “route” Default “route” Enable “shortcut” (A- B) Enable “shortcut” (A- B)  Relays Send IPv6 packets directly to nodes Send IPv6 packets directly to nodes  Works for all NAT NAT B Server IPv4 Internet IPv6 Internet Relay C A NAT

Download ppt "Deploying IPv6, Now Christian Huitema Architect Windows Networking & Communications Microsoft Corporation."

Similar presentations

Implications and Realities of IPv6 Christian Huitema Architect, Windows ® Networking Microsoft ® Corporation.

Implications and Realities of IPv6 Christian Huitema Architect, Windows ® Networking Microsoft ® Corporation.
NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.

NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.
IPv6 at NCAR 8/28/2002. Overview What is IPv6? What’s wrong with IPv4? Features of IPv6 IPv6 will soon be available at NCAR How to use IPv6.

IPv6 at NCAR 8/28/2002. Overview What is IPv6? What’s wrong with IPv4? Features of IPv6 IPv6 will soon be available at NCAR How to use IPv6.
IPv4 - IPv6 Integration and Coexistence Strategies Warakorn Sae-Tang Network Specialist Professional Service Department A Subsidiary.

IPv4 - IPv6 Integration and Coexistence Strategies Warakorn Sae-Tang Network Specialist Professional Service Department A Subsidiary.
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
Project by: Palak Baid (pb2358) Gaurav Pandey (gip2103) Guided by: Jong Yul Kim.

Project by: Palak Baid (pb2358) Gaurav Pandey (gip2103) Guided by: Jong Yul Kim.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.
Implementing IPv6 Module B 8: Implementing IPv6

Implementing IPv6 Module B 8: Implementing IPv6
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.
1 Teredo - Tunneling IPv6 through NATs Date: 2003-10-31 Speaker: Quincy Wu National Chiao Tung University.

1 Teredo - Tunneling IPv6 through NATs Date: Speaker: Quincy Wu National Chiao Tung University.
Enabling IPv6 in Corporate Intranet Networks

Enabling IPv6 in Corporate Intranet Networks
17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.

17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.
Copyright © 1999 Telcordia Technologies All Rights Reserved Christian Huitema An SAIC Company IPv6: Connecting 6 billion.

Copyright © 1999 Telcordia Technologies All Rights Reserved Christian Huitema An SAIC Company IPv6: Connecting 6 billion.
CS 4700 / CS 5700 Network Fundamentals Lecture 15: NAT (You Better Forward Those Ports) Revised 3/9/2013.

CS 4700 / CS 5700 Network Fundamentals Lecture 15: NAT (You Better Forward Those Ports) Revised 3/9/2013.
Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.

Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.
Internet Gateway Device (IGD)

Internet Gateway Device (IGD)
1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.
Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.

Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Wi-Fi Structures.

Wi-Fi Structures.

Similar presentations

Ads by Google