Deploying IPv6, Now Christian Huitema Architect Windows Networking & Communications Microsoft Corporation.

Slides:



Advertisements
Similar presentations
Implications and Realities of IPv6 Christian Huitema Architect, Windows ® Networking Microsoft ® Corporation.
Advertisements

NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.
IPv6 at NCAR 8/28/2002. Overview What is IPv6? What’s wrong with IPv4? Features of IPv6 IPv6 will soon be available at NCAR How to use IPv6.
IPv4 - IPv6 Integration and Coexistence Strategies Warakorn Sae-Tang Network Specialist Professional Service Department A Subsidiary.
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
Project by: Palak Baid (pb2358) Gaurav Pandey (gip2103) Guided by: Jong Yul Kim.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.
Implementing IPv6 Module B 8: Implementing IPv6
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.
1 Teredo - Tunneling IPv6 through NATs Date: Speaker: Quincy Wu National Chiao Tung University.
Enabling IPv6 in Corporate Intranet Networks
17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.
Copyright © 1999 Telcordia Technologies All Rights Reserved Christian Huitema An SAIC Company IPv6: Connecting 6 billion.
CS 4700 / CS 5700 Network Fundamentals Lecture 15: NAT (You Better Forward Those Ports) Revised 3/9/2013.
Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.
Internet Gateway Device (IGD)
1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.
Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Wi-Fi Structures.
1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.
Section 461.  ARP  Ghostbusters  Grew up in Lexington, KY  Enjoy stargazing, cycling, and mushroom hunting  Met Mario once (long time ago)
Virtual Private Network prepared by Rachna Agrawal Lixia Hou.
WSV404 DirectAccess Server (Server 2008 R2) DirectAccess Client (Windows 7) Internet Native IPv6 6to4 Teredo IP-HTTPS Tunnel over IPv4 UDP, HTTPS,
Network Services Lesson 6. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding.
Polycom Conference Firewall Solutions. 2 The use of Video Conferencing Is Rapidly Growing More and More people are adopting IP conferencing Audio and.
資 管 Lee Lesson 11 Coexistence and Migration. 資 管 Lee Lesson Objectives Coexistence and migration overview Coexistence mechanisms ◦ Dual Stack ◦ Tunneling.
Day15 IP Space/Setup. IP Suite of protocols –TCP –UDP –ICMP –GRE… Gives us many benefits –Routing of packets over internet –Fragmentation/Reassembly of.
Windows Internet Connection Sharing Dave Eitelbach Program Manager Networking And Communications Microsoft Corporation.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 4: Addressing in an Enterprise Network Introducing Routing and Switching in the.
Slide 1, Dr. Wolfgang Böhm, Mobile Internet, © Siemens AG 2001 Dr. Wolfgang Böhm Siemens AG, Mobile Internet Dr. Wolfgang.
Summary of Certification Process (part 1). IPv6 Client IPv6 packets inside IPv4 packets.
Coexistence and Migration
Introduction to Networking Concepts. Introducing TCP/IP Addressing Network address – common portion of the IP address shared by all hosts on a subnet/network.
IPv6 Home Networking Architecture - update IETF homenet WG Interim meeting Philadelphia, 6 th Oct 2011 draft-chown-homenet-arch-00.
1 IP: putting it all together Part 2 G53ACC Chris Greenhalgh.
11 KDDI Trial Hub & Spoke Shu Yamamoto Carl Williams Hidetoshi Yokota KDDI R&D Labs.
1 NAT Network Address Translation Motivation for NAT To solve the insufficient problem of IP addresses IPv6 –All software and hardware need to be updated.
Guide to TCP/IP Fourth Edition
Peer-to-Peer and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.
WWSMM 2000 Next Generation Networking Device Ecosystem Jawad Khaki Corporate Vice President Windows Networking & Communications.
Simple Multihoming Experiment draft-huitema-multi6-experiment-00.txt Christian Huitema, Microsoft David Kessens, Nokia.
Module 3: Designing IP Addressing. Module Overview Designing an IPv4 Addressing Scheme Designing DHCP Implementation Designing DHCP Configuration Options.
VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.
IPv6 – What You Need To Know Tom Hollingsworth CCNP,CCVP,CCSP, MCSE.
IPv6: Making The Dream Real Jawad Khaki Vice-President Windows Networking & Communications Microsoft Corporation.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 4: Addressing in an Enterprise Network Introducing Routing and Switching in the.
IPv6 transition strategies IPv6 forum OSAKA 12/19/2000 1/29.
Ch 6: IPv6 Deployment Last modified Topics 6.3 Transition Mechanisms 6.4 Dual Stack IPv4/IPv6 Environments 6.5 Tunneling.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 11: Network Address Translation for IPv4 Routing And Switching.
Once the was IPv4 Christian Huitema Architect, Windows ® Networking Microsoft ® Corporation.
IPv6 - The Way Ahead Christian Huitema Architect Windows Networking & Communications
Security “Automatic Border Detection” is essential – For service discovery scope – For prefix assignment and routing – For security Default filters (ULAs?)
17/10/031 Euronetlab – Implementation of Teredo
CCNA Discovery Semester 3 Addressing in an Enterprise Network Chapter 4 K. Martin.
1 Objectives Identify the basic components of a network Describe the features of Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6)
IPv6 Security Issues Georgios Koutepas, NTUA IPv6 Technology and Advanced Services Oct.19, 2004.
IPv6 Transition Mechanisms - 6DISS Workshop - 5 March 2006 IPv6 Transition Mechanisms, their Security and Management Georgios Koutepas National Technical.
ITMT Windows 7 Configuration Chapter 5 – Connecting to a Network ITMT 1371 – Windows 7 Configuration 1.
CCNA4-1 Chapter 7-1 NAT Chapter 11 Routing and Switching (CCNA2)
Mobile IP THE 12 TH MEETING. Mobile IP  Incorporation of mobile users in the network.  Cellular system (e.g., GSM) started with mobility in mind. 
Understand IPv6 Part 2 LESSON 3.3_B Networking Fundamentals.
NAT (Network Address Translation)
Chapter 6 Exploring IPv6.
Introducing Novell IPv6 Stack
Network Virtualization
Distributed Peer-to-peer Name Resolution
Virtual Private Network
4/7/2019 7:12 AM Peer-to-Peer and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.
Chapter 11: Network Address Translation for IPv4
Presentation transcript:

Deploying IPv6, Now Christian Huitema Architect Windows Networking & Communications Microsoft Corporation

© Microsoft CorporationAgenda  The Opportunity  Key Problems  The Promise of IPv6  What is Microsoft doing  Call to Action

© Microsoft Corporation The Opportunity

© Microsoft Corporation Key Problems Address Shortage Extrapolating the number of DNS registered addresses shows total exhaustion in But the practical maximum is about 240 M addresses, in

© Microsoft Corporation Key Problems Address Shortage  Peer to Peer applications require Addressability of each end point Addressability of each end point Unconstrained inbound and outbound traffic Unconstrained inbound and outbound traffic Direct communication between end points using multiple concurrent protocols Direct communication between end points using multiple concurrent protocols  NATs are a band-aid to address shortage Block inbound traffic on listening ports Block inbound traffic on listening ports Constrain traffic to “understood” protocols Constrain traffic to “understood” protocols Create huge barrier to deployment of P2P applications Create huge barrier to deployment of P2P applications

© Microsoft Corporation Key Problems Lack of Mobility  Existing applications and networking protocols do not work with changing IP addresses Applications do not “reconnect” when a new IP address appears Applications do not “reconnect” when a new IP address appears TCP drops session when IP address changes TCP drops session when IP address changes IPSEC hashes across IP addresses, changing address breaks the Security Association IPSEC hashes across IP addresses, changing address breaks the Security Association  Mobile IPv4 solution is not deployable Foreign agent reliance not realistic Foreign agent reliance not realistic NATs and Mobile IPv4? Just say NO NATs and Mobile IPv4? Just say NO

© Microsoft Corporation Key Problems Network Security  Always On == Always attacked! Consumers deploying NATs and Personal Firewalls Consumers deploying NATs and Personal Firewalls Enterprises deploying Network Firewalls Enterprises deploying Network Firewalls  NATs and Network Firewalls break end-to-end semantics Barrier to deploying Peer to Peer applications Barrier to deploying Peer to Peer applications Barrier to deploying new protocols Barrier to deploying new protocols Block end-to-end, authorized, tamper-proof, private communication Block end-to-end, authorized, tamper-proof, private communication  No mechanisms for privacy at the network layer IP addresses expose information about the user IP addresses expose information about the user  No transparent way to restrict communication within network boundaries

© Microsoft Corporation The Promise of IPv6  Enough addresses format: 1.8E+19 networks, units format: 1.8E+19 networks, units assuming IPv4 efficiency: 1E+16 networks, 1 million networks per human assuming IPv4 efficiency: 1E+16 networks, 1 million networks per human 20 networks per m2 of Earth (2 per sqft ) 20 networks per m2 of Earth (2 per sqft ) Removes need to stretch addresses with NATs Removes need to stretch addresses with NATs  True mobility No reliance on Foreign Agents No reliance on Foreign Agents  Better network layer security IPSec delivers end-to-end security IPSec delivers end-to-end security Link/Site Local addresses allow partitioning Link/Site Local addresses allow partitioning Anonymous addresses provide privacy Anonymous addresses provide privacy

© Microsoft Corporation The Promise of IPv6 Example: Multiparty Conference, using IPv6  With a NAT: Brittle “workaround”. Brittle “workaround”.  With IPv6: Just use IPv6 addresses Just use IPv6 addresses P1P2 P3 Home LAN Internet Home Gateway Home LAN Home Gateway

© Microsoft Corporation The Promise of IPv6 If IPv6 is so great, how come it is not there yet?  Applications Need upfront investment, stacks, etc. Need upfront investment, stacks, etc. Similar to Y2K, 32 bit vs. “clean address type” Similar to Y2K, 32 bit vs. “clean address type”  Network Need to ramp-up investment Need to ramp-up investment No “push-button” transition No “push-button” transition networks applications

© Microsoft Corporation What is Microsoft doing  Building a complete IPv6 stack in Windows Technology Preview stack in Win2000 Technology Preview stack in Win2000 Developer stack in Windows XP Developer stack in Windows XP Deployable stack in.NET Server & update for Windows XP Deployable stack in.NET Server & update for Windows XP Windows CE planned Windows CE planned  Supporting IPv6 with key applications protocols File sharing, Web (IIS, IE), Games (DPlay), Peer to Peer platform, UPnP File sharing, Web (IIS, IE), Games (DPlay), Peer to Peer platform, UPnP  Building v4->v6 transition strategies Scenario focused tool-box Scenario focused tool-box

© Microsoft Corporation What is Microsoft doing IPv6 deployment tool-box  IPv6 stateless address auto-configuration Router announces a prefix, client configures an address Router announces a prefix, client configures an address  6to4: Automatic tunneling of IPv6 over IPv4 Derives IPv6 /48 network prefix from IPv4 global address Derives IPv6 /48 network prefix from IPv4 global address  Automatic tunneling of IPv6 over UDP/IPv4 Works through NAT, may be blocked by firewalls Works through NAT, may be blocked by firewalls  ISATAP: Automatic tunneling of IPv6 over IPv4 For use behind a firewall. For use behind a firewall.

© Microsoft Corporation What is Microsoft doing Recommended Strategies  In the home Use IPv6 if available, Use IPv6 if available, Or use 6to4 if global IPv4 address, Or use 6to4 if global IPv4 address, Or use IPv6 over UDP Or use IPv6 over UDP  In the enterprise Use IPv6 ISP or 6to4 for external access, Use IPv6 ISP or 6to4 for external access, Use ISATAP while upgrading the network Use ISATAP while upgrading the network

© Microsoft Corporation What is Microsoft doing Addressing hard problems  Domain Names and IPv6 have issues Peer to Peer applications require dynamic registration of IPv6 address Peer to Peer applications require dynamic registration of IPv6 address DDNS is hard to deploy securely on the internet DDNS is hard to deploy securely on the internet Workarounds require building alternate namespaces or avoiding names altogether Workarounds require building alternate namespaces or avoiding names altogether  Ease of use is a must Need an easy way to get Mobile IPv6 addresses Need an easy way to get Mobile IPv6 addresses Need an easy way to resolve names in a IPv6 Ad- hoc network (DNS Server not reachable) Need an easy way to resolve names in a IPv6 Ad- hoc network (DNS Server not reachable)

© Microsoft Corporation In Summary … We Build Together  Microsoft is moving quickly to enable Windows platforms for IPv6 Up to date information on: Up to date information on: Send us feedback and requirements Send us feedback and requirements  We need your help to move the world to a simple ubiquitous network based on IPv6

© Microsoft Corporation Call to Action  Network Providers: Build it and they will come Do not settle for NATs for new designs Do not settle for NATs for new designs Demand IPv6 support on all equipment Demand IPv6 support on all equipment Offer native IPv6 services Offer native IPv6 services  Device Vendors: Design for the simpler, ubiquitous IPv6 internet  Application Writers: Don’t wait on the above Use Windows XP and Windows.NET Server NOW! Use Windows XP and Windows.NET Server NOW!

Microsoft Vision Empower people through great software anytime, anyplace, and on any device

© Microsoft Corporation Background Material

© Microsoft Corporation 6to4: tunnel IPv6 over IPv4  6to4 router derive IPv6 prefix from IPv4 address,  6to4 relays advertise reachability of prefix 2002::/16  Automatic tunneling from 6to4 routers or relays  Single address ( ) for all relays IPv4 Internet 6to4-A 6to4-B Relay Native IPv6 Relay C B A :2:3:4:c… 2002:506:708::b… 2002:102:304::b…

© Microsoft Corporation ISATAP: IPv6 behind firewall  ISATAP router provides IPv6 prefix  Host complements prefix with IPv4 address  Direct tunneling between ISATAP hosts  Relay through ISATAP router to IPv6 local or global Firewalled IPv4 network IPv4 FW A Local “native” IPv6 network IPv6 FW ISATAP B IPv6 Internet C D IPv4 Internet

© Microsoft Corporation IPv6 over UDP through NAT  IPv6 / UDP IPv6 prefix: IP address & UDP port IPv6 prefix: IP address & UDP port  Servers Address discovery Address discovery Default “route” Default “route” Enable “shortcut” (A- B) Enable “shortcut” (A- B)  Relays Send IPv6 packets directly to nodes Send IPv6 packets directly to nodes  Works for all NAT NAT B Server IPv4 Internet IPv6 Internet Relay C A NAT

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.