Date post: | 31-Dec-2015 |
Category: |
Documents |
Upload: | vincent-tucker |
View: | 215 times |
Download: | 1 times |
IPv6: IPv6: Making The Dream RealMaking The Dream Real
Jawad KhakiJawad KhakiVice-President Vice-President Windows Networking & CommunicationsWindows Networking & CommunicationsMicrosoft CorporationMicrosoft Corporation
©1985-2001 Microsoft Corporation
AgendaAgenda
TrendsTrends The Opportunity The Opportunity Key ProblemsKey Problems The Promise of IPv6The Promise of IPv6 What is Microsoft doingWhat is Microsoft doing Call to ActionCall to Action
©1985-2001 Microsoft Corporation
Evolution Of The WebEvolution Of The Web
PresencePresence TransactionsTransactions BusinessBusiness
Publish Publish InfoInfo
ProcessProcessTransactionsTransactions
DigitalDigitalEconomyEconomy
Web sitesWeb sites Web-enable Web-enable
existing systemsexisting systems BusinessBusiness
transformationtransformation
PagesPages TransactionsTransactions Business Business
processesprocesses
IslandsIslands IslandsIslands ConstellationsConstellations
EyeballsEyeballs RevenueRevenue ProfitsProfits
©1985-2001 Microsoft Corporation
TrendsTrendsPublic NetworkPublic Network
Data traffic exceeds Voice trafficData traffic exceeds Voice traffic• Carriers shifting to network designs that favor Carriers shifting to network designs that favor
packets packets
High broadband adoption in geographies High broadband adoption in geographies where availablewhere available• Carriers responding to demand Carriers responding to demand
Wireless deployments everywhereWireless deployments everywhere• Rush to serve data over Cellular networks: 2.5-3GRush to serve data over Cellular networks: 2.5-3G
• WiFi usage growing rapidlyWiFi usage growing rapidly
©1985-2001 Microsoft Corporation
TrendsTrendsComputingComputing Moore’s Law still going strongMoore’s Law still going strong
• Smaller, more computing devices every 18 monthsSmaller, more computing devices every 18 months
Miniaturization continuesMiniaturization continues• 100Gb per square inch hard disk density100Gb per square inch hard disk density• 128MB memory on a single chip128MB memory on a single chip
Dramatic innovation towards longer battery time Dramatic innovation towards longer battery time • Low power CPUs from Intel, Transmeta, AMDLow power CPUs from Intel, Transmeta, AMD• Fuel Cell battery (1 month cell phone usage) in the horizonFuel Cell battery (1 month cell phone usage) in the horizon
Smaller, lighter PC, PDA, phone designs enabling Smaller, lighter PC, PDA, phone designs enabling new networking scenariosnew networking scenarios• TVs on Cell phones, Wearable computers, digital cash, TVs on Cell phones, Wearable computers, digital cash,
eBookseBooks
©1985-2001 Microsoft Corporation
TrendsTrendsApplicationsApplications
XML revolution leading to web servicesXML revolution leading to web services Peer-to-Peer enables compelling Peer-to-Peer enables compelling
scenariosscenarios ““Presence” a paradigm shift in Real Presence” a paradigm shift in Real
Time Communications and CollaborationTime Communications and Collaboration Net attached Consumer Electronics and Net attached Consumer Electronics and
Gaming appliances emergingGaming appliances emerging Applications assuming always on Applications assuming always on
connectivity, anywhere connectivity, anywhere
©1985-2001 Microsoft Corporation
Key ProblemsKey Problems
Address ShortageAddress Shortage• Not enough IPv4 addresses availableNot enough IPv4 addresses available
• Disproportionate allocationDisproportionate allocation
• Increasing number of devices and Always Increasing number of devices and Always On experience exacerbate the problemOn experience exacerbate the problem
Lack of MobilityLack of Mobility• Applications and network protocols break Applications and network protocols break
in mobile scenariosin mobile scenarios
Network SecurityNetwork Security• Always On == Always attacked!Always On == Always attacked!
©1985-2001 Microsoft Corporation
Key ProblemsKey ProblemsAddress ShortageAddress Shortage
1
10
100
1000
10000
S-96
S-97
S-98
S-99
S-00
S-01
S-02
S-03
S-04
S-05
S-06
S-07
S-08
Extrapolating the number of DNS registered addresses shows total exhaustion in 2009. But the practical maximum is about 200 M addresses, in 2002-2003.
©1985-2001 Microsoft Corporation
Key ProblemsKey ProblemsAddress ShortageAddress Shortage Peer to Peer applications requirePeer to Peer applications require
• Addressability of each end pointAddressability of each end point
• Unconstrained inbound and outbound trafficUnconstrained inbound and outbound traffic
• Direct communication between end points using Direct communication between end points using multiple concurrent protocolsmultiple concurrent protocols
NATs are a band-aid to address shortageNATs are a band-aid to address shortage• Block inbound traffic on listening ports Block inbound traffic on listening ports
• Constrain traffic to “understood” protocolsConstrain traffic to “understood” protocols
• Create huge barrier to deployment of P2P Create huge barrier to deployment of P2P applicationsapplications
©1985-2001 Microsoft Corporation
Key ProblemsKey ProblemsLack of MobilityLack of Mobility Existing applications and networking Existing applications and networking
protocols do not work with changing IP protocols do not work with changing IP addressesaddresses• Applications do not “reconnect” when a new IP Applications do not “reconnect” when a new IP
address appearsaddress appears
• TCP drops session when IP address changesTCP drops session when IP address changes
• IPSEC hashes across IP addresses, changing IPSEC hashes across IP addresses, changing address breaks the Security Associationaddress breaks the Security Association
Mobile IPv4 solution is not deployableMobile IPv4 solution is not deployable• Foreign agent reliance not realisticForeign agent reliance not realistic
• NATs and Mobile IPv4? Just say NONATs and Mobile IPv4? Just say NO
©1985-2001 Microsoft Corporation
Key ProblemsKey ProblemsNetwork SecurityNetwork Security
Always On == Always attacked!Always On == Always attacked!• Consumers deploying NATs and Personal FirewallsConsumers deploying NATs and Personal Firewalls• Enterprises deploying Network FirewallsEnterprises deploying Network Firewalls
NATs and Network Firewalls break end-to-end NATs and Network Firewalls break end-to-end semanticssemantics• Barrier to deploying Peer to Peer applicationsBarrier to deploying Peer to Peer applications• Barrier to deploying new protocolsBarrier to deploying new protocols• Block end-to-end, authorized, tamper-proof, private Block end-to-end, authorized, tamper-proof, private
communicationcommunication No mechanisms for privacy at the network layerNo mechanisms for privacy at the network layer
• IP addresses expose information about the userIP addresses expose information about the user No transparent way to restrict communication within No transparent way to restrict communication within
network boundariesnetwork boundaries
©1985-2001 Microsoft Corporation
The Promise of IPv6The Promise of IPv6
Enough addressesEnough addresses• 64+64 format: 1.8E+19 networks, units64+64 format: 1.8E+19 networks, units• assuming IPv4 efficiency: 1E+16 networks, 1 assuming IPv4 efficiency: 1E+16 networks, 1
million networks per humanmillion networks per human• 20 networks per m2 of Earth (2 per sqft )20 networks per m2 of Earth (2 per sqft )• Removes need to stretch addresses with NATsRemoves need to stretch addresses with NATs
True mobilityTrue mobility• No reliance on Foreign AgentsNo reliance on Foreign Agents
Better network layer securityBetter network layer security• IPSec delivers end-to-end securityIPSec delivers end-to-end security• Link/Site Local addresses allow partitioningLink/Site Local addresses allow partitioning• Anonymous addresses provide privacyAnonymous addresses provide privacy
©1985-2001 Microsoft Corporation
The Promise of IPv6The Promise of IPv6Example: Example: Multiparty Conference, using IPv6Multiparty Conference, using IPv6
With a NAT:With a NAT:• Brittle “workaround”.Brittle “workaround”.
With IPv6:With IPv6:• Just use IPv6 addressesJust use IPv6 addresses
P1 P2
P3Home LAN InternetHome
Gateway Home LANHomeGateway
©1985-2001 Microsoft Corporation
The Promise of IPv6The Promise of IPv6If IPv6 is so great, how come it If IPv6 is so great, how come it is not there yet?is not there yet?
ApplicationsApplications• Need upfront Need upfront
investment, investment, stacks, etc.stacks, etc.
• Similar to Y2K, 32 Similar to Y2K, 32 bit vs. “clean bit vs. “clean address type”address type”
NetworkNetwork• Need to ramp-up Need to ramp-up
investmentinvestment
• No “push-button” No “push-button” transitiontransition
networksnetworks
applicationsapplications
©1985-2001 Microsoft Corporation
What is Microsoft doingWhat is Microsoft doing
Building a complete IPv6 stack in WindowsBuilding a complete IPv6 stack in Windows• Technology Preview stack in Win2000Technology Preview stack in Win2000
• Developer stack in Windows XPDeveloper stack in Windows XP
• Deployable stack in .NET Server & update for Deployable stack in .NET Server & update for Windows XPWindows XP
• Windows CE plannedWindows CE planned
Supporting IPv6 with key applications Supporting IPv6 with key applications protocolsprotocols• File sharing, Web (IIS, IE), Games (DPlay), Peer to File sharing, Web (IIS, IE), Games (DPlay), Peer to
Peer platform, Peer platform, UPnPUPnP
Building v4->v6 transition strategiesBuilding v4->v6 transition strategies• Scenario focused tool-boxScenario focused tool-box
©1985-2001 Microsoft Corporation
What is Microsoft doingWhat is Microsoft doingIPv6 deployment tool-boxIPv6 deployment tool-box
IPv6 stateless address auto-configurationIPv6 stateless address auto-configuration• Router announces a prefix, client configures an Router announces a prefix, client configures an
addressaddress
6to4: Automatic tunneling of IPv6 over IPv46to4: Automatic tunneling of IPv6 over IPv4• Derives IPv6 /48 network prefix from IPv4 global Derives IPv6 /48 network prefix from IPv4 global
address address
Automatic tunneling of IPv6 over UDP/IPv4Automatic tunneling of IPv6 over UDP/IPv4• Works through NAT, may be blocked by firewallsWorks through NAT, may be blocked by firewalls
ISATAP: Automatic tunneling of IPv6 over IPv4ISATAP: Automatic tunneling of IPv6 over IPv4• For use behind a firewall.For use behind a firewall.
©1985-2001 Microsoft Corporation
What is Microsoft doingWhat is Microsoft doingRecommended StrategiesRecommended Strategies In the homeIn the home
• Use IPv6 if available,Use IPv6 if available,
• Or use 6to4 if global IPv4 address,Or use 6to4 if global IPv4 address,
• Or use IPv6 over UDPOr use IPv6 over UDP
In the enterpriseIn the enterprise• Use IPv6 ISP or 6to4 for external access,Use IPv6 ISP or 6to4 for external access,
• Use ISATAP while upgrading the networkUse ISATAP while upgrading the network
©1985-2001 Microsoft Corporation
What is Microsoft doingWhat is Microsoft doingAddressing hard problemsAddressing hard problems Domain Names and IPv6 have issuesDomain Names and IPv6 have issues
• Peer to Peer applications require dynamic Peer to Peer applications require dynamic registration of IPv6 addressregistration of IPv6 address
• DDNS is hard to deploy securely on the internetDDNS is hard to deploy securely on the internet
• Workarounds require building alternate Workarounds require building alternate namespaces or avoiding names altogethernamespaces or avoiding names altogether
Ease of use is a Ease of use is a mustmust• Need an easy way to get Mobile IPv6 addresses Need an easy way to get Mobile IPv6 addresses
• Need an easy way to resolve names in a IPv6 Ad-Need an easy way to resolve names in a IPv6 Ad-hoc network (DNS Server not reachable)hoc network (DNS Server not reachable)
©1985-2001 Microsoft Corporation
In SummaryIn Summary… We Build Together… We Build Together Microsoft is moving quickly to enable Microsoft is moving quickly to enable
Windows platforms for IPv6Windows platforms for IPv6• Up to date information on:Up to date information on:
http://www.microsoft.com/ipv6/http://www.microsoft.com/ipv6/
• Send us feedback and requirementsSend us feedback and requirements
mailto:[email protected]:[email protected]
We need We need youryour help to move the world to a help to move the world to a simple ubiquitous network based on IPv6simple ubiquitous network based on IPv6
©1985-2001 Microsoft Corporation
Call to ActionCall to Action
Network Providers: Build it and they will Network Providers: Build it and they will comecome• Do not settle for NATs for new designsDo not settle for NATs for new designs• Demand IPv6 support on all equipmentDemand IPv6 support on all equipment• Offer native IPv6 servicesOffer native IPv6 services
Device Vendors: Design for the simpler, Device Vendors: Design for the simpler, ubiquitous IPv6 internetubiquitous IPv6 internet
Application Writers: Don’t wait on the Application Writers: Don’t wait on the aboveabove• Use Windows XP and Windows .NET Server Use Windows XP and Windows .NET Server
NOW!NOW!
Microsoft VisionMicrosoft Vision
Empower peopleEmpower people
through great software through great software
anytime, anyplace,anytime, anyplace,
and and on any deviceon any device
©1985-2001 Microsoft Corporation
6to4: tunnel IPv6 over IPv46to4: tunnel IPv6 over IPv4
6to4 router derive IPv6 prefix from IPv4 address, 6to4 router derive IPv6 prefix from IPv4 address, 6to4 relays advertise reachability of prefix 2002::/16 6to4 relays advertise reachability of prefix 2002::/16 Automatic tunneling from 6to4 routers or relaysAutomatic tunneling from 6to4 routers or relays Single address (192.88.99.1) for all relaysSingle address (192.88.99.1) for all relays
IPv4 Internet
6to4-A
6to4-B
Relay
Native IPv6
Relay
C
B
A
1.2.3.4
5.6.7.8
192.88.99.1
192.88.99.1
3001:2:3:4:c…
2002:506:708::b…
2002:102:304::b…
©1985-2001 Microsoft Corporation
ISATAP: IPv6 behind ISATAP: IPv6 behind firewallfirewall
ISATAP router ISATAP router provides IPv6 prefixprovides IPv6 prefix
Host complements Host complements prefix with IPv4 prefix with IPv4 addressaddress
Direct tunneling Direct tunneling between ISATAP between ISATAP hosts hosts
Relay through Relay through ISATAP router to ISATAP router to IPv6 local or globalIPv6 local or global
Firewalled IPv4
network
IPv4 FW
A
Local “native” IPv6
network
IPv6 FW
ISATAP
B
IPv6Internet
C
D
IPv4Internet
©1985-2001 Microsoft Corporation
IPv6 over UDP through NATIPv6 over UDP through NAT
IPv6 / UDPIPv6 / UDP• IPv6 prefix: IP address IPv6 prefix: IP address
& UDP port& UDP port
ServersServers• Address discoveryAddress discovery
• Default “route”Default “route”
• Enable “shortcut” (A-Enable “shortcut” (A-B)B)
RelaysRelays• Send IPv6 packets Send IPv6 packets
directly to nodesdirectly to nodes
Works for Works for allall NAT NAT
NAT
B
Server
IPv4 Internet
IPv6 Internet
Relay
C
A
NAT