IPv6 6bone Kazu@Mew.org IPv6 - IPsec - 6bone -
IPv6 IETF IPng - http://playground.sun.com/pub/ipng/html/ipng-main.html - Bay Networks Cisco 3Com & - - WIDE INRIA - NRL UNH etc... IP - 1 1B B - C - CIDR - IPv4 IP - IP or IPng(IP next generation)
OSI or the Internet? 1992 6 INET 97 - IPng IAB CLNP - IAB OSI IAB IAB: Internet Activity Board Internet Architecture Board CLNP: Connection-Less Network Protocol OSI: Open Systems Interconnection 2 1992 1994 TUBA IP version 7 IP/IX CATNIP IP in IP IPAE SIP SIPP SIPP16 IPv6 Pip TUBA: TCP and UDP over Bigger Addresses IPAE: IP Address Encapsulation SIP: Simple IP SIPP: Simple IP Plus ( ) version 5 ST
IPv6 IPv4 IPv4 IPv4 2 - IPv6-2^32 = 43 2^128 = 3.4 10^38 - TOS - ( ) - - - IPsec
IPv4 0 8 16 24 32 Ver Type of Service Time to Live : - ( ) - TOS - ( ) : - - TTL (Hop Limit) IPv6 0 8 16 24 32 Ver - 4 2 - - 255
IPv4 = TCP TCP IPv6 = = = TCP TCP - TCP UDP - - TCP UDP IPv4 0 (Hop-by-Hop Options Header) 1 ICMP 4 IPv4 6 TCP 13 UDP 41 IPv6 43 (Routing Header) 44 (Fragment Header) 50 <IPsec> 51 <IPsec> 58 ICMPv6 60 (Destination Options Header) ICMP: Internet Control Message Protocol
0 8 16 24 32 8 - ICMP - change en-route (for IPsec) - 16 16 ":" - 3ffe:0501:0008:0000:2060:97ff:fe40:efab - ff02:0000:0000:0000:0000:0000:0000:0001 0-3ffe:501:8:0:2060:97ff:fe40:efab - ff02:0:0:0:0:0:0:1 0 "::" - 3ffe:501:8::2060:97ff:fe40:efab - ff02::1 "/" (0 128) - 3ffe:100::/16
- 1 - - - 1 G A S D S G S A Unicast Multicast G Anycast A 3 (2 ) 000 001 010 (was ) 011 (was ) 100 101 110 111 ( )
() - 0000:0000:0000:0000:0000:0000:0000:0001 or ::1-0000:0000:0000:0000:0000:0000:0000:0000 or :: - IPv4-0000:0000:0000:0000:0000:0000:xxxx:xxxx - ( ) ::163.221.202.11 - IPv4-0000:0000:0000:0000:0000:ffff:xxxx:xxxx - ( ) ::ffff:163.221.202.11-0 32 64 96 128 fe80 0000 0000 0000 - ( ) fe80::2060:97ff:fe40:efab fec0 0000 0000 - ( ) fec0::1234:2060:97ff:fe40:efab
- - TLA NLA SLA TLA (Top Level Aggregator) - 8,192 NLA (Next Level Aggregator) - NLA1, NLA2,... SLA (Site Level Aggregator) - - ( ) 3ffe:501:8::2060:97ff:fe40:efab - - -
ff 0000 0000 0000 0000 0000 4-1 - 2-5 - 8 - e 32 - ff01::1 ( ) - ff02::1 ( ) - ff02::2 ( ) ff02 0000 0000 0000 0000 0001ff 3 ( ARP) - - - - ( ) fe80::2056:01ff:fe12:3456 ff02::1:ff12:3456 - ff00:0000 ffff:ffff
IPv6 - fe80::2060:97ff:fe40:efab 00:60:97:40:ef:ab ( ) - 3ffe:501:808::2060:97ff:fe40:efab 00:60:97:40:ef:ab ff 3333 - ff02::1 33:33:00:00:00:01 - ff02::1:ff40:efab 33:33:ff:40:ef:ab DNS - AAAA - ( ) mine.v6.org. IN AAAA 3ffe:501:808:1:200:f8ff:fe01:6317 - PTR - ( ) - $ORIGIN 1.0.0.0.8.0.8.0.1.0.5.0.e.f.f.3.IP6.INT. - 7.1.3.6.1.0.e.f.f.f.8.f.0.0.2.0 IN PTR mine.v6.org. BIND 4.9.4 IPv4
API (1) struct sockaddr { u_char sa_len; /* 16 bytes */ u_char sa_family; /* address family */ char sa_data[14]; /* actually longer; address value */ }; struct sockaddr_in { u_char sin_len; /* 16 bytes */ u_char sin_family; /* AF_INET */ u_int16m_t sin_port; /* AF_INET6 */ struct in_addr sin_addr; /* IPv4 address */ char sin_zero[8]; /* padding */ }; struct sockaddr_in6 { u_char sin6_len; /* 24 bytes */ u_char sin6_family; /* AF_INET6 */ u_int16m_t sin6_port; /* transport layer port # */ u_int32m_t sin6_flowinfo; /* IPv6 flow information */ struct in6_addr sin6_addr; /* IPv6 address */ }; API (2) IPv4 - struct hostnet *gethostbyname(const char *name) - struct hostnet *gethostbyaddr(const char *addr, int len, int af) IPv6 - int getaddrinfo(const char *hostname, const char *servname, const struct addrinfo *hints, struct addrinfo **res); - int getnameinfo(const struct sockaddr *sa, size_t salen, char *host, size_t hostlen, char *serv, size_t servlen, int flags); struct hostnet *gethostbyname2(char *name, int af)
ICMPv6 1 (Destination Unreachable) 2 (Packet Too Big) 3 (Time Exceeded) 4 (Parameter Problem) 128 (Echo Request) 129 (Echo Reply) 133 (Router Solicitation) 134 (Router Advertisement) 135 (Neighbor Solicitation) 136 (Neighbor Advertisement) 137 (Redirect) ( ) (Duplicate Address Detection) (Address Resolution) (Neighbor Unreachability Detection) (Redirect)
(IEEE 802 ) - 00:60:97:40:ef:ab (EUI 64 ) - 2060:97ff:fe40:efab - fe80::2060:97ff:fe40:efab - ff02::1 - fe80::2060:97ff:fe40:efab ff02::1:fe40:efab - - (::) - - -
- (to ff02::1) - (to ff02::2) - etc... - - ( )3ffe:0501:0808::2060:97ff:fe40:efab (2) ARP - IPv4 ARP - - - MAC (1)
(2) (1) (ARP ) - (2) (3) (1) (4) - - - -
MTU MTU - TCP MSS(Maximum Segment Size) - 1500 MTU 1 - MTU MTU - MTU - A B C D 1500 4900 4900 - TCP ( ) - UDP IP - - 0 8 16 24 32 More
IGP (Interior Gateway Protocol) - RIPng IPv6 15 - OSPF EGP (Exterior Gateway Protocol) - BGP4+ - BGP5 - IDRP
- -! - -
- HMAC - - -
- - -... - Fair queue IPsec - - : SSL (Secure Socket Layer) - : SSH (Secure Shell) - : PGP/MIME S/MIME - - ( )TCP - IPsec
IPsec (AH: Authentication header) - - - IP (ESP: Encapsulating Security Payload) - (Transform) - - 0 8 16 24 32 Security Parameters Index SPI - Security Parameters Index - - RFC 1826...
0 8 16 24 32 Security Parameters Index - RFC 1827... IPsec - AH ESP IPv6 AH TCP IPv6 ESP TCP - AH ESP - VPN (Virtual Private Network) IPv6 AH IPv6 TCP IPv6 ESP IPv6 TCP
VPN - - - SA1 Addr1+SPI1 Addr1 Addr2 SA2 Addr2+SPI2 SPI1 SPI2 SA(Security Association) - SPI () - AH or ESP - - - -
out-band IPv6 in-band (in-band) - SKIP (out-band) - Photuris ISAKMP/Oakley - ISAKMP/Oakley IPv6 IPv4 - SKIP IPv4 IPv6 - MD5 SHA-1 RIPE MD160 Encumbered - - RSA Diffie-Hellman - DES IDEA CAST
IPv4 IPv6 - IPv4 IPv6 IPv6 IPv4 - IPv6 IPv4 IPv6 IPv4 IPv4 - IPv6 IPv4 - IPv4 IPv4 - - DNS IPv4
IPv6 over IPv4 IPv6 IPv4 IPv6 IPv6 IPv6 IPv6 IPv4 IPv6 IPv6 IPv4 IPv6 - IPv4 - IPv6 IPv4 IPv6 IPv4 IPv6 IPv4 IPv6 IPv6 IPv4 IPv4 IPv4 - IPv4-2 IPv4
6bone WIDE 6bone world-wide 6bone world-wide 6bone WIDE 6bone 1996 6 9 - NOC NOC RIPng - Eternet FDDI ATM... - NEC Bay Networks... - http://www.v6.wide.ad.jp/
world-wide 6bone 1996 3 - IETF Los Angeles Postel Deering 1996 6 - IETF Montoreal 1 6bone BOF - 1996 7 15 world-wide 6bone - WIDE UNI-C G6 - UNI-C G6-7 16 WIDE Cisco - 7 18 G6 RIPng - http://www.6bone.net/ world-wide 6bone RIPng - 1997 10 1 11 1 - - RIPng BGP4+ 41 ptla - WIDE 5 3ffe NLA ptla SLA