untitled

Similar documents
今からはじめるIPv6 ~IPv6標準化最新動向編~

IPv4aaSを実現する技術の紹介

IPv6 IPv6 IPv4/IPv6 WG IPv6 SWG

Agenda IPv4 over IPv6 MAP MAP IPv4 over IPv6 MAP packet MAP Protocol MAP domain MAP domain ASAMAP ASAMAP 2

IIJ Technical WEEK SEILシリーズ開発動向:IPv6対応の現状と未来

untitled

IPv6 IPv6 IPv4/IPv6 WG IPv6 SWG

1 IPv6 WG OS SWG PCOSIPv6 Windows Vista 2 3 KAMEUSAGIMacOSX IPv6 2

Microsoft PowerPoint - ykashimu_dslite_JANOG26_rev

IPv6 トラブルシューティング ホームネットワーク/SOHO編

untitled

2011 NTT Information Sharing Platform Laboratories

TCP/IP Internet Week 2002 [2002/12/17] Japan Registry Service Co., Ltd. No.3 Internet Week 2002 [2002/12/17] Japan Registry Service Co., Ltd. No.4 2

HomeGatewayにまつわるDNS話あれこれ

LAN

ヤマハ ルーター ファイアウォール機能~説明資料~

IP IPv4-IPv6

AirMac ネットワーク構成の手引き

untitled

集中講義 インターネットテクノロジー 第5回

total.dvi

橡sirahasi.PDF

AirMac ネットワーク for Windows

JANOG30 Meeting IPv6 時代の IPv4 を考える ~ 第二章 ~ 464XLAT 事前公開資料 2012 年 6 月 26 日 NEC アクセステクニカ株式会社開発本部商品開発部 川島正伸


橡3-MPLS-VPN.PDF

IP通信網サービスのインタフェース -フレッツシリーズ-

ScreenOS Copyright (C) 2005 NOX Co., Ltd. All Rights Reserved. Version1.00

untitled

ict2-.key

SA46T:IPv4 IPv6 IPv4 APNIC RIR IPv4 IPv4 IPv4 IPv6 only IPv4 SA46T SA46T 2 (1) IPv4 IPv6 (2) IPv6 IPv4 4.3 IPv4 IPv6 LAN SA46T SA46T SA46T IPv6 IPv4 I

Microsoft PowerPoint ppt [互換モード]

NATディスクリプタ機能

CPE9V1.0&AP615V2.0-C01说明书-电子档

PowerPoint プレゼンテーション

橡2-TrafficEngineering(revise).PDF

tcp/ip.key

設定例集_Rev.8.03, Rev.9.00, Rev.10.01対応

rzakg.ps

SRX300 Line of Services Gateways for the Branch

Win XP SP3 Japanese Ed. NCP IPSec client Hub L3 SW SRX100 Policy base VPN fe-0/0/0 vlan.0 Win 2003 SVR /

ヤマハ ルーター ファイアウォール機能~説明資料~

MVPN VPN VPN MVPN P2MP TE & BGP

Teradici Corporation # Canada Way, Burnaby, BC V5G 4X8 Canada p f Teradici Corporation Teradi

IP.dvi

第1回 ネットワークとは

LSM-L3-24設定ガイド(初版)

tutorial.dvi

SCREENOS NAT ScreenOS J-Series(JUNOS9.5 ) NAT ScreenOS J-Series(JUNOS9.5 ) NAT : Destination NAT Zone NAT Pool DIP IF NAT Pool Egress IF Loopback Grou

IPv4 over IPv6技術の最新動向と標準化

CS-SEIL-510/C コマンドリファレンス

Dynamic VPN Dynamic VPN IPSec VPN PC SRX IPSec VPN SRX PC IPSec 2 Copyright 2010 Juniper Networks, Inc.

template.dvi

2 1: OSI OSI,,,,,,,,, 4 TCP/IP TCP/IP, TCP, IP 2,, IP, IP. IP, ICMP, TCP, UDP, TELNET, FTP, HTTP TCP IP

Microsoft PowerPoint - bbix-v6summit-sam-01

IP IP DHCP..

RT107eセミナー用資料

Lync Server 2010 Lync Server Topology Builder BIG-IP LTM Topology Builder IP Lync 2010 BIG IP BIG-IP VE Virtual Edition BIG-IP SSL/TLS BIG-IP Edge Web

MPLS Copyright 2008 Juniper Networks, Inc. 1

ScreenOS 5.0 ScreenOS 5.0 Deep Inspection VLAN NetScreen-25/-50/-204/-208 HA NetScreen-25 HA Lite NetScreen-25 NetScreen-50) ALG(Application Layer Gat

Microsoft PowerPoint - TD_CGN.pptx

The overview of IPv4 over IPv6 technique - ENOG 17


DNS (BIND, djbdns) JPNIC・JPCERT/CC Security Seminar 2005

IPSEC-VPN IPsec(Security Architecture for Internet Protocol) IP SA(Security Association, ) SA IKE IKE 1 1 ISAKMP SA( ) IKE 2 2 IPSec SA( 1 ) IPs

TCP/IP再認識〜忘れちゃいけないUDP、ICMP~

Mac OS X Server QuickTime Streaming Server 5.0 の管理(バージョン 10.3 以降用)

VoIP Broadcasting System 2/2 IP Convergence Communication Solution IP paradigm Integration & Management VoIP IP VoIP VoIP IT < >

Microsoft PowerPoint - Amazon VPCとのVPN接続.pptx

2008, 2009 TOSHIBA TEC CORPORATION All rights reserved

MR1000 Webリファレンス

Catalyst 3560-C and 2960-C Getting Started Guide (Japanese)

IPv6チュートリアルからIPv6化ことはじめ~

Transcription:

IPv6 2.0 2010 7 29 IPv4/IPv6 WG IPv6 SWG

0.9 2009 5 22 1.0 2009 6 22 1 2.0 2010 7 29 2

1... 1 1.1...1 1.2...4 1.3...5 1.4...6 1.4.1...6 1.4.2...7 1.4.3...8 [ ]... 13 1.4.4... 15 2...17 2.1 IPv6... 17 2.1.1... 17 2.1.2 PPPoE/PPPoA... 17 2.1.3 IP IPv6 over IPv4... 18 2.2 IPv4... 20 2.2.1 NAT444... 20 2.2.2 DS-Lite Dual-Stack Lite... 21 2.2.3 A+P... 23 2.3 IPv6-IPv4... 25 2.3.1 NAT64 IPv6 IPv4 Translator... 25 2.4 IPv6... 26 2.4.1 NAT66... 26 3...27 3.1... 27 3.1.1... 27 3.1.2... 27 3.2 WAN... 28 3.2.1... 28 3.2.2... 28 3.2.3... 29 3.3 LAN... 29 i

3.3.1... 29 3.3.2... 30 3.3.3... 30 3.3.4 ULA... 31 4...32 4.1... 32 4.1.1... 32 4.1.2... 34 4.1.3... 35 4.1.4... 35 4.2... 36 5 DNS...37 5.1... 38 5.1.1... 38 5.1.2... 38 5.1.3... 38 5.2 DNS... 40 5.2.1 DNS... 40 5.3 DNS... 41 5.3.1... 41 5.3.2... 41 5.4... 42 5.4.1... 42 5.5... 43 5.5.1... 43 5.5.2... 43 5.5.3 EDNS0... 43 5.5.4 TCP 53... 44 5.5.5 DNSSEC... 44 6...45 6.1... 45 6.1.1 RA... 45 6.1.2 DHCPv6... 47 6.2... 49 ii

6.2.1 RA... 49 6.2.2 DHCPv6... 49 6.3... 51 6.3.1 MTU... 51 7...52 7.1... 52 7.2... 53 7.2.1 WAN... 53 7.2.2 LAN... 54 7.2.3... 56 7.3 IPv6... 56 7.3.1... 56 7.3.2 PIM... 57 7.3.3 MLD... 58 7.3.4 MLD... 58 7.4... 60 8...61 8.1... 61 8.1.1... 61 8.1.2... 63 8.2... 64 8.2.1... 64 8.2.2... 64 8.2.3 DNS... 65 8.2.4... 65 8.2.5... 65 9...66 9.1 Web-GUI Graphical User Interface... 66 9.2 CLI Command Line Interface... 66 9.3... 67 9.4... 67 10...68 10.1... 68 iii

10.2... 74 10.2.1... 74 10.3... 75 10.4... 77 iv

1 1.1 v6 1 IPv4/ WG SWG 2 2009 6 22 1 1 1 2010 4 27 v6 3 Broadband Forum 4 BBF SWG v6 1 2 2 1 IPv4 IPv4 2009 2 2009.2 2009.10 2010.06 NTT 1-1 1 http://www.v6pc.jp/ 2 IPv6 SWG http://www.v6pc.jp/jp/wg/coexistencewg/v6hgw-swg.phtml 3 1 http:// www.v6pc.jp/en/wg/coexistencewg/v6hgw-swg.phtml 4 Broadband Forum http://www.broadband-forum.org/ 1

1-1 IPv4 5 ISP IPv4 6 IPv4 IPv6 7 IPv6 IPv6 2010 5 FTTH ADSL CATV BWA 4 NTT IPv6 CATV IPv4 8 IANA Internet Assigned Numbers Authority RIR Regional Internet Registry IPv4 2011 5 IPv4 IPv4 2010.06 (ISP) URL http://www.kokatsu.jp/blog/ipv4/news/actionplan_20100607.pdf 6 ISP IPv4 http://www.soumu.go.jp/menu_news/s-news/02kiban04_000022.html 7 IPv4 IPv6 http://www.kokatsu.jp/blog/ipv4/data/ipv6service-list.html 8 Geoff Huston IPv4 http://ipv4.potaroo.net/ 2

1 IPv6 SWG 2 ISP v6 WG v6 IPv4/IPv6 WG WG WG IPv6 Ready Logo Program 9 IPv6 IETF RFC NPO IPv6Forum RFC test specification Self-test tool 9 IPv6 Ready Logo Program http://www.ipv6ready.org/ http://ipv6.jate.jp/ready JATE 3

1.2 IPv4 IPv4 IPv4 LSN Large Scale NAT NAT ISP 4

1.3 IAjapan IPv6 10 1-1 ULA RFC 4193 TR-069 UPnP Unique Local IPv6 Unicast Addresses IPv4 RFC 1918 Technical Report 069 Broadband Forum CPE SOAP/HTTP CPE ACS Auto Configuration Server [44] Universal Plug and Play UPnP Forum XML SOAP/HTTP [45] IPv4 IPv4/IPv6 /35 35 /32 /35 35 /64 10 IPv6 IAJapanhttp://www.iajapan.org/ipv6/v6term/glossary_01.html 5

1.4 1.4.1 IPv6 1-2 4 IPv6 ISP /48 /64 ISP ISP DNS 1-2 IPv6 IPv4 /64 /48 [8] IPv6 WAN IPv4 6

DHCP 1.4.2 IPv6 DNS DNS 1-3 LAN DNS 7

IPv6 IPv4 IPv6 DNS DNS IPv4 DNS IPv4 1.4.3 1.4.3.1 WAN IPv4 1 IPv6 3 1. WAN WAN 2. WAN WAN WAN ID 8

WAN 2001:db8:2000::/48 WAN 2001:db8:2000::/64 2001:db8:2000::1/64 2001:db8:2000::2/64 LAN 2001:db8:2000:1::/64 3. WAN Weak Host Model WAN LAN WAN 1.4.3.2 2 1. MAC ID IP [64] 2. IPv4 9

3.3.3 1-2 1-2 / ISP-A ISP-B ISP DoS PC 1.4.3.3 4 IPv6 IPv6 ULA IPv4 IPv4 IPv4 2 1 4 10

1. IPv6 WAN ISP 2. /48 /64 /64 1 LAN 3. IPv6 ULA ULA IPv6 ULA IPv6 IPv6 IPv6 2 1 2000::/3 2 0010 0000 0000 0000. 0 11

4. IPv4 IPv4 IPv4 IPv4 IPv6 IPv4 IPv4 1-3 1-3 IPv6 BB BB BB ULA ULA BB IPv6 ULA IPv4 IPv4 IPv6 12

[ ] RFC3484[15] RFC3484 8 10 Precedence Label Label 1-1 RFC3484 IPv4 6to4 IPv6 Label 1-4 RFC3484 Prefix Precedence Label Prefix ::1/128 50 0 ::/0 40 1 IPv6 2002::/16 30 2 6to4 ::/96 20 3 IPv4 ::ffff:0:0/96 10 4 IPv4 IPv4 RFC3484 13

Longest prefix match Longest prefix match IP 8000::/3 ULA Global 16 2 Global ULA 1-4 Longest prefix match 1-2 1-5 s1: 192.0.2.1 s2: 2001:db8:1234::1 s1: 192.0.2.1 s2: 2001:db8:1234::1 s1: fe80::1 s2: 2001:db8:1234::1 s1: 2001:db8:1234::1 s2: fc00:db8:1234::1 d1: 198.51.100.1 s2 - d2 Precedence d2: 2001:db8:2:2::2 d1: 198.51.100.1 s1 - d1 Label d2: 2002: 836b:4179::1 d1: 2001:db8:2:2::2 s2 - d1 d1: 2001:db8:2:2::2 s1 - d1 14

1.4.4 1.4.1 1.4.2 1-6 1-6 3.1 3.3, 5.2, 6.1 WAN 3.2, 8.1.1 7.2 7.1 7.3 4.1.4 4.1, 7.2.3 4.1(4.1.2) DNS 5.1, 5.2, 5.3, 5.4 DNS 5.4.1 6.2, 8.2.4.2 8.1, 8.2, 9.1, 9.2 9.3, 9.4 2 2009 IPv6 IPv4 IPv4 3 6 8 4 IPv6 5 DNS IPv4 DNS 6 15

7 8 9 1-7 1-7 "// " MUST SHOULD MAY 10 3 9 1 16

2 2.1 IPv6 2.1.1 2-1 2.1.2 PPPoE/PPPoA PPP [1][2][3] 2-2 PPPoE/PPPoA 17

2.1.3 IP IPv6 over IPv4 2.1.3.1 IP [4][5][6][7] 2-3 IP 2.1.3.2 6to4 IPv4 Internet IPv6 6to4 IPv6 IPv4 [4] IPv4 x.y.z.w IPv6 2002:x.y.z.w::/48 2002:x.y.z.w::/48 6to4 IPv6 over IPv4 x.y.z.w IPv4 IPv4 6to4 2002::/16 IPv6 6to4 6to4 2002::/16 6rd 2.1.3.3 6rd 6to4 IPv6 over IPv4 IPv4 IPv6 prefix 6to4 6to4 2002: 6to4 /48 prefix [53] prefix 2001:db8::/32 CPE IPv4 x.y.z.w 24bit 2001:db8:y.z.w::/56 6rd 6to4 prefix 18

Global IPv6 address Backbone IPv4 Internet 6rd Gateway IPv6 Internet IPv6 in IPv4 Tunnel AccessNetwork 6rd CPE CPE CPE CPE IPv6 2-4 6rd 11 Tunnel Termination IPv6 DHCPv6,etc. 6rd CPE IPv6 in IPv4 Tunnel 6rd Gateway IPv6 v6 v6 v4 v6 Src 2001:db8:6464:0100::1 Src 10.100.100.1 Src 2001:db8:6464:0100::1 Dst 2001:db8::yyyy:yyyy Dst 192.88.99.1 Dst 2001:db8::yyyy:yyyy Src Dst 2001:db8:6464:0100::1 2001:db8::yyyy:yyyy Can be well known anycast defined in rfc3068, or any other 2-5 6rd 2.1.3.4 Softwire with L2TPv2 IPv6 over IPv4 ISP L2TP CPE ISP [62] 11 2-4 2-13 2 IPv6 Operation Forum 19

2.2 IPv4 IPv4 IPv4 2.2.1 NAT444 IPv4 NAT Large Scale NAT LSN Carrier Grade NAT CGN IPv4 [54] CPE WAN 1 IPv4 NAT444 CPE LSN IPv4 CPE IPv4 NAT LSN LSN IPv4 NAT CPE LSN IPv4 NAT NAT44 NAT44+NAT44 NAT444 Global IPv4 address NAPT (CGN/LSN) Backbone IPv4 Internet IPv6 Internet ISP Shared address AccessNetwork NAPT Home GW CPE CPE CPE rfc1918 IPv4 private address 2-6 NAT444 20

rfc1918 private address NAPT Home GW ISP shared address (*1) NAPT (CGN/LSN) *2 Global IPv4 address v4 v4 v4 Src 192.168.0.1 port 10000 Dst 128.0.0.1 port 80 Src ii.ii.ii.ii port 10000 (*2) Dst 128.0.0.1 port 80 Src 129.0.0.1 port 12000 Dst 128.0.0.1 port 80 (*1) (*2) - ISP shared address (Draft-shirasaki-isp-shared-addr) - In draft-shirasaki-cgn-01,cgn(carria-grade NAT) was or renamed to LSN(Large Scale NAT) - Global address space NAPT : Network Address Port Translation - 240/4, rfc1918 10/8 2-7 NAT444 CPE NAPT LSN NAT LSN LSN NAT 2.2.2 DS-Lite Dual-Stack Lite IPv4 NAT IPv4 over AFTR (DS-Lite Address Family Transition Router element) IPv4 Internet CPE CPE B4 (DS-Lite Basic Bridging BroadBand element) IPv4 over CPE NAPT [55] CPE WAN 1 IPv4 DS-Lite CPE AFTR IPv4 NAT444 B4 AFTR IPv4 IPv4 over IPv6 IPv4 Internet B4 IPv6 AFTR AFTR IPv6 IPv4 IPv4 NAT 21

Global IPv4 address Backbone IPv4 Internet Tunnel Termination + NAPT(CGN/LSN) IPv6 Internet IPv4 in IPv6 Tunnel AccessNetwork Tunnel Initiation CPE CPE CPE rfc1918 IPv4 private address 2-8 DS-lite Tunnel Termination rfc1918 private address IPv4 in IPv6 Tunnel Global IPv4 address DS-lite Home GW NAPT (CGN/LSN) v4 v4 v6 v4 Src 192.168.0.1 port 10000 Dst 128.0.0.1 port 80 Src 2001:0:0:2::1 Dst 2001:0:0:1::1 Src 129.0.0.1 port 12000 Dst 128.0.0.1 port 80 Src 192.168.0.1 port 10000 Dst 128.0.0.1 port 80 2-9 DS-lite CPE NAT AFTR IPv6 only AFTR B4 AFTR AFTR AFTR AFTR B4 NAT DS-Lite LSN NAT 22

2.2.3 A+P CPE IPv4 1 TCP UDP IPv4 1 4096 8191 4096 CPE IPv4 [56] IPv4 Internet CPE CPE (A+P ) A+P CPE PPP IPv4 over IPv6 L2TP NAT 444 LSN DS-Lite AFTR A+P IPv4 NAT IPv4 NAT444 LSN TCP NAPT CPE A+P ICMP [57] Global IPv4 address Backbone IPv4 Internet A+P Router IPv6 Internet IPv4 in IPv6 Tunnel AccessNetwork A+P CPE CPE CPE CPE rfc1918 IPv4 private address 2-10 A+P 23

(Learn from DHCP,etc) WKP = 4999::/64 A = 12.0.0.1 P = ports 4096-8191 Tunnel Termination WKP : Well Known IPv6 Prefix rfc1918 private address A+P CPE IPv4 in IPv6 Tunnel A+P Router Global IPv4 address v4 Port Translation Tunnel Encap v4 v6 v4 Src 192.168.0.1 port 10000 Src 4999:0:0:0:0c00:0001:1001:: Src 12.0.0.1 port 4097 Dst 128.0.0.1 port 80 Dst 4999:0:0:0:8000:0001:0000:: Dst 128.0.0.1 port 80 Src Dst 12.0.0.1 port 4097 128.0.0.1 port 80 WKP + A+P address is to be announced to internal routing 2-11 A+P 24

2.3 IPv6-IPv4 IPv6 IPv4 2.3.1 NAT64 IPv6 IPv4 Translator NAT64 DNS64 IPv6 only IPv4 [58] 2-13 IPv6 only DNS ALG www.example.com DNS ALG www.example.com IPv4 Translator IPv6 IPv6 only DNS64 IPv6 only IPv6 Translator Translator IPv6 IPv4 www.example.com IPv4 Global IPv4 address Translator +DNS ALG AR Backbone AR DNS BR BR IPv4 Internet IPv6 Internet Dual Stack or IPv6 Network IPv6 CPE CPE AccessNetwork CPE CPE IPv6 2-12 NAT64 25

protocol Translation DNS IPv6 Network QRY : www.example.com AAAA? ANS : www.example.com AAAA 2001:db8::128.0.0.1 Translator +DNS ALG DNS QRY : www.example.com A or AAAA? ANS : www.example.com A 128.0.0.1 IPv4 Internet v6 v4 Src 2001:db8::xxxx:xxxx Src 12.0.0.1 port xx (IPv4 pool address) Dst 2001:db8::128.0.0.1 Dst 128.0.0.1 2-13 NAT64 2.4 IPv6 2.4.1 NAT66 ID NAT IPv6 NAT [12] 26

3 WAN LAN LAN 3.1 3.1.1 1 DHCPv6-PD MUST DHCPv6-PD 2 MUST DHCPv6-PD 3.1.2 3/48 /64 MUST JPNIC [8] /48 /64 DMZ /64 /48 27

3.2 WAN 1.4.3.1 WAN 3.2.1 4WAN MUST [a] SLAAC Stateless Address Auto Configuration [b] DHCPv6 SLAAC DHCPv6 WAN SLAAC DHCPv6 [59] SLAAC DDNS 2010 7 DHCPv6 64 [46] WAN 7.1 3.2.2 5WAN MUST 28

3.2.3 6WAN MUST WAN DNS LAN 3.3 LAN LAN 3.3.1 7 DHCPv6-PD /64 LAN MUST 6.1 /64 DHCPv6-PD /64 DHCPv6-PD /48 LAN 49 64 29

3.3.2 8 DHCPv6-PD LAN MAY 1 [17] 3.3.3 9WAN DHCPv6-PD LAN MUST 6.1.2 30

3.3.4 ULA 10ULA LAN SHOULD IPv4/IPv6 ULA RFC4193 [59] ULA MUST ULA 31

4 [60][61] 4.1 4.1.1 IPv4 NAT/NAPT 4.1.1.1 WAN LAN 4-1 32

11LAN WAN MUST IPv4 4.1.2 4.1.1.2 12 TCP SYN UDP DNS TV ICMPv6 [9] MUST IPv4 NAT IPv6 WAN 4.1.3 fe80::/10 fec0::/10 RFC3879 ULA fc00::/7 ff00::/8 IANA ::/8 IPv4 IPv4 2001:db8::/32 33

4.1.1.3 SPI 13SPI SHOULD IPv4 SPI IPv6 SPI RFC 4787 [47] SPI 4.1.2 14 4-1 MUST 4-1 IPv6 / 7.2.3 ICMP Type Code [9] TCP/UDP / MUST MUST SHOULD MUST SHOULD MUST IPv4 IPv6 [10] DPI Deep Packet Inspection 34

4.1.3 15 (MAY) DNS UDP 1 DNSSEC MTU Unfragmentable Part Fragmentable Part 4.1.4 16 MUST 35

4.2 17 LAN MAY 36

5 DNS IPv4 DNS DNS [14] DNS ISP / DNS / 5-1 DNS DNS DNS DNS Web-GUI FQDN IP http://setup.example.jp/ http://[2001:db8:1234:5678::1]/ DNS DNS ALG ALG DNS IPv4 37

5.1 DNS ISP / IPv4 / IPv6 DNS IPv4 / IPv6 5.1.1 5-2 18DNS IPv6 IPv4 MUST DNS IPv4 IPv6 5.1.2 19 MUST IPv6 DNS 5.1.3 20 DNS MAY [15]DNS DNS 38

DNS DNS IPv4 DNS DNS DNS IPv4 DNS 39

5.2 DNS DNS ISP / DNS / ULA / 5-3 5.2.1 DNS 21ULA MUST ULA DNS ULA ULA LAN ULA DNS DNS DNS DNS DNS WAN DNS DNS 40

5.3 DNS IPv4 DNS IPv6 IPv4 IPv6 ISP / DNS 5.3.1 5-4 DNS 22 DNS DNS MUST 5.3.2 23 DNS MAY DNS [16][17] IPv6 IPv4 DNS IPv6 DNS IPv4 OS DNS 41

5.4 DNS ISP / DNS 5.4.1 5-5 DNS 24 MAY DNS [18] DNS DNSSEC RRSIG 42

5.5 IPv4 IPv6 DNS ISP / EDNS0 / TCP 53 DNS EDNS0 / TCP 53 5.5.1 5-6 DNS 25 RR MUST RR ULA ULA 5.5.2 26 MUST DNS 5.5.3 EDNS0 27EDNS0[19] OPT RR 512byte MUST AAAA PTR SPF SRV TXT DNSSEC DNS 512byte 43

5.5.4 TCP 53 28 DNS Header TC=1 [20][21] TCP UDP 53 TCP 53 MUST 5.5.5 DNSSEC 29DNSSEC [22][23][24] EDNS0 OPT RR DO bit RRSIG DNSKEY DS NSEC NSEC3 NSEC3PARAM RR DNS Header Bit CD checking disabled AD authentic data MUST 30DNS DNSSEC [22][23][24] MAY IP Windows XP Windows Vista Windows 7 DNSSEC DNS IP 44

6 6.1 6.1.1 RA 31 RA MUST [28] LAN 3.3.2 Router Advertisement 2001:db8:1:1::/64 6-1 RA 32RA /64 MUST 64 ID /64 LAN Windows Vista SP1 /64 SLAAC RFC 4862 RA Prefix Information Option prefix 45

length interface ID 128 Prefix Information Option MUST [29][48] 33Prefix Information Option Preferred Lifetime 0 RA SHOULD Preferred Lifetime 0 A Preferred Lifetime 0 B B[15] Preferred Lifetime = 0 RA RA Preferred Lifetime = 0 RA Preferred Lifetime 0 WAN Valid Lifetime 0 ULA 3.3.4 34Router Lifetime 0 RA SHOULD Router Lifetime = 0 RA RA 46

WAN Router Lifetime = 0 RA RA LAN ( ) LAN Router Lifetime = 0 RA LAN LAN More-Specific Routes[35] 6.1.2 DHCPv6 35 DHCPv6[27] MAY SLAAC M 1 RA LAN DHCPv6 2001:db8:1:1::aaaa/64 DHCPv6 2001:db8:1:1::bbbb/64 6-2 DHCPv6 47

36Reconfigure Message Option msg-type 5 Renew message Reconfigure message 35 SHOULD DHCPv6 37DHCPv6-PD[30] MAY 6-3 DHCPv6-PD 48

6.2 6.2.1 RA 38LAN RA DNS MAY RA DNS RA DNS Standard Track [31] Windows XP/Vista/7 Mac OS DNS DNS DNS DNS RDNSS Lifetime 0 RA Router Advertisement 2001:db8:1:1::/64-2001:db8:1:1::53/64 Sample Server Addresses DNS 2001:db8:1:1::53/64 6.2.2 DHCPv6 6-4 RA 39LAN DHCPv6 DNS MUST DHCPv6 DNS O 1 RA LAN DHCPv6 Standard Track RFC 3646 RA 49

Experimental RFC 5006[32] IETF RFC5006 Standard Track 40LAN DHCPv6 SIP NTP MAY O 1 RA LAN DHCPv6 SIP [49] DNS [50] NIS [51] SNTP [52] DHCPv6 http://www.iana.org/assignments/dhcpv6-parameters/ DHCPv6-2001:db8:1:1::53-2001:db8:1:1::123-2001:db8:1:1::5060 Sample Server Addresses DNS 2001:db8:1:1::53 SNTP 2001:db8:1:1::123 SIP 2001:db8:1:1::5060 6-5 DHCPv6 50

41Reconfigure Message option msg-type 11 Information-request message Reconfigure message 40 SHOULD DHCPv6 6.3 6.3.1 MTU 42LAN RA MTU MTU SHOULD MTU MTU LAN ICMPv6 Packet Too Big MTU MTU 7.4 MTU MTU LAN LAN MTU LAN MTU 51

7 / 7.1 43 MUST Hop Limit 0 Prefix delegation 2001:db8:1::/48 Destination 2001:db8:1::/48 2001:db8:1:1::/64 7-1 DHCPv6-PD 44Point-to-Point ICMPv6 Destination Unreachable messages, Code 3 Address unreachable[33] MUST Hop Limit 0 RFC2463 RFC4443 52

2001:db8::/64 :2 Destination 2001:db8::3/64 ICMPv6 Destination Unreachable messages :1 7-2 WAN Point-to-point 7.2 7.2.1 WAN 45WAN MUST ICMPv6 :2 2001:db8::/64 :1 ::/0 via 2001:db8::1 7-3 WAN 53

46RA MUST RA RA [48] WAN RA 10.2 :1 RA ::/0 via R1 7.2.2 LAN 7-4 RA 47RIPng[34] LAN MAY LAN 54

2001:db8:1:1::/64 R1 2001:db8:1:3::/64 via R2 RIPng R2 2001:db8:1:1::/64 via R1 ::/0 via R1 2001:db8:1:2::/64 2001:db8:1:3::/64 7-5 RIPng 48More-Specific Routes[35] LAN MAY LAN 2001:db8:1:1::/64 Route information option 2001:db8:1:3::/64 R1 2001:db8:1:2::/64 R2 2001:db8:1:3::/64 7-6 More-Specific Route 55

7.2.3 49RH0 Type 0 MUST DoS [11] Type 0 RH0 7-7 RH0 7.3 IPv6 IPv6 NDP 50 MAY 7.3.1 WAN 2 56

7.3.2 PIM PIM PIM Join/Prune MLD Report/done MLD Query 7-8 PIM 51PIM[36][37][38] 50 MAY WAN PIM PIM-SM/SSM MLD PIM 52MLD v1/v2[39][40][41] 50 MAY PIM MLD PIM-SM/SSM MLD PIM 57

7.3.3 MLD MLD MLD Report/done MLD Report/done MLD Query 7-9 MLD 53MLD v1/v2 [42] 50 MUST MLD 7.3.4 MLD 7.3.1 MLD [43] 54MLD v1/v2 [43] 50 MAY LAN 58

ff04::12 7-10 MLD 59

7.4 55 TCP MSS Maximum Segment Size MAY MTU MTU TCP MTU 6.3.1 MTU TCP SYN MSS MSS MTU MTU MTU TCP TCP MTU MTU MTU MTU MSS MTU/MRU 60

8 8.1 56 SHOULD 4.1.4 8.1.1 SLAAC DHCPv6 RA 8-1 SLAAC 61

DHCPv6 DHCPv6 IPv6 DHCPv6 8-2 DHCPv6 TR-069 Broadband Forum CPE TR-069 8-3 TR-069 62

UPnP UPnP Forum UPnP 8.1.2 8-4 UPnP Web Telnet SSH 8-5 63

8.2 8.1 8.2.1 3 8.2.2 8.2.2.1 57 SHOULD 58WAN MAY 8.2.2.2 59 SHOULD 64

8.2.3 DNS DNS DNS 5 8.2.3.1 DNS DNS 60DHCPv6 DNS MUST 61DNS MUST 8.2.4 8.2.4.1 LAN 3 8.2.4.2 LAN 62 DHCPv6 MUST 63 MUST 8.2.5 7 65

9 IPv6 IPv4 9.1 Web-GUI Graphical User Interface 64 9-1 Web-GUI IPv6 SHOULD 9-1 Web-GUI HTTP 80/tcp HTTPS 443/tcp SHOULD MAY IPv4 PC Web Web-GUI https 9.2 CLI Command Line Interface 65 9-2 CLI IPv6 MAY 9-2 CLI TELNET 23/tcp SSH 22/tcp MAY MAY 66

IPv4 ssh 9.3 66 IPv6 /RFC4291 SHOULD 9.4 67IETF [63] SHOULD Web-GUI 2010 6 1 RFC Editor Queue Standards Track RFC 67

10 10.1 10-1 10-1 1.0 1 DHCPv6-PD 3.1.1 2 3.1.1 3 4 5 6 7 8 9 /48 /64 WAN WAN WAN DHCPv6-PD /64 LAN DHCPv6-PD LAN WAN DHCPv6-PD LAN 3.1.2 3.2.1 3.2.2 3.2.3 3.3.1 3.3.2 3.3.4 68

10 11 ULA LAN LAN WAN 3.3.4 4.1.1.1 12 4.1.1.2 13 14 15 16 17 18 19 20 21 22 SPI 4-1 DNS IPv6 IPv4 DNS ULA DNS DNS 4.1.1.3 4.1.2 4-1 4.1.3 4.1.4 4.2 5.1.1 5.1.2 5.1.3 5.2.1 5.3.1 69

23 24 25 26 27 28 29 30 31 32 31 33 31 34 31 35 DNS RR EDNS0[19] OPT RR 512byte DNS Header TC=1 [20][21] TCP UDP 53 TCP 53 DNSSEC [22][23][24] DNS DNSSEC [22][23][24] RA RA /64 Prefix Information Option Preferred Lifetime 0 RA Router Lifetime 0 RA DHCPv6[27] 5.3.2 5.4.1 5.5.1 5.5.2 5.5.3 5.5.4 5.5.5 5.5.5 6.1.1 6.1.1 6.1.1 6.1.1 6.1.2 70

36 35 37 38 39 40 Reconfigure Message Option msg-type 5 Renew message Reconfigure message DHCPv6-PD[30] LAN RA DNS LAN DHCPv6 DNS LAN DHCPv6 SIP NTP 6.1.2 6.1.2 6.2.1 6.2.2 6.2.2 41 Reconfigure Message option msg-type 11 6.2.2 42 43 44 Information-request message Reconfigure message LAN RA MTU MTU Point-to-Point 6.3.1 7.1 7.1 ICMPv6 Destination Unreachable messages, Code 3 Address unreachable [33] 45 WAN 7.2.1 46 RA 7.2.1 47 RIPng[34] LAN 7.2.2 48 49 More-Specific Routes[35] LAN RH0 Type 0 7.2.2 7.2.3 50 7.3 71

51 50 52 50 7.3.2 PIM[36][37][38] MLD v1/v2[39][40][41] 7.3.2 53 MLD v1/v2 [42] 7.3.3 50 54 MLD v1/v2 [43] 7.3.4 50 55 56 TCP MSS Maximum Segment Size 7.4 8.1 57 8.2.2.1 58 WAN 8.2.2.1 59 8.2.2.2 60 DHCPv6 DNS 8.2.3.1 61 DNS 8.2.3.1 62 DHCPv6 8.2.4.2 63 8.2.4.2 64 65 66 9-1 Web-GUI IPv6 9-2 CLI IPv6 IPv6 / RFC4291 9.1 9.2 9.3 67 IETF 9.4 72

[63] WAN DHCPv6 73

10.2 10.2.1 TCP,UDP DNS DNSSEC Point-to-Multipoint ISP ISP 66NAT IPv4/IPv6 mdns zeroconfllmnr UPnP QoS DNS NATMAC 802.1x 802.11 BluetoothWeb USB,IEEE1394ISDN 74

10.3 50 WG IT chair co-chair co-chair co-chair BB NTT NTT KDDI Juniper Networks 村上誠 75

76

10.4 [1] RFC 5072: IP Version6 over PPP [2] RFC 5172: Negotiation for IPv6 Datagram Compression Using IPv6 Control Protocol [3] RFC 1994: PPP Challenge Handshake Authentication Protocol (CHAP) [4] RFC 3056: Connection of IPv6 Domains via IPv4 Clouds (6to4) [5] RFC 4380: Tunneling IPv6 over UDP through Network Address Translations (Teredo) [6] RFC 2784: Generic Routing Encapsulation (GRE) [7] draft-kuwabara-softwire-ipv6-via-l2tpv2-00: A Model of IPv6 Internet Access Service via L2TPv2 Tunnel [8] JPNIC http://www.nic.ad.jp/doc/jpnic-01078.html [9] RFC 4890: Recommendations for Filtering ICMPv6 Messages in Firewalls [10] RFC 4864: Local Network Protection for IPv6 [11] RFC 5095 Deprecation of Type 0 Routing Headers in IPv6 [12] draft-mrw-behave-nat66-02: IPv6-to-IPv6 Network Address Translation (NAT66) [13] DOCSIS 3.0 specification http://www.cablelabs.com/specifications/doc30.html [14] RFC 5625: DNS Proxy Implementation Guidelines [15] RFC 3484: Default Address Selection for Internet Protocol version 6 (IPv6) [16] RFC 4477: Dynamic Host Configuration Protocol (DHCP) : IPv4 and IPv6 Dual-Stack Issues [17] http://www.v6pc.jp/pdf/v6pc-mp-1.0.pdf [18] Kaminsky Attack http://jprs.jp/tech/security/multiple-dns-vuln-cache-poisoning.html [19] RFC 2671: Extension Mechanisms for DNS (EDNS0) [20] RFC 1035: DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION [21] RFC 1123: Requirements for Internet Hosts -- Application and Support [22] RFC 4033: DNS Security Introduction and Requirements [23] RFC 4034: Resource Records for the DNS Security Extensions [24] RFC 4035: Protocol Modifications for the DNS Security Extensions [25] DNSSEC on Windows 7 DNS client http://blogs.technet.com/sseshad/archive/2008/11/11/dnssec-on-windows-7-dns-clien 77

t.aspx [26] RFC 4294: IPv6 Node Requirements [27] RFC 3315: Dynamic Host Configuration Protocol for IPv6 (DHCPv6) [28] RFC 4294: IPv6 Node Requirements [29] RFC 4861: Neighbor Discovery for IP version 6 (IPv6) [30] RFC 3633: IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6 [31] RFC 5006: IPv6 Router Advertisement Option for DNS Configuration [32] RFC 4339: IPv6 Host Configuration of DNS Server Information Approaches [33] RFC 4443: Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification [34] RFC 2080: RIPng for IPv6 [35] RFC 4191: Default Router Preferences and More-Specific Routes [36] RFC 4601: Protocol Independent Multicast - Sparse Mode (PIM-SM): Protocol Specification (Revised) [37] RFC 2362: Protocol Independent Multicast-Sparse Mode (PIM-SM): Protocol Specification [38] RFC 4607: Source-Specific Multicast for IP [39] RFC 2710: Multicast Listener Discovery (MLD) for IPv6 [40] RFC 3810: Multicast Listener Discovery Version 2 (MLDv2) for IPv6 [41] RFC 4604: Using Internet Group Management Protocol Version 3 (IGMPv3) and Multicast Listener Discovery Protocol Version 2 (MLDv2) for Source-Specific Multicast [42] RFC 4605: Internet Group Management Protocol (IGMP) / Multicast Listener Discovery (MLD)-Based Multicast Forwarding ("IGMP/MLD Proxying") [43] RFC 4541: Considerations for Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Snooping Switches [44] TR-069 http://www.broadband-forum.org/technical/download/tr-069amendment2.pdf [45] UPnP http://www.upnp.org/specs/arch/upnp-arch-devicearchitecture-v1.1.pdf [46] RFC 4291: IP Version 6 Addressing Architecture [47] RFC 4787: Network Address Translation (NAT) Behavioral Requirements for Unicast UDP [48] RFC 4862: IPv6 Stateless Address Autoconfiguration [49] RFC 3319: Dynamic Host Configuration Protocol (DHCPv6) Options for Session Initiation Protocol (SIP) Servers 78

[50] RFC 3646: DNS Configuration options for Dynamic Host Configuration Protocol for IPv6 (DHCPv6) [51] RFC 3898: Network Information Service (NIS) Configuration Options for Dynamic Host Configuration Protocol for IPv6 (DHCPv6) [52] RFC 4075: Simple Network Time Protocol (SNTP) Configuration Option for DHCPv6 [53] draft-ietf-softwire-ipv6-6rd-08: IPv6 via IPv4 Service Provider Networks "6rd" [54] draft-shirasaki-nat444-isp-shared-addr-03: NAT444 with ISP Shared Address [55] draft-ietf-softwire-dual-stack-lite-04: Dual-stack lite broadband deployments post IPv4 exhaustion [56] draft-ymbk-aplusp-05: The A+P Approach to the IPv4 Address Shortage [57] Issues with Port-Restricted IPs http://www.ietf.org/proceedings/09nov/slides/aplusp-3.pdf [58] draft-ietf-behave-v6v4-xlate-stateful-11: Stateful NAT64: Network Address and Protocol Translation from IPv6 Clients to IPv4 Servers [59] draft-ietf-v6ops-ipv6-cpe-router-04: Basic Requirements for IPv6 Customer Edge Routers [60] IPv6 2005 http://www.v6pc.jp/jp/archive/index.phtml [61] draft-ietf-v6ops-cpe-simple-security-11: Recommended Simple Security Capabilities in Customer Premises Equipment for Providing Residential IPv6 Internet Service [62] RFC 5571: Softwire Hub and Spoke Deployment Framework with Layer Two Tunneling Protocol Version 2 (L2TPv2) [63] draft-ietf-6man-text-addr-representation-07: A Recommendation for IPv6 Address Text Representation [64] RFC 3041: Privacy Extensions for Stateless Address Autoconfiguration in IPv6 79

2026 © docsplayer.net プライバシー | 利用規約 | フィードバック