Whick Of The Following Services Perform Address Hiding?
Chapter four Transitioning From IPv4 to IPv6 (Reference)
When hosts and routers are upgraded to IPv6, these hosts and routers must be able to interoperate with the IPv4 hosts and IPv4 routers. This chapter provides an overview of the standardized solutions to transitioning from IPv4 to IPv6. RFC 1933 as well provides detailed solutions to the transition problem.
This chapter contains the post-obit information:
-
Transition Requirements
-
Standardized Transition Tools
-
IPv4 and IPv6 Interoperability
-
Site Transition Scenarios
-
Other Transition Mechanisms
Transition Requirements
The transition does not require whatever global coordination. Your sites and Internet service provider (Internet access provider) can transition at their own pace. Furthermore, an effort has been fabricated to minimize the number of dependencies during the transition. For instance, the transition does not crave that routers exist upgraded to IPv6 prior to upgrading hosts.
Different sites have different constraints when transitioning. Likewise, early on adopters of IPv6 are probable to take dissimilar concerns than production users of IPv6. RFC 1933 defines the transition tools currently available. The rationale for transition is either the lack of IPv4 address space or the required utilize of new features in IPv6, or both. The IPv6 specification requires 100 per cent compatibility for the existing protocols. Compatibility is as well required for existing applications during the transition.
To understand the transition approaches, the post-obit terms have been defined.
-
IPv4-only node – A host or router that implements merely IPv4. An IPv4-only node does not sympathise IPv6. The installed base of IPv4 hosts and routers that exist before the transition begins are IPv4-only nodes.
-
IPv6/IPv4 node – A host or router that implements both IPv4 and IPv6, which is also known as dual-stack.
-
IPv6-only node – A host or router that implements IPv6, and does non implement IPv4.
-
IPv6 node – Whatsoever host or router that implements IPv6. IPv6/IPv4 and IPv6-but nodes are both IPv6 nodes.
-
IPv4 node – Any host or router that implements IPv4. IPv6/IPv4 and IPv4-only nodes are both IPv4 nodes.
-
Site – Slice of the private topology of the Internet that does not conduct transit traffic for anybody and everybody. The site can span a large geographic area. For instance, the private network on a multinational corporation is one site.
Standardized Transition Tools
RFC 1933 defines the post-obit transition mechanisms:
-
When you lot upgrade your hosts and routers to IPv6, the hosts and routers retain their IPv4 capability. Consequently, IPv6 provides compatibility for all IPv4 protocols and applications. These hosts and routers are known as dual-stack.
-
These hosts and routers use the proper noun service, for example, DNS, to carry data about which nodes are IPv6 capable.
-
IPv6 address formats can contain IPv4 addresses.
-
You can tunnel IPv6 packets in IPv4 packets as a method of crossing routers that have non been upgraded to IPv6.
Implementing Dual-Stack
The term dual-stack normally refers to a complete duplication of all levels in the protocol stack from applications to the network layer. An example of complete duplication is the OSI and TCP/IP protocols that run on the same system. However, in the context of IPv6 transition, dual-stack ways a protocol stack that contains both IPv4 and IPv6. The remainder of the stack is identical. Consequently, the same transport protocols, TCP, UDP, and and then on, can run over both IPv4 and IPv6. Also, the same applications can run over both IPv4 and IPv6.
The following figure illustrates dual-stack protocols through the OSI layers.
Effigy four–i Dual-Stack Protocols
In the dual-stack method, subsets of both hosts and routers are upgraded to support IPv6, in addition to IPv4. The dual-stack arroyo ensures that the upgraded nodes can always interoperate with IPv4-only nodes by using IPv4.
Configuring Name Services
A dual node must determine if the peer can support IPv6 or IPv4 in society to bank check which IP version to utilize when transmitting. The control of the information that goes in the name service enables a dual node to determine which IP version to use. You define an IPv4 node's IP accost and the IPv6 node'southward IP address in the name service. Thus, a dual node has both addresses in the name service.
The presence of an IPv6 address in the name service also signifies that the node is reachable by using IPv6. However, the node is only reachable by nodes that obtain information from that proper name service. For example, placing an IPv6 address in NIS implies that the IPv6 host is reachable by using IPv6. However, the IPv6 host is simply reachable past IPv6 and dual nodes that belong to that NIS domain. The placement of an IPv6 address in global DNS requires that the node is reachable from the Internet IPv6 backbone. This situation is no different than in IPv4. For instance, the mail commitment operation requires that IPv4 addresses exist for nodes that can be reached past using IPv4. The same situation is truthful for the HTTP proxy operation. When no reachability exists in IPv4, for instance, because of firewalls, the proper noun service must be partitioned into an inside firewall and exterior firewall database. Consequently, the IPv4 addresses are visible only where the IPv4 addresses are reachable.
The protocol that is used to admission the name service is independent of the type of address that can be retrieved from the name service. This name service support, and dual-stacks, enables a dual node to use IPv4 when the dual node communicates with IPv4-simply nodes. Too, this proper noun service support enables a dual node to utilise IPv6 when the dual node communicates with IPv6 nodes. However, the destination must exist reachable through an IPv6 route.
Using IPv4-Compatible Address Formats
In many instances, y'all can represent a 32-bit IPv4 address as a 128-bit IPv6 address. The transition mechanism defines the post-obit two formats.
-
IPv4–compatible accost
000 ... 000
IPv4 Address
-
IPv4–mapped address
000 ... 000
0xffff
IPv4 Address
The compatible format is used to represent an IPv6 node. This format enables you to configure an IPv6 node to use IPv6 without having a real IPv6 accost. This address format enables y'all to experiment with different IPv6 deployments because you lot tin use automatic tunneling to cross IPv4–only routers. However, you cannot configure these addresses past using the IPv6 stateless address autoconfiguration mechanism. This mechanism requires existing IPv4 mechanisms such as DHCPv4 or static configuration files.
The mapped address format is used to correspond an IPv4 node. The simply currently defined utilise of this address format is office of the socket API. An application tin have a common address format for both IPv6 addresses and IPv4 addresses. The common address format tin can represent an IPv4 address as a 128-fleck mapped address. Even so, IPv4–to-IPv6 protocol translators also allow these addresses to be used.
Tunneling Machinery
To minimize any dependencies during the transition, all the routers in the path between ii IPv6 nodes do not need to support IPv6. This mechanism is called tunneling. Basically, IPv6 packets are placed within IPv4 packets, which are routed through the IPv4 routers. The post-obit figure illustrates the tunneling machinery through IPv4 routers (R).
Effigy 4–2 Tunneling Mechanism
The different uses of tunneling in the transition follow:
-
Configured tunnels between two routers, equally in the previous effigy
-
Automatic tunnels that terminate at the dual hosts
A configured tunnel is currently used in the Cyberspace for other purposes, for example, the MBONE, the IPv4 multicast backbone. Operationally, the tunnel consists of two routers that are configured to have a virtual point-to-bespeak link between the two routers over the IPv4 network. This kind of tunnel is probable to exist used on some parts of the Internet for the foreseeable future.
Automated Tunnels
The automatic tunnels have a more limited use during early on experimental deployment. Automated tunnels require IPv4–uniform addresses. Automatic tunnels can be used to connect IPv6 nodes when IPv6 routers are not available. These tunnels tin originate either on a dual host or on a dual router by configuring an automatic tunneling network interface. The tunnels ever terminate on the dual host. These tunnels piece of work by dynamically determining the destination IPv4 accost, the endpoint of the tunnel, by extracting the address from the IPv4–compatible destination address.
Interaction With Applications
Even on a node that has been upgraded to IPv6, the use of IPv6 is dependent on the applications. An application might not use a networking API that asks the name service for IPv6 addresses. The application might utilise an API, such as sockets, which requires changes in the application. Likewise, the provider of the API, such every bit an implementation of the java.net grade might non back up IPv6 addresses. In either situation, the node only sends and receives IPv4 packets similar an IPv4 node would.
The following names have become standard terminology within the Internet community:
-
IPv6–unaware—This awarding cannot handle IPv6 addresses. This application cannot communicate with nodes that do not have an IPv4 address.
-
IPv6–aware—This application can communicate with nodes that exercise not accept an IPv4 address, that is, the application can handle the larger IPv6 addresses. In some situations, the address might be transparent to the application, for example, when the API hides the content and format of the actual address.
-
IPv6–enabled—This application tin, in add-on to being IPv6–enlightened, tin can use some IPv6–specific feature such every bit flow labels. The enabled applications can withal operate over IPv4, though in a degraded manner.
-
IPv6–required—This application requires some IPv6–specific characteristic. This application cannot operate over IPv4.
IPv4 and IPv6 Interoperability
During the gradual transition phase from IPv4 to IPv6, existing IPv4 applications must continue to work with newer IPv6–enabled applications. Initially, vendors provide host and router platforms that are running a dual-stack. A dual-stack is both an IPv4 protocol stack and an IPv6 protocol stack. IPv4 applications go on to run on a dual– stack that is as well IPv6 enabled with at least i IPv6 interface. No changes need to be made to these applications, no porting required.
IPv6 applications that run on a dual-stack can also use the IPv4 protocol. IPv6 applications use an IPv4-mapped IPv6 accost. Because of the pattern of IPv6, separate applications, IPv4 and IPv6, are non needed. For example, you do not need an IPv4 client on a dual host to "talk" with a server on an IPv4-but host. Also, you do not need a separate IPv6 client to talk with an IPv6 server. You demand merely to port their IPv4 customer application to the new IPv6 API. The customer tin can communicate with IPv4–only servers. The client tin can also communicate with IPv6 servers that run on either a dual host or an IPv6–only host.
The address that the customer receives from the name server determines if IPv6 or IPv4 is used. For case, if the name server has an IPv6 address for a server, then the server runs IPv6.
The following tabular array summarizes the interoperability between IPv4 and IPv6 clients and servers. The table assumes that the dual-stack host has both an IPv4 and IPv6 address in the respective name service database.
Table 4–ane Customer-Server Applications: IPv4 and IPv6 Interoperability
Type of Awarding (Type of Node) | IPv6-Unaware Server (IPv4-Only Node) | IPv6-Unaware Server (IPv6-Enabled Node) | IPv6-Aware Server (IPv6-Only Node) | IPv6-Aware Server (IPv6-Enabled Node) |
---|---|---|---|---|
IPv6-unaware client (IPv4-only node) | IPv4 | IPv4 | X | IPv4 |
IPv6-unaware client (IPv6-enabled node) | IPv4 | IPv4 | X | IPv4 |
IPv6-aware client (IPv6-only node) | X | Ten | IPv6 | IPv6 |
IPv6-enlightened client (IPv6-enabled node) | IPv4 | (IPv4) | IPv6 | IPv6 |
10 ways that the server cannot communicate with the client.
(IPv4) denotes that the interoperability depends on the address that is called by the client. If the customer chooses an IPv6 address, the customer fails. However, an IPv4 address that is returned to the client as an IPv4–mapped IPv6 accost causes an IPv4 datagram to be sent successfully.
In the kickoff phase of IPv6 deployment, almost implementations of IPv6 are on dual-stack nodes. Initially, most vendors exercise not release IPv6–but implementations.
Site Transition Scenarios
Each site and each ISP requires different steps during the transition phase. This department provides some examples of site transition scenarios.
The start step to transition a site to IPv6 is to upgrade the name services to support IPv6 addresses. For DNS, upgrade to a DNS server that supports the new AAAA (quad-A), such equally BIND 4.9.iv and later. Two new NIS maps and a new NIS+ tabular array take been introduced for storing IPv6 addresses. The new NIS maps and new NIS+ table can be created and administered on any Solaris system. See IPv6 Extensions to Solaris Name Services for details on the new databases.
After the proper name service is able to distribute IPv6 addresses, y'all can start transitioning hosts. You lot tin can transition hosts in the following ways:
-
Upgrade one host at a time. Employ IPv4–compatible addresses and automated tunneling. No routers need to be upgraded. Use this method for initial experimental transition. This method offers only a subset of the IPv6 benefits. This method does non offering stateless address autoconfiguration or IP multicast. You can use this scenario to verify that applications work over IPv6. This scenario also verifies that the awarding can employ IPv6 IP-layer security.
-
Upgrade i subnet at a time. Use configured tunnels betwixt the routers. In this scenario, at least one router per subnet is upgraded to dual. The dual routers in the site are tied together past using configured tunnels. And then, hosts on those subnets tin use all the IPv6 features. As more than routers get upgraded in this incremental scheme, you tin remove the configured tunnels.
-
Upgrade all the routers to dual before any host is upgraded. Though this method appears orderly, the method does not provide any IPv6 benefits until all the routers take been upgraded. This scenario constrains the incremental deployment approach.
Other Transition Mechanisms
The mechanisms that were specified previously handle interoperability between dual nodes and IPv4 nodes, if the dual nodes have an IPv4 address. The mechanisms do not handle interoperability between IPv6-just nodes and IPv4-only nodes. Also, the mechanisms practise non handle interoperability between dual nodes that take no IPv4 address and IPv4-merely nodes. Virtually implementations tin be made dual. Even so, a dual implementation requires plenty IPv4 address space to assign one accost for every node that needs to interoperate with IPv4-just nodes.
Several possibilities enable you to reach this interoperability without requiring any new transition mechanisms.
-
Employ application layer gateways (ALG) that sit down at the boundary between the IPv6-only nodes and the remainder of the Internet. Examples of ALGs in employ today are HTTP proxies and mail relays.
-
Companies are already selling network address translators (NAT) boxes for IPv4. The NAT boxes translate between the private IP addresses, for example, network ten—see RFC 1918, on the within and other IP addresses on the outside. These companies will likely upgrade their NAT boxes to too back up IPv6–to-IPv4 address translation.
Unfortunately, both ALG and NAT solutions create single points of failure. Past using these solutions, the Internet becomes less effective. The IETF is working on a amend solution for IPv6-only interoperability with IPv4-merely nodes. 1 proposal is to use header translators with a way to allocate IPv4–compatible addresses on need. Another proposal is to allocate IPv4–compatible addresses on demand and apply IPv4 in IPv6 tunneling to bridge the IPv6-just routers.
The stateless header translator translates between IPv4 and IPv6 header formats if the IPv6 addresses in use can exist represented as IPv4 addresses. The addresses must exist IPv4-compatible. Or, the addresses must exist IPv4-mapped addresses. The support for these translators has been built into the IPv6 protocol. The translation tin occur without any data loss, except for encrypted packets. Rarely used features such as source routing tin produce information loss.
Whick Of The Following Services Perform Address Hiding?,
Source: https://docs.oracle.com/cd/E19683-01/816-5250/6mbdho96o/index.html
Posted by: orvisbrimee.blogspot.com
0 Response to "Whick Of The Following Services Perform Address Hiding?"
Post a Comment