Unit-II IPv6

IP next generation Addressing Configuration - Security - QOS - VOIP- Issues in

VOIP Distributed Computing and Embedded System Ubiquitous Computing -VPN.

An Internet Protocol Version 6 address (IPv6 address) is a numerical label that is used to
identify a network interface of a computer or other network node participating in an IPv6
computer network.
An IP address serve the purpose of uniquely identifying an individual network interface of a
host, locating it on the network, and thus permitting the routing of IP packets between hosts.
For routing, IP addresses are present in fields of the packet header where they indicate source
and destination of the packet.
IPv6 is the successor to the Internet's first addressing infrastructure, Internet Protocol version
4 (IPv4). In contrast to IPv4, which defined an IP address as a 32-bit value, IPv6 addresses
have a size of 128 bits. Therefore, IPv6 has a vastly enlarged address space compared to
IPv4.
IPv6 address
IPv6 addresses are classified by the primary addressing and routing methodologies common
in networking: unicast addressing, anycast addressing, and multicast addressing.
A unicast address identifies a single network interface. The Internet Protocol delivers
packets sent to a unicast address to that specific interface.
An anycast address is assigned to a group of interfaces, usually belonging to different nodes.
A packet sent to an anycast address is delivered to just one of the member interfaces,
typically the nearest host, according to the routing protocols definition of distance. Anycast
addresses cannot be identified easily, they have the same format as unicast addresses, and
differ only by their presence in the network at multiple points. Almost any unicast address
can be employed as an anycast address.
A multicast address is also used by multiple hosts, which acquire the multicast address
destination by participating in the multicast distribution protocol among the network
routers. A packet that is sent to a multicast address is delivered to all interfaces that have
joined the corresponding multicast group.
Address formats
Increasing the IP address pool was one of the major forces behind developing IPv6. It uses a 128-bit
address, meaning that we have a maximum of 2 addresses available, or
340,282,366,920,938,463,463,374,607,431,768,211,456, or enough to give multiple IP addresses to
every grain of sand on the planet. So our friendly old 32-bit IPv4 dotted-quads don't do the job
anymore; these newfangled IPs require eight 16-bit hexadecimal colon-delimited blocks. So not only
are they longer, they use numbers and letters.
An IPv6 address consists of 128 bits. Addresses are classified into various types for applications in
the major addressing and routing methodologies: unicast, multicast, and anycast networking. In
each of these, various address formats are recognized by logically dividing the 128 address bits into
bit groups and establishing rules for associating the values of these bit groups with special
addressing features.

IPv6 Unicast

Global Routing Prefix Site Prefix
Site prefix assigned to an organization (leaf site) by a provider should be at
least a /48 prefix = 45 + high-order bits (001).
48 prefix represents the high-order 48-bit of the network prefix.
prefix assigned to the organization is part of the providers prefix.
Subnet-id - Site
With one /48 prefix allocated to an organization by a provider, it is possible
for that organization to enable up to 65,535 subnets (assignment of 64-bits
prefix to subnets).
The organization can use bits 49 to 64 (16-bit) of the prefix received for
subnetting.
Interface-id Host
The host part uses each nodes interface identifier.
This part of the IPv6 address, which represents the addresss low-order 64-bit,
is called the interface ID.
Multicast
Multicast in IPv6 is similar to the old IPv4 broadcast address a packet sent to a multicast
address is delivered to every interface in a group. The IPv6 difference is it's targeted instead
of annoying every single host on the segment with broadcast blather, only hosts who are
members of the multicast group receive the multicast packets. IPv6 multicast is routable, and
routers will not forward multicast packets unless there are members of the multicast groups to
forward the packets to. Anyone who has ever suffered from broadcast storms will appreciate
this mightily.
In IPv6, multicast traffic operates in the same way that it does in IPv4.
Arbitrarily located IPv6 nodes can listen for multicast traffic on an arbitrary IPv6
multicast address.
IPv6 nodes can listen to multiple multicast addresses at the same time.
Nodes can join or leave a multicast group at any time.
IPv6 multicast addresses have the first eight bits set to 1111 1111.
An IPv6 address is easy to classify as multicast because it always begins with FF.
Multicast addresses cannot be used as source addresses or as intermediate destinations
in a Routing extension header.
Beyond the first eight bits, multicast addresses include additional structure to identify
their flags, scope, and multicast group.

Anycast
An anycast address is a single address assigned to multiple nodes. A packet sent to an anycast
address is then delivered to the first available node. This is a slick way to provide both load-
balancing and automatic failover. The idea of anycast has been around for a long time; it was
proposed for inclusion in IPv4 but it never happened.
Several of the DNS root servers use a router-based anycast implementation, which is really a
shared unicast addressing scheme. (While there are only thirteen authoritative root server
names, the total number of actual servers is considerably larger, and they are spread all over
the globe.) The same IP address is assigned to multiple interfaces, and then multiple routing
tables entries are needed to move everything along.
IPv6 anycast addresses contain fields that identify them as anycast, so all you need to do is
configure your network interfaces appropriately. The IPv6 protocol itself takes care of getting
the packets to their final destinations. It's a lot simpler to administer than shared unicast
addressing.
Anycast addresses can be considered a conceptual cross between unicast and
multicast addressing.
Unicast send to this one address
Multicast send to every member of this group
Anycast send to any one member of this group
In choosing which member to send to, for efficiency reasons normally send to the
closest one - closest in routing terms.
So, anycast mean send to the closest member of this group.
The network itself plays the key role in anycast by routing the packet to the nearest
destination by measuring network distance.
Anycast addresses use aggregatable global unicast addresses.
They can also use site-local or link-local addresses.
Note that it is impossible to distinguish an anycast address from a unicast address.
IPv6 configuration
You can configure the following for the IPv6 protocol:
IPv6 address
Default router
DNS server
IPv6 address
By default, link-local addresses are automatically configured for each interface on each IPv6
node (host or router) with a unique link-local IPv6 address. If you want to communicate with
IPv6 nodes that are not on attached links, the host must have additional site-local or global
unicast addresses. Additional addresses for hosts are either obtained from router
advertisements sent by a router or assigned manually. Additional addresses for routers must
be assigned manually.
For more information, see Unicast IPv6 addresses, Configure IPv6 with manual addresses,
and IPv6 address autoconfiguration.
Default router
To communicate with IPv6 nodes on other network segments, IPv6 must use a default router.
A default router is automatically assigned based on the receipt of a router advertisement.
Alternately, you can add a default route to the IPv6 routing table. You do not need to
configure a default router for a network that consists of a single network segment.
For more information, see IPv6 address autoconfiguration and Add an IPv6 route.
DNS server
You can use a Domain Name System (DNS) server to resolve host names to IPv6 addresses.
When an IPv6 host is configured with the address of a DNS server, the host sends DNS name
queries to the server for resolution. AAAA (quad-A) resource records, which are stored on
your DNS servers, enable mapping from a host name to its IPv6 address.
To enable DNS name resolution, configure an IPv6 router with forwarding enabled and a
global prefix that is advertised to clients. You can do this by using the netsh interface ipv6
add route and netsh interface ipv6 set interface commands. For more information, see Add
an IPv6 route and Enable IPv6 forwarding.
By default, DNS is configured to allow DNS dynamic updates. You can either leave dynamic
update enabled when you use IPv6 with DNS, or you can manually add DNS records for IPv6
clients.

IPv6 Security
Based upon IPv4 experiences the new protocol incorporates a number of elements that
address known security problems.
Support for some IPsec features:
Authentication headers
Encryption headers
These can be used to implement specific security policies. Separate implementation
allows for a degree of flexibility when implementing a particular policy.
Authentication header

Big number of possible IPs complicates the task of discovery of operating systems and
services using host and port scanning
Default network size is 2
64
IPs very difficult to cover it by packet probes
Weaknesses:
Usually main systems get assigned easy to remember addresses
DNS servers keep system data
IPv6 neighbor-discovery data
Special multicast addresses for various types of network recourses (routers, DHCP
servers etc.)
One Interface may simultaneously have various addresses
Link local , site local, global unicast
The administrator may enable global unicast addresses only for devices that must
access the internet.
Extension Headers in IPv6 may be used to bypass the security policy
E.g. routing headers have to be accepted at specific devices (IPv6 endpoints)
In IPv6 some ICMP and (link-local) Multicast messages are required for the correct operation
of the protocol
The firewalls should be appropriately configured only to allow the right messages of
these types
The IPv4 ICMP security policy must be appropriately adapted for ICMPv6 messages
IPv6 QoS
QoS developments in IP networks are inspired by new types of applications:
VoIP, audio/video streaming, networked virtual environments, interactive gaming,
videoconferencing, video distribution, e-commerce, GRIDs & collaborative environments,
etc.

Quality-of-Service (QoS ) is a set of service requirements (performance guarantees) to be
met by the network while transporting a flow.

Performance guarantees are usually assessed with the next metrics:
Bandwidth
Delay
Inter-packet Delay Variation Jitter
Packet loss
Voice over IP (VOIP)

Voice over IP (Voice over Internet Protocol or "VoIP") technology converts voice calls from
analog to digital to be sent over digital data networks.
Voice over IP (voice over Internet Protocol, VoIP) is a methodology and group of
technologies for the delivery of voice communications and multimedia sessions over Internet
Protocol (IP) networks, such as the Internet. Other terms commonly associated with VoIP are IP
telephony, Internet telephony, voice over broadband (VoBB), broadband telephony, IP
communications, and broadband phone service.

VoIP is for sure gaining advantage over PSTN. It has seduced millions of people and
companies worldwide, especially in the US, with the numerous benefits it offers. Whether
you have already switched to VoIP or are still considering the option, you need to be aware of
the VoIP Cons - the different pitfalls it entails and the ISSUES attached to it. Mainly, these
are:
Voice quality
Bandwidth dependency
Power dependency
Emergency calls
Security
How does Voice over IP work?
Voice and signaling are sent using standard TCP/IP protocols over a physical link such as an
Ethernet network. This exchange of signaling and voice information takes place in both
directions at the same time with each endpoint sending and receiving information over the IP
network.
In any telephony system, two things are carried by the network: voice data and signaling
information. Voice is the sound information detected by the microphone in the telephone and
transmitted to the receiver over a communication channel. Signaling is the information
exchanged between stations participating in the call when a call is started or ended, or when
an action (for example, call transfer) is requested.
Traditionally, both voice and signaling information have been sent together through dedicated
circuit switched telephony channels (used, for example, with channel associated signaling
and ISDN). However, with VoIP, voice and signaling are sent using standard TCP/IP
protocols over a physical link such as an Ethernet network. This exchange of signaling and
voice information takes place in both directions at the same time with each endpoint sending
and receiving information over the IP network.
How is voice data sent over an IP network?
With VoIP, voice data is digitally encoded using -law or A-law Pulse Code Modulation
(PCM). The voice data can then be compressed if necessary and sent over the network in
User Datagram Protocol (UDP) packets. Standard TDM telephony sends voice data at a low
constant data rate. With VoIP, relatively small packets are sent at a constant rate. The total
overall rate of sending data is the same for each kind of telephony.
The advantage of VoIP is that one high-speed network can carry the packets for many voice
channels and possibly share with other types of data at the same time (for example, FTP,
HTTP, and data sockets). A single high-speed network is much easier to set up and maintain
than a large number of circuit switched connections (for example, T1 circuits).
The User Datagram Protocol is used to transmit voice data over a VoIP network. UDP is a
send and forget protocol with no requirement for the transmitter to retain sent packets
should there be a transmission or reception error. If the transmitter did retain sent packets, the
flow of real-time voice would be adversely affected by a request for retransmission or by the
retransmission itself; especially if there is a long path between transmitter and receiver).
The main problems with using UDP are that:
There is no guarantee that a packet may actually be delivered.
Packets can take different paths through the network and arrive out of order.
To overcome these problems, the Real-time Transport (RTP) is used with VoIP. RTP
provides a method of handling disordered and missing packets and makes the best possible
attempt to recreate the original voice data stream (comfort noise is intelligently substituted
for missing packets).
Signaling
The Signaling Invite message is used by the VoIP phone that initiates a call (the calling party)
to inform the called party that a connection is required. The called party can then accept the
call or reject the call (for example, if the called party is already busy). Other signaling
exchanges will be initiated by actions like near or far end hangup, and call transfer.
For VoIP, several signaling protocols are in general use:
Session Initiation Protocol (SIP) is a modern protocol that is becoming increasingly popular.
Media Gateway Control Protocol (MGCP) is used internally within telephone networks.
H.323 is an older VoIP protocol, the elements of which are very similar to ISDN telephony
protocols. (Unlike SIP, which uses internet based URIs for addressing.)
WebSphere Voice Response supports SIP as the only Voice over IP signaling protocol. The
WebSphere Voice Response version of SIP fully conforms to RFC 3261 which is the standard
definition for SIP in the industry.
SIP is based on URI messages which are exchanged between endpoints whenever any signaling is
required. These message exchanges are mapped by WebSphere Voice Response SIP support to
standard telephony actions within the WebSphere Voice Response product. Standard telephony
actions include:
Incoming calls
Outgoing calls
Near end hangup
Far end hangup
Transfers (several types are supported including blind and attended)
SIP signaling messages can use either TCP (a reliable, guaranteed message exchange) or UDP (a non-
guaranteed datagram protocol).
SIP is becoming established as the industry standard for multi-media session control over IP
networks and is defined in the IETF standard RFC 3261 Session Initiation Protocol. The
following diagram shows the exchanges which take place between two SIP endpoints in a
simple two-way call with far-end hang-up.
Figure 1. A simple two-way call using SIP



VOIP components
There are three main components of a VoIP network: user agents,
gateways, and proxy servers.
User Agent
In a VoIP network, any device that can make or receive telephone calls is called a User Agent
(UA). Each User Agent contains a User Agent Server (UAS) responsible for handling requests
from another endpoint, (for example, inbound calls) and a User Agent Client (UAC) which
generates requests, (for example, outbound calls) for other endpoints. Examples of User
Agent Clients and User Agent Servers are:
A SIP hard phone.
A SIP soft phone.
WebSphere Voice Response (which simulates a number of phones) for incoming or
outgoing calls.
Gateways
A gateway is a device which acts as a bridge between VoIP and the PSTN network. A gateway
can take an incoming call from a T1 interface and convert the signaling into SIP message
exchanges, and convert the voice from TDM into RTP packets.
Proxy servers
In a SIP system, a proxy server (used with a registrar and a location server), can provide the
following services:
Call Routing including URI translation.
Registration.
Access (authentication) to a SIP network.
A Proxy server is the means by which calls are routed within a SIP VoIP network. For
example, a telephony gateway might be configured to send all incoming calls to the SIP
proxy server which will then route the calls to specific endpoints (this can include load
balancing or skills-based routing).