Anycast• Communicate with “any” one of a set of nodes• Can do this with DNS$ dig www.google.com...;; ANSWER SECTION:www.google.com. 604799 IN CNAME www.l.google.com.www.l.google.com. 300 IN A 74.125.19.103www.l.google.com. 300 IN A 74.125.19.104www.l.google.com. 300 IN A 74.125.19.147www.l.google.com. 300 IN A 74.125.19.99Anycast at IP layer• DNS allows anycast through name → addressmappings• Sometimes we need it at layer 3 itself- Single IP address refers to multiple hosts- Need to talk to any one of them• Example: DNS root servers- Would like to scale number of root servers with Internet- Can’t use DNS (remember root servers hard-coded)- Want to query closest root serverAnycast in Forwarding Tablse• Remember, forwarding is longest-prefix-match• An anycast address is a /32 address• A single router may have multiple entries for theaddress• Anycast best used in services where separatepackets might go to different destinationsThe Cost• A /32 routing entry!• Multiple /32 routing entries!Further Advantages• Geographic scoping• Distributed Denial of Service (DDoS)- Load from DDoS is distributed across many anycast nodes• F root server (192.5.5.241) now in 46 locations!Try the following:dig +norec @f.root-servers.net hostname.bind chaos txtI think we have a problem- Projected use of /8 blocks- From “A Pragmatic Report on IPv4 AddressSpace Consumption,” Tony Main, Cisco Sys-tems.IPv6• Work started in 1994• Basic protocol published in 1998 [RFC 2460]• Brief lull, the progress in 2003-6• Hard push within IETF today for adoptionIPv6 Key Features• 128 bit addresses- Autoconfiguration• Simplifies basic packet format through extensionheaders- 40 byte “base” header- Make uncommonly used fields optionalIPv6 Addresses [RFC 4291]| n bits | 128-n bits |+-------------------------------+---------------------------------+| subnet prefix | interface ID |+-------------------------------+---------------------------------+• Written as 8, ‘:’-separated 16-bit hex numbers- Example: 2001:470:806d:1:0:0:0:9- Can omit a single run of 0s with “::”- Use brackets in URLs: http://[2001:470:806d:1::9]:80/- Can write low 32-bits like IPv4: 64:ff9b::171.66.3.9• Like IPv4, specify subnet prefix with ’/’- E.g., 2001:db8:122:344::/64• Most IPv6 networks use 64-bit subnet prefix, andend users should receive multiple /64s [RFC 6177]IPv6 address allocation• Normal global unicast addresses start 2000::/3- IANA doles out unicast prefixes to RIRs• A few other special prefixes are assigned- :: (all 0s) is unspecified address, ::1 is localhost- Rest of 0::/8 used for IPv4 compatibility- fc00::/7 used for local addresses [RFC 4193] (kind of likeIPv4 addresses 10/8, 172.16/20, 192.168/16 [RFC 1918])- fe80::/10 used for link-local addresses- ff00::/8 used for multicast• Over 85% of address space reserved- In the unlikely event we exhaust 2000::/8, can be moreparsimonious with some other sliceIPv6 multicast addresses| 8 | 4 | 4 | 112 bits |+------ -+----+----+---------------------------------------------+|11111111|0RPT|scop| group ID |+--------+----+----+---------------------------------------------+- T: 1 = transient, 0 = group ID assigned by IANA- P: 1 = address embeds global IPv6 prefix (T must also be 1)- R: 1 = (requires T = P = 1) encodes rendezvous point• Scope 1 = interface-local, 2 = link-local, . . .• Some groups assigned by IANA:- ff02::1 = all nodes, ff02::2 = routers, ff02::1:2 = DHCP- ff02::1:ffxx:yyyy - nodes w. unicast address . . . xx:yyyy• Send to Ethernet address 33:33:low-4-bytes-of-IPDeriving interface IDs from Ethernet addrs• A 48-bit Ethernet MAC address looks like this:+----------------+----------------+----------------+|cccccc0gcccccccc|ccccccccmmmmmmmm|mmmmmmmmmmmmmmmm|+----------------+----------------+----------------+- c is manufacturer’s organizationally unique identifier- 0 identifies this as a globally unique address- g is 0 for unicast MAC addresses- m are address bits assigned by manufacturer• Convert MAC addr to 64-bit interface ID byflipping 0, sticking hex fffe in middle [RFC 4291]:+----------------+----------------+----------------+----------------+|cccccc1gcccccccc|cccccccc11111111|11111110mmmmmmmm|mmmmmmmmmmmmmmmm|+----------------+----------------+----------------+----------------+Interface IDs in IPv6 addresses• 64-bit subnets allow use of derived interface IDs- Using Ethernet address reduces the need for DHCP- Manually assigned addresses (with global bit 0) won’tconflict with ones derived from Ethernet addresses- E.g., use interface ID 1 for default router, won’t conflictwith any derived interface IDs• Link-local subnet fe80::/64 is important- Means you are guaranteed an address on every interface- Look on your machine. . . ifconfig will show IPv6 address- But can’t route to fe80::/64 without knowing interfaceIPv6 API [RFC 3493]struct sockaddr_in6 {sa_family_t sin6_family; /* AF_INET6 */in_port_t sin6_port; /* transport layer port # */uint32_t sin6_flowinfo; /* IPv6 flow information */struct in6_addr sin6_addr; /* IPv6 address */uint32_t sin6_scope_id; /* set of interfaces for a scope */};• sin6 scope id specifies interface- New library calls if nametoindex, etc., to get values• In address conversion, specify interface w. ‘%’- E.g., ping6 fe80::230:48ff:fe8e:d7a0%eth0IPv6 Header [RFC 2460]Ver Class FlowLength Next Hdr. Hop limitSource(16 octets, 128 bits)Destination(16 octets, 128 bits)IPv6 Header Fields• Version, 4 bits: 6 for IPv6• Class: 8 bits: like TOS in IPv4• Flow, 20 bits: identifies a flow [RFC 6437], but notreally used yet• Length, 16 bits: datagram length• Next header, 8 bits: more later• Hop limit, 8 bits: like TTL in IPv4- Certain packets (e.g., redirect) must have Hop limit 255- Ensures will be ignored if not from local net• Addresses: 128 bits eachAutoconfiguration [RFC 4862]• radvd advertises prefixes with ICMP [RFC 4861]- Program run by one or more routers on link- Lets clients be configured without running DHCP- But ICMP message also has bit to say DHCPv6 available• ICMP contains prefixes + per-prefix info:• Valid lifetime and preferred lifetime- Longer valid than preferred lets address become deprecated• Autonomous config bit- 1 means receiving kernel immediately assigns addressbased on prefix and derived interface ID• On-link bit – says whole prefix reachable on linkPrefixes vs. links• In IPv4, address/prefix says what’s on link-
View Full Document