INTERNET PROTOCOL
Contents
The Transition from IP V4 to IP V6 2
Dual Stack Routers 2
Tunnelling 2
NAT Protocol Translation 3
The Limitations of IP V4 4
Scarcity of IP V4 Addresses 4
Security Related Issues 4
Address Configuration Related Issues 4
Quality of Service (QoS) 4
The Benefits of IP V6 5
More Efficient Routing 5
More Efficient Packet Processing 5
Directed Data Flows 5
Simplified Network Configuration 5
Support for New Services 5
Security 6
Fields & Functions of the IP V6 Header 7
Fixed Header 7
Extension Headers 8
Comparison Between IP V4 & IP V6 9
The Transition from IP V4 to IP V6
IP V6 was launched on June 6, 2012, in conjunction with many large companies and organisations when they held World IP V6 Launch Day, which was
…show more content…
The design of IP V4 did not anticipate the growth of internet and created many issues, which proved that IP V4 needed to be changed. Below are some of the limitations of IP V4:
Scarcity of IP V4 Addresses
IP V4 uses a 32-bit address space, and is classified to usable Class A, B, & C. 32-bit address space only allowed for 4,294,967,296 IP V4 addresses, but the IP V4 allocation practices limit the number of available public IP V4 addresses.
Security Related Issues
IP V4 was published in 1981, and the current network security threats were not anticipated at that time. Internet Protocol Security (IPSec) is a protocol which enables network security by protecting the data being unwantedly sent from being modified or viewed. IPSec is not a built-in feature in IP V4, and is rather a optional feature.
Address Configuration Related Issues
The internet and networks are expanding as many new computers and devices are being used. The configuration of both static and dynamic IP addresses should be simpler.
Quality of Service
…show more content…
Comparison Between IP V4 & IP V6
IP V4 IP V6
Addressed are 32-bit in length Addressed are 128-bit in length
Binary numbers represented in decimal Binary numbers represented in hexadecimals
IPSec support optional IPSec support built-in
No packet flow identification Packet flow identification is available within the IP V6 header using the Flow Label field
Fragmentation is done by sender and forwarding routers Fragmentation is only done by sender
Checksum field is available in IP V4 header Checksum not in IP V6 header
ARP is available to map IP V4 addresses to MAC Addresses ARP is replaced with a function of NDP
IGMP is used to manage multicast group membership IGMP is replaced with MLD messages
Broadcast messages are available Broadcast messages are not available, instead a link-local scope multicast IP V6 address is used for broadcast similar functionality
Manual configuration if IP V4 or DHCP is required to configure IP V4 adresses Auto configuration of addresses is available
Bibliography
Name Date Visited URL
Tutorials Point 18/07/2017 https://www.tutorialspoint.com/ipv6/ipv6_ipv4_to_ipv6.htm
Wikipedia 18/07/2017 https://en.wikipedia.org/wiki/IPv6_deployment
Certiology 18/07/2017
Ans: Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables a server to automatically assign an IP address to a computer from a defined range of numbers configured for a given network.
Primary function of IP protocol = identify individual hosts and groups of hosts using the address
The Dynamic Host Control Protocol automatically assigns IP addresses to hosts on a network as they request them. DHCP packets also include information like DNS server addresses, domain names, and default gateways.
IPv6 uses a128-bit address size compared with the 32-bit system used in IPv4 and will
pieces. The data packet is sent to a gateway computer which either recognizes the address
Each of the values are used to determine the difference between a data and context packets, as well as the packet count, the packet size, identifying bits that determine the presence of header features. Figure 4 is a template for the data packet.
Protocol capture tools and protocol analyzers are important tools for an information systems security professional. These utilities can be used to troubleshoot issues on the network. They can verify adherence to corporate policies, such as whether or not clear text privacy data is being sent on the network. They can be used to test security countermeasures and firewall deployments and are needed to perform audits, security assessments, network baseline definitions, and identification of rogue IP devices.
IPv6 uses NDP (Neighbor Discovery Protocol) to find the MAC address. NDP manages interaction between nodes via message exchanges. These messages provide the data necessary for the processes of host auto configuration and packet transmission on a local link. Host auto configuration involves separate tasks of Parameter discovery, address auto configuration and duplicate address detection. Packet discovery is facilitated through router discovery process. It obtains the necessary parameters required for host configuration. Duplicate address detection is used to detect the presence of duplicate addresses on the same link. Packet transmission process requires data which can be obtained by router discovery, prefix discovery, address resolution, neighbor
The Internet Protocol (IP) has some vulnerability that can be exploited to transfer information along the network by being anonymous. Some attempts have been made using IPv4 but now since IPv6 is the new mode of network the challenge is to design it to fit the new trend.
To outface this problem Network Address Translation (NAT) method is used. This enables devices with private addresses to be connected to a public network address (e.g. Internet). This private address is converted to legal IP address, through NAT routers before traveling 11 “outside”. (See figure 4). Every device that is connected to the network has a unique IP address but this doesn’t mean that is permanent. Because devices connected to the network,
IPv6 is not a solution for security, however, in light of the fact that few security issues
Compare the packet’s destination IP address to the routing table, and find the route that matches the destination address. This route identifies the outgoing interfaces of the router, and possibly the next-hop router.
The reason why the address is longer in v6 is because it can support over 340 undecillion IP addresses. Mainly because the IPv6 has potential to have problems just like the IPv4 address problems. Also, the IPv6 has been broken down into geographical locations, meaning that the address can be tracked to a specific location in the world. The downfall in this part, in my opinion, in a hacker’s point of view, is that you can breakdown a specific location where you would want to attack, if you know the geographic location of the hexadecimal in the address. What I mean is that you can know the country code in the IPv6 address and focus your attack in that specific location. Having a random order of the v6 address would make it more reliable and more secure but also would allow disorder, not knowing where specific address might be located.
More sooner than later the internet will transition to IPv6 rather than the current IPv4 standard; this is partially due to very few IPv4 network address available (Haugh, 2012). Many large companies are already using the IPv6 internet protocol and using it now will prevent having to reengineer the network at a later timeframe (Wong, 2011). Even though the local ISP may require IPv4, in the short term, that can be overcome by using IPv4 and IPv6 dual stack tunneling (Beverly, 2015). This allows external IPv4 address conversion to IPv6 with the configuration of the internet facing network address translating (NAT) router.
Figure 1.8 code trees with the four layers are taken into account. The highest capacity of the code tree is 8R. In the code tree, two codes with SF is 4 and 8 are engaged. As a result, the capacity employed for the OVSF code tree is 3R. The remaining capacity of the code tree is 8R-3R=5R. When a new call with data rate 4R enters, code from the third layer is essential. The code tree is not capable of offering code for the new call, since both the codes equivalent to 4R capacity are obstructed. Accordingly, this is a condition where a new call capacity to manage it. This is known as code (call) blocking and can be circumvented with the help of efficient assignment and reassignment