IPv6Q 현배경 > 인터넷의급속한성장 -> IP 주소의고갈 개인휴대통신장치의보급 network TV, VOD 단말기등의인터넷연결 가정용품제어장치의인터넷연결 > 새로운 IP 로의이행문제 IPv4 호스트와의호환성문제를고려하여야합 ~ IPv4 의취약점보완 QoS 지원 인증

IPv6 개요 서울대학교전산과학과 정보통신연구실! 득즈 CJ M" L.!... @SNUINCLab 내용 Þ> IPv6 으 출현배경, 발전과정및특징 Þ> IPv6 헤더형식및옵션 Þ> IPv6 으 I Address 구조 Þ> Advanced Routing þ> QoS þ> IPv6 로의전이방법 þ> Auto Configuration þ> Security > 결론 2 @SNUINCLab -99-

IPv6Q 현배경 > 인터넷의급속한성장 -> IP 주소의고갈 개인휴대통신장치의보급 network TV, VOD 단말기등의인터넷연결 가정용품제어장치의인터넷연결 > 새로운 IP 로의이행문제 IPv4 호스트와의호환성문제를고려하여야합 ~ IPv4 의취약점보완 QoS 지원 인증및보안 3 @SNUINCLab IPv6 전과정 CNAT Simple CLNP Nimrod 1992. Winter 1992. Dec:.-. - SIP PIP TP/IX 1992.. I TUBA Spring IPAE 1993. Fall SIP SIPP CATNIP 4 @SNUINCLab - 100-

IPv6 으 주요징 ~ 128 bit로주소공간을확대 > 허 더형식의단순화 > 옵션의개선 ~ QoS 지원 > 인증과보안기능 5 @SNUINCLab IPv6 허 더형식 Flow Label Payload Length Hop Limit Source Address Destination Address 6 @SNUINCLab -101-

IPv6 옵션 > 특징 옵션의위치순서가정해져있으므로각라우터는모든옵션율검사할필요가없음 임의길이의옵션사용가능 > 옵션의나열순서 Hop-by-Hop Option Destination Option 1 Routing Fragment Authentication Encapsulating Security Payload Destination Option 2 7 @SNUINCLab IPv6 주소 Allocation Prefix Fraction of Address Space NSAPAII ation 0000001 1/128 IPX Allocation 0000010 1/128 Provider-Based Unicast Address 010 1/8 Neutral Interconnect Based Unicast Address 100 1/8 Link Local Use Address 1111111010 1/1024 Site Local Use Address 1111111011 1/1024 Multicast Address 11111111 1/256 8 @SNUINCLab - 102-

IPv6 주소 ~ Provider 8ased Unicast Address 010 Registry Provider Subscribe Subnet 10 Interface I 10 10 r 10 10 ~ Link Local Use Address 1111111010 0 Interface 10 ~ Site Local Use Address 1111111011 1 0 Subnet 10 1 Inte 야 :ace 10 ~ Anycast Address Unicast 주소공간으로부터할당받음 9 @SNUINCLab IPv6 주소 ~ IPv4-compatible IPv6 address 0(80 bits) o (16bits) I IPv4 address ~ IPv4-mapped IPv6 address 0(80 bits) FFFF IPv4 address ~ Multicast address 11111111 OOOT SCOP Group 10 10 @SNUINCLab -103-

GSE ~ Mike 0 Dell 이제안한새로운 Addressing 님 } 닙내 C> t::::::i ~ Global, Site and End-System Designator > 형식 Routing Goop (6+ bytes) STP End System Designator (8 bytes) Routing Goop: 호스트의위치정보담음. Routing 시 동적으로변함 STP: Subnet Address와동일 ESD: Globally Unique 11 @SNUINCLab GSE > 늑징 주소의라무팅율위한기능과호스트식별기능을분리함 ESD 는 Globally Unique Address Rewriting by Border Routers (Routing Goop Field) Multihoming, Rehoming 용이 > 초 근 IETF 는 GSE 를부분수용하기로결정 IPv6 으 I provider-based addressing document 수정 host 식별, Site 안에서의라우팅, Public Internet 라우팅을 위한부분을확연히구분시키기로합 하우 I 8byte 는 Gloobally Unique 주소의라무팅을위한기능과호스트식별기능을분리함 DNS 변경 12 @SNUINCLab -104-

IPv6 Advanced Routin ~ IIH 킷의전송경로미리정할수있음 provider 선택가능 ~ anycast 주소사용가능 S l- ( 11 }- ( 12 }- ( 13 5-11 I I 5-12 I I 5,13 I I 5-0 12,13,0 I I 11,13,0 I I 11,12,0 I I 11,12,13 3 Left I I 2Left I I 1 Left I I 0 Left 13 @SNUINCLab IPv6 으 os 지원 ~ Flow Label 모든 flow Df 다 label 을붙임 ~ Priority 0: Uncharaceterized 1: Filler traffic (eg, netnews) 2: UnaUended data transfer (eg. email) 3: Reserved 4: AUended bulk transfer (eg. FTP, HπP) 5: Reserved 6: Interractive traffic (eg. telnet, X) 7: Internet control traffic (eg. routing protocols, SNMP) 14 @SNUINCLab -105-

IPv6 로의전이 > 기본방법 DuallP Layer IPv6 over IPv4 tunneling Þ> IPv6-over-IPv4 Tunneling IPv4 routing infrastructure 로 IPv4 Tunneling 율이용해 데이터를전송하는방법 configured tunneling Router-to-Router Host-to-Router automatic tunneling Host-to-Host Router-to-Host 15 @SNUINCLab IPv6 over IPv4 tunnelin IPv6 header payload. - P 얘IPv6 랴d 하- 민-P 랴(d 뼈header payload payload 16 @ SNUINCLab -106-

Åuto Confi!!uration ~ Auto Configuration 의필요성 호스트가이동하더라도주소의변환이자동으로일어남 Link-Iocal address 롤사용해인터넷에연결되지않은 Site 에서도 IPv6 롤통한통신가능 호스트주소의재사용성증가 ~ Auto Configuration 방법 Stateful(DHCPv6) 중앙서버가주소률관리 Stateless MulticastingOI 가능한 Site 에서사용 임시주소훌만들어 Multicast 한후충돌이없으면그주소사용 17 @SNUINCLab Securit 튜 E ~ IPv6 으 I Security IPv4 의경무와크게다르지않음 Key 교환은이미이루어져있다고가정 IPv6 Option 으로정의되어있음 ~ Authentication Header 를이용한방법 Key롤사용해 Checksum율만들어패킷에포함해전송 때킷의송신자가올바르며때킷의변조가발생하지않았음을보장 ~ ESP(Encapsulating Security Payload) Key 롤사용해패킷율 Encrypt해전송 통신울원하는수신자만이데이터를받음을보장 18 @SNUINCLab -107-

결 """"""",,,,,,,.. _.,,,,.. _~"" '" ~ IPv6 이슈 Address 의구조 Transition Mechanism Routing Auto Configuration QoS 지원 Security 19 @SNUINCLab IPv6 관련주요문서 20 "'" """" "'".".'" -...,,~. "'" S. Deering, R. Hinden, IPv6 Specification", RFC 1883, Dec. 1995. R. Hinden, S. Deering, IPv6 Addressing Architecture", RFC 1884, Dec. 1995. Matt Crawford, Allison Mankin, Thomas Narten, John W. Stewart, Lixia Zhang, IPng Analysis of the GSE Proposal', Internet Draft, draft-ierf-ipngwg-esd-analysis-oo.txt, March 1997. R. Gilligan, E. Nordmark, Transition Mechanisms for IPv6 Hosts and Routers", RFC 1933, April 1996. S. Thompson, T. Nartin, IPv6 Stateless Address Autoconfiguration", RFC 1971, Aug. 1996. R. Atkinson, Security Architecture for the Internet Protocol", RFC 1825, Aug. 1995. @SNUINCLab -108-