IPV4 And The Need For IPV6 Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

During the years between the end of the second millennium and the beginning of the third one, there has been exponential development in the field of computer networks like ATM, virtual LANs, gigabit Ethernet. The organization of the internet and the intranets will have a strong evolution due to the adoption of the new IPv6 protocols.

IPv6 is the new version of the IP protocol on which the internet and many intranets are based. The efforts to develop a successor to IPv6 (internet protocol version 6) was started as early as 1990 by the team IETF, it is known as Internet Engineering Task Force. The main concern was the addressing space depletion .In the mid of 1993 internet engineering task force started there investigation on IPng and other protocol .And the main part was completed within 1996 with the publication of Requests For Comments (RFCs), standards that exactly defines IPv6. During the standardization phase, this new protocol is also known as IPng (IP new generation). It was developed to meet the rising demand for IP address and will replace (IPv4) internet protocol version 4, today's dominant internet protocol. In addition to almost limitless IP address. IPv6 offers remarkably capability in the areas of addressing and routing, network address translation, security, support of mobile devices and multitasking.

Need for IPv6

As internet and computer networking has expanded and grown, the number of available address has become so limited. At this rate all address will be used up and there will be a time, when it will not be possible to set up access to the web, ISP accounts, and web servers. Etc. It also will affect the quality of QoS support, internet security and a limited selection of media types.

The astonishing growth of the internet and its lack of an IP address allocation structure have forced routers to maintain large routing tables. As a result of having to maintain thousands of different routers, network congestions grow and effective data routing is impaired. That is backbone route table become strained and slow down the packet forwarding rate. In such a case, the organization may be forced to create a private address space that is not visible to the internet. To do this Network Address Translation (NAT) is commonly used to manage connectivity to the outside world. Use of Network Address Translation (NAT) has been used to conserve the IP address, but its limitation has intensified the need for an different approach to the internet addressing problem. lack of IP security was a biggest threat when data are transmitted over unknown network. [12]

What is wrong with IPv4?

Most discussions about IPv6 focus on a laundry list of problems with IPv4 and benefits of IPv6 that should motivate everyone to demand IPv6 support from all vendors. The main limitations of IPv4 are as follows,

Exhaustion of Address space

This is the biggest problem of IPv4 is its address are getting exhausted. Limitation of address spaced forced organizations to use network address translation, which share one public IP address to several private IP addresses

Flat routing infrastructure

Summarised, hierarchical routing where not allowed because of the IPv4 network id. Instead each address where assign separately. Which have lead to more than 80000 routers in the routing table of internet backbone router. IPv4 is a mixture of flat and hierarchical routing

Simpler configuration

Configuration of IPv4 must be either manually or by dynamic host configuration protocol (DHCP). There was a need for more simple and an automatic configuration of address.

Security

There was no build in security in IPv4. This made it vulnerable. Though there is a security standard for IPv4, it was optional and proprietary security solutions are prevalent.

Quality-of-service

Standards for quality of service exist in IPv4, it relies on type-of-service(TOS) field, which was not supported by all devices in the network and identification of payload must be done using a upper layer protocol identifier such as UDP or TCP ports, these where not possible when IPv4 packet is encrypted.

Mobility

though IPv4 have specifications for mobility , it was not that efficient. Mobility is a key foe internet connected devices.

IPv6 addressing

The main feature of IPv6 is addressing space. With 128 bits, 2128 number of address is available, approximately 1038 to be more exact 340.282.366.920.938.463.463.374.607.431.768.211.456 address. It is really huge.

Addressing

Addressing in IPv4 are 32 bit long. And represent by 4 octets which separated by dots each octet is 8 bit long.. IPv4 and IPv6 address are similar in that they use network and host portion sub netting and CIDR notation to express the address. IPv6 utilizes much more address space and provides a much different policy for allocation of address to support aggregation.

Using binary system of base 8 as in IPv4 would create really long IP address. The decimal form of IPv6 will look like ,

12738.334.35252.5252.52525.8142.53325.74311

To make thing simple IPv6 use hexadecimal format it is base 16.

As a result it was decided that IPv6 address would be expressed in hexadecimal format, which is base 16, it uses numerals 0-9 and few characters (a-f), also used as well.IPV6 address is represented as a sequence of 8 , 16 bit-values and each are separated by colons.[13]

Types of IPv6 addresses

There are basically three types of IPv6 address, they are

Unicast

Multicast

anycast

Unicast

A Unicast address is a single interface. The packet is sent only to the address specified. It is like one-to-one communication.

Types of unicast IPv6 address:

global unicast addresses

Link-local address

Site-local address

Loopback address

Unspecified address

Compatibility address

NSAP address

Multicast

Multicast address is a set of interfaces that belong to different nodes. A packet send to a multicast address is delivered to all interfaces in the set. It is one to many

Anycast

Anycast address to a set of interfaces belonging to different nodes. A packet sent to an anycast address is delivered to only one interface of the set which is nearest.

Structure of an IPv6 packet

An IPv6 packet can be divided into three parts they are

IPv6 header

This is a mandatory part in an IPv6 packet. it is fixed length of 40 bytes.

extension header

Extension header is used to extend the functionality of the protocol. Extension headers are identified by the next header field .for every extension header, there is another next header field showing the next extension header. Extension header and IPv6 header replaces IPv4 header and its option. Any number of extensions can be used.

Upper-layer protocol data unit.

Upper layer protocol data unit is a combination of upper layer protocol header and payload. These three together form a IPv6 packet.

IPv6 header

Version

This field indicates the version of the protocol. Size of the field is 4 bits and is set to 6. The identification is done by a protocol identification file in link-layer.

Traffic class

This field is also called as the priority field. Size of the traffic class filed is 8 bits. This filed is similar to that of type of service field in IPv4. Here the data's can be made prioritized and special handling of data is done.

Flow label

Size of the flow label field is 20 bits. It is used in identifying packets that belong to the unique flow. Host labels the packets with sequence of label. Flow label and address of the source uniquely identify the flow. Packets belong to the same stream have the same destination and source address.[9][10]

Payload length

Size of the payload length field is 20 bits. Payload length specifies the length in octets of the data carried after IPv6 header.

Next header

Size of the next header is 8 bits. Next header field indicates the protocol that is used in header immediately following the IPv6 packet. It may indicate higher layer protocol or the existence of an extension header.

Hop limit

It indicates the maximum number of hops the packet can traverse. Each time a node forwards the packet decrease the bit field by one. When it value reaches zero. The packet is been discarded. Size of hop limit field is 8 bit.

Source address

It indicates the IPv6 address of the node from which the packet originated. Size of source address field is 128 bit.

Destination address

Destination address indicates the IPv6 address of the intended recipient. Size of destination field is 128 bit.[9][10]

Extension header

In internet protocol version 4 header contain all the option. Even thought it was not used by the data. This cause performance degradation and slowed the overall processing. IPv6 had a solution for this problem. it handles options additional header and it is called as extension header. only the needed headers are added to the packet. Simpler the packet faster the processing happens. This helped in improving performance and processing speed. Basic IPv6 header has no extension header. Extension headers size should be in multiple of 8 bytes, padding is used to make sure it is exact multiple of 8. Extension headers are placed in-between IPv6 header and upper-layer protocol header. There can be zero or any number of extension headers according to the need. Extension header are must strictly process in the order in which they appear in the packet header.[9][11]

There are six different type of extension header they are:

Hop-by-hop optional header

Routing header

Fragment header

Destination optional header

Authentication header

Encapsulation security payload header[9][11]

Hop-by-hop optional header:

Hop-by-hop optional header is the only extension header that is processed by every node along the path of the packet. It must be the first header and it is identified by a next header value of 0. when there is no hop-to-hop optional header , the router routes the packet directly to the destination address. Structure of hop-by-hop optional header is shown below. It contains next header, next header extension length and optional.

Hop-by-hop optional header

Next header

Size of the header is 1 byte. It indicates the type of the header that immediately follows the hop-to-hop option header

Header extension length

Size of this header is 1 byte. It indicates the length of hop by hop option header in 8 bytes, where the first eight byte are not included. The value of this field is zero.

Option

There can be one or more options. The length of the option is variable. The two higher order bits specify what action to be taken

00 -- skip the option and continue

01 - Packet discard

10 - Packet is discarded and sends ICMPv6 parameter problem to sender if the destination address is a multicast or unicast

11 -- Packet is discarded and sends ICMPv6 parameter problem to sender if the destination address in not a multicast address

Jumbo payload option

It indicates the sending of IPv6 jumbograms. It allows for larger packets to be send

Router alert option

Option type indicates to the router that the content of the packet need additional processing. The option is used mainly for resource reservation protocol and multicast listener discovery.[9][11]

Routing header

Routing header is used to give list of intermediate destination for packets path to its destination. Router header is identified by the value in the preceding headers next header field. Structure of routing header is shown below.

Figure : Routing header

Next header

Size of the header is 1 byte. It indicates the type of the header that immediately follows the routing header

Header extension length

Size of this header is 1 byte. It indicates the length of hop by hop option header in 8 bytes, where the first eight byte are not included. The value of this field is zero.

Routing type

It is a one byte size field, which specifies the type of routing header.

Segment left

It indicates how many more intermediate destinations are still to be visited.[9][11]

Fragment header

This header is used for fragmentation and reassembly. Structure of fragment header is shown below,

Figure : Fragment header

Next header

Size of the header is 1 byte. It indicates the type of the header that immediately follows the fragment header

Reserved

Not used so set to zero, size of the field is 1 byte

Fragment offset

It is defined for 8 byte fragment blocks. It indicates the start of the data in the original packet.

Reserved

Not used so set to zero, size of this field is 2 bits

M-flag

Size of the field is 1 bit. If the value is zero it means that's the last fragment, if it is one there are more fragment.

Identification

Size of this filed is 4 bytes. It is implemented as a counter , its value increases by one for every packet required to be fragmented the source host, source host can only fragment a packet.[9][11]

Destination option header

This field is used in identification of packet delivery parameters for final destination or for intermediate destination. A next header value of 60 specifies this header. It can be used when inserted before routing header and when inserted before upper-layer protocol address. Structure of destination option header is shown below

Figure : Destinations options header

Next header

Size of the header is 1 byte. It indicates the type of the header that immediately follows the destination options header

Header extension length

Size of this header is 1 byte. It indicates the length of hop by hop option header in 8 bytes, where the first eight byte are not included.

Options

There can be one or more options available. The length of the option is determined by the header extension length field and it is variable.[9][11]

Authentication header and encapsulating protocol are seen in detail in previous chapter

Internet control message protocol (ICMPv6)

IPv6 uses ICMPv6 messages to report error situations during IPv6 packet processing or to ask response from a node regarding some information. It is a transport layer control protocol. it message are identified by the value 58 in the next header field. ICMPv6 simplifies the communication process by removing unneeded messages

The functions of ICMPv6 are:

Error Reporting in packet processing

Diagnostics

Neighbor Discovery process

Multicast Membership Reporting.[9][11]

There are basically two types of messages in ICMPv6 they are

Error message

It reports errors in the delivery or forwarding of internet protocol version 6 packets by the intermediate router or to the destination node. Error message are set to zero in the high-order bit of the 8-bit type field. Error message types are in range of 0 through 127.

Types of error message are as follows

Destination unreachable

Packet too big

Time exceeded

Parameter problem[9][11]

Information message

It reports additional host functionality and diagnostic. Information message are set to one in the high-order bit of the 8-bit type field. Information messages types are in range of 128 through 255.

Types of error message are as follows

Echo request

Echo reply[9][11]

Structure of ICMPv6 header:

Figure: ICMPv6 structure

Type

Size of the type field is 1 byte. It specifies the type of message

Code

Size of the code field is 1 byte. It depends on message type and adds more information

Checksum

Size of the checksum field is 2 bytes. It identifies data corruption in the ICMPv6 message

Message body

According to the code and type, message body will have different data in it. Size of message body is variable.[9][11]

Neighbour discovery

Neighbour discovery is a set of process and messages to discover each others presence and to determine relationship about the active neighbours. Neighbour discovery replaces internet control message protocol, address resolution protocol and the ICMP redirect message.

There are five types of ICMPv6 messages used in neighbour discovery they are as follows

Router solicitation

Router advertisement

Neighbour solicitation

Neighbour advertisement

Redirect[9][10]

Router solicitation

When a interface becomes enabled router solicitation is send by IPv6 host to discover the presence of IPv6 on the link. That request router to respond immediately rather than at their next scheduled time.

Router advertisement

Router sends the router advertisement in response to a router solicitation message. It contains prefixes that are used for on-link determination and address auto configuration.

Neighbour solicitation

Neighbour solicitation message is sent by IPv6 host to determine the link layer address of a neighbour and also to find the reach ability .it is also used for duplication address detection.

Neighbour advertisement

Neighbour advertisement is a response to a neighbour solicitation message. Unsolicited neighbour advertisement is sent to announce a change in link layer address

Redirect

Used by IPv6 router to inform host of a better first-hop address for a specific destination.[9][10]

Security in IPv6

Security is one of the main features in IPv6. Basically IP Packers have no security in build. This makes IP packets easy to tamper, modify the content, replay old packets, and change addresses and to copy the information in the IP packet in transit. To make it secure additional components where add to protocol. Internet engineering task force created IPSec. IPSec is a method of protecting IP datagram's. Protection takes form of data origin authentication, data content confidentiality and connectionless data integrity. IPSec provides a robust, standard, extensible mechanism in which to provide protection to IP and upper layer in the protocol. Addition of IPSec has made IPv6 to have a secure communication. IPSec is explained in detail in previous chapter. In this section will see the possible treats in an IP networking environment and its solution in IPv6.

IPv6 networking information gathering

A hacker begins his attack by first scanning the host, network and service reconnaissance. It is done by scanning methods like stealth scanning. In IPv6 architecture provides protection against this kind of scan, as it uses identification.

Number of issues can make scanning process simpler and make the valuable system vulnerable:

Predictable addressing scheme

It is important than system administrator uses specific, Predictable numbering for vital systems. Administrator should have an extra care while selecting numbering for important systems to solve the problem.

Reducing the number of address by exploiting the structure of EUI-64 addresses

In IPv6 addressing the last 64 bits are based on EUI-64 algorithms as described in RFC 3513 from IEEE 802 48 bit MAC address. Padding contains hexadecimal values 0xFE and 0xFF that reduce the problem space. If an attacker finds the vendor of the IEEE 802 network card as the address are constructed from 24 bit vendor id and 24 bit supplier id for uniqueness. This will make attacker to scan the network easily

Inappropriate filtering of incoming scanning messages

It is important to participate in ICMPv6 messages to be allowed in the secure network for IPv6 to operate properly.

Inappropriate filtering of multicast messages

Few IPv6 multicast address are used to reach group devices of same kind e.g. all routers. If an attacker accesses these addresses could gain access to the devices and perform attacks on them. This can be avoided by careful border filtering.

Other forms of finding potential targets

Attacker can be find out by using potential targets like honeypot. An attacker can be found from the log files. It is better to have proper filtering set up at the end site the attacker will not get access to the potential targets. And filtering of unneeded services at the networks access point will reduce treats.

Unauthorised access in IPv6

IPv6 uses policy which authorizes access accordingly. If unknown packet is found it is been dropped. Port based authentication mechanisms will prevent unauthorised access below the network layer e.g. 802.1x.

Spoofing in IPv6 network

Spoofing address causes various denials of service attacks. It is one of the serious issues service providers and internet community. Using ingress filter can sort this issue

Subverting host initialisation in IPv6 network

Hosts neighbouring in IPv6 can be attacked in a similar way to ARP in ipv4.attacker may send a false neighbouring advertisement, sending fake router advertisement. Such attacks can be prevented by using secure neighbour discovery (SEND).

Broadcast amplification in IPv6 network

There where several broadcast address against IPv4. Famous one is smurf attacker. This is avoided as IPv6 does not use broadcast addressing.

Attacks again IPv6 routing

IP attackers' purpose is to corrupt routing information in order to cause denial of service attacks. This can be prevented by using IPSec, SSH authentication, infrastructure protection.

Capturing data in transit in IPv6

Capturing unsecure data in IPv6 environment is similar to that of sniffing in IPv4. IPSec in IPv6 protect against this kind threats.

Denial of service attacks

Flooding attacks can be prevented by using powerful denial-of-service detection tools.

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.