|
|
 |
 |
 Events
Jobs
Premium Services
Media Kit
Network Map
E-mail Offers
Vendor Solutions
Webcasts
|
|
|
[
Home | Discussion Forum | How Do I... |
Lotus Notes Intranets |
Microsoft SharePoint |
Products |
Shopping
]
This is the first in a series of articles explaining the evolution of existing networking standards to support radically increased traffic, electronic commerce and time-critical content on the webs of the future. These demands will fall on the Internet, on corporate LANs and wide-area intranets, and on virtual private networks between organizations. Among the protocols stressed by the new requirements are the Internet Protocol (IP), Domain Name System (DNS) and other directory services, and Simple Mail Transport Protocol/Post Office Protocol (SMTP/POP3). Candidates to replace these technologies are on hand. We begin this series with a look at IPv6 -- the heir apparent to today's Internet Protocol. Unfortunately, TCP/IP is breaking. The protocol suite on which the global Internet and corporate intranets are based is decades old -- a lifetime of Methuselan proportions in networking technology. In particular, the current version of the Internet Protocol, IPv4, is reaching the end of its productive life. The main reasons are: The next generation of IP, IPv6, has emerged from the lengthy international standardization process to carry TCP/IP networks and applications into the 21st century. In this overview, you learn what services an internetworking protocol provides, and how IPv6 is designed to improve on its predecessors. IP lives in end computer systems and in the routers that connect them. When an application on one end system wants to send data, it encapsulates the message in an IP protocol data unit (PDU) which traverses a path of networks connected by routers to reach its intended target. The key services provided by IP in this exchange are as follows: Today's IP handles each of these but with palpable limitations. The address field, for instance, can assume around 4 billion values. Big on the surface, this is less than the number of people on the planet and, more importantly, too small to accommodate the expected explosion in addresses per host. A single computer can already host a dozen or more web sites. Conceivably, a household might in the near future contain numerous addressable devices, such as utility meters (electric, water, gas), computer-controllable alarm systems, entertainment devices, etc. Every soda machine is a candidate for secure Internet communications. IPv4 never envisioned these uses and cannot be expected to handle them. An additional limitation of today's IP address scheme concerns the number of destinations a single packet can have. IPv4 packets have unicast addresses that can specify only one destination. As the Internet and intranets are increasingly used for mass media, it becomes desirable to transmit simultaneously to multiple addresses, called multicasting. IPv4 has limited mechanisms for designating class of service. The limitations stem from the fact that packets belonging to the same data stream (for instance, a video transmission) are handled individually, rather than as a flow. Precedence and reliability decisions are therefore made on a per-packet basis, which contributes to the low quality of streaming media such as Internet telephony. As for security features, IPv4 has none -- a remarkable state of affairs, considering it was developed by and for the Department of Defense. How IPv6 Improves These ServicesIn 1992 the Internet Engineering Task Force (IETF), aware of IPv4's limitations, issued a call for proposals for a next-generation IP (IPng). Through a winnowing process the final IPng emerged in late 1994. Table 1 shows the relevant Request for Comments.
As the RFC titles attest, the design of IPv6 pays special attention to addressing and security services. The new protocol also improves overall network performance and provides enhanced service class options. These features are discussed below. The address field in IPv6 is 128 bits. This is big -- 296 times bigger than today's IP address space [1]. Moreover, IPv6 has three modes of addressing: unicast, anycast and multicast. Unicast addresses target individual hosts. Several variants of unicast are allowed, including an IPv4-compatibility mode intended to provide a smooth migration path. Anycast addressing is a refinement of unicast that streamlines routing. Multicast allows messages to be sent to a predefined group of unicast addresses with a single multicast address.
IPv6 provides improved performance in three ways.
The other important service class innovation is IPv6's ability to distinguish two traffic types, congestion-controlled and non-congestion-controlled. Briefly, congestion-controlled traffic tolerates delays in the face of network congestion, where the other type is traffic for which smooth delivery is preferred. Isochronous content, which includes audio and video, will enjoy superior transmission quality in this mode. Finally, an impressive array of security features has been built into IPv6. You may wonder why this is necessary, given the abundance of proven application-level mechanisms like S/MIME, Privacy Enhanced Mail (PEM), S-HTTP and SSL. The answer is simple: IP-level security works for all applications, whether aware or ignorant of security concerns. IPv6 supports two security functions, authentication and privacy. The authentication mechanism ensures that a received packet was in fact transmitted by the source identified in the packet header, and not by a forger or interloper. As a corollary, authentication ensures that the message has not been tampered with in transit. Privacy, the assurance that a message can be seen only by authorized parties, is implemented by strong encryption. The details of IPv6 security are complex, still evolving, and beyond the scope of this survey. For a technical overview, see [2]. Refer to [3] for a discussion of firewalls using the new protocol. Intranetting's Year 2000 Problem"Where internet engineering people concentrate on the shining state-of-the-art technology and new capabilities of IPng, a large corporate user is concerned about the flexibility of the transition, compatibility with old systems and predictable cost of migration" [4]. IPv6 cannot, unfortunately, assure any of these, so we might expect its adoption by the business world to be sluggish. Indeed, organizations are in no hurry to solve the millennium problem four years before it strikes. What will it take to motivate them to tackle the more abstract threat of address space exhaustion? IPv6 is designed to minimize the pain of transition from today's protocol. IPv4-compatible addressing and IPv6-over-IPv4 tunneling make coexistence feasible. But the problems that remain are daunting. Consider, for instance, that during the transition phase the IPv6 capable hosts will have both a 32-bit IPv4 address and a 128-bit IPv6 address. Older systems will naturally have an IPv4 address, but may also have a newly-assigned IPv6 address as well. The Domain Name System (DNS) has to reply to queries from IPv6 hosts with both addresses. It is up to the communicating host to select which address to use. Beyond this, the ramifications for DNS resources and performance are not small. Another obstacle to IPv6 adoption is the installed base of TCP/IPv4 applications. The main concern is that in these applications network addresses are handled by assuming that the IP host address length is 32 bits, and storing addresses in 32-bit wide memory locations. Such a TCP/IP application would be unable to directly address an IPv6-only host. Moreover, the IPv4 socket API structures are defined to contain a 32-bit field for IP addresses. For IPv6 these structures will definitely change. For these reasons, the market in next-generation IP devices will grow slowly. Only as addresses become increasingly scarce and the cost of inaction rises will corporations feel the need to take on the challenge of a new network protocol. Router vendors and makers of software will follow suit. ConclusionThe Internet revolution of the last few years has cast TCP/IP in the spotlight of data communications. To play this key role, the 20-year old protocol suite needs more address space, streamlined routing, flexible service classes and built-in security. IPv6 can realize these goals, but getting there from the installed base of IPv4 applications is reminiscent of Big Iron's Y2000 problem. Now that the technical specifications for next-generation IP are frozen, vendors can begin introducing the new protocol into their product lines. Within two years the evidence should begin to reveal whether IPv6 or another technology, such as ATM, will lead networking into the 21st century. [1] 340282366920938463463374607431768211456, to be precise. [2] William Stallings, "IPv6: The New Internet Protocol," IEEE Communications Magazine, July 1996. [3] Uwe Ellermann, "IPv6 and Firewalls" [4] E. Britton and J. Tavs, "IPng Requirements of Large Corporate Networks," RFC-1678, 1994. Further Reading
|
|
