Routing & Switching: IPv6 & Network Performance Concepts | CompTIA Network+ N10-007 | 1.3d

In this video you will learn about IPv6 & network performance concepts, NAT/PAT, port forwarding, access control lists, distributed switching, packet-switched vs. circuit-switched networks, and software-defined networking.

IPv6

Internet Protocol version 6 is the most recent version of the Internet Protocol, the communications protocol that provides an identification and location system for computers on networks and routes traffic across the internet. IPv6 uses 128-bit source and destination IP addresses (compared to 32-bit for IPv4), theoretically enabling up to 340 undecillion addresses (3.4×10^38). IPv6 also features built-in security and provides better support for quality of service (QoS) routing, which is important to achieve high-quality streaming audio and video traffic.  Windows, macOS, and Linux all support IPv6.

IPv6 Addressing

IPv6 addresses are 128-bit addresses that are each then divided into eight 16-bit blocks.  The blocks are converted into hexadecimal, and each block is separated from the following block by a colon.  Leading zeros are typically suppressed, but each block must contain at least one digit.

Here is a typical IPv6 address:

Rules for abbreviating an IPv6 address:

• Leading 0s in a field can be omitted.
• Contiguous fields containing all 0s can be represented with a double colon. (This can only be done only once for a single IPv6 address.)
  • Example:
    • IPV6 address:  ABCD:0123:4040:0000:0000:0000:000A:000B
    • Abbreviated to:  ABCD:123:4040::A:B

Here is an IPv6 address that uses the double colon:

• FF02::2

IPv6 Address Types

IPv6 supports three types of addresses:  unicast, multicast, and anycast.

• Unicast: an address that identifies a unique node on a network. Unicast addressing is available in IPv4 & IPv6 and typically refers to a single sender or a single receiver, although it can be used in both sending and receiving. Unicast is the most common form of IP addressing.  IPv6 globally routable unicast addresses start with the first four hex characters in the range of 2000 to 3999.
• Multicast: a specific type of IP address labeling a network location that is used to multicast data packets within a network. It stands in contrast to other IP addresses that only allow for unicast models. Both IPv4 and IPv6 support multicasting. Multicast enables distribution of content such as internet TV and other types of streaming media. Multicast addresses begin with FF as the first two hex characters.
• Anycast: a network addressing & routing methodology in which a single destination address has multiple routing paths to two or more endpoint destinations. This is also known as one-to-one-to-many association. Anycast can be used for distributed services, such as DNS or other situations in which automatic failover is desirable.  IPv6 uses anycast addresses as destination addresses that are assigned only to routers.  Anycast addresses are assigned from the unicast address space.

Other unique aspects about IPv6 addressing:

• An IPv6 link-local address is also used on each IPv6 interface.  The link-local address begins with FE80.
• IPv6 can use autoconfiguration to discover the current network & select a host ID that is unique on that network.  Automatic generation of a unique host ID is made possible through a process known as EUI64, which uses the 48-bit MAC address on the device to aid in the generation of the unique 64-bit host ID.
• IPv6 can also use a special version of DCHP for IPv6. (Version is called DHCPv6.)
• The protocol that is used to discover the network address and learn the Layer 2 address of neighbors on the same network is Neighbor Discovery Protocol (NDP).

IPv6 Tunneling

IPv6 tunneling is a mechanism for encapsulating IPv4 & IPv6 packets within a site-to-site IPv6 VPN.  It is used to form a virtual point-to-point link between two IPv6 nodes.  IPv6 tunnels are stateless and have no knowledge of the configuration or existence of the remote tunnel endpoint.  Once an IPv6 tunnel is configured, packets are encapsulated and forwarded regardless of whether the decapsulating device is present or not.  IPv6 tunneling allows hosts in one private IP network to communicate with hosts in another private IP network by providing a tunnel between two routers across the Internet.  The IPv6 tunnel connection endpoints are terminated via a virtual tunnel interface (VTI) configured in each device.

IPv6 Dual Stack

Dual stack means that devices are able to run IPv4 & IPv6 in parallel.  It allows hosts to simultaneously reach IPv4 and IPv6 content, so it offers a very flexible coexistence strategy.  With dual stack, every networking device, server, switch, router, and firewall in an ISP’s network will be configured with both IPv4 & IPv6 connectivity capabilities.

• Benefits
  • Native dual stack does not require any tunneling mechanisms on internal networks.
  • Both IPv4 & IPv6 run independent of each other.
  • Dual stack supports gradual migration of endpoints, networks, and applications.

Router Advertisement

Routers advertise their presence together with various link and Internet parameters either periodically, or in response to a router solicitation message.  A host will then use the information to learn the prefixes and parameters for the local network.

Neighbor Discovery

Neighbor discovery is a protocol that allows different nodes on the same link to advertise their existence to their neighbors, and to learn about the existence of their neighbors.  Routers and hosts (nodes) use Neighbor Discovery (ND) messages to determine the link-layer addresses of neighbors that reside on attached links and to overwrite invalid cache entries.  Hosts also use ND to find neighboring routers that can forward packets on their behalf.  In addition, nodes use ND to actively track the ability to reach neighbors.  When a router (or the path to a router) fails, nodes actively search for alternatives to reach the destination.

Performance Concepts

Traffic Shaping

Traffic shaping is a bandwidth management technique used on computer networks which delays some or all datagrams to bring them into compliance with a desired traffic profile.  Traffic shaping is used to optimize or guarantee performance, improve latency, or increase usable bandwidth for some kinds of packets by delaying other kinds.  It is often confused with traffic policing, the distinct but related practice of packet dropping and packet marking.  The most common type of traffic shaping is application-based traffic shaping.  In application-based traffic shaping, fingerprinting tools are first used to identify the application associated with a data packet.  Based on this, specific traffic shaping policies are applied.  For example, you might want to use application-based traffic-shaping to throttle peer-to-peer file sharing, while giving maximum bandwidth to a business-critical application such as Voice-over-IP (VoIP), which is especially sensitive to latency.

QoS (Quality of Service)

Quality of service is the description or measurement of the overall performance of a service, such as telephony or computer network or a cloud computing service, particularly the performance seen by the users of the network. QoS is very important when it comes to streaming media, gaming, or VoIP services. QoS prioritizes real-time and streaming traffic. Depending on the router, QoS can simply be turned on and off (basic QoS), or it can be tweaked by specifying services to prioritize, whether to optimize for gaming, and uplink/downlink speeds to use. QoS can also be configured by an internet service provider (ISP). If an ISP is performing QoS optimization, changes you make on your router will not improve your traffic.

Diffserv (Differentiated Services)

Differentiated services is a computer networking architecture that specifies a simple & scalable mechanism for classifying and managing network traffic and providing quality of service on modern IP networks.  Diffserv can be used to provide low-latency to critical network traffic such as voice or streaming media while providing simple best-effort service to non-critical services such as web traffic or file transfers.

CoS (Class of Service)

When a network experiences congestion and delay, some packets must be prioritized to avoid random loss of data.  Class of service accomplishes this prioritization by dividing similar types of traffic, such as email, streaming video, voice, large document file transfer, into classes.  Different levels of priority are then applied for throughput and packet loss to each group to control traffic behavior.

NAT (Network Address Translation)

Network address translation is a method of remapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. In layman’s terms, NAT is the process where a network device (usually a firewall) assigns a public address to a computer (or group of computers) inside a private network. The main use of NAT is to limit or hide an entire IP address space on a LAN for both economic and security purposes. This functionality is typically built into a router. When NAT is implemented, before an IP address on the LAN can communicate with the internet, the IP address has to be converted to the public IP address of the router. This allows for the router to appear as if it is the only device making a connection to remote computers on the internet, which provides safety for the computers on the LAN. It also allows a single IP address to do the work for many other IP addresses in the LAN. NAT is performed automatically on SOHO routers when connected to an IPv4 network.  NAT is not necessary on an IPv6 network because IPv6 is much more secure and has no shortage of IP addresses.

PAT (Port Address Translation)

Port address translation is a function that allows multiple users within a private network to make use of a minimal number of IP addresses.  Its basic function is to share a single IP public address between multiple clients who need to use the Internet publicly.  It is an extension of network address translation.  An example of PAT is a home network that is connected to the Internet.  Within this setup, the system’s router is assigned a discrete IP address.  Multiple users can access the Internet over the router, and are each assigned a port number as they do so.

Port Forwarding

In computer networking, port forwarding (DNAT or destination network address translation) is an application of NAT that redirects a communication request from one address and port number combination to another while the packets are traversing a network gateway, such as a router or firewall. In layman’s terms, port forwarding allows remote computers to connect to a specific computer or service within a private LAN. An example could be an FTP server residing inside of a LAN with the IP address of 192.168.1.240 with port 21 open to allow for external computers to connect to engage in file transactions. In order for external computers to connect, these devices would need to know the IP address of your router (ex: 68.54.121.93) and the appropriate port number (port 21). Once the external computer is granted access to the LAN, the external device’s packets will be forwarded to the FTP server at 192.168.1.240 port 21.

Access Control List (ACL)

An access control list is a set of rules that is usually used to filter network traffic.  ACLs can be configured on network devices with packet filtering capabilities, such as routers & firewalls.  ACLs contain a list of conditions that categorize packets and help you determine when to allow or deny network traffic.  They are applied on the interface basis to packets leaving or entering an interface.

Distributed Switching

Distributed switching is an architecture in which multiple processor-controlled switching units are distributed.  There is often a hierarchy of switching elements, with a centralized host switch and with remote switches located close to concentrations of users.  Distributed switching is often used in telephone networks where it is often referred to as host-remote switching.  In rural areas, population centers tend to be too small for economical deployment of a full-featured dedicated telephone exchange, and distances between these centers make transmission costs relatively high.  Normal telephone traffic patterns show that most calling is done between people in these population centers.  The use of distributed switching allows for the majority of calls that are local to that population center to be switched there without needing to be transported to and from the host switch.  The host switch provides connectivity between the remote switches and to the larger network, and the host may also directly handle some rare and complex call types (such as conference calling) that the remote itself is not equipped to handle.

Packet-Switched Network

Packet switching is a method of grouping data that is transmitted over a digital network into packets.  Packets are made of a header and a payload.  Data in the header is used by networking hardware to direct the packet to its destination, where the payload is extracted and used by application software.  Packet switching is the primary basis for data communications in computer networks worldwide.

Circuit-Switched Network

Circuit switching is a method of implementing a telecommunications network in which two network nodes establish a dedicated communications channel (circuit) through the network before the nodes may communicate.  The circuit guarantees the full bandwidth of the channel and remains connected for the duration of the communication session.  The circuit functions as if the nodes were physically connected as with an electrical circuit.  Circuit switching originated in analog telephone networks where the network created a dedicated circuit between two telephones for the duration of a telephone call.  It contrasts with packet switching used in modern digital networks in which the trunklines between switching centers carry data between many different nodes in the form of data packets without dedicated circuits.

Software-Defined Networking (SDN)

Software-defined networking technology is an approach to network management that enables dynamic, programmatically efficient network configuration in order to improve network performance and monitoring, making it more like cloud computing than traditional network management.  SDN is meant to address the fact that the static architecture of traditional networks is decentralized and complex while current networks require more flexibility and easy troubleshooting.  SDN attempts to centralize network intelligence in one network component by disassociating the forwarding process of network packets from the routing process.  The routing process consists of one or more controllers, which are considered the brain of the SDN network where the whole intelligence is incorporated.  However, the intelligent centralization has its own drawbacks when it comes to security, scalability and elasticity and this is the main issue of SDN.