Temporal and Spatial Classification of Active IPv6 Addresses

There is striking volume of World-Wide Web activity on IPv6 today. In early 2015, one large Content Distribution Network handles 50 billion IPv6 requests per day from hundreds of millions of IPv6 client addresses; billions of unique client addresses are observed per month. Address counts, however, obscure the number of hosts with IPv6 connectivity to the global Internet. There are numerous address assignment and subnetting options in use; privacy addresses and dynamic subnet pools significantly inflate the number of active IPv6 addresses. As the IPv6 address space is vast, it is infeasible to comprehensively probe every possible unicast IPv6 address. Thus, to survey the characteristics of IPv6 addressing, we perform a year-long passive measurement study, analyzing the IPv6 addresses gleaned from activity logs for all clients accessing a global CDN. The goal of our work is to develop flexible classification and measurement methods for IPv6, motivated by the fact that its addresses are not merely more numerous; they are different in kind. We introduce the notion of classifying addresses and prefixes in two ways: (1) temporally, according to their instances of activity to discern which addresses can be considered stable; (2) spatially, according to the density or sparsity of aggregates in which active addresses reside. We present measurement and classification results numerically and visually that: provide details on IPv6 address use and structure in global operation across the past year; establish the efficacy of our classification methods; and demonstrate that such classification can clarify dimensions of the Internet that otherwise appear quite blurred by current IPv6 addressing practices

ALEX: Improving SIP Support in Systems with Multiple Network Addresses

The successful and increasingly adopted session initiation protocol (SIP) does not adequately support hosts with multiple network addresses, such as dual-stack (IPv4-IPv6) or IPv6 multi-homed devices. This paper presents the Address List Extension (ALEX) to SIP that adds effective support to systems with multiple addresses, such as dual-stack hosts or multi-homed IPv6 hosts. ALEX enables IPv6 transport to be used for SIP messages, as well as for communication sessions between SIP user agents (UAs), whenever possible and without compromising compatibility with ALEX-unaware UAs and SIP servers

The Impact of IPv6 on Penetration Testing

In this paper we discuss the impact the use of IPv6 has on remote penetration testing of servers and web applications. Several modifications to the penetration testing process are proposed to accommodate IPv6. Among these modifications are ways of performing fragmentation attacks, host discovery and brute-force protection. We also propose new checks for IPv6-specific vulnerabilities, such as bypassing firewalls using extension headers and reaching internal hosts through available transition mechanisms. The changes to the penetration testing process proposed in this paper can be used by security companies to make their penetration testing process applicable to IPv6 targets

A Survey Of IPv6 Address Usage In The Public Domain Name System

The IPv6 protocol has been slowly increasing in use on the Internet. The main reason for the development of the protocol is that the address space provided by IPv4 is nearing exhaustion. The pool of addresses provided by IPv6 is 296 times larger than IPv4, and should be sufficient to provide an address for every device for the foreseeable future. Another potential advantage of this significantly large address space is the use of randomly assigned addresses as a security barrier as part of a defence in depth strategy. This research examined the addresses allocated by those implementing IPv6 to determine what method or pattern of allocation was being used by adopters of the protocol. This examination was done through the use of DNS queries of the AAAA IPv6 host record using public DNS servers. It was observed that 55.84% of IPv6 addresses were in the range of 0 to (232 − 1). For those addresses with unique interface identifier (IID) portions, a nearly equal number of sequential and random IIDs were observed. Hong Kong and Germany were found to have the greatest number of IPv6 addresses. These results suggest that adopters are allocating most addresses sequentially, meaning that no security advantage is being obtained. It is unclear as to whether this is through design or the following of accepted practice. Future research will continue to survey the IPv6 address space to determine whether the patterns observed here remain constant

Phase Changes in the Evolution of the IPv4 and IPv6 AS-Level Internet Topologies

In this paper we investigate the evolution of the IPv4 and IPv6 Internet topologies at the autonomous system (AS) level over a long period of time.We provide abundant empirical evidence that there is a phase transition in the growth trend of the two networks. For the IPv4 network, the phase change occurred in 2001. Before then the network's size grew exponentially, and thereafter it followed a linear growth. Changes are also observed around the same time for the maximum node degree, the average node degree and the average shortest path length. For the IPv6 network, the phase change occurred in late 2006. It is notable that the observed phase transitions in the two networks are different, for example the size of IPv6 network initially grew linearly and then shifted to an exponential growth. Our results show that following decades of rapid expansion up to the beginning of this century, the IPv4 network has now evolved into a mature, steady stage characterised by a relatively slow growth with a stable network structure; whereas the IPv6 network, after a slow startup process, has just taken off to a full speed growth. We also provide insight into the possible impact of IPv6-over-IPv4 tunneling deployment scheme on the evolution of the IPv6 network. The Internet topology generators so far are based on an inexplicit assumption that the evolution of Internet follows non-changing dynamic mechanisms. This assumption, however, is invalidated by our results.Our work reveals insights into the Internet evolution and provides inputs to future AS-Level Internet models.Comment: 12 pages, 21 figures; G. Zhang et al.,Phase changes in the evolution of the IPv4 and IPv6 AS-Level Internet topologies, Comput. Commun. (2010

Case Study - IPv6 based building automation solution integration into an IPv4 Network Service Provider infrastructure

The case study presents a case study describing an Internet Protocol (IP) version 6 (v6) introduction to an IPv4 Internet Service Provider (ISP) network infrastructure. The case study driver is an ISP willing to introduce a new “killer” service related to Internet of Things (IoT) style building automation. The provider and cooperation of third party companies specialized in building automation will provide the service. The ISP has to deliver the network access layer and to accommodate the building automation solution traffic throughout its network infrastructure. The third party companies are system integrators and building automation solution vendors. IPv6 is suitable for such solutions due to the following reasons. The operator can’t accommodate large number of IPv4 embedded devices in its current network due to the lack of address space and the fact that many of those will need clear 2 way IP communication channel. The Authors propose a strategy for IPv6 introduction into operator infrastructure based on the current network architecture present service portfolio and several transition mechanisms. The strategy has been applied in laboratory with setup close enough to the current operator’s network. The criterion for a successful experiment is full two-way IPv6 application layer connectivity between the IPv6 server and the IPv6 Internet of Things (IoT) cloud

Poster Abstract: Low-Power Wireless IPv6 Routing with ContikiRPL

RPL is the IETF candidate standard for IPv6 routing in low-power wireless sensor networks. We present the first experimental results of RPL which we have obtained with our ContikiRPL implementation. Our results show that Tmote Sky motes running IPv6 with RPL routing have a battery lifetime of years, while delivering 0.6 packets per second to a sink node