Difference between revisions of "IPv6 Address : Bagian Host"
Onnowpurbo (talk | contribs) (New page: Sumber: http://tldp.org/HOWTO/Linux+IPv6-HOWTO/x659.html 3.3. Address types (host part) For auto-configuration and mobility issues, it was decided to use the lower 64 bits as the host p...) |
Onnowpurbo (talk | contribs) |
||
Line 1: | Line 1: | ||
Sumber: http://tldp.org/HOWTO/Linux+IPv6-HOWTO/x659.html | Sumber: http://tldp.org/HOWTO/Linux+IPv6-HOWTO/x659.html | ||
+ | |||
+ | =Tipe Address (Bagian host)= | ||
+ | |||
+ | Untuk auto-configuration dan mobility, di putuskan untuk menggunakan 64 bit bagian bawah sebagai bagian host dari address di kebanyakan tipe address. Oleh karenanyta setiap subnet dapat menampung banyak sekali address. | ||
− | |||
For auto-configuration and mobility issues, it was decided to use the lower 64 bits as the host part of the address in most of the current address types. Therefore each single subnet can hold a large amount of addresses. | For auto-configuration and mobility issues, it was decided to use the lower 64 bits as the host part of the address in most of the current address types. Therefore each single subnet can hold a large amount of addresses. | ||
− | + | Bagian host ini dapat dilihat berlainan: | |
− | + | ||
+ | ==Automatic computed (juga dikenal sebagai stateless)== | ||
− | + | Dengan auto-configuration, bagian host dari address dihitung dengan mengkonversikan MAC address dari interface (jika ada), dengan metoda EUI-64, ke IPv6 address yang unik. Jika tidak ada MAC address yang biasanya terjadi pada virtual device, maka yang lain seperti address IPv4 atau MAC address dari interface fisik yang akan digunakan. | |
− | + | Contoh, NIC dengan MAC address (48 bit): | |
− | 00:10:a4:01:23:45 | + | 00:10:a4:01:23:45 |
− | + | Berdasarkan tutorial IEEE EUI-64 disain untuk EUI-48 identifier ke 64 bit interface identifier sebagai: | |
− | 0210:a4ff:fe01:2345 | + | 0210:a4ff:fe01:2345 |
− | + | Untuk prefix tertentu, maka hasil dari IPv6 address akan tampak sebagai berikut: | |
− | 2001:0db8:0100:f101:0210:a4ff:fe01:2345 | + | 2001:0db8:0100:f101:0210:a4ff:fe01:2345 |
− | + | ==Masalah privacy dengan automatic computed address dan solusinya== | |
Because the "automatically computed" host part is globally unique (except when a vendor of a NIC uses the same MAC address on more than one NIC), client tracking is possible on the host when not using a proxy of any kind. | Because the "automatically computed" host part is globally unique (except when a vendor of a NIC uses the same MAC address on more than one NIC), client tracking is possible on the host when not using a proxy of any kind. | ||
Line 32: | Line 36: | ||
For servers, it's probably easier to remember simpler addresses, this can also be accommodated. It is possible to assign an additional IPv6 address to an interface, e.g. | For servers, it's probably easier to remember simpler addresses, this can also be accommodated. It is possible to assign an additional IPv6 address to an interface, e.g. | ||
− | 2001:0db8:100:f101::1 | + | 2001:0db8:100:f101::1 |
For manual suffixes like “::1” shown in the above example, it's required that the 7th most significant bit is set to 0 (the universal/local bit of the automatically generated identifier). Also some other (otherwise unchosen ) bit combinations are reserved for anycast addresses, too. | For manual suffixes like “::1” shown in the above example, it's required that the 7th most significant bit is set to 0 (the universal/local bit of the automatically generated identifier). Also some other (otherwise unchosen ) bit combinations are reserved for anycast addresses, too. |
Revision as of 08:51, 14 June 2013
Sumber: http://tldp.org/HOWTO/Linux+IPv6-HOWTO/x659.html
Tipe Address (Bagian host)
Untuk auto-configuration dan mobility, di putuskan untuk menggunakan 64 bit bagian bawah sebagai bagian host dari address di kebanyakan tipe address. Oleh karenanyta setiap subnet dapat menampung banyak sekali address.
For auto-configuration and mobility issues, it was decided to use the lower 64 bits as the host part of the address in most of the current address types. Therefore each single subnet can hold a large amount of addresses.
Bagian host ini dapat dilihat berlainan:
Automatic computed (juga dikenal sebagai stateless)
Dengan auto-configuration, bagian host dari address dihitung dengan mengkonversikan MAC address dari interface (jika ada), dengan metoda EUI-64, ke IPv6 address yang unik. Jika tidak ada MAC address yang biasanya terjadi pada virtual device, maka yang lain seperti address IPv4 atau MAC address dari interface fisik yang akan digunakan.
Contoh, NIC dengan MAC address (48 bit):
00:10:a4:01:23:45
Berdasarkan tutorial IEEE EUI-64 disain untuk EUI-48 identifier ke 64 bit interface identifier sebagai:
0210:a4ff:fe01:2345
Untuk prefix tertentu, maka hasil dari IPv6 address akan tampak sebagai berikut:
2001:0db8:0100:f101:0210:a4ff:fe01:2345
Masalah privacy dengan automatic computed address dan solusinya
Because the "automatically computed" host part is globally unique (except when a vendor of a NIC uses the same MAC address on more than one NIC), client tracking is possible on the host when not using a proxy of any kind.
This is a known problem, and a solution was defined: privacy extension, defined in RFC 3041 / Privacy Extensions for Stateless Address Autoconfiguration in IPv6 (there is also already a newer draft available: draft-ietf-ipv6-privacy-addrs-v2-*). Using a random and a static value a new suffix is generated from time to time. Note: this is only reasonable for outgoing client connections and isn't really useful for well-known servers. 3.3.2. Manually set
For servers, it's probably easier to remember simpler addresses, this can also be accommodated. It is possible to assign an additional IPv6 address to an interface, e.g.
2001:0db8:100:f101::1
For manual suffixes like “::1” shown in the above example, it's required that the 7th most significant bit is set to 0 (the universal/local bit of the automatically generated identifier). Also some other (otherwise unchosen ) bit combinations are reserved for anycast addresses, too.