IPv6地址配置策略与部署规律的探究

1)东南大学网络空间学院,江苏南京 211189; 2)网络空间国际治理研究基地(东南大学),江苏南京 211189

计算机网络; IPv6; IPv6地址配置策略; IPv6地址扫描

Research on IPv6 address configuration strategy and deployment rule
WU Yijie1, LI Mingyang1, WANG Jiahe1, CHEN Hui1, and YANG Wang1, 2

1)School of Cyber Science and Engineering, Southeast University, Nanjing 211189, Jiangsu Province, P.R.China2)Research Base of International Cyberspace Governance(Southeast University), Nanjing 211189, Jiangsu Province, P.R.China

computer network; IPv6; IPv6 address configuration policy; IPv6 address scanning

DOI: 10.3724/SP.J.1249.2020.99013

备注

随着IPv6网络部署的不断推进,IPv6带来的安全问题也日益严重. 为了能充分了解IPv6空间所存在的安全漏洞和风险,对IPv6地址特别是服务器地址进行探测扫描是必要的步骤. 由于IPv6相对于IPv4地址空间有了极大的扩充,传统的扫描方式不再适用,对IPv6的扫描研究也缺少较为有效的方式. 为此,基于被动流量采集方式收集了IPv6地址数据集,并根据该数据集探究了IPv6地址部署的规律. 通过探究不同地址配置方式导致地址不同特征,将地址进行筛选分类,对不同类型的地址进行数据统计及分析,并给出了当前教育网不同地址配置方式的部署规律,有助于更好地扫描IPv6地址.

With the advancement of the deployment of IPv6 networks, the security problems brought by IPv6 have become increasingly serious. In order to fully understand the security vulnerabilities and risks existing in the IPv6 space, it is necessary to detect and scan IPv6 addresses, especially server addresses. As IPv6 has greatly expanded the address space compared with IPv4, the traditional scanning method is no longer applicable, and the current research on scanning of IPv6 lacks an effective method. In this paper, we collect an IPv6 address data set based on passive traffic collection, and explore the rules of IPv6 address deployment using this data set. By exploring the different characteristics of addresses caused by different address configuration methods, we filter and classify addresses, perform statistics and analysis on different types of addresses, and give the current education network deployment rules for different address configuration methods, which will help the IPv6 address scanning work to be carried out better.

·