Inferring Internet Server IPV4 and IPV6 Address Relationships
Abstract
While IPv6 is finally experiencing non-trivial deployment, IPv4 and IPv6 are expected to co-exist for the foreseeable future, implying dual-stacked devices, and protocol inter-dependence. We develop and deploy a system for characterizing the association between IPv4 and IPv6 addresses ( siblings ) within network server infrastructure, with specific focus on Internet DNS and web servers. We develop two novel techniques for finding DNS resolver sibling groups, one passive and one active. For 674k observed (IPv4, IPv6) address pairs, we find that 34% of the addresses are one-to-one, i.e., appear in no other pair. Yet there are also complex cases, where distributed DNS resolution creates interconnected sets of nameserver address pairs that can span continents and autonomous systems, complexity confirmed using active probing. We then describe a targeted method to actively interrogate candidate (IPv4, IPv6) pairs to determine if they are assigned to the same device. We find that the IPv4 and IPv6 addresses of Internet servers frequently belong to different interfaces, machines, and even autonomous systems. Our results have important implications on network resilience, security, geolocation and performance measurement. The primary implication of our work is an under-appreciated fact: that the IPv4 and IPv6 addresses of Internet servers frequently belong to different interfaces, machines, and even autonomous systems. We hope that our results illuminate not only some of the underlying complexity between IPv4 and IPv6 as deployed in the Internet today, but also properties to protect critical infrastructure and methodologies for conducting sound IPv4/IPv6 comparison measurements.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jun 21, 2013
- Accession Number
- ADA583437
Entities
People
- Arthur Berger
- Larry Campbell
- Nicholas Weaver
- Robert Beverly
Organizations
- Naval Postgraduate School