Glossary (IPv6 Administration Guide)

Skip to ContentSun and Oracle Channel Sun How to Buy Log In

IPv6 Administration Guide

Ver este libro:

Otros Idiomas
日本語

Contained Within

Find More Documentation

Featured Support Resources

Descargar este libro en PDF (761 KB)

Anterior: 4. Making the Transition From IPv4 to IPv6 (Reference)

Glossary

anycast address: An IP address that is assigned to more than one interface (typically belonging to different nodes). A packet that is sent to an anycast address is routed to the nearest interface having that address. The packet's route is in compliance with the routing protocol's measure of distance.
authentication header: An extension header that provides authentication and integrity, without confidentiality, to IP datagrams.
autoconfiguration: The process of a host automatically configuring its interfaces in IPv6.
bidirectional tunnel: A tunnel that can transmit datagrams in both directions.
Certificate Authority (CA): A trusted third-party organization or company that issues digital certificates used to create digital signatures and public-private key pairs. The CA guarantees the identity of the individual who is granted the unique certificate.
DES: Data Encryption Standard. A symmetric-key encryption method developed in 1975 and standardized by ANSI in 1981 as ANSI X.3.92. DES uses a 56-bit key.
dual stack: In the context of IPv6 transition, a protocol stack that contains both IPv4 and IPv6, with the rest of the stack being identical.
encapsulating security header: An extension header that provides integrity and confidentiality to datagrams.
encapsulation: The process of a header and payload being placed in the first packet, which is subsequently placed in the second packet's payload.
firewall: Any device or software that protects an organization's private network or intranet from intrusion by external networks such as the Internet.
forward tunnel: A tunnel that starts at the home agent and terminates at the mobile node's care-of address.
Generic Routing Encapsulation (GRE): An optional form of tunneling that can be supported by home agents, foreign agents, and mobile nodes. GRE enables a packet of any network-layer protocol to be encapsulated within a delivery packet of any other (or the same) network-layer protocol.
hop: A measure that is used to identify the number of routers that separate two hosts. If three routers separate a source and destination, the hosts are four hops away from each other.
IP in IP encapsulation: The mechanism for tunneling IP packets within IP packets.
IP link: A communication facility or medium over which nodes can communicate at the link layer. The link layer is the layer immediately below IPv4/IPv6. Examples include Ethernets (simple or bridged) or ATM networks. One or more IPv4 subnet numbers or prefixes are assigned to an IP link. A subnet number or prefix cannot be assigned to more than one IP link. In ATM LANE, an IP link is a single emulated LAN. When you use ARP, the scope of the ARP protocol is a single IP link.
IPsec: The security architecture (IPsec) that provides protection for IP datagrams.
IPv4: Internet Protocol, version 4. IPv4 is sometimes referred to as IP. This version supports a 32–bit address space.
IPv6: Internet Protocol, version 6. This version supports a 128–bit address space.
key management: The way in which you manage security associations.
link-local-use address: A designation that is used for addressing on a single link for purposes such as automatic address configuration.
local-use address: A unicast address that has only local routability scope (within the subnet or within a subscriber network). This address also can have a local or global uniqueness scope.
MD5: An iterative cryptographic hash function that is used for message authentication, including digital signatures. The function was developed in 1991 by Rivest.
Minimal encapsulation: An optional form of IPv4 in IPv4 tunneling that can be supported by home agents, foreign agents, and mobile nodes. Minimal encapsulation has 8 or 12 bytes less of overhead than does IP-in-IP encapsulation.
MTU: Maximum Transmission Unit. The size, given in octets, that can be transmitted over a link. For example, the MTU of an Ethernet is 1500 octets.
multicast address: An IP address that identifies a group of interfaces in a particular way. A packet that is sent to a multicast address is delivered to all of the interfaces in the group.
neighbor advertisement: A response to a neighbor solicitation message or the process of a node sending unsolicited neighbor advertisements to announce a link-layer address change.
neighbor discovery: An IP mechanism that enables hosts to locate other hosts that reside on an attached link.
neighbor solicitation: A solicitation that is sent by a node to determine the link-layer address of a neighbor. A neighbor solicitation also verifies that a neighbor is still reachable by a cached link-layer address.
Network Access Identifier (NAI): A designation that uniquely identifies the mobile node in the format of user@domain.
network interface card (NIC): Network adapter that is either internal or a separate card that serves as an interface to a link.
node: A host or a router.
packet: A group of information that is transmitted as a unit over communications lines. Contains a header plus payload.
physical interface: A node's attachment to a link. This attachment is often implemented as a device driver plus a network adapter. Some network adapters can have multiple points of attachment, for example, qfe. The usage of network adapter in this document refers to a “single point of attachment.”
physical interface group: The set of physical interfaces on a system that are connected to the same link. These interfaces are identified by assigning the same (non-null) character string name to all the physical interfaces in the group.
physical interface group name: A name that is assigned to a physical interface that identifies the group. The name is local to a system. Multiple physical interfaces, sharing the same group name, form a physical interface group.
PKI: Public Key Infrastructure. A system of digital certificates, Certificate Authorities, and other registration authorities that verify and authenticate the validity of each party involved in an Internet transaction.
private address: An IP address that is not routable through the Internet.
public key cryptography: A cryptographic system that uses two different keys. The public key is known to everyone. The private key is known only to the recipient of the message. IKE provides public keys for IPsec.
redirect: In a router, to inform a host of a better first-hop node to reach a particular destination.
registration: The process by which a mobile node registers its care-of address with its home agent and foreign agent when it is away from home.
repair detection: The process of detecting when a NIC or the path from the NIC to some layer–3 device starts operating correctly after a failure.
reverse tunnel: A tunnel that starts at the mobile node's care-of address and terminates at the home agent.
router advertisement: The process of routers advertising their presence together with various link and Internet parameters, either periodically or in response to a router solicitation message.
router discovery: The process of hosts locating routers that reside on an attached link.
router solicitation: The process of hosts requesting routers to generate router advertisements immediately, rather than at their next scheduled time.
RSA: A method for obtaining digital signatures and public-key cryptosystems. The method was first described in 1978 by its developers, Rivest, Shamir, and Adleman.
SADB: Security Associations Database. A table that specifies cryptographic keys and algorithms. The keys and algorithms are used in the secure transmission of data.
security associations: Associations that specify security properties from one host to a second host.
Security Parameter Index (SPI): An integer that specifies the row in the security associations database (SADB) that a receiver should use to decrypt a received packet.
SHA-1 algorithm: Secure Hashing Algorithm. The algorithm operates on any input length less than 2⁶⁴ to produce a message digest. It is input to DSA.
site-local-use address: A designation that is used for addressing on a single site.
SPI: Security Parameters Index. An integer that specifies the row in the SADB that a receiver should use to decrypt a received packet.
standby: A physical interface that is not used to carry data traffic unless some other physical interface has failed.
stateful autoconfiguration: The process of a host obtaining interface addresses, configuration information, and parameters from a server.
stateless autoconfiguration: The process of a host generating its own addresses by using a combination of locally available information and information that is advertised by routers.
symmetric key cryptography: An encryption system in which the sender and receiver of a message share a single, common key. This common key is used to encrypt and decrypt the message. Symmetric keys are used to encrypt the bulk of data transmission in IPsec. DES is one example of a symmetric key system.
Triple-DES: Triple-Data Encryption Standard. A symmetric-key encryption method which provides a key length of 168 bits.
tunnel: The path that is followed by a datagram while it is encapsulated.
unicast address: An IP address that identifies a single interface.

Anterior: 4. Making the Transition From IPv4 to IPv6 (Reference)