IPv6 Concept - ITU-Arab Regional Office

Download Report

Transcript IPv6 Concept - ITU-Arab Regional Office

IPv6 Concepts
Burt Crépeault :: [email protected]
www.iitelecom.com
1
IIT
© IITelecom,
2004
© Institut international des télécommunications inc., 2004
IPv6 Concepts
Session objectives
At the end of this session, the participants should be able to:

Understand the structure of the IPv6 packet

Understand the IPv6 address format

Name the different IPv6 addressing types

Have a basic understanding of the main IPv6 protocols
2
IIT
© IITelecom,
2004
Session content
The IP version 6 protocol
3
IIT
© IITelecom,
2004

IP version 6 header description

Address format

Hierarchical addressing

Address types

Unicast

Multicast

Neighbour Discovery Protocol

Address auto-configuration

DNS for IP version 6

Routing protocols
IP version 4 header description
1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
IHL
Type of service
IDENTIFICATION
TIME TO LIVE
TOTAL LENGTH
FLAGS
PROTOCOL
FRAGMENT OFFSET
HEADER CHECKSUM
Source IP address
Destination IP address
OPTIONS
Padding
Data
...
4
IIT
© IITelecom,
2004
MAX. 60 BYTES
MIN. 20 BYTES
VERS
IP version 4 structure and classes of address
Adresse IP = 4 Bytes
1
2
3
4
1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
5
IIT
© IITelecom,
2004
Class A
0
netid
Class B
10
Class C
110
Class D
1110
Class E
1111 0
hostid
netid
hostid
netid
hostid
multicast
Reserved for future use
IP version 4 addressing architecture
191.56.0.0
194.2.4.0
193.1.4.0
172.1.0.0 168.1.0.0 10.0.0.0
Addressing by class

191.0.0.0
191.2.0.0
191.1.0.0
191.2.0.0
191.1.1.0 191.1.2.0 191.2.1.0 191.2.2.0
Hierarchical addressing
IP version 4 was designed on the principle of addressing by
class
– Address bits are divided between network ID and host ID

IPv4 addressing is not hierarchical. It does not allow the
representation of several low-level addresses from the highlevel ones
– A hierarchical addressing system works similarly to the public telephone
numbering scheme (country code, regional code, etc.)
6
IIT
© IITelecom,
2004
IP version 6 Terminology
7
IIT
© IITelecom,
2004
Node
Any device that implements IPv6.
Router
A node that forwards packets that are not specifically addressed to it.
Upper layer
The protocol layer immediately above IPv6. For example: transport
protocols such as TCP and UDP, control protocols such as ICMP, routing
protocols like OSPF and the lower or same level protocols that are tunnelled
(encapsulated) in IPv6, such as IPX, AppleTalk, IPv4 or IPv6 itself.
Link
A communication resource or medium by which nodes can communicate at
the link level, i.e., the layer immediately below IPv6. For example: Ethernet
(direct or bridged); PPP, X.25, Frame Relay or ATM networks; and same or
upper layer protocols that are tunnelled (encapsulated), such as IPv4 or IPv6
itself.
Neighbours
Nodes that are attached to the same link
IP version 6 Terminology
8
IIT
© IITelecom,
2004
Interface
A node’s attachment point to a link
Address
An IPv6 identifier for an interface or a group of interfaces
Packet
An IPv6 header and its transported data
Link MTU
the maximum transmission unit, i.e., maximum packet size in octets, that
can be conveyed in one piece over a link
Path MTU
the minimum link MTU of all the links in a path between a source node and
a destination node
IP version 6 Packet
1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
VERS
Traffic Class
Payload Length
Flow Label
Next Header
Hop Limit
Source IP address
Destination IP address
Destination IP address
Extension header (Optional)
Data
9
IIT
© IITelecom,
2004
40 BYTES
Source IP address
IP version 6 characteristics
IPv6 addresses are assigned to interfaces, not nodes:

An interface can be assigned more than one IPv6 address
Hierarchical routing and improved addressing:



128-bits addresses instead of 32 bits. (~3.4 * 1038)
340,282,366,920,938,463,463,374,607,431,768,211,456 in all!
1030 addresses per person on Earth!
Simplified header format:


10
IIT
© IITelecom,
2004
Fixed length – 40 bytes
Reduces packet processing costs in routers
IP version 6 characteristics
Improved header extensions and options:


Options are included by adding a header extension
Greatly simplifies adding new options in the future
Quality of service and sequence identification:

A packet sequence is identified through the use of labels
Authentication and encryption
11
IIT
© IITelecom,
2004
IP version 6 packet compared to the
IP version 4 datagram
Both headers carry the IP version number and the source and
destination addresses
Many IP version 4 fields are removed from IP version 6:

Type-of-Service, Fragment Offset, Identification, Flags, Checksum and
Header Length
IP version 6 reduces the need for header fields:


12
IIT
© IITelecom,
2004
IP version 4 header = 14 fields
IP version 6 header = 8 fields
IP version 6 packet compared to the
IP version 4 datagram
The Type of Service (ToS) field functionality in IP version 4 was
transferred to 2 new IP version 6 fields:

Flow Label and Traffic Class
The fragmentation fields of IP version 4 become options in IP
version 6 (Offset, Identification and Flags)
The Checksum field in IP version 4 was dropped:

13
IIT
© IITelecom,
2004
Data integrity if left to the layer above
IP packet - VERS
VERS
• The VERS field indicates the
IP version used in this
packet
1111111111222222222233
01234567890123456789012345678901
Traffic
VERS Class
Flow Label
Payload Lenght
Next Header Hop Limit
Source IP Address
Source IP Address
Destination IP Address
Destination IP Address
Data
14
IIT
© IITelecom,
2004
• New version is 6
IP packet - Traffic Class
Traffic Class
• This 8-bit field is used by source
nodes and routers to mark or
distinguish between different
traffic classes or priorities
1111111111222222222233
01234567890123456789012345678901
Traffic
VERS
Flow Label
Class
Payload Lenght
Next Header Hop Limit
Source IP Address
Source IP Address
Destination IP Address
Destination IP Address
Data
15
IIT
© IITelecom,
2004
• Similar to the TOS field in IP
version 4
IP packet - Flow Label
Flow Label
• This 20-bit field indicates that the
packet is part of a sequence of
packets and requires special
attention from the router (RFC 3697)
1111111111222222222233
01234567890123456789012345678901
Traffic
VERS Class
Flow Label
Payload Lenght
Next Header Hop Limit
Source IP Address
Source IP Address
Destination IP Address
Destination IP Address
Data
16
IIT
© IITelecom,
2004
IP packet - Payload Length
PAYLOAD LENGTH
11 11 11 1 1 1 1 222 22 222 2 233
01 2 3 45 67 89 01 23 45 6 7 8 9 012 34 567 8 901
Traffic
VERS Class
Flow Label
Payload Lenght
Hop Limit
Next Header
Source IP Address
Source IP Address
Destination IP Address
40 bytes
Destination IP Address
Data
1111111111222222222233
01234567890123456789012345678901
Traffic
VERS Class
Flow Label
Payload Lenght
Hop Limit
Next header
Source IP Address
Source IP Address
Destination IP Address
Destination IP Address
Data
17
IIT
© IITelecom,
2004
PAYLOAD LENGTH
This 16-bit field
indicates the total
length of the packet
data, including options
(header extensions)

The IPv6 header has a fixed, 40-byte length

The data field (payload) can contain up to 64kB of
data
IP packet - Next Header
Next Header
Indicates the type of
header that immediately
follows the IPv6 header
1111111111222222222233
01234567890123456789012345678901
Traffic
VERS Class
Flow Label
Payload Lenght
Next Header Hop Limit
Source IP Address
Source IP Address
Destination IP Address
Destination IP Address
Data
18
IIT
© IITelecom,
2004

Protocols
ICMP
TCP
UDP
Extension headers
Fragmentation
Authentication
1
6
17
44
51
Replaces the Protocol field in IPv4
Extension headers
IP version 6 Extension
header
header
Extension
header
Transport
header

The extension headers replace the Options in IP version 4

Most extension headers are not processed by routers until the packet reaches the
end of its path

Improves router performance with packets containing options

Very different from IP version 4, where:
– All options must be processed by all routers in the path
– Header has unlimited length, as opposed to 40 option bytes with IPv4
19
IIT
Data
(Payload)
© IITelecom,
2004
Extension headers
New method to process options
Extension headers are added after the IPv6 header
Extension headers are daisy chained
IPv6 Header
Next Header
= TCP
IPv6 Header
Next Header
= Routing
IPv6 Header
Next Header
= Routing
20
IIT
© IITelecom,
2004
TCP Header
+ Data
Routing Header
Next Header =
TCP
Routing Header
Next Header =
ESP
TCP Header
+ Data
ESP Header
Next Header =
TCP
TCP Header
+ Data
Extension headers

Hop-by-Hop option header (0):
–

Routing header (43):
–

IIT
© IITelecom,
2004
Explicitly defines the route to be used by packets in the network (ex. :
Source Routing)
Fragmentation header (44):
–
–
21
Used to include options that must be processed by routers along the path
(ex.: resources reservation using RSVP)
Used to send a packet with a MTU higher than the path MTU
Only source nodes can fragment packets with the proper MTU, contrary to
IP version 4 where routers did the fragmentation
Extension headers

Destination Options header (60):
–

Authentication header (51):
–

IIT
© IITelecom,
2004
Allows the verification that a packet was transmitted by the rightful source.
Protects against hackers that change the source IP addresses of their
traffic to borrow someone else’s identity (IP spoofing)
Encrypted Security Payload (ESP) header (50):
–
22
Used to transport general purpose option information that will be processed
by the destination node
Allows encryption of the payload data
Next header - Protocols
Decimal
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
23
IIT
© IITelecom,
2004
Keyword
Protocol
HOPOPT
ICMP
IGMP
GGP
IP
ST
TCP
CBT
EGP
IGP
BBN-MON
NVP-II
PUP
ARGUS
EMCON
XNET
CHAOS
UDP
MUX
DCN-MEAS
HMP
PRM
XNS-IDP
TRUNK-1
TRUNK-2
LEAF-1
LEAF-2
RDP
IP version 6 Hop-by-Hop Option
Internet Control Message
Internet Group Management
Gateway-to-Gateway
IP in IP (encapsulation)
Stream
Transmission Control
CBT
Exterior Gateway Protocol
Private Interior Gateway
BBN-RCC Monitoring
Network Voice Protocol
PUP
ARGUS
EMCON
Cross Net Debugger
Chaos
User Datagram
Multiplexing
DCN Measurement Subsystems
Host Monitoring
Packet Radio Measurement
XEROX NS IDP
Trunk-1
Trunk-2
Leaf-1
Leaf-2
Reliable Data Protocol
Decimal
28
29
30
31
32
33
34
35
36
37
38
Keyword
IRTP
ISO-TP4
NETBLT
MFE-NSP
Merit-INP
SEP
3PC
IDPR
Protocol
XTP
DDP
IDPR-CMTP
Protocol
Internet Reliable T.P.
ISO Transport Class 4
Bulk Data Transfer
MFE Network Services
MERIT Internodal Protocol
Sequential Exchange
Third Party Connect Protocol
Inter-Domain Policy Routing
39
40
41
42
43
44
45
46
47
48
49
50
TP++
IL
IP version 6
SDRP
IPv6-Route
IPv6-FRAG
IDRP
RSVP
GRE
MHRP
BNA
ESP
XTP
Datagram Delivery Protocol
IDPR Control Message Transport
Protocol
TP++ Transport Protocol
IL Transport Protocol
IP version 6
Source Demand Routing Protocol
Routing Header for IP version 6
Fragment Header for IP version 6
Inter-Domain Routing Protocol
Reservation Protocol
General Routing Encapsulation
Mobile Host Routing Protocol
BNA
Encap Security Payload for IPv6
51
52
53
AH
I-NLSP
SWIPE
Authentication Header for IPv6
Integrated Net Layer Security
IP with Encryption
Next header - Protocols
Decimal
54
55
56
MOBILE
TLSP
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
SKIP
IPv6-ICMP
IPv6-NoNxt
IPv6-Opts
73
74
75
76
77
78
79
CPHB
WSN
PVP
BRSAT-MON
SUN-ND
WB-MON
WB-EXPAK
24
IIT
Keyword
NARP
© IITelecom,
2004
CFTP
SAT-EXPAK
KRYPTOLAN
RVD
IPPC
SAT-MON
VISA
IPCV
CPNX
Protocol
NBMA Address Resolution
Protocol
IP Mobility
Transport Layer Security Protocol
using Kryptonet key management
SKIP
ICMP for IPv6
No Next Header for IPv6
Destination Options for IPv6
Any host internal protocol
CFTP
Any local network
SATNET and Backroom EXPAK
Kryptolan
MIT Remote Virtual Disk Protocol
Internet Pluribus Packet Core
Any distributed file system
SATNET Monitoring
Visa Protocol
Internet Packet Core Utility
Computer Protocol Network
Executive
Computer Protocol Heart Beat
Wang Span Network
Packet Video Protocol
Backroom SATNET Monitoring
SUN ND PROTOCOL-Temporary
WIDEBAND Monitoring
WIDEBAND EXPAK
Decimal
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101-122
123-254
255
Keyword
ISO-IP
VMTP
SECURE-VMTP
VINES
TTP
NSFNET-IGP
DGP
TCF
EIGRP
OSPFIGP
Sprite-RPC
LARP
Protocol
MTP
AX.25
IPIP
MICP
SCC-SP
ETHERIP
ENCAP
GMTP
Protocol
ISO Internet Protocol
VMTP
SECURE-VMTP
VINES
TTP
NSFNET-IGP
Dissimilar Gateway Protocol
TCF
EIGRP
OSPFIGP
Sprite RPC Protocol
Locus Address Resolution
Multicast Transport Protocol
AX.25 Frames
IP-within-IP Encapsulation
Protocol
Mobile Internetworking Control
Semaphore Communications
Ethernet-within-IP Encapsulation
Encapsulation Header
any private encryption scheme
GMTP
Assigned
Unassigned
Reserved
IP packet - Hop Limit
HOP LIMIT
TTL=6
TTL=6
TTL=5
TTL=4
TTL=5
TTL=3 TTL=2
TTL=4
1111111111222222222233
01234567890123456789012345678901
Traffic
VERS Class
Flow Label
Payload Lenght
Next Header Hop Limit
Source IP Address
Source IP Address
Destination IP Address
Destination IP Address
Data
25
IIT
© IITelecom,
2004
TTL=1
TTL=3
TTL=0

Replaces the Time to Live (TTL) in IP
version 4 (in seconds).

Most routers will decrement the value by 1
every time, thus the term Hop Limit .
IP packet Source and Destination addresses
• 128 bits in length. To save space, the IPv6 address is
represented in hexadecimal
• Source Address indicates where the packet is coming
from
• Destination Address indicates where the packet is going
to
1111111111222222222233
01234567890123456789012345678901
VERS Traffic
Flow Label
Class
Payload Lenght
Next Header Hop Limit
Source IP Address
Source IP Address
Destination IP Address
Destination IP Address
Data
26
IIT
© IITelecom,
2004
IP version 6 address notation in hexadecimal
16 . 128 . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 8 . 8 . 0 . 32 . 12 . 65 . 122
00010000.10000000.00000000.00000000.00000000.00000000.00000000. 00000000.00000000.00001000.00001000.00000000.00100000.00001100.01000001.01111010
00010000 10000000 :00000000 00000000 :00000000 00000000:00000000 00000000:00000000 00001000 :00001000 00000000:00100000 00001100:01000001 01111010
16 bits
16 bits
16 bits
16 bits
16 bits
16 bits
16 bits
16 bits
1080 : 0000 : 0000 : 0000 : 0008 : 0800 : 200C : 417A
27
IIT
© IITelecom,
2004
IP version 6 address notation
Preferred format
16 bits
1080 :
16 bits
0
16 bits
:
0
16 bits
:
16 bits
0 :
8
16 bits
16 bits
16 bits
: 800 : 200C : 417A
Shorthand format
16 bits
1080 :
28
IIT
© IITelecom,
2004
16 bits
16 bits
16 bits
16 bits
:
8
16 bits
:
16 bits
16 bits
800 : 200C : 417A
IPv6 address prefix
IP version 6 address
16 bits
16 bits
16 bits
Network
16 bits
Subnet
16 bits
16 bits
16 bits
16 bits
Prefix
length
Host
Prefix
12AB : 0000 : 0000 : CD30 : 0000 : 0000 : 0000 : 0000 / 64




Prefix length = network + subnet portions
Identifies the number of bits in the prefix
Prefix notation is identical as the one used in IPv4 for classless
inter domain routing (CIDR)
In a URL, the IPv6 address is represented inside square brackets:
– http://[1080::8: 800:200C:417A]:8080/index.html
– Network browser must be modified
– Usage of FQDN (Fully Qualified Domain Names) is preferable
29
IIT
© IITelecom,
2004
Exercise
Which of the addresses below do not represent the
following IPv6 address?
12AB :0000 :0000 :CD30 :0000 :0000 :0000 :0000 / 64








30
IIT
© IITelecom,
2004
12AB : :CD30 :0000 :0000 :0000 :0000 / 64
12AB :0 :0 :CD30 :0 :0 :0 :0 / 64
12AB :0 :0 :CD30 : : / 64
12AB : : CD30 : : /64
12AB :0 :0 :CD30 / 64
12AB :0 :0 :CD3 / 64
12AB : :CD30 / 64
12AB : :CD3 / 64
IPv6 address structure
Address are allocated to interfaces:


No change with regards to IPv4
Each interface is expected to have multiple IPv6 addresses
Addresses have a reach:



Link Local
Site Local
Global
Global
31
IIT
© IITelecom,
2004
Site-local
Link-local
IPv6 address structure
An IPv6 address has a limited lifetime

Valid Address-Lifetime
Stateful mode:
–
The valid address-lifetime value will be assigned by the DHCPv6 server in
stateful mode
Stateless mode:
–

32
IIT
© IITelecom,
2004
The valid address-lifetime is calculated based on the Address-Prefix Lifetime
(included in the Router Advertisement Message) in stateless mode
An IPv6 address for which the valid address-lifetime has expired cannot
be used
Default : 2592000 seconds (30 days), fixed
Preferred Address-Lifetime
An IPv6 address for which the preferred address-lifetime has expired is
called an Invalid Address. Such addresses can still be used for the
current transaction but must not be used for new TCP connections
Default value: 604800 seconds (7 days), fixed
IPv6 address structure
128 bits/16 bytes
3
FP
45 bits
Global Routing Prefix
« Network »
FP
SLA ID
INTERFACE ID
16 bits
SLA ID
64 bits
Interface ID
« Subnet »
« Host »
Format Prefix (Address type)
Site-Level Aggregation Identifier
Interface Identifier
RFC 2374 includes two more hierarchical fields: TLA et NLA. IETF decided
to remove the TLA et NLA fields because they are dependant on local
policies from service providers
33
IIT
© IITelecom,
2004
Address allocation structure
Addresses are allocated by IANA :

Delegated to the Regional Internet Registries (RIRs).

Then delegated to Tier-1 providers:
–
–

Next to intermediate providers:
–

(Also known as Next-level Aggregators (NLA))
Then to sites
–

(Also known as Top-level Aggregators (TLA))
Only about a dozen providers can be considered Tier 1 at the top of the IPv4
hierarchy.
(Also known as Site-level Aggregators (SLA))
Then to subnets…
IPv6 Address Space Management
www.ripe.net/ripe/docs/ipv6-sparse.html
34
IIT
© IITelecom,
2004
Address allocation structure

IANA allocates addresses to the RIRs

RIR allocates /32 networks to the
Tier-1 providers (LIR)

LIR can allocate any size network to
its subordinate ISP (usually /48)

ISP/site has 16 bits available for
subnets
–
216 subnets per site = 65536 subnets

Remaining 64 bits for the interface
identifiers

Total = 128 bits.
Usage of the first 48 bits is based
on policy (therefore it can change
with time…)
Reference:
http://www.ripe.net/ripe/docs/ipv6policy.html
35
IIT
© IITelecom,
2004
Address allocation structure
There are currently four Regional Internet Registries:
RIPE NCC
Réseaux IP Européens Network Coordination Centre
http://www.ripe.net
ARIN
American Registry for Internet Numbers
http://www.arin.net
APNIC
Asia Pacific Network Information Centre
http://www.apnic.net
LACNIC
Latin American and Caribbean IP address Regional
Registry
http://lacnic.net
To determine under which RIRs a county is covered, use list of country codes
(http://www.ripe.net/ripencc/mem-services/general/rir-areas.html).
36
IIT
© IITelecom,
2004
Hierarchical routing
Africa
Europe
Tier 1
Tier 1
Intermediate
Provider
Intermediate
Provider
Intermediate
Provider
Intermediate
Provider
Intermediate
Provider
Intermediate
Provider
Site
Site
Site
Site
Tier 1
Intermediate provider
Site
37
IIT
© IITelecom,
2004
Site
Site
Site
: Top-Level Aggregator (provider)
: Next-Level Aggregator (provider)
: Site-Level Aggregator (end-user)
Site
Types of IPv6 addresses
1) Unicast (point to point)
A
B
C
D
E
C
D
E
2) Multicast (point to multipoint)
A
B
X
3) Broadcast (point to multipoint)
A
38
IIT
© IITelecom,
2004
B
C
D
E
Types of IPv6 addresses – RFC 3513
Different types of IPv6 addresses are recognised by their most
significant bits, currently defined as follows:
Address Type
Binary prefix
IPv6 Notation
Non specified
00...0 (128 bits)
::/128
Loopback
00...1 (128 bits)
::1/128
Multicast
11111111
FF00::/8
Link-local unicast
1111111010
FE80::/10
Site-local unicast
1111111011
FEC0::/10
Global unicast
(everything else)
In future specifications, it is possible that the global unicast address range be modified
to meet different needs. So far however and until further notice, IPv6 implementations
must process all the prefixes defined above as global unicast addresses.
39
IIT
© IITelecom,
2004
Reserved addresses
DHCP server
Unspecified address
0 :0 :0 :0 :0 :0 :0 :0
or
::

Used as source address for all IP version 6 packets transmitted by a node that
is initializing itself before it obtains an address from the DHCP server

Also used for Duplicate Address Detection (DAD)
Loopback address
0 :0 :0 :0 :0 :0 :0 :1
40
IIT
© IITelecom,
2004
or
::1

Used by a node that transmits a packet to itself

Serves the same purpose as 127.0.0.1 in IP version 4
Link-Local Addresses




41
IIT
© IITelecom,
2004
Address with a scope that
stays within a local link (LAN,
subnet)
Used for networks that are not
connected to the Internet or do
not have a router
Each node’s interfaces have a
private, link-local address that
is valid on the network
A link-local address is
representative of a single
network
Switch/Hub
Link-Local Addresses
10 bits
1111111010
64 bits
Interface ID
54 bits
0
Network
FE80
: 0000 : 0000
Host
: 0000
: 0290 : 27FF : FE17 : FC0F

Automatically configured on every interface using the interface’s MAC address

FE80 : : <Interface ID>

Link-Local addresses are only used locally
– They are the only ones used on a LAN without a router
42
IIT
© IITelecom,
2004

Their scope does not go beyond the local link

Routers will not forward packets with a link-local source or destination
addresses
EUI-64 Interface Identifier
RFC 2464 (IP version 6 over Ethernet).
Auto-configuration in Stateless mode:


EUI-64 Interface Identifier
Mac address 00-90-27-17-FC-0F
00 90 27 17 FC 0F
00 90 27
17 FC 0F
FF FE
00 90 27 FF FE 17 FC 0F
00 90 27 FF FE 17 FC 0F
000000U0
Universal/Local (U/L) bit
1 = Globally unique
0 = Local scope
02 90 27 FF FE 17 FC 0F
43
IIT
© IITelecom,
2004
Site-Local Addresses
Router
Switch/Hub
Subnet A





44
IIT
© IITelecom,
2004
Subnet B
Subnet C
Address with a scope within a site (network of subnets)
Used in networks that are not connected to the Internet
The network is divided in subnets by the router
Each node’s interfaces own a private address that is valid
for the site
Similar to private addresses in IP version 4
Site-Local Addresses
10 bits
1111111011
38 bits
0
Network
FEC0




: 0000 : 0000 :
16 bits
Subnet ID
64 bits
Interface ID
Subnet
Host
XXXX
: 0290 : 27FF : FE17 : FC0F
Valid for a site or an organisation
Site-Local Addresses are used on private networks that are not
connected to the Internet
Built from the interface identifier (MAC address) and a 16-bit pre-defined
subnet identifier
FEC0 : : <Subnet ID> : <Interface Identifier>
– Therefore: 65,536 possible subnets


45
IIT
© IITelecom,
2004
Routers will not forward outside the network, packets with a site-local
source or destination address
This address does not have a default value
Aggregatable Global Unicast Address


Used for networks that are
connected to the internet
Each node’s interfaces own
a public address valid on the
Internet.
Internet
Tier-1
Intermediate
provider
Site
Router
Switch/Hub
Subnet A
46
IIT
© IITelecom,
2004
Subnet B
Subnet C
Aggregatable Global Unicast Address


RFC 2374
Public global address obtained from an Internet service provider
128 bits/16 octets
3
FP
45 bits
Global Routing Prefix
« Network »
FP
SLA ID
INTERFACE ID
47
IIT
© IITelecom,
2004
16 bits
SLA ID
64 bits
Interface ID
« Subnet »
« Host »
Format Prefix (Address Types)
Site-Level Aggregation Identifier
Interface Identifier
Address types prefixes
Allocation
48
IIT
© IITelecom,
2004
Prefix (binary)
Portion of the total
address space
Not assigned (See Note 1)
Not assigned
Reserved for NSAP (OSI) Allocation
Not assigned
0000 0000
0000 0001
0000 001
0000 01
1/256
1/256
1/128 [RFC1888]
1/64
Not assigned
Not assigned
Global Unicast Addresses (see Note 2)
Not assigned
Not assigned
Not assigned
Not assigned
Not assigned
Not assigned
Not assigned
Not assigned
Not assigned
Not assigned
Link-Local Unicast Addresses
Site-Local Unicast Addresses
Multicast Addresses
0000 1
0001
001
010
011
100
101
110
1110
1111 0
1111 10
1111 110
1111 1110 0
1111 1110 10
1111 1110 11
1111 1111
1/32
1/16
1/8 [RFC2374]
1/8
1/8
1/8
1/8
1/8
1/16
1/32
1/64
1/128
1/512
1/1024
1/1024
1/256
1.
Addresses that are Unspecified (::), Loopback (::1) and IPv6 Addresses with Embedded
IPv4 Addresses are allocated from the space within the 0000 0000 prefix
2.
For now, IANA limits IPv6 address allocation to the space within the 001 prefix. The
remaining global Unicast address space (approximately 85% of the total IPv6 address
space) is reserved for future definition
IPv4-compatible IPv6 address
IPv6 addresses with embedded IPv4 addresses are global
Unicast addresses that begin with the binary prefix 000.
One of the transition methods to IPv6 allows a means for nodes and routers to dynamically create
IPv6 tunnels allowing transmission of IPv6 packets over an IPv4 infrastructure. Nodes that
implement this technique are assigned a special IPv6 address which transports an IPv4 address in
it 32 least significant bits. This type of address is call an IPv4-compatible IPv6 address; its format is
shown below:
16 bits
80 bits
0
0
Host
IPv4ID
Prefix
0000 : 0000 : 0000 : 0000
32 bits
IPv4 address
: 0000 :
0000
:
143.23.234.211
The IPv4 address used inside an IPv4-compatible IPv6 address must be a
public, globally routable IPv4 address
49
IIT
© IITelecom,
2004
IPv4-mapped IPv6 address
A second type of IPv6 address transporting an IPv4 is also defined. This time, this
type of address is used to represent an IPv4 address for a node that does not support
IPv6. This type of address is called an IPv4-mapped IPv6 address; its format is shown
below:
80 bits
0
16 bits
1111111111111111
50
IIT
© IITelecom,
2004
Host
IPv4ID
Prefix
0000 : 0000 : 0000 : 0000
32 bits
IPv4 address
: 0000 :
FFFF
:
143.23.234.211
Anycast addresses

This address type is assigned to a group of interfaces belonging to different
nodes. A packet delivered to an Anycast address is sent to one of the
interfaces (the closest one, according to the routing protocol’s measure of
distance).

Anycast addresses are drawn from the Unicast address space (regardless
of the scope). In that respect, they are identical from a syntax perspective
and cannot be told apart

When a Unicast address is assigned to more than one interface (making it
an Anycast address), the nodes on which the address exist must be
explicitly configured to respond to that address
51
IIT
© IITelecom,
2004
Anycast addresses

An Anycast address, when used in a route sequence, allows a node to select
which of many Internet service providers will carry its traffic. This functionality is
often referred as source selected policies. This is implemented by configuring
Anycast addresses identifying groups of routers belonging to the service providers
(i.e., one Anycast address per Internet service provider)

These Anycast addresses can be listed in the IPv6 routing header to force delivery
of the packet through one or more providers along the path

Another possible use of Anycast addresses is to identify the group of routers
attached to a particular subnet, or a group of routers providing access to a
particular routing domain
52
IIT
© IITelecom,
2004
Anycast addresses

There is very little experience on large-scale deployment of Anycast addresses
and the pitfalls and difficulties associated to it

Until more experience is derived from actual deployments, the following
restrictions are imposed on the use of Anycast addresses :
–
An Anycast address must never be used as the source address of an IPv6
packet.
–
An Anycast address must never be assigned to a end-user (i.e. it should only
be assigned to routers)
53
IIT
© IITelecom,
2004
Anycast addresses
The Subnet-Router Anycast address is predefined and
described below:
128 - n bits
n bits
Subnet prefix
0
Host
Prefix
3FFE : 0B00 :
0C18
:
0010
:
0000
• The subnet prefix in an Anycast address is the prefix that identifies the link. From
a syntax perspective, this Anycast address is identical to an Unicast address on
that link, with the host identifier set to zero
• Packets sent to this Subnet-Router Anycast will be delivered to all routers on the
network
• All routers must support Subnet-Router Anycast addresses for all subnets on
which they have one or more interfaces. The Subnet-Router Anycast address is
designed for applications that need to communicate for any router in the group
54
IIT
© IITelecom,
2004
Multicast
Unicast

Communication from a node to
another
Multicast


Communication from one node to
many nodes
This function replaces the IPv4
broadcast
Multicast
55
IIT
© IITelecom,
2004
Broadcast vs. Multicast

ARP Broadcast in IP version 4 :
– Uses Ethernet broadcast FF-FF-FF-FF-FF-FF
– Every node on the broadcast domain process the packet, which affect a node’s
performance

Multicast solicitation in IP version 6 :
– Uses the Ethernet multicast format: 33-33-FF-17-FC-0F
– Packets will not necessarily be processed by every node. Nodes recognise their
Multicast address and can decide to accept or reject the packet. This technique
improves performance since not all stations will have to answer a broadcast request
CPU
56
IIT
© IITelecom,
2004
Multicast addresses - RFC 2375
Multicast address assignment

A packet using a Multicast address is destined to the members of the
Multicast group only
8 bits
11111111
4 bits 4 bits
Flags Scope
FF 000T XXXX
Multicast
address
Flags
T = 0 : permanent
« well-known » multicast address,
assigned by IANA.
T = 1 : temporary
57
IIT
© IITelecom,
2004
112 bits
Group ID
Scope
0000 = 0 = Reserved
0001 = 1 = Interface-local
0010 = 2 = Link-local
0011 = 3 = Reserved
0100 = 4 = Admin-local
0101 = 5 = Site-local
1000 = 8 = Organization
1110 = E = Global
1111 = F = Reserved
Reserved Multicast addresses
1) All Nodes Multicast Address (Link-local multicast)
2) All Routers Multicast Address (Site-local multicast)
3) Solicited Node Multicast Address
58
IIT
© IITelecom,
2004
All Nodes Multicast Address
Flags Scope
0000 0010
8 bits
11111111
FF
0

2
112 bits
Group ID
: 0000 : 0000 : 0000 : 0000 : 0000 : 0000 : 0001
A packet with an All Nodes Multicast Address as destination address
(FF02 : :1) will be sent to all nodes on the local-link.
– FF01:0:0:0:0:0:0:1 All nodes multicast with an interface-local scope is also valid


59
IIT
© IITelecom,
2004
Multicast Ethernet address: 33-33-00-00-00-01
To find all stations on a local-link : ping6 ff02::1
All Routers Multicast Address
8 bits
11111111
FF
Flags Scope
0000 0010
0

2
112 bits
Group ID
: 0000 : 0000 : 0000 : 0000 : 0000 : 0000 : 0002
A packet with an All Routers Multicast Address as a destination
address (FF02::2) will be sent to all routers on the local-link.
– FF01:0:0:0:0:0:0:2 All routers multicast with an interface-local scope is also valid
– FF05:0:0:0:0:0:0:2 All routers multicast with a site-local scope is also valid

60
IIT
© IITelecom,
2004
Multicast Ethernet address: 33-33-00-00-00-02
Solicited-Node Multicast Address

Used to obtain the layer-2 address of a node :
– Replaces the broadcast used by the Address Resolution Protocol (ARP)
in IP version 4.

Also used to detect duplicate addresses (DAD)
3FFE : 0B00 : 0C18 : 0001 : 0290 : 27FF : FE17 : FC0E
What is your MAC address?
3FFE : 0B00 : 0C18 : 0001 : 0290 : 27FF : FE17 : FC0E
3FFE : 0B00 : 0C18 : 0001 : 0290 : 27FF : FE17 : FC0F
61
IIT
© IITelecom,
2004
Solicited-Node Multicast Address

Solicited-Node Multicast Address :
– FF02 :0 :0 :0 :0 :1 :FFXX :XXXX
– A solicited-node multicast address is formed by adding to the above prefix the
24 least significant bits of the solicited node IPv6
Example:
 If you are looking for this IPv6 Unicast address (the solicited node):
– 3FFE : 0B00 : 0C18 : 0001 : 0290 : 27FF : FE17 : FC0F

You will build a packet with the following IPv6
Solicited-Node Multicast address
– FF02 : 0000 : 0000 : 0000 : 0000 : 0001 : FF17 : FC0F

Then encapsulate it in the following Multicast Ethernet address:
– 33-33-FF-17-FC-0F
62
IIT
© IITelecom,
2004
Addresses required for each node

One link-local Unicast address for each interface.

One site-local OR global Unicast address.

One loopback address.

All-Nodes Multicast Address.

One solicited-node Multicast address for every Unicast address
assigned.

One Multicast address for every Multicast group the node is a
member of.
63
IIT
© IITelecom,
2004
Addresses required for each node
For example, on a Windows XP workstation:
3 pseudo-interfaces (logical, not physical)

Interface 1 (called « Loopback Pseudo–Interface »).
–

Interface 2 (called « Automatic Tunnelling Pseudo–Interface »).
–

Is a pseudo-interface used for the loopback address
Is a pseudo–interface used for automatic tunnelling of IPv6 in transition
scenarios (See section 3, Transition methods)
Interface 3 (called « 6to4 Tunnelling, Pseudo–Interface »).
–
Is a pseudo–interface used for 6to4 tunnelling (See section 3, Transition
methods)
All the other interfaces are numbered sequentially in the order
they were created (can be different from one station to another)
64
IIT
© IITelecom,
2004
Addresses required for each node
For example, on a Windows XP workstation:
Interface 4: Ethernet: Local Area Connection
uses Neighbor Discovery
link–layer address: 00-b0-d0-23-47-33
preferred link–local fe80::2b0:d0ff:fe23:4733, life infinite
multicast interface–local ff01::1, 1 refs, not reportable
multicast link–local ff02::1, 1 refs, not reportable
multicast link–local ff02::1:ff23:4733, 1 refs, last reporter, 6
seconds until report
link MTU 1500 (true link MTU 1500)
current hop limit 128
reachable time 36500ms (base 30000ms)
retransmission interval 1000ms
DAD transmits 1
Interface 3: 6to4 Tunneling Pseudo–Interface
does not use Neighbor Discovery
preferred global 2002:9d3c:89d9::9d3c:89d9, life infinite
link MTU 1280 (true link MTU 65515)
current hop limit 128
reachable time 0ms (base 0ms)
retransmission interval 0ms
DAD transmits 0
65
IIT
© IITelecom,
2004
Interface 2: Automatic Tunneling Pseudo–Interface
does not use Neighbor Discovery
preferred link–local fe80::200:5efe:157.60.137.217, life infinite
preferred global ::157.60.137.217, life infinite
link MTU 1280 (true link MTU 65515)
current hop limit 128
reachable time 0ms (base 0ms)
retransmission interval 0ms
DAD transmits 0
Interface 1: Loopback Pseudo–Interface
does not use Neighbor Discovery
link–layer address:
preferred link–local ::1, life infinite
preferred link–local fe80::1, life infinite
link MTU 1500 (true link MTU 1500)
current hop limit 128
reachable time 40500ms (base 30000ms)
retransmission interval 1000ms
DAD transmits 1
Addresses required for each router

Same as on any other node :
–
–
–
–
–
–
One link-local Unicast address for each interface.
One site-local OR global Unicast address.
One loopback address.
All-Nodes Multicast Addresses.
One solicited-node Multicast address for every Unicast address
assigned.
One Multicast address for every Multicast group the node is a member
of.
PLUS



66
IIT
© IITelecom,
2004
The All-Routers Multicast address
The « Subnet-Router Anycast » address, for each interface for
which the router is configure to act as a router
Any other Anycast address assigned to the router
Internet Control Message Protocol ICMP version 6



RFC 2463
Protocol ICMP version 6 (IP version 6 Next Header = 58)
Similar to ICMP version 4
IP version 6 header
Type
Code
Checksum
Message body
32 bits
67
IIT
© IITelecom,
2004
ICMP version 6 error messages

Type 1 : Destination unreachable
–
–
–
–

Type 2 : Packet too big
–

IIT
© IITelecom,
2004
code 0 : hop limit exceeded in transit
code 1 : fragment reassembly time exceeded
Type 4 : Parameter problem
–
–
–
68
Message contains the MTU.
Type 3 : Time exceeded
–
–

code 0 : no route to destination
code 1 : communication with destination administratively prohibited
code 3 : address unreachable
code 4 : port unreachable
Code 0: erroneous header field encountered
Code 1: unrecognized Next Header type encountered
Code 2: unrecognized IPv6 option encountered
ICMP Version 6 informational messages

Type 128 : Echo request (ping)
–

Type 129 : Echo reply
–
69
IIT
© IITelecom,
2004
Message contains an identifier and sequence number
Message contains an identifier and sequence number

Type 133 : Router Solicitation

Type 134 : Router Advertisement

Type 135 : Neighbour Solicitation

Type 136 : Neighbour Advertisement

Type 137 : Redirect
Neighbour Discovery (ND) Protocol
RFC 2461



Replaces ARP in IP version 4, with added functionality
Uses ICMPv6
Used to :
–
–
–
–


Used by the auto-configuration process
All ND messages have a Hop Limit of 255
–
70
IIT
© IITelecom,
2004
Find neighbours’ link-local addresses
Find routers that are present on the LAN
Maintain neighbour accessibility
Allows routers to disseminate network information to the other nodes
All messages also have a link-local scope only
Neighbour Discovery (ND) Protocol
Functions :

Router Discovery :
–

Prefix Discovery :
–

IIT
© IITelecom,
2004
Configures an address for an interface
Address Resolution :
–
71
Discovers parameters such as MTU and Hop Limit to be inserted in
packets to be sent
Address Auto-Configuration :
–

Allows discovery of the prefix to be used by a node to build its IPv6
address
Parameter Discovery :
–

Finds the routers that are on the same local-link (LAN)
Similar to ARP: discovers the layer 2 address of a node by only
providing an IPv6 address
Neighbour Discovery (ND) Protocol
Functions :

Next-Hop Determination :
–

Neighbour Unreachability Detection :
–

IIT
© IITelecom,
2004
Determines if an auto-configured address is already used by another
node
Redirect :
–
72
Determines if a neighbour node is still reachable
Duplicate Address Detection :
–

Determines if packets destined for a given address can be sent
directly to the destination node through layer 2 or must go through the
default gateway.
The router informs a node of the first node to use to reach its
destination
Neighbour Discovery Messages
NDP defines 5 types of ICMP version 6 packets to perform the
functions listed before:
1 - Neighbour Solicitation



Sent by a node to discover the layer 2 address of a neighbour node
Equivalent to the ARP request in IPv4.
Packet description:
–
–
–
–
Source address = link-local address
Destination address = solicited-node multicast address
The data portion also contains the searched-for link-local address
ICMP type 135
2 - Neighbour Advertisement



73
IIT
© IITelecom,
2004
Answer to a Neighbour Solicitation.
Equivalent to the ARP response in IPv4.
Packet description:
–
–
–
–
Source address = link-local address
Destination address = Requestor address (Neighbour Solicitation)
The data portion also contains the searched-for link-local address
ICMP type 136
Neighbour Discovery Messages
3 - Router Solicitation :


When a node starts, it does not want to wait for the next Router
Advertisement. The node asks the router to send a router
advertisement immediately.
Packet description :
–
–
–
Source address = link-local address
Destination address = All-routers multicast address (FF02::2)
ICMP type 133
4 - Router Advertisement :






74
IIT
© IITelecom,
2004
Routers send periodic advertisement messages (between 4 and 1800
seconds).
The advertisement has a limited lifetime (=0 if not the default gateway)
Contains one or more prefixes
Specifies the address auto-configuration mode: stateful (DHCP) or
stateless.
Used when an entire site is renumbered
Packet description :
–
–
–
–
Source address = Router link-local address on the link
Destination address = All-nodes multicast address (FF02::1)
Data = Network prefix, lifetime, default gateway, options
ICMP type 134
Neighbour Discovery Messages
5 - Route change, Redirect



The router indicates the best path to follow to reach a destination by
specifying the best next hop
Similar to ICMP version 4 Redirect
Packet description :
–
–
–
–
75
IIT
© IITelecom,
2004
Source address = Router link-local address on the link
Destination address = Host address for which the packets need to be rerouted
Data = Next hop (router) address to use
ICMP type 137
Auto-configuration - Stateful or Stateless
Stateless
Host
Router solicitation message
Router
Router advertisement message

No manual configuration required, the routers specifies the network prefix to use
and the default gateway, but not the default DNS server
Stateful
Host
DHCP Servers Multicast
IPv6 DHCP
Server
Unicast

76
IIT
© IITelecom,
2004
The host system contacts a DHCP or similar address assignment server. The server
returns a valid address from a pre-configured list.
Stateless Link-Local Address
Auto-configuration
All-routers
multicast
FF02 : :2
Router solicitation
Host
RFC 2462

A host node forms a Link-Local Address as soon as it becomes active

The host node sends a router solicitation message using the all-routers Multicast
address (FF02::2) and the Ethernet Multicast (33-33-00-00-00-02)

No reply will be received if no router is present on the link
– The host node will then use a Link-Local address (FF80 : : “Interface ID”)

77
IIT
© IITelecom,
2004
The host node uses the Duplicate Address Detection (DAD) method to verify that
his auto-configured address is unique.
Stateless Site-Local or Global Address
Auto-configuration (Step 1)
All-routers
Multicast
FF02 : :2
Router solicitation message
Router
Host
78
IIT
© IITelecom,
2004

A host node forms a Link-Local Address as soon as it becomes active

The host node sends a router solicitation message using the all-routers Multicast
address (FF02::2) using the Ethernet Multicast (33-33-00-00-00-02)
Stateless Site-Local or Global Address
Auto-configuration (Step 2)
Router advertisement,
containing the address prefix to
use and the path MTU
Host
Router
All-nodes
Multicast
FF02 : :1
79
IIT
© IITelecom,
2004

Router returns a router advertisement message, containing the network prefix to
use (site-local or global Unicast) :
– Sends the advertisement to the all-nodes multicast address FF02 : :1, using
the Ethernet Multicast (33-33-00-00-00-01)

The host node forms a site-local or global Unicast address:
– Site-local = FEC0 : : <Subnet ID> : <Interface ID>
– Global = <Network ID> : <Subnet ID> : <Interface ID>

The host node uses the Duplicate Address Detection (DAD) method to verify
that his configured address is unique.
Address Resolution - Step 1
Solicited-node
Multicast address
FF02 : :1 :FFXX :XXXX
Neighbour solicitation message
Host
Target
node
3FFE : 0B00 : 0C18 : 0001 : 0290 : 27FF : FE17 : FC0E

The IPv6 address of the target node is known (we are looking for it)

The requesting host looks in his neighbour cache to verify is the layer 2 address is
already available

If not available, the requesting host initiates the address resolution process by
sending a solicited-node multicast message asking the target node to return its
layer 2 address

The neighbour solicitation message is sent in solicited-node Multicast mode to the
target node:
– FF02 : :1 :FF17 :FC0E (using MAC address 33-33-FF-17-FC-0E)
80
IIT
© IITelecom,
2004
Address Resolution - Step 2
Neighbour Advertisement
message, containing the
MAC address
Host
Unicast

81
IIT
© IITelecom,
2004
Target
node
3FFE : 0B00 : 0C18 : 0001 : 0290 : 27FF : FE17 : FC0E
The target node returns a Neighbour Advertisement Message containing its
MAC address, using the requestor’s Unicast address
Source Address Selection
A node on a network has multiple IPv6 addresses. Which one of these
will it choose as the source address when sending packets?
RFC 3484

Rule 1 : Prefer same addresses (as the destination)

Rule 2 : Prefer matching scope (the smallest possible scope)

Rule 3 : Avoid deprecated addresses (lifetime exceeded)

Rule 4 : Prefer home addresses (over Care-of Addresses CoA)

Rule 5 : Prefer outgoing interface (to reach the destination)

Rule 6 : Prefer matching label
–
IPv6 native source -> IPv6 native destination
–
6to4 source -> 6to4 destination
–
IPv4-compatible source -> IPv4-compatible destination
–
IPv4-mapped source -> IPv4-mapped destination

Rule 7 : Prefer public addresses (over temporary ones)

Rule 8 : Use longest matching prefix (as source address)
Some local policies may prevail!
82
IIT
© IITelecom,
2004
Destination Address Selection

Rule 1 : Avoid unreachable destination (using Neighbour Unreachability Detection)

Rule 2 : Prefer matching scope (the smallest possible scope)

Rule 3 : Avoid deprecated addresses

Rule 4 : Prefer home addresses

Rule 5 : Prefer matching label
–
IPv6 native source > IPv6 native destination
–
6to4 source > 6to4 destination
–
IPv4-compatible source > IPv4-compatible destination
–
IPv4-mapped source> IPv4-mapped destination

Rule 6 : Prefer higher precedence

Rule 7 : Prefer native transport

Rule 8 : Prefer smaller scope

Rule 9 : Use longest matching prefix

Rule 10: Otherwise, leave the order unchanged
Some local policies may prevail!
83
IIT
© IITelecom,
2004
Duplicate Address Detection
Solicited-node
Multicast address
FF02 : :1 :FFXX :XXXX
Neighbour Solicitation message
Host
FE80 : :0290 : 27FF : FE17 : FCCD
RFC 2462
84
IIT
© IITelecom,
2004

The host node initiates an Address Resolution process, asking the solicited
neighbour to return its layer 2 (MAC) address.

Difference from normal address resolution: the neighbour solicitation
message is sent as a solicited-node Multicast using:
– Its own solicited-node multicast address (FF02 : :1 :FF17 :FCCD)
– Its own multicast MAC address (33-33-FF-17-FC-CD)

If no reply comes, the address is unique

Otherwise, the node’s interface is disabled and requires manual attention
MTU discovery process
ICMP
Packet Too Big
FDDI
MTU = 4500
FDDI
MTU = 4500
MTU Discovery
Message
Ethernet
MTU = 1500
FDDI
MTU = 4500
RFC 1981
85
IIT
© IITelecom,
2004

In IPv6, routers do not fragment packets.

If fragmentation is necessary, it is done by the source node.

Nodes transmit packets as big as the local-link can support (link MTU)

If the MTU is too big for certain links along the route, a Packet Too Big
ICMP datagram will be returned to the source. The source adjusts the
MTU and fragments the packet.

Minimum MTU is 1280.
Temporary addresses
RFC 3041

An IPv6 address contains the MAC address of a node’s interface

This leads to potential security problems and risks

RFC 3041 discusses:
–
Random generated interface identifiers (64 least significant bits of the IPv6
address)
–
The definition of these addresses as temporary
–
Recycling of these addresses as required
86
IIT
© IITelecom,
2004
Host node renumbering
RFC 2894
It is possible with IPv6 to modify an entire site addressing plan

In the Router Advertisement message, the network prefix lifetime is modified
–
Preferred lifetime = 0 (this prefix must not be used to open new connections)
–
Valid lifetime is decremented towards 0

A new network prefix is announced

Host nodes configure a new address based on the new prefix and use it for new
connections

There is no lost connection!

Host nodes always listen to Router Advertisement messages, even after the
address auto-configuration process is completed
87
IIT
© IITelecom,
2004
Router renumbering
RFC 2894

88
IIT
© IITelecom,
2004
Protocol defined to renumber routers in a site
–
New ICMPv6 message type: Type 138
–
IPSec is used for authentication
–
Very few implementations to date
IP version 6 DNS
RFC 1886, 2874
Changes to records:

AAAA (RFC 1886 new record type) :
–

89
IIT
© IITelecom,
2004
Equivalent to the A record type for IPv4
A6 (RFC 2874 new record type) :
–
Covers renumbering scenarios
–
Refers a domain name to an IPv6 address
–
Will eventually replace the “AAAA” record type
–
The first bits in an IPv6 address refer to the provider’s network prefix, which is the same for
every host node in a network. Since IPv6 addresses are longer, it is preferable not to
register their prefix in the local DNS. The A6 record allows the creation of a reference to
the provider’s DNS for that portion of the address. This in turn allows better flexibility in the
provider’s and customer’s respective DNS. For example, if a customer changes provider,
no change to the local DNS is required, only the reference record pointing to the new
provider’s DNS.
IP version 6 DNS
PTR


90
IIT
© IITelecom,
2004
Equivalent to the previous PTR record
The upper level DNS domain used for ipv6 was ipv6.int. This level is now
ip6.arpa
IP version 6 DNS

BIND (Berkeley Internet Name Domain) is one of the Domain
Name Service (DNS) implementations
–
–
–

Root Servers:
–
–
91
IIT
© IITelecom,
2004
Bind 4.9.3 supports AAAA records (only on IPv4 transport)
Bind 8.X supports AAAA and IPv4-IPv6 transport (avec patch 8.1.2)
Bind 9.X is 100% compatible with IPv6 (supports A6 records)
Not currently configured for IPv6 requests
However, the AAAA records can be used
Routing protocols
Routing protocols must also evolve




92
IIT
© IITelecom,
2004
RIP
OSPF
BGP4+
IS-IS
RIP
RIP (Routing Information Protocol) for IPv6 (or RIPng)
RFC 2080
93
IIT
© IITelecom,
2004

Based on RIPv2, same concept : distance-vector, maximum 15 hops

Processes IPv6 prefixes and next-hop addresses

Uses Multicast (FF02::9 = all-rip-routers as destination address for the RIP
updates)

Uses IPv6 transport

New UDP port: 521

Version reset to 1

A vast majority (if not all) the IPv6 router implementations support RIP IPv6.
The same goes for Unix and Windows XP.
OSPF
OSPF (Open Shortest Path First) pour IPv6
RFC 2740
94
IIT
© IITelecom,
2004

Also known as OSPFv3

Major rewriting to remove all dependencies to IPv4 to obtain a totally
protocol independent version

Link-local addresses are used

IPv6 transport is added

The rewriting process caused some availability delays. Solutions are now
available from most major equipment vendors
BGP
RFC 2283, 2545

BGP4+
– Includes multi-protocol extensions to BGP, for new address family types (IPv6
but also VPN, etc.)

IPv6 addresses :
– Address scope can be used in the NEXT_HOP
– NEXT_HOP et NLRI are expressed in terms of IPv6 address and prefix

95
IIT
© IITelecom,
2004
A majority of equipment vendors support BGP for IPv6. It is used on
6Bone since 1996
Questions?
?
96
IIT
© IITelecom,
2004
IPv6 Concepts
Burt Crépeault :: [email protected]
www.iitelecom.com
97
IIT
© IITelecom,
2004
© Institut international des télécommunications inc., 2004