Transcript ICMP (Internet Control Message Protocol)

IPv6 (Internet Protocol V. 6)
W.lilakiatsakun
IPv6 Overview
 IPv6 was first formally described in Internet
standard document RFC 2460
 Initial motivation: 32-bit address space soon to be completely
allocated.
 Additional motivation:
 header format helps speed processing/forwarding
 header changes to facilitate QoS
IPv6 datagram format:
 fixed-length 40 byte header
 no fragmentation allowed
IPv4 Header Vs IPv6 Header
IPv6 Header
 Traffic Class (Priority): identify Class of traffic
(priority) among datagrams in flow
 Flow Label: identify datagrams in same “flow.”
(concept of “flow” is defined in RFC 3697)
 Next header: identify upper layer protocol for data
Other changes
 Checksum: removed entirely to reduce processing
time at each hop
 Options: allowed, but outside of header, indicated by
“Next Header” field
 ICMPv6: new version of ICMP
 additional message types, e.g. “Packet Too Big”
 multicast group management functions
Summary of IPv6 Header (1)
 New fields:
 Flow label
 Traffic class
 Modified fields:
 Total length becomes Payload length
 TTL becomes Hop Limit
 Protocol becomes Next Header (indicates extension
header)
Summary of IPv6 Header (2)
 Eliminated fields:
 Header length -> not necessary since IPv6 header is
fixed length
 Header checksum -> reduce processing time at each hop
 ID, Flag, Segmentation, Protocol, Options, Padding ->
moved to “extended header”
Traffic Class Field
 The 8-bit Traffic Class field in the IPv6 header is
available for use by originating nodes and/or
forwarding routers to identify and distinguish
between different classes or priorities of IPv6
packets.
 It is used to provide “Differentiated Service” that
defines in RFC 2474
Flow Label
 The 20 bits field Flow classifiers had been based on 5tuple:
 Source/destination address
 protocol type
 Source/destination port numbers
 Flow label value of 0 used when no special QoS
requested (the common case today)
Next Header Field
 Extension headers are daisy-chained by the “next
header” field
 The order is fixed
Example of Next Header Value (1)






Hop-by-Hop header (0)
Destination options header (w/ routing header) (60)
Routing header (43)
Fragment header (44)
Authentication header (51)
ESP header (50)
Example of Next Header Value (2)






ESP header (50)
Mobility header (135)
Destination options header (60)
ICMPv6 (58)
No Next header (59)
Upper-layer header (Varies—TCP=6, UDP=17)
IPv6 Addressing
 IPv6 address has 128 bits
 2128 = 3.4x1038 addresses!!!!
 340,282,366,920,938,463,463,374,607,431,768,211,456
 4.3x1020 addresses per square inch on earth
 Enough address for every grain of sand on
earth!
Addressing Format (1)
Addressing Format (2)
 Representation
 16-bit hexadecimal numbers
 Numbers are separated by (:)
 Hex numbers are not case sensitive
 Abbreviations are possible
 Leading zeros in contiguous block could be represented by (::)
 Example:
 2001:0db8:0000:130F:0000:0000:087C:140B
 2001:0db8:0:130F::87C:140B
 Double colon only appears once in the address
Addressing Format (3)
 Rule 1: Leading zeros can be removed
 Rule 2: 0000 can be written as 0
 Rule 3: Use “::” for all zeros in one or more group of
16-bit number
Example of IPv6 Address
Prefix Representation
 In this representation you attach the prefix length like IPv4
address:
 198.10.0.0/16
 IPv6 address is represented the same way:
 2001:db8:12::/48
 Only leading zeros are omitted. Trailing zeros are not
omitted
 2001:0db8:0012::/48 = 2001:db8:12::/48
 2001:db8:1200::/48 7 2001:db8:12::/48
IPv6 Addressing Model
 Interface “expected” to have multiple addresses
 Addresses have scope
 Link Local
 Unique Local
 Global
 Addresses have lifetime
 Valid and preferred lifetime
Address Type (1)
 Unicast
 Address of a single interface. One-to-one delivery to single
interface
 Multicast
 Address of a set of interfaces. One-to-many delivery to all
interfaces in the set
 Anycast
 Address of a set of interfaces. One-to-one-of-many delivery to a
single interface in the set that is closest
 No more broadcast addresses
Address Type (2)
 Unicast
 Global start with 2 or 3
 2000::/3
 3FFE:85B:1F1F::A9:1234





Link Local start with FE8x – FEBx
Site-Local (Deprecated) start with FECx – FEFx
Unique Local (ULA) start with FC00: FD00
IPv4 Compatible start with 0 – 96 bits
Anycast Address is allocated from unicast prefix
Address Type (3)
Global Unicast Address
 Global Unicast Addresses Are:
 Addresses for generic use of IPv6
 Structured as a hierarchy to keep the aggregation
Unique Local
 Unique-Local Addresses Used for:
 Local communications
 Inter-site VPNs
 Not routable on the Internet
Link Local
 Link-Local Addresses Used for:
 Mandatory Address for Communication between two IPv6
device (like ARP but at Layer 3)
 Automatically assigned by Router as soon as IPv6 is enabled.
Only Link Specific scope
 Remaining 54 bits could be Zero or any manual configured
value
IP Multicast Address
 IP multicast address has a prefix FF00::/8
(1111 1111); the second octet defines the lifetime and
scope of the multicast address
Multicast Mapping over Ethernet
 Mapping of IPv6 multicast address to Ethernet
address is:
33:33:<last 32 bits of the IPv6 multicast address>
Solicited-Node Multicast Address (1)
 For each unicast and anycast address configured
there is a corresponding solicited-node multicast
 This is specially used for two purpose, for the
replacement of ARP, and DAD (Duplicate Address
Detection)
 Used in neighbor solicitation messages
Solicited-Node Multicast Address (2)
 Multicast address with a link-local scope
 Solicited-node multicast consists of prefix + lower 24
bits from unicast, FF02::1:FF:XXXXXX
Anycast Address (1)
 Anycast allows a source node to transmit IP
datagrams to a single destination node out of a group
destination nodes with same subnet id based on the
routing metrics
 Only routers should respond to anycast addresses
 Routers configured to respond to anycast packets will
do so when they receive a packet send to the anycast
address
Anycast Address (2)
Prefix Allocation
 Generally subdivide




48 bits for site prefix
80 bits for internal site numbering
16 bits for subnet number
64 bits for host number on subnet
 Host address can use EUI-64 (MAC-based)
 Guarantee uniqueness
 No need for manual or DHCP assignment
Subnet
 Organizations assign subnets (similar to IPv4)
 Obtain 48-bit site prefix from ISP
 Combine with each 16-bit subnet number
 Produces 64-bit prefix for every link




Configure prefix in all routers attached to link
Configure router advertisements
Routers will distribute prefix info to hosts
Hosts configure their own addresses
Host ID (Interface ID)(1)
 The Interface ID can be configured manually or autoconfigured by any of the following methods:
 Using a randomly generated number
 Using DHCPv6
 Using the Extended Unique Identifier (EUI-64) format.
Host ID (Interface ID)(2)
 This format expands the device interface
 48-bit MAC address to 64 bits by inserting FFFE into the
middle 16 bits.
 Cisco commonly uses the EUI-64 host ID format to do
stateless auto-configuration for Cisco IP Phones,
gateways, routers, and so forth.
Host ID (Interface ID)(3)
Extended Unique Identifier (EUI-64)
Host Address Assignment
 IPv6 provides the following mechanisms for assigning
address to IPv6 devices:
 Manual Configuration
 IPv6 Stateless Address Auto-Configuration (RFC2462)
 DHCP for IPv6
 Stateless DHCP
 Stateful DHCP
Manual Configuration
 An IPv6 address can be configured statically by a
human operator. This can be an appropriate method
of assigning addresses for router interfaces and static
network elements and resources.
 However, manual assignment is open to errors and
operational overhead due to the 128-bit length and
hexadecimal attributes of the addresses.
IPv6 Stateless Address
Auto-Configuration (1)
 Stateless address auto-configuration (SLAAC)
provides a convenient method to assign IP
addresses toIPv6 nodes.
 If you want to use IPv6 SLAAC on an IPv6 node,
then it is important to connect that IPv6 node to
a network with at least one IPv6 router.
 This router is configured by the network
administrator and sends out Router
Advertisement (RA) announcements onto the
link.
IPv6 Stateless Address
Auto-Configuration (2)
 With SLAAC, the node uses the IPv6 network
prefix advertised in the link-local router's RAs
and creates the IPv6 host ID by using the
phone's MAC address and the EUI-64 format
for host IDs.
Neighbor Discovery (1)
 Replaces ARP, ICMP (redirects, router discovery)
 Reachability of neighbors
 Hosts use it to discover routers, auto configuration of
addresses
 Duplicate Address Detection (DAD)
Neighbor Discovery (2)
 Neighbor discovery uses ICMPv6 messages,
originated from node on link local with hop limit of
255
 Five neighbor discovery messages





1. Router solicitation (ICMPv6 type 133)
2. Router advertisement (ICMPv6 type 134)
3. Neighbor solicitation (ICMPv6 type 135)
4. Neighbor advertisement (ICMPv6 type 136)
5. Redirect (ICMPV6 type 137)
Router Solicitation and
Advertisement
 Router solicitations (RS) are sent by booting nodes to
request RAs for configuring the interfaces
 Routers send periodic Router Advertisements (RA) to
the all-nodes multicast address
Neighbor Solicitation and
Advertisement
 The Neighbor
Solicitation message allows a
device to check that a
neighbor exists and is
reachable, and to initiate
address resolution.
 The Neighbor Advertisement
message confirms the
existence of a host or router,
and also provides layer-two
address information when
needed.
Redirect
Why DHCPv6
 Stateless auto-configuration only configures
addresses;not “other configuration” information
(DNS servers,domain search list)
 Stateless auto-configuration is “one-size fits all”
 Addresses can not be selectively assigned
 Policies can not be enforced about clients allowed
addresses
DHCP v6 (1)
 DHCP Process is same as in IPv4
 If a client wishes to receive configuration parameters,it will
send out a request on the attached local network to detect
available DHCPv6 servers. This is done through the Solicit and
Advertise messages
 DHCP Solicit message is sent to the All-DHCP-Agents
multicast address
 Using the link-local address as the source address
DHCP v6 (2)
 Multicast addresses used:
 FF02::1:2 = All DHCP Agents (servers or relays, Link-local
scope)
 FF05::1:3 = All DHCP Servers (Site-local scope)
 DHCP Messages: Clients listen UDP port 546; servers
and relay agents listen on UDP port 547
DHCP Operation
The default gateway has two configurable bits in its Router Advertisement (RA)
available for this purpose:
• O bit — When this bit is set, the client can use DHCPv6 to retrieve other
configuration parameters (for example, TFTP server address or DNS server address)
but not the client's IP address.
• M bit — When this bit is set, the client can use DHCPv6 to retrieve a managed
IPv6 address and other configuration parameters from a DHCPv6 server.
Stateless DHCPv6 (RFC 3736)
 When a router sends an RA with the O bit set but
does not set the M bit, the client can use Stateless
Address Auto-Configuration (SLAAC) to obtain its
IPv6 address and use DHCPv6 to obtain additional
information (such as TFTP server address or DNS
server address).
 This mechanism is known as Stateless DHCPv6
because the DHCPv6 server does not have to keep
track of the client address bindings.
Stateful DHCP (RFC 3315)
 When a router sends an RA with the M bit set, this
indicates that clients should use DHCP to obtain their IP
addresses.
 When the M bit is set, the setting of the O bit is irrelevant
because the DHCP server will also return "other"
configuration information together with the addresses.
 This mechanism is known as Stateful DHCPv6 because the
DHCPv6 server does keep track of the client address
bindings.
DHCPv6 & DHCPv4