Understanding IPv6

Understanding IPv6 Lesson 1 Lesson 7 Introduction to IPv6 IPv6 Protocol for the Windows .NET Server Family Lesson 3 IPv6 Addressing Lesson 4 IPv6 Header Lesson 5 ICMPv6 Lesson 6 Neighbor Discovery Lesson 7 Multicast Listener Discovery Lesson 8 Address Autoconfiguration Lesson 9 IPv6 and Name Resolution Lesson 10 IPv6 Routing Lesson 11 Coexistence and Migration Lesson 12 IPv6 Mobility

Lesson 1 Introduction to IPv6

Lesson Objectives Limitations of IPv4 and modern day Internet Features of IPv6 Differences between IPv4 and IPv6 IPv6 terminology Case for IPv6 deployment

Limitations of IPv4 Exponential growth of the Internet and the impending exhaustion of the IPv4 address space Growth of the Internet and the ability of Internet backbone routers to maintain large routing tables Need for simpler configuration Requirement for security at the IP level Need for better support for real-time delivery of data—also called quality of service (QoS)

Consequences of the Limited IPv4 Address Space: NATs Host 192.168.0.10 NAT Web server Internet 131.107.47.119 157.60.13.9

NATs and Peer-to-Peer Applications Host A Host C NAT Internet Host B Intranet

Features of IPv6 New header format Large address space Efficient and hierarchical addressing and routing infrastructure Stateless and stateful address configuration Built-in security Better support for QoS New protocol for neighboring node interaction Extensibility

Differences Between IPv4 and IPv6 Feature IPv4 IPv6 Address length 32 bits 128 bits IPSec support Optional Required QoS support Some Better Fragmentation Hosts and routers Hosts only Packet size 576 bytes 1280 bytes Checksum in header Yes No Options in header Yes No Link-layer address resolution ARP (broadcast) Multicast Neighbor Discovery Messages Multicast membership IGMP Multicast Listener Discovery (MLD) Router Discovery Optional Required Uses broadcasts Yes No Configuration Manual, DHCP Automatic, DHCP DNS name queries Uses A records Uses AAAA records DNS reverse queries Uses IN-ADDR.ARPA Uses IP6.INT

IPv6 Terminology Additional subnets Neighbors Host Host Host Bridge Intra-subnet router Router LAN segment Link Subnet Additional subnets Network

The Case For IPv6 Deployment IPv6 solves the address depletion problem IPv6 solves the international address allocation problem IPv6 restores end-to-end communication IPv6 uses scoped addresses and address selection IPv6 has more efficient forwarding IPv6 has built-in security and mobility

Review Limitations of IPv4 and modern day Internet Features of IPv6 Differences between IPv4 and IPv6 IPv6 terminology Case for IPv6 deployment

IPv6 Protocol for the Windows .NET Server Family Lesson 2 IPv6 Protocol for the Windows .NET Server Family

Lesson Objectives Architecture of the IPv6 protocol for the Windows .NET Server family Features of the IPv6 protocol for the Windows .NET Server family IPv6-enabled applications, application programming interfaces (APIs), and common utilities IPv6 command-line utilities

Architecture of the TCP/IP Protocols for the Windows .NET Server Family Windows Sockets applications Windows Sockets Windows Sockets components TDI IPv4 (Tcpip.sys) IPv6 (Tcpip6.sys) NDIS Network adapter drivers

Features of the IPv6 protocol for the Windows .NET Server Family Basic stack support 6to4 ISATAP 6over4 PortProxy Temporary addresses DNS support IPSec support Static router support Address selection Site prefixes in router advertisements

Application and Component Support Internet Explorer Telnet client FTP client Internet Information Services, version 6 File and print sharing Windows Media Services Network Monitor SNMP MIB support

Application Programming Interfaces Windows Sockets (WinSock) Remote Procedure Call (RPC) Internet Protocol Helper (IPHelper) Win32 Internet Extensions (WinInet) .NET Framework

Installing and Configuring the IPv6 Protocol Add the “Microsoft TCP/IP version 6” protocol when configuring the properties of a LAN connection in Network Connections Execute netsh interface ipv6 install at a command prompt Configure IPv6 is self-configuring For manual configuration, use commands in the netsh interface ipv6 context

IPv6-enabled Utilities Ipconfig Route Ping Tracert Pathping Netstat

IPv6 Command Line Utilities Netsh.exe interface ipv6 interface ipv6 6to4 interface ipv6 isatap interface portproxy Ipsec6.exe

Review Architecture of the IPv6 protocol for the Windows .NET Server family Features of the IPv6 protocol for the Windows .NET Server family IPv6-enabled applications, application programming interfaces (APIs), and common utilities IPv6 command-line utilities

Lesson 3 IPv6 Addressing

Lesson Objectives IPv6 address space IPv6 address syntax Unicast IPv6 addresses Multicast IPv6 addresses Anycast IPv6 addresses IPv6 interface identifiers IPv4 addresses and IPv6 equivalents

The IPv6 Address Space 128-bit address space 2128 possible addresses 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses (3.4 x 1038) 128 bits were chosen to allow multiple levels of hierarchy and flexibility in designing hierarchical addressing and routing Typical unicast IPv6 address: 64 bits for subnet ID, 64 bits for interface ID

Current Allocation Format Fraction of Allocation Prefix address space Reserved 0000 0000 1/256 NSAP Allocation 0000 001 1/128 Aggregatable Global Unicast 001 1/8 Link-Local Unicast 1111 1110 10 1/1024 Site-Local Unicast 1111 1110 11 1/1024 Multicast 1111 1111 1/256

IPv6 Address Syntax IPv6 address in binary form: 0010000111011010000000001101001100000000000000000010111100111011 0000001010101010000000001111111111111110001010001001110001011010 Divided along 16-bit boundaries: 0010000111011010 0000000011010011 0000000000000000 0010111100111011 0000001010101010 0000000011111111 1111111000101000 1001110001011010 Each 16-bit block is converted to hexadecimal and delimited with colons: 21DA:00D3:0000:2F3B:02AA:00FF:FE28:9C5A Suppress leading zeros within each 16-bit block: 21DA:D3:0:2F3B:2AA:FF:FE28:9C5A

Compressing Zeros Some IPv6 addresses contain long sequences of zeros A single contiguous sequence of 16-bit blocks set to 0 can be compressed to “::” (double-colon) Example: FE80:0:0:0:2AA:FF:FE9A:4CA2 becomes FE80::2AA:FF:FE9A:4CA2 FF02:0:0:0:0:0:0:2 becomes FF02::2 Cannot use zero compression to include part of a 16-bit block FF02:30:0:0:0:0:0:5 does not become FF02:3::5.

IPv6 Prefixes Prefix is the part of the address where the bits have fixed values or are the bits of a route or subnet identifier IPv6 subnets or routes always uses address/prefix-length notation CIDR notation Examples: 21DA:D3::/48 for a route 21DA:D3:0:2F3B::/64 for a subnet No more dotted decimal subnet masks

Types of IPv6 Addresses Unicast Multicast Anycast Address of a single interface One-to-one delivery to single interface Multicast Address of a set of interfaces One-to-many delivery to all interfaces in the set Anycast One-to-one-of-many delivery to a single interface in the set that is closest No more broadcast addresses

Unicast IPv6 Addresses Aggregatable global unicast addresses Link-local addresses Site-local addresses Special addresses Compatibility addresses NSAP addresses

Aggregatable Global Unicast Addresses Top-Level Aggregation ID (TLA ID) Next-Level Aggregation ID (NLA ID) Site-Level Aggregation ID (SLA ID) Interface ID 13 bits 8 bits 24 bits 16 bits 64 bits 001 TLA ID Res NLA ID SLA ID Interface ID

Topologies Within Global Addresses Public Topology Site Topology Interface ID 001 TLA ID Res NLA ID SLA ID Interface ID 48 bits 16 bits 64 bits Public Topology Site Topology Interface Identifier

Local-Use Unicast Addresses Link-local addresses Used between on-link neighbors and for Neighbor Discovery Site-local addresses Used between nodes in the same site

Link-Local Addresses Format Prefix 1111 1110 10 FE80::/64 prefix Used for local link only Single subnet, no router Address autoconfiguration Neighbor Discovery 10 bits 54 bits 64 bits 1111 1110 10 000 . . . 000 Interface ID

Site-Local Addresses Format Prefix 1111 1110 11 FEC0::/48 prefix for site Used for local site only Replacement for IPv4 private addresses Intranets not connected to the Internet Routers do not forward site-local traffic outside the site 10 bits 38 bits 16 bits 64 bits 1111 1110 11 000 . . . 000 Subnet ID Interface ID

Special IPv6 Addresses Unspecified address Loopback address 0:0:0:0:0:0:0:0 or :: Loopback address 0:0:0:0:0:0:0:1 or ::1

Compatibility Addresses IPv4-compatible address 0:0:0:0:0:0:w.x.y.z or ::w.x.y.z IPv4-mapped address 0:0:0:0:0:FFFF:w.x.y.z or ::FFFF:w.x.y.z 6over4 address Interface ID of ::WWXX:YYZZ 6to4 address Prefix of 2002:WWXX:YYZZ::/48 ISATAP address Interface ID of ::0:5EFE:w.x.y.z

NSAP Addresses 7 bits 121 bits 0000001 NSAP-mapped address

Multicast IPv6 Addresses Flags Scope Defined multicast addresses All-Nodes addresses FF01::1 (Node Local), FF02::1 (Link Local) All-Routers addresses FF01::2 (Node Local), FF02::2 (Link Local), FF05::2 (Site Local) 8 bits 4 bits 4 bits 112 bits 1111 1111 Flags Scope Group ID

Recommended Multicast IPv6 Addresses Only 32 bits are used to indicate the Group ID Single IPv6 multicast address maps to a single Ethernet multicast MAC address 8 bits 4 bits 4 bits 80 bits 32 bits 1111 1111 Flags Scope 000 … 000 Group ID

Solicited-Node Address 64 bits 64 bits Unicast prefix Interface ID 24 bits FF02: 0:0:0:0 :1:FF Example: For FE80::2AA:FF:FE28:9C5A, the corresponding solicited-node address is FF02::1:FF28:9C5A Acts as a pseudo-unicast address for very efficient address resolution

Anycast IPv6 Addresses Not associated with any prefix Summary and host routes are used to locate nearest anycast group member Subnet router anycast address: n bits 128 - n bits Subnet Prefix 000 . . . 000

IPv6 Addresses for a Host Unicast addresses: A link-local address for each interface Unicast addresses for each interface (site-local or global addresses) A loopback address (::1) Multicast addresses: The node-local scope all-nodes multicast address (FF01::1) The link-local scope all-nodes multicast address (FF02::1) The solicited-node address for each unicast address The multicast addresses of joined groups

IPv6 Addresses for a Router Unicast addresses: A link-local address for each interface Unicast addresses for each interface Loopback address (::1) Anycast addresses Subnet-router anycast address Additional anycast addresses (optional) Multicast addresses: The node-local scope all-nodes multicast address (FF01::1) The node-local scope all-routers multicast address (FF01::2) The link-local scope all-nodes multicast address (FF02::1) The link-local scope all-routers multicast address (FF02::2) The site-local scope all-routers multicast address (FF05::2) The solicited-node address for each unicast address The multicast addresses of joined groups

Subnetting the IPv6 Address Space Subdividing by using high-order bits that do not already have fixed values to create subnetted network prefixes Two-step process: 1. Determine the number of bits to be used for the subnetting 2. Enumerate the new subnetted network prefixes

[16-bit prefix]:00 :: Subnetting for NLA IDs Hexadecimal method

[48-bit prefix]: :: Subnetting for SLA IDs Hexadecimal method

IPv6 Interface Identifiers The last 64 bits of unicast IPv6 addresses Interface identifier based on: Extended Unique Identifier (EUI)-64 address Either assigned to a network adapter card or derived from IEEE 802 addresses Temporarily assigned, randomly generated value that changes over time A value assigned by a stateful address configuration protocol A value assigned during a Point-to-Point Protocol connection establishment A manually configured value

IEEE 802 Addresses Company ID Extension ID U/L bit (u) U/G bit (g) Universally (=0)/Locally (=1) Administered U/G bit (g) Unicast (=0)/Group (=1) Address 24 bits 24 bits ccccccug cccccccc cccccccc xxxxxxxx xxxxxxxx xxxxxxxx IEEE-administered company ID Manufacturer-selected extension ID

IEEE EUI-64 Addresses Extended Unique Identifier Company ID Extension ID ccccccug cccccccc cccccccc 24 bits 40 bits xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx IEEE-administered company ID Manufacturer-selected extension ID

Conversion of an IEEE 802 Address to an EUI-64 Address IEEE-administered company ID Manufacturer-selected extension ID 24 bits 24 bits ccccccug cccccccc cccccccc xxxxxxxx xxxxxxxx xxxxxxxx IEEE 802 Address ccccccug cccccccc cccccccc 11111111 11111110 xxxxxxxx xxxxxxxx xxxxxxxx EUI-64 Address 0xFF 0xFE

Conversion of an EUI-64 Address to an IPv6 Interface ID ccccccug cccccccc cccccccc xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx Complement the universally/locally administered (U/L) bit ccccccUg cccccccc cccccccc xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx IPv6 Interface Identifier

Conversion of an IEEE 802 Address to an IPv6 Interface ID IEEE-administered company ID Manufacturer-selected extension ID 24 bits 24 bits cccccc00 cccccccc cccccccc xxxxxxxx xxxxxxxx xxxxxxxx IEEE 802 Address EUI-64 Address cccccc00 cccccccc cccccccc 11111111 11111110 xxxxxxxx xxxxxxxx xxxxxxxx 0xFF 0xFE cccccc10 cccccccc cccccccc 11111111 11111110 xxxxxxxx xxxxxxxx xxxxxxxx IPv6 Interface Identifier 64 bits

IEEE 802 Address Conversion Example Host A has the MAC address of 00-AA-00-3F-2A-1C 1. Convert to EUI-64 format 00-AA-00-FF-FE-3F-2A-1C 2. Complement the U/L bit The first byte in binary form is 00000000. When the seventh bit is complemented, it becomes 00000010 (0x02). Result is 02-AA-00-FF-FE-3F-2A-1C 3. Convert to colon hexadecimal notation 2AA:FF:FE3F:2A1C Link-local address for node with the MAC address of 00-AA-00-3F-2A-1C is FE80::2AA:FF:FE3F:2A1C.

Temporary Address Interface Identifiers Random IPv6 interface identifier Prevent identification of traffic regardless of the prefix Initial value based on random number Future values based on MD5 hash of history value and EUI-64-based interface identifier Result is a temporary address Generated from public address prefixes using stateless address autoconfiguration Changes over time

Mapping IPv6 Multicast Addresses to Ethernet Addresses 8 16 24 32 FF...: Ethernet Multicast Address 33-33-

IPv4 Addresses and IPv6 Equivalents IPv4 Address IPv6 Address Internet address classes N/A Multicast addresses (224.0.0.0/4) IPv6 multicast addresses (FF00::/8) Broadcast addresses N/A Unspecified address is 0.0.0.0 Unspecified address is :: Loopback address is 127.0.0.1 Loopback address is ::1 Public IP addresses Aggregatable global unicast addresses Private IP addresses Site-local addresses (FEC0::/48) APIPA addresses Link-local addresses (FE80::/64) Dotted decimal notation Colon hexadecimal format Subnet mask or prefix length Prefix length notation only

Review IPv6 address space IPv6 address syntax Unicast IPv6 addresses Multicast IPv6 addresses Anycast IPv6 addresses IPv6 interface identifiers IPv4 addresses and IPv6 equivalents

Lesson 4 The IPv6 Header

Lesson Objectives Structure of an IPv6 packet IPv4 header IPv6 header IPv6 extension headers IPv6 MTU Upper layer checksums

Structure of an IPv6 Packet Header Extension Headers Upper Layer Protocol Data Unit Payload IPv6 Packet

Structure of the IPv4 Header Version Internet Header Length Type of Service Total Length Identification Flags Fragment Offset Time to Live Protocol Header Checksum Source Address Destination Address Options . . .

Structure of the IPv6 Header Version Traffic Class Flow Label Payload Length Next Header Hop Limit Source Address Destination Address

Values of the Next Header Field Value Header 0 Hop-by-Hop Options Header 6 TCP 17 UDP 41 Encapsulated IPv6 Header 43 Routing Header 44 Fragment Header 50 Encapsulating Security Payload 51 Authentication Header 58 ICMPv6 59 No next header 60 Destination Options Header

Comparing the IPv4 and IPv6 Headers IPv4 Header Field Change in IPv6 Version New value of 6 Internet Header Length Removed Type of Service Traffic Class field Total Length Payload Length field Identification Removed to Fragment header Fragmentation Flags Removed to Fragment header Fragment Offset Removed to Fragment header Time to Live Hop Limit field Protocol Next Header field Header Checksum Removed Source Address Same, new 128-bit length Destination Address Same, new 128-bit length Options Removed (extension headers)

The Chain of Pointers Formed by the Next Header field IPv6 Header Next Header = 6 (TCP) TCP Segment IPv6 Header Next Header = 43 (Routing) Routing Header Next Header = 6 (TCP) TCP Segment IPv6 Header Next Header = 43 (Routing) Routing Header Next Header = 51 (AH) Authentication Header Next Header = 6 (TCP) TCP Segment

Extension Headers Order 1. Hop-by-Hop Options header 2. Destination Options header (for intermediate destinations when the Routing header is present) 3. Routing header 4. Fragment header 5. Authentication header 6. Encapsulating Security Payload header 7. Destination Options header (for the final destination)

Structure of the Hop-by-Hop Options Header Next Header Header Extension Length Options . . .

Structure of an Option Option Type Option Length Option data . . .

Structure of the Pad1 Option Option Type = 0

Structure of the PadN Option Option Type Option Length Option data = 1 . . .

Structure of the Jumbo Payload Option Option Type Option Length Jumbo Payload Length = 194 = 4

Structure of the Router Alert Option Option Type Option Length Router Alert Value = 5 = 2 = 0

Structure of the Destination Options Header Next Header Header Extension Length Options . . .

Structure of the Binding Update Option Option Type Option Length Flags Reserved Prefix Length Sequence Number Lifetime Sub-Options = 198 . . .

Structure of the Binding Acknowledgement Option Option Type Option Length Status Sequence Number Lifetime Refresh Sub-Options = 7 . . .

Structure of the Binding Request Option Option Type Option Length Sub-Options = 8 . . .

Structure of the Home Address Option Option Type Option Length Home Address Sub-Options = 201 . . .

Structure of the Routing Header Next Header Header Extension Length Routing Type Segments Left Routing type-specific data . . .

Structure of the Routing Type 0 Header Next Header Header Extension Length Routing Type Segments Left Reserved Address 1 Address N . . . = 0

Structure of the Fragment Header Next Header Reserved Fragment Offset More Fragments Flag Identification

IPv6 Fragmentation Process Original IPv6 Packet Unfragmentable part Fragmentable part Unfragmentable part Fragment header First fragment Unfragmentable part Fragment header Second fragment Unfragmentable part Fragment header Third fragment

IPv6 Reassembly Process Unfragmentable part Fragment header Fragmentable part Unfragmentable part Fragment header Fragmentable part Unfragmentable part Fragment header Fragmentable part Unfragmentable part Fragmentable part Original IPv6 Packet

Structure of the Authentication Header Next Header Payload Length Reserved Security Parameters Index Sequence Number Authentication Data . . .

Structure of the ESP Header and Trailer Security Parameters Index Sequence Number Payload Data Padding Padding Length Next Header Authentication Data . . . . . . . . .

IPv6 MTU Link layer must support a 1280-byte MTU Otherwise, link layer must use a transparent fragmentation and reassembly scheme For configurable MTU link layers, MTU size of at least 1500 bytes Example: Maximum Receive Unit (MRU) of a Point-to-Point Protocol (PPP) link Path MTU Discovery process uses the ICMPv6 Packet Too Big message

Structure of the IPv6 Pseudo-Header Source Address Destination Address Upper Layer Packet Length Zero Next Header = 0

Review Structure of an IPv6 packet IPv4 header IPv6 header IPv6 extension headers IPv6 MTU Upper layer checksums

Lesson 5 ICMPv6

Lesson Objectives Purpose of ICMPv6 and the structure of all ICMPv6 messages ICMPv6 error messages ICMPv6 informational messages used for diagnostics Common ICMPv4 messages and their ICMPv6 equivalents IPv6 Path MTU discovery process

Overview of ICMPv6 Updated version of the Internet Control Message Protocol (ICMP) for IPv6 Reports delivery or forwarding errors and a simple echo service for troubleshooting Provides a framework for: Multicast Listener Discovery (MLD) Neighbor Discovery (ND) IPv6 mobility

Types of ICMPv6 Messages Error messages Sent for errors encountered in forwarding or delivery by the destination node or an intermediate router The high order bit of the Type field is set to 0 Type field is in the range of 0 - 127 Informational messages Provide diagnostic functions and additional host functionality The high order bit of the Type field is set to 1 Type field is in the range of 128 - 255

Structure of ICMPv6 Messages Type Code Checksum Message body . . .

ICMPv6 Error Messages Destination Unreachable Packet Too Big Time Exceeded Parameter Problem ICMPv6 Error messages are rate limited By timer By percentage of bandwidth

Structure of the Destination Unreachable Message Type Code Checksum Unused Portion of discarded packet = 1 = 0 - 4 . . .

Structure of the Packet Too Big Message Type Code Checksum MTU Portion of discarded packet = 2 = 0 . . .

Structure of the Time Exceeded Message Type Code Checksum Unused Portion of discarded packet = 3 = 0 or 1 . . .

Structure of the Parameter Problem Message Type Code Checksum Pointer Portion of discarded packet = 4 = 0 - 2 . . .

ICMPv6 Informational Messages Echo Request Echo Reply Additional informational messages for ND, MLD, and IPv6 mobility

Structure of the Echo Request Message Type Code Checksum Identifier Sequence Number Data = 128 = 0 . . .

Structure of the Echo Reply Message Type Code Checksum Identifier Sequence Number Data = 129 = 0 . . .

ICMPv4 Messages and their ICMPv6 Equivalents Common ICMPv4 Message Destination Unreachable- Network unreachable (Type 3, Code 0) Destination Unreachable-Protocol unreachable (Type 3, Code 2) Destination Unreachable-Port unreachable (Type 3, Code 3) Destination Unreachable-Fragmentation needed and DF set (Type 3, Code 4) Time Exceeded-TTL expired (Type 11, Code 0) Parameter Problem (Type 12, Code 0) Source Quench (Type 4, Code 0) Redirect (Type 5, Code 0) ICMPv6 Equivalent Destination Unreachable-No route to destination (Type 1, Code 0) Parameter Problem-Unrecognized Next Header field (Type 4, Code 1) Destination Unreachable-Port unreachable (Type 1, Code 4) Packet Too Big (Type 2, Code 0) Time Exceeded-Hop Limit exceeded (Type 3, Code 0) Parameter Problem (Type 4, Code 0 or 2) This message is not present in IPv6. Neighbor Discovery Redirect message (Type 137, Code 0).

Path MTU Discovery Process 1. The sending node assumes the link MTU of the interface on which the traffic is being forwarded. 2. The sending node sends IPv6 packets at the link MTU size. 3. A router on the path unable to forward the packet sends an ICMP Packet Too Big message back to the sending node containing the link MTU of the link on which the forwarding failed. 4. The sending node resets the PMTU to the value of the MTU field in the ICMPv6 Packet Too Big message.

Changes in PMTU Set PMTU to destination to link MTU. Send packet at PMTU size. ICMPv6 Packet Too Big message received? Yes No Set PMTU to destination to the value of the MTU field in the Packet Too Big message. Is PMTU to destination less than the link MTU? Has PMTU timer expired?

Review Purpose of ICMPv6 and the structure of all ICMPv6 messages ICMPv6 error messages ICMPv6 informational messages used for diagnostics Common ICMPv4 messages and their ICMPv6 equivalents IPv6 Path MTU discovery process

Lesson 6 Neighbor Discovery

Lesson Objectives Neighbor Discovery functions Neighbor Discovery options Neighbor Discovery messages Address resolution, neighbor unreachability detection, duplicate address detection, router discovery, and redirect processes Host sending algorithm

Neighbor Discovery Overview Set of messages and processes that determine relationships between neighboring nodes Replaces ARP, ICMPv4 Router Discovery, and ICMPv4 Redirect ND is used by nodes: For address resolution To determine link-layer address changes To determine neighbor reachability ND is used by hosts: To discover neighboring routers Autoconfigure addresses, address prefixes, and other configuration parameters ND is used by routers: To advertise their presence, host configuration parameters, and on-link prefixes To inform hosts of a better next-hop address to forward packets for a specific destination

Neighbor Discovery Processes Router discovery Prefix discovery Parameter discovery Address autoconfiguration Address resolution Next-hop determination Neighbor unreachability detection Duplicate address detection Redirect function

Neighbor Discovery Message Format ICMPv6 message structure and ICMPv6 types 133 through 137 To ensure local link traffic, all ND messages are sent with a hop limit of 255 Neighbor Discovery Message IPv6 Header Next Header = 58 (ICMPv6) Neighbor Discovery Message Header Neighbor Discovery Message Options

Neighbor Discovery Option Format ND options are formatted in Type-Length-Value (TLV) format Type Length Value . . .

Neighbor Discovery Options Type 1: Source Link-Layer Address Type 2: Target Link-Layer Address Type 3: Prefix Information Type 4: Redirected Header Type 5: MTU Type 7: Advertisement Interval Type 8: Home Agent Information Type 9: Route Information

Structure of the Source and Target Link-Layer Address Options Type 1: Source Link-Layer Address option Type 2: Target Link-Layer Address option Source and Target Link-Layer Address options for Ethernet Type Length Link-Layer Address . . . Type Length Ethernet MAC Address = 1

Structure of the Prefix Information Option Type Length Prefix Length On-Link flag Autonomous flag Router Address flag Site prefix flag Reserved1 Valid Lifetime Preferred Lifetime Reserved2 Site Prefix Length Prefix = 3 = 4

Structure of the Redirected Header Option Type Length Reserved Portion of redirected packet = 4 . . .

Mixed Media Configuration Host A Ethernet Switch FDDI Ethernet Backbone Host B FDDI Ethernet Switch

Structure of the MTU Option Type Length Reserved MTU = 5 = 1

Structure of the Advertisement Interval Option Type Length Reserved Advertisement Interval = 7 = 1

Structure of the Home Agent Information Option Type Length Reserved Home Agent Preference Home Agent Lifetime = 8 = 1

Structure of the Route Information Option Type Length Prefix Length Reserved 1 Preference Reserved 2 Route Lifetime Prefix = 9

Example Configuration for Route Information Option Subnet 1 Router 2 Router 1 Subnet 2 Rest of IPv6 network

Neighbor Discovery Messages Router Solicitation Router Advertisement Neighbor Solicitation Neighbor Advertisement Redirect

Structure of the Router Solicitation Message Type Code Checksum Reserved Options = 133 = 0 . . .

Structure of the Router Advertisement Message Type Code Checksum Current Hop Limit Managed Address Configuration flag Other Stateful Configuration flag Home Agent flag Default Router Preference Reserved Router Lifetime Reachable Time Retrans Timer Options = 134 = 0 . . .

Structure of the Neighbor Solicitation Message Type Code Checksum Reserved Target Address Options = 135 = 0 . . .

Neighbor Solicitation Message Example + Frame: Base frame properties ETHERNET: ETYPE = 0x86DD : Protocol = Unknown + ETHERNET: Destination address : 3333FF026EA5 + ETHERNET: Source address : 00105AAA20A2 ETHERNET: Frame Length : 86 (0x0056) ETHERNET: Ethernet Type : 0x86DD ETHERNET: Ethernet Data: Number of data bytes remaining = 72 (0x0048) IP6: Proto = ICMP6; Len = 32 IP6: Version = 6 (0x6) IP6: Traffic Class = 0 (0x0) IP6: Flow Label = 0 (0x0) IP6: Payload Length = 32 (0x20) IP6: Next Header = 58 (ICMP6) IP6: Hop Limit = 255 (0xFF) IP6: Source Address = fe80::210:5aff:feaa:20a2 IP6: Destination Address = ff02::1:ff02:6ea5 IP6: Payload: Number of data bytes remaining = 32 (0x0020) ICMP6: Neighbor Solicitation; Target = fe80::260:97ff:fe02:6ea5 ICMP6: Checksum = 0x0F35 ICMP6: Type = 135 (Neighbor Solicitation) ICMP6: Code = 0 (0x0) ICMP6: Reserved ICMP6: Target Address = fe80::260:97ff:fe02:6ea5 ICMP6: Source Link-level Address = 00 10 5A AA 20 A2 ICMP6: Type = 1 (0x1) ICMP6: Length = 1 (0x1) + Frame: Base frame properties ETHERNET: ETYPE = 0x86DD : Protocol = Unknown + ETHERNET: Destination address : 3333FF026EA5 + ETHERNET: Source address : 00105AAA20A2 ETHERNET: Frame Length : 86 (0x0056) ETHERNET: Ethernet Type : 0x86DD ETHERNET: Ethernet Data: Number of data bytes remaining = 72 (0x0048) IP6: Proto = ICMP6; Len = 32 IP6: Version = 6 (0x6) IP6: Traffic Class = 0 (0x0) IP6: Flow Label = 0 (0x0) IP6: Payload Length = 32 (0x20) IP6: Next Header = 58 (ICMP6) IP6: Hop Limit = 255 (0xFF) IP6: Source Address = fe80::210:5aff:feaa:20a2 IP6: Destination Address = ff02::1:ff02:6ea5 IP6: Payload: Number of data bytes remaining = 32 (0x0020) ICMP6: Neighbor Solicitation; Target = fe80::260:97ff:fe02:6ea5 ICMP6: Checksum = 0x0F35 ICMP6: Type = 135 (Neighbor Solicitation) ICMP6: Code = 0 (0x0) ICMP6: Reserved ICMP6: Target Address = fe80::260:97ff:fe02:6ea5 ICMP6: Source Link-level Address = 00 10 5A AA 20 A2 ICMP6: Type = 1 (0x1) ICMP6: Length = 1 (0x1)

Structure of the Neighbor Advertisement Message Type Code Checksum Router flag Solicited flag Override flag Reserved Target Address Options = 136 = 0 . . .

Structure of the Redirect Message Type Code Checksum Reserved Target Address Destination Address Options = 137 = 0 . . .

Summary of ND Messages and Options ND Message ND Option(s) Router Solicitation Source Link-Layer Address Router Advertisement Source Link-Layer Address Prefix Information MTU Advertisement Interval Home Agent Information Route Information Neighbor Solicitation Source Link-Layer Address Neighbor Advertisement Target Link-Layer Address Redirect Redirected Header Target Link-Layer Address

Neighbor Discovery Processes ND provides message exchanges for the following processes: Address resolution (including duplicate address detection) Router discovery (including prefix and parameter discovery) Neighbor unreachability detection Redirect function

Conceptual Host Data Structures Neighbor cache Stores the on-link IPv6 address of a neighbor, its corresponding link-layer address, and an indication of the neighbor’s reachability state Equivalent to the ARP cache in IPv4 Destination cache Stores information on the next-hop IPv6 addresses for destinations to which traffic has recently been sent Prefix list Lists on-link prefixes Default router list Lists addresses corresponding to on-link routers that advertise themselves as default routers

RFC 2461 Conceptual Host Data Structures Destination Cache Destination Next-Hop Address PMTU Neighbor Cache Link Layer Address Next-Hop Address State Prefix List Default Router List

Address Resolution Process An exchange of Neighbor Solicitation and Neighbor Advertisement messages to resolve the link-layer address of the next-hop address Multicast Neighbor Solicitation message Unicast Neighbor Advertisement message Both hosts update their neighbor caches Unicast traffic can now be sent

Multicast Neighbor Solicitation Ethernet Header Destination MAC is 33-33-FF-02-6E-A5 IPv6 Header Source Address is FE80::210:5AFF:FEAA:20A2 Destination Address is FF02::1:FF02:6EA5 Hop limit is 255 Neighbor Solicitation Header Target Address is FE80::260:97FF:FE02:6EA5 Neighbor Discovery Option Source Link-Layer Address is 00-10-5A-AA-20-A2 Host A MAC: 00-10-5A-AA-20-A2 IP: FE80::210:5AFF:FEAA:20A2  Send multicast Neighbor Solicitation Neighbor Solicitation MAC: 00-60-97-02-6E-A5 IP: FE80::260:97FF:FE02:6EA5 Host B

Unicast Neighbor Advertisement Ethernet Header Destination MAC is 00-10-5A-AA-20-A2 IPv6 Header Source Address is FE80::260:97FF:FE02:6EA5 Destination Address is FE80::210:5AFF:FEAA:20A2 Hop limit is 255 Neighbor Advertisement Header Target Address is FE80::260:97FF:FE02:6EA5 Neighbor Discovery Option Target Link-Layer Address is 00-60-97-02-6E-A5 Host A MAC: 00-10-5A-AA-20-A2 IP: FE80::210:5AFF:FEAA:20A2 ‚ Send unicast Neighbor Advertisement Neighbor Advertisement MAC: 00-60-97-02-6E-A5 IP: FE80::260:97FF:FE02:6EA5 Host B

Neighbor Unreachability Detection A neighboring node is reachable if: There has been a recent confirmation that IPv6 packets sent were received and processed by the neighboring node Detects whether the first hop to the destination is reachable Reachability is determined by: Receipt of a Neighbor Advertisement message in response to a unicast Neighbor Solicitation message Upper layer protocol indicators

Neighbor Unreachability States Send multicast Neighbor Solicitation INCOMPLETE NO ENTRY EXISTS Unicast Neighbor Solicitation retries exceeded Multicast Neighbor Solicitation retries exceeded Receive solicited Neighbor Advertisement REACHABLE Reachable Time exceeded or unsolicited Neighbor Advertisement received STALE Reachability confirmed by sending unicast Neighbor Solicitation and receiving solicited Neighbor Advertisement Reachability confirmed by upper layer protocol Send packet DELAY Delay time exceeded PROBE

Duplicate Address Detection Use of a neighbor solicitation to detect a duplicate unicast address Target Address field in the Neighbor Solicitation message is set to the IPv6 address for which duplication is being detected The Source Address is set to the unspecified address (::) For a duplicate address, the defending node replies with a multicast Neighbor Advertisement The Destination Address is set to the link-local scope all-nodes multicast address (FF02::1)

Multicast Neighbor Solicitation for Duplicate Address Detection Ethernet Header Dest MAC is 33-33-FF-52-F9-D8 IPv6 Header Source Address is :: Destination Address is FF02::1:FF52:F9D8 Hop limit is 255 Neighbor Solicitation Header Target Address is FEC0::2:260:8FF:FE52:F9D8 Host A Tentative IP: FEC0::2:260:8FF:FE52:F9D8  Send multicast Neighbor Solicitation Neighbor Solicitation MAC: 00-60-08-52-F9-D8 IP: FEC0::2:260:8FF:FE52:F9D8 Host B

Multicast Neighbor Advertisement for a Duplicate Address Ethernet Header Destination MAC is 33-33-00-00-00-01 IPv6 Header Source Address is FEC0::2:260:8FF:FE52:F9D8 Destination Address is FF02::1 Hop limit is 255 Neighbor Advertisement Header Target Address is FEC0::2:260:8FF:FE52:F9D8 Neighbor Discovery Option Target Link-Layer Address is 00-60-08-52-F9-D8 Host A Tentative IP: FEC0::2:260:8FF:FE52:F9D8 ‚ Send multicast Neighbor Advertisement Neighbor Advertisement MAC: 00-60-08-52-F9-D8 IP: FEC0::2:260:8FF:FE52:F9D8 Host B

Router Discovery Nodes discover the set of routers on the local link IPv6 router discovery also provides: Default value of Hop Limit field Use of stateful address protocol Reachability and retransmission timers Network prefixes for the link MTU of the local link IPv6 mobility information Routes

Multicast Router Solicitation Message Ethernet Header Destination MAC is 33-33-00-00-00-02 IPv6 Header Source Address is :: Destination Address is FF02::2 Hop limit is 255 Router Solicitation Header Host A MAC: 00-B0-D0-E9-41-43 IP: none  Send multicast Router Solicitation Router Solicitation MAC: 00-10-FF-D6-58-C0 IP: FE80::210:FFFF:FED6:58C0 Router

Multicast Router Advertisement Message Ethernet Header Destination MAC is 33-33-00-00-00-01 IPv6 Header Source Address is FE80::210:FFFF:FED6:58C0 Destination Address is FF02::1 Hop limit is 255 Router Advertisement Header Current Hop Limit, Flags, Router Lifetime, Reachable and Retransmission Timers Neighbor Discovery Options Source Link-Layer Address is 00-10-FF-D6-58-C0 MTU is 1500 Prefix Information is for FEC0:0:0:F282::/64 Host A MAC: 00-B0-D0-E9-41-43 IP: none Router Advertisement ‚ Send multicast Router Advertisement MAC: 00-10-FF-D6-58-C0 IP: FE80::210:FFFF:FED6:58C0 Router

Redirect Function Inform originating hosts of a better first-hop neighbor to which traffic should be forwarded for a specific destination Two instances: 1. A router informs an originating host of the IP address of a router available on the local link that is “closer” to the destination 2. A router informs an originating host that the destination is a neighbor (it is on the same link as the originating host) Redirect message contains best first-hop address information Redirect messages are only sent by the first router in the path between the originating host and the destination

Unicast Packet to the Router Ethernet Header Destination MAC is 00-AA-00-22-22-22 IPv6 Header Source Address is FEC0::1:2AA:FF:FE11:1111 Destination Address is FEC0::2:2AA:FF:FE99:9999 Host A MAC: 00-AA-00-11-11-11 IP: FEC0::1:2AA:FF:FE11:1111 FE80::2AA:FF:FE11:1111 Unicast Packet  Send unicast packet MAC: 00-AA-00-22-22-22 IP: FEC0::1:2AA:FF:FE22:2222 FE80::2AA:FF:FE22:2222 MAC: 00-AA-00-33-33-33 IP: FEC0::1:2AA:FF:FE33:3333 FE80::2AA:FF:FE33:3333 Router 2 Router 3

Redirect Message Sent by the Router Ethernet Header Destination MAC is 00-AA-00-11-11-11 IPv6 Header Source Address is FE80::2AA:FF:FE22:2222 Destination Address is FEC0::1:2AA:FF:FE11:1111 Hop limit is 255 Redirect Header Target Address is FE80::2AA:FF:FE33:3333 Destination Address is FEC0::2:2AA:FF:FE99:9999 Neighbor Discovery Options Target Link-Layer Address is 00-AA-00-33-33-33 Redirected Header Host A MAC: 00-AA-00-11-11-11 IP: FEC0::1:2AA:FF:FE11:1111 FE80::2AA:FF:FE11:1111 ‚ Send unicast Redirect Redirect MAC: 00-AA-00-22-22-22 IP: FEC0::1:2AA:FF:FE22:2222 FE80::2AA:FF:FE22:2222 MAC: 00-AA-00-33-33-33 IP: FEC0::1:2AA:FF:FE33:3333 FE80::2AA:FF:FE33:3333 Router 2 Router 3

Unicast Packet Forwarded by the Router Ethernet Header Destination MAC is 00-AA-00-33-33-33 IPv6 Header Source Address is FEC0::1:2AA:FF:FE11:1111 Destination Address is FEC0::2:2AA:FF:FE99:9999 Host A MAC: 00-AA-00-11-11-11 IP: FEC0::1:2AA:FF:FE11:1111 FE80::2AA:FF:FE11:1111 Unicast Packet ƒ Forward unicast packet MAC: 00-AA-00-22-22-22 IP: FEC0::1:2AA:FF:FE22:2222 FE80::2AA:FF:FE22:2222 MAC: 00-AA-00-33-33-33 IP: FEC0::1:2AA:FF:FE33:3333 FE80::2AA:FF:FE33:3333 Router 2 Router 3

Host Sending Algorithm 1. Determine the next-hop address for the destination Check the destination cache If the destination address matches a prefix in the prefix list, next-hop address is destination address If the destination address does not match a prefix in the prefix list, next-hop address is the default router address 2. Determine the link-layer address for the next-hop address Check the neighbor cache Use address resolution to obtain the link-layer address for the next-hop address 3. Send the packet using the link-layer address of the next-hop address

Host Sending Algorithm Check destination cache for an entry matching the destination address. Check neighbor cache for an entry matching the next-hop address. Entry found in destination cache? Yes No Obtain next-hop address from destination cache or care-of destination cache entry. Is next-hop address entry in neighbor cache? Yes No Send packet using link-layer address of neighbor cache entry. Update neighbor cache. Check prefix list for a prefix that matches the destination address. Update destination cache. Use address resolution process to determine the link-layer address of the next-hop address. Does the destination address match a prefix in the prefix list? Yes No Set the next-hop address to the destination address. Is there a default router? No Yes Was address resolution successful? Yes No Indicate an error. Set the next-hop address to the default router address.

IPv4 Neighbor Functions and IPv6 Equivalents IPv4 Neighbor Function IPv6 Neighbor Function ARP Request message Neighbor Solicitation message ARP Reply message Neighbor Advertisement message ARP cache Neighbor cache Gratuitous ARP Duplicate address detection Router Solicitation message (optional) Router Solicitation (required) Router Advertisement message (optional) Router Advertisement (required) Redirect message Redirect message

Review Neighbor Discovery functions Neighbor Discovery options Neighbor Discovery messages Address resolution, neighbor unreachability detection, duplicate address detection, router discovery, and Redirect processes Host sending algorithm

Multicast Listener Discovery Lesson 7 Multicast Listener Discovery

Lesson Objectives Multicast Listener Discovery (MLD) protocol Multicast communication for IPv6 hosts and routers MLD messages

Overview of Multicast Listener Discovery IPv6 equivalent of Internet Group Management Protocol version 2 (IGMPv2) for IPv4 Enables routers to discover the set of multicast addresses for which there are listening nodes for each attached interface

IPv6 Multicast Overview Multicast provides one-to-many delivery The set of hosts listening on a specific IPv6 multicast address is called a multicast group Multicast group membership is dynamic, and hosts can join and leave the group at any time There are no limitations to the size of a multicast group A multicast group can span IPv6 routers across multiple subnets A host can send traffic to a multicast address without being a member of the group

Host Support for Multicast To send multicast packets: Determine the IPv6 multicast address to use Place the IPv6 multicast packet on the medium To receive multicast packets: Inform IPv6 to receive multicast traffic Register the multicast MAC address with the network adapter Inform local routers

Router Support for Multicast Receive all IPv6 multicast traffic Forward IPv6 multicast traffic Receive and process MLD Multicast Listener Report and Multicast Listener Done messages Query attached subnets for host membership status Communicate group membership to other IPv6 multicast routers

Structure of an MLD Message Packet IPv6 Header Next Header = 0 (Hop-by-hop Options) Hop-by-Hop Options Header IPv6 Router Alert Option Next Header = 58 (ICMPv6) MLD Message

Structure of the Multicast Listener Query Message Type Code Checksum Maximum Response Delay Unused Multicast Address = 130 = 0 = 0

Structure of the Multicast Listener Report Message Type Code Checksum Maximum Response Delay Unused Multicast Address = 131 = 0 = 0 = 0

Structure of the Multicast Listener Done Message Type Code Checksum Maximum Response Delay Unused Multicast Address = 132 = 0 = 0 = 0

Review Multicast Listener Discovery (MLD) protocol Multicast communication for IPv6 hosts and routers MLD messages

Address Autoconfiguration Lesson 8 Address Autoconfiguration

Lesson Objectives Address autoconfiguration in IPv6 States of an autoconfigured address Types of autoconfiguration Address autoconfiguration process

Address Autoconfiguration Overview IPv6 interfaces can automatically configure themselves Even without a stateful configuration protocol such as Dynamic Host Configuration Protocol for IPv6 (DHCPv6) By default, link-local address for each interface By using router discovery, a host can determine: Additional addresses Router addresses Other configuration parameters

Autoconfigured Address States Tentative The address is in the process of being verified as unique Valid An address from which unicast traffic can be sent and received Preferred state An address for which uniqueness has been verified, unrestricted use Deprecated state An address that is still valid, but is discouraged for new communication Invalid An address for which a node can no longer send or receive unicast traffic

States of an Autoconfigured Address Valid Tentative Preferred Deprecated Invalid time Preferred Lifetime Valid Lifetime

Types of Autoconfiguration 1. Stateless Receipt of Router Advertisement messages with one or more Prefix Information options 2. Stateful Use of a stateful address configuration protocol such as DHCPv6 3. Both Receipt of Router Advertisement messages and stateful configuration protocol For all types, a link-local address is always configured

Autoconfiguration Process Configure link-local address Perform duplicate address detection Perform router discovery Use Router Advertisements to determine: Configuration parameters Stateless addresses and on-link prefixes For stateless addresses, perform duplicate address detection Whether to use stateful address configuration

Address Autoconfiguration-Part 1 Router Advertisement response received? No Yes Derive link-local address: FE80::[interface ID] Set Hop Limit, Reachable Time, Retrans Timer, MTU. Send multicast Neighbor Solicitation with Target Address set to derived link-local address. Are Prefix Information options present? Yes No A Neighbor Advertisement response received? Yes No Stop address autoconfiguration. B Is Managed Address Configuration flag set to 1? No Yes Initialize link-local address. Send Router Solicitation. Is Other Stateful Configuration flag set to 1? Yes No Use stateful address configuration protocol. Use stateful address configuration protocol. Stop address autoconfiguration.

Address Autoconfiguration-Part 2 Send multicast Neighbor Solicitation with Target Address set to derived stateless address. Neighbor Advertisement response received? No Yes Get first Prefix Information option. Do not initialize stateless address. Go to next Prefix Information option. Is On-Link flag set to 1? Yes No Add prefix to prefix list. Initialize stateless address. Are there more Prefix Information options to process? No Yes Is Autonomous flag set to 1? No Yes B Derive stateless address: Prefix+interface ID

Autoconfigured Addresses for Windows Link-local addresses Site-local and global addresses For router advertisement with prefixes received on a LAN interface 6to4 addresses Assigned to the 6to4 Tunneling Pseudo Interface ISATAP addresses Link-local Site-local and global for router advertisement with prefixes received on Automatic Tunneling Pseudo-Interface Loopback address

Review Address autoconfiguration in IPv6 States of an autoconfigured address Types of autoconfiguration Address autoconfiguration process

IPv6 and Name Resolution Lesson 9 IPv6 and Name Resolution

Lesson Objectives IPv6 name-to-address and address-to-name resolution IPv6 name resolution support in Windows

DNS Enhancements for IPv6 RFC 1886 DNS extensions to support IP version 6 Name to address records AAAA record type (equivalent to IPv4 A record) Example record: host1.microsoft.com IN AAAA FEC0::1:2AA:FF:FE3F:2A1C Address to name records New reverse domain called IP6.INT. C.1.A.2.F.3.E.F.F.F.0.0.A.A.2.0.1.0.0.0.0.0.0.0.0.0.0.0.0.C.E.F.IP6.INT. IN PTR host1.microsoft.com

Name Resolution Support for Windows Static entries in the Hosts file DNS Server service support for DNS over IPv6, AAAA records, and PTR records in the IP6.INT domain DNS resolver support for DNS over IPv6, AAAA records, and DNS dynamic update for AAAA records Address selection rules that determine which set of addresses to use based on the results of a DNS query Linklocal Multicast Name Resolution (LLMNR)

Review IPv6 name-to-address and address-to-name resolution IPv6 name resolution support in Windows

Lesson 10 IPv6 Routing

Lesson Objectives Contents of the IPv6 routing table End-to-end IPv6 packet delivery process Dynamic routing and IPv6 routing protocols Static IPv6 routing support in Windows

Routing in IPv6 A routing table is present on all nodes Stores information about IPv6 network prefixes and how they can be reached IPv6 checks destination cache first If destination is not in the destination cache, the routing table is used to determine: 1. The interface to be used for the forwarding (the next-hop interface) 2. The next-hop address

IPv6 Routing Table Entry Types Directly attached network routes 64-bit prefix length Remote network routes 64-bit or lower prefix length Host routes 128-bit prefix length Default route Prefix of ::/0

Route Determination Process 1. Find all matching routes in the routing table. 2. Select the route that has the longest prefix length (the longest matching route) For multiple longest matching routes, select route with the lowest metric For multiple longest matching routes with the lowest metric, IPv6 can choose the route to use

Sample Windows IPv6 Routing Table Publish Type Met Prefix Idx Gateway/Interface Name ------- -------- ---- ------------------------ --- --------------------- yes Manual 1001 2002::/16 3 6to4 Tunneling Pseudo-Interface no Autoconf 8 fec0:0:0:f282::/64 4 Intranet no Autoconf 8 3ffe:2900:d005:f282::/64 4 Intranet no Autoconf 256 ::/0 4 fe80::210:ffff:fed6:58c0 2002::/16 6to4 route fec0:0:0:f282::/64 Site-local subnet prefix, directly attached 3ffe:2900:d005:f282::/64 Global subnet prefix, directly attached ::/0 Default route

End-to-End Delivery Process 1. Sending host process 2. Router forwarding process 3. Receiving host process

Sending Host Process Set value of Hop Limit field. Check destination cache for an entry matching the destination address. Check neighbor cache for an entry matching the next-hop address. Matching entry found in destination cache? Yes No Obtain next-hop address from destination cache entry. Is next-hop address entry in neighbor cache? Yes No Send packet using link-layer address of neighbor cache entry. Update neighbor cache. Check routing table for longest matching route to the destination. Update destination cache. Use address resolution process to determine the link-layer address of the next-hop address. Is there a longest matching route? No Yes Set the next-hop address to the destination address. Was address resolution successful? Yes No Set the next-hop address to the next-hop address of the route. Indicate an error.

Router Forwarding Process-Part 1 Check destination cache for an entry matching the destination address. Check the destination address. Matching entry found in destination cache? Yes No Is destination address assigned to the router? Yes Obtain next-hop address from destination cache entry. Process packet as the destination. No Check routing table for longest matching route to the destination. Decrement Hop Limit value by 1. Is there a longest matching route? No Yes Is Hop Limit > 0? Send ICMPv6 Destination Unreachable-No Route to Destination message and discard packet. Yes Update Hop Limit field in IPv6 header. No Set the next-hop address to the next-hop address of the route. Update destination cache. Send ICMPv6 Time Exceeded-Hop Limit Exceeded in Transit message and discard packet.

Router Forwarding Process-Part 2 Is the link MTU of the next-hop interface less than the size of the packet? Is next-hop address entry in neighbor cache? Send ICMPv6 Packet Too Big message and discard packet. Yes No Yes Send packet using link-layer address of neighbor cache entry. No Use address resolution to determine the link-layer address of the next-hop address. Was address resolution successful? Yes Update neighbor cache. No Send ICMPv6 Destination Unreachable-Address Unreachable message and discard packet.

Receiving Host Process Receive the packet. Is destination address assigned to a local interface? Does the protocol for the Next Header field value exist? Send ICMPv6 Parameter Problem-Unrecognized Next Header Type Encountered message and discard the packet. Yes No Process extension headers (if present). No Yes Silently discard the packet. Is the upper layer PDU a UDP message? Is there an application listening on the destination UDP port? Send ICMPv6 Destination Unreachable-Port Unreachable message and discard the packet. Yes No Yes No Is the upper layer PDU a TCP segment? Is there an application listening on the destination TCP port? Yes Yes Process contents. No No Pass upper layer PDU to upper layer protocol. Send TCP Connection Reset segment.

Dynamic Routing Overview Static routing Routing table entries are manually configured and do not change with changing network topology Dynamic routing Routing table entries are automatic configured and change with changing network topology Routers use a routing protocol for ongoing communication

Routing Protocol Technologies Distance vector Routing information is network IDs and their “distances” (hop counts) Link state Routing information is link state advertisements (LSAs), consisting of a router’s attached network prefixes and their assigned costs Path vector Routing information is sequences of autonomous system numbers indicating the path for a route

Routing Protocols for IPv6 RIPng for IPv6 Distance vector OSPF for IPv6 Link state Integrated Intermediate System-to-Intermediate System (IS-IS) for IPv6 BGP-4 Path vector Inter-Domain Routing Protocol version 2 (IDRPv2)

Static IPv6 Routing Support in Windows Host B Subnet 2 FEC0:0:0:2::/64 Router 1 Router 2 Subnet 1 Subnet 3 FEC0:0:0:1::/64 FEC0:0:0:3::/64 Host A Host C

Review Contents of the IPv6 routing table End-to-end IPv6 packet delivery process. Dynamic routing and IPv6 routing protocols Static IPv6 routing support in Windows

Coexistence and Migration Lesson 11 Coexistence and Migration

Lesson Objectives Coexistence and migration overview Coexistence mechanisms Tunneling configurations 6over4 6to4 ISATAP PortProxy Migrating to IPv6

Coexistence and Migration Overview The transition from IPv4 to IPv6 will take years Some hosts will use IPv4 indefinitely Migration is the long term goal, coexistence in the interim Transition criteria: Existing IPv4 hosts can be upgraded at any time independent of the upgrade of other hosts or routers New hosts using only IPv6 can be added at any time without dependencies on other hosts or routing infrastructure Existing IPv4 hosts with IPv6 installed can continue to use their IPv4 address and do not need additional addresses Little preparation is needed to upgrade existing IPv4 nodes to IPv6 or to deploy new IPv6 nodes

Node Types IPv4-only node IPv6-only node IPv6/IPv4 node IPv4 node

Compatibility Addresses IPv4-compatible addresses ::w.x.y.z IPv4-mapped addresses ::FFFF:w.x.y.z 6over4 addresses Interface ID of ::WWXX:YYZZ 6to4 addresses Prefix of 2002:WWXX:YYZZ::/48 ISATAP addresses Interface ID of ::0:5EFE:w.x.y.z

Coexistence Mechanisms Dual IP layer IPv6 over IPv4 tunneling DNS infrastructure

Dual IP Layer Architecture Application Layer Transport Layer (TCP/UDP) IPv6 IPv4 Network Interface Layer

Dual Stack Architecture Application Layer TCP/UDP TCP/UDP IPv6 IPv4 Network Interface Layer

IPv6 over IPv4 Tunneling IPv6 Packet IPv6 Header Extension Headers Upper Layer Protocol Data Unit IPv4 Header IPv6 Header Extension Headers Upper Layer Protocol Data Unit IPv4 Packet

DNS Infrastructure Address records Pointer records A records for IPv4 nodes AAAA records for IPv6 nodes Pointer records PTR records in IN-ADDR.ARPA domain for IPv4 nodes PTR records in IP6.INT domain for IPv6 nodes Address selection rules Choosing the “best” set of addresses with which to communicate

Tunneling Configurations Router-to-Router Host-to-Router and Router-to-Host Host-to-Host

Router-to-Router Tunneling IPv4 Infrastructure IPv4 or IPv6 Infrastructure IPv4 or IPv6 Infrastructure IPv6 over IPv4 Tunnel IPv6 Node IPv6 Node IPv6/IPv4 Router IPv6/IPv4 Router

Host-to-Router and Router-to-Host Tunneling IPv4 Infrastructure IPv4 or IPv6 Infrastructure Node A Node B IPv6 over IPv4 Tunnel IPv6/IPv4 IPv6 IPv6/IPv4 Router

Host-to-Host Tunneling IPv4 Infrastructure IPv6 over IPv4 Tunnel IPv6/IPv4 Node IPv6/IPv4 Node

Types of Tunnels Configured Automatic IPv6 Automatic Tunneling Manual configuration of tunnel endpoints Automatic Tunnel endpoints determined from use of logical tunnel interfaces, routes, and source and destination IPv6 addresses IPv6 Automatic Tunneling Uses IPv4-compatible addresses

6over4 Overview Host-to-host, host-to-router, and router-to-host automatic tunneling technology 6over4 address: [64-bit prefix]::WWXX:YYZZ Link-local 6over4 address FE80::WWXX:YYZZ 6over4 treats an IPv4 multicast-enabled infrastructure as a single multicast-capable link Used for unicast and multicast IPv6 traffic over an IPv4 infrastructure

IPv4 Multicast-Enabled 6over4 Host B IPv4 Multicast-Enabled Infrastructure Host A IPv6 Infrastructure 6over4 Host IPv6 over IPv4 Tunnel 6over4 Host IPv6/IPv4 Router Logical Equivalent Host B IPv6 Infrastructure IPv6/IPv4 Router Host A

Source and Target Link-Layer Address Options for 6over4 Type Length Address = 1 Zero IPv4 Address

6to4 Overview Address assignment and router-to-router automatic tunneling technology 6to4 address: 2002:WWXX:YYZZ:[SLA ID]:[Interface ID] 6to4 treats the IPv4 Internet as a single link Used for unicast traffic over the IPv4 Internet

6to4 Components IPv6 Internet Internet 6to4 Relay Router IPv6 Host D IPv6/IPv4 IPv6 Internet IPv6 Host D IPv6-only 6to4 Host C IPv6/IPv4 Internet Site 2 6to4 Router IPv6/IPv4 6to4 Router IPv6/IPv4 6to4 Host A IPv6/IPv4 6to4 Host B IPv6/IPv4 Site 1

6to4 Support in Windows With public IPv4 address, automatic configuration as a 6to4 host/router Able to communicate with other 6to4 sites Able to communicate with IPv6 Internet With ICS, automatic configuration as a 6to4 router Enables forwarding Sends routing advertisements with 6to4 prefixes SLA ID = Interface index of intranet interface

6to4 for Windows IPv6 Internet Internet 6to4 Relay Router IPv6 Host D IPv6/IPv4 IPv6 Internet IPv6 Host D IPv6-only 6to4 Host C IPv6/IPv4 Internet Site 2 Site 3 6to4 Router IPv6/IPv4 6to4 Host/Router E IPv6/IPv4 6to4 Router IPv6/IPv4 6to4 Host A IPv6/IPv4 6to4 Host B IPv6/IPv4 Site 1

ISATAP Overview Address assignment and host-to-host, host-to-router, and router-to-host automatic tunneling technology ISATAP addresses: [64-bit prefix]:0:5EFE:w.x.y.z ISATAP treats an IPv4 infrastructure as a single link Used for unicast traffic across an IPv4 intranet

Link-Local ISATAP Configuration ISATAP Host A FE80::5EFE:10.40.1.29 IPv4 Infrastructure ISATAP Host B FE80::5EFE:192.168.41.30

ISATAP Router Configuration Example prefix: 3FFE:2900:D005:7::/64 IPv6 network IPv4 Infrastructure ISATAP Router IPv6 over IPv4 Tunnel ISATAP Host B 3FFE:2900:D005:7:5EFE:192.168.41.30 ISATAP router Responds to tunneled router solicitations from ISATAP hosts Forward traffic between ISATAP hosts and other IPv6 subnets

ISATAP and 6to4 Example IPv4 Infrastructure Internet ISATAP Host A 131.107.0.1 Internet ISATAP Host B 2002:836B:1:2:0:5EFE:192.168.141.30 157.54.0.1 IPv4 Infrastructure ISATAP Host A 2002:9D36:1:2:0:5EFE:192.168.12.9 Part 3 Part 2 Part 1 6to4 Router A IPv6/IPv4 192.168.204.1 6to4 Router B 192.168.39.1 192.168.12.9 192.168.141.30 Site A Site B

PortProxy Service TCP proxy for: IPv4 to IPv4 IPv4 to IPv6 IPv4-only host can communicate with IPv6-only server or application IPv6 to IPv6 IPv6 to IPv4 Use to “IPv6-enable” IPv4-only applications running on a Windows .NET Server computer

PortProxy Coexistence Scenarios An IPv4-only node can access an IPv6-only node An IPv6-only node can access an IPv4-only node An IPv6 node can access an IPv4-only service running on an IPv6/IPv4 node

Migrating to IPv6 1. Upgrade your applications to be independent of IPv4 or IPv6 2. Update the DNS infrastructure to support IPv6 addresses and PTR records 3. Upgrade hosts to IPv4/IPv6 nodes 4. Upgrade routing infrastructure for native IPv6 routing 5. Convert IPv4/IPv6 nodes to IPv6-only nodes

Review Coexistence and migration overview Coexistence mechanisms Tunneling configurations 6over4 6to4 ISATAP PortProxy Migrating to IPv6

Lesson 12 IPv6 Mobility

Lesson Objectives Components of IPv6 mobility IPv6 mobility messages and options IPv6 mobility data structures Communication between the mobile node and the correspondent node Communication between the mobile node and the home agent IPv6 mobility processes IPv6 mobility changes to the host sending and receiving algorithms

IPv6 Mobility Overview IPv6 mobility allows an IPv6 node to be mobile—to arbitrarily change its location on the IPv6 Internet—and still maintain existing connections Connection maintenance for mobile nodes is handled at the Internet layer

Components of IPv6 Mobility Correspondent Node Virtual Mobile Node Mobile Node Home Address Care-of Address Home Agent Foreign Link Home Link IPv6 Internet

IPv6 Mobility Messages And Options Destination Options Header options Binding Update Binding Acknowledgement Binding Request Home Address ICMPv6 messages Home Agent Address Discovery Request Home Agent Address Discovery Reply

ICMPv6 Home Agent Address Discovery Request Message Type Code Checksum Identifier Reserved Home Address = 150 = 0 = 0

ICMPv6 Home Agent Address Discovery Reply Message Type Code Checksum Identifier Reserved Home Agent Address 1 Home Agent Address n = 151 = 0 . . .

IPv6 Mobility Messages And Options Neighbor Discovery messages and options Modified Router Advertisement message Home Agent (H) flag Modified Prefix Information option Router Address (R) flag New definition of Prefix field New Advertisement Interval option New Home Agent Information option

IPv6 Mobility Data Structures Binding cache Contains the current bindings for mobile nodes Maintained by each correspondent node and home agent Binding update list Lists the most recent binding updates sent for the home agent and correspondent nodes Maintained by a mobile node Home agents list Lists the routers that sent a router advertisement with the Home Agent (H) bit set Maintained by home agents and mobile nodes

IPv6 Mobility Communication Between a mobile node and a correspondent node Between a mobile node and a home agent

Communication Between a Mobile Node and a Correspondent Node From the mobile node to the correspondent node Binding updates Data From the correspondent node to the mobile node Binding maintenance

Binding Update from Mobile Node to Correspondent Node IPv6 Header Source Address is CoA Destination Address is CNA Destination Options Header Home Address Option Home Address is HA Binding Update Option Correspondent Node Virtual Mobile Node Mobile Node CNA CoA HA Home Agent Foreign Link Home Link IPv6 Internet

Data from Mobile Node to Correspondent Node IPv6 Header Source Address is CoA Destination Address is CNA Destination Options Header Home Address Option Home Address is HA Upper Layer PDU Correspondent Node Virtual Mobile Node Mobile Node CNA CoA HA Home Agent Home Link Foreign Link IPv6 Internet

Binding Maintenance from Correspondent Node to Mobile Node IPv6 Header Source Address is CNA Destination Address is CoA Routing Header Segments Left is 1 Address 1 is HA Destination Options Header Binding Acknowledgement or Request Correspondent Node Virtual Mobile Node Mobile Node CNA CoA HA Home Agent Home Link Foreign Link IPv6 Internet

Data from Correspondent Node to Mobile Node-Binding Cache Entry Present IPv6 Header Source Address is CNA Destination Address is CoA Routing Header Segments Left is 1 Address 1 is HA Upper Layer PDU Correspondent Node Virtual Mobile Node Mobile Node CNA CoA HA Home Agent Foreign Link Home Link IPv6 Internet

Data from Correspondent Node to Mobile Node-Binding Cache Entry not Present IPv6 Header Source Address is CNA Destination Address is HA Upper Layer PDU Correspondent Node Virtual Mobile Node Mobile Node CNA CoA HA Home Agent Foreign Link IPv6 Internet Home Link

Communication Between a Mobile Node and a Home Agent From the mobile node to the home agent Binding updates ICMPv6 Home Agent Address Discovery Request message From the home agent to the mobile node Binding maintenance ICMPv6 Home Agent Address Discovery Reply message Tunneled data

Binding Update from Mobile Node to Home Agent IPv6 Header Source Address is CoA Destination Address is HAA Destination Options Header Home Address Option Home Address is HA Binding Update Option Home Registration flag set Correspondent Node Virtual Mobile Node CNA Mobile Node CoA HA Home Agent HAA Home Link Foreign Link IPv6 Internet

ICMPv6 Home Agent Address Discovery Request Message IPv6 Header Source Address is CoA Destination Address is Mobile IPv6 Home Agents anycast address ICMPv6 Message Home Agent Address Discovery Request Correspondent Node Virtual Mobile Node CNA Mobile Node CoA HA Home Agent HAA Home Link Foreign Link IPv6 Internet

Binding Maintenance from the Home Agent to the Mobile Node IPv6 Header Source Address is HAA Destination Address is CoA Routing Header Segments Left is 1 Address 1 is HA Destination Options Header Binding Acknowledgment or Request Correspondent Node Virtual Mobile Node CNA Mobile Node CoA HA Home Agent HAA Home Link Foreign Link IPv6 Internet

ICMPv6 Home Agent Address Discovery Reply Message IPv6 Header Source Address is HAA Destination Address is CoA ICMPv6 Message Home Agent Address Discovery Reply Correspondent Node Virtual Mobile Node CNA Mobile Node CoA HA Home Agent HAA Foreign Link IPv6 Internet Home Link

Tunneled Data from the Home Agent to the Mobile Node IPv6 Header Source Address is HAA Destination Address is CoA Source Address is CNA Destination Address is HA Upper Layer PDU Correspondent Node Virtual Mobile Node CNA IPv6 Over IPv6 Tunnel Mobile Node CoA HA Home Agent HAA Home Link Foreign Link IPv6 Internet

IPv6 Mobility Processes Attaching to the home link Moving from the home link to a foreign link Moving from a foreign link to another foreign link Returning home

Attaching to the Home Link Once on the home link, a mobile node can store: Home subnet prefix Home address Global address of their home agent Methods of configuring mobile node for home link: Manual configuration Pseudo-automatic configuration Automatic configuration

Mobile Node Attaches to its First Foreign Link 1. Multicast Router Solicitation 2. Unicast Router Advertisement 3. Home Agent Address Discovery Request 4. Home Agent Address Discovery Reply 5. Binding Update to Home Agent 6. Multicast Neighbor Advertisement 7. Binding Acknowledgment Correspondent Node † Home Agent ‡ … ƒ „ Mobile Node ‚  Home Link Foreign Link IPv6 Internet

IPv6 Mobility Communication with Mobile Node Mobile node initiates a TCP connection with a new correspondent node Mobile node initiates non-TCP communication with a new correspondent node New correspondent node initiates a TCP connection with a mobile node Home link host sends data to a mobile node

Mobile Node Initiates a TCP Connection with a New Correspondent Node 1. TCP SYN with Home Address and Binding Update options 2. TCP SYN-ACK with Binding Acknowledgment 3. TCP ACK Correspondent Node ‚  ƒ Mobile Node Home Agent Home Link Foreign Link IPv6 Internet

Mobile Node Initiates non-TCP Communication with a New Correspondent Node 1. Initial message with Home Address option 2. Response message to home address 3. Tunneled response message to Mobile Node 4. Second message with Binding Update 5. Binding Acknowledgment Correspondent Node „  ‚ Virtual Mobile Node … ƒ IPv6 Over IPv6 Tunnel HA Mobile Node Home Agent Home Link Foreign Link IPv6 Internet

New Correspondent Node Initiates a TCP Connection with a Mobile Node 1. TCP SYN to Home Address 2. TCP SYN tunneled to Care-of Address 3. TCP SYN-ACK with Binding Update 4. TCP ACK with Binding Acknowledgment Correspondent Node Virtual Mobile Node  ƒ „ ‚ HA IPv6 Over IPv6 Tunnel Mobile Node Home Agent Home Link IPv6 Internet Foreign Link

Home Link Host Sends Data to a Mobile Node 1. Multicast Neighbor Solicitation 2. Proxied unicast Neighbor Advertisement 3. TCP SYN to Home Agent’s link-layer address 4. Tunneled packet to Mobile Node 5. TCP SYN-ACK with Binding Update 6. TCP ACK with Binding Acknowledgment Host ‚ † … ƒ  „ IPv6 Over IPv6 Tunnel Mobile Node Home Agent Home Link Foreign Link IPv6 Internet

Mobile Node Changes to a New Foreign Link Correspondent Node 1. Multicast Router Solicitation 2. Unicast Router Advertisement 3. Binding Update to Home Agent 4. Binding Update to Correspondent Node 5. Binding Acknowledgments … „ IPv6 Internet Home Agent … ƒ Home Link Mobile Node Foreign Link ‚ 

Mobile Node Returns Home 1. Multicast Router Solicitation 2. Unicast Router Advertisement 3. Binding Update to Home Agent 4. Binding Update to Correspondent Node 5. Binding Acknowledgments 6. Multicast Neighbor Advertisement Correspondent Node „ … … ‚ ƒ Mobile Node †  Home Agent Home Link IPv6 Internet

IPv6 Mobility Host Sending Algorithm Set source address to sending host’s care-of address. Insert Destination Options header with Home Address option. IPv6 Mobility Host Sending Algorithm Yes Is sending host away from home? Start No Check destination cache for an entry matching the destination address. Check neighbor cache for an entry matching the next-hop address. Set destination to destination node’s care-of address. Insert Routing header. Obtain next-hop address from the destination cache entry for the care-of address. Entry found in destination cache? Entry found in neighbor cache? Yes No Yes Send packet using link-layer address of neighbor cache entry. Obtain the next-hop address from the destination cache entry. Update neighbor cache. Yes Does entry contain a pointer to a binding cache entry? No Update destination cache. Check routing table for longest matching route to the destination. Use address resolution to determine the link-layer address of the next-hop address. No Is there a longest matching route? No Yes Was address resolution successful? Set the next-hop address to the destination address. Yes No Set the next-hop address to the next-hop address of the route. Indicate an error.

IPv6 Mobility Host Receiving Algorithm Start Set source address to home address in Home Address option. Yes Is destination address assigned to a local interface? Is there a Home Address Option in the Destination Options header? Does the protocol for the Next Header field value exist? No Send ICMPv6 Parameter Problem-Unrecognized Next Header Type Encountered message and discard the packet. No No Silently discard the packet. Yes Yes Is a Routing header present? Is the upper layer PDU a UDP message? Is there an application listening on the destination UDP port? Yes Send ICMPv6 Destination Unreachable-Port Unreachable message and discard the packet. Yes No No Process Routing header. Set destination address to value in Address 1 field. Yes No Is the packet tunneled from the home agent? Is the upper layer PDU a TCP segment? Is there an application listening on the destination TCP port? No Yes Yes Process contents. Yes No No Set destination address to destination address in inner IPv6 header. Queue binding update to source address in inner IPv6 header. Pass upper layer PDU to upper layer protocol. Send TCP Connection Reset segment.

Review Components of IPv6 mobility IPv6 mobility messages and options IPv6 mobility data structures Communication between the mobile node and the correspondent node Communication between the mobile node and the home agent IPv6 mobility processes IPv6 mobility changes to the host sending and receiving algorithms

Link-Layer Support for IPv6 Appendix A Link-Layer Support for IPv6

Lesson Objectives Basic structure of IPv6 packets LAN media WAN media IPv6 over IPv4

Basic Structure of IPv6 packets Link-Layer Header IPv6 Header Payload Link-Layer Trailer IPv6 Packet Link-Layer Frame

LAN Media Ethernet Token Ring FDDI

Ethernet II Encapsulation of IPv6 Packets Preamble Destination Address Source Address EtherType = 0x86DD ... IPv6 Packet 46 - 1,500 bytes Frame Check Sequence

Ethernet IEEE 802.3 SNAP Encapsulation of IPv6 Packets Preamble Start Delimiter Destination Address IEEE 802.3 Header Source Address Length DSAP = 0xAA IEEE 802.2 LLC Header SSAP = 0xAA Control = 0x3 Organization Code = 0 SNAP Header EtherType = 0x86DD IPv6 Packet . . . 38-1,492 bytes IEEE 802.3 Trailer Frame Check Sequence

IEEE 802.5 SNAP Encapsulation of IPv6 Packets Starting Delimiter Access Control Frame Control IEEE 802.5 Header Destination Address Source Address DSAP = 0xAA IEEE 802.2 LLC Header SSAP = 0xAA Control = 0x3 Organization Code = 0x0 SNAP Header EtherType = 0x86DD IPv6 Packet . . . Frame Check Sequence IEEE 802.5 Trailer Ending Delimiter Frame Status

FDDI Encapsulation of IPv6 Packets Preamble Starting Delimiter Frame Control FDDI Header Destination Address Source Address DSAP = 0xAA IEEE 802.2 LLC Header SSAP = 0xAA Control = 0x3 Organization Code = 0x0 SNAP Header EtherType = 0x86DD IPv6 Packet . . . Up to 4,352 bytes Frame Check Sequence FDDI Trailer Ending Delimiter Frame Status

WAN Media Point-to-Point Protocol (PPP) X.25 Frame Relay ATM

PPP with HDLC Framing Encapsulation of IPv6 Packets Flag Address Control Protocol IPv6 Packet Frame Check Sequence = 0x7E = 0xFF = 0x3 = 0x57 . . . = 0x7E

X.25 Encapsulation of IPv6 Packets Flag Address Control = 0x7E General Format Indicator Logical Channel Number Packet Type Identifier LAPB Header and Trailer PLP Header NLPID = 0x8E IPv6 Packet . . . Frame Check Sequence Flag = 0x7E

Frame Relay Encapsulation of IPv6 Packets Flag Address Control = 0x7E = 0x3 NLPID = 0x8E IPv6 Packet . . . Frame Check Sequence Flag = 0x7E

ATM Null Encapsulation of IPv6 Packets Padding User to User Indication Common Part Indicator Length of Payload Frame Check Sequence . . . Up to 9,180 bytes . . . 0 - 47 bytes AAL5 Trailer

ATM SNAP Encapsulation of IPv6 Packets DSAP SSAP Control Organization Code EtherType =0xAA LLC Header =0xAA =0x3 =0 SNAP Header =0x86DD IPv6 Packet Padding User to User Indication Common Part Indicator Length of Payload Frame Check Sequence . . . . . . 0 - 47 bytes AAL5 Trailer

IPv4 Encapsulation of IPv6 Packets Extension Headers Upper Layer PDU IPv4 IPv6 Extension Headers Upper Layer PDU IPv4 Packet IP Protocol field set to 41 (IPv6 header)

Review Basic structure of IPv6 packets LAN media WAN media IPv6 over IPv4