3: Comparing IPv4 and IPv6 CIS 116 IPv6 Fundamentals Rick Graziani Cabrillo College Rick.Graziani@cabrillo.edu
Let’s Begin with the IPv6 Header Similar fields Understanding IPv6 begins with the IPv6 header. IPv6 takes advantage of 64-bit CPUs. Several differences between IPv4 and IPv6 headers. IPv4 Simpler IPv6 header. Fixed 40 byte IPv6 header. Lets look at the differences… 64-bit memory word IPv6 Understanding IPv6 all begins with the IPv6 header. When we think about IPv6 we usually think of the header’s IPv6 address but as we will see there are many changes. Understanding the IPv6 header will help us understand some of the other functionality of IPv6. Drawn as 64 bits wide, unlike IPv4 which is typically shown as a 32 bit wide header. Designers of IPv6 decided to take advantage of 64-bit processing although back then 64-bit CPUs were not common. We will explore these similarities and differences throughout this lesson. 64-bit CPUs can read one 64-bit wide memory word at a time, so to take advantage of this processing IPv6 fields start at an even 64-bit boundary or a multiple of 64. 32-bit CPUs aren’t negatively affected because a 64-bit boundary is also a 32-bit boundary. We will examine the changes between these two headers. IPv4 header – lighter shaded fields have a field in IPv6 with the same or similar functionality. The darker shaded fields are ones that are not included in IPv6. IPv6 is simpler and is fixed length. We’ll talk more about this in a moment. Figure 3-1 – IPv4 Header and Figure 3-2 – IPv6 Header
IPv6 Version IPv4 Version contains 4. IPv6 Version contains 6. Internet Stream Protocol (ST2) IPv6 As mentioned in Lesson 1, in 1990 the Experimental Internet Stream Protocol (ST2) used the value of 5 for its IP protocol Version. Although it was never known as IPv5, when encapsulated in IP, it used the value of 5 for the IP Protocol version.
IPv4 Internet Header Length IPv4 Internet Header Length (IHL) Length of IPv4 header in 32-bit words including any Options or Padding. IPv6 IHL for IPv6 is not needed. IPv6 header is fixed at 40 bytes. 1 2 3 4 5 ? IPv6 8 bytes 8 bytes 40 bytes = 8 bytes 8 bytes IPv4 IHL: This is the length of the IP header in 32-bit words, including any optional fields. This points to where the IP header ends and the data or payload begins. The minimum value is 5 (5 32-bit words or 160 bits or 20 bytes. This is equal to the minimum size of an IPv4 header, excluding any options or padding. The IPv6 header is fixed at 40 bytes which allows for faster processing by routers. 8 bytes Figure 3-3 – IPv4 Internet Header Length (IHL)
DiffServ Code Point (DSCP) IPv6 Traffic Class IPv4 Type of Service IPv6 Traffic Class Not mandated by any IPv6 RFCs. Same functionality as IPv4. Uses same Differentiated Services technique (RFC 2474) as IPv4. IPv4 IPv6 7 6 5 4 3 2 1 IP Precedence Unsused DiffServ Code Point (DSCP) IP ECN <Afer IPv6 Traffic Class> This field specifies what type of treatment the packet should receive from routers. The ToS information helps provide quality of service (QoS) features by offering different degrees of precedence. <After Uses same Differentiated Services technique….> Original terminology of the IPv4 Type of Service has been superseded by the diffserv terminology used in RFC 2474 IPv6 uses the Differentiated Services technique specified in RFC 2474 RFC 2474 defines a technique called Differentiated Services (DS) Differentiated Services Code Point (DSCP) – most routers ignore this field but if you’re implementing QoS its good idea to be come familiar with it. (Kind of strange but kind of cool. Beyond this video though. ) Figure 3-4 – IPv4 IPv4 Type of Service (ToS) Field and IPv6 Traffic Class Field
IPv6 Flow Label New field in IPv6 – not part of IPv4. Flow label is used to identify the packets in a common stream or flow. Traffic from source to destination share a common flow label. RFC 6437 IPv6 Flow Label Specification Flow label 0 means traffic is not associated with any flow. Can request spcial handling by IPv6 routers for “real-time” service IPv4 11001011000101100 10110010111000111 IPv6 <After: Flow label is used to identify…> The idea is…Tag a stream or flow of IPv6 packets sent from a source to one or more destination nodes. <After: Traffic from source to destination share a …> The Flow Label field is used to help identify all the packets within the same flow to ensure that all the packets receive the same type of handling by the IPv6 routers. Currently, there aren’t a lot of implementations that look at the flow label. However, many systems do set the flow label for packets that belong to different TCP sessions. A flow label of 0 means the flow label for that session is either not supported or not desired. Note to self: RFC: However, a flow is not necessarily 1:1 mapped to a transport connection…. As a general practice, packet flows should not be reordered, and the use of the Flow Label field does not affect this. In particular, a Flow label value of zero does not imply that reordering is acceptable. Figure 3-5 – IPv6 Flow Label Field
IPv6 Extension Header (Optional) IPv6 Payload Length IPv4 Header Data (Payload) IPv4 Total Length – Number of bytes of the IPv4 header (options) + data. IPv6 Payload Length – Number of bytes of the payload. Does not include the main IPv6 header. Includes extension headers + data IPv4 IPv6 Payload IPv6 Header IPv6 Extension Header (Optional) Data We will talk more about the extension header in a moment. IPv6 Payload length – The number bytes of the payload The data following the main IPv6 header If the IPv6 packet has one or more extension headers, they are included in the number of bytes contained in the Payload Length field. Extension headers are considered part of the payload. IPv4 header can vary in length because of Padding and Options fields IPv6 header is fixed at 40 bytes so the length of the entire IPv6 packet can easily be determined by add the 40 bytes. Extension headers will be introduced later in this lesson. These are headers which are optional and in addition to the main IPv6 header. Notice that Payload Length field is 16 bits, allowing a maximum payload size of 65,355 byes. IPv6 has a Jumbogram extension header to support larger packet sizes if needed. RFC 2675, IPv6 Jumbograms, specifies an additional 32-bit field to allow the transmission of IPv6 packets with payloads between 65,536 and 4,294,967,295 bytes. Because the Payload Length does not include the 40-byte IPv6 header there is a small efficiency gain. The receiving host or router does not have to check whether the packet is large enough to hold the IP header in the first place Figure 3-6 –IPv4 Total Field and Figure 3-7 – IPv6 Payload Length Field
IPv6 Extension Header (Optional) IPv4 and IPv6 MTUs IPv4 MTU IPv4 Header Data (Payload) IPv6 Header IPv6 Extension Header (Optional) Data IPv6 MTU IPv4 Total Length – Number of bytes of the IPv4 header (options) + data. IPv6 Payload Length – Number of bytes of the payload. Does not include the main IPv6 header. Includes extension headers + data Figure 3-8 – IPv4 and IPv6 MTUs
IPv4 Fragmentation IPv4 fields used for fragmentation and reassembly. Intermediate devices such as IPv6 routers do not perform fragmentation. Any fragmentation needed will be handled by the source using an extension header. IPv4 IPv6
IPv4 Fragmentation MTU of outgoing link smaller than packet size – fragment IPv4 packet. It is my job to reassemble the packet fragments. Link with smaller MTU PCA PCB R1 R2 R3 Destination Source 1 2 3 IPv4 Packet IPv4 Packet IPv4 Packet IPv4 Packet IPv4 Packet IPv4 requires that every link have a minimum MTU of 68 bytes. Every internet destination must be able to receive a packet of 576 bytes either in one piece or in fragments to be reassembled. IPv4 Packet IPv4 Packet IPv4 Packet http://www.potaroo.net/ispcol/2009-01/mtu6.html RFC791: Every internet module must be able to forward a datagram of 68 octets without further fragmentation. This is because an internet header may be up to 60 octets, and the minimum fragment is 8 octets. Every internet destination must be able to receive a datagram of 576 octets either in one piece or in fragments to be reassembled. Figure 3-9
IPv6 No Fragmentation IPv4 IPv6 Figure 3-10 The same values used in the IPv4 Protocol field are used in the IPv6 Next Header field along with additional values. IPv6 Next Header has additional values including for an extension header. Figure 3-10
IPv6 No Fragmentation MTU of outgoing link smaller than packet size. Drop packet. Send ICMPv6 Packet Too Big message, use MTU 1350. Packet received. No reassembly required. I will use MTU of the interface. MTU = 1500 MTU = 1500 MTU = 1350 MTU = 1500 PCA PCB R1 R2 Link with smaller MTU R3 Destination Source 1 IPv6 requires that every link have a minimum MTU of 1280 bytes, with a recommended MTU of 1500 bytes. Path MTU Discovery uses this same process. Because intermediate devices do not fragment packets, Path MTU Discovery is used when their links are greater than 1280. IPv6 Packet – MTU 1500 2 ICMPv6 Packet Too Big Use MTU 1350 3 http://www.potaroo.net/ispcol/2009-01/mtu6.html RFC2460: IPv6 requires that every link in the internet have an MTU of 1280 octets or greater. On any link that cannot convey a 1280-octet packet in one piece, link-specific fragmentation and reassembly must be provided at a layer below IPv6. Path MTU discovery is discussed in the lesson XXX. RFC 1981 IPv6 nodes SHOULD implement Path MTU Discovery in order to discover and take advantage of paths with PMTU greater than the IPv6 minimum link MTU [IPv6-SPEC]. A minimal IPv6 implementation (e.g., in a boot ROM) may choose to omit implementation of Path MTU Discovery. http://technet.microsoft.com/en-us/library/dd392274(v=ws.10).aspx Sending hosts discover the path MTU through the following process: The sending host assumes that the path MTU is the link MTU of the interface on which the traffic is being forwarded. The sending host sends IPv6 datagrams at the path MTU size. If a router on the path is unable to forward the packet over a link because the packet is larger than the link MTU, the router sends an ICMPv6 Packet Too Big message back to the sending host and discards the packet. PAThe Packet Too Big message contains the MTU of the link on which the forwarding failed. The sending host sets the path MTU for packets being sent to the destination to the value of the MTU field in the Packet Too Big message. IPv6 Packet MTU 1350
(Protocol: TCP, UDP, ICMPv6, etc.) IPv6 Next Header IPv4 Protocol IPv6 Next Header For both protocols, the field indicates the type of header following the IP header. IPv4 Common values: 6 = TCP 17 = UDP 58 = ICMPv6 88 = EIGRP 89 = OSPF IPv6 IPv6 Header Next Header Data (Protocol: TCP, UDP, ICMPv6, etc.) The same values used in the IPv4 Protocol field are used in the IPv6 Next Header field along with additional values. IPv6 Next Header has additional values including for an extension header. Figure 3-11 – IPv4 Protocol and IPv6 Next Header Fields
Routing Extension Header IPv6 Header Next Header 6 TCP Header TCP Data IPv6 Header Next Header 58 ICMPv6 Header ICMPv6 Data IPv6 Header Next Header 43 Routing Extension Header Next Header 6 TCP Header TCP Data Main IPv6 Header Extension Header Data (Payload) Figure 3-12 –IPv6 Next Header Examples
IPv6 Hop Limit IPv4 TTL (Time to Live) IPv6 Hop Limit Renamed to more accurately reflect process. Set by source, every router in path decrements hop limit by 1. I decrement these fields by 1 and discard the packet if the resulting value is 0. IPv4 IPv6 When 0, drop packet. Hop Limit makes sure packets are not roaming around the network forever – routing loop. This field is initialized with a suitable value at the origin of a packet and decremented by each router along the way. When the field reaches zero, the packet is dropped. Originally in IPv4 the idea was that the router should decrement, in seconds, that a packet is buffered in a router. But keeping track of how long packets are buffered was too difficult to implement so the number of routers was used instead. Figure 3-13 – IPv4 TTL and IPv6 Hop Limit Fields
IPv4 Header Checksum IPv4 Header Checksum Not used in IPv6. Upper-layer protocols generally have a checksum (UDP and TCP). So, in IPv4 the UDP checksum is optional. IPv4 Because it’s not in IPv6, the UDP checksum is now mandatory. IPv6
IPv4: TCP and UDP Checksums UDP checksum, which is optional in IPv4, is therefore mandatory in IPv6. The designers of IPv6 did not include a Checksum field because Layer 2 data link technologies such as Ethernet perform their own checksum and error control. Hop Limit makes sure packets are not roaming around the network forever – routing loop. This field is initialized with a suitable value at the origin of a packet and decremented by each router along the way. When the field reaches zero, the packet is dropped. Originally in IPv4 the idea was that the router should decrement, in seconds, that a packet is buffered in a router. But keeping track of how long packets are buffered was too difficult to implement so the number of routers was used instead.
IPv6 Source and Destination Addresses IPv6 Source and Destination addresses have the same basic functionality as IPv4. IPv4 – 32-bit addresses. IPv6 – 128-bit addresses. Some significant changes in IPv6. IPv4 IPv6 Much more in later lessons
IPv4 Options and Padding Not used in IPv6. Variable length, optional. IPv4 Options are handled using extension headers in IPv6. IPv4 Padding makes sure IPv4 options fall on a 32-bit boundary. IPv6 header is fixed at 40 bytes. IPv6 Fixed 40 bytes = Fixed 40-byte header so padding is not needed. IPv4 – Options are rarely used - Do not really help and are blocked my many routers and fireswalls Figure 3-16 – IPv4 Options Field and Padding Field
IPv6 Over Ethernet Destination MAC Add. Source MAC Add. EtherType 0x86dd Payload (Data) IPv6 CRC EtherType field uses the hexadecimal value 86dd when the payload is an IPv6 packet. This is commonly written as 0x86dd, with the prefix 0x indicating a hexadecimal value. Figure 3-15 – IPv6 Packet Encapsulated in an Ethernet II Frame
Packet Analysis PC1> ping 2001:db8:aaaa:1::200 Pinging 2001:db8:aaaa:1::200 from 2001:db8:aaaa:1::100 with 32 bytes of data: Reply from 2001:db8:aaaa:1::200: time<1ms Ping statistics for 2001:db8:aaaa:1::200: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms PC1> Example 3-1
Packet Analysis
(Protocol: TCP, UDP, ICMPv6, etc.) IPv6 Extension Header Next Header identifies: The protocol carried in the data portion of the packet. The presence of an extension header. Extension headers are optional and follow the main IPv6 header. Provide flexibility and features to the main IPv6 header for future enhancements without having to redesign the entire protocol. Allows the main IPv6 header to have a fixed size for more efficient processing. IPv6 Main Header Next Header Extension Header Next Header Data (Protocol: TCP, UDP, ICMPv6, etc.) We won’t go into the details of extension headers here, but they can be used to provide: Fragementation by the source
Hop-by-Hop Extension Header IPv6 Extension Header Next Header Value (Decimal) Extension Header Name Extension Header Description Hop-by-Hop Options Used to carry optional information, which must be examined by every router along the path of the packet. 43 Routing Allows the source of the packet to specify the path to the destination. 44 Fragment Used to fragment IPv6 packets. 50 Encapsulating Security Payload (ESP) Used to provide authentication, integrity, and encryption. 51 Authentication Header (AH) Used to provide authentication and integrity. 60 Destination Options Used to carry optional information that only needs to be examined by a packet’s destination node(s). IPv6 Main Header Next Header Hop-by-Hop Extension Header Next Header 51 AH Extension Header Next Header 6 TCP Header Data Immediately following the mandatory main IPv6 header, there can be zero, one, or several extension headers. A field common in all extension headers is another Next Hop field, which indicates whether another extension header is to follow, or the protocol of the data (payload) like a TCP segment. Therefore, the last extension header will always specify which protocol is encapsulated as the data or payload—again, similar to the Protocol field in IPv4.
3: Comparing IPv4 and IPv6 CIS 116 IPv6 Fundamentals Rick Graziani Cabrillo College Rick.Graziani@cabrillo.edu