1 IPv6 CONCEPTS Presenter: Yaoyu, Zhang

IPv6 NEEDS AND APPLICATIONS 222

333 A Need for IPv6? IETF IPv6 WG began in early 1990s, to solve addressing growth issues, but CIDR, NAT,… were developed IPv4 32 bit address = 4 billion hosts But previous and current allocation practice limit the number of public address space to few hundred million Despite very conservative allocation of address (NAT, DHCP) 2/3 of the address was allocated by mid 2002 The rising of Internet connected device and appliance will eventually deplete the IPv4 address space So, only compelling reason: More IP addresses!

444 A Need for IPv6? Internet population ~945M by end CY 2004—only 10–15% of the total population How to address the future Worldwide population? (~9B in CY 2050) Emerging Internet countries need address space Mobile Internet introduces new generation of Internet devices PDA (~20M in 2004), mobile phones (~1.5B in 2003), tablet PC Transportation—mobile networks 1B automobiles forecast for 2008—begin now on vertical markets Internet access on planes, e.g. Lufthansa—train, e.g. Narita express Consumer, home and industrial appliances

555 IP Version 6 Ethernet Optical E-Power Wireless Storage channel CATV P S DN xDSL More to come IP: The Application’s Convergence Layer With MILLIONS of New Devices Becoming IP Aware, the Need for Increased Addressing and Plugplay Networking Is Only Met with the Implementation of IPv6

IPv6 TECHNOLOGY 666 © 2005 Cisco Systems, Inc. All rights reserved. RST _04_2005_c2

777 Simplification of header format Expanded address space Extensibility (improved option support) Stateless auto-configuration Built-in security and mobility IPv6 Protocol Changes in Some Key Areas

888 IPv4 and IPv6 Header Comparison IPv4 Header IPv6 Header Field’s name kept from IPv4 to IPv6 Fields not kept in IPv6 Name and position changed in IPv6 New field in IPv6 Legend VersionTraffic ClassFlow Label Payload LengthNext HeaderHop Limit Source Address Destination Address VersionIHL Type of Service Total Length IdentificationFlags Fragment Offset Time to LiveProtocolHeader Checksum Source Address Destination Address OptionsPadding

999 IPv6 Header Next Header = 6 (TCP) TCP Segment IPv6 Header Next Header = 43 (Routing) TCP SegmentRouting Header Next Header = 6 (TCP) Authentication Header Next Header = 6 (TCP) IPv6 Header Next Header = 43 (Routing) Routing Header Next Header = 51 (AH) TCP Segment The Chain of Pointers Formed by the Next Header Field

10 IPv6 Protocol New field Flow label (RFC3697) Sequence of packets for which a source desires to label a flow Flow classifiers have been based on 5-tuple: source/destination address, protocol type and port numbers of transport

11 Flow Label IPv6 Protocol Some of these fields may be unavailable due to fragmentation, encryption or locating them past extension headers. Looking for classifier only into IP header Only three tuple, flow label, source/ destination address

ADDRESSING 12

13 The IPv6 Address Space 128-bit address space possible addresses 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses (3.4 x ) 128 bits were chosen to allow multiple levels of hierarchy and flexibility in designing hierarchical addressing and routing Typical unicast IPv6 address: 64 bits for subnet ID, 64 bits for interface ID

14 Addressing Representation 16 bit hexadecimal numbers Numbers are separated by (:) Hex numbers are not case sensitive Leading zeros in contiguous block could be represented by (::) Example: 2003:0000:130F:0000:0000:087C:876B:140B 2003:0:130F::87C:876B:140B Double colon only appears once in the address

15 Addressing Prefix Representation Representation of prefix is just like CIDR In this representation you attach the prefix length Like v4 address /16 V6 address is represented the same way 3ef8:ca62:12::/40

16 Types of IPv6 Addresses Unicast Address of a single interface; one-to-one delivery to single interface Multicast Address of a set of interfaces; one-to-many delivery to all interfaces in the set Anycast Address of a set of interfaces; one-to-one-of-many delivery to a single interface in the set that is closest No more broadcast addresses

17 Let’s Talk a Little More on Anycast Anycast allows a source node to transmit IP datagrams to a single destination node out of a group destination nodes with same subnet id based on the routing metrics

18 Anycast Anycast address assignment Only routers should respond to Anycast addresses Routers along the path to the destination just process the packets based on network prefix Routers configured to respond to Anycast packets will do so when they receive a packet send to the Anycast address

19 Addressing Type Binary Hex Aggregatable global unicast address Link local unicast address FE80::/10 Unique local unicast address FC00::/ FF00::/16 Multicast address Unspecified :: Loopback ::1 Some Special Addresses

20 IPv6: Addressing Model Addresses are assigned to interfaces Change from IPv4 model: Interface “expected” to have multiple addresses Addresses have scope Link local Unique local Global Addresses have lifetime Valid and preferred lifetime Link—Local Unique—LocalGlobal

21 Aggregatable Global Unicast Addresses Aggregatable Global Unicast addresses are: Addresses for generic use of IPv6 Structured as a hierarchy to keep the aggregation Interface ID Global Routing Prefix SLA bits345 bits16 bits ProviderSiteHost

TLA Reserved NLA SLA Interface ID 3bits 13bits 8bits 24bits 16bits 64bits The structure is as follows: A fixed prefix: 001 A Top-Level Aggregator (TLA) ID, which spans over 13 bits A reserved field of 8 bits 24 bits for intermediate providers, called Next-Level Aggregator (NLA) 16 bits for the site subnetting, called the Site-Level Aggregator (SLA) 64 bits for the host with the interface ID A TLA is a tier-1 provider. Having 13 bits means that more than 8K providers are possible, under the current allocation scheme. The TLAs are connected together in a default-free zone. The NLA field can be subdivided into more fields so a chain of intermediate providers will be possible while still keeping the aggregation. The SLA field represents the site subnetting, where the site can further cut the 16 bits into a hierarchy, but the rightmost part would be the subnet ID. A site has 16 bits to subnet its network. Aggregatable Global Unicast Addresses

23 IPv6 Address Allocation and Assignment Policy Internet Assigned Numbers Authority

24 IPv6 Interface Identifiers The last 64 bits of unicast IPv6 addresses Interface identifier based on: Extended Unique Identifier (EUI)-64 address Either assigned to a network adapter card or derived from IEEE 802 addresses Temporarily assigned, randomly generated value that changes over time A value assigned by DHCP A value assigned during a Point-to-Point Protocol connection establishment A manually configured value

25 IEEE EUI-64 Addresses Extended Unique Identifier (EUI) Company ID—Extension ID U/L bit (u) Universally (=0)/Locally (=1) Administered U/G bit (g) Unicast (=0)/Group (=1) Address ccccccug cccccccc cccccccc 24 bits40 bits xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx IEEE-Administered Company IDManufacturer-Selected Extension ID

26 Conversion of an IEEE 802 Address to an EUI-64 Address ccccccug cccccccc cccccccc 24 bits xxxxxxxx xxxxxxxx xxxxxxxx ccccccug cccccccc ccccccccxxxxxxxx xxxxxxxx xxxxxxxx xFF 0xFE IEEE-administered company IDManufacturer-selected extension ID EUI-64 Address IEEE 802 Address

FFFE17FC0F FFFE FC0F FC0F U FFFE17FC0F U = 1 Ethernet MAC address (48 bits) EUI bits version Invert the U bit IPv6 interface ID Conversion of an IEEE 802 Address to Interface ID

28 IPv6 Multicast Address IP multicast address has a prefix FF00::/8 ( ); the second octet define the lifetime and scope of the multicast address Lifetime 0If permanent 1If temporary Scope 1node 2link 5site 8organization Eglobal 8-bit4-bit 112-bit 1111 LifetimeScopeGroup-ID

29 Solicited-Node Multicast Address For each unicast and anycast address configured there is a corresponding solicited-node multicast This address is link local significance only Acts as a pseudo-unicast address for very efficient address resolution

30 Solicited-Node Multicast Address FF02::1:FF00:0000/104 Example: For FE80::2AA:FF:FE28:9C5A, the corresponding solicited-node address is FF02::1:FF28:9C5A

NEIGHBOR DISCOVERY 31

32 Neighbor Discovery Replaces ARP, ICMP (redirects, router discovery) Reachability of neighbors Hosts use it to discover routers, auto configuration of addresses Duplicate Address Detection (DAD)

33 Neighbor Discovery Neighbor discovery uses ICMPv6 messages, originated from node on link local with hop limit of 255 Consists of IPv6 header, ICMPv6 header, Neighbor discovery header, and neighbor discovery options Five Neighbor discovery messages 1.Router solicitation (ICMPv6 type 133) 2.Router advertisement (ICMPv6 type 134) 3.Neighbor solicitation (ICMPv6 type 135) 4.Neighbor advertisement (ICMPv6 type 136) 5.Redirect (ICMPV6 type 137)

34 Router Solicitation Neighbor Discovery Host send to inquire about presence of a router on the link Send to all routers multicast address of FF02::2 (all routers multicast address) Source IP address is either link local address or unspecified IPv6 address (::)

35 2. ICMP Type = 134 (RA) Src = Link-local address (FE80::/10) Dst = All-nodes multicast address (FF02::1) Data = options, subnet prefix, lifetime, autoconfig flag Router Solicitation and Advertisement Router Solicitations (RS) are Sent by Booting Nodes to Request RAs for Configuring the Interfaces 1. ICMP Type = 133 (RS) Src = Link-local address (FE80::/10) Dst = All-routers multicast address (FF02::2) Query = please send RA 2. RA1. RS

36 Neighbor Solicitation Send to discover link layer address of IPv6 node For layer two it is set to multicast for address resolution, unicast for node reachability IPv6 header, source address is set to unicast address of sending node, or :: for DAD Destination address is set to the unicast address for reachability and solicited node multicast for DAD

37 Neighbor Advertisement Response to neighbor solicitation message Also send to inform change of link layer address

38 Neighbor Solicitation and Advertisement Neighbor Solicitation: ICMP type = 135 Src = A Dst = Solicited-node multicast address Data = link-layer address of A Query = what is your link-layer address? Neighbor Advertisement: ICMP type = 136 Src = B Dst = A Data = link-layer address of B A and B can now exchange packets on this link AB

39 Redirect Redirect is used by a router to signal the reroute of a packet to a better router Redirect: Src = R2 Dst = A Data = good router = R1 3FFE:B00:C18:2::/64 R1 R2 AB Src = A Dst IP = 3FFE:B00:C18:2::1 Dst Ethernet = R2 (default router)