IPv6 (Internet Protocol V. 6) W.lilakiatsakun

IPv6 Overview IPv6 was first formally described in Internet standard document RFC 2460 Initial motivation: 32-bit address space soon to be completely allocated. Additional motivation: header format helps speed processing/forwarding header changes to facilitate QoS IPv6 datagram format: fixed-length 40 byte header no fragmentation allowed

IPv4 Header Vs IPv6 Header

IPv6 Header Traffic Class (Priority): identify Class of traffic (priority) among datagrams in flow Flow Label: identify datagrams in same “flow.” (concept of “flow” is defined in RFC 3697) Next header: identify upper layer protocol for data

Other changes Checksum: removed entirely to reduce processing time at each hop Options: allowed, but outside of header, indicated by “Next Header” field ICMPv6: new version of ICMP additional message types, e.g. “Packet Too Big” multicast group management functions

Summary of IPv6 Header (1) New fields: Flow label Traffic class Modified fields: Total length becomes Payload length TTL becomes Hop Limit Protocol becomes Next Header (indicates extension header)

Summary of IPv6 Header (2) Eliminated fields: Header length -> not necessary since IPv6 header is fixed length Header checksum -> reduce processing time at each hop ID, Flag, Segmentation, Protocol, Options, Padding -> moved to “extended header”

Traffic Class Field The 8-bit Traffic Class field in the IPv6 header is available for use by originating nodes and/or forwarding routers to identify and distinguish between different classes or priorities of IPv6 packets. It is used to provide “Differentiated Service” that defines in RFC 2474

Flow Label The 20 bits field Flow classifiers had been based on 5-tuple: Source/destination address protocol type Source/destination port numbers Flow label value of 0 used when no special QoS requested (the common case today)

Next Header Field Extension headers are daisy-chained by the “next header” field The order is fixed

Example of Next Header Value (1) Hop-by-Hop header (0) Destination options header (w/ routing header) (60) Routing header (43) Fragment header (44) Authentication header (51) ESP header (50)

Example of Next Header Value (2) ESP header (50) Mobility header (135) Destination options header (60) ICMPv6 (58) No Next header (59) Upper-layer header (Varies—TCP=6, UDP=17)

IPv6 Addressing IPv6 address has 128 bits 2128 = 3.4x1038 addresses!!!! 340,282,366,920,938,463,463,374,607,431,768,211,456 4.3x1020 addresses per square inch on earth Enough address for every grain of sand on earth!

Addressing Format (1)

Addressing Format (2) Representation Abbreviations are possible 16-bit hexadecimal numbers Numbers are separated by (:) Hex numbers are not case sensitive Abbreviations are possible Leading zeros in contiguous block could be represented by (::) Example: 2001:0db8:0000:130F:0000:0000:087C:140B 2001:0db8:0:130F::87C:140B Double colon only appears once in the address

Addressing Format (3) Rule 1: Leading zeros can be removed Rule 2: 0000 can be written as 0 Rule 3: Use “::” for all zeros in one or more group of 16-bit number

Example of IPv6 Address

Prefix Representation In this representation you attach the prefix length like IPv4 address: 198.10.0.0/16 IPv6 address is represented the same way: 2001:db8:12::/48 Only leading zeros are omitted. Trailing zeros are not omitted 2001:0db8:0012::/48 = 2001:db8:12::/48 2001:db8:1200::/48 7 2001:db8:12::/48

IPv6 Addressing Model Interface “expected” to have multiple addresses Addresses have scope Link Local Unique Local Global Addresses have lifetime Valid and preferred lifetime

Address Type (1) Unicast Multicast Anycast No more broadcast addresses Address of a single interface. One-to-one delivery to single interface Multicast Address of a set of interfaces. One-to-many delivery to all interfaces in the set Anycast Address of a set of interfaces. One-to-one-of-many delivery to a single interface in the set that is closest No more broadcast addresses

Address Type (2) Unicast Global start with 2 or 3 2000::/3 3FFE:85B:1F1F::A9:1234 Link Local start with FE8x – FEBx Site-Local (Deprecated) start with FECx – FEFx Unique Local (ULA) start with FC00: FD00 IPv4 Compatible start with 0 – 96 bits Anycast Address is allocated from unicast prefix

Address Type (3)

Global Unicast Address Global Unicast Addresses Are: Addresses for generic use of IPv6 Structured as a hierarchy to keep the aggregation

Unique Local Unique-Local Addresses Used for: Local communications Inter-site VPNs Not routable on the Internet

Link Local Link-Local Addresses Used for: Mandatory Address for Communication between two IPv6 device (like ARP but at Layer 3) Automatically assigned by Router as soon as IPv6 is enabled. Only Link Specific scope Remaining 54 bits could be Zero or any manual configured value

IP Multicast Address IP multicast address has a prefix FF00::/8 (1111 1111); the second octet defines the lifetime and scope of the multicast address

Multicast Mapping over Ethernet Mapping of IPv6 multicast address to Ethernet address is: 33:33:<last 32 bits of the IPv6 multicast address>

Solicited-Node Multicast Address (1) For each unicast and anycast address configured there is a corresponding solicited-node multicast This is specially used for two purpose, for the replacement of ARP, and DAD (Duplicate Address Detection) Used in neighbor solicitation messages

Solicited-Node Multicast Address (2) Multicast address with a link-local scope Solicited-node multicast consists of prefix + lower 24 bits from unicast, FF02::1:FF:XXXXXX

Anycast Address (1) Anycast allows a source node to transmit IP datagrams to a single destination node out of a group destination nodes with same subnet id based on the routing metrics Only routers should respond to anycast addresses Routers configured to respond to anycast packets will do so when they receive a packet send to the anycast address

Anycast Address (2)

Prefix Allocation Generally subdivide 48 bits for site prefix 80 bits for internal site numbering 16 bits for subnet number 64 bits for host number on subnet Host address can use EUI-64 (MAC-based) Guarantee uniqueness No need for manual or DHCP assignment

Subnet Organizations assign subnets (similar to IPv4) Obtain 48-bit site prefix from ISP Combine with each 16-bit subnet number Produces 64-bit prefix for every link Configure prefix in all routers attached to link Configure router advertisements Routers will distribute prefix info to hosts Hosts configure their own addresses

Host ID (Interface ID)(1) The Interface ID can be configured manually or auto-configured by any of the following methods: Using a randomly generated number Using DHCPv6 Using the Extended Unique Identifier (EUI-64) format.

Host ID (Interface ID)(2) This format expands the device interface 48-bit MAC address to 64 bits by inserting FFFE into the middle 16 bits. Cisco commonly uses the EUI-64 host ID format to do stateless auto-configuration for Cisco IP Phones, gateways, routers, and so forth.

Host ID (Interface ID)(3) Extended Unique Identifier (EUI-64)

Host Address Assignment IPv6 provides the following mechanisms for assigning address to IPv6 devices: Manual Configuration IPv6 Stateless Address Auto-Configuration (RFC2462) DHCP for IPv6 Stateless DHCP Stateful DHCP

Manual Configuration An IPv6 address can be configured statically by a human operator. This can be an appropriate method of assigning addresses for router interfaces and static network elements and resources. However, manual assignment is open to errors and operational overhead due to the 128-bit length and hexadecimal attributes of the addresses.

IPv6 Stateless Address Auto-Configuration (1) Stateless address auto-configuration (SLAAC) provides a convenient method to assign IP addresses toIPv6 nodes. If you want to use IPv6 SLAAC on an IPv6 node, then it is important to connect that IPv6 node to a network with at least one IPv6 router. This router is configured by the network administrator and sends out Router Advertisement (RA) announcements onto the link.

IPv6 Stateless Address Auto-Configuration (2) With SLAAC, the node uses the IPv6 network prefix advertised in the link-local router's RAs and creates the IPv6 host ID by using the phone's MAC address and the EUI-64 format for host IDs.

Neighbor Discovery (1) Replaces ARP, ICMP (redirects, router discovery) Reachability of neighbors Hosts use it to discover routers, auto configuration of addresses Duplicate Address Detection (DAD)

Neighbor Discovery (2) Neighbor discovery uses ICMPv6 messages, originated from node on link local with hop limit of 255 Five neighbor discovery messages 1. Router solicitation (ICMPv6 type 133) 2. Router advertisement (ICMPv6 type 134) 3. Neighbor solicitation (ICMPv6 type 135) 4. Neighbor advertisement (ICMPv6 type 136) 5. Redirect (ICMPV6 type 137)

Router Solicitation and Advertisement Router solicitations (RS) are sent by booting nodes to request RAs for configuring the interfaces Routers send periodic Router Advertisements (RA) to the all-nodes multicast address

Neighbor Solicitation and Advertisement The Neighbor Solicitation message allows a device to check that a neighbor exists and is reachable, and to initiate address resolution. The Neighbor Advertisement message confirms the existence of a host or router, and also provides layer-two address information when needed.

Redirect

Why DHCPv6 Stateless auto-configuration only configures addresses;not “other configuration” information (DNS servers,domain search list) Stateless auto-configuration is “one-size fits all” Addresses can not be selectively assigned Policies can not be enforced about clients allowed addresses

DHCP v6 (1) DHCP Process is same as in IPv4 If a client wishes to receive configuration parameters,it will send out a request on the attached local network to detect available DHCPv6 servers. This is done through the Solicit and Advertise messages DHCP Solicit message is sent to the All-DHCP-Agents multicast address Using the link-local address as the source address

DHCP v6 (2) Multicast addresses used: FF02::1:2 = All DHCP Agents (servers or relays, Link-local scope) FF05::1:3 = All DHCP Servers (Site-local scope) DHCP Messages: Clients listen UDP port 546; servers and relay agents listen on UDP port 547

DHCP Operation The default gateway has two configurable bits in its Router Advertisement (RA) available for this purpose: • O bit — When this bit is set, the client can use DHCPv6 to retrieve other configuration parameters (for example, TFTP server address or DNS server address) but not the client's IP address. • M bit — When this bit is set, the client can use DHCPv6 to retrieve a managed IPv6 address and other configuration parameters from a DHCPv6 server.

Stateless DHCPv6 (RFC 3736) When a router sends an RA with the O bit set but does not set the M bit, the client can use Stateless Address Auto-Configuration (SLAAC) to obtain its IPv6 address and use DHCPv6 to obtain additional information (such as TFTP server address or DNS server address). This mechanism is known as Stateless DHCPv6 because the DHCPv6 server does not have to keep track of the client address bindings.

Stateful DHCP (RFC 3315) When a router sends an RA with the M bit set, this indicates that clients should use DHCP to obtain their IP addresses. When the M bit is set, the setting of the O bit is irrelevant because the DHCP server will also return "other" configuration information together with the addresses. This mechanism is known as Stateful DHCPv6 because the DHCPv6 server does keep track of the client address bindings.

DHCPv6 & DHCPv4