Irish IPv6 Task Force - Irish IPv6 Task Force IPv6 Deployment & Strategy.
IPv6
description
Transcript of IPv6
IPv4 has 12 mandatory fields in its Header.
Version HD Len TOS Total LengthIdentification Flags Frg Offset
TTL Protocol Header ChecksumSource Address
Destination Address
Options Padding
32 bits
20 Octets
IPv6 removes Six fields and is simpler
Version Traffic ClassPayload Length Next Header Hop Limit
Source Address
Next Header Extension Header Info
Flow Label
Destination Address
32 bits
IPv6 Headers are 40 bits long and 64 bit aligned for fast processing. Addresses are 128 bits e.g. 4x IPv4.
Extension HeadersMultiple headers must follow
designated order
1. IPv6 Header
2. Hop-by-Hop Options
3. Destination Header(Placed here used with Routing Header)
4. Routing Header
5. Fragment Header
6. Authentication Header
Extension Headers
7. Encapsulation Security Payload (ESP)
8. Destination Options
9. Upper Layer (TCP/UDP)
Hop-by-Hop Options Header
• Every node processes the Hop-by-Hop Header
• Primarily used for– Router Alerts– Jumbograms
• Jumbogram = Type 194– Fragment Header is not present– Packet Exceeds 65,535 octets
Destination Options
• Not processed by routers
• Header Type = 60
• Options field allows rich number of options e.g. > 256.
Next Header Ext Header LengthOptions Continued
Options
Option Type 8bits Option Data Len Option Data
Action Change Number
Action Bits Action “00” Skip this Option“01” Discard No ICMP Report“10” Discard send ICMP Report for both unicast and multicast“11” Discard send ICMP Report only if not Multicast.
Routing Header
• Type = 43
• Explicit Routing Path
• Does not require a complete list
• Number of Headers does not change but is updated.
Fragment Header
• Host is responsible for fragmenting– Assumes MTU discovery is in use
• Only used when packet exceeds MTU
• Routers do not deal with Fragmentation
Next Header Reserved Fragment Offset Reserved More FragIdentification
Authentication HeaderType = 51
1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Next Header Payload Len Reserved
Security Parameters Index SPI
Sequence Number
Authentication Data
Upper Layer Protocols
• TCP is unchanged
• UDP unlike IPv4, checksum is no longer optional it is mandatory.
ICMPv6• Now includes Multicast functions
– Multicast Listener Protocol
• Type Field and Code Field allow more discrete treatment per Type.
1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1Type Code Checksum
Options
Packet Data
Two Broad Categories
• Error Messages
• Informational
Destination UnreachableCode Meaning0 No route to Destination1 Communication with destination
administratively prohibited2 (Not Assigned)3 Address Unreachable4 Port Unreachable
Code = 0-4 ChecksumUnused
As much of the original packet that will fit without Violating the MTU
Type = 1
Packet Too Big
Type = 2 Code = 0 Checksum
MTU
As much of the original packet that will fit without Violating the MTU
Time Exceeded Message
• Type = 3
• It has two codes– 0 = Hop Limit Exceeded – 1 = Fragment reassembly time exceeded.
• Identical to Destination Unreachable except for type and code values.
Parameter ProblemCode Meaning0 Erroneous Header Field Encountered1 Unrecognized Next Header Type2 Unrecognized IPv6 Option encountered
Type = 4 Code = 0 - 2 ChecksumPointer
As much of the original packet that will fit without Violating the MTU
Echo and Echo Reply
Type = 128/129 Code = 0 ChecksumIdentifier Sequence Number
Data
Multicast Listener ProtocolTypes130 = Query131 = Report132 = Done
Type Code ChecksumMaximum Response Delay Reserved
Multicast Address
Neighbor Discovery Protocol
• Combines several IPv4 features into a single protocol.
• Replaces– ARP– Router Discovery– Redirect Messages
Router Solicitation MessageType = 133 Code = 0 Checksum
Reserved
Destination Address
Source Link Layer Address (optional)
Destination Address = All routers Multicast AddressSource Address = Sending Nodes Address or unspecified
Neighbor Discovery –Router Solicitations
RA
ICMP Type = 133Src = Unspecified addressDst = All-routers multicast address
At boot time, nodes send router solicitations to receiveRouter Advertisements
RS
Router Advertisement Message 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 30 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Type = 134 Code = 0 Checksum
Hop Limit MO Reserved Router Lifetime
Reachable Time
Retransmission Timer
Options: 1 Source Link Layer Address2.MTU
3. Prefix Information
If M = 1 hosts use stateful address management ex. DHCPv6IF O = 1 Hosts use stateful autoconfiguration for non- address configuration
Neighbor Discovery –Router Advertisements
RA RA
ICMP Type = 134Src = Router link-local addressDst = All nodes multicast addressData = options, prefix, lifetime, autoconfig flag
Neighbor Solicitation Message 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 30 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Type = 135 Code = 0 ChecksumReserved
Target Address
Optional Source Link Layer Address
Sender is requesting Data Link Layer address from Target and provides its Data Link Layer Address
Neighbor Advertisement Message
Type =136 Code = 0 ChecksumRSO Reserved
Target Address
Optional Target Link Layer Address
R = RouterS = Response to Neighbor SolicitationO = Over ride existing LLA cache
Neighbor Discovery-Neighbor Solicitation
A B
ICMP Type =135
Src =A
Dst = Solicited-node multicast of B
Data = Link-Layer address of A
Query = what is your link address?
Neighbor Discovery-Neighbor Advertisement
A B
ICMP type = 136Src = BDst = AData = link-layer address of B
A and B can now exchange packets
Redirect MessageType = 137 Code = 0 Checksum
Reserved
Target Address
Destination Address
Options: Target Link Layer AddressRedirected Header
Sent by router to inform host of better first hop.
Neighbor Discovery –Redirect
R2
Src = ADst IP = 2001:468:B01:2::1/64Ether Default = R2Redirect:Src = R2Dst = AData = good router = R1
R1A B
2001:468:B01:2::1/64
Neighbor Discovery Options
• Type 1 and 2 share the same format
• Type 1 is Source Data Link Layer
• Type 2 is Target Data Link Layer
1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 30 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Type Length Link Layer Address
Prefix Information Option 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 30 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Type = 3 Length Prefix Length L A ReservedValid Lifetime
Preferred Lifetime
Reserved2
Prefix
L Bit = May used for on-link determinationA Bit = Prefix may be used for address autoconfiguration
Redirected Header Option
Type = 4 Length ReservedReserved
IP Header + Data
IP Header and Data field contains original packet tuncated soIt is <= 1280 Octets
MTU Discovery Option
Type = 5 Length = 1 Reserved
MTU
Ensures all links use same MTU
Path MTU Algorithm
Source MTU =Path MTU
Send Packet Packet TooBig Message
Reduce PacketSize
Yes No
Send PacketPeriodically retest
For Path MTU
Address Representation
• Format– X:X:X:X:X:X:X:X where X is a 16 bit hexadecimal field – 2001:0468:0B01:0003:0000:0000:0000:0001
• Leading zeros– Leading Zeros may be truncated– 2001:486:B01:3:0:0:0:1
• Successive fields of zeros– May be eliminated with :: but only once within an
address– 2001:468:B01:3::1
Address Representation
• IPv4-Compatible– =0:0:0:0:0:0:192.168.30.1– =::192.168.30.1– =::C0A8:1E01
• In a URL use brackets– http://[2001:1:4F3A::206:AE14]:8080/index.html– Brackets delimiter for : as part of IPv6 address
verses port number
Address Representation Continued
• IPv4 Mapped addresses.– 0:0:0:0:0:FF:192.168.30.1– =::FF:192.168.30.1– =::FF:C0A8:1E01
Unspecified and Loopback Address
• Unspecified address:– 0:0:0:0:0:0:0:0 or more simply ::– Used as a place holder when no address is
available.
• Loopback Address:– 0:0:0:0:0:0:0:1 or ::1– Same as 127.0.0.1 in IPv4– Ids self.
Link-Local
• Reserved address:– In binary is 1111 1110 10– In hexadecimal is FE80::/10
• Link-Local Addresses:– Have scope limited to Link– Automatically configured with interface ID
10 bits 64 bits interface ID54 bits set to 0
Site-Local
• Reserved Address:– In binary 1111 1110 11– In Hexadecimal FEC0::/10
• Site-Local Address:– Have site limited scope– Gives topology info via the subnet field.
10 bits Site Local 38 bits of 0 16 bits subnet ID 64 bits Interface
Aggregatable Global Unicast Addresses
• TLA – Top Level Aggregator
• RES – Reserved
• NLA – Next Level Aggregator
• SLA – Site Level Aggregator
Provider Site Host
TLA RES NLA SLA Interface ID
3 13 8 24 bits 16 bits 64 bits
Multicast
• First byte is FF e.g. 1111 1111 binary.• First half of next byte is Flag.
– 0 = permanent– 1 = temporary
• Second half is scope.– 1= node– 2 = link– 5 = site– 8 = organization– E = global
Multicast
– Examples • FF02::/16 = Link-Local• FF08::/16 = Organizational• FF0E::/16 = Global
F F 0 or 1 1,2,5,8 or E
Multicast Assigned AddressesFF0X:: is reserved where x=(0..F)
Address Scope MeaningFF01::1 Node-Local All NodesFF02::1 Link-Local All NodesFF01::2 Node-Local All RoutersFF02::2 Link-Local All RoutersFF05::2 Site-Local All RoutersFF02::1:FFXX:XXXX Link-Local Solicited Node
Anycast
• Similar to multicast except only one node needs to receive packet
• All routers are required to support it
• In it’s simplest form it is:
Subnet Prefix n bits 128-n of 0s
Example: 2002:C058:6301:: for 6t04 relay routers
Anycast EUI-64 Format
• 64 bit prefix• 57 bits of ones, except 7th bit from left set to
zero• 7 bit Anycast ID
11111101…111 Anycast ID64 bit prefix
Anycast Non-EUI-64
• N number of bits in prefix (Variable)– allows greater granularity
• (128-n of ones)-7
• 7 bits of Anycast ID
Prefix 111111111… Anycast ID
Defined Anycast Ids: 7F reserved7E Mobile home networks00 – 7D Reserved
Required Node Addresses
• Link-Local• Loopback Address• Assigned Unicast Address• All-Nodes Multicast Address• Solicited-Node Multicast for each unicast and
anycast address• Multicast address for all groups to which it
belongs• Site-Local address if used
Kernel IPv6 routing table
Destination Flags Metric Ref Use Iface
::1/128 U 0 0 0 lo
fe80::206:5bff:fe01:7e02/128 U 0 0 0 lo
fe80::/10 UA 256 0 0 eth0
ff00::/8 UA 256 0 0 eth0
::/0 UDA 256 0 0 eth0
eth0 Link encap:Ethernet HWaddr 00:06:5B:01:7E:02inet addr:199.18.97.146 Bcast:199.18.97.255 Mask:255.255.254.0 inet6 addr: fe80::206:5bff:fe01:7e02/10 Scope:LinkUP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
lo Link encap:Local
Loopbackinet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
sit0 Link encap:IPv6-in-IPv4 NOARP MTU:1480 Metric:1
Required Router Addresses
• All required node addresses• Subnet-router anycast addresses for
interfaces configured to act as forwarding interfaces.
• Other anycast configured addresses• All-routers multicast address• Specific multicast addresses for routing
protocols.
FastEthernet0/0 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::201:42FF:FE59:B310
Description: Native IPv6
Global unicast address(es):
2001:468:B01:0:201:42FF:FE59:B310, subnet is 2001:468:B01::/64
Joined group address(es):
FF02::1
FF02::2
FF02::1:FF59:B310
Addressing Architecture
Prefix Hex Size Allocation0000 0000 0000-00FF 1/256 Reserved0000 0001 0100-01FF 1/256 Unassigned0000 001 0200-03FF 1/128 NSAP0000 010 0400-05FF 1/128 IPX->Moving to Unassigned0000 011 0600-07FF 1/128 Unassigned0000 1 0800-0FFF 1/32 Unassigned0001 1000-1FFF 1/16 Unassigned001 2000-3FFF 1/8 IANA to registries
Addressing Architecture Continued
Prefix Hex Size Allocation
010,011,100,101,
110
4000-CFFF 5*1/8=5/8 Uassigned
1110 D000-EFFF 1/16 Unassigned
1111 0 F000-F7FF 1/32 Unassigned
1111 10 F800-FBFF 1/64 Unassigned
1111 110 FC00-FDFF 1/128 Unassigned
1111 1110 0 FE00-FE7F 1/512 unassigned
1111 1110 10 FE80-FEBF 1/1024 Link-Local
1111 1110 11 FEC0-FEFF 1/1024 Site-Local
1111 1111 FF00-FFFF1/256 1/256 Multicast
IPv6 over Data Link Layers
• Ethernet• FDDI• Token Ring• Arcnet• PPP• NBMA• ATM• Frame Relay
IPv6 over Ethernet
• IPv6 has a specific Ethernet protocol ID
0x86DDEthernet DestinationAddress
EthernetSourceAddress
IPv6 packet
EUI-6400 90 27 FC 0F17Ethernet MAC
Address 48 bits
00 90 27
FF FE
17 FC 0F
00 90 27 FF FE 17 FC 0F64 bits Version
Uniqueness mask 000000X0 where X=1 is unique and X=0 in not unique. So if X=1 then the EUI-64 Address is 02 90 27 FF FE 17 FC 0F
Multicast Mapping over Ethernet
FF02 0000 0000 0000 0000 0001 FF17 FC0F
IPv6 Multicast Address
33 33 FF 17 FC 0F
Ethernet multicast prefix