Introduction to IPv6
© J. Liebeherr, 2012, All rights reserved
Internet Protocol: Which version?
There are currently two versions of the Internet Protocol in use for the Internet
• IPv4 (IP Version 4)• Specified in 1980/81 (RFC 760, 791)• Four byte addresses• Universally deployed• Problem: Address space almost exhausted
• IPv6 (IP Version 6)• Specification from 1998 (RFC 2460)• Not interoperable with IPv4, but not fundamental changes• 128 bit addresses• Problem: Not widely used (yet?)
Slow adoption of IPv6
• IPv6 is available since 15 years, and almost all operating systems now support it
• But IPv6 is not yet widely adopted
• Measurements at Internet Exchange Point in Amsterdam:
linear semi-log
How many addresses in IPv6?
• IPv4 Addresses: – 232 = 4,294,967,296 ≈ 4 billion
• IPv6 Addresses:– 2128 = 340,282,366,920,938,463,463,374,607,431,768,211,456 ≈ 3.4 x 1038
• Surface area of Earth: 510,072,000 km2 • Size of Atom: 10-10 m = 0.1 nm = 1 Angstrom (Å)• “Area of Atom”: 1 square angstrom (Ų)= 10-20 m2
Number of atoms on Earth’s surface: 510,072,000 km2 / 10-20 m2 = 5.1 x 1031
Number of IPv6 addresses for each atom on the surface of the Earth: ~ 6.7 million
IPv6: Summary of Features
• 128-bit interface addresses• Streamlined header format with extension headers• Security options• Node Mobility• No broadcast (therefore, no ARP)• No NAT (at least no need is seen)
Others:• Anycast addresses• Minimum MTU is 1280 bytes• Jumbogram extensions allow datagrams up to 232-1 bytes• Type field of Ethernet frames with IPv6 packets is 86DD
Protocols not affected by IPv6 transition
Protocols above and below network layer are not affected:
– Applications (e.g., web server, mail server, etc.)• Additional considerations for support of both IPv4 and
IPv6– Transport protocols (i.e., TCP, UDP)– Link layer protocols (i.e., Ethernet)
Protocols and services with modifications
• Some protocols need to be slightly modified to account for IPv6 addresses and requirements of IPv6 (e.g., no broadcast)– Routing Protocols
• RIPng, OSPv3, MP-BGP
– DNS– No change to structure of names or server hierarchy– New record type (AAAA) for entries with IPv6 addresses
– DHCPv6– Similar to DHCP, but without broadcast
• Changes are sometimes limited to allowing space for larger IP addresses and prefixes, and replacing broadcast by multicast
• Some considerations are needed for simultaneous support of IPv4 and IPv6
IPv6 Routing Protocols
RIPng• Based on RIPv2• Updated features: IPv6 prefix, next-hop IPv6 address, uses
the multicast group FF02::9 for updates, uses UDP port 521
OSPFv3• Based on OSPFv2, with enhancements• Updated: Distributes IPv6 prefixes, multiple addresses per
interface, authentication uses IPsec
MP-BGP• Multiprotocol extension of BGP-4• Can carry informaton on IPv6, but also other protocols
IPv6 Packet Format
IPv6 Header
• Minimum size: 40 bytes• Header is multiple of 8 bytes long
version(4 bits)
Traffic Class(8 bits)
Flow Label(24 bits)
Payload Length (16 bits)Next Header
(8 bits)Hop Limits (8 bits)
Source IP address (128 bits)
32 bits
Destination IP address (128 bits)
IPv6 Packet header
11
• IPv6 has a simplified header structure:– Headers have fixed size – No fragmentation (but available via header extensions)– No header checksum
• Most fields play a similar role as in IPv4:
• New Features:– Extension headers– Flow label– Authentication and Privacy
IPv6
… similar to …
IPv4
Version Version
Traffic class DiffServ
Payload length Total length
Next Header Protocol
Hop Limit TTL
Extension Headers
• Instead of header options, IPv6 allows to concatenate optional headers to the main header
• Extension Headers:• Security: Authentication• Fragmentation• Routing• Payload Header (TCP, UDP, …)
IPv6 HeaderNext Header =TCP
TCP Header DATA
IPv6 HeaderNext Header =
SecurityTCP Header DATA
Security HeaderNext Header = Fragementation
Fragmentation Header
Next Header =TCP
IPv6 Addresses
Convention for writing IPv6 addresses
• IPv6 addresses are written as hexadecimals• “Blocks” of 16 bits are separated by colons.
Abbreviation Rules:1. Leading zeroes in a block can be omittedFE80:0000:0000:0000:002A:0000:FE04:0A81
FE80:0:0:0:2A:0:FE04:A81
2. One (but only one) contiguous block with all zeros can be replaced by a double colon
FE80:0:0:0:2A:0:FE04:A81 FE80::2A:0:FE04:A81FE80:0:0:0:2A:0:FE04:A81 FE80:0:0:0:2A::FE04:A81
Best abbreviation result:
FE80:0000:0000:0000:002A:0000:FE04:0A81
FE80::2A:0:FE04:A81
Types of IPv6 Addresses
Binary Prefix IPv6 Prefix
Multicast 1111 1111 FF00::/8
Link-local unicast 1111 1110 10 FE80::/10
Unique Local unicast Address (ULA)
1111 11001111 1101
FC::/8FD::/8
Global unicast everything else
currently allocated global unicast addresses
001 2000::/3
Special IPv6 Addresses
• IPv4-mapped IPv6 addresses allow the use of IPv4 addressses in an IPv6 context. – IPv4 part of the address can be written in dotted decimal notation
– Example: ::FFFF:128.100.11.2
Binary Prefix IPv6 Prefix
Unspecified(not assigned, indicates absence of an address)
00…0 (128 bits) ::/128
Loopback 00…1 (128 bits) ::1/128
IPv4-mapped IPv6 addresses ::FFFF:0.0.0.0/96
Interface ID
64 bits
Subnet ID
N bits
Global Routing Prefix
64-N
Structure of a global unicast address
• Global routing prefix is allocated from ISP or Internet registryhas typical length (N) of 32-64 bits All current allocated prefixes start with 001 (binary).
• Subnet ID defines the subnetwork• Interface ID
has length 64 bits(Exception: When routing prefix starts with 000, length of Interface ID can be different)
is built using EUI-64 format
EUI-64 Address
• IEEE EUI-64 is essentially a 8-byte MAC address• There is a method to create EUI-64 address from a 48-bit MAC address
• Modified EUI-64 simply flips the 7th bit from the first byte• The modified EUI-64 address is used as IPv6 Interface ID
C8 2A 14 04 0A 81 MAC Address
04 0A 81
FF FE
C8 2A 14
1 1 0 0 1 0 0 0
1 1 0 0 1 0 1 0
U/L Bit
CA 04 0A 812A 14 FF FE
EUI-64 identifier
modifiedEUI-64 identifier
IPv6 Address Allocation
• The process for allocating address blocks (prefixes) is as with IPv4:
• IANA allocates prefixes of /23 up to /12 to RIRs• RIR allocates prefixes of /32 up to /19 to LIR, ISP, or End users• LIR/ISP obtains prefixes of /64 up to /48• There can be a National Internet Registry (NIR) between RIR and LIR/ISP
IANA
End user
allocates allocates
assigns
End user
assigns
RIRLIR
(ISP)
Currently available Global Unicast Addresses
RIR Allocated IPv6 prefix
APNIC 2400::/12
ARIN 2600::/12
ARIN 2800::/12
RIPE 2A00::/12
AfriNIC 2C00::/12
Allocated IPv6 prefix
IANA 2000::/3
Note: Several additional smaller blocks (longer prefixes) have been assigned.
group ID
112 bits
flags
8 bits
1111 1111
4 bits
scope
4 bits
IPv6 Multicast Address
• Four flags: 0RPT1. 0: first flag is always zero
2. T=0: permanent address (otherwise non-permanent)
3. P=1: Group ID based on network prefix
4. R=1: Group ID contains address of rendezvous point
• Scope defines area of validity of group ID (local to global)• Predefined multicast addresses exist
• All nodes: FF01:00:1, FF02:00:1• All routers: FF01:00:2, FF02:00:2 : FF05:00:2
• Destination MAC address of Ethernet frames with IPv6 multicast payload:– First two bytes are set to 0303 (hex)– Last 4 bytes are set to last four bytes of IPv6 multicast address
MAC address
IPv6 multicast address
MAC addresses of
frames with IPv6
packets start with
x0303 6 bytes
10 bytes
FFxx:----:----:----:----:----:----:----
0303:----:----
4 bytes
Mapping IPv6 Multicast to Ethernet
22
Interface ID
64 bits
0…0
10 bits
1111 1110 10
54 bits
Link-Local Unicast Addresses
• Used during autoconfiguration when no router is present• IPv6 requires that each interface has link local address, even if the
interface has a routable address• Link Local address is used whenever communicating with nodes on same
subnet• Packets with this address are local to a subnet (not forwarded by routers)• Issue: Since all link-local addresses have the same prefix, how does a
node pick the correct outgoing interface?– An additional identifier is appended to address Zone Index– Routing tables use zone index for all link-local addresses– Zone index can be index or name of interface:
fe80::21f:f3ff:fec5:dc47%1 , fe80::21f:f3ff:fec5:dc47%en1
8 bits
1111 110x Interface ID
64 bits
Subnet ID
40 bits
Global ID
16 bits
Unique Local Unicast Addresses (ULA)
• Address bloc: FC00::/7• Global ID is randomly selected • Addresses for communication within a domain, e.g.,
enterprise network• Packets with this address may be routed within an
administrative domain, but are not globally routable• x =1: Global ID is locally assigned
x =0: not defined
University of Toronto
• IPv6 prefix of University of Toronto: 2606:FA00::/32• Address block is allocated from ARIN
32 bits
64 bits
96 bits
32 bits
2606:FA00:0000:0000:0000:0000:0000:0000
2606:FA00:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF
Subnet ID Interface ID
from:
to:
Exercise with IPv6 Multicast Addresses
• Consider the IPv6 prefix:
2001:0AE8:0000:0000:BC30:0000:0000:0000/60
• The following are permitted abbreviations of the prefix:• 2001:AE8::BC30:0:0:0/60• 2001:AE8:0:0:BC30::/60
• The following are not permitted abbreviations of the prefix:• 2001:AE8::BC30/60• 2001:AE8::BC30::/60• 2001:AE8:0.0:BC3::/60
IP Address Configuration
Enhanced Role of ICMPv6
• Functions of ARP and IGMP are performed by ICMPv6 messages– NDP: Neighbor Discovery Protocol– MLD: Multicast Listener Discovery
28
IPv4
ARP
Ethernet
ICMPv6
ICMP
IGMP
IPv6
Ethernet
Neighbhor Discovery
MulticastListener
Discovery
IPv4 IPv6
Neighbor Discovery Protocol
• Uses several ICMPv6 messages types:• Router Solicitation / Router Advertisement, • Neighbor Solicitation / Neighbor Advertisement, • Route Redirect
• Functions:– Router/Prefix/Parameter Discovery– Address Autoconfiguration– Address Resolution– Next-Hop Determination– Duplicate Address Detection– Neighbor Unreachable Detection
Dynamic Assignment of IPv6 Addresses
• Static IP configuration still exists
DHCPv6
• Similar to DHCP for IPv4 • Requires a server (“stateful”)• For networks with central
control of address assignment
Stateless Autoconfiguration
• Uses ICMPv6 messages• Nodes select their own interface ID• No need for server (“stateless”)• For networks without central
control of address assignment
31
ICMP Router SolicitationICMP Router Advertisement
• Router Solicitation sent to the “all routers” multicast group
• Router Advertisement sent to “all nodes” multicast group
• Router Advertisement contains:– Network prefix– MTU – Default Hop limit– Router advertisement
may tell host to use DHCP
Ethernet
H1
R1 R2
Router advertisementI am a router!
Router advertisementI am a router!
Router solicitationIs there a router on this link?
32
ICMP Neighbor SolicitationICMP Neighbor Advertisement
Functions: • Replacement for ARP• Duplicate address detection
• Messages sent to “solicited node” multicast group, or via unicast
Ethernet
H1
Neigbhor advertisementMy MAC address is ...
Neigbhor solicitationWhat is H3's MAC address?
H2 H3
• When a router detects that a packetshould have gone to a different (better) router, the router (here R2)
• forwards the packet to the correct router• sends an ICMP redirect message to the host
• Host uses ICMP message to update its routing table
33
Ethernet
H1
R1 R2
Destination Next Hop
fe80::ca2a:14ff:fe04:a81/92 …
R2
Destination Next Hop
fe80::ca2a:14ff:fe04:a81/92 …
R1
Routing Redirect
(1) IPv6 packet
R1
(2) ICMP redirect(3) IPv6 packet
Stateless Address Autoconfiguration
Stateless address autoconfiguration can set IP parameters of a node without a server or manual configuration:
1. Upon startup, a node create link-local addresses for each IPv6 interface from MAC address
2. Test uniqueness by sending a Neighbor Solicitation to the created address
– If a host replies with Neighbor Advertisement, address is in use– If no response, address can be used
3. Send “ICMP Router Solicitation” to “all routers” group– Router replies with Router advertisement containing prefix, MTU, and other
information
4. Node creates a globally routable IP address using the prefix sent by the router, and the Interface ID from the link-local address
IPv6 Transition
IPv6 Transition Mechanisms
• The adoption of IPv6 has been very slow• Deployment of IPv6 will be incremental (gradual)• For the foreseeable future, IPv4 and IPv6 must co-exist
• IPv6 transition mechanisms seek to facilitate the transition to IPv6 and ensure coexistence of IPv4 and IPv6 on the same network
• IP/ICMP translation• Dual Stack• Tunneling (6bone, 6to4, 6rd, …)• many more
IP/ICMP translation
• Refers to a translation of ICMP and IP packet headers between v4 and v6
• Takes advantage of IPv4-mapped IPv6 addresses• Works similarly to NAT
• Other scenarios: IPv6 NetworkIPv4 Network, IPv4 NetworkIPv6 Internet, IPv4 InternetIPv6 Internet
IPv4 Internet
IPv6Network
IPv6/IPv4Translator
DNS
Tunneling
• IPv6 “islands” can be connected across IPv4 network by encapsulating them in IPv4 packets
38
IPv6 Network
IPv6 Network
IPv6Network
Router
IPv4 Internet RouterIP-in-IP tunnel
Router
IPv6 host in IPv4 network
Tunneling
• IPv6 networks connect via IP tunnels• With tunneling, IPv6 packets are encapsulated by IPv4
header (IP-in-IP encapsulation)
IPv4 Router IPv6/IPv4 RouterIPv6/IPv4 Router
PayloadIPv4
headerIPv6
header
Payload of IPv4 header
PayloadIPv6
headerPayload
IPv4header
IPv6header
Payload of IPv4 header
PayloadIPv6
header
PayloadIPv6
headerPayload
IPv6 headerIP-in-IP Tunnel
Dual Stack
• Dual Stack means that IPv6 enabled hosts, servers, and routers support IPv4 and IPv6 in parallel
• Allows co-existence of IPv4 and IPv6 devices on the same network
• Dual stack transition is used by enterprise/university networks
Ethernet
IPv4 IPv6
UDP TCP
IPv4 Application
Type: 0x0800
Type: 0x86DD
IPv6 Topics not covered here
• Anycast• Security (Authentication headers)• Mobile IP