why we need ipv6
TRANSCRIPT
Why we need IPv6?
Internet Protocol version 6 (IPv6) is the latest version of the
Internet Protocol (IP), the communications protocol that
provides an identification and location system for computers
on networks and routes traffic across the Internet.
IPv4 & IPv6 are not designed to be interoperable, complicating
the transition to IPv6. However, several IPv6 transition
mechanisms have been devised to permit communication
between IPv4 and IPv6 hosts.
History?
IPv6 was developed by the Internet Engineering Task Force
(IETF) to deal with the long-anticipated problem of IPv4
address exhaustion.
IPv6 is intended to replace IPv4, which still carries more than
96% of Internet traffic worldwide as of May 2014. As of June 2014, the percentage of users reaching
Google services with IPv6 surpassed 4% for the first time.
With the rapid growth of the Internet after commercialization in the 1990s, it became evident that far
more addresses than the IPv4 address space has available were necessary to connect new devices in the
future. By 1998, the Internet Engineering Task Force (IETF) had formalized the successor protocol. IPv6
uses a 128-bit address, allowing 2128, or approximately 3.4×1038 addresses, or more than 7.9×1028
times as many as IPv4, which uses 32-bit addresses and provides approximately 4.3 billion addresses.
Why we need IPv6?
IPv6 or IP version 6 is the next generation Internet protocol which will eventually replace the current
protocol IPv4. IPv6 has a number of improvements and simplifications when compared to IPv4. The
primary difference is that IPv6 uses 128 bit addresses as compared to the 32 bit addresses used with
IPv4. This means that there are more available IP addresses using IPv6 than are available with IPv4
alone. For a very clear comparison, in IPv4 there are total of 4,294,967,296 IP addresses. With IPv6,
there are total of 18,446,744,073,709,551,616 IP addresses in a single /64 allocation.
To also help illustrate the sheer magnitude of available IP addresses using IPv6, you can get 65536 /64
allocations out of a single /48, and then 65536 /48 allocations out of a single /32. Many Service
Providers are getting /32 allocations from their Regional Internet Registry (RIR) like ARIN, APNIC, RIPE,
etc.
Figure 1
Why we need IPv6?
A significant difference between IPv6 and IPv4 is the address notation. IPv4 uses a period (.) between
each octet, compared to IPv6 which uses a colon (:). With IPv6, if you have a series of zeroes in a row,
the address need not be written out completely. You can use a double colon (::) to represent that series
of zeroes, however you can only use that once. For example, if you have an address like
"2001:0DB8:0000:0003:0000:01FF:0000:002E", it can be written like "2001:DB8::3:0:1FF:0:2E" or
"2001:DB8:0:3:0:1FF::2E", but would never be written like "2001:DB8::3::1ff::2E". You also cannot have
three colons in a row (:::).
Why Not NAT?
1. It was created as a temp solution
2. NAT breaks the end-to-end model.
3. Growth of NAT has slowed down growth of transparent applications.
4. No easy way to maintain states of NAT in case of node failures.
5. NAT break security.
6. NAT complicates mergers, double NATing is needed for devices to communicate with each other.
Advantages of IPv6?
Besides providing an almost limitless number of unique IP addresses for global end-to-end reachability
and scalability, IPv6 has the following additional advantages:
1. Simplified header format for efficient packet handling.
2. Larger payload for increased throughput and transport efficiency.
3. Hierarchical network architecture for routing efficiency.
4. Support for widely deployed routing protocols (OSPF, BGP, etc.).
5. Autoconfiguration and plug-and-play support.
6. Elimination of need for network address translation (NAT) and application layered gateway
(ALG).
7. Increased number of multicast addresses.
Why we need IPv6?
IPv4 and IPv6 Header Comparison?
1. IPv6 Header New Field—Flow Label (RFC3697)
2. 20-Bit Flow Label Field to Identify Specific Flows Needing Special QoS
Figure 2 IPv4 and IPv6 Header Comparison
Figure 3 IPv6 Header
Why we need IPv6?
3. Flow classifiers had been based on 5-tuple: Source/destination address, protocol type and port
numbers of transport.
4. Some of these fields may be unavailable due to fragmentation, encryption or locating them past
extension headers.
5. With flow label, each source chooses its own flow label values; routers use source addr + flow
label to identify distinct flows.
6. Flow label value of 0 used when no special QoS requested (the common case today).
Extension Headers?
MTU Issues?
1. Minimum link MTU for IPv6 is 1280 octets (vs. 68 octets for IPv4).
=> on links with MTU < 1280, link-specific fragmentation and reassembly must be used
2. Implementations are expected to perform path MTU.
3. Implementations are expected to perform path MTU discovery to send packets bigger than 1280.
4. Minimal implementation can omit PMTU discovery as long as all packets kept ≤ 1280 octets.
IPv6—Addressing Model?
1. Addresses are assigned to interfaces.
Change from IPv4 mode
Figure 4 Extension Headers
Why we need IPv6?
2. Interface “expected” to have multiple addresses.
3. Addresses have scope
Link Local
Link-Local Addresses Used for:
a. Mandatory Address for Communication between two IPv6 device (like ARP but at
Layer 3).
b. Automatically assigned by Router as soon as IPv6 is enabled.
c. Also used for Next-Hop calculation in Routing Protocols.
d. Only Link Specific scope.
e. Remaining 54 bits could be Zero or any manual configured value.
Unique Local
Unique-Local Addresses Used for:
a. Local communications
b. Inter-site VPNs
c. Not routable on the Internet
Global
A global IPv6 address is a unicast address with a predefined prefix of 2000::/3 (001). Cisco
supports global IPv6 addresses in the range of 2000::/3 through 3000::/3. IPv6 addresses
with a prefix of 2000::/3 (001) through E000::/3 (111), excluding the FF00::/8 (1111 1111)
multicast addresses, are required to have 64-bit interface identifiers (VLAN IDs) in the
IEEE 64-bit Extended Universal Identifier (EUI-64) format. The Internet Assigned Numbers
Authority (IANA) allocates the IPv6 address space in the range of 2001::/16 to the
registries.
Figure 5
Why we need IPv6?
Some Well Known Multicast Addresses?
(Note: that 02 means that this is a permanent address and has link scope.)
Solicited-Node Multicast Address?
1. For each unicast and anycast address configured there is a corresponding solicited-node
multicast.
2. This is specially used for two purpose, for the replacement of ARP, and DAD.
3. Used in neighbor solicitation messages.
4. Multicast address with a link-local scope.
5. Multicast address with a link-local scope
6. Solicited-node multicast consists of prefix + lower 24 bits from unicast, FF02::1:FF:
Types of IPv6 Addresses?
Unicast
Address of a single interface. One-to-one delivery to single interface.
Multicast
Address of a set of interfaces. One-to-many delivery to all Address of a set of interfaces. One-to-
many delivery to all interfaces in the set.
Anycast
Address of a set of interfaces. One-to-one-of-many delivery to a single interface in the set that is
closest.
No more broadcast addresses
Figure 6
Why we need IPv6?
IPv6 Address Allocation Process?
Lowest-Order 64-bit field of unicast address may be assigned in several different ways:
1. Auto-configured from a 64-bit EUI-64, or expanded from a 48-bit MAC address (e.g., Ethernet
address)
2. Auto-generated pseudo-random number (to address privacy concerns)
3. Assigned via DHCP
4. Manually configured
Transitioning from IPv4 to IPv6?
The transition from IPv4 to IPv6 will not happen quickly because of the scope of the change. The two
protocols will likely need to coexist for many years before IPv6 replaces IPv4 completely. Many countries
and corporations are currently using one or more of the methods described below to transition their
networks to IPv6.
Dual Stack
A dual stack means that IPv4 and IPv6 addresses coexist on the same platform and support hosts of both
types. This method is a way to transition from IPv4 to IPv6 with coexistence as a first step. The ACE
supports a dual stack arrangement for IPv6.
Figure 7
Why we need IPv6?
Tunneling
Many Ways to Do Tunneling:
a. Some ideas same as before GRE, MPLS, IP
b. Native IP over data link layers
ATM PVC, dWDM Lambda, Frame Relay PVC, Serial, Sonet/SDH, Ethernet Sonet/SDH,
Ethernet.
c. Some new techniques
Automatic tunnels using IPv4 , compatible IPv6 address, 6to4, ISATAP
NAT
The ACE acts as a proxy device by terminating connections from clients and then establishing a back-end
connection with servers. It then splices the two connections together to allow the clients and servers to
communicate with each other.
For IPv6, the ACE supports the NATing of client or VIP IPv4 addresses to server IPv6 and the reverse for
HTTP and HTTPS load balancing.
Configuration IPv6 to IPv4?
Manually Configured IPv6 over IPv4 Tunnel
Router 1
interface Tunnel0
ipv6 enable
ipv6 address 2001:db8:c18:1::3/127
tunnel source 192.168.99.1
tunnel destination 192.168.30.1
tunnel mode ipv6ip
Figure 8 Configuration Topology
Why we need IPv6?
Router 2
interface Tunnel0
ipv6 enable
ipv6 address 2001:db8:c18:1::2/127
tunnel source 192.168.30.1
tunnel destination 192.168.99.1
tunnel mode ipv6ip
Manually Configured GRE Tunnel
Router 1
interface Tunnel0
ipv6 enable
ipv6 address 2001:db8:c18:1::3/128
tunnel source 192.168.99.1
tunnel destination 192.168.30.1
tunnel mode gre ipv6
Router 2
interface Tunnel0
ipv6 enable
ipv6 address 2001:db8:c18:1::2/128
tunnel source 192.168.30.1
tunnel destination 192.168.99.1
tunnel mode gre ipv6