IPv6 Fundamentals

14,915 views

Published on

Presented at the January 2009 NCUG meeting. www.ncug.org

Published in: Technology
1 Comment
26 Likes
Statistics
Notes
No Downloads
Views
Total views
14,915
On SlideShare
0
From Embeds
0
Number of Embeds
1,640
Actions
Shares
0
Downloads
0
Comments
1
Likes
26
Embeds 0
No embeds

No notes for slide

IPv6 Fundamentals

  1. 1. IPv6 Fundamentals Todd Plambeck CCIE #22126 (R&S) Enterprise Architect
  2. 2. Agenda •  IPv4 to IPv6 Differences •  IPv6 Header & Extension Headers •  Addressing Architecture •  ICMPv6 •  Neighbor Discovery •  Autoconfiguration •  IOS Configuration •  Adoption
  3. 3. IPv4 and IPv6 Differences •  Addressing •  128 Bits verses 32 Bits •  Security •  IPSec (Support Required) •  Network Address Translation •  Not needed for IPv6 End-to-End Communication •  Administrative Workload •  Processing Efficiency using Extension Headers •  Mobile Device Support •  MIPv6
  4. 4. IPv6 Header 8
 16
 24
 32
 Ver Traffic Class Flow Label Payload Length Next Header Hop Limit Source IPv6 Address Destination IPv6 Address Version (4 Bits) – Always Set to 6 Traffic Class (8 Bits) – Same as TOS Byte of IPv4 Flow Label (20 Bits) – Identifies unique flows (Undefined) Payload Length (16 Bits) – Length of the payload in bytes Next Header (8 Bits) – Header or Protocol which follows Hop Limit (8 Bits) – Functions as IPv4’s time to live (TTL) Source Address (128 Bits) – Source IPv6 Address Destination Address (128 Bits) – Destination IPv6 Address
  5. 5. Extension Headers TCP Header + IPv6 Header Data Auth Header TCP Header + IPv6 Header Next Header = Data TCP Auth Header ESP Header TCP Header + IPv6 Header Next Header = Next Header = Data ESP TCP
  6. 6. Extension Headers •  Hop-by-hop Options (0) •  Information that must be examined by every node along the path •  Used by Router Alert and Jumbogram •  Routing (43) •  Similar to IPv4’s Loose Source and Record Route option •  Used by MIPv6 •  Fragment (44) •  Used to indicate to the Destination how to reassemble the fragments. •  Source node fragments packets larger than path MTU. •  Routers no longer Fragment in IPv6 •  Authentication Header (51) •  Used to provide data integrity and authentication •  Encapsulating Security Payload (50) •  Used to provide data integrity and confidentiality

  7. 7. Address Architecture •  Address Length 128 bits = 340,282,366,920,938,463,463,374,607,431,768,211,456 nodes •  Address Format X:X:X:X:X:X:X:X – Where X is a 16 bits hexadecimal field 2001:0000:0000:BEEF:021C:B3FF:FEBF:6C74 Case insensitive 2001:0000:0000:beef:021c:b3ff:febf:6c74 Leading zeros in a field are optional 2001:0:0:BEEF:21C:B3FF:FEBF:6C74 Successive fields of 0 are represented as ::, but only once in an address 2001::BEEF:21C:B3FF:FEBF:6C74
  8. 8. Address Architecture IANA •  Unicast •  Unspecified (0:0:0:0:0:0:0:0 or ::) ARIN 2001::/16
 •  Loopback (0:0:0:0:0:0:0:1 or ::1) •  Scoped addresses: •  Link-Local - FE80::/10 TLA 2001:0000::/24
 •  Unique-Local •  Aggregatable Global NLA 2001:0000:CC1E::/48
 •  Multicast SLA 2001:0000:CC1E:BEEF::/64
 •  Anycast Int. 2001::CC1E:BEEF:21C:B3FF:FEBF:6C74/128
  9. 9. Unicast
Address
Alloca5ons
 ::/0 Default Route ::/128 Unspecified ::1/128 Loopback ::/96 IPv6-Compatible* (Deprecated) ::FFFF:0:0/96 IPv4-Mapped 2001::/16 IPv6 Internet (ARIN, APNIC, RIPE NCC, LACNIC) 2002::/16 6to4 Transition 2003::/16 IPv6 Internet (RIPE NCC) 2400:0000::/19 IPv6 Internet (APNIC) 2400:2000::/19 IPv6 Internet (APNIC) 2400:4000::/21 IPv6 Internet (APNIC) 2600:0000::/22 IPv6 Internet (ARIN) 2604:0000::/22 IPv6 Internet (ARIN) 2608:0000::/22 IPv6 Internet (ARIN) 260C:0000::/22 IPv6 Internet (ARIN) 2A00:0000::/21 IPv6 Internet (RIPE NCC) 2A01:0000::/23 IPv6 Internet (RIPE NCC) FC00::/7 Unicast Unique Local FD00::/8 Unicast Unique Local (Locally Assigned) FE80::/10 Unicast Link-Local FEC0::/10 Unicast Site-Local* (Deprecated) FF00::/8 Multicast
  10. 10. Unicast Global Addressing Structure Global Unicast Address: 2001:0000:CC1E:BEEF:021C:B3FF:FEBF:6C74 2001: 00 00:CC1E: BEEF: 021C:B3FF:FEBF:6C74 3 13 8 24 16 64 FP TLA RES NLA SLA Interface
  11. 11. IEEE 802 48bit MAC Address to EUI-64 Interface Identifier for stateless Autoconfiguration 001C:B3BF:6C74 001C:B3FF:FEBF:6C74 Vendor Node 001C:B3 FF:FE BF:6C74 00 1C:B3FF:FEBF:6C74 001C:B3FF:FEBF:6C74 00000000 00000010 Universal/Local Bit Set 021C:B3FF:FEBF:6C74 EUI-64 Interface ID
  12. 12. Multicast •  Multicast addresses identify groups of interfaces (one-to-many) •  No broadcast in IPv6. Multicast is used instead, mostly on local links •  Format Prefix •  FF<flags><scope>::<multicast group> • Scoped Addresses •  Node-Local (FF01) •  Link-Local (FF02) •  Site-Local (FF05) •  Organization (FF08) •  Global (FF0E) Useful Reserved Multicast Addresses Address Scope Use FF02::1 Link-Local All Nodes FF02::2 Link-Local All Routers FF02::1:FFxx:xxxx Link-Local Solicited-Node FF05::2 Site-Local All Routers
  13. 13. Solicited-Node Multicast •  Solicited-Node Multicast Address Prefix •  FF02:0:0:0:0:1:FF00::/104 •  Address created by appending the lower 24 bits of the IPv6 interface address Global Unicast Address: 2001:0000:CC1E:BEEF:021C:B3FF:FEBF:6C74 Solicited-Node Multicast Address: FF02:0000:0000:0000:0000:0001:FF BF:6C74
  14. 14. Anycast •  One-to-nearest: great for discovery functions •  Anycast addresses are indistinguishable from unicast addresses •  Allocated from the Unicast Addresses space •  Reserved Anycast Addresses •  0x7F Unspecified •  0x7E Mobile IPv6 Home-Agents Anycast [RFC3775] •  0x00 Reserved •  Few uses •  MobileIPv6 home-agent discovery •  Discussions for DNS discovery
  15. 15. ICMPv6 •  Internet Control Message Protocol •  Same behavior as in IPv4, but few enhancements •  IPv6 Next Header = 58 8
 16
 24
 32
 IPv6 Header Type Code Checksum Message Body •  Many messages are the same as the IPv4 counterpart: •  Type 1: Destination Unreachable •  Type 2: Packet Too Big (MTU) •  Type 3: Time Exceeded •  Type 4: Parameter Problem •  Type 128/129: Echo request/Echo reply
  16. 16. Path MTU •  No fragmentation done by routers in IPv6 •  Fragmentation, if needed, is done by the source •  Source should do Path MTU Discovery to find the right MTU •  Minimum MTU is 1280 •  PMTU Discovery Process •  Send a message to the destination with MTU of your link •  If receive a ICMP error message, then resend the message with the new MTU •  Continue to Send/Receive ICMPv6 PMTU until error messages are no longer received •  Last MTU is the Path MTU
  17. 17. Neighbor Discovery •  Uses ICMPv6 messages •  Used to •  Determine link-layer address of neighbor (NS) •  Determine on-link routers and default route (RS) •  Actively keep track of neighbor reachability (NA) •  Send network information from routers to hosts (RA) •  Protocol used for host Autoconfiguration •  All ND messages must have Hop Limit=255 •  Must originate and terminate from the same link
  18. 18. Neighbor Solicitation •  Sent by a node to determine link-layer address of a neighbor •  Similar to an IPv4 ARP request •  Packet description •  Source Address = Link-Local Address •  Destination = Solicited-Node Multicast Address or All Nodes Multicast (FF02::1) •  Data contains Link-Layer Address of source •  Query is: Please send me your link-layer address •  ICMP type 135 Neighbor Solicitation (NS) Src: FE80::21C:B3FF:FEBF:6C74 Interface ID Dst: FF02::1:FF01:ABC1 FE80::21C:B3FF:FEBF:6C74
  19. 19. Neighbor Advertisement •  Response to a Neighbor Solicitation •  Similar to an IPv4 ARP response •  Includes my MAC address so you can send me information •  Packet description •  Source Address = Link-Local Address of source •  Destination = Destination Address of the NS request •  Data contains Link-Layer address of source •  ICMP type 136 Neighbor Advertisement (NA) Src: FE80::B412:D86C:108A:ABC1 Interface ID Dst: FE80::21C:B3FF:FEBF:6C74 FE80::B412:D86C:108A:ABC1
  20. 20. Router Solicitation •  Nodes request routers to send Router Advertisements immediately •  Packet description: •  Source: Link-Local address •  Destination: Multicast Address All-Routers (FF02::2) •  ICMP type 133 Multicast Group: FF02::2 Router Solicitation (RS) Src: FE80::21C:B3FF:FEBF:6C74 Interface ID Dst: FF02::2 FE80::21C:B3FF:FEBF:6C74
  21. 21. Router Advertisement •  Routers advertise periodically •  Max. time between advertisements can be in the range from 4 and 1800 seconds •  The advertisement has a lifetime (= 0 if not a default router) •  Advertisement contains one or more prefixes •  Prefixes have a lifetime •  Preferred lifetime •  Valid lifetime •  Specifies if stateful or stateless autoconfiguration is to be used •  Packet description: Multicast Group: •  Source: Router Link-Local Address FF02::2 •  Destination: All Nodes Multicast Address (FF02::1) •  Data: prefix, lifetimes, default router, options •  ICMP type 134 Router Advertisement (RA) Src: FE80::2A:B7FF:FE42:0A65 Dst: FF02::1 Network Prefix: 2001::CC1E:BEEF::/64 Default Route: 2001::CC1E:BEEF:2A:B7FF:FE42:0A65/128
  22. 22. Duplicate Address Detection •  Similar to IPv4 ARP self •  Packet description •  Source Address = Unspecified •  Destination = Solicited-Node Multicast Address •  Data contains Link-Layer Address of source •  Query is: Please send me your link-layer address •  ICMP type 135 •  If no Neighbor Advertisement is received, address is ok Neighbor Solicitation (NS) - DAD Src: :: Interface ID Dst: FF02::1:FFBF:6C74 FE80::21C:B3FF:FEBF:6C74
  23. 23. Autoconfiguration States •  Stateful configuration •  Manual IP configuration •  DHCPv6 configuration •  Stateless Address Autoconfiguration •  Applies to hosts only (not to routers) •  No manual configuration required •  Specifies the prefix, default route and lifetime •  RA Does not specify the DNS servers •  Assumes interface has unique identifies •  Assumes multicast capable link •  Uses Duplicate Address Detection
  24. 24. Autoconfiguration Example: Multicast Group: FF02::2 Join Groups: FF02::1 FF02::1:FFBF:6C74 NS DAD: Src: :: Interface ID: Dst: FF02::1:FFBF:6C74 FE80::21C:B3FF:FEBF:6C74
  25. 25. Autoconfiguration Example: Multicast Group: FF02::2 Join Groups: RA: FF02::1 Src: FE80::2A:B7FF:FE42:0A65 FF02::1:FFBF:6C74 Dst: FF02::1 Network Prefix: 2001::CC1E:BEEF::/64 Default Route: 2001::CC1E:BEEF:2A:B7FF:FE42:0A65/128 RS: Src: FE80::21C:B3FF:FEBF:6C74 Interface ID: FE80::21C:B3FF:FEBF:6C74 Dst: FF02::2
  26. 26. IOS Configuration Router (RA) Configuration Format ipv6 address <address> ipv6 nd prefix-advertisement <routing- prefix>/<length> <valid-lifetime> <preferred- lifetime> [ onlink | autoconfig ] Example ipv6 unicast-routing ! interface GigabitEthernet0/0 ipv6 enable ipv6 address 2001::CC1E:BEEF:2A:B7FF:FE42:0A65/128 ipv6 nd prefix-advertisement 2001::CC1E:BEEF/64 43200 43200 onlink autoconfig
  27. 27. Current State Comparison
  28. 28. Data Link Layer Layer 2 Cisco Frame- Ethernet PPP ATM IEEE 1394 Type HDLC Relay Protocol ID - IPv6 0x86DD 0x8057 0x86DD 0x8e 0x86DD 0x86DD Protocol ID – IPv4 0x0800 0x002d 0x0800 0x002d 0x0800 0x0800 Protocol ID Type Network PPP Ethertype Ethertype Layer Ethertype Ethertype Protocol Field Protocol ID
  29. 29. References Cisco:
 h9p://www.cisco.com/go/ipv6
 ARIN:
 h9p://www.arin.net/v6/v6‐info.html
 IPv6
Forum:
 h9p://www.ipv6forum.com/
 The
IPv6
Portal:
 h9p://www.ipv6J.org/

  30. 30. Questions?

×