Lesson 3: IPv6 Fundamentals

899 views

Published on

Windows Server 2008
Network Infrastructure Configuration (MCTS)

Published in: Education

Lesson 3: IPv6 Fundamentals

  1. 1. Mahmmoud Mahdi
  2. 2.  IPv4  4.3 billion unique addresses IPv6  3.4 undecillion (3.4 ×10³⁸)  340,282,366,920,938,463,463,374,607,431,768, 211,456  340 undecillion, 282 decillion, 366 nonillion, 920 octillion, 938 septillion, 463 sextillion, 463 quintillion, 374 quadrillion, 607 trillion, 431 billion, 768 million, 211 thousand, 456
  3. 3.  The limitations of IPv4 are:  Limited number of addresses  Routing difficult to manage  Host configuration is complex  No built in security  Limited Quality of Service
  4. 4.  Improvements in IPv6 include:  Built in QoS (Quality Of Service)  More efficient routing  Simpler host configuration  Better prioritized delivery support  Redesigned headers for efficient processing and extensibility  Built-in security ▪ IP security through the use of IPSec is an integral part of IPv6, whereas it was an optional feature under IPv4.  Increased address space ▪ providing 2128 (about 340 billion) unique addresses.
  5. 5.  The IPv6 address space is:  128 bits address, or 16 bytes for addressing of four hexadecimal digits, separated by colons  8 groups of 4 Hex characters ▪ using eight groups Displayed in hexadecimal ▪ Characters: 0-9, A-F  Allows routing flexibility
  6. 6.  An example of an IPv4 IP address  192 .168.1.101 An example of an IPv6 IP address  2001:0DB8:85A3:08D3:1319:8A2E:0370:7334  3FFE:0501:0008: 0000:0260: 97FF:FE40:EFAB ▪ 3FFE:501:8:0:260:97FF:FE40:EFAB ▪ 3FFE:501:8::260:97FF:FE40:EFAB
  7. 7. Decimal 0 1 2 3 4 5 6 7Hex 0 1 2 3 4 5 6 7Binary 0000 0001 0010 0011 0100 0101 0110 0111Decimal 8 9 10 11 12 13 14 15Hex 8 9 A B C D E FBinary 1000 1001 1010 1011 1100 1101 1110 1111
  8. 8.  IPv6 addresses are:  Can use zero compression ▪ Eliminate consecutive zeros “: :” ▪ “Leading”  Use a prefix to define the network portion of address rather than a subnet mask.  Two Parts ▪ 64 bit network component ▪ 64 bit host component
  9. 9.  :0: stands for :0000: You can omit preceding 0s in any 16-bit word.  :DB8: and :0DB8: are equivalent. A series of sequential zeroes the address can be shortened to use a single zero in each group, or else the entire grouping can be represented using a double colon (: :).  2001:0000:0000:0000:0000:0000:0000:7334 = 2001:0:0:0:0:0:0:7334 = 2001::7334 :: can be used only once in an address IPv6 Loopback Is ::1
  10. 10.  The address  2001:0DB8:0000:0000:1234:0000:A9FE:133E Compress :0000: into :0:  2001:0DB8:0000:0000:1234:0:A9FE:133E Eliminate preceding zeros:  2001:DB8:0000:0000:1234:0:A9FE:133E Use the special variable shortcut for multiple 0s:  2001:DB8::1234:0:A9FE:133E
  11. 11.  Do you subnet IPv6?  If you are given 32 bits of network from your ISP, you have 96 bits to work with.  If you use some of the 96 bits to route within your network infrastructure, then you are subnetting. Client Configuration  Manual ▪ Required for routers  Automatically ▪ From routers ▪ DHCPv6 servers
  12. 12.  There are three types of addresses in IPv6: Type Description Anycast Equivalent to IPv4 unicast Unicast Additional unicast address types Multicast Equivalent to IPv4 multicast
  13. 13.  Anycast  Visually similar to global  Many destination hosts with the same address ▪ Address assigned to multiple devices.  Finds nearest based on router cost ▪ When an anycast packet is sent, it is delivered to one of the devices, usually the closest one.
  14. 14.  Unicast  A unicast packet uniquely identifies an interface of an IPv6 device.  Unicast addresses come in several types: ▪ Global unicast address ▪ Link-Local Address ▪ Unique Local Address
  15. 15.  Global Addresses (GAs)  Equivalent of public addresses in IPv4.  Address space is defined as 2000::/3 ▪ High level bits 001 ▪ First block value between 2000-3FFF
  16. 16.  The structure of GAs
  17. 17.  Link-Local Address (LLAs)  Similar to APIPA addresses  Self-configured, non-routable  Provides automatic communication on local subnet  Defined as FE80:: /10.
  18. 18.  FE80+54 bits “0” +64 bits ▪ The last 8 bytes (64 bits) are random Extended User Interface 64-bit (EUI-64) format ▪ MAC-FFFE-MAC ▪ MAC 00044 B 18 EE6C =0004:4BFF:FE18:EE6C Always get link-local, even with DHCP
  19. 19.  The structure of LLAs:
  20. 20.  Unique-Local Addresses (ULAs)  Similar to Private addresses ▪ They are not expected to be routable on the global Internet.  Defined as FC00 or FD00::/7
  21. 21.  The structure of ULAs:
  22. 22.  Multicast address  One-to-Many communication packets.  Multicast packets are identifiable by their first byte.  Defined as FF00::/8  In the second byte shown (the “00” of FF00),  the second 0 is what’s called the scope. ▪ Interface-local is 01, and link-local is 02 ▪ FF01:: is an interface-local multicast. There are several well-known multicast addresses  Ex: if you want to send a packet to all nodes in the link- local scope, ▪ You send the packet to FF02::1 (FF02:0:0:0:0:0:0:1). ▪ The all-routers multicast address is FF02::2
  23. 23. Address Prefix Scope of Use2000:: /3 Global unicast space prefixFE80:: /10 Link-local address prefixFC00:: /7 Unique local unicast prefixFF00:: /8 Multicast prefix2001:DB8:: /32 Global unicast prefix use for documentation::1 - ::/1 Reserved local loopback address2001:0000: /32 Teredo prefix (discussed later in this chapter)2002:: /16 6to4 prefix (discussed later in this chapter)
  24. 24.  New Header Format  Not supported by current IPv4 routers Router Upgrade Required Before Moving To IPv6
  25. 25.  Dual stack  Running both IPv4 and IPv6 on the same network  Utilizing the IPv4 address space for devices using only IPv4 addresses and utilizing the IPv6 address space for devices using IPv6 addresses Tunneling  Using an encapsulation scheme for transporting one address space inside another Address translation  Using a higher-level application to transparently change one address type (IPv4 or IPv6) to the other so end devices are unaware one address space is talking to another
  26. 26.  IPv6 Dual Stack
  27. 27.  IPv6 Tunneling  Several tunneling mechanisms for tunneling IPv6 through the IPv4 address space.  Used for unicast IPv6 communication across an IPv4 infrastructure.  They include the following: ▪ Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) ▪ 6to4 ▪ Teredo
  28. 28.  Intra-Site Automatic Tunnel Addressing Protocol (ISATAP)  Allows IPv6 and IPv4 hosts to communicate through a ISATAP router ▪ By performing a type of address translation between IPv4 and IPv6.  Intended for use inside a private network.  Enabled by default in Windows Server 2008. ▪ “Tunnel Adapter Local Area Connection* 8”  IPv4 embedded in IPv6 ▪ e.g., FE80::5EFE:192.168.1.5  All ISATAP clients receive an address for an ISATAP interface.  The format of an ISATAP address is as follows: ▪ [64bits of prefix] [32bits indicating ISATAP] [32bits IPv4 Address]
  29. 29.  ISATAP routers allows IPv4-only and IPv6- only hosts to communicate with each other
  30. 30.  6to4  Tunnels IPv6 traffic over IPv4 through 6to4 routers.  Similar to ISATAP, but designed for public network (Internet) ▪ Intended to be used on the Internets.  IPv4 is encapsulated in IPv6  Requires 6to4 routers ▪ Router has public IP  2002:/16 prefix ▪ Router advertises 2002: subnet ::/64 ▪ hosts auto configure 6to4 address
  31. 31.  6to4 allows IPv6-only hosts to communicate over the Internet
  32. 32.  Toredo  Similar to 6 to4 but unnecessary to upgrade edge routers.  Toredo is used (Preferred) only when no other IPv6 translation is available.  Allows clients behind an IPv4 NAT to use IPv6 on the Internet  Enabled by default in Windows Server 2008. ▪ “Tunnel Adapter Local Area Connection* 9”  2001::/32 prefix 64 64 32 prefix Teredo IPv4 Internet ID Hex
  33. 33.  Neighbor Discovery is a set of messages and processes that determine relationships between neighboring nodes. Some of the ND functions are:  Router discovery  Prefix discovery  Parameter discovery  Address auto-configuration  Address resolution  Duplicate address detection
  34. 34. Contact Me: qursaan@gmail.com

×