Introduction to IPv6 for Service Providers

INTRODUCTION TO IPV6 FOR
SERVICE PROVIDERS
Version 1.0
Student Guide

COURSE INTRODUCTION
Introduction to IPv6 for
Service Providers
(FB-IPv6SPArchiMan)
(C) 2012 FRED BOVY EIRL. IPV6 FOR LIFE!

COURSE OVERVIEW
This course on IPv6 addresses the knowledge and skill requirements for
Architects and Projects Managers supporting IPv6 design and
implementation for Service Provider customers.
The course covers IPv6 Essentials details.
As a Prerequisites, taking the “IPv6 For Life!” Free On-Line Tutorial will
help. You can find the 3 Flash modules from http://fredbovy.com.
For further Study, the book “Understanding IPv6 Concepts” dig in depth
all the concepts explained in this course.
Migration strategies for a full range of scenarios are discussed.

COURSE CONTENT
The High-Level Objectives for this course are as follows:
§ Overview of IPv6
§ IPv6 Addressing in depth
§ IPv6 Operations
§ IPv6 Applications and Services
§ IPv6 routing protocols
§ Introduction to IPv6 Multicast
§ IPv6 Transition and customer integration Strategies including dual stack, 6to4
and 6RD Tunnels, NAT64 and DNS64 translation, Large Scale Nat (LSN or
CGN) NAT444, NAT464, DS-Lite, 6PE and 6VPE.
§ Introduction to IPv6 Security

§ Lesson 1: The origin:
IPv4 and the rationale
for IPv6
§ Lesson 2: IPv6 Protocol
and Addresses
§ Lesson 3: ICMPv6 and
Neighbor Discovery
§ Lesson 4: IPv6 Services
§ Lesson 5: IPv6 Routing
Protocols
§ Lesson 6: IPv6 Multicast
§ Lesson 7: Transition to IPv6
– Dual-Stack
– Tunneling
– Translating
§ Lesson 8: QoS in IPv6
Networks
§ Lesson 9: IPv6 and Security
– Routing
Protocols
Security
– IPSec
– Threat on NDP
and SEND
COURSE AGENDA

TYPOGRAPHIC CONVENTIONS
Convention Type of Information
Italic Font
Book titles.
Word or characters that require special attention.
Variable names or placeholders for information you
must supply, for example:
Enter the following command:
ifstat [-z] {-a interface}
Interface is the name of the interface for which you
want to view statistics.
Monospaced font!
Command names, daemon names, and option names.
Information displayed on the system console or other
computer monitors.
The contents of files.
Bold monospaced font!
Words or characters you type, for example:
Enter the following command:
options httpd.enable on!

Introduction to IPv6
INTRODUCTION TO IPV6 FOR SERVICE PROVIDERS

IPV4 AND ASSOCIATED PROTOCOLS
§ IPv4 was a Network designed for the Army that was supposed to interconnect
thousands of hosts
§ The Internet was not open to the public and you had to sign that you will not
use the Internet for business
§ Autoconfig was not needed
§ No smartphones, no sensors, no game console, no iPAD, no ADSL, no cable
home access and no Internet Access at home
§ IPv4 delivers a best-effort service
§ It was associated with other protocols:
§ ARP to resolve MAC address based on IP address
§ DHCP for centralized configuration of end nodes

IPV4 HEADER
Version Header Length D
T 0 R E Total Length
Fragment ID Flag Fragment Offset
Time To live (TTL) Protocol header checksum
Source Address
Destination Adress
Options (+ padding)
P P P
DF M

FRAGMENTATION
Identification (16 bits)
§ To identify all fragments from the same datagram
Fragment Offset (13 bits)
§ To reorder the fragments
Flag
§ DF – Do not Fragment
§ MF - More Fragment

PMTUD: 1ST ROUTER DROP MTU=1300
§ The source sends a datagram MTU=1500
§ 1st router MTU=1300
§ Drop
§ ICMP Pkt Too big MTU=1300

PMTUD: 2ND ROUTER DROP MTU=1100

PMTUD: PACKET REACHES THE DESTINATION

IPV4 ADDRESSES
§ Address IP Source/Destination
§ Class A. Addresses 1.0.0.0 to 126.255.255.255.
§ 10.0.0.0. to 10.255.255.255 is private
§ 128 domains (Networks) and 16.777.214 class A hosts per domain
§ Class B. 127.0.0.0 to 191.255.255.255.
§ 172.16.0.0. to 172.31.255.255 is private
§ 16.000 domains and 65.534 Class B hosts per domain
§ Class C. 192.0.0.0 to 223.255.255.255.
§ 192.168.0.0. à 192.168.255.255 is private
§ 2.000.000 domains and 254 Class C Hosts per domain
§ Class D. 224.0.0.0 to 239.255.255.255 Multicast
§ Class E. 240.0.0.0 to 247.255.255.255 Experimental
§ 4 billion node maximum
§ VLSM et CIDR have removed the class limitation which were wasting a lot of
addresses
§ NAT/Private Address Space (RFC1918)

NAT/PAT
§ NAT allows the translation of private to public addresses
§ PAT allows many private addresses to use the same public address
§ RFC2993 Architectural Implications of NAT
§ Cons:
§ Bottleneck
§ Single point of failure
§ Applications must be NAT Friendly
§ Does not allow end-to-end security and permit undetected MITM attacks
§ High hidden costs to have applications support
§ Pro:
§ Hide the private networks topology

SOME DISCUSSIONS ABOUT NAT
RFC 1579 - Firewall Friendly FTP
RFC 2663 - IP Network Address Translator (NAT) Terminology and Considerations
RFC 2709 - Security Model with Tunnel-mode IPsec for NAT Domains
RFC 2993 - Architectural Implications of NAT
RFC 3022 - Traditional IP Network Address Translator (Traditional NAT)
RFC 3027 - Protocol Complications with the IP Network Address Translator (NAT)
RFC 3235 - Network Address Translator (NAT)-Friendly Application Design Guidelines
RFC 3715 - IPsec-Network Address Translation (NAT) Compatibility
RFC 3947 - Negotiation of NAT-Traversal in the IKE
RFC 5128 - State of Peer-to-Peer (P2P) Communication across
Network Address Translators (NATs)

OPTIONS
Limited number of possible options:
§ Class 0
- 0 - 00000 – End of the option list (padding).
- 1 - 00001 – No Operation.
- 2 - 00010 – Security and management restriction used by
military applications.
- 3 - 00011 – Loose Source Routing.
- 7 - 00111 – Route Recording.
- 8 - 01000 – Connection identification.
- 9 - 01001 – Strict Source Routing.
§ Class 2
- 4 - 00100 – Internet Timestamp.

DHCP
§ For end nodes, centralized configuration
§ Everything is configured from a DHCP server:
§ IP Address
§ Default Router
§ DNS Servers Addresses
§ SIP Server Addresses
§ Domain Names

IPV6 RATIONALE IN THE SERVICE PROVIDER ENVIRONMENT
§ The question is not “if” it will happen, but “when” will it happen
§ IPv4 addresses depleted as of February 2011
§ Number of connected devices continues to increase
§ IPv4 can accommodate 4 billion on nodes
§ Exceed 15 billion in 2015 and 50 billion in 2020
§ Over 100 billions Microcontrollers; 10 billions shipped per year
§ Devices are always connected, from anywhere
§ It will eliminate IPv4 issues once fully deployed
§ NAT
§ Network efficiency and scalability
§ It has integrated features (services)
§ Global addresses
§ Mobility
§ Security

NAT/PAT IS THE HEROINE OF THE INTERNET
§ NAT/PAT with private addresses was invented as a workaround for address depletion
in the 1990s. Then people started to use it and found that NAT/PAT was the solution
for everything: Security, multihoming, and address independency with the Service
Provider.
§ Most people do not realize the huge hidden costs which go with NAT. All the new
applications must be engineered to bypass and support NAT. There are more than
77 RFCs about NAT if you do a simple search on the IETF with NAT keyword, then
look at the result.
§ NAT denies end-to-end security, is a problem for real security protocols like IPSec or
DNSSEC.
§ NAT seems to be the solution for everything ,while actually it breaks a lot (most) of
the network applications and does not permit end-to-en security. It gives an
opportunity for undetected MITM exploits which could be prevented with end-to-end
security.
§ When people have start to use NAT/PAT they cannot imagine any network without it
or how the Internet was before the introduction of NAT/PAT..
§ NAT creates more issues than it solves problems. Without NAT, we would not
have sleep for 20+ years before starting a protocol more appropriate than IPv4.
Do you know that before it was prohibited
by Law in the USA in 1959 and in France in
1963, Heroine was sold in Pharmacy as a
Miracle Medicine for almost everything?

WHO IS RUNNING IPV6 ?
A lot of ISPs and enterprises already use IPv6:
§ Free SAS
§ RENATER
§ The Cable Operators with DOCSIS 3.0
§ COMCAST
– Running IPv6 internally for years
– General roll out scheduled to be completed in 2012
§ Time Warner
– General roll out scheduled to start next year
§ Mobile Phone
– 4G: Designed for IPv6, 3G supports IPv6
– T-Mobile: IPv6 only
– Verizon LTE: IPv6 is primary protocol
– Sprint: Deploying IPv6 in 2012

SERVICE PROVIDER IPV6 TRANSITION STRATEGIES
§ An end-to-end IPv6-only core is the ultimate goal.
§ Transition strategies require Carrier Grade solutions:
§ Native IPv4 core
§ Dual Stack
§ Large Scale NAT (Carrier Grade NAT, AFT)
§ MPLS enabled core
§ 6PE
§ 6VPE
§ The solution must support any customer connection.
§ Keeping two protocols is expensive. AT&T predicts the end of IPv4 in 2020.

SERVICE PROVIDER DRIVERS FOR ADOPTION OF IPV6
§ IPv4 growth potential is finite even with double NAT
§ Structured migration path to IPv6
§ Be one of the first to market with IPv6 enabled services
§ Customers will require access to new IPv6 content from content providers
§ SPs will be competing for services that are IPv6 dependant
§ Some devices, like smartphones, will be very soon IPv6-only
§ NAT cannot be the solution for all applications and all users
§ See IDC and Renater Migration Case Studies

CONCLUSION
§ IPv4 is not designed to support multiple addresses per user
§ NAT cannot be a solution for some applications
§ IPv4 Options are not extensible
§ New transport are introduced to support new applications
§ IPv4 cannot permit an address for each device which will need connection to
the Internet

FEATURES AND BENEFITS
§ No more fragmentation info in each packet
§ No more Header CHECKSUM
§ It is now mandatory for UDP
§ Traffic Class (8 bits) replaces the Precedence and ToS Byte
§ The Flow Label (20 bits) identifies a flow
§ Addresses are 128 bits long
§ No More NAT needed
§ Alignment on 64 bytes
§ Header size increases from 20 bytes to 40 bytes
§ Autoconfiguration

TRANSITION RICHNESS
§ Dual-Stack
§ Translation
§ NAT, LSN, CGN
§ NAT-PT = NAT46+NAT64+ALG
§ NAT64/DNS64, NAT444, NAT464
§ Tunneling
§ 6to4, 6RD, 4RD
§ DS-Lite = 4RD + LSN
§ IPv6 Over IPv4/MPLS
§ 6PE
§ 6VPE

IPv6 Operations

IPV6 ADDRESSING ARCHITECTURE (RFC 4291)
§ Unicast (one-to-one)
§ To identify a network interface
§ Three scopes of addresses:
§ IPv6 Global
§ Link-Local
§ Unique Local Address (equivalent RFC1918)
§ Multicast (one-to-many)
§ To identify a set of interface on the network
§ Traffic is routed to all of these interfaces
§ Scope: interface, link, site, organization, global
§ Anycast (one-to-nearest)
§ To identify a set of interfaces on the network
§ The traffic is routed to the nearest interface
§ IPv6 Addressing Architecture
§ http://tools.ietf.org/html/rfc4291

REPRESENTATION (RFC 4291)
§ X:X:X:X:X:X:X:X
§ X is a Hexa field on 16 bits
§ Consecutive 0 are represented by :: but this can be used only once in the
address
§ 2000:1::0102:1234:4222
§ FF01:0:0:0:0:0:0:1 or FF01::1
§ 0:0:0:0:0:0:0:0 or ::
§ In an URL, the address is surrounded by [ ]
§ http://[2001:1:4::11]:8080/index.html

GLOBAL UNICAST ADDRESS (RFC 4291)
§ Global unicast host address:
– 2000:0001:0002:0000:0000:0005:0006:0007
– 2000:0001:0002::0005:0006:0007
§ Network Prefix:
– 2000:0001:0002::/48
– 2000:1000:0001:0010::/64
§ In the Internet 2000::/3 global unicast address:
– http://www.iana.org/assignments/ipv6-unicast-address-assignments/ipv6-unicast-address-
assignments.xml
– http://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.
xml
Provider . 48 bits Site . 16 bits Host. 64 bits
Global Routing Prefix SLA Interface ID

IPV6 GLOBAL UNICAST ADDRESS FORMAT (RFC 3587)
Initial Format
Provider . n bits 64 .n bits Host. 64 bits
Global Routing Prefix Subnet ID Interface ID
IETF assigned 001 for Global Unicast, 2620::/12 assigned to American
Registry for Internet Numbers
16 Bits
3 9 bits
36 bits
Host. 64 bits
00
1
ARIN RIR or ISP
Subnet ID Interface ID
RFC 2374: Aggregatable Global Unicast Address Structure
Public Topology Site Topology Interface Identifier
13 8 24 16
3 64 bits
FP TLA ID RES
NLA ID SLA ID Interface ID

AGGREGATABLE GLOBAL UNICAST ADDRESS
STRUCTURE (RFC 2374)
§ FP: Format Prefix (001)
§ TLA ID: Top-Level Aggregation Identifier
§ A default free router will have a route to each TLA ID plus the specific routes for
the TLA ID it belongs to.
§ RESERVED for future utilization
§ NLA ID: Next-Level Aggregation Identifier
§ Identify sites within an organization.
§ SLA ID: Site-Level Identifier
§ Identify the subnets within an organization
§ Same as the IPv4 Subnets
§ Supports 65.535 Subnets
§ Interface Identifier
Public Topology Site Topology Interface Identifier
13 8 24 16
3 Host. 64 bits
FP TLA ID RES

LINK-LOCAL ADDRESS (RFC 4291)
§ Allows automatic address configuration without router
§ Equivalent in IPv4: 169.254.0.0/16 (RFC 3927)
§ FE80::/10
128bits
All 0s Interface ID
11111
1010
FE80::/10
64 bits

SCOPED ADDRESS ARCHITECTURE (RFC 4007)
§ At the beginning the Site-Locale was defined
§ fec0::/10
§ This was deprecated by RFC 3879
§ All addresses but the unspecified have a scope
§ RFC 4007 defines a « Scope Zone » or Zone as a connected region with a
given scope
§ It is noted with the sign %
§ Example: fe80::1%5

UNIQUE-LOCAL ADDRESS (RFC 4193)
§ For private addresses like RFC 1918 for IPv6
§ Network Prefixes:
§ FC00::/7 Globally Managed
§ FD00::/8 Locally Managed
§ To reserve an address:
§ http://www.sixxs.net/tools/grh/ula/
48 bits 16 bits
Host. 64 bits
Global ID 40 bits Subnet ID Interface ID
1111 1100
1111 1101
FC00::/7
FD00::/8

INTERFACE ID DERIVED FROM THE MAC: EUI-64
§ Mac Address 48 bit
§ X=1 Unique
§ X=0 Not Unique
00 90 59 02 E0 F9
00 90 59 FF FE 02 E0 F9
000000X0

RANDOM INTERFACE ID (RFC 4941)
§ If the interface ID is derived from the MAC address, it will be constant.
§ There is no NAT, this can be used to track a user.
§ Privacy Extension uses a randomized ID to configure the interface ID.

SPECIAL ADDRESSES (RFC 4291)
§ Unspecified
§ 0:0:0:0:0:0:0:0 or::
§ Used when the node does not have an address configured
§ Loopback
§ 0:0:0:0:0:0:0:1
§ ::1
§ 127.0.0.1 for ipv4
§ IPv4-Mapped
§ ::ffff:192.168.0.11
§ Another RFC 5156 compiles the special addresses which should not be routed
on the Internet
§ http://tools.ietf.org/html//rfc5156

Flag – 4 bits
§ O if permanent
§ 1 if temporary
Scope – 4 bits
§ 1=node
§ 2=link
§ 4=admin
§ 5=site
§ 8=Organization
§ E=Global
MULTICAST (RFC 4291)
Only the link-local is automatically filtered by routers. Other scope must be implemented with Access-List
FF Flag Scope 0 Interface ID
128 bit

MULTICAST ADDRESS RESERVED
§ FF01::1 Interface-local Scope All node address
§ FF01::2 Interface-local Scope All routers address
§ FF02::1 Link-local Scope all node adress
§ FF02::2 Link-local Scope All routers address
§ FF05::1 Site-local Scope All node address
§ FF05::2 Site-local Scope all routers address
§ FF05::1:3 Site-local Scope all DHCP server

SOLICITED-NODE MULTICAST ADDRESS
§ Unicast Address
§ 805B:2D9D:DC28::FC57:D4C8:1FFF
§ Prefix
§ FF02:0:0:0:0:1:FF
§ Solicited-node multicast adress
§ FF02:0:0:0:0:1:FFC8:1FFF
§ Automatically configured for each unicast
Prefix Interface Identifier
FF02 O 0001 FF 24 bits
128 bits

IPV6 ADDRESS SPACE
http://www.iana.org/assignments/ipv6-address-space/ipv6-address-space.xml

IPV6 ADDRESS SUMMARY
These addresses include:
§ ::/128 Unspecified Adddress
§ ::1/128 loopback Address
§ 2001::/32 Teredo prefix
§ 2001:db8::/32 reserved for training and documentation by RFC 3849
§ 2002::/16 prefix used by 6to4
Prefix Description
::/8 Address Reserved
2000::/3 Internet Routed Global Unicast Address
fc00::/7 Site Local Address (deprecated)
fe80::/10 Link-Local Address
ff00::/8 Multicast Address
http://www.iana.org/assignments/ipv6-address-space/ipv6-address-space.xml

ADDRESSES REQUIRED FOR AN IPV6 NODE
§ A Link-local for each interface
§ Loopback
§ Assigned Unicast
§ All-nodes Multicast
§ Solicited-node multicast for each unicast
§ Multicast

ADDRESSES REQUIRED FOR A ROUTER
All the addresses needed for a node plus:
§ Anycast address is a particular service needs it
§ All-Routers Multicast
§ Routing protocols specific multicast addresses

IPV6 IN ETHERNET
Protocole IPv6: Ox86DD
Dest Ethernet
Adress Source Ethernet
Adress 0x86DD IPv6 Header and charge

MULTICAST MAPPING ON ETHERNET
IPv6 Multicast Address
§ FF02:0:0:0:0:1:FF90:FE53
§ 128 bits
Mac Address
§ 33:33:FF:90:FE:53
§ 48 bits
FF02:0:0:0:0:1:FF90:FE53
33:33:FF:90:FE:53

sa13-72c(config-if)#do show ipv6
int gig0/2
GigabitEthernet0/2 is up, line
protocol is up
§ IPv6 is enabled, link-local address is
FE80::20B:60FF:FEB4:9C1A
No Virtual link-local address(es):
§ Stateless address autoconfig enabled
Global unicast address(es):
§ 2000:1::20B:60FF:FEB4:9C1A, subnet is
2000:1::/64 [EUI/CAL/PRE]
§ Valid lifetime 2591911 preferred lifetime
604711
Hosts use stateless autoconfig for
addresses
Joined group address(es):
§ FF02::1
§ FF02::2
§ FF02::1:FFB4:9C1A
§ MTU is 1500 bytes
§ ICMP error messages limited to one every 100 milliseconds
§ ICMP redirects are enabled
§ ICMP unreachables are sent
§ ND DAD is enabled, number of DAD attempts: 1
§ ND reachable time is 30000 milliseconds (using 23319)
§ ND advertised reachable time is 0 (unspecified)
§ ND advertised retransmit interval is 0 (unspecified)
§ ND router advertisements are sent every 200 seconds
§ ND router advertisements live for 1800 seconds
§ ND advertised default router preference is Medium
CISCO IPV6 INTERFACE

ASSIGNMENT OF ADDRESSES
IANA
2a01:0e35:2f26:d340:acaa:4946:9234:1379!
RIR ISP/LIR
EU/ISP
EU
RIR NIR ISP/LIR EU
Regional Internet
Registries (ARIN,
APNIC, RIPE, NCC)
National
Internet
Registries
Local
Internet
Registries
End Users
http://www.ripe.net/ripe/docs/ripe-512

IPV6 ADDRESS ALLOCATION
§ IPv6 addresses are 4 time bigger than IPv4
§ Must be carefully managed not to explode the size of routing tables
§ Bloc of addresses are allocated by IANA or a RIR
§ To be eligible for address allocation:
§ Must be a LIR
§ Have a plan to provide addresses to customers within two years
§ Minimum allocation to a LIR is a /32

ADDRESSES ASSIGNMENT TO A USER
§ The assignment of addresses to end users is done by LIR
§ RFC 3177 obsoleted by RFC6177
§ Standard is no more /48 but between /48 and /64
§ For a large customer
§ /47 or larger can be assigned
§ Or multiple /48
§ /64 for a single subnet
§ /128 for a single host
§ By default the assignment is temporary
§ For multihomed users Provider Independant (PI) addresses
§ RIPE Looking Glass:
http://stat.ripe.net/2a01:e00::/26!
http://stat.ripe.net/2804:258::/32!

INTERNET HIERARCHY
ISP1
21ae:db8::/32
Cust1
21ae:db8:1::/48
RIR1
21ae::/8
Cust2
21ae:db9:1::/48
Cust4
2001:db8:2::/48
ISP2
21ae:db9::/32
Cust3
2001:db8:1::/48
ISP3
2001:db8::/32
IANA
2000::/3
RIR2
2001::/8

PROVIDER ASSIGNED ADDRESS SPACE
§ FP: Format Prefix (001)
§ TLA ID: Top-Level Aggregation Identifier
§ RESERVED pour utilisation future
§ NLA ID: Next-Level Aggregation Identifier
§ SLA ID: Site-Level Identifier
§ Interface Identifier
Site
Public Topology Topology Interface Identifier
13 8 24 16
3 Host. 64 bits
FP TLA ID RES

MULTIHOMING
ISP1
2001:db8::/32
assign
2001:db8:1::/48
ISP2
2001:db9::/32
assign
2001:db9:100::/48
Site
2001:db8:1::/48
2001:db9:100::/48

PROVIDER-ASSIGNED ADDRESS
§ The /48 prefix is assigned by ISP
§ The address belongs to the ISP and should be returned by the end of the
contract.
ISP1
2001::db8::/32
2001:db8:1::/48
ISP2
2001:db9::/32
2001:db9:100::/48
2001:db8:1::/48 2001:db9:100::/48
2001:db8:1::/48
2001:db9:100::/48

PROVIDER-ASSIGNED – MULTIHOMED
WORKSTATIONS
ISP1
2001:db8::/32
ISP2
2001:db9::/32
§ End node now has two addresses
2001:db9:100::/48
2001:db8:1::/48
2001:db9:100:99:42:345F:1:1/64
2001:db8:1:99:42:345F:1:1/64

PROVIDER-ASSIGNED – FAULT TOLERANCE(1)
ISP1
ISP2
§ Better route from ISP2
§ A session is started
2001:db9:100::/
48
2001:db9:100:99:42:345F:1:1/64
2001:db8:1:99:42:345F:1:1/64
2001:db8:1::/48

PROVIDER-ASSIGNED – FAULT TOLERANCE (2)
§ Dest thru ISP2 is no longer reachable
§ The session fails
ISP1 ISP2
2001:db9:100::/48
2001:db8:1::/48
2001:db9:100:99:42:345F:1:1/64
2001:db8:1:99:42:345F:1:1/64

PROVIDER-ASSIGNED – FAULT TOLERANCE (3)
ISP1
ISP2
§ A new session must be started
2001:db9:100::/48
2001:db8:1::/48
2001:db9:100:99:42:345F:1:1/64
2001:db8:1:99:42:345F:1:1/64

PROVIDER-ASSIGNED MULTIHOMING
§ Routing based Solution
§ RFC 3178
§ Need to establish tunnels with ISPs
§ Does not protect upstream ISP failure scenario
§ Quite complex to setup
§ Host based sloution
§ Shim6. RFC 5533, RFC 5534, RFC 5535
§ http://www.shim6.org/
§ http://datatracker.ietf.org/wg/shim6/charter/
§ Many solution proposed
§ Need to update software on the hosts
§ Prefix Translation stateless (NPT6 no NAT66 !)
§ Experimental Draft RFC6296
§ http://fredbovyipv6.blogspot.com/2011/09/from-nat66-to-ipv6-to-ipv6-network.html
§ The solution should conform to RFC 3852
§ https://www.ietf.org/rfc/rfc3582.txt

PA MULTIHOMING: SHIM6
http://www.shim6.org/
AP1 AP2 … APn
TCP/UDP
IP
identifie
r
End-Point
Shim6 Layer
Locator Forwar
d
Shim6 Layer
Shim6
Protocol

PROVIDER-INDEPENDANT ADDRESS:
MULTIHOMING
§ Same as IPv4
§ No more renumbering if one change of ISP
ISP1
2001:db8:1::/48
2001:db8:66::/48
ISP2
2001:db8:100::/48
2001:db8:66::/48
2001:db8:66::/48
2001:db8:1::/48
2001:db8:1::/48
2001:db8:100::/48
2001:db8:66::/48
2001:db8:100::/48
2001:db8:66::/48

PROVIDER-INDEPENDANT VERSUS PROVIDER-ASSIGNED
§ Provider Assigned
§ It was the only solution until 2009
§ Keep routing table size quite low
§ Multihoming may be hard to setup
§ Provider Independent
§ Allocated by the RIR
§ Solve the multihoming problem
§ In Europe this is allocated by the RIPE
§ Must be Multihomed
§ Need to comply with: http://www.ripe.net/ripe/docs/ripe-452
§ No more aggregation of the routing table

CONCLUSION
§ No more address limitation
§ No more NAT limitation
§ Extensible with Option headers
§ Performance-oriented header, but twice bigger
§ Multicast replaces the broadcast
§ Multihoming is still an open debate

IPV6 HEADER
Ver Traffic Class Flow Label
Payload Length Next Header=Hop-By-Hop Hop Limit
Source IPv6 Address
Next Header=Routing Hdr
Next Header=TCP
DDeessttininaattioionn IIPPvv66 A Addddrreessss
Hop-By-Hop
Routing Header
TCP Header

IPV6 HEADER
Ethernet II, Src: ca:02:42:76:00:08 (ca:02:42:76:00:08), Dst: IPv6mcast_00:01:00:02
(33:33:00:01:00:02)
Destination: IPv6mcast_00:01:00:02 (33:33:00:01:00:02)
Source: ca:02:42:76:00:08 (ca:02:42:76:00:08)
Type: IPv6 (0x86dd)
Internet Protocol Version 6
0110 .... = Version: 6
[0110 .... = This field makes the filter "ip.version == 6" possible: 6]
.... 1110 0000 .... .... .... .... .... = Traffic class: 0x000000e0
.... .... .... 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000
Payload length: 56
Next header: UDP (0x11)
Hop limit: 255
Source: fe80::38b1:e73c:c0f0:4442 (fe80::38b1:e73c:c0f0:4442)
Destination: ff02::1:2 (ff02::1:2)
User Datagram Protocol, Src Port: dhcpv6-client (546), Dst Port: dhcpv6-server (547)
Source port: dhcpv6-client (546)
Destination port: dhcpv6-server (547)
Length: 56
Checksum: 0x86f0 [validation disabled]

TRAFFIC CLASS
§ One byte
§ Same as ToS+Precedence in IPv4
§ Carry the DSCP
§ Can be changed by routers (mutable)

FLOW LABEL (RFC3697)
§ To Identify a flow of data
§ Not currently used by applications
§ Is not modified by routers (Unmutable)
§ A flow is identified by addresses and flow label.
§ Not encrypted by IPSec
§ Not fragmented if fragmentation occurs
§ Not very used because it could be used by DoS Attacks

IPV6 OPTION HEADER
§ IPv4 protocol field replaced by Next Header
§ Each option is formatted as a TLV (Type Length Value)
8 bits 8 bits
Option Type Option Length
Option data

HOP-BY-HOP OPTION
§ Hop-by-Hop (Next header=0) option must be inspected by all nodes
§ Used by Jumbogram to reach 65,536 octets
§ RFC 2711 Router Alert used by MLD, RSVP
§ Each router need to check this option
§ IANA manage a list of allocated numbers
§ 0 to 35 have been allocated
§ 36 to 65535 should be rejected
§ Must be the first option

ROUTING HEADER
§ Type 0: Source Routing
§ Loose Source Routing
§ Deprecated
http://www.ietf.org/rfc/rfc5095.txt
§ Type 1: Obsolete
§ Type 2: RFC3775 Used by Mobile IPv6

OTHER IPV6 OPTION HEADER
§ Destination Option
§ An option for the destination IPv6 address only
§ Fragment Header
§ Fragmentation is only permitted by the source
§ Routers cannot fragment packet anymore
§ Authentication Header
§ ESP Header
§ Mobility Header

OPTIONS ORDERING
§ Hop-by-hop
§ Destination options (if routing present)
§ Routing
§ Fragment
§ Authentication
§ ESP
§ Mobility
§ Destination option (if routing absent)
§ Upper layer

IPV6 PACKET CAPTURE
0110 .... = Version: 6
.... 1010 0000 .... .... .... .... .... = Traffic class: 0x000000a0
.... .... .... 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000
Payload length: 60
Next header: IPv6 hop-by-hop option (0x00)
Hop limit: 64
Source: 2005::2 (2005::2)
Destination: 2005::1 (2005::1)
Hop-by-Hop Option
Next header: IPv6 destination option (0x3c)
Length: 0 (8 bytes)
PadN: 6 bytes
Destination Option
Next header: ICMPv6 (0x3a)
Length: 0 (8 bytes)
PadN: 6 bytes

MAXIMUM TRANSMISSION UNIT
IPv4
§ MTU >= 68 Octets
IPv6
§ MTU >= 1280 Octets
§ PMTUD
Link-Layer Frame
Frame Header IPv6 Packet Frame Trailer
Minimum MTU = 1280 Octets

ICMPv6

TOPICS
§ Introduction
§ ICMPv6
§ MLD (IGMP)
§ ICMPv6 Protection
§ ICMPv6 Error Messages
§ Destination Unreachable
§ Time Exceeded
§ Packet too Big
§ Parameter Problem
§ Information Messages
§ Echo Request
§ Echo Reply
§ Cisco and ALU 7750 Example

INTRODUCTION
§ RFC 4443
§ IPv6 extension header type 58
§ Path MTU Discovery
§ ICMPv6 carry Neighbor Discovery Protocol, MLD

ICMPV6/NDP HEADER
http://www.iana.org/assignments/icmpv6-parameters
§ List all types, codes and more
Type Code Checksum
Message Body

MLD (IGMP)
§ Router and Multicast Receivers Protocol
§ MLDv1 (RFC 2710)
§ IGMPv2. RFC 2236
§ Multicast Listener Query. ICMPv6 Type 130
§ Multicast Listener v1. Report. ICMPv6 Type 131
§ Multicast Listener Done. ICMPv6 Type 132
§ MLDv2
§ IGMPv3. RFC 3376
§ Multicast Listener Query. ICMPv6 Type 130
§ Multicast Listener Report. v2. ICMPv6 Type 143

ICMPV6 PROTECTION
The following messages MUST have a hop limit = 255
§ RS:133, RA:134
§ NS:135, NA:136
§ Redirect: 137
§ Inverse Neighbor Discovery Solicitation: 141
§ Inverse Neighbor Discovery Advertisement: 142
§ Certificate Path Solicitation (SEND): 148
§ Certificate Path Advertisement (SEND): 149

ICMPV6 INFORMATION MESSAGE
§ pingv6
§ Echo Request
§ Echo Reply
sa13-72c>ping 2000:1::100!
Type escape sequence to abort.!
Sending 5, 100-byte ICMP Echos to 2000:1::100, timeout is 2 seconds:!
!!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/4 ms!
sa13-72c>!
Apr 21 05:56:54: ICMPv6: Sent echo request, Src=2000:1::20B:60FF:FEB4:9C1A, Dst=2000:1::100!
Apr 21 05:56:54: ICMPv6: Received echo reply, Src=2000:1::100, Dst=2000:1::20B:60FF:FEB4:9C1A!
[SNIP]!

ERROR MESSAGES
§ Destination Unreachable
§ Packet Too Big
§ Time Exceeded
§ Parameter Problem

TYPE: DESTINATION UNREACHABLE
Code Description Utilization
0 No route to destination The packet was dropped because the router did
not have a route to the destination
1 Communication
administrativement
prohibited
The packet was filtered by a router (ACL)
3 Unreachable address The data link layer cannot be resolved
4 Port unreachable The UDP or TCP destination port does not exist or
is ignored by the host

TYPE: TIME EXCEEDED
Code: Hop Limit Exceeded in Transit
§ The hop limit is decremented at each hop.
§ When it reaches zero.
§ The packet is dropped
§ ICMPv6 TIME EXCEEDED CODE: Hop limit exceeded in transit is sent
to the source address of the packet
§ This mitigates the consequences of a routing loop in a network.
Code: Fragment reassembly Time exceeded
§ When a station receives the first fragment of a packet, it starts a timer
§ If the timer reaches zero before the original datagram get reassembled
§ All fragments get dropped
§ TIME EXCEEDED, CODE: Fragment reassembly time exceeded is sent
to the source of the packet

TYPE: PACKET TOO BIG
§ When a router must forward a datagram on a link with an MTU smaller than the packet
size
§ It drops the packet
§ It sends an ICMPv6 Packet Too Big providing the MTU of the link
§ The source must
§ Send a new and smaller packet with a length matching the available MTU
§ Or send the original datagram fragmented with a fragment size matching the
available MTU
§ The minimum MTU in IPv6 MUST be 1280 bytes

TYPE: PARAMETER PROBLEM
§ A pointer helps this type to find the right field or option
§ Packet with such problem MUST be discarded and an ICMPv6 Parameter
Problem SHOULD be sent
Code Description Utilization
O Erroneous header field
encountered
A field in the header is wrong
1 Unrecognized next header
type encountered
The next header is not
recognized.
2 Unrecognized IPv6 option
encountered
The option field is not
recognized

ALU 7750: SHOW ROUTER ICMP6
A:SR-3>show>router>auth# show router icmp6
===============================================================================
Global ICMPv6 Stats
===============================================================================
Received
Total : 14 Errors : 0
Destination Unreachable : 5 Redirects : 5
Time Exceeded : 0 Pkt Too Big : 0
Echo Request : 0 Echo Reply : 0
Router Solicits : 0 Router Advertisements : 4
Neighbor Solicits : 0 Neighbor Advertisements : 0
-------------------------------------------------------------------------------
Sent
Total : 10 Errors : 0
Router Solicits : 0 Router Advertisements : 0
Neighbor Solicits : 5 Neighbor Advertisements : 5
===============================================================================
A:SR-3>show>router>auth#

CONCLUSION
§ ICMPv6 is quite similar to ICMP for IPv4
§ Information message: Echo Request, Echo Reply
§ Error Messages
§ ICMPv6 is also used to transport
§ Neighbor Discovery Protocol
§ MLD for multicast

Neighbor Discovery Protocol

NDP FEATURES
§ RFC 4861, RFC 4862
§ Router Discovery
§ Neighbor Discovery
§ Prefix Discovery
§ Parameter Discovery
§ Address Auto-Configuration
§ Address Resolution
§ Next-hop Determination
§ Neighbor Unreachability Detection
§ Duplicate Address Detection
§ Redirection
§ Default Router and More Specific route Selection
§ Proxying node

NEIGHBOR SOLICITATION (NS)
§ MAC Address Resolution
§ NS are sent to the neighbor Solicited Node Multicast Address to resolve its
MAC address based on its IPv6 Address
§ Same purpose a ARP in IPv4
§ Optimized as the NS provides the sender MAC address
§ Neighbor Unreachability Detection
§ After « reachable time » without neighbor reachability confirmation from
upper layer, a NS is sent to the neighbor Unicast address to check the
neighbor reachability
§ Duplicate Address Detection
§ Before an IPv6 can be used DAD is performed

NS TO RESOLVE THE NEIGHBOR MAC ADDRESS
§ Sent to the solicited node address, this is
to ask the neighbor MAC address from its
IPv6 Address

NS PROBE TO CHECK NEIGHBOR REACHABILITY
§ Sent to the Unicast address, this is a
probe for Reachability

ND – NEIGHBOR ADVERTISEMENT
§ To reply with the MAC address or to acknowledge reachability

NEIGHBOR CACHE MANAGEMENT FSM

NEIGHBOR UNREACHABILITY DETECTION
§ ND Protocol can detect that a neighbor is unreachable
§ This may be useful to use a new default router
§ This can be detected by:
§ Upper layer protocol acknowledge traffic
§ NA received in response of an NS
§ This is configured on a Cisco Router with two parameters:
§ IPv6 nd ns-interval <milliseconds>
§ IPv6 nd reachable-time <milliseconds>

STATE MACHINE FOR REACHABILITY
NA1 – Receive a NA with Solicited=0
and Override=1 or Override=0
and the link-layer identical to
the one in cache
NA4 – Receive a NA with solicited=1,
Override=0 abd link-layer
different of the one in cache
NA5 – Receive a NA with solicited=0,
override=1, and link-layer
different from cache
O – Receive another paquet ND with a
link-layer different from the
cache.
S – Send a packet
T – Timeout
Te – Timeout with no more retry
U – Upper Layer confirmed
Create Entry
Send NS
Incomplete
NA2
Stale
Delay
Probe
Reachable
Te
NA1
Report Error
Delete Entry
NA3
Or
U
T or O or
NA4 or NA5
T
Retry NS
NA3 ou U
Retry NS
Send NS
NA5 ou O
S NA3 ou U
NA5 ou O
T
Te
T
T

NEIGHBOR STATES
§ INCOMPLETE
§ Address resolution is being performed on the entry. Specifically, a Neighbor Solicitation has been sent to the solicited-node
multicast address of the target, but the corresponding Neighbor Advertisement has not yet been received.
§ REACHABLE
§ Positive confirmation was received within the last ReachableTime milliseconds that the forward path to the neighbor was
functioning properly. While REACHABLE, no special action takes place as packets are sent.
§ STALE
§ More than ReachableTime milliseconds have elapsed since the last positive confirmation was received that the forward path was
functioning properly. While stale, no action takes place until a packet is sent. The STALE state is entered upon receiving a
unsolicited Neighbor Discovery message that updates the cached link-layer address. Receipt of such a message does not confirm
reachability, and entering the STALE state ensures reachability is verified quickly if the entry is actually being used. However,
reachability is not actually verified until the entry is actually used.
§ DELAY
§ More than ReachableTime milliseconds have elapsed since the last positive confirmation was received that the forward path was
functioning properly, and a packet was sent within the last DELAY_FIRST_PROBE_TIMEseconds. If no reachability confirmation is
received within DELAY_FIRST_PROBE_TIME seconds of entering the DELAY state, send a Neighbor Solicitation and change the
state to PROBE. The DELAY state is an optimization that gives upper-layer protocols additional time to provide reachability
confirmation in those cases where ReachableTime milliseconds have passed since the last confirmation due to lack of recent
traffic. Without this optimization, the opening of a TCP connection after a traffic lull would initiate probes even though the
subsequent three-way handshake would provide a reachability confirmation almost immediately.
§ PROBE
§ A reachability confirmation is actively sought by retransmitting Neighbor Solicitations every RetransTimer milliseconds until a
reachability confirmation is received.

NEIGHBOR DISCOVERY TRACE ON A CISCO
ROUTER
§ No DROP during ND MAC address resolution. This is because packet is buffered and this can be used for a
DoS Attack
sa13-72c#ping 2000:1::100!
Type escape sequence to abort.!
Sending 5, 100-byte ICMP Echos to 2000:1::100, timeout is 2 seconds:!
!!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/4 ms!
sa13-72c#!
Apr 18 08:36:03: ICMPv6-ND: DELETE -> INCMP: 2000:1::100!
Apr 18 08:36:03: ICMPv6-ND: Sending NS for 2000:1::100 on GigabitEthernet0/2!
Apr 18 08:36:03: ICMPv6-ND: Resolving next hop 2000:1::100 on interface GigabitEthernet0/2!
Apr 18 08:36:03: ICMPv6-ND: Received NA for 2000:1::100 on GigabitEthernet0/2 from 2000:1::100!
Apr 18 08:36:03: ICMPv6-ND: Neighbour 2000:1::100 on GigabitEthernet0/2 : LLA 0008.201a.7c38!
Apr 18 08:36:03: ICMPv6-ND: INCMP -> REACH: 2000:1::100!
Apr 18 08:36:08: ICMPv6-ND: Received NS for 2000:1::1 on GigabitEthernet0/2 from FE80::208:20FF:FE1A:
7C38!
Apr 18 08:36:08: ICMPv6-ND: DELETE -> INCMP: FE80::208:20FF:FE1A:7C38!
Apr 18 08:36:08: ICMPv6-ND: Neighbour FE80::208:20FF:FE1A:7C38 on GigabitEthernet0/2 : LLA 0008.201a.
7c38!
Apr 18 08:36:08: ICMPv6-ND: INCMP -> STALE: FE80::208:20FF:FE1A:7C38!
Apr 18 08:36:08: ICMPv6-ND: Sending NA for 2000:1::1 on GigabitEthernet0/2!
Apr 18 08:36:08: ICMPv6-ND: STALE -> DELAY: FE80::208:20FF:FE1A:7C38

NEIGHBOR SOLICITATION CAPTURE
§ The Source Layer Address is provided to avoid the request in the other
direction
0110 .... = Version: 6
.... 1110 0000 .... .... .... .... .... = Traffic class: 0x000000e0
.... .... .... 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000
Payload length: 400
Hop limit: 255
Source: fe80::2027:9779:3775:5cf8 (fe80::2027:9779:3775:5cf8)
Destination: fe80::38b1:e73c:c0f0:4442 (fe80::38b1:e73c:c0f0:4442)
Internet Control Message Protocol v6
Type: 135 (Neighbor solicitation)
Code: 0
Checksum: 0x64e3 [correct]
Target: fe80::38b1:e73c:c0f0:4442 (fe80::38b1:e73c:c0f0:4442)
ICMPv6 Option (Source link-layer address)
Type: Source link-layer address (1)
Length: 8
Link-layer address: ca:03:42:76:00:08
SNIP
The Source Layer Address is
provided to avoid the request
in the other direction

DUPLICATED ADDRESS DETECTION (DAD)
§ ICMP Type = 135
§ Dst = solicited node multicast address of A
§ Data = link-layer of A
§ Query: What is your link layer address ?
§ If no NA received, the address can be considered unique
§ A sends a NA to claim this address

DUPLICATE ADDRESS DETECTION DEBUG
§ DAD Debug on a Cisco Router
Apr 18 09:57:31: ICMPv6-ND: L3 came up on GigabitEthernet0/2
Apr 18 09:57:31: IPv6-Addrmgr-ND: DAD request for 2000:1::1 on
GigabitEthernet0/2
Apr 18 09:57:31: ICMPv6-ND: Sending NS for 2000:1::1 on
GigabitEthernet0/2
Apr 18 09:57:32: IPv6-Addrmgr-ND: DAD: 2000:1::1 is unique.
Apr 18 09:57:32: ICMPv6-ND: Sending NA for 2000:1::1 on
GigabitEthernet0/2
Apr 18 09:57:32: IPv6-Address: Address 2000:1::1/64 is up on
GigabitEthernet0/2

REDIRECT
§ A Redirect is sent by a Router to provide a better Next-hop for a destination
§ This is sent after the Router has forwarded a packet on the interface used to
receive a packet
§ Can be used by DoS Attacks (IPv4 or IPv6)
§ May be disabled by most OS (IPv4 or IPv6)

REDIRECT: H1 DEFAULT ROUTE VIA R1

REDIRECT: H1 ROUTE TO H2 VIA R2

ROUTER ADVERTISEMENT (RA)
§ A Router Advertisement is sent by a Router to announce its availability as a
Router with its Link-local IPv6 Address
§ Router Advertisement also provides a configuration parameter to use on the
link:
§ MTU
§ Availability of DHCPv6 for configuration
§ Hop Limit
§ Available Prefixes on the link and whether these prefixes can be used for
autoconfiguration
§ Addresses of DNS Servers
§ Router Advertisement can be sent Unsolicited on a regular basis
§ Router Advertisement can be requested by a Router Solicitation
§ May be used by hacker (RFC6102)

ND – ROUTER ANNOUNCEMENT (RA)
§ Src = Router Link-Local
§ Dst = All nodes multicast address, FF02::1
§ Data = Options, prefix, lifetime, autoconfig flag
§ Cisco Router configuration
§ Ipv6 unicast-routing

RA FIELDS DESCRIPTION
§ Router link-local address
§ Lifetime: The time that this router will be considered active. A Lifetime of zero is
used by a router which cannot be used as a default router.
§ Hops: Default Hop-Limit to use on this link.
§ MTU: Default MTU to use on this link
§ Reachable time: Used by NUD. A length of time that a node considers a neighbor
reachable until another reachability confirmation is received from that neighbor.
§ Retransmit time: Used by Address Resolution and NUD. It specifies the minimum
time, in milliseconds, between retransmitted Neighbor Solicitation messages.
§ AddrFlag: This is the Managed Address flag used to signal the use of DHCPv6 for
Address and Other configuration.When set the OtherFlag is redundant.
§ OtherFlag: Used to signal the use of DHCPv6 for other parameter configuration.
§ There is also a 1-bit autonomous address-configuration flag in the Prefix Option.
When set indicates that this prefix can be used for stateless address configuration

RA ON CISCO ROUTER - SHOW IPV6 ROUTERS
hote#show ipv6 routers
Router FE80::2038:148E:B9DF:FD6D on FastEthernet0/0, last update 2
min
Hops 64, Lifetime 1800 sec, AddrFlag=0, OtherFlag=0, MTU=1500
HomeAgentFlag=0, Preference=Medium
Reachable time 0 (unspecified), Retransmit time 0 (unspecified)
Prefix 2001::/64 onlink autoconfig
Valid lifetime 2592000, preferred lifetime 604800
Note: A router which cannot be used as a default router sends RA with Lifetime=0

RA CAPTURE
0110 .... = Version: 6
[0110 .... = This field makes the filter "ip.version == 6"
possible: 6]
.... 0000 0000 .... .... .... .... .... = Traffic class: 0x00000000
.... .... .... 0000 0000 0000 0000 0000 = Flowlabel:
0x00000000
Payload length: 104
Hop limit: 255
Source: fe80::207:cbff:fe3e:b6b3
(fe80::207:cbff:fe3e:b6b3)
Destination: ff02::1 (ff02::1)
Internet Control Message Protocol v6
Type: 134 (Router advertisement)
Code: 0
Checksum: 0xf74b [correct]
Cur hop limit: 64
Flags: 0x00
Router lifetime: 1800
Reachable time: 0
Retrans timer: 0
ICMPv6 Option (Prefix information)
Type: Prefix information (3)
Length: 32
Prefix length: 64
Flags: 0xc0
Valid lifetime: 86400
Preferred lifetime: 86400
Prefix: 2a01:e35:2f26:d340::
ICMPv6 Option (Recursive DNS Server)
Type: Recursive DNS Server (25)
Prefix
Length: 40
Reserved
DNS Servers Address
Lifetime: 600
Recursive DNS Servers: dns3.proxad.net (2a01:e00::2)
Recursive DNS Servers: dns2.proxad.net (2a01:e00::1)
ICMPv6 Option (MTU)
Type: MTU (5)
Length: 8
MTU: 1480
ICMPv6 Option (Source link-layer address)
Type: Source link-layer address (1)
Length: 8
Link-layer address: 00:07:cb:3e:b6:b3
Source
MAC @
MTU
All node link-local
address
Router
Lifetime

§ RA can include the DNS Server Addresses (Recursive DNS Option)
§ MAC OS X 10.7 supports this option
§ RDNSS config in rtadvd.conf to configure the Linux rtadvd daemon
interface eth0 {
AdvSendAdvert on;
prefix 2001:db8:cafe:1::/64 {
AdvOnLink on;
AdvAutonomous on;
};
rdnss 2001: db8:cafe:1::1 {
};
}
DNS SERVER ANNOUNCED IN RA (RFC 6106)

ALU 7750 CONFIGURATION OF THE RA
RA must be authorized as they are not generated by default.
CLI Syntax: config>router# router-advertisement
interface ip-int-name
current-hop-limit number
managed-configuration
max-advertisement-interval seconds
min-advertisement-interval seconds
mtu mtu-bytes
other-stateful-configuration
prefix ipv6-prefix/prefix-length
autonomous
on-link
preferred-lifetime {seconds | infinite}
valid-lifetime {seconds | infinite}
reachable-time milli-seconds
retransmit-time milli-seconds
router-lifetime seconds
no shutdown
use-virtual-mac

ALU 7750 RA CONFIGURATION
Router-advertisement
Syntax router-advertisement
Context config>router
Description This command configures router advertisement properties. By
default, it is disabled for all IPv6 enabled interfaces.
The no form of the command disables all IPv6 interface.
However, the no interface interface-name command disables
a specific interface.
Default disabled

ALU 7750 RA CONFIGURATION
Prefix
Syntax [no] prefix [ipv6-prefix/prefix-length]
Context config>router>router-advert>if
Description This command configures an IPv6 prefix in the router advertisement
messages. To support multiple IPv6 prefixes, use multiple prefix statements.
No prefix is advertised until explicitly configured using prefix statements.
Default none
Parameters ip-prefix The IP prefix for prefix list entry in dotted decimal notation.
Values ipv4-prefix a.b.c.d (host bits must be 0)
ipv4-prefix-length 0 — 32
ipv6-prefix x:x:x:x:x:x:x:x (eight 16-bit pieces)
x:x:x:x:x:x:d.d.d.d
x: [0 — FFFF]H
d: [0 — 255]D
ipv6-prefix-length 0 — 128
prefix-length Specifies a route must match the most significant bits and
have a prefix length.
Values 1 — 128

ND – ROUTER SOLICITATION
§ Src = :: or link-local address
§ Dst = All routers multicast address
§ When a station boots, it must send a RS message to request routers
information

NEXT-HOP DETERMINATION
§ This is different from IPv4 as two nodes can be neighbors with different
prefixes.
§ A neighbor will be considered on-link if:
§ It is covered by a prefix of the link
§ It has received a NA for this address
§ It has received any ND message from this address
§ It has received an RA with this prefix in the prefix list
§ It has received a REDIRECT message with a target equal to this address

STATELESS ADDRESS AUTOCONFIGURATION (SLAAC)
RFC 4862, IPv6 Stateless Address Autoconfiguration
§ RS/RA to request prefixes available to build addresses
§ DAD to test the new addresses

AUTOCONFIGURATION WITH DHCPV6
§ Stateful Autoconfiguration avec DHCPv6 RFC3315
§ DHCPv6 provides address and other parameters
(DNS, domain name, SIP…)
§ Stateless Autoconfiguration with DHCPv6
§ SLAAC used for address configuration
§ DHCPv6 for the other information (DNS, Domain Name)
§ Prefix Delegation
§ DHCPv6 can be used to provide a prefix which can be subnetted
§ The Service Provider useS DHCPv6 PD to allocate a block of addresses for
the customer

STATEFUL OR STATELESS AUTOCONFIG DHCPV6
§ IPv6 routers signal how DHCPv6 can be used by end nodes
§ RA M bit « Managed Address Configuration » is set if DHCPv6 must be used
for address configuration. If M bit is set, the O bit is redundant as DHCPv6
will be used to get all the configs.
§ RA O bit « Other Stateful Configuration » is set if DHCPv6 must be used for
other configurations
§ M and possibly O bits are set in the RA for DHCPv6 stateful autoconfiguration
§ M = 0 and O = 1 in the RA for DHCPv6 stateless autoconfiguration
§ DHCPv6 clients and relays use IPv6 Multicast addresses
§ « ff02::1:2 » All relays agents and servers link-local address
§ « ff05::1:3 » All DHCPv6 servers site-local address

AUTOCONFIGURATION (STATEFUL DHCPV6)
Address and Other
parameters are configured
from DHCPv6
DHCPv6 with Rapid Commit (C) 2012 FRED BOVY EIRL. IPV6 FOR LIFE!

AUTOCONFIGURATION (STATELESS DHCPV6)
DHCPv6 with Rapid Commit
Address
configuration
from the prefix
received in the
RA (SLAAC)
Other parameters
are given by a
DHCPv6 Server

FULL AUTOCONFIGURATION PROCESS

MAIN ALGO OF AUTOCONFIGURATION PROCESS
Derive the link-local
address
FE80::[Interface ID]
Send NS to the solicited
node multicast address
derived from the link-local
NA received ? Stop
Initialize the link-local
Send RS
RA Received ? Use DHCPv6
and exit
Set Hop Limit,
Reachable Time,
Retrans Timer, MTU
Prefix
Information
present ?
A
B
Managed
Address
Configuration
Flag = 1 ?
Other
Configuration
Flag = 1 ?
Use DHCPv6
Stop
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Start

TENTATIVE IS THE AUTOCONF PROCESS STARTING…
§ First Step
§ Address verification with « Duplicate Address Detection (DAD) »
§ Can only receive a response to the DAD NS Request
Valid
Preferred Deprecated
Tentative Invalid
Preferred Lifetime
Valid Lifetime

AUTOCONFIG: PREFERRED LIFETIME
§ The address is verified by DAD and can be used to send and receive unicast
traffic.
§ The address can be used for new connections or by existing one
§ The Preferred Lifetime is determined by the field Preferred Lifetime included in
the RA Prefix Information or the Preferred-Lifetime Option in the DHCPv6 IA
Address
Valid
Tentative Invalid
Preferred Lifetime
Valid Lifetime

AUTOCONFIG: DEPRECATED
§ The address has been verified by DAD
§ A New connection should not use this address
§ Existing communications can use this address
Valid
Tentative Invalid
Preferred Lifetime
Valid Lifetime

AUTOCONFIG: VALID LIFETIME
§ The address can be used to send and receive unicast traffic
§ Valid state includes preferred and deprecated
§ The Valid Lifetime is determined by the field Valid Lifetime included in the RA
Prefix Information or the Valid-Lifetime Option in the DHCPv6 IA Address
Valid
Tentative Invalid
Preferred Lifetime
Valid Lifetime

RA PREFIX OPTION
ipv6 nd prefix <prefix/mask>[Valid]
[Preferred][no-advertise| off-link | no-autoconfig]
A
Take the first
prefix
information
On-Link
Flag = 0 ?
Ignore
the prefix
Autonomous
Flag = 0 ?
No
No
Derive the Stateless
address
Prefixe:[interface ID]
Send NS to the
matching solicited
node multicast
address
NA
Received ?
Other prefixes to
process
Yes
Initialise the
Stateless
address
Go to next prefix
B
No
No
Yes Do not initialize
the stateless
address
Preferred > Yes
Valid
Valid = 0
Ignore
the prefix
Ignore
the prefix
Ignore
the prefix
No
Yes
Yes
Yes

AUTOCONFIG: INVALID
§ The address cannot be used to send or receive traffic
§ The address reaches the Invalid state when the Valid Lifetime has expired
Valid
Tentative Invalid
Preferred Lifetime
Valid Lifetime

AUTOCONFIG - SHOW IPV6 INTERFACE
hote#sh ipv6 int fa0/0
FastEthernet0/0 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::38B1:E73C:C0F0:4442
No Virtual link-local address(es):
Global unicast address(es):
BAD:1:2:FC64:8ECC:593A:15C3:654, subnet is BAD:1:2:FC64:8ECC:593A:
15C3:654/128
2001::20EC:31D3:14CB:A7A, subnet is 2001::/64
Joined group address(es):
FF02::1
FF02::1:FFC3:654
FF02::1:FFCB:A7A
FF02::1:FFF0:4442
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 37164)
Default router is FE80::2038:148E:B9DF:FD6D on FastEthernet0/0
hote#

RFC 2894 ROUTER RENUMBERING FOR IPV6
§ Node renumbering is performed, thanks to RA
§ Old prefix is announced with Preferred Lifetime very small or
null and the new prefix with a normal Preferred Lifetime
§ Hosts will have two prefixes
§ Address built from old prefix will be deprecate
§ New connections use the new prefix
§ After some time, the connections will be set on the new prefix
§ Router only announces the new prefix
§ The Old prefix will be invalid

RENUMBERING SCENARIO
Routers Configuration
RA
Preferred Prefix:
2001:db8:cafe:2::/64
Deprecated Prefix:
2001:db8:cafe:1::/64
Host
Preferred address: 2001:db8:cafe:2:1:4567:9f0:1
Deprecated address: 2001:db8:cafe:1:4567:9f0:1
Valid
Preferred
interface Ethernet0
ipv6 nd prefix 2001:db8:cafe:1::/64 43200 0
ipv6 nd prefix 2001:db8:cafe:2::/64 43200 43200

NDP PDU SUMMARY
Message Goal ICMP
Code
Sender Target Option
Router Solicitation
(RS)
Resuest an immediate RA 133 Host All Routers SLLA
Router Advertisement
(RA)
Announce: defaut router,
prefixes, parameters
134 Routers RS Sender or all host SLLA, MTU, Prefix, Route,
Interval, Home Agent info
Neighbor Solicitation
(NS)
Request the Link layer address
of the target.
Also used to send probe (NUD)
135 Hosts Multicast Solicited
node address or
unicast of the target
SLLA
Neighbor
Advertisement (NA)
Answer to the NS 136 Hosts Sender of the NS or all
hosts
TLLA
Redirect Information of a better next hop
for a destination
137 Routers Host which triggers the
Redirect
TLLA
Redirected header
Inverse neighbor
Solicitation (INS)
Request an IPv6 address
matching a Link layer address
141 Hosts All hosts SLLA, TLLA, MTU, Source
address list
Inverse Neighbor
Advertisement (INA)
Answer to INA 142 Hosts INS Sender SLLA, TLLA, Target
addresses list, MTU

INTERESTING RFCS
§ RFC 2460 IPv6 Specification
§ RFC 5095 Deprecation of Type 0 Routing Headers in IPv6
§ RFC 4291 IPv6 Addressing Architecture
§ RFC 4861 Neighbor Discovery
§ RFC 4862 IPv6 Stateless Auto config
§ RFC 4443 ICMPv6 Specification

CONCLUSION
§ NDP is part of any IPv6 stack
§ NDP provides many services allowing address and default router
autoconfiguration
§ NDP checks the Neighbor availability
§ NDP is vulnerable to DoS attacks. See RFC3756.

OBJECTIVES
§ Understand DHCPv6
§ Understand the support of DNS for IPv6
§ Understand Mobile IPv6
§ Find a list of IPv6 ready network application
§ 1949 applications supporting IPv6
§ http://www.ipv6-to-standard.org/
§ How to test your stack and ISP
§ http://test-ipv6.com/

STATEFUL DHCPv6 SIGNALIZATION
§ Stateful Autoconfiguration with DHCP for IPv6
RFC3315
§ IPv6 routers signal the use of DHCPv6
§ M-bit flag « Managed Address Configuration » is set when address and
network parameters configuration are available from DHCPv6
§ O-bit flag « Other Stateful Configuration » is set when Other parameters
configuration must be performed with DHCPv6

DHCP MOST IMPORTANT TERMINOLOGY
DHCP = Unique IDentifier
http://tools.ietf.org/html/rfc3315#section-9
DHCP Client or Server has its DUID. It is based on the LL Address, the Vendor, the enterprise, the Time… What I
have seen the Most for the moment was Link Layer (LL or MAC Address).
Veryy important as DHCP uses multicast to communicate with ALL DHCP nodes. DUID is the used to fins the right
node.
IA = Identity Association
http://tools.ietf.org/html/rfc3315#section-10
Each IA must be associated with exactly one interface. Each Interface May have multiple prefixes but will have ONE
IA. This is a logic construct that can be used for a group of interfaces which play the same role.
« Each address in an IA has a preferred lifetime and a valid lifetime, as defined in RFC 2462 [17]. The lifetimes are
transmitted from the DHCP server to the client in the IA option. The lifetimes apply to the use of IPv6
addresses, as described in section 5.5.4 of RFC 2462. » From RFC 3315 Section 10.
IMPORTANT: When theses timers need to be changed, it is from the Server, the source! Changing the routers
timers has no effects.

HOW ADDRESSES ARE TRANSPORTED ?
OPTION_IA_NA option-len
IAID
T1
T2
IA_NA-options
OPTION_IA_TA option-len
IAID
IA_TA-options
IA_NA
OPTION_IAADDR OPTION_LEN
IPv6 ADDRESS
PREFERRED_LIFETIME
VALID_LIFETIME
IAaddr-options
IA_TA
IA Address Option
Non
Temporary
Addresses
With
DHCPv6
Timers
Temporary
Addresses
No Timers,
Managed
by the
Upper
Layer!
IPv6
Address
and
Timers.
0xffffffff
is infinity

DHCPV6 MULTICAST ADDRESSES
§ "ff02::1:2" Link-local scope. All Relay agent and servers
§ "ff05::1:3" Site-Local scope. All DHCPv6 servers
DHCPv6 Client DHCPv6 Server
SOLICIT ff02::1:2
Advertize fe80::1
Request ff02::1:2
Reply fe80::1
fe80::1
YES. I am here and I
can provide you with
blah blah blah!
I Want to reserve:
2001:db8:12:FD:45:fa:F
And Use domain
fredbovy.com
And DNS Server:
2a01::1, 2a01::2
YES You got it!
It’s all for you!

DHCPv6 CLIENT – SERVER
Solicit
Dst:All_DHCP_Relay_Agents_and_Servers (FF02::1:2)
Src: Client Link-local address
Advertise
Dst: Client Link-local address
Src: Server Link-local address
Request
Dst: Server Dst:All_DHCP_Relay_Agents_and_Servers (FF02::1:2)
Reply

DHCPv6 CLIENT – RELAY – SERVER
Solicit
Dst:All_DHCP_Relay_Agents_and_Servers
(FF02::1:2)
Request
Dst: Server Dst:All_DHCP_Relay Agents_and_Servers
(FF02::1:2)
Relay-reply
DHCPv6 Relay
Relay-Forward
to All_DHCP_Servers (FF05::1:3)
Relay-reply
Advertise
Relay-Forward
to All_DHCP_Servers (FF05::1:3)
Reply

DHCPv6 SOLICIT (1)
0110 .... = Version: 6
.... 1110 0000 .... .... .... .... .... = Traffic class: 0x000000e0
.... .... .... 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000
Payload length: 56
Nxt header: UDP (0x11)
Hop limit: 255
Source: fe80::38b1:e73c:c0f0:4442 (fe80::38b1:e73c:c0f0:4442)
Destination: ff02::12 (ff02::1:2)
User Datagram Protocol, Src Port: dhcpv6-client (546), Dst Port: dhcpv6-server (547)
Source port: dhcpv6-client (546)
Destination port: dhcpv6-server (547)
Length: 56
Checksum: 0x86f0 [validation disabled]
Link-Local All Servers and Relays
dhcpv6-client: 546
dhcpv6-server: 547

DHCPv6 SOLICIT (2)
DHCPv6 Message type: Solicit (1)
Transaction-ID: 0x00b44306
Elapsed time
option type: 8
option length: 2
elapsed-time: 0 ms
Client Identifier
option type: 1
option length: 10
DUID type: link-layer address (3)
Hardware type: Ethernet (1)
Option Request
option type: 6
option length: 4
Requested Option code: DNS recursive name server (23)
Requested Option code: Domain Search List (24)
Identity Association for Non-temporary Address
option type: 3
option length: 12
IAID: 262145
T1: 0
T2: 0
DNS Server Address
Domain Name
Non-Temporary Address

DHCPv6 ADVERTISE (2)
DHCPv6 Message type: Advertise (2)
Transaction-ID: 0x00b44306
Server Identifier
option type: 2
option length: 10
Client Identifier
option type: 1
option length: 10
Server Identifier
Client Identifier
Identity Association for Non-temporary Address
option type: 3
option length: 40
IAID: 262145
T1: 43200
T2: 69120
IA Address
option type: 5
option length: 24
IPv6 address: bad:1:2:2d98:8e14:c0b1:6ef5:8548
Preferred lifetime: 86400
Valid lifetime: 172800
Domain Search List
option type: 24
option length: 14
DNS Domain Search List
Domain: fredbovy.com
IPv6 Address
Domain Name

DHCPV6 SERVER STATUS
R4>show ipv6 dhcp
This device's DHCPv6 unique identifier(DUID): 00030001CA0342760008
R4>show ipv6 dhcp int
FastEthernet0/0 is in server mode
Using pool: fred
Preference value: 0
Hint from client: ignored
Rapid-Commit: disabled
R4#show ipv6 dhcp pool
DHCPv6 pool: fred
Static bindings:
Binding for client BADCAF0E
IA PD: IA ID not specified
Prefix: DEAD:BEEF::/48
preferred lifetime 604800, valid lifetime 2592000
Address allocation prefix: DEAD:BEEF:1:2:3::/64 valid 172800 preferred 86400 (1
in use, 0 conflicts)
Domain name: fredbovy.com
Active clients: 1

DHCPV6 SERVER ALLOCATION
R4#show ipv6 dhcp bind
Client: FE80::38B1:E73C:C0F0:4442
DUID: 00030001CA0242760008
Username : unassigned
IA NA: IA ID 0x00040001, T1 43200, T2 69120
Address: DEAD:BEEF:1:2:6090:18A5:E017:DE5C
expires at Aug 11 2010 03:23 PM (172554 seconds)

DHCPv6 CLIENT
hote#show ipv6 dhcp interface
FastEthernet0/0 is in client mode
Prefix State is IDLE
Address State is OPEN
Renew for address will be sent in 11:39:08
List of known servers:
Reachable via address: FE80::2027:9779:3775:5CF8
DUID: 00030001CA0342760008
Preference: 0
Configuration parameters:
IA NA: IA ID 0x00040001, T1 43200, T2 69120
Address: BAD:1:2:FC64:8ECC:593A:15C3:654/128
expires at Aug 11 2010 02:36 PM (171549 seconds)
Domain name: fredbovy.com
Information refresh time: 0
Prefix Rapid-Commit: disabled
Address Rapid-Commit: disabled
Configuration:
interface FastEthernet0/0
ipv6 address dhcp

DHCPv6 OPERATION
*Aug 9 15:34:32.806: IPv6 DHCP: Received REPLY from FE80::2027:9779:3775:5CF8 on FastEthernet0/0
*Aug 9 15:34:32.806: IPv6 DHCP: IA_NA 00040001 contains status code NOADDRS-AVAIL
*Aug 9 15:34:32.806: IPv6 DHCP: DHCPv6 address changes state from REQUEST to SOLICIT (ADDR_NAK)
on FastEthernet0/0
*Aug 9 15:34:32.806: IPv6 DHCP: No matching transaction ID in REPLY from
FE80::2027:9779:3775:5CF8 on FastEthernet0/0
*Aug 9 15:34:33.782: IPv6 DHCP: Sending SOLICIT to FF02::1:2 on FastEthernet0/0
*Aug 9 15:34:33.786: IPv6 DHCP: Received ADVERTISE from FE80::2027:9779:3775:5CF8 on
FastEthernet0/0
*Aug 9 15:34:33.786: IPv6 DHCP: Adding server FE80::2027:9779:3775:5CF8
*Aug 9 15:34:33.786: IPv6 DHCP: Received ADVERTISE from FE80::2027:9779:3775:5CF8 on
FastEthernet0/0
*Aug 9 15:34:34.858: IPv6 DHCP: Sending REQUEST to FF02::1:2 on FastEthernet0/0
*Aug 9 15:34:34.858: IPv6 DHCP: DHCPv6 address changes state from SOLICIT to REQUEST
(ADDR_ADVERTISE_RECEIVED) on FastEthernet0/0
*Aug 9 15:34:34.858: IPv6 DHCP: Processing options
*Aug 9 15:34:34.862: IPv6 DHCP: Adding address DEAD:BEEF:1:2:C541:3F5C:EA1A:BE21/128 to
FastEthernet0/0
*Aug 9 15:34:34.870: IPv6 DHCP: T1 set to expire in 43200 seconds
*Aug 9 15:34:34.870: IPv6 DHCP: T2 set to expire in 69120 seconds
*Aug 9 15:34:34.870: IPv6 DHCP: Configuring domain name fredbovy.com
*Aug 9 15:34:34.870: IPv6 DHCP: DHCPv6 address changes state from REQUEST to OPEN
(ADDR_REPLY_RECEIVED) on FastEthernet0/0
*Aug 9 15:34:34.870: IPv6 DHCP: DHCPv6 address changes state from OPEN to OPEN
(ADDR_REPLY_RECEIVED) on FastEthernet0/0 (C) 2012 FRED BOVY EIRL. IPV6 FOR LIFE!

STATELESS DHCPV6
§ IPv6 Routers signal the DHCPv6 utilization
§ M bit = 0 « Managed Address Configuration » to use SLAAC for address
autoconfiguration
§ O bit = 1 « Other Stateful Configuration » to use DHCPv6 for Other
parameter configuration
§ Address is configured by SLAAC
§ Other parameters are then requested to the DHCPv6 Server

DHCP PREFIX DELEGATION
§ DHCPv6 PD Server allocates a block of addresses
§ The block received by the client is then subnetted to configure each interface

ISENTITY ASSOCIATION IA_PD
IA_PD Prefix option
IPv6 prefix
(16 octets)
IA_PD option
Option_IA_PD option-length
IAID (4 Octets)
T1
T2
OPTION_IAPREFIX option-length
preferred-lifetime
valid-lifetime
prefix-length
IPprefix-options
IA _PD-options

DHCP PREFIX DELEGATION
IPv6
2001:db8:1:1::/64
DHCP PD
Client
DHCP PD Server
2001:db8:1::/48
RA
ISP
2001:db8::/32
2001:db8:2:1::/64
RA
2001:db8:2:2::/64
RA
2001:db8:2::/48

DHCP-PD OPERATION
2001:db8:678::/32 DHCP-PD Server
2001:db8:678::1/64
DHCPv6 Client
IPv6
Internet
DHCP-PD Relay
2001:341f::1:57/64
2001:341f::/32
Prefix-List
2001:db8:678::/64
M=0, O=0
(SLAAC)
DHCPv6-PD Client
May Use LL for the p2p Link Address

5:00AM FIRST HOME OFFICE DHCP-PD USER
COMES UP!
IPv6
Internet
2001:341f::1:57/64
IPv6 Private Network
2001:db8:678::1
2001:db8:678:1::/56 2001:db8:658::/48
8 bits for Subnets
2001:db8:678:10::/64
2001:db8:678:11::/64
...
DHCP-PD Server
Relay_Forward (Solicit)
Advertize
Request IA_PD
First Block Reply IA_PD
2001:db8:678::/56
IPv6
Internet
IPv6
Internet
AS 610
AS 413
2001:413::/32
AS 341F
2001:341F::/32
FTTH
Solicit IA_PD
Home Network
2001:db8:678::/64
2001:db8:678:d340:98:22ac:f9:1
Managed=0, Other=0
MTU=1500, Hop Limit=64
Retrans Timer=0 (Unsp)
Reachable Time=0 (Unsp)
Prefix:
2001:db8:678::/56
On-Link=1
Autonomous=1
Valid=7200
Preferred=1200
3
1a
1b
2b
DHCP-PD Relay

7:00 AM DHCP-PD FIRST OFFICE COMES UP
IPv6
Internet
2001:341f::1:57/64
IPv6 Private Network
2001:db8:658::/48
2001:db8:678:1::/56
8 bits for Subnets
2001:db8:678:10::/64
2001:db8:678:11::/64
...
DHCPv6-PD Client
DHCP-PD Server
Relay_forward (Solicit IA_PD)
Request IA_PD
Reply IA_PD
First Block
2001:db8:678::/56
Home Network
2001:db8:678::/64
IPv6
Internet
IPv6
Internet
AS 610
2001:610::/32
AS 413
2001:413::/32
AS 341F
2001:341F::/32
FTTH
DHCPv6 Relqy
P2P LL Address
SOLICIT IA_PD
Relay_Reply(Solicit IA_PD)
Advertise IA_PD
REPLY IA_PD
Request IA_PD

DOMAIN NAME SERVICES (DNS)
§ RFC1035, RFC1036
§ To Provide Name to addresses resolution
§ To Provide address to name resolution
§ To Find Mail Servers in a domain to allow eMail routing
§ Key component in network architecture
§ Request and Replies are encapsulated in UDP port 53 messages
§ DNS Message Length is limited to 512 bytes
§ DNSSEC is an effort to offer a secure DNS service
§ Nodes and even Subnets discovery became difficult with IPv6 addresses
therefore DNS is likely to get used to discover target

THE DNS TREE STRUCTURE
.
Root « . »
arpa edu gov net com ca au za
In-addr ip6 coca-cola mcDo company google
bill sec head
TLD
Second
Level
Domain
Third
Level
Domain

RESOLUTION OF FRED.EXAMPLE.COM
DNS
Root DNS
« . »
TLD DNS
.com.
Domain
DNS
example.com.
Query=fred.example.com
Referral to .com gTLD DNS
Referral to example.com DNS
Authoritative Answer

§ For Address to Name Resolution
http://www.iana.org/domains/arpa/
http://tools.ietf.org/html/rfc5855
REVERSE MAPPING
.
arpa edu
In-addr
ip6
0 1 2 194 195
47
37
2 2.37.47.195.in-addr.arpa

ROOT DNS SERVERS
§ They return the addresses of the TLD Servers
§ 13 IP anycast addresses are used
§ 13 ipv4 addresses can be sent in a 512 (436) bytes UDP message!
§ 200+ physical servers around the globe
§ Domain root-servers.net: a.root-servers.net through m.root-servers.net
§ In Europe, RIPE Servers k.root-servers.net are located in Amsterdam, Athens,
Doha, Frankfurt, London and Milan. IPv4:193.0.14.129, IPv6:2001:7fd::1
§ IPv6 addresses are already supported by 9 of the 13 root-servers
§ Requirements of a Root Server are in RFC2870
§ http://www.iana.org/domains/root/

TOP LEVEL DOMAIN (TLD) DNS SERVERS
§ They return the address of the NS for a User domain
§ The full list is at http://www.iana.org/domains/root/db/
§ Generic Top-Level-Domains (gTLD):
§ .com
§ .edu
§ .net
§ .org
§ .mil, etc…
§ Country Code Top-Level-Domains (ccTLD):
§ .us, .ca, .fr, .uk, etc…

THE EXAMPLE.COM DNS SERVERS
§ Primary or Master and Secondary or Slave DNS Server
§ To increase performance and reliability of DNS, there is more than one DNS
server for each domain.
§ The Master Zone file describing the zone is located on the Primary server
§ The Secondary Server is synchronized with the Primary, thanks to Zone
Transfer
DNS Slave Zone
DNS Slave Zone
§ Caching only Servers
DNS Master
Zone
DNS Slave Zone
Zone Transfer
Master Zone File

ZONE AND ZONE FILES: CONFIG FOR A ZONE
§ Zone files translate the domain name into operational entities
§ Zone Files contain:
§ Data that describe the zone authority, known as the Start of Authority (S0A)
Resource Record.
§ All the hosts within the zones.
§ A Resource Record for an IPv4 Address
§ AAAA Resource Record for an IPv6 Address
§ Data that describes global information for the zone. MX Resource Records
for the domain’s mail servers and NS Resource Records for the Name
Servers
§ In the case of a subdomain delegation, the name servers are responsible for
this subdomain…

RECURSIVE AND ITERATIVE QUERIES
§ The simplest mode for the server is non-recursive, since it can answer queries
using only local information: the response contains an error, the answer, or a
referral to some other server "closer" to the answer.
§ All name servers must implement non-recursive queries.
§ The simplest mode for the client is recursive, since in this mode the name server
acts in the role of a resolver and returns either an error or the answer, but never
referrals.
§ This service is optional in a name server. The name server may also choose to
restrict the clients that can use recursive mode.

RECURSIVE QUERY
§ All servers do not support Recursive Query
§ Root and TLD servers do not support Recursive Query
1
Name Server
Root Name Server
Authoritative Name
Server for TLD com
Authoritative Name
Server for
2
3
4
5
Cache company.com
Client Resolver

ITERATIVE QUERY
Name Server
Root Name Server
Authoritative Name
Server for TLD com
Authoritative Name
Server for
company.com
Client Resolver
2
Query
Referal
1
Query
Referal
4
Query
Authoritative
answer
3
Query
Referal
5
Cache
All servers support Iterative Query

IPV6 SUPPORT IN DNS
§ RFC1886 describes how to accommodate IPv6 Addresses in DNS
§ AAAA Resource Record to store 128 bits addresses
§ IPv6 reverse mapping uses the PTR RR in the first place under domain ip6.int
replaced by ip6.arpa
§ More complex solution A6/DNAME
§ After many discussions, this was moved to Experimental status
§ DNS requests must be transported in IPv6
§ DNS Root servers and Top-level domains must support IPv6
§ 9 of the 13 root-servers are IPv6 ready
§ DNS messages larger than 512 bytes must be supported (EDNS0) and not filtered by
firewalls

AAAA AND IPV6.ARPA
§ AAAA is written like an IPv6 address. Leading zeros can be omitted
§ ipv6-host IN AAAA 2001:db8:1:2:3:4:567:89ab
§ Ip6.arpa is the reverse-mapping name space for IPv6 addresses. Each level of
subdomain under ip6.arpa represents four bits of the 128-bit address. Omitting leading
zeros is not allowed, so there are always 32 hex digits and 32 levels of subdomain
below ip6.arpa in a domain name corresponding to a full ipv6 address.
§ b.a.9.8.7.6.5.0.4.0.0.0.3.0.0.0.2.0.0.0.1.0.0.0.8.b.d.
0.1.0.0.2.ip6.arpa.

AAAA RESOURCE RECORD SYNTAX
name ttl class ipv6
§ ipv6-host IN AAAA 2001:db8:1:2:3:4:567:89ab
§ name: ipv6-host.The name is unqualified, causing the $ORIGIN directive value to be
substituted. You could have written this as ns1.example.com. (using the FQDN format),
which may be more understandable.
§ ttl: There is no ttl value defined for the RR, so the zone default from the $TTL directive
will be used.
§ class: IN. Defines the class to be Internet
§ ipv6: 2001:db8:1:2:3:4:567:89ab. This is a Global Unicast address.

ADDING AAAA TO FORWARD-MAPPING ZONES
§ A and AAAA can coexist for dual-stack hosts:
Skydive IN A 192.239.120.111
IN AAAA 2001:db8:cafe:f1::e1
§ Another option is to create one entry for each protocol
Skydive IN A 192.239.120.111
skydive-v6 IN AAAA 2001:db8:cafe:f1::e1
or
skydive.v6 IN AAAA 2001:db8:cafe:f1::e1

ZONE FILE WITH IPV6 SUPPORT EXAMPLE (1)
; transitional IPv6/IPv4 zone file for example.com
$TTL 2d ; default TTL for zone
SOA Resource
$ORIGIN example.com.
Record
; Start of Authority RR defining the key characteristics of the zone (domain)
@ IN SOA ns1.example.com. hostmaster.example.com. (
2003080800 ; sn = serial number
12h ; refresh
15m ; retry = update retry
3w ; expiry
2h ; min = minimum
)
; name server RRs for the domain
IN NS ns1.example.com.
; the second name server is
; external to this zone (domain) .
IN NS ns2.example.net.
Name Servers

ZONE FILE WITH IPV6 SUPPORT EXAMPLE (2)
; mail server RRs for the zone (domain)
3w IN MX 10 mail.example.com.
; the second mail server is
; external to the zone (domain)
IN MX 20 mail.example.net.
; domain hosts includes NS and MX records defined above
; plus any others required
; the following hosts are in IPv6 subnet 1
ns1 IN A 192.168.254.2
ns1 IN AAAA 2001:db8:0:1::1
mail IN A 192.168.254.4
mail IN AAAA 2001:db8:0:1::2
; these hosts are defined to be in the IPv6 subnet 2
joe IN A 192.168.254.6
joe IN AAAA 2001:db8:0:2::1
www IN A 192.168.254.7
www IN AAAA 2001:db8:0:2::2
; aliases ftp (ftp server) to an external location
ftp IN CNAME ftp.example.net

IPV6 REVERSE-MAPPING ZONES
§ The subnet where skydive.v6.movie.edu is on 2001:db8:cafe:f9::/64 would correspond
to the reverse-mapping zone:
§ 9.f.0.0.e.f.a.c.8.b.d.0.1.0.0.2.ip6.arpa
§ IPv6 reverse-mapping zones contain PTR records, SOA record and one or more NS
record:
$TTL 1d
@ IN SOA terminator.movie.edu. hostmaster.movie.edu.
(
2011030800 ; Serial number
1h ; Refresh (1 hour)
15m ; Retry (15 minutes)
30d ; Expire (30 days)
10m ) ; Negative-caching TTL (10 minutes)
IN NS terminator.movie.edu.
IN NS wormhole.movie.edu.
3.d.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR skydive.v6.movie.edu.
4.d.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR super8.v6.movie.edu.

IPV6 PTR RESOURCE RECORD
The PTR RR is standardized in RFC 1035 and maps an IPv6 address to a particular
interface ID. Syntax is :
– name ttl class rr name
§ name: This is the subnet ID and interface ID parts of the IPv6 address written in
reverse nibble format. While this looks like a number, it is in fact treated as a name.
The name is unqualified causing the $ORIGIN directive value to be substituted.
§ ttl: There is no ttl value defined for the RR, so the zone default from the $TTL
directive will be used.
§ class: IN defines the class to be Internet
§ name: Defines that the query for <address> will return name
Example:
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.0 IN PTR joe.example.com.

REVERSE IPV6 ZONE FILE FOR EXAMPLE.COM (1)
; reverse IPV6 zone file for example.com
Prefix for all the addresses
$TTL 2d ; default TTL for zone
$ORIGIN 0.0.0.0.8.b.d.0.1.0.0.2.IP6.ARPA.
; Start of Authority RR defining the key characteristics of the zone (domain)
@ IN SOA ns1.example.com. hostmaster.example.com. (
2003080800 ; sn = serial number
12h ; refresh = refresh
15m ; retry = update retry
3w ; expiry = expiry
2h ; min = minimum
)
; name server RRs for the domain
IN NS ns1.example.com.
; the second name server is
; external to this zone (domain) .
IN NS ns2.example.net.

REVERSE IPV6 ZONE FILE FOR EXAMPLE.COM (2)
; PTR RR maps a IPv6 address to a host name
; hosts in subnet ID 1
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0 IN PTR ns1.example.com.
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0 IN PTR mail.example.com.
; hosts in subnet ID 2
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.0 IN PTR joe.example.com.
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.0 IN PTR www.example.com.
name: 2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.0
This is the subnet ID and interface ID parts of the IPv6 address
0.0.0.0.0.0.1.0.0.0 written in reverse nibble format. While this looks like a number,
it is in fact treated as a name. The name is unqualified causing the $ORIGIN directive
value to be substituted. You could have written this as
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.IP6.ARPA.
ttl: There is no ttl value defined for the RR, so the zone default of 2d
from the $TTL directive will be used.
Class: IN defines the class to be Internet
Name: www.example.com Defines that a query for 2001:db8:0:2:0:0:0:2 will return
www.example.com (C) 2012 FRED BOVY EIRL. IPV6 FOR LIFE!

BUILT-IN EMPTY REVERSE-MAPPING ZONES
§ These special addresses are resolved locally by BIND without forwarding any
request on the Internet.
Reverse-mapping Zone Name Function IPv4 Equivalent
0...ip6.arpa Unspecified IPv6 address 0.0.0.0
1.0...ip6.arpa IPv6 Loopback Address 127.0.0.1
8.b.d.0.1.0.0.2.ip6.arpa IPv6 Documentation Network 192.0.2/24
d.f.ip6.arpa Unique Local Addresses 10/8, etc.(RFC1918)
8.e.f.ip6.arpa Link-Local Addresses 169.254/16
9.e.f.ip6.arpa Link-Local Addresses 169.254/16
a.e.f.ip6.arpa Link-Local Addresses 169.254/16
b.e.f.ip6.arpa Link-Local Addresses 169.254/16

DNS REQUEST TRANSPORTED IN IPV6
0110 .... = Version: 6
[0110 .... = This field makes the filter "ip.version == 6" possible
.... 0000 0000 .... .... .... .... .... = Traffic class: 0x00000000
.... .... .... 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000
Payload length: 145
Hop limit: 255
Source: fe80::61e:64ff:feec:73a9 (fe80::61e:64ff:feec:73a9)
Destination: ff02::fb (ff02::fb)
User Datagram Protocol, Src Port: mdns (5353), Dst Port: mdns (5353)
Source port: mdns (5353)
Destination port: mdns (5353)
Length: 145
Checksum: 0x5753 [validation disabled]
Domain Name System (response)
mDNSv6
Link-local Multicast destination

IPV6 ADDRESSES IN DNS: AAAA RECORD
Type AAAA
Name: power-mac-g5-de-fred-bovy-6.local
Type: AAAA (IPv6 address)
.000 0000 0000 0001 = Class: IN (0x0001)
1... .... .... .... = Cache flush: True
Time to live: 2 minutes
Data length: 16
Addr: 2a01:e35:2f26:d340:61e:64ff:feec:73a9

DNS CAPTURE
0110 .... = Version: 6
.... 0000 0000 .... .... .... .... .... = Traffic class: 0x00000000
.... .... .... 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000
Payload length: 145
Hop limit: 255
Source: fe80::61e:64ff:feec:73a9 (fe80::61e:64ff:feec:73a9)
Destination: ff02::fb (ff02::fb)
User Datagram Protocol, Src Port: mdns (5353), Dst Port: mdns (5353)
Source port: mdns (5353)
Destination port: mdns (5353)
Length: 145
Checksum: 0x5753 [validation disabled]
Domain Name System (response)
[Request In: 788]
[Time: -404.306754000 seconds]
Transaction ID: 0x0000
Flags: 0x8400 (Standard query response, No error)
Questions: 0
Answer RRs: 1
Authority RRs: 0
Additional RRs: 3
Answers
power-mac-g5-de-fred-bovy-6.local: type A, class IN, cache flush, addr 192.168.0.15
Type: A (Host address)
.000 0000 0000 0001 = Class: IN (0x0001)
1... .... .... .... = Cache flush: True
Data length: 4
Addr: 192.168.0.15
mDNSv6 multicast address
MDNS port 5353

DNS CAPTURE (SUITE)
Additional records
power-mac-g5-de-fred-bovy-6.local: type AAAA, class IN, cache flush, addr fe80::61e:64ff:feec:73a9
.000 0000 0000 0001 = Class: IN (0x0001)
1... .... .... .... = Cache flush: True
Data length: 16
Addr: fe80::61e:64ff:feec:73a9
power-mac-g5-de-fred-bovy-6.local: type AAAA, class IN, cache flush, addr 2a01:e35:2f26:d340:61e:64ff:feec:73a9
.000 0000 0000 0001 = Class: IN (0x0001)
1... .... .... .... = Cache flush: True
Data length: 16
Addr: 2a01:e35:2f26:d340:61e:64ff:feec:73a9
power-mac-g5-de-fred-bovy-6.local: type NSEC, class IN, cache flush, next domain name power-mac-g5-de-fred-bovy-6.local
Type: NSEC (Next secured)
.000 0000 0000 0001 = Class: IN (0x0001)
1... .... .... .... = Cache flush: True
Data length: 8
Next domain name: power-mac-g5-de-fred-bovy-6.local
RR type in bit map: A (Host address)
RR type in bit map: AAAA (IPv6 address)
AAAA Record

RECURSIVE NAME SERVERS PRIMING FOR IPV6
§ Most recursive name servers perform a bootstrap process called priming to determine the
current list of root name servers, since information in the local copy of the root hints file
could be out of date.
§ To prime, a recursive name server sends a DNS query of type NS for the root (".") to one
of the root name servers listed in the local root hints file.
§ The recursive name server uses the list of root name servers in the response returned
from a live root name server for resolution purposes.
§ Priming ensures that a recursive name server always starts operation with the most up-to-date
list of root name servers.
§ The operators of nine root name servers - a, d, f, h, i, j, k, l, m - have assigned IPv6
addresses to their systems.

IPV6 AND EDNS0 SUPPORT
§ Including the IPv6 addresses at the root level of the DNS involves two related
actions on the parts of the IANA and the DNS Root Server Operators:
§ Add Resource Records of Type AAAA to the hints file.
The IANA maintains the authoritative root hints file at ftp://ftp.internic.net/
domain/.
§ Provision the 13 root name servers to return the Type AAAA records when
name server resolvers bootstrap, perform what is known as a priming.

IPV6 AND EDNS0 SUPPORT (CONT.)
§ RFC1035 specifies the maximum DNS UDP message to 512 bytes:
§ 13 IPv4 anycast addresses were used to represent 200+ Servers for the
announcement to fit in a 512 bytes message. 436 bytes actually leave room for some
options.
§ With only 5 IPv6 addresses added to the Additional Section of the DNS Type NS
response message root server operators return during the priming exchange, the size
of the response message increases from 436 bytes to 576 bytes.
§ 9 Root Servers have been assigned IPv6 addresses
§ When all 13 root name servers are assigned IPv6 addresses, the priming response
will increase in size to 811 bytes .

IPV6 AND EDNS0 SUPPORT (CONT.)
Conditions for the successful completion of a priming exchange:
§ Resolvers and any intermediate systems that are situated between resolvers
and root name servers must be able process DNS messages containing Type
AAAA resource records.
§ Additionally, resolvers must use DNS Extensions (EDNS0, RFC 2671) to notify
root name servers that they are able to process DNS response messages
larger than the 512 byte maximum DNS message size specified in RFC1035.
§ Intermediate systems must be configured to forward UDP-encapsulated DNS
response messages larger than the 512 byte maximum DNS message size
specified in RFC1035 to resolvers that issued the priming request.

TEST THE EDNS0 SUPPORT
§ To test the action a firewall implementation takes when it receives a UDP-encapsulated
DNS response message larger than 512 bytes, a network or
firewall administrator can perform the following DNS lookup using:
§ dig ns +bufsize=4096 @192.33.4.12 OR
§ dig ns +bufsize=4096 @2001:500:2D::D
§ This command should elicit a 699 bytes response that contains AAAA resource
records
§ If no response is received, network and firewall administrators should first
determine if a security policy other than the vendor's default processing for
DNS messages is blocking large response messages or large UDP messages.
If no policy other than the vendor's default processing is configured, note the
implementation and version, and contact your vendor to determine if an
upgrade or hot fix is available.

DNSSEC
§ DNSSEC is detailed in RFC4033, RFC4034 and RFC4035. A discussion of
operational practices relating to DNSSEC can be found in RFC4641.
§ In DNSSEC, a secure response to a query is one which is
cryptographically signed and validated.
§ In DNSSEC, there is no Protection against DoS attack
§ DNSSEC adds new Resource Record types: Resource Record Signature
(RRSIG), DNS Public Key (DNSKEY), Delegation Signer (DS) and Next
Secure (NSEC)
§ A signed zone will contain the 4 additional security-related records
§ DNSSEC requires support for EDNS0 (RFC2671) and DNSSEC OK (DO)
EDNS bit EDNS0 (RFC 3225)
§ In DNSSEC, the Root Zone is signed
§ http://data.iana.org/root-anchors/draft-icann-dnssec-trust-anchor.html

DYNAMIC DNS
§ DNS Servers can be updated dynamically
§ Address allocated with DHCPv6 or SLAAC automatically update the DNS
§ DNSUpdates in the Domain Name System (DNS UPDATE)
§ http://tools.ietf.org/html/RFC2136
§ Secure Domain Name System (DNS) Dynamic Update
§ http://tools.ietf.org/html/RFC3007
§ Operational Considerations and Issues with IPv6 DNS

IPV6 DEVICES MANAGEMENT
§ SNMP for IPv6
§ SNMP transported by IPv6
§ IPv6 supported by MIB.
§ First approach was to implement separate MIBs for IPv4 and IPv6
§ RFC2465 and RFC2466 now deprecated
§ Unified MIB for IPv4 and IPv6 in RFC4293
§ TELNET, SSH for IPv6
§ FTP, TFTP for IPv6
§ SYSLOG for IPv6
§ HTTP for IPv6
§ Ping, traceroute

MOBILE IPV6: RFC 3775
§ The mobile node can roam from subnet to subnet, but its source address is
unchanged for the applications.
§ No session is lost
§ The network can be hidden from the correspondent node
§ This existed in IPv4 but IPv6 greatly improved it

MOBILE IPV6 TERMINOLOGY
Home Agent The router which switches the traffic to the mobile node.
Mobile Node The roaming user
Home Address The initial network address. All the communications of the mobile
node come from this address.
Home Link The link where the mobile node is permanently attached.
Care-Of-Address The temporary address on the visited network.
Correspondant Node The node (not mobile) communicating with the mobile node.

MOBILE NODE ACQUIRES A COA
§ Mobile node visits a new subnet
§ It must acquire its Care of Address (CoA)
Mobile Node
acquires its Care of Address
from SLAAC or DHCPv6

HOME AGENT ADDRESS DISCOVERY (ANYCAST)
§ Home Agent (HA) may have move
§ New HA may have been installed
§ Anycast address may be used to find the HA

COA BINDING AND TUNNEL CREATION
§ Mobile Node register its CoA with the Home Agent
§ Signaling uses a Mobility Option
§ IPv6 in IPv6 Tunnel is setup between the MN and the HA
Mobile Node
1
2

BIDIRECTIONNEL TUNNELING
§ The packets from the CN are routed to the MN via the tunnel in both directions.
§ The Home Agent intercepts the NS on the Home Link and answers in Proxy-
ND.
§ Transparent for the Corresponding Node
Mobile Node

BIDIRECTIONNEL TUNNELING
Mobile Node
Src @ Dst @
MN IPv6
Home @
CN IPv6
@
Out Src Out Dst In Src In Dst
MN IPv6
CoA
HA IPv6
@
MN IPv6
Home @
CN IPv6
@
Src @ Dst @
CN IPv6
@
MN IPv6
Home @
Out Src Out Dst In Src In Dst
HA IPv6 @ MN IPv6
CoA
CN IPv6
@
MN IPv6
Home @

RETURN ROUTABILITY PROCEDURE
§ Traffic is routed via the Home Agent until the Return Routability Procedure
§ CN must support Mobile IPv6
§ The CN verifies that the Mobile Node can be reached at its CoA and its Home
Address
Mobile Node
MN proves to the CN that it
receives the Keygen Tokens

RETURN ROUTABILITY PROCEDURE
§ Verify that the MN who sends the Binding Update is the same MN who sends
the data packets.
Mobile Node A
IPv6 Home Address
IPv6 CoA
Home Agent
CoTI
COT
Visited Networks A Local Network B
Correspondent
Node
HoTI: Home Test Init CoTI: Care-of Test Init
HoT: Home Test COT: Care-of Test

MOBILITY HEADER FEATURES
Type Message Feature
0 Binding Refresh Request (BRR) Binding Update sent by the MN to the HA or the CN
1 Home Test Init (HoTI) Sent by the CN to the Home address of the MN to initialize the
Return Routability process. The HoTI is routed via the HA.
2 Care-of Test Init (CoTI) Sent by the CN to the MN CoA to initialize the Return Routability
process.
3 Home Test (HoT) HoTI response of the MN to the CN
4 Care-of Test (CoT) CoTI response of the MN to CN
5 Binding Update (BU) Sent by the MN to notify the HA or the CN that it has changed its
network point of attachment and has a new CoA.
6 Binding Acknowledgement (BA) Acknowledgement of the BU sent by the HA or the CN.
7 Binding Error (BE) Sent by the CN or the MN to signal an error. For example, if the MN
send a message with a Destination Option including a Home
Address but the CN does not have a CoA in its Binding Database.

ROUTE OPTIMIZATION SIGNALING
§ The MN registers its binding to the CN
§ This Mode must be supported by the CN
§ This can be avoided for security reason as the CN is now aware that the mobile
node is no longer on its Home Link.
§ By default, the signaling is not crypted.
Mobile Node
Binding Update
Binding Ack

ROUTE OPTIMIZATION (ID VERIFICATION)
§ The Mobile Node identity is verified
§ An IPSec Tunnel is established between the MN and the CN
Mobile Node

DESTINATION OPTION INCLUDES THE MN SOURCE @
Mobile Node
Dst Opt Src @ Dst @
MN IPv6
CoA
CN IPv6
@
MN IPv6
Home @
The CN replaces the MN IPv6
CoA with the IPv6 Home @
from the Destination Option:
Datagram comes from the MN

ROUTING OPTION INCLUDES THE MN SOURCE @
Mobile Node
The MN replaces the MN IPv6 CoA with the MN IPv6 Home @ from the Routing Option:
Datagram is sent to the MN Home @
Src @ Dst @ Routing
CN IPv6
@
MN IPv6
CoA
MN IPv6
Home @

Introduction to IPv6 for Service Providers

Introduction to IPv6 for Service Providers

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (19)

Similar to Introduction to IPv6 for Service Providers

Similar to Introduction to IPv6 for Service Providers (20)

More from Fred Bovy

More from Fred Bovy (19)

Recently uploaded

Recently uploaded (20)

Introduction to IPv6 for Service Providers