Introduction to IPv6

© J. Liebeherr, 2012, All rights reserved

Internet Protocol: Which version?

There are currently two versions of the Internet Protocol in use for the Internet

• IPv4 (IP Version 4)• Specified in 1980/81 (RFC 760, 791)• Four byte addresses• Universally deployed• Problem: Address space almost exhausted

• IPv6 (IP Version 6)• Specification from 1998 (RFC 2460)• Not interoperable with IPv4, but not fundamental changes• 128 bit addresses• Problem: Not widely used (yet?)

Slow adoption of IPv6

• IPv6 is available since 15 years, and almost all operating systems now support it

• But IPv6 is not yet widely adopted

• Measurements at Internet Exchange Point in Amsterdam:

linear semi-log

How many addresses in IPv6?

• IPv4 Addresses: – 232 = 4,294,967,296 ≈ 4 billion

• IPv6 Addresses:– 2128 = 340,282,366,920,938,463,463,374,607,431,768,211,456 ≈ 3.4 x 1038

• Surface area of Earth: 510,072,000 km2 • Size of Atom: 10-10 m = 0.1 nm = 1 Angstrom (Å)• “Area of Atom”: 1 square angstrom (Ų)= 10-20 m2

Number of atoms on Earth’s surface: 510,072,000 km2 / 10-20 m2 = 5.1 x 1031

Number of IPv6 addresses for each atom on the surface of the Earth: ~ 6.7 million

IPv6: Summary of Features

• 128-bit interface addresses• Streamlined header format with extension headers• Security options• Node Mobility• No broadcast (therefore, no ARP)• No NAT (at least no need is seen)

Others:• Anycast addresses• Minimum MTU is 1280 bytes• Jumbogram extensions allow datagrams up to 232-1 bytes• Type field of Ethernet frames with IPv6 packets is 86DD

Protocols not affected by IPv6 transition

Protocols above and below network layer are not affected:

– Applications (e.g., web server, mail server, etc.)• Additional considerations for support of both IPv4 and

IPv6– Transport protocols (i.e., TCP, UDP)– Link layer protocols (i.e., Ethernet)

Protocols and services with modifications

• Some protocols need to be slightly modified to account for IPv6 addresses and requirements of IPv6 (e.g., no broadcast)– Routing Protocols

• RIPng, OSPv3, MP-BGP

– DNS– No change to structure of names or server hierarchy– New record type (AAAA) for entries with IPv6 addresses

– DHCPv6– Similar to DHCP, but without broadcast

• Changes are sometimes limited to allowing space for larger IP addresses and prefixes, and replacing broadcast by multicast

• Some considerations are needed for simultaneous support of IPv4 and IPv6

IPv6 Routing Protocols

RIPng• Based on RIPv2• Updated features: IPv6 prefix, next-hop IPv6 address, uses

the multicast group FF02::9 for updates, uses UDP port 521

OSPFv3• Based on OSPFv2, with enhancements• Updated: Distributes IPv6 prefixes, multiple addresses per

interface, authentication uses IPsec

MP-BGP• Multiprotocol extension of BGP-4• Can carry informaton on IPv6, but also other protocols

IPv6 Packet Format

IPv6 Header

• Minimum size: 40 bytes• Header is multiple of 8 bytes long

version(4 bits)

Traffic Class(8 bits)

Flow Label(24 bits)

Payload Length (16 bits)Next Header

(8 bits)Hop Limits (8 bits)

Source IP address (128 bits)

32 bits

Destination IP address (128 bits)

IPv6 Packet header

11

• IPv6 has a simplified header structure:– Headers have fixed size – No fragmentation (but available via header extensions)– No header checksum

• Most fields play a similar role as in IPv4:

• New Features:– Extension headers– Flow label– Authentication and Privacy

IPv6

… similar to …

IPv4

Version Version

Traffic class DiffServ

Payload length Total length

Next Header Protocol

Hop Limit TTL

Extension Headers

• Instead of header options, IPv6 allows to concatenate optional headers to the main header

• Extension Headers:• Security: Authentication• Fragmentation• Routing• Payload Header (TCP, UDP, …)

IPv6 HeaderNext Header =TCP

TCP Header DATA

IPv6 HeaderNext Header =

SecurityTCP Header DATA

Security HeaderNext Header = Fragementation

Fragmentation Header

Next Header =TCP

IPv6 Addresses

Convention for writing IPv6 addresses

• IPv6 addresses are written as hexadecimals• “Blocks” of 16 bits are separated by colons.

Abbreviation Rules:1. Leading zeroes in a block can be omittedFE80:0000:0000:0000:002A:0000:FE04:0A81

FE80:0:0:0:2A:0:FE04:A81

2. One (but only one) contiguous block with all zeros can be replaced by a double colon

FE80:0:0:0:2A:0:FE04:A81 FE80::2A:0:FE04:A81FE80:0:0:0:2A:0:FE04:A81 FE80:0:0:0:2A::FE04:A81

Best abbreviation result:

FE80:0000:0000:0000:002A:0000:FE04:0A81

FE80::2A:0:FE04:A81

Types of IPv6 Addresses

Binary Prefix IPv6 Prefix

Multicast 1111 1111 FF00::/8

Link-local unicast 1111 1110 10 FE80::/10

Unique Local unicast Address (ULA)

1111 11001111 1101

FC::/8FD::/8

Global unicast everything else

currently allocated global unicast addresses

001 2000::/3

Special IPv6 Addresses

• IPv4-mapped IPv6 addresses allow the use of IPv4 addressses in an IPv6 context. – IPv4 part of the address can be written in dotted decimal notation

– Example: ::FFFF:128.100.11.2

Binary Prefix IPv6 Prefix

Unspecified(not assigned, indicates absence of an address)

00…0 (128 bits) ::/128

Loopback 00…1 (128 bits) ::1/128

IPv4-mapped IPv6 addresses ::FFFF:0.0.0.0/96

Interface ID

64 bits

Subnet ID

N bits

Global Routing Prefix

64-N

Structure of a global unicast address

• Global routing prefix is allocated from ISP or Internet registryhas typical length (N) of 32-64 bits All current allocated prefixes start with 001 (binary).

• Subnet ID defines the subnetwork• Interface ID

has length 64 bits(Exception: When routing prefix starts with 000, length of Interface ID can be different)

is built using EUI-64 format

EUI-64 Address

• IEEE EUI-64 is essentially a 8-byte MAC address• There is a method to create EUI-64 address from a 48-bit MAC address

• Modified EUI-64 simply flips the 7th bit from the first byte• The modified EUI-64 address is used as IPv6 Interface ID

C8 2A 14 04 0A 81 MAC Address

04 0A 81

FF FE

C8 2A 14

1 1 0 0 1 0 0 0

1 1 0 0 1 0 1 0

U/L Bit

CA 04 0A 812A 14 FF FE

EUI-64 identifier

modifiedEUI-64 identifier

IPv6 Address Allocation

• The process for allocating address blocks (prefixes) is as with IPv4:

• IANA allocates prefixes of /23 up to /12 to RIRs• RIR allocates prefixes of /32 up to /19 to LIR, ISP, or End users• LIR/ISP obtains prefixes of /64 up to /48• There can be a National Internet Registry (NIR) between RIR and LIR/ISP

IANA

End user

allocates allocates

assigns

End user

assigns

RIRLIR

(ISP)

Currently available Global Unicast Addresses

RIR Allocated IPv6 prefix

APNIC 2400::/12

ARIN 2600::/12

ARIN 2800::/12

RIPE 2A00::/12

AfriNIC 2C00::/12

Allocated IPv6 prefix

IANA 2000::/3

Note: Several additional smaller blocks (longer prefixes) have been assigned.

group ID

112 bits

flags

8 bits

1111 1111

4 bits

scope

4 bits

IPv6 Multicast Address

• Four flags: 0RPT1. 0: first flag is always zero

2. T=0: permanent address (otherwise non-permanent)

3. P=1: Group ID based on network prefix

4. R=1: Group ID contains address of rendezvous point

• Scope defines area of validity of group ID (local to global)• Predefined multicast addresses exist

• All nodes: FF01:00:1, FF02:00:1• All routers: FF01:00:2, FF02:00:2 : FF05:00:2

• Destination MAC address of Ethernet frames with IPv6 multicast payload:– First two bytes are set to 0303 (hex)– Last 4 bytes are set to last four bytes of IPv6 multicast address

MAC address

IPv6 multicast address

MAC addresses of

frames with IPv6

packets start with

x0303 6 bytes

10 bytes

FFxx:----:----:----:----:----:----:----

0303:----:----

4 bytes

Mapping IPv6 Multicast to Ethernet

22

Interface ID

64 bits

0…0

10 bits

1111 1110 10

54 bits

Link-Local Unicast Addresses

• Used during autoconfiguration when no router is present• IPv6 requires that each interface has link local address, even if the

interface has a routable address• Link Local address is used whenever communicating with nodes on same

subnet• Packets with this address are local to a subnet (not forwarded by routers)• Issue: Since all link-local addresses have the same prefix, how does a

node pick the correct outgoing interface?– An additional identifier is appended to address Zone Index– Routing tables use zone index for all link-local addresses– Zone index can be index or name of interface:

fe80::21f:f3ff:fec5:dc47%1 , fe80::21f:f3ff:fec5:dc47%en1

8 bits

1111 110x Interface ID

64 bits

Subnet ID

40 bits

Global ID

16 bits

Unique Local Unicast Addresses (ULA)

• Address bloc: FC00::/7• Global ID is randomly selected • Addresses for communication within a domain, e.g.,

enterprise network• Packets with this address may be routed within an

administrative domain, but are not globally routable• x =1: Global ID is locally assigned

x =0: not defined

University of Toronto

• IPv6 prefix of University of Toronto: 2606:FA00::/32• Address block is allocated from ARIN

32 bits

64 bits

96 bits

32 bits

2606:FA00:0000:0000:0000:0000:0000:0000

2606:FA00:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF

Subnet ID Interface ID

from:

to:

Exercise with IPv6 Multicast Addresses

• Consider the IPv6 prefix:

2001:0AE8:0000:0000:BC30:0000:0000:0000/60

• The following are permitted abbreviations of the prefix:• 2001:AE8::BC30:0:0:0/60• 2001:AE8:0:0:BC30::/60

• The following are not permitted abbreviations of the prefix:• 2001:AE8::BC30/60• 2001:AE8::BC30::/60• 2001:AE8:0.0:BC3::/60

IP Address Configuration

Enhanced Role of ICMPv6

• Functions of ARP and IGMP are performed by ICMPv6 messages– NDP: Neighbor Discovery Protocol– MLD: Multicast Listener Discovery

28

IPv4

ARP

Ethernet

ICMPv6

ICMP

IGMP

IPv6

Ethernet

Neighbhor Discovery

MulticastListener

Discovery

IPv4 IPv6

Neighbor Discovery Protocol

• Uses several ICMPv6 messages types:• Router Solicitation / Router Advertisement, • Neighbor Solicitation / Neighbor Advertisement, • Route Redirect

• Functions:– Router/Prefix/Parameter Discovery– Address Autoconfiguration– Address Resolution– Next-Hop Determination– Duplicate Address Detection– Neighbor Unreachable Detection

Dynamic Assignment of IPv6 Addresses

• Static IP configuration still exists

DHCPv6

• Similar to DHCP for IPv4 • Requires a server (“stateful”)• For networks with central

control of address assignment

Stateless Autoconfiguration

• Uses ICMPv6 messages• Nodes select their own interface ID• No need for server (“stateless”)• For networks without central

control of address assignment

31

ICMP Router SolicitationICMP Router Advertisement

• Router Solicitation sent to the “all routers” multicast group

• Router Advertisement sent to “all nodes” multicast group

• Router Advertisement contains:– Network prefix– MTU – Default Hop limit– Router advertisement

may tell host to use DHCP

Ethernet

H1

R1 R2

Router advertisementI am a router!

Router advertisementI am a router!

Router solicitationIs there a router on this link?

32

ICMP Neighbor SolicitationICMP Neighbor Advertisement

Functions: • Replacement for ARP• Duplicate address detection

• Messages sent to “solicited node” multicast group, or via unicast

Ethernet

H1

Neigbhor advertisementMy MAC address is ...

Neigbhor solicitationWhat is H3's MAC address?

H2 H3

• When a router detects that a packetshould have gone to a different (better) router, the router (here R2)

• forwards the packet to the correct router• sends an ICMP redirect message to the host

• Host uses ICMP message to update its routing table

33

Ethernet

H1

R1 R2

Destination Next Hop

fe80::ca2a:14ff:fe04:a81/92 …

R2

Destination Next Hop

fe80::ca2a:14ff:fe04:a81/92 …

R1

Routing Redirect

(1) IPv6 packet

R1

(2) ICMP redirect(3) IPv6 packet

Stateless Address Autoconfiguration

Stateless address autoconfiguration can set IP parameters of a node without a server or manual configuration:

1. Upon startup, a node create link-local addresses for each IPv6 interface from MAC address

2. Test uniqueness by sending a Neighbor Solicitation to the created address

– If a host replies with Neighbor Advertisement, address is in use– If no response, address can be used

3. Send “ICMP Router Solicitation” to “all routers” group– Router replies with Router advertisement containing prefix, MTU, and other

information

4. Node creates a globally routable IP address using the prefix sent by the router, and the Interface ID from the link-local address

IPv6 Transition

IPv6 Transition Mechanisms

• The adoption of IPv6 has been very slow• Deployment of IPv6 will be incremental (gradual)• For the foreseeable future, IPv4 and IPv6 must co-exist

• IPv6 transition mechanisms seek to facilitate the transition to IPv6 and ensure coexistence of IPv4 and IPv6 on the same network

• IP/ICMP translation• Dual Stack• Tunneling (6bone, 6to4, 6rd, …)• many more

IP/ICMP translation

• Refers to a translation of ICMP and IP packet headers between v4 and v6

• Takes advantage of IPv4-mapped IPv6 addresses• Works similarly to NAT

• Other scenarios: IPv6 NetworkIPv4 Network, IPv4 NetworkIPv6 Internet, IPv4 InternetIPv6 Internet

IPv4 Internet

IPv6Network

IPv6/IPv4Translator

DNS

Tunneling

• IPv6 “islands” can be connected across IPv4 network by encapsulating them in IPv4 packets

38

IPv6 Network

IPv6 Network

IPv6Network

Router

IPv4 Internet RouterIP-in-IP tunnel

Router

IPv6 host in IPv4 network

Tunneling

• IPv6 networks connect via IP tunnels• With tunneling, IPv6 packets are encapsulated by IPv4

header (IP-in-IP encapsulation)

IPv4 Router IPv6/IPv4 RouterIPv6/IPv4 Router

PayloadIPv4

headerIPv6

header

Payload of IPv4 header

PayloadIPv6

headerPayload

IPv4header

IPv6header

Payload of IPv4 header

PayloadIPv6

header

PayloadIPv6

headerPayload

IPv6 headerIP-in-IP Tunnel

Dual Stack

• Dual Stack means that IPv6 enabled hosts, servers, and routers support IPv4 and IPv6 in parallel

• Allows co-existence of IPv4 and IPv6 devices on the same network

• Dual stack transition is used by enterprise/university networks

Ethernet

IPv4 IPv6

UDP TCP

IPv4 Application

Type: 0x0800

Type: 0x86DD

IPv6 Topics not covered here

• Anycast• Security (Authentication headers)• Mobile IP