5-ipv6

2/6/2015

1

IPv6 (Internet Protocol version 6)

IPv6 Allocation TechniquesqIPv6 basic headerIPv6 header extensions

1

IPv6 address in binary and hexadecimal colon notation

IPv6 address size is 128 bits (16 byte )Divided into eight group of 16 bit in each, separated by colon ‘:’16 bits of each group are represented in hexadecimal form

2

128-bit IPv6 Address (16 byte)

3FFE:085B:1F1F:0000:0000:0000:00A9:1234

8 groups of 16-bit hexadecimal numbers separated by “:”Leading zeros can be removed

3FFE:85B:1F1F::A9:1234

:: = all zeros in one or more group of 16-bit hexadecimal numbers

Leading zeros can be removed

3

Abbreviated IPv6 addresses

4

Reserved addresses in IPv6

5

Compatible IP address are used for tunneling between IPv4 and IPv6 networks

Mapped IP addresses are used for Dual stack IP network (Coexistence of IPv4 and IPv6 in same network)

IPv6 Addressing

• Based on specific characteristics of information flow– Unicast (One-to-One)– Multicast (One-to-Many)– Anycast (One-to-One or many-to-Many)

6

2/6/2015

2

Interface Identifiers

• Sixty-four bit field• Guaranteed unique on a subnet

• Formula for mapping IEEE 802 MAC address into interface id ifiidentifier

• Used in many forms of unicast address

7

Types of Unicast Addresses

• Unspecified address– All zeros (::)– Used as source address during initialization– Also used in representing default

• Loopback address– Low-order one bit (::1 or 0::1)– Same as 127.0.0.1 in IPv4

8


•Link-local address–Unique on a subnet, can’t be routed among different networks–Result of router discovery or neighbor discovery–High-order: FE80::/64–Low-order: interface identifier (64 bits)

•Site-local address (16-bits used for site/subnet)–Unique to a “site” –High-order: FEC0::/48–Low-order: interface identifier

9


• Compatible IPv4 addresses– Of form ::a.b.c.d– Used by IPv6 hosts to communicate over automatic tunnels

• Mapped IPv4 addresses– Of form ::FFFF:a.b.c.d– Used by dual-stack machines to communicate over IPv4

using IPv6 addressing

10


• Aggregatable global unicast address– Used in production IPv6 networks– Goal: minimize global routing table size

– Three fields in /64 prefix • 16-bit Top Level Aggregator (TLA)• 8-bit reserved• 24-bit Next Level Aggregator (NLA)• 16-bit Site Level Aggregator (SLA)

11


• Aggregatable global unicast address

TLA NLA SLA Interface IDTLA NLA SLA Interface ID

12

2/6/2015

3

Top-Level Aggregators (TLA)

• Allocated by RIRs (Regional Internet Registries) to service providers

• In practice, RIRs have adopted “slow-start” strategySt t b ll ti /35 (i 64 bit fi )– Start by allocating /35s (in 64-bit prefix)

– Expand to /29s when sufficient users in /35– Eventually move to /16s

13

NLAs and SLAs

• NLAs used by service providers for subnetting– Allocate blocks to customers– Can be multiple levels of hierarchy

• SLAs used by customers for subnetting– Analogous to campus subnets– Also can be hierarchical

14

Multicast Address

• From FF00::/8

• Address contains four-bit scope field– Unlike IPv4 multicast, scope is explicitly defined in

ddaddress

• Low-order 112 bits are group identifier, not interface identifier

15

Multicast Address

Flags 000T 3 bits reservedT= 0 permanent assigned multicast addressesT= 1 transient (dynamic)assigned multicast addresses

11111111 flags scope Group ID8 bits 4 4 112 bits

16

Scope 2 link‐local (Packets may not be routed)5 site‐local (Restricted to local Physical network)8 org‐local (restricted to network administered by an

organization)E global (Eligible to be routed over the public internet)

Permanent groups are formed independent of scope.

Anycast Address

• Routs datagram to a single member of a group of potential receivers that are identified by same destination address.

• One-to-one-to-multicast scenario

• Low-order bits (typically 64 or more) are zero

17

Unicast Addresses Examples• Global Aggregate Address

• Link local address

FP TLA NLA3 13 32

SLA64 bits

Interface ID

Public Topology SiteTopology

Interface Identifier

16

18

• Site‐local address

1111111010

10 bits0

54 bitsInterface ID64 bits

1111111011 0 Interface IDsubnet ID10 bits 38 bits 16 bits 64 bits

2/6/2015

4

Address Prefix Assignments0000 0000 Reserved

0000 0001 Unassigned

0000 001 Reserved for NSAP (non-IP addresses used by ISO)

0000 010 Reserved for IPX (non-IP addresses used by IPX)

0000 011 Unassigned

0000 1 Unassigned

0001 Unassigned

001 Unicast Address Space

010 Unassigned

011 Unassigned

19

100 Unassigned

101 Unassigned

110 Unassigned

1110 Unassigned

1111 0 Unassigned

1111 10 Unassigned

1111 110 Unassigned

1111 1110 0 Unassigned

1111 1110 10 Link Local Use addresses

1111 1110 11 Site Local Use addresses

1111 1111 Multicast addresses

1111 1101 (FD followed by random NLA, SLA, mapped host interface)

Private IP address block like in IPv4 ex. 192.168.0.0/24

IP allocation to host devices

• Stateful IP allocation using DHCP same as in IPv4

• Stateless address auto-configuration– a host sends a link-local router solicitation multicast request for its

configuration parametersconfiguration parameters.– routers respond to such a request with a router advertisement packet that

contains network-layer configuration parameters.

20

IPv6 Header (general)

• General header (without extensions) is of 40 byte size.

21

IPv6 Header FieldsRFC 2460 defines the following IPv6 header fields:

1. Version (4 bits)• 4 bits are used to indicate the version of IP and is set to 6

2. Traffic Class (8 bits)• same function as the Type of Service field in the IPv4 header.

22

3. Flow Label (20 bits)• identifies a flow and it is intended to enable the router to identify

packets that should be treated in similar way without need for deep lookups within those packets.

• set by the source only and should not be changed by routers along the path to destination.

• unique & powerful tool to IPv6 • Can be used with differentiated services (DiffServ) as well as integrated

services (IntServ) and Resource ReSerVation Protocol (RSVP2).

IPv6 header field (cont.)

23

IPv6 Header Fields4. Payload Length (16 bits)

– Expressed in terms of bytes– With the header length fixed at 40 bytes, it is enough to indicate the length

of the payload to determine the length of the entire packet. – Without special options, a payload must be less than 64kB. – With a Jumbo Payload option (in a Hop-By-Hop Options extension

header), the payload must be less than 4 GB.

5 Next Header (8 bits)

24

5. Next Header (8 bits)– Indicates either the first extension header (if present) or the protocol in the

upper layer PDU (such as TCP, UDP, or ICMPv6). – When indicating an upper layer protocol above the Internet layer, the same

values used in the IPv4 Protocol field are used here.

6. Hop Limit (8 bits)– In IPv6, the IPv4 TTL was appropriately renamed Hop Limit because it is

a variable that is decremented at each hop, and it does not have a temporal dimension.

2/6/2015

5

IPv6 Header Fields

7. Source IPv6 Address (128 bits)• Stores the IPv6 address of the originating host.

8. Destination IPv6 Address (128 bits)– Stores the IPv6 address of the current destination host.

25

Extension Headers

• Less used functions moved to extension headers.• Only present when needed.

• Processed only by node identified in IPv6 destination field.=> much lower overhead than IPv4 optionsException: Hop-by-Hop option header

26

• Eliminated IPv4’s 40-byte limit on options

• Currently defined extension headers: Hop-by-hop, Routing, Fragment, Authentication, Privacy, End-to-end.

• Order of extension headers in a packet is defined.

IPv6 Next Header (Extension)• If special handling is required by either the intermediate routers or the

destination, one or more extension headers are added by the sending host.

• Each extension header must fall on a 64‐bit (8‐byte) boundary.

• Extension headers of variable size contain a Header Extension Length field and must use padding as needed to ensure that their size is a multiple of 8 bytes.

• Next Header field in the IPv6 header and zero or more extension headers that f h i f i t E h i t i di t th t f h d th t

27

form a chain of pointers. Each pointer indicates the type of header that comes after the immediate header until the upper layer protocol is ultimately identified.

IPv6 Next Header (Extension)

28

Format of an IPv6 datagram with extension header

29


• RFC 2460 defines the following IPv6 extension headers that must be supported by all IPv6 nodes:– Hop-by-Hop Options header– Destination Options header– Routing header

30

g– Fragment header– Authentication header– Encapsulating Security Payload header

2/6/2015

6

Extension Header Order

Order Header Type Next Header Code

1 Basic IPv6 Header

2 Hop-by-Hop Options 0

4 Routing header 43

5 Fragment header 44

6 Authentication header 51

7 Encapsulation Security Payload header 50

8 Destination Options 60

9 Mobility header 135

No Next header (Null) 59

Upper layer: TCP, UDP, ICMP 6, 17, 58

31


• The IPv4 header includes all options.

• Each intermediate router must check for their existence and process them when present cause performance degradation in the forwarding of IPv4 packets.

• With IPv6, delivery and forwarding options are moved to extension headers.

32

• The only extension header that must be processed at each intermediate router is the Hop-by-Hop Options extension header.

• This increases IPv6 header processing speed and improves forwarding process performance.

• In a typical IPv6 packet, no extension headers are present.

Fragmentation Extension header

• Similar to IPv4 fragmentation– Implemented as an extension header

• Placed between v6 header and data (if it is the only extension used)– 13 bit offset– Last-fragment mark (M)– Larger fragment ID field than v4

33

a ge ag e t e d t a v

0 8 16 29 31

next header reserved offset Mreserved

fragment ID

Routing Extension header

• Without this header, routing is essentially the same as v4• With this header essentially same as the source routing option in v4

– Loose or strict• Up to 24 addresses can be included

– Packet will go to nearest of these in “anycast” configuration

34

Packet will go to nearest of these in anycast configuration• Segments left tracks current target

0 8 16 24 31

Next header Hd. Ext. Len 0 Segmnts left

1 – 24 addresses

QoS Capabilities• Flow labels

– To identify packets needing same quality-of-service– 20-bit label decided by source– Flow classifier: Flow label + Source/Destination addresses– Zero if no special requirement– Uniformly distributed between 1 and FFFFFF

35

y

• Traffic class– 8-bit value– Routers allowed to modify this field

IPv6: Security Issues• Provision for

– Authentication header• Guarantees authenticity and integrity of data

– Encryption header• Ensures confidentiality and privacy

• Encryption modes:

36

• Encryption modes:– Transport mode – Tunnel mode

• Independent of key management algorithm.

• Security implementation is mandatory requirement in IPv6.

2/6/2015

7

Mobility Support in IPv6

• Mobile computers/Laptops are becoming common gadget.

• Mobile IPv6 allows a node to move from one link to another without changing the address.

37

• Movement can be heterogeneous, i.e., node can move from an Ethernet link to a cellular packet network.

• Mobility support in IPv6 is more efficient than mobility support in IPv4.

Neighbor Discovery

• Router Discovery - determines set of routers on the link.

• Parameter Discovery - to learn link parameters such as link MTU, or internet parameters like hop limit, etc.

• Address Auto-configuration - address prefixes that can be used f i ll fi i i f dd

38

for automatically configuring interface address.

• Address resolution - IP to link-layer address mapping.

• Duplicate Address Detection.• Route Redirect - inform of a better first hop node to reach a

particular destination.

Neighbor Discovery Operation

• Based on ICMPv6 messages– Router Solicitation (RS)– Router Advertisement (RA)– Neighbor Solicitation (NS)– Neighbor Advertisement (NA)

39

• Router Solicitation– sent when an interface becomes enabled, hosts request routers to send RA

immediately.

Neighbor Discovery Operation (contd..)

• Router advertisement– Sent by routers periodically or in response to RS.– Hosts build a set of default routers based on this information.– Provides information for address auto-configuration, set of on-link prefixes

etc.

40

etc.– Supplies internet/subnet parameters, like MTU, and hop limit.– Includes router’s link-layer address.

Neighbor Discovery Operation (contd..)

• Neighbor Solicitation– To request link-layer address of neighbor– Also used for Duplicate Address Detection

• Neighbor AdvertisementSent in response to NS

41

– Sent in response to NS– May be sent without solicitation to announce change in link-layer

address

• Redirect - used to inform hosts of a better first hop for a destination.

Additional Features

Anycast Addresses• Multiple nodes on link may have this address• All those nodes will respond to an NS message.• Host will get multiple NA messages, but should accept only

one.

42

• The messages should be tagged as non-override.

Proxy advertisements• Router may send NA on behalf of others.• Useful for mobile nodes who have moved.

2/6/2015

8

Address Auto-configuration

The problem• System bootstrap (“plug and play”)• Address renumbering

Addressing PossibilitiesManual Address configured by hand

43

Manual Address configured by handAutonomous Host creates address with no external

interaction (e.g., link local)Semi-autonomous Host creates address by combining a priori

information and some external information.Stateless Server Host queries a server, and gets an address.

Server does not maintain a state.Stateful Server Host queries a server, and gets an address.

Server maintains a state.

Auto-configuration in IPv6

• Link-local prefix concatenated with 64-bit MAC address. (Autonomous mode)

• Prefix advertised by router concatenated with 64-bit MAC address. (Semi-autonomous mode.)

44

• DHCP (for server modes)– Can provide a permanent address (stateless mode)– Provide an address from a group of addresses, and keep track of this

allocation (stateful mode)– Can provide additional network specific information.

– Can register nodes in DNS.

Upper Layer Issues• Minor changes in TCP

– Maximum segment size should be based on Path MTU.– The packet size computation should take into account larger size of IP

header(s).– Pseudo-header for checksum is different.

45

• UDP checksum computation is now mandatory.• Most application protocol specifications are independent of

TCP/IP - hence no change.• FTP protocol exchanges IPv4 addresses - hence needs to be

changed.

IPv4 vs IPv6 Header

46

20bytes

0 15 16 31

vers hlen TOS total length

identification flags flag‐offset

TTL protocol header checksum

source address

destination address

options and padding

Removed fields(6)• ID, flags, flag offset• TOS, hlen• header checksum

Changed fields (3)• Differentiated service= traffic class

Header comparison of IPv4 and IPv6

40bytes

IPv4

IPv6

vers traffic class flow‐label

payload length next header hop limit

source address

destination address

Added fields(2)

Expanded fields

Differentiated service traffic class•total length => payload length• protocol => next header• TTL => hop limit

•flow label

• address 32 to 128 bits

47

IPv4 Addressing Concepts and Their IPv6 Equivalents

IPv4 Address IPv6 AddressAddress Length – 32 bits 128 bits

Address Representation - decimal hexadecimal

Internet address classes Not applicable in IPv6

Multicast addresses (224 0 0 0/4) IPv6 multicast addresses (FF00::/8)

48

Multicast addresses (224.0.0.0/4) IPv6 multicast addresses (FF00::/8)

Broadcast addresses Not applicable in IPv6

Unspecified address is 0.0.0.0 Unspecified address is ::

Loopback address is 127.0.0.1/8 Loopback address is ::1

Public IP addresses Global unicast addresses

Private IP addresses (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16)

Site-local addresses (FEC0::/10)

Link Local addresses (169.254.0.0/16) Link-local addresses (FE80::/64)

2/6/2015

9

IPv6 Header Format Simplification1. Fixed Length for the basic header

– IPv4 header of variable length = minm 20 bytes– IPv6 = basic header length fixed 40 bytes

• Leads to fast header processing • No need of Header Length (Hd Len) field in IPv4 – obsolete

2. Fragmentation only by traffic source

49

– Source does Path MTU (PMTU) discovery.– Freeing routers from having to fragment them– No need of IPv4 Identification, Flag, Fragment Offset

Note: The PMTU (Path Maximum Transmission Unit) Discovery can be processing intensive. It is important to remember, however, that in IPv6 the MTU on any link > 1280 bytes, as specified in RFC 2460.

IPv6 Header Format Simplification (cont.)

3. Header checksums are eliminated– IP header checksum recalculated by every node switching the packet

due to changing TTL values, thus taxing router resources. – Improvements on Layer 2 technologies and their 32-bit CRC support

since the introduction of IPv4 combined with layer 4 checksumsid ffi i i k h l h d h k

50

provides sufficient protection to make the layer 3 header checksum unnecessary.

– Packet Header Checksum was eliminated in IPv6 and is in turn enforced at upper layers.

Major Improvements of IPv6 Header• Fragmentation field moved to separate header (extended header)

• No option field: Replaced by extension header. Result in a fixed length, 40-byte IP header.

• No header checksum: Results in fast processing• No header checksum: Results in fast processing.

• No fragmentation at intermediate nodes: Results in fast packet forwarding. Maximum Packet size can be supported up to destination device is determined by source device before packet transmission.

51

5-ipv6

Documents