Upload
cornelius-romero
View
222
Download
0
Tags:
Embed Size (px)
Citation preview
11
IntroductionIntroduction
An evolution of IPv4.
Builds on IPv4.
Most notable change is address changes to 128 bits.
Dynamic environment.
Requires a much more sophisticated operating environment.
Over 58 other protocols have changed with it.
Will run as islands using IPv4 as the backbone.
Cannot simply “flip a switch” to convert.
22
IPv6 (continued)IPv6 (continued)
IPv5 exists and is known as the Streams 2 (ST2) Protocol: RFC 1819 Operates at the same layer as IP Developed as an IP layer for real-time applications Includes QoS capabilities
IPv6 truly works on the finer aspects of IPv4.
Requires a dynamic environment: Many discovery options including:
Autoconfiguration Finding the maximum path MTU Finding other workstations without ARP Finding routers
33
IPv6 FeaturesIPv6 Features
Extended addressing capabilities.
Header format simplification.
Improved support for extensions and options.
Flow label capability.
Authentication and privacy capabilities.
IPv6 routing similar to IPv4 routing using CIDR.
OSPF, RIP, IDRP, and IS-IS can be used with minor modifications
44
From IPv4 to IPv6From IPv4 to IPv6
Built up to the IPv6 specification that we have today using various proposal submissions such as:
ISO CLNP– demonstrated as TUBA (TCP and UDP over Bigger Addresses)
IP version 7 (aka TP/IX, RFC 1475) IP in IP – evolved to IP address
encapsulation PIP – merged into SIP creating SIPP
(RFC 1710)
55
IP Version Numbers According to IP Version Numbers According to RFC 1700RFC 1700
DecimalDecimal KeywordKeyword VersionVersion ReferencesReferences
0 Reserved
1 - 3 Unassigned
4 IP Internet Protocol RFC 791
5 ST ST Datagram Mode RFC 1190, JWF
6 IPv6 RFC 1883
7 TP/IX TP/IX: The Next Internet
8 PIP The P Internet Protocol
9 TUBA TCP and UDP over Bigger Addresses
10 - 14 Unassigned
15 Reserved
66
IPv6 HeaderIPv6 Header
DADA SASATypeType86DD86DD IP Header and DataIP Header and Data CRCCRC
Ethernet Data FieldEthernet Data Field
VersVers PriorityPriority Total lengthTotal length
Payload lengthPayload length Next headerNext header Hop limitHop limit
Source IP addressSource IP address
Destination IP addressDestination IP address
IP datagram data (up to 65535 bytes)IP datagram data (up to 65535 bytes)
Next header– Could be transport layer headerNext header– Could be transport layer headeror an IPv6 extension headeror an IPv6 extension header
77
IPv4 Options Review – A ReviewIPv4 Options Review – A Review
Security
Loose source routing
Strict source routing
Record route
Stream ID
Internet timestamp
88
IPv4 and IPv6 Header DifferencesIPv4 and IPv6 Header Differences
IPv6 header is a static 40 bytes in length.
Total length field is replaced with payload length.
IPv6 allows for jumbograms (larger than 64k).
Extension headers.
TTL field is replaced with the hop limit.
Many Ipv4 options were moved to independent protocols.
99
IPv6 Header FormatIPv6 Header Format
DADA SASA IPv6 headerIPv6 header IP DataIP Data CRCCRC
IPv6 headerIPv6 header
Next header = 17Next header = 17 UDP header and dataUDP header and data
(UDP)(UDP)
TFTF
1010
FragmentationFragmentation
IPv6 headerIPv6 headerNext header = Next header =
routingrouting
DADA SASA IPv6 headerIPv6 header IP dataIP data CRCCRCTFTF
Routing header Next Routing header Next header = fragmentheader = fragment
Fragment header Fragment header Next header = UDPNext header = UDP
Fragment of UDPFragment of UDP
Header and dataHeader and data
1111
Priority and Flow LabelPriority and Flow Label
Still under much study.
Priority field distinguishes the datagram amongst other datagrams.
Two types of controlled traffic: Congestion Noncongestion
Flow labels allow the router to indentify a flow and place this label in the routing table for quick lookup.
1212
IPv6 AddressingIPv6 Addressing
Unicast Unicast – identifies a single interface.
AnyCastAnyCast – new for IPv6, it identifies a set of interfaces usually belonging to different nodes. Used to deliver datagrams to the “nearest” of the interfaces.
MulticastMulticast – an identifier belong to a group of interfaces. IPv6 extensively uses the multicast interface.
There is no broadcast address in IPv6.
1313
IPv6 Addressing (cont.)IPv6 Addressing (cont.)
Which provides for: 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses
Address is written in hex.
Takes the form of: xxxx : xxxx : xxxx : xxxx : xxxx : xxxx : xxxx : xxxx FEDC:BA98:7654:3210:FEDC:BA98:7654:0321
Zeros can be truncated: FF:0000:0000:0000:0000:9085:9043:1234
FF::9085:9043:1234 Only one set of zeros can be truncated
128 bits
32 bits IPv4
1414
IPv6 Addressing (continued)IPv6 Addressing (continued)
The first few bits are indicators (as shown in a moment).
They do not register as a Class of address as in IPv4
Similar to CIDR, prefixes are used to indicate the routing.
Special addresses are reserved: Unspecified address Loopback address Embedded IPv4 address Multicast address
1515
IPv6 Addressing Prefix IPv6 Addressing Prefix Allocation Prefix (binary) Fraction of Address Space
ReservedUnassignedReserved for NSAPAllocationReserved for IPXAllocationUnassignedUnassignedUnassignedUnassigned
Provider-basedUnicast addressUnassignedReserved for geographic-based unicast addressesUnassignedUnassignedUnassignedUnassignedUnassignedUnassignedUnassigned
Link local useAddressesSite Local Use Addresses 1111 1110 11Muclticast Addresses
0000 00000000 0001
0000 001
0000 0100000 0110000 100001001
0100111001011101110111101111 101111 1101111 11100
1111 1110 101/10241111 1111
1/2561/256
1/128
1/1281/321/161/8
1/81/81/81/81/81/161/321/641/1281/512
1/1024
1/256
1616
6Bone Test Addressing6Bone Test Addressing
010010 Registry IDRegistry ID Provider IDProvider ID Subscriber IDSubscriber ID Subnet IDSubnet ID Interface IDInterface ID
010010 1111111111 AS numberAS number ResvResv IPv4 Network addressIPv4 Network address ResvResv Subnet IDSubnet ID Interface IDInterface ID
3 bits3 bits n bitsn bits m bitsm bits o bitso bits p bitsp bits 128-mnop bits128-mnop bits
3 bits3 bits 5 bits5 bits 8 bits8 bits 24 bits24 bits 8 bits8 bits 48 bits48 bits16 bits16 bits 16bits16bits
(IANA)(IANA)
1717
Provider-Based IPv6 AddressingProvider-Based IPv6 Addressing
010010 Registry IDRegistry ID Provider IDProvider ID Subscriber IDSubscriber ID Subnet IDSubnet ID Interface IDInterface ID
3 bits3 bits n bitsn bits m bitsm bits o bitso bits p bitsp bits 128-mnop bits128-mnop bits
Provider-basedProvider-based
1818
11111110101111111010 00 Interface IDInterface ID
10 bits10 bits n bitsn bits 128 - n bits128 - n bits
usually the 48 bit IEEE addressusually the 48 bit IEEE address
0 . . . . . . . . . . . .0 . . . . . . . . . . . .
11111110111111111011 Interface IDInterface ID
10 bits10 bits n bitsn bits 128 - m - n bits128 - m - n bits
usually the 48 bit IEEE addressusually the 48 bit IEEE address
00 subnet IDsubnet ID
m bitsm bits
FE80FE80
FEC0FEC0
Local-Use IPv6 AddressingLocal-Use IPv6 Addressing
1919
IPv6 Addresses with Embedded IPv4 IPv6 Addresses with Embedded IPv4 AddressesAddresses
0000 . . . . . . . . . . . . . 0000 . . . . . . . . . . . . . 00000000
00000000 IPv4 32-bit addressIPv4 32-bit address
IPv4-compatible IPv6 addressIPv4-compatible IPv6 address
0:0:IPv4 address0:0:IPv4 address
96 bits96 bits 4 bits 4 bits 32 bits32 bits
2020
Unicast AddressesUnicast Addresses
Global provider based Geographic based NSAP IPX Hierarchical
Unspecified - 0:0 Site-local use Link-local use IPv4-capable host Loopback - 0:0:0:0:0:0:0:1
Provider based
Special use address
010010 Registry IDRegistry ID Provider IDProvider ID Subscriber IDSubscriber ID Subnet IDSubnet ID Interface IDInterface ID
3 bits3 bits n bitsn bits m bitsm bits o bitso bits p bitsp bits 128-mnop bits128-mnop bitsProvider basedProvider based
Subscriber prefixSubscriber prefix area IDarea ID subnet IDsubnet ID interface ID interface ID
(possibly IEEE 802.x MAC address)(possibly IEEE 802.x MAC address)Generic structure of an IPv6 address Generic structure of an IPv6 address
2121
AutoconfigurationAutoconfiguration
Stateless Autoconfiguration. Initializing hosts join the all nodes multicast
address of FE02::1
Stateless autoconfiguration allows for a node to start up using the link-local prefix and some sort of token.
This will probably be the 48-bit Ethernet address
Address would be FE80::48-bit address (multicast)
Hosts send a solicitation message to all-routers using the all-routers multicast address of FF02::2.
Used to determine the node’s routing prefix and other routing parameters
Stateful autoconfiguration uses.
2222
Neighbor DiscoveryNeighbor Discovery
RFC 1970.
Very extensive and best to read RFC.
Nodes used Neighbor Discovery to determine link-layer addresses for neighbors.
Finds link-local hosts and routers.
Detects which neighbors are reachable and to detect link layer address changes.
ARP is not used with IPv6. This is the robust replacement for ARP
(IPv4)
2323
Neighbor Discovery (continued)Neighbor Discovery (continued)
In IPv6, Discovery messages use the various multicast address assignments for router discovery, neighbor discovery, etc.
The media (MAC) address is a multicast address as well:
33-33-last 32 bits of the IPv6 address
RFC 1970 applies to all link-layer types except NBMA and various proprietary interfaces.
2424
Neighbor Discovery TypesNeighbor Discovery Types
Router Discovery
Prefix Discovery
Parameter Discovery
Address Autoconfiguration
Address Resolution
Next-Hop determination
Neighbor Unreachability Detection
Duplicate Address Detection
Redirect
2525
Neighbor Discovery and IPv4Neighbor Discovery and IPv4
IPv6 Neighbor Discovery combines IPv4 protocols of ARP, ICMP Router Discovery, and ICMP Redirect.
IPv4 has no agreed-upon method for Dead Gateway Detection and Neighbor Unreachability detection.
2626
Neighbor Discovery and IPv4 Neighbor Discovery and IPv4 (continued)(continued)
IPv6 assumes a redirect next hop is on-link – on the same link that it resides.
IPv6 detects half link failures (neighbors that are suspect or that have gone away).
IPv6 Router advertisements do not contain a Preference field.
Using link-local addresses to identify routers means that this relationship is maintained even if the provider address changes.
Address resolution is accomplished at the ICMP layer.
2727
Address ResolutionAddress Resolution Purpose is to determine the link
level-address of a destination given only its IP address.
Consists of sending a Neighbor Solicitation message and waiting for a reply.
All nodes start up by joining the all-nodes multicast address and the solicited node multicast address
Solicited node address is taking the 96 bit prefix FF02:0:0:0:0:1 and place the low order 32 bits of the destination IP address to this
This allows for a range of FF02:1:0:0 through FF02:1:FFFF:FFFF
The full target address is embedded in the ICMP packet
2828
Methods of Deploying IPv6Methods of Deploying IPv6
Dual IP layer–a node that is running both the IPv4 and IPv6 TCP/IP protocol stacks.
IPv6 over IPv4 Tunnel–the process of taking an IPv6 datagram and wrapping an IPv4 header on it for transit across IPv4 routers.
Configured Tunnel–IPv4 tunnel endpoint address is determined by the encapsulating node
Automatic Tunnel–IPv4 tunnel endpoint is determined from the IPv4 address of the IPv6 packet
Transition consists of: IPv4-only node.
2929
IPv6 Tunneling IntroductionIPv6 Tunneling Introduction
Host to Router
Router to Router
Router To Host
Host to Host
3030
IPv6 Tunnel AddressingIPv6 Tunnel Addressing
IPv6 HeaderIPv6 HeaderTransport LayerTransport Layer
HeaderHeader DataData
IPv4 HeaderIPv4 Header IPv6 HeaderIPv6 Header Transport LayerTransport Layerheaderheader
DataData
::132.1.1.1::132.1.1.1
3131
IPv6 and IPv4 Dual-Stack StrategyIPv6 and IPv4 Dual-Stack Strategy
Medium Dependent media typeMedium Dependent media type
ApplicationsApplications
IPv4IPv4 IPv6IPv6
TCP/UDPTCP/UDP
Ethernet, Token Ring, FDDIEthernet, Token Ring, FDDI
3232
IPv6 TunnelingIPv6 Tunneling
IPv6IPv6hosthost
IPv4IPv4hosthost
IPv4/v6IPv4/v6routerrouter
Uh-Oh!Uh-Oh!
IPv6IPv6hosthost
Could be the InternetCould be the InternetIPv4 CloudIPv4 Cloud
IPv4/v6IPv4/v6routerrouter
IPv4IPv4routerrouter
IPv4IPv4hosthost
IPv6IPv6hosthost
IPv4/6IPv4/6hosthost
IPv4IPv4hosthost
IPv4IPv4routerrouter
3333
IPv6 TunnelingIPv6 Tunneling
IPv6/IPv4IPv6/IPv4routerrouter
IPv4 NetworkIPv4 Network
IPv4 NetworkIPv4 Network
IPv4 NetworkIPv4 Network
IPv4IPv4routerrouter
IPv4IPv4routerrouter
IPv4IPv4routerrouter
IPv6/IPv4IPv6/IPv4routerrouter
IPv6/IPv4IPv6/IPv4routerrouter
IPv6/IPv4IPv6/IPv4routerrouter
routerrouter
totorouterrouter
IPv4IPv4routerrouter
host tohost torouterroutertunneltunnel
host tohost to
hosthost
routerrouter
totohosthost
Host IPv6/IPv4Host IPv6/IPv4
IPv6/IPv4 hostIPv6/IPv4 host
Four possible ways to tunnelFour possible ways to tunnel
(last segment of (last segment of end-to-end span)end-to-end span)
3434
IPv6 Tunneling Flowchart 1IPv6 Tunneling Flowchart 1
YesYes
NoNo
NoNo
YesYes
Send direct to IPv6 routerSend direct to IPv6 routerwith destinationwith destination
address set to IPv6 formataddress set to IPv6 format
NoNo
Send IPv6 encapsulatedSend IPv6 encapsulated packet to IPv4 router; IPv6 destinationpacket to IPv4 router; IPv6 destination
addresses to the end node; IPv4addresses to the end node; IPv4address set to low-order 32 bitsaddress set to low-order 32 bits
of end nodeof end node
YesYes
End nodeEnd nodeaddress isaddress is
IPv4-compatibleIPv4-compatibleIPv6 addressIPv6 address
DestinationDestinationlocal?local?
IPv4 routerIPv4 routeravailable?available?
Send direct withSend direct withdestination addressdestination addressset to IPv6 fromatset to IPv6 fromat
IPv4 routerIPv4 routeravailable?available?
DestinationDestinationunreachableunreachable
3535
IPv6 Tunneling Flowchart 2IPv6 Tunneling Flowchart 2
YesYes
NoNo
NoNo
YesYes
Send direct to IPv6 routerSend direct to IPv6 routerwith IP destinationwith IP destination
set to final destinationset to final destinationin IPv6 formatin IPv6 format
NoNo
Send IPv6 datagram encapsulated inSend IPv6 datagram encapsulated inIPv4 packet. IPv6 destination addressIPv4 packet. IPv6 destination address
and IPv4 destination address is theand IPv4 destination address is theconfigured IPv4 address of theconfigured IPv4 address of the
tunnel endpoint.tunnel endpoint.
YesYes
End nodeEnd nodeaddress isaddress isIPv6-onlyIPv6-onlyaddressaddress
DestinationDestinationlocal?local?
IPv6 routerIPv6 routeravailable?available?
Send direct withSend direct withdestination addressdestination addressset to IPv6 fromatset to IPv6 fromat
Configured tunnelConfigured tunneland IPv4 routerand IPv4 router
available?available?
DestinationDestinationunreachableunreachable
3636
IPv6 Tunneling Flowchart 3IPv6 Tunneling Flowchart 3
YesYes
NoNo
NoNo
YesYes
Send IPv4 packet;Send IPv4 packet;destination address set todestination address set to
the IPv4 address of thethe IPv4 address of theend nodeend node
End nodeEnd nodeaddress isaddress is
IPv4IPv4
DestinationDestinationlocal?local?
IPv4 routerIPv4 routeravailable?available?
Send direct withSend direct withdestination addressdestination address
set to IPv4set to IPv4
DestinationDestinationunreachableunreachable
3737
Anycast AddressingAnycast Addressing
Similar to a multicast address.
Address is sent to a group address (anycast) but the router delivers the datagram to the nearest member of the group.
Provides for applications such as file and print servers, time servers, name servers, DHCP, etc.
Similar to the NetWare protocol of “Get Nearest Server” request.
3838
Multicasting for IPv6Multicasting for IPv6
1111 11111111 1111 FlagsFlags ScopeScope Group IDGroup ID
8 bits8 bits 4 bits4 bits 4 bits4 bits 112 bits112 bits
00 00 00 TT Flag bitsFlag bitsT = Transient - 0 indicates IANA multicast assignedT = Transient - 0 indicates IANA multicast assigned
First part of the address is the multicast reserved bits FF.
The scope is included in the overall reserved address. For example, you could look for all name servers within a site local scope All name servers within a link local scope Same multicast function but different address Same function as the TTL in MBONE
3939
IPv6 RoutingIPv6 Routing
Existing routing protocols (OSPF, RIP, IDRD, etc.) are straightforward extensions of IPv4 routing.
IPv6 includes new routing extensions such as:
Provider selection Host mobility Auto-readdressing
OSPF: Creates a separate link state database Makes room for the 128 bit address Cannot interoperate with IPv4
4040
RIPngRIPng
CommandCommand VersionVersion Must be zeroMust be zero
IPv6 Address (128 bits)IPv6 Address (128 bits)
Route tagRoute tag Subnet maskSubnet mask MetricMetric
00 31318 bits8 bits 8 bits8 bits 16 bits16 bits
Variable in length and therefore number Variable in length and therefore number of entries per packet.of entries per packet.
more IPv6 addresses and metricsmore IPv6 addresses and metrics
more IPv6 addresses and metricsmore IPv6 addresses and metricsmore IPv6 addresses and metricsmore IPv6 addresses and metrics
4141
ICMPICMP
Found in RFC 1885 and originally found in RFC 792.
The functions of ICMP are explained in 1885, but many other RFCs are referenced:
1970 for Neighbor Discovery 1191 for Path MTU Discovery
IPv4 extension.
Continues to provide some maintenance for an unreliable IPv6.
No ICMPv6 messages are sent for ICMPv6 errors.
4242
TypeType ChecksumChecksum
Message body based on Type andMessage body based on Type andCode fields (variable length)Code fields (variable length)
ICMPv6 EncapsulationICMPv6 Encapsulation
DADA SASA TFTF CRCCRCIP dataIP data
IPv6 headerIPv6 headerNext header = 56Next header = 56
ICMP messageICMP message
IPv6 headerIPv6 header
CodeCode
4343
ICMPv6 and ICMPv4ICMPv6 and ICMPv4
Cleaned up ICMPv4. Timestamp, source quench, and information
request and reply were deleted (picked up by other protocols)
Eliminated unused codes and types.
IGMP is moved into ICMPv6. ICMPv6 is not compatible with ICMPv4;
however, it is the same format
ICMPv6 does copy more of the offending datagram when sending an error message.
Error messages have types from 0 - 127 and informational messages have types from 128 - 255.
4444
ICMPv6 Error MessagesICMPv6 Error Messages
Destination Unreachable: No route to destination Communication with destination
administratively prohibited Not a neighbor Address Unreachable Port Unreachable
Packet Too Big: Returns the largest packet size available
for the forwarded port
4545
ICMPv6 Error Messages (continued)ICMPv6 Error Messages (continued)
Time Exceeded Message. Hop limit exceeded in transit fragment reassembly time exceeded
Parameter Problem. Erroneous header field encountered Unrecognized nest header type
encountered Unrecognized IPv6 option
4646
ICMP Informational MessagesICMP Informational Messages
Echo Request
Echo Reply
Good ol’ PING
4747
ICMP and Neighbor DiscoveryICMP and Neighbor Discovery
Router Solicitation
Router Advertisement
Neighbor Solicitation
Neighbor Advertisement
Redirect
4848
ICMPv6 and MulticastICMPv6 and Multicast
Group Membership messages Group Membership Query Group Membership Report Group Membership Reduction
(Leave Group)
4949
IPv6 Cache EntriesIPv6 Cache Entries
Destination cache–contains link layer information about destinations to which data has been recently sent.
Neighbor cache–contains link layer information about a neighbor.
Prefix List cache–created from router advertisements, this is a listing of local prefixes.
Router List cache–contains information about those routers to which packets may be sent.
5050
IPv6 AlgorithmIPv6 Algorithm Easier if you understand RFC 1970.
To transmit a datagram, the source must consult the destination cache, prefix list, and the default router.
It needs to determine the “next-hop”
A source first looks in the destination cache for a matching entry to the destination IP address.
If one is not found here, consult the prefix list cache
Local address, the next hop is simply that of the destination IP address
5151
RFCs Related to IPv6RFCs Related to IPv6 1883: Describes the IPv6 protocol (RFC 2147 updates [does not replace] RFC 1883). 2147 PS: D. Borman, “TCP and UDP over IPv6 Jumbograms,” 05/23/97, (3 pages) (.txt format) (updates RFC 1883). 2133 I: R. Gilligan, S. Thomson, J. Bound, W. Stevens, “Basic Socket Interface Extensions for IPv6,” 04/21/97 (32
pages). 2080 PS: G. Malkin, R. Minnear, “RIPng for IPv6,” 01/10/97 (19 pages). 2073 PS: Y. Rekhter, P. Lothberg, R. Hinden, S. Deering, J. Postel, “An IPv6 Provider-Based Unicast Address
Format,” 01/08/97 (7 pages).
2030 I: D. Mills, “Simple Network Time Protocol (SNTP) Version 4 for IPv4, IPv6, and OSI,” 10/30/96 (18 pages). 2019 PS: M. Crawford, “Transmission of IPv6 Packets Over FDDI,” 10/17/96 (6 pages). 1972 PS: M. Crawford, “A Method for the Transmission of IPv6 Packets Over Ethernet Networks,” 08/16/96 (4
pages). 1971 PS: S. Thomson, T. Narten, “IPv6 Stateless Address Autoconfiguration,” 08/16/96 (23 pages). 1970 PS: T. Narten, E. Nordmark, W. Simpson, “Neighbor Discovery for IP Version 6 (IPv6),” 08/16/96 (82 pages). 1933 PS: R. Gilligan, E. Nordmark, “Transition Mechanisms for IPv6 Hosts and Routers,” 04/08/96 (22 pages). 1924 I: R. Elz, “A Compact Representation of IPv6 Addresses,” 04/01/96 (6 pages). 1897 E: R. Hinden, J. Postel, “IPv6 Testing Address Allocation,” 01/25/96 (4 pages). 1888 E: J. Bound, B. Carpenter, D. Harrington, J. Houldsworth, A. Lloyd, “OSI NSAPs and IPv6,” 08/16/96 (16
pages). 1887 I: Y. Rekhter, T. Li, “An Architecture for IPv6 Unicast Address Allocation,” 01/04/96 (25 pages). 1885 PS: A. Conta, S. Deering, “Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6
(IPv6),” 01/04/96 (20 pages). 1884 PS: R. Hinden, S. Deering, “IP Version 6 Addressing Architecture,” 01/04/96 (18 pages) (.txt format). 1883 PS: S. Deering, R. Hinden, “Internet Protocol, Version 6 (IPv6) Specification,” 01/04/96 (37 pages) (updated by
RFC 2147). 1881 I: I. IESG, “IPv6 Address Allocation Management,” 12/26/95 (2 pages). 1809 I: C. Partridge, “Using the Flow Label Field in IPv6,” 06/14/95 (6 pages).