Upload
kelly-haynes
View
229
Download
3
Tags:
Embed Size (px)
Citation preview
IPv6 Addressing
Overall Application Scenario
IPv6 Addressing
IPv6 Addressing Architecturex:x:x:x:x:x:x:xx is a 16 bits hexadecimal fieldE.g.: 2001:0000:1234:0000:0000:C1C0:ABCD:0876
Case insensitive•2001:0000:1234:0000:0000:c1c0:abcd:0876
Leading zeros in a field are optional:•2001:0:1234:0:0:C1C0:ABCD:876
Successive fields of 0 are represented as ::, but only once in an address• 2001:0:1234::C1C0:ABCD:876• Not valid: 2001::1234::C1C0:ABCD:876Other examples:• FF02:0:0:0:0:0:0:1 => FF02::1• 0:0:0:0:0:0:0:1 => ::1• 0:0:0:0:0:0:0:0 => ::
IPv6 Addressing
IPv6 Addressing Allocation
Allocation Binary Prefix Fraction of address space
Unicast 001 1/8
Link Local address space
1111 1110 10 1/1024
Site Local address space
1111 1110 11 1/1024
Multicast 1111 1111 1/256
The Anycast addressing use the same address allocation as Unicast.
Example:Unicast2080:0:0:0:8:800:200C:317A=1080::8:800:200C:317AMulticastFF01:0:0:0:0:0:0:101=FF01::101
IPv6 Addressing
Interface-IDFP TLA-ID Res NLA-ID SLA-ID
≥3 ≤13 8 24 16 64
Public TopologySite
Topology Interface Identifier
Network Portion Node Portion
FP = Format Prefix (= 001 for globally aggregated unicast addresses)
TLA-ID = Top-level aggreation identifier
RES = Reserved for future use
NLA = Next-level aggregation identifier
SLA-ID = Site-level aggregation identifier
Interface ID = Interface identifier
IPv6 Addressing Format
IPv6 Addressing
MAC Address: 0000:0B0A:2D51 In binary:
00000000 00000000 00001011 00001010 00101101 01010001
Insert FFFE between Company-ID and Node-ID
00000000 00000000 00001011 11111111 11111110 00001010 00101101 01010001
Set U/L bit to 1
00000010 00000000 00001011 11111111 11111110 00001010 00101101 01010001
Resulting EUI-64 Address: 0200:0BFF:FE0A:2D51
Interface ID
IPv6 Addressing
Unicast Addressing
IPv6 Addressing
Anycast Addressing
IPv6 Addressing
Group-ID11111111 flgs
8 4 112
128 bit
scope
4
First 3 bits set to 0Last bit defines address type:0 = Permanent (or well-known)1 = Locally assigned (or transient)
Defines address scope0 Reserved1 Node-local scope2 Link-local scope5 Site-local scope8 Organization local scopeE Global scopeF Reserved
Multicast Addressing Format
IPv6 Addressing
Multicast Addressing
IPv6 Addressing
Link local Addressing
Examples
FE80::0060:08FF:FEB1:7EA2
FE80::200:CFF:FE0A:2C51
Interface-ID1111111010 0
10 54 64
128 bit
IPv6 Addressing
Site Local Addressing
Interface-ID1111111011 0
10 54 64
128 bit
Subnet-ID(SLA-ID)
16
ExamplesFEC0::0060:08FF:FEB1:7EA2
FEC0::200:CFF:FE0A:2C51
ICMPv6
ICMPv6
– Type 1: Destination Unreachable– Type 2: Packet Too Big (MTU)– Type 3: Time Exceeded– Type 4: Parameter Problem– Type 128/129: Echo request/Echo reply
ICMPv6
Code 0 - no route to destination
1 - communication with destination
administratively prohibited
2 - (not assigned)
3 - address unreachable
4 - port unreachable
Type=1 Code Checksum
As much of invoking packetas will fit without the ICMPv6 packetexceeding the minimum IPv6 MTU
32 bits
Unused
Unused This field is unused for all code values. It must be initialized to zero by the sender and ignored by the receiver.
Destination Unreachable
ICMPv6
Code Set to 0 by the sender and ignored by the receiver
MTU The maximum transmission unit of the next-hop link
Type=2 Code Checksum
As much of invoking packetas will fit without the ICMPv6 packetexceeding the minimum IPv6 MTU
32 bits
MTU
Packet too big(MTU)
ICMPv6
Code 0 – Hop limit exceeded in transit
1 – Fragment reassembly time exceeded
Type=3 Code Checksum
As much of invoking packetas will fit without the ICMPv6 packetexceeding the minimum IPv6 MTU
32 bits
Unused
Unused This field is unused for all code values. It must be initialized to zero by the sender and ignored by the receiver.
Time Exceeded
ICMPv6
Code 0 - erroneous header field encountered
1 - unrecognized Next Header type encountered
2 - unrecognized IPv6 option encountered
Type=4 Code Checksum
As much of invoking packetas will fit without the ICMPv6 packetexceeding the minimum IPv6 MTU
32 bits
Pointer
Pointer Identifies the octet offset within the invoking packet where the error was detected.
The pointer will point beyond the end of the ICMPv6 packet if the field in error is beyond what can fit in the maximum size of an ICMPv6 error message.
As much of invoking packetas will fit without the ICMPv6 packetexceeding the minimum IPv6 MTU
Pointer
Parameter Problem
ICMPv6
Code 0
Identifier An identifier to aid in matching Echo Replies to this Echo Request. May be zero.
SN A sequence number to aid in matching Echo Replies to this Echo Request. May be zero.
Data Zero or more octets of arbitrary data.
Type=128 Code=0 Checksum
Data
32 bits
Identifier Sequence Number
Echo Request
ICMPv6
Code 0
Identifier The identifier from the invoking Echo Request message.
SN The sequence number from the invoking Echo Request message
Data The data from the invoking Echo Request message.
Type=129 Code=0 Checksum
Data
32 bits
Identifier Sequence Number
Echo Reply
Neighbor Discovery
Neighbor Discovery
Defines five ICMPv6 packets1. Router solicitation (RS)2. Router advertisement (RA)3. Neighbor solicitation (NS)4. Neighbor advertisement
(NA)5. Redirect
Neighbor Discovery
Router solicitation (RS)
Type=133 Code Checksum
Reserved
32 bits
Options....
Neighbor Discovery
Router advertisement (RA)
Type=134 Code Checksum
Reachable Time
32 bits
Hop Limit M O Reserved Router lifetime
Retransmit Timer
Options....
Neighbor Discovery
RS and RA procedure
Neighbor Discovery
Router advertisement in routers
Neighbor Discovery
Type=135 Code Checksum
Reserved
32 bits
Target address
Options....
Neighbor solicitation (NS)
Neighbor Discovery
Type=136 Code Checksum
Reserved
32 bits
Target address
Options....
R S O
Neighbor advertisement (NA)
Neighbor Discovery
Redirect
Type=137 Code Checksum
Reserved
32 bits
Target address
Options....
Destination address
Neighbor Discovery
A
B
C
D
E
F G
Default GW-List
ABC
ICMP Redirect to Router B
Path used with Default Gateway "A"
Host 3
Sent data to Host 3 using Default GW "A"
Redirect traffic via Router B
Redirect Procedure
Neighbor Discovery
Check neighbor cache for existing next-hop entry for particular destination
Check whether destination is on- or off-link On-link: Sent directly to destination Off-link: Sent to default router Identify link-layer address of next-hop
Next Hop Discovery
Neighbor Discovery
Uses Neighbor solicitation & advertisements Node checks neighbor cache first If no entry exists, node creates IP entry with state
INCOMPLETE Node then sends NS to solicited-node multicast
address Source address of NS is a unicast address Receiving node responds with NA indicating it‘s
own link-level address Soliciting node updates neighbor cache entry
from INCOMPLETE to REACHABLE upon receiption of NA
Address Resolution
Neighbor Discovery
2 ways to verify neighbor reachability: Using hints from upper-layer protocols From responses to neighbor solicitations
Forward direction communication (FDC) must be possible for a neighbor to be REACHABLE
FDC is verified if forward progress is being made by an upper-layer protocol (i.e. TCP, receiption of TCP acks)
If no verification can be received from upper-layer protocols (like UDP): Node actively probes neighbors to determine reachability state
Probes are sent in conjunction with traffic. No traffic, no probes! Probe is neighbor solicitation (NS) Neighbor advertisement (NA) reply is expected to establish FDC
Neighbor Unreachability Detection
Neighbor Discovery
Must be performed by all nodes Performed before assigning a unicast address to an interface Performed on interface initialization Not performed for anycast addresses Link must be multicast capable New address is called "tentative" as long as duplicate address
detection takes place1. Interface joins all-nodes multicast group2. Interface joins solicited-node multicast group3. Node sends (one) NS with
Target address = tentative IP addressSource address = unspecified (::)Destination address = tentative solicited-node address
If address already exists, the particular node sends a NA reply withTarget address = tentative IP addressDestination address = tentative solicited-node address
If soliciting node receives NA reply with target address set to the tentative IP address, the address must be duplicate
Duplicate Address Detection
LOGO