IPv6 Addressing Leo T. Chiang E-Mail: tt_chiang@ringline.com.tw

1
IPv6 AddressingLeo T. ChiangE-Mail
tt_chiang_at_ringline.com.tw
2
Introduction IPv4 Challenges
IPv4 Challenges IPv6 Solutions
Internet address depletion Limits growth for existing users Hinders new users Internet routing can be inefficient Often requires translation (NAT) Expanded address space Hierarchical address structure Less header fields More flexible Options Route aggregation
System management costs Labor-intensive, complex, error-prone Inconsistent level of DHCP support Network renumbering Neighbor discovery Autoconfiguration Automatic renumbering Transition mechanisms
Security Disparate, often retrofitted solutions SSL, SHTTP, IPSECv4, etc. Security features are optional IPSec Filters Traffic Class and Flow Labels
The Future More than just people connected to the Internet Expanded address space IP Mobility Traffic Class and Flow Labels
3
IntroductionPossible Solution New Address
Scheme

• 32 bits for IPv4 addressing
• 232 or 4,294,967,296 IPv4 addresses available
• 50 of IPv4 address space is still unallocated
• 2 billion addresses exhausted for DNS-documented
  51 million systems
• 70 of Fortune 1000 are using NAT
• 128 bits for IPv6 addressing
• 340,282,266,920,938,463,463,374,607,431,768,211,46
  5 (or 3.4 x 1038) addresses available
• 16-bit colon hexadecimal notation

4
20 octets options 13 fields, including 3 flag
bits
IPv6 Features BenefitsChanges from IPv4
0 bits
31
4
8
24
16
Ver
IHL
Total Length
Service Type
Identifier
Flags
Fragment Offset
Header Checksum
Protocol
Time to Live
32 bit Source Address
32 bit Destination Address
Options and Padding
Removed
Changed
5
IPv6 Features BenefitsHeader 40 Bytes, 8
Fields
0
31
4
12
24
16
Traffic Class
Version
Flow Label
Payload Length
Next Header
Hop Limit
128-bit Source Address
128-bit Destination Address
6
IPv6 Features BenefitsHeader Extensions

• IP options become optional Extension Headers
• Extension Headers are chained together
• Enables greater IP service potential

IPv6 Header
TCP Header
Application Data
Next TCP
IPv6 Header
TCP Header
Routing Hdr
Application Data
Next Routing
Next TCP
IPv6 Header
TCP Header
Security Hdr
Fragment Hdr
Data Frag
Next Security
Next Frag
Next TCP
7
Benefits of IPv6 extension headers

• IPv4 options drawbacks
• IPv4 options required special treatment in
  routers
• Options had negative impact on forwarding
  performance
• Rarely used

• Benefits of IPv6 extension headers
• Extension headers are external to IPv6 header
• Routers do not look at these options except for
  Hop-by-hop options
• No negative impact on routers forwarding
  performance
• Easy to extend with new headers and option

8
IPv6 Features BenefitsHeader Improves
Processing Performance

• Fixed size IPv6 header
• Options not limited to 40 bytes as in IPv4
• Fewer fields in basic header faster processing
  of basic packets
• 64-bit alignment header/Options
• Efficient Option processing
• Fields processed only when present
• Most Options processed only at destination
• Checksum removed from Network Layer
• Data links now more reliable
• Performed at Upper Layers (e.g. TCP, UDP, ICMPv6)
• No Fragmentation in the network
• More router cycles available for forwarding
• Easier to implement in silicon
• Easy for Layer 3 Switching of IP

9
IPv6 extension header orders

• RFC 2460 recommends following order
• IPv6 header
• Hop-by-hop options header
• Destination options header
• Routing header
• Fragment header
• Authentication header
• ESP header
• Destination options header
• Upper-layer header

10
Currently available IPv6 options

• Hop-by-hop
• Must be processed by every node on the packets
  path
• Must always appear immediately after IPv6 header
• Two Hop-by-hop options already defined
• Router alert option
• Jumbo payload option
• Destination
• Meant to carry information intended to be
  examined by the destination node
• Only options currently defined are padding
  options to fill out header on a 64-bit boundary
  if (future) options require it

11
IPv6 Features Benefits Addressing Model

• Addresses are assigned to interfaces
• No change from IPv4 Model
• Interface can have multiple addresses
• Addresses have scope
• Link Local specifies subnet
• Site Local specifies private address (like 10.x
  in v4)
• Global specifies global (advertised)
  significance
• Addresses have lifetime
• Valid timer for address life
• Preferred new address may supersede existing,
  valid address
• Neighbor Discovery
• Replaces ARP, ICMP Router Discovery, and ICMP
  Redirect IPv4 functionality
• Used by hosts to
• Discover neighboring routers, addresses,
  configuration parameters
• Used by routers to
• Advertise presence, host configuration
  parameters, next-hop

12
IPv6 Features Benefits Address Structure

• An IPv6 Address formed by two entities
• Separates who you are from who you are
  connected to
• Routing Prefix - Routing Topology
• Node Identification - Interface Identifier
• Prefix Interface ID sections not fixed sizes
• Example Ethernet MAC address mapped to Interface
  ID

Prefix Representation 3FFE0301DEC1/64
13
IPv6 Address Representation

• 128 bits
• Represented by 8 colon-separated segments
• Each 16-bit segment written in hexadecimal
• Example
• 3ffe370011000001d9e60b9d14c645ee

14
IPv6 Address Compaction

• Leading zeroes in a 16-bit segment can be
  compacted

Example fe800210110000060030a4ff000c0097
Becomes fe802101100630a4ffc97
15
IPv6 Address Compaction

• All zeroes in one or more contiguous 16-bit
  segments can be represented with a double colon
  ()

Example ff020000000000000000000000000001
Becomes ff021 BUT
16
IPv6 Address Compaction

• Double colons can only be used once

Example 2001000000000013000000000b0c3701
Can be 20011300b0c3701 Or 20010013
b0c3701 But not 200113b0c3701
17
Imbedded IPv4 Addresses

• Some transition mechanisms imbed IPv4 addresses
  in IPv6 addresses
• Imbedded IPv4 addresses are represented with
  dotted decimal

Examples 13.1.68.3 ffff129.144.52.38 fe08
5efe172.24.240.30
18
IPv6 Prefix Representation

• CIDR-like notation used to specify prefix length

Examples 3ffe002300ce21233fea0bc94/60 20
1468110211/64
19
IPv6 Prefix Compaction
20020000000018d00000000000000000/60
Can be represented as
200218d00000/60
20020018d0/60
20
IPv6 Address Types

• Unicast
• Identifies a single interface
• Packet sent to a unicast address is delivered to
  the interface identified by that address
• Anycast
• Identifies a set of interfaces
• Packet sent to an anycast address is delivered to
  the nearest interface identified by that address
  (as defined by the routing protocol)
• Multicast
• Identifies a set of interfaces
• Packet sent to a multicast address is delivered
  to all interfaces identified by that address
• IPv6 has no broadcast addresses
• IPv6 uses "all-nodes" multicast instead

21
IPv6 Address Scope

• Link-Local
• Used on a single link
• Packets with link-local source or destination
  addresses are not forwarded to other links
• Site-Local
• Used for a single site
• Packets with site-local source or destination
  addresses are not forwarded to other sites
• Global
• A globally unique address
• Packets with global addresses can be forwarded to
  any part of the global network

22
Identifying Address Types
Type IPv6 Prefix Unspecified
/128 Loopback
1/128 Multicast
ff00/8 Link-Local Unicast
fe80/10 Site-Local Unicast
fec0/10 Global Unicast/Anycast everything else
23
Global Unicast AddressesTLA/NLA Format (Being
Obsoleted)
128 bits
3
13
8
24
16
64
Site Topology
Public Topology
Interface Identifier
Network Portion
Node Portion

• FP Format Prefix ( 001 for globally aggregated
  unicast addresses)
• TLA-ID Top-level aggreation identifier
• RES Reserverd for future use
• NLA Next-level aggregation identifier
• SLA-ID Site-level aggregation identifier
• Interface ID Interface identifier

24
Global Unicast AddressesNew Format
128 bits
3
45
16
64
Interface-ID
001
Global Routing Prefix
Subnet
Site Topology
Public Topology
Interface Identifier
Network Portion
Node Portion

• Global Routing Prefix uses CIDR-like hierarchy
• Everyone (from corporations to residences) gets
  48-bit prefix
• Everyone gets 16-bit subnet space
• There are some exceptions (very large
  subscribers, mobile nodes)

25
Global Unicast AddressesWhy Fixed Prefix and
Subnet Lengths?

• Changing ISPs becomes simpler
• Eliminates need to justify address space
• Plenty of room to grow
• 001 is only 1/8th of total address space
• 16-bit subnet field sufficient for most
  subscribers
• Can simplify multihoming
• See RFC 3177 for more information

26
Interface ID

• Unique to the link
• Identifies interface on a specific link
• Can be automatically derived
• IEEE addresses use MAC-to-EUI-64 conversion
• Other addresses use other automatic means
• Can be used to form link-local address
• Can be used to form global address with stateless
  autoconfiguration

27
EUI-64

• ipconfig /all
• ? MAC 00-02-3F-75-68-83
• 2. 00000000-00000010-00111111-01110101-01101000-1
  0000011
• 00000000-00000010-001111111111111111111110011101
  01-01101000-10000011
• 00000010-00000010-001111111111111111111110011101
  01-01101000-10000011
• 000000100000001000111111111111111111111001110101
  0110100010000011
• 2023FFFFE756883
• ?fe802023FFFFE756883

28
Multicast Address Format
128 bit
8
4
112
4
Group-ID
11111111
flgs
scop

• Defines address scope
• 0 Reserved
• Node-local scope
• Link-local scope
• Site-local scope
• Organization local scope
• E Global scope
• F Reserved

First 3 bits set to 0 Last bit defines address
type 0 Permanent (or well-known) 1 Locally
assigned (or transient)
29
A Few Well-known Multicast Addresses
IPv6 Well-known multicast address IPv4 Well-known multicast address Multicast Group
Node-local scope Node-local scope Node-local scope
FF011 224.0.0.1 All-nodes address
FF012 224.0.0.2 All-routers address
Link-local scope Link-local scope Link-local scope
FF021 224.0.0.1 All-nodes address
FF022 224.0.0.2 All-routers address
FF025 224.0.0.5 OSPFIGP
FF026 224.0.0.6 OSPFIGP-DRs
FF029 224.0.0.9 RIP routers
FF02D 224.0.0.13 All PIM routers
Site-local scope Site-local scope Site-local scope
FF052 224.0.0.2 All-routers address
Any valid scope Any valid scope Any valid scope
FF0X101 224.0.1.1 Network time protocol NTP
30
Configuration ExampleIOS Router Interface
interface Ethernet2 ip address 206.196.180.113
255.255.255.240 ipv6 address 3FFE3700110211/
64 ipv6 address 201468110211/64
31
Configuration ExampleJUNOS Router Interface
edit lab_at_Juniper5 show interfaces
fe-0/1/1 unit 0 family inet
address 206.196.180.113/28 family
inet6 address 3FFE3700110211/64
address 201468110211/64
32
ICMPv6

• Many of the same functions as ICMPv4
• ICMPv4 Protocol Number 1
• ICMPv6 Next Header Number 58
• Adds new messages and functions
• Neighbor discovery
• Stateless autoconfiguration
• Mobile IPv6

33
ICMPv6 Message Types

• Defined in RFC 2463

Type Message 1 Destination Unreachable 2 Pa
cket Too Big 3 Time Exceeded 4 Parameter
Problem 128 Echo Request 129 Echo Reply
34
ICMPv6 New Message Types

• Defined in RFC 2461
• Used for Neighbor Discovery protocol

Type Message 133 Router Solicitation
(RS) 134 Router Advertisement
(RA) 135 Neighbor Solicitation (NS) 136
Neighbor Advertisement (NA) 137 Redirect
35
IPv6 Neighbor Discovery

• RFC 2461
• Neighbor can be router or host
• Performs several functions
• Link-layer address resolution
• Router discovery
• Local prefix discovery
• Address autoconfiguration
• Parameter discovery
• Next-hop determination
• Tracks neighbor and router reachability
• Duplicate address detection
• Redirects

36
Comparison to IPv4 Functions

• Similar IPv4 functions
• ARP
• ICMP Router Discovery
• ICMP Redirect
• IPv4 has no agreed-upon mechanism for neighbor
  unreachability detection
• Detects failing routers and links
• Detects nodes that change their link-layer
  address
• Unlike ARP, detects half-link failures

37
Improvements over IPv4

• Router discovery part of base protocol
• Hosts do not need to snoop routing protocols
• RAs and redirects carry link-layer addresses
• No additional packet exchange needed
• RAs carry link prefixes
• No separate mechanism to configure netmasks
• Enables address autoconfiguration
• Multiple prefixes can be associated with same
  link
• RAs can advertise link MTUs
• Ensures all nodes on link use same MTU value
• Immune to reception of off-link ND messages
• Hop limit always set to 255
• IPv4 ICMP Redirects and Router Discovery messages
  can be sent from off-link

38
IPv6 Features Benefits Autoconfiguration

• Improves Plug-and-Play, operational simplicity
• Eases renumbering
• Eases address management
• Enables local mobility
• Types
• Stateful- uses DHCPv6
• Clients obtain address and / or configuration
  from a DHCP server
• DHCP server provides tight control over addresses
• Stateless - uses Neighbor Discovery
• Routers advertise prefixes
• Hosts generate an "interface token"
• Address is formed by combining the two

IPv6 Infrastructure
Router Solicitation via ND
Router Advertisement via ND
Host IP information configured dynamically
39
Address Autoconfiguration

• Stateless autoconfiguration
• Requires only a router
• Key advantage for applications such as Mobile IP
• Stateful autoconfiguration
• When more control is desired
• DHCPv6
• Stateless and stateful can be combined
• M and O flags in RA
• M flag Stateless Address Autoconfiguration Y/N
• O flag Stateless Autoconfigure Other Parameters
  Y/N

40
Stateless Autoconfiguration

• Interface ID automatically derived
• IEEE addresses use MAC-to-EUI-64 conversion
• Other addresses use other means, such as random
  number generation
• Host creates a link-local address
• Host performs duplicate address check
• Host sends RS to the all-routers multicast
  address (ff012)
• Router unicasts RA with prefix information
• Host adds prefix to Interface ID to form global
  unicast address

41
MAC-to-EUI-64 Conversion

• First three octets of MAC becomes Company-ID
• Last three octets of MAC becomes Node-ID
• 0xfffe inserted between Company-ID and Node-ID
• Universal/Local-Bit (U/L-bit) is set to 1 for
  global scope

42
MAC-to-EUI-64 Conversion Example

• MAC Address 00000b0a2d51
• In binary
• 00000000 00000000 00001011 00001010 00101101
  01010001

U/L Bit
Company-ID
Individual Node-ID

• Insert fffe between Company-ID and Node-ID
• 00000000 00000000 00001011 11111111 11111110
  00001010 00101101 01010001
• Set U/L bit to 1
• 00000010 00000000 00001011 11111111 11111110
  00001010 00101101 01010001
• Resulting EUI-64 Address 02000bfffe0a2d51

fffe
U/L Bit
43
Using the EUI-64 Interface ID

• EUI-64 Address
• 200bfffe0a2d51
• Link-Local Address
• fe80200bfffe0a2d51
• Global Unicast Address
• 3ffe370011001200bfffe0a2d51

44
Stateful AutoconfigurationDHCPv6

• Currently in Internet-draft
• Many changes from DHCPv4
• Configuration of dynamic updates to DNS
• Address deprecation for dynamic renumbering
• Authentication
• Clients can ask for multiple IP addresses
• Addresses can be reclaimed
• Integration between stateful and stateless
  autoconfiguration
• Uses multicasting
• All_DHCP_Agents ff0212
• All_DHCP_Servers ff0513

45
Configuration ExampleRouter Discovery
edit lab_at_Juniper5 show interfaces
fe-2/1/0 unit 0 family inet6
address 2001468110011/64 address
3ffe3700110011/64 edit lab_at_Junipe
r5 show protocols router-advertisement interface
fe-2/1/1.0 other-stateful-configuration
prefix 3ffe370011001/128 prefix
200146811001/128
46
Configuration ExampleWindows XP Host
C\Documents and Settings\Jeff Doylegtipv6 if
4 Interface 4 Ethernet Local Area Connection 2
uses Neighbor Discovery uses Router Discovery
link-layer address 00-10-a4-a0-bc-97
preferred global 200146811001d9e6b9d14c645e
e, life 6d21h14m26s/21h12m4s (anonymous)
preferred global 200146811001210a4fffea0bc9
7, life 29d23h59m25s/6d23h59m25s (public)
preferred global 3ffe370011001d9e6b9d14c645
ee, life 6d21h14m26s/21h12m4s (anonymous)
preferred global 3ffe370011001210a4fffea0bc
97, life 29d23h59m25s/6d23h59m25s (public)
preferred link-local fe80210a4fffea0bc97,
life infinite multicast interface-local
ff011, 1 refs, not reportable multicast
link-local ff021, 1 refs, not reportable
multicast link-local ff021ffa0bc97, 3 refs,
last reporter multicast link-local
ff021ffc645ee, 2 refs, last reporter link
MTU 1500 (true link MTU 1500) current hop limit
64 reachable time 22000ms (base 30000ms)
retransmission interval 1000ms DAD transmits 1
47
????IPv6??(Allocated)??????IPv6?? 103
?????? 2003/05/19

48
TAIWAN IPv6??????