IPv6
Paul Schopis pschopis@itecohio.org
IPv4 has 12 mandatory fields in its Header.
Version
TTL
HD Len
Identification
Protocol
TOS
Source Address
Flags
Total Length
Frg Offset
Header Checksum
Destination Address
Options Padding
32 bits
20 Octets
IPv6 removes Six fields and is simpler
Version Traffic Class
Payload Length
Flow Label
Next Header Hop Limit
Source Address
Next Header
Destination Address
Extension Header Info
32 bits
IPv6 Headers are 40 bits long and 64 bit aligned for fast processing. Addresses are 128 bits e.g. 4x IPv4.
Extension Headers
Multiple headers must follow designated order
1. IPv6 Header
2. Hop-by-Hop Options
3. Destination Header(Placed here used with Routing Header)
4. Routing Header
5. Fragment Header
6. Authentication Header
Extension Headers
7. Encapsulation Security Payload
(ESP)
8. Destination Options
9. Upper Layer (TCP/UDP)
Hop-by-Hop Options Header
• Every node processes the Hop-by-Hop
Header
• Primarily used for
– Router Alerts
– Jumbograms
• Jumbogram = Type 194
– Fragment Header is not present
– Packet Exceeds 65,535 octets
Destination Options
• Not processed by routers
• Header Type = 60
• Options field allows rich number of options e.g. > 256.
Next Header Ext Header Length
Options Continued
Options
Option Type 8bits Option Data Len Option Data
Action
Change Number
Action
Bits
“00”
“01”
“10”
“11”
Action
Skip this Option
Discard No ICMP Report
Discard send ICMP Report for both unicast and multicast
Discard send ICMP Report only if not Multicast.
Routing Header
• Type = 43
• Explicit Routing Path
• Does not require a complete list
• Number of Headers does not change but is updated.
Fragment Header
• Host is responsible for fragmenting
– Assumes MTU discovery is in use
• Only used when packet exceeds MTU
• Routers do not deal with Fragmentation
Next Header Reserved Fragment Offset Reserved More Frag
Identification
Authentication Header
Type = 51
1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Next Header Payload Len Reserved
Security Parameters Index SPI
Sequence Number
Authentication Data
Upper Layer Protocols
• TCP is unchanged
• UDP unlike IPv4, checksum is no longer optional it is mandatory.
ICMPv6
• Now includes Multicast functions
– Multicast Listener Protocol
• Type Field and Code Field allow more discrete treatment per Type.
1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Type Code Checksum
Options
Packet Data
Two Broad Categories
• Error Messages
• Informational
Destination Unreachable
Code Meaning
0 No route to Destination
1 Communication with destination administratively prohibited
2 (Not Assigned)
3 Address Unreachable
4 Port Unreachable
Type = 1 Code = 0-4
Unused
Checksum
As much of the original packet that will fit without
Violating the MTU
Packet Too Big
Type = 2 Code = 0
MTU
Checksum
As much of the original packet that will fit without
Violating the MTU
Time Exceeded Message
• Type = 3
• It has two codes
– 0 = Hop Limit Exceeded
– 1 = Fragment reassembly time exceeded.
• Identical to Destination Unreachable except for type and code values.
Parameter Problem
Code Meaning
0 Erroneous Header Field Encountered
1 Unrecognized Next Header Type
2 Unrecognized IPv6 Option encountered
Type = 4 Code = 0 - 2 Checksum
Pointer
As much of the original packet that will fit without
Violating the MTU
Echo and Echo Reply
Type = 128/129 Code = 0
Identifier
Data
Checksum
Sequence Number
Multicast Listener Protocol
Types
130 = Query
131 = Report
132 = Done
Type Code
Maximum Response Delay
Checksum
Reserved
Multicast Address
Neighbor Discovery Protocol
• Combines several IPv4 features into a single protocol.
• Replaces
– ARP
– Router Discovery
– Redirect Messages
Router Solicitation Message
Type = 133 Code = 0
Reserved
Checksum
Destination Address
Source Link Layer Address (optional)
Destination Address = All routers Multicast Address
Source Address = Sending Nodes Address or unspecified
Neighbor Discovery –Router
Solicitations
RS
RA
ICMP Type = 133
Src = Unspecified address
Dst = All-routers multicast address
At boot time, nodes send router solicitations to receive
Router Advertisements
Router Advertisement Message
1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Type = 134 Code = 0
Hop Limit MO Reserved
Reachable Time
Checksum
Router Lifetime
Retransmission Timer
Options: 1 Source Link Layer Address
2.MTU
3. Prefix Information
If M = 1 hosts use stateful address management ex. DHCPv6
IF O = 1 Hosts use stateful autoconfiguration for non- address configuration
Neighbor Discovery –Router
Advertisements
RA RA
ICMP Type = 134
Src = Router link-local address
Dst = All nodes multicast address
Data = options, prefix, lifetime, autoconfig flag
Neighbor Solicitation Message
1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Type = 135 Code = 0
Reserved
Checksum
Target Address
Optional Source Link Layer Address
Sender is requesting Data Link Layer address from Target and provides its Data Link Layer Address
Neighbor Advertisement
Message
Type =136 Code = 0
RSO Reserved
Checksum
Target Address
Optional Target Link Layer Address
R = Router
S = Response to Neighbor Solicitation
O = Over ride existing LLA cache
Neighbor Discovery-Neighbor
Solicitation
A B
ICMP Type =135
Src =A
Dst = Solicited-node multicast of B
Data = Link-Layer address of A
Query = what is your link address?
Neighbor Discovery-Neighbor
Advertisement
A B
ICMP type = 136
Src = B
Dst = A
Data = link-layer address of B
A and B can now exchange packets
Redirect Message
Type = 137 Code = 0
Reserved
Checksum
Target Address
Destination Address
Options: Target Link Layer Address
Redirected Header
Sent by router to inform host of better first hop.
Neighbor Discovery –Redirect
2001:468:B01:2::1/64
R1
A B
R2
Src = A
Dst IP = 2001:468:B01:2::1/64
Ether Default = R2
Redirect:
Src = R2
Dst = A
Data = good router = R1
Neighbor Discovery Options
• Type 1 and 2 share the same format
• Type 1 is Source Data Link Layer
• Type 2 is Target Data Link Layer
1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Type Length Link Layer Address
Prefix Information Option
1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Type = 3 Length Prefix Length L A Reserved
Valid Lifetime
Preferred Lifetime
Reserved2
Prefix
L Bit = May used for on-link determination
A Bit = Prefix may be used for address autoconfiguration
Redirected Header Option
Type = 4 Length
Reserved
IP Header + Data
Reserved
IP Header and Data field contains original packet tuncated so
It is <= 1280 Octets
MTU Discovery Option
Reserved Type = 5 Length = 1
MTU
Ensures all links use same MTU
Path MTU Algorithm
Source MTU =
Path MTU
Send Packet
Packet Too
Big Message
Yes No
Reduce Packet
Size
Send Packet
Periodically retest
For Path MTU
Address Representation
• Format
– X:X:X:X:X:X:X:X where X is a 16 bit hexadecimal field
– 2001:0468:0B01:0003:0000:0000:0000:0001
• Leading zeros
– Leading Zeros may be truncated
– 2001:486:B01:3:0:0:0:1
• Successive fields of zeros
– May be eliminated with :: but only once within an address
– 2001:468:B01:3::1
Address Representation
• IPv4-Compatible
– =0:0:0:0:0:0:192.168.30.1
– =::192.168.30.1
– =::C0A8:1E01
• In a URL use brackets
– http://[2001:1:4F3A::206:AE14]:8080/index.html
– Brackets delimiter for : as part of IPv6 address verses port number
Address Representation
Continued
• IPv4 Mapped addresses.
– 0:0:0:0:0:FF:192.168.30.1
– =::FF:192.168.30.1
– =::FF:C0A8:1E01
Unspecified and Loopback
Address
• Unspecified address:
– 0:0:0:0:0:0:0:0 or more simply ::
– Used as a place holder when no address is available.
• Loopback Address:
– 0:0:0:0:0:0:0:1 or ::1
– Same as 127.0.0.1 in IPv4
– Ids self.
10 bits
Link-Local
54 bits set to 0 64 bits interface ID
• Reserved address:
– In binary is 1111 1110 10
– In hexadecimal is FE80::/10
• Link-Local Addresses:
– Have scope limited to Link
– Automatically configured with interface ID
Site-Local
10 bits Site Local 38 bits of 0 16 bits subnet ID 64 bits Interface
• Reserved Address:
– In binary 1111 1110 11
– In Hexadecimal FEC0::/10
• Site-Local Address:
– Have site limited scope
– Gives topology info via the subnet field.
Aggregatable Global Unicast
Addresses
Host
Provider Site
TLA RES NLA SLA
3 13 8 24 bits 16 bits
Interface ID
64 bits
• TLA – Top Level Aggregator
• RES – Reserved
• NLA – Next Level Aggregator
• SLA – Site Level Aggregator
Multicast
• First byte is FF e.g. 1111 1111 binary.
• First half of next byte is Flag.
– 0 = permanent
– 1 = temporary
• Second half is scope.
– 1= node
– 2 = link
– 5 = site
– 8 = organization
– E = global
Multicast
F F 0 or 1 1,2,5,8 or E
– Examples
• FF02::/16 = Link-Local
• FF08::/16 = Organizational
• FF0E::/16 = Global
Multicast Assigned Addresses
FF0X:: is reserved where x=(0..F)
Address
FF01::1
FF02::1
FF01::2
Scope
Node-Local
Link-Local
Node-Local
FF02::2
FF05::2
Link-Local
Site-Local
FF02::1:FFXX:XXXX Link-Local
Meaning
All Nodes
All Nodes
All Routers
All Routers
All Routers
Solicited Node
Anycast
• Similar to multicast except only one node needs to receive packet
• All routers are required to support it
• In it’s simplest form it is:
Subnet Prefix n bits 128-n of 0s
Example: 2002:C058:6301:: for 6t04 relay routers
Anycast EUI-64 Format
• 64 bit prefix
• 57 bits of ones, except 7 th bit from left set to zero
• 7 bit Anycast ID
64 bit prefix
11111101…111 Anycast ID
Anycast Non-EUI-64
• N number of bits in prefix (Variable)
– allows greater granularity
• (128-n of ones)-7
• 7 bits of Anycast ID
Prefix
111111111… Anycast ID
Defined Anycast Ids: 7F reserved
7E Mobile home networks
00 – 7D Reserved
Required Node Addresses
• Link-Local
• Loopback Address
• Assigned Unicast Address
• All-Nodes Multicast Address
• Solicited-Node Multicast for each unicast and anycast address
• Multicast address for all groups to which it belongs
• Site-Local address if used
Kernel IPv6 routing table
Destination
::1/128
Flags Metric Ref Use Iface
U 0 0 0 lo fe80::206:5bff:fe01:7e02/128 U 0 0 0 lo fe80::/10 ff00::/8
::/0
UA 256 0 0 eth0
UA 256 0 0 eth0
UDA 256 0 0 eth0
eth0 Link encap:Ethernet HWaddr 00:06:5B:01:7E:02inet addr:199.18.97.146 Bcast:199.18.97.255 Mask:255.255.254.0 inet6 addr: fe80::206:5bff:fe01:7e02/10 Scope:LinkUP
BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 lo Link encap:Local
Loopbackinet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1 sit0 Link encap:IPv6-in-IPv4
NOARP MTU:1480 Metric:1
Required Router Addresses
• All required node addresses
• Subnet-router anycast addresses for interfaces configured to act as forwarding interfaces.
• Other anycast configured addresses
• All-routers multicast address
• Specific multicast addresses for routing protocols.
FastEthernet0/0 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::201:42FF:FE59:B310
Description: Native IPv6
Global unicast address(es):
2001:468:B01:0:201:42FF:FE59:B310, subnet is 2001:468:B01::/64
Joined group address(es):
FF02::1
FF02::2
FF02::1:FF59:B310
Addressing Architecture
Prefix Hex Size
0000 0000 0000-00FF 1/256
0000 0001 0100-01FF 1/256
0000 001 0200-03FF 1/128
0000 010 0400-05FF 1/128
0000 011 0600-07FF 1/128
0000 1 0800-0FFF 1/32
0001
001
1000-1FFF 1/16
2000-3FFF 1/8
Allocation
Reserved
Unassigned
NSAP
IPX->Moving to Unassigned
Unassigned
Unassigned
Unassigned
IANA to registries
Prefix
010,011,100,101,
110
1110
1111 0
1111 10
1111 110
1111 1110 0
1111 1110 10
1111 1110 11
1111 1111
Addressing Architecture
Continued
4000-CFFF
Hex
D000-EFFF
F000-F7FF
F800-FBFF
FC00-FDFF
FE00-FE7F
FE80-FEBF
FEC0-FEFF
FF00-FFFF1/256
5*1/8=5/8
Size
1/16
1/32
1/64
1/128
1/512
1/1024
1/1024
1/256
Allocation
Uassigned
Unassigned
Unassigned
Unassigned
Unassigned unassigned
Link-Local
Site-Local
Multicast
IPv6 over Data Link Layers
• Ethernet
• FDDI
• Token Ring
• Arcnet
• PPP
• NBMA
• ATM
• Frame Relay
IPv6 over Ethernet
• IPv6 has a specific Ethernet protocol ID
Ethernet
Destination
Address
Ethernet
Source
Address
0x86DD
IPv6 packet
Ethernet MAC
Address 48 bits
EUI-64
00 90 27 17 FC 0F
00 90 27 17 FC 0F
FF FE
00 90 27 FF FE 17 FC 0F 64 bits Version
Uniqueness mask 000000X0 where X=1 is unique and X=0 in not unique. So if X=1 then the EUI-64 Address is 02 90 27 FF FE 17 FC 0F
Multicast Mapping over
Ethernet
FF02 0000 0000
IPv6 Multicast Address
0000 0000 0001 FF17 FC0F
Ethernet multicast prefix
33 33 FF 17 FC 0F