0
1 2 3 4 5 6
IPv6簡介
National Dong Hwa University
Director of Computer Center
Han-Chieh Chao
趙涵捷
中華民國九十年三月三十日
0

• Limitations of current Internet Protocol (IP)
• How many address do we need?
• IPv6 addressing
• IPv6 header format
• IPv6 features
• Mobile IPv6
• IPv6 v.s. IPv4
• Summary
0

• Example: 203.64.105.100
=1100 1011:0100 0000:0110 1001:0110 0100
= CB:40:69:64 (32 bits)
• Maximum = 2 32 = 4 Billion
• Class A Network: 15 Million nodes
• Class B Network: 64,000 nodes or less
• Class C Network: 250 nodes or less
0

• Class A
• Class B
• Class C
• Class D
0 Network Local
1 17 24 bits
10 Network Local
2 14 16 bits
110 Network Local
3 21 8 bits
1110 Host Group (Multicast)
4 28 bits
0

• Local = Subnet + Host (Variable length)
Router Router
Subnet
0

• Three all-zero network numbers are reserved
• 127 Class A + 16,381 Class B + 2,097,151 Class C
Network = 2,113,659 networks total
• Class B is most popular
• 20% of Class B were assigned by 7/90 and doubling every 14 months => Will exhaust by
3/94
• Question: Estimate how big will you become?
Answer: more than 256!
Class C is too small. Class B is just right.
0

• Expanded Address Space
• Header Format Simplification
• Auto-configuration
• Multi-Homing
• Class of Service/Multimedia support
• Authentication and Privacy Capabilities
• No more broadcast
Multicast
• IPv4 IPv6 Transition Strategy
0

• 10 Billion people by 2020
• Each person will be served by more than one computer
• Assuming 100 computers per person => 10 12 computers
• More addresses maybe required since
– Multiple interfaces per node
– Multiple addresses per interfaces
0

• Some believe 2 6 to 2 8 address per host
• Safety margin => 10 15 addresses
• IPng Requirements => 10 12 end systems and 10 9 networks. Desirable 10 12 to 10 15 networks
0

• Dot-Decimal: 203.64.105.100
• Colon-Hex:
FEDC:0000:0000:0000:3243:0000:0000:ABCD
– Can skip leading zeros of each word
– Can skip one sequence of zero words, e.g.,
FEDC::3243:0000:0000:ABCD
– Can leave the last 32 bits in dot-decimal, e.g., ::203.64.105.100
– Can specify a prefix by /length, e.g., 2345:BA23:7::/40
0

• Global unicast address(es) is :
–2001:304:101:1::E0:F726:4E58,
–subnet is 2001:304:101:1::0/64
• link-local address is FE80::E0:F726:4E58
• Unspecified Address is 0:0:0:0:0:0:0:0 or ::
• Loopback Address is 0:0:0:0:0:0:0:1 or ::1
• Group Addresses (Multicast), ie: FF02::9 for RIPv6
–Joined group address(es):
–FF02:0:0:0:0:1:FF:xxxx (solicited Node Multicast)
–Unicast : 4037::01:800:200E:8C6C is FF02::1:FF0E:8C6C
0

• 128-bit long. Fixed size
• 2 128 = 3.4
× 10 38 addresses => 665 × 10 21 addresses per m 2 of earth surface
• If assigned at the rate of 106/  s, it would take 20 years
• Expected to support 8 × 10 17 to 2 × 10 33 addresses
8 × 10 17 => 1,564 address per m 2
• Allows multiple interfaces per host
• Allows multiple addresses per interface
0

• Allows unicast, multicast, anycast
• Allows provider based, site-local, link-local
• 85% of the space is unassigned
0

• IPv6 Addressing rules are covered by multiples RFC’s
–Architecture defined by RFC 2373
• Address Types are :
–Unicast : One to One (Global, Link local, Site local, Compatible)
–Anycast : One to Nearest (Allocated from Unicast)
–Multicast : One to Many
–Reserved
• A single interface may be assigned multiple IPv6 addresses of any type (unicast, anycast, multicast)
–No Broadcast Address -> Use Multicast
0

Unicast
Anycast
Multicast
0

• Prefix Format (PF) Allocation
–PF = 0000 0000 : Reserved
–PF = 0000 001 : Reserved for OSI NSAP Allocation (see RFC 1888), so far only way to embedded E.164 addresses (VoIP)
–PF = 0000 010 : Reserved for IPX Allocation (under Study)
–PF = 001 : Aggregatable Global Unicast Address
–PF = 1111 1110 10 : Link Local Use Addresses
–PF = 1111 1110 11 : Site Local Use Addresses
–PF = 1111 1111 : Multicast Addresses
–Other values are currently Unassigned (approx. 7/8th of total)
• All Prefix Formats have to have EUI-64 bits Interface ID
–But Multicast
0

• Aggregatable Global Unicast Format - RFC2374
• Address hierarchy matches Internet Service Provider hierarchy
FP TLA ID Reserved NLA ID SLA ID Interface ID
3 bits 13 bits
• Terminology:
8 bits 24 bits 16 bits
–FP - Format Prefix: Unicast (001), Multicast, Anycast
–TLA - Top Level Aggregator 
Global ISP
–NLA - Next Level Aggregator 
ISP
–SLA - Site Level Aggregator  “Customer”
–Interface ID - Host
64 bits
0

0

• Addresses are assigned to interfaces
– No change from IPv4 Model
• Interface can have multiple addresses
• Addresses have scope
– Link Local
– Site Local
– Global
Global
Site-Local Link-Local
• Addresses have lifetime
– Valid and Preferred lifetime
0

• Link Local: Not forwarded outside the link,
FE80::xxx
10 n 118-n
1111 1110 10 0 Interface ID bits
• Site Local: Not forwarded outside the site,
FEC0::xxx
10 n m 118-n-m
1111 1110 11 0 Subnet ID Interface ID bits
0

8bits 4bits 4bits 112bits
1111 1111 Flags Scope Group ID
0 0 0 T
• T=0 => Permanent (well-known) multicast address,
T=1 => Transient
• Scope: 1 Node-local, 2 Link-local, 5 Site-local,
8 Organization-local, E Global
• Predefined: 1=>All nodes, 2=>Routers,
1:0=>DHCP Servers
0

• Example: 43 => Network Time Protocol
Servers
– FF01::43 => All NTP servers on this node
– FF02::43 => All NTP servers on this link
– FF05::43 => All NTP servers in this site
– FF08::43 => All NTP servers in this organization
– FF0F::43 => All NTP servers in the Internet
0

• Bootstrap process - RFC2450
FP TLA ID subTLA ID NLA ID SLA ID Interface ID
3 bits 13 bits
• Definitions:
13 bits 19 bits 16 bits
–TLA - special TLA 0x0001
–subTLA - Top Level Aggregator 
Transit ISP
–NLA - Next Level Aggregator 
ISP
–SLA - Site Level Aggregator  “Customer”
–Interface ID - Host
64 bits
0

• Minimum assignment to ISP is a /35
• ISP creates own NLA boundary
- or -
• ISP assigns /48 SLAs to each customer
–16 bits for subnetworks
– 65536 subnetworks per site
–64 bits for hosts
– 18446744073710 million hosts per subnetwork!!
0

• subTLA holder ISP allocates SLAs to end-customers site addresses ISP addresses
ISP allocated subTLA NLA ID SLA ID Interface ID
35 bits 13 bits 16 bits 64 bits
• subTLA holder ISP creates its own NLA boundary for customer ISPs site addresses
ISP allocated subTLA
ISP addr
ISP2 addr
NLA1 NLA2 SLA ID Interface ID
35 bits 6 bits 7 bits 16 bits 64 bits
0

• Where to get address space?
–Real IPv6 address space now allocated by
APNIC, ARIN and RIPE NCC
–
APNIC 2001:0200::/23
– ARIN 2001:0400::/23
– RIPE NCC 2001:0600::/23
–Go to your existing IPv4 address registry...
0

• APNIC (whois.apnic.net)
–WIDE-JP-19990813
• ARIN (whois.arin.net)
2001:200::/35
–
ESNET-V6
–NUS-SG-19990827
2001:208::/35
–
ARIN-001
–CONNECT-AU-19990916
–NTT-JP-19990922
2001:210::/35
2001:218::/35
–
VBNS-IPV6
–
CANET3-IPV6
–KIX-KR-19991006
2001:220::/35
–
VRIO-IPV6-0 –JENS-JP-19991027 2001:228::/35
–ETRI-KRNIC-KR-19991124
2001:230::/35
–
CISCO-IPV6-0
–
QWEST-IPV6-0 –HINET-TW-20000208
2001:238::/35
–
DEFENSENET
–IIJ-JPNIC-JP-20000308 2001:240::/35
–IMNET-JPNIC-JP-20000314
2001:248::/35
–CERNET-CN-20000426
2001:250::/35
–INFOWEB-JPNIC-JP-2000502 2001:258::/35
–BIGLOBE-JPNIC-JP-20000719 2001:260::/35
–6DION-JPNIC-JP-20000829
2001:268::/35
–DACOM-BORANET-20000908 2001:270::/35
–ODN-JPNIC-JP-20000915
2001:278::/35
–KOLNET-KRNIC-KR-20000927 2001:280::/35
–TANET-IPV6-TW 2001:288::/35
– ABOVENET-IPV6
–
SPRINT-V6
2001:410::/35
2001:420::/35
2001:430::/35
2001:400::/35
2001:400::/23
2001:408::/35
2001:418::/35
2001:428::/35
2001:438::/35
2001:440::/35
This output current as of
16-Oct-2000
0

• RIPE (whois.ripe.net)
–EU-UUNET-19990810
2001:600::/35 –DE-TRMD-20000317
–DE-SPACE-19990812
2001:608::/35
–FR-RENATER-20000321
–NL-SURFNET-19990819 2001:610::/35
–DE-NACAMAR-20000403
–UK-BT-19990903 2001:618::/35
–EU-EUNET-20000403
–CH-SWITCH-19990903
–DE-IPF-20000426
2001:620::/35
–DE-XLINK-20000510 –AT-ACONET-19990920
2001:628::/35
–FR-TELECOM-20000623 –UK-JANET-19991019
–DE-DFN-19991102
–RU-FREENET-19991115
–GR-GRNET-19991208
–DE-ECRC-19991223
2001:630::/35
2001:638::/35
2001:640::/35
2001:648::/35
2001:650::/35
–PT-RCCN-20000623
–SE-SWIPNET-20000828
–PL-ICM-20000905
2001:0658::/35
2001:0660::/35
2001:0668::/35
2001:0670::/35
2001:0678::/35
2001:0680::/35
2001:0688::/35
2001:0690::/35
2001:0698::/35
2001:06A0::/35
This output current as of 16-Oct-2000
0

20 Octets+Options : 13 fields, include 3 flag bits
0 bits
Ver
4
IHL
8 16
Service Type
Identifier
Time to Live Protocol
Changed
24
Removed
Total Length
Flags Fragment Offset
Header Checksum
31
32 bit Source Address
32 bit Destination Address
Options and Padding
0

IPv4 Header
Version IHL Type of Service Total Length
• Defined by RFC 2460
• Address space quadrupled to
16 bytes
Identification
Time to Live
•
Fixed length
– (Optional headers daisy-chained)
Protocol
Flags Fragment Offset
Source Address
Header Checksum
Destination Address
Options Padding
•
No checksumming
– (Done by Link Layer)
•
No hop-by-hop segmentation
– (Path MTU discovery)
•
Flow label/Class
(Integrated QoS support)
• Concatenated Extension Headers
Version Traffic Class
Payload Length
IPv6 Header
Flow Label
Next Header Hop Limit
Source Address
Destination Address
0

0
40 Octets, 8 fields
4 12
Version Class
Payload Length
16
Flow Label
Next Header
24
Hop Limit
31
128 bit Source Address
128 bit Destination Address
0

0

• IP options have been moved to a set of optional Extension
Headers
• Extension Headers are chained together
IPv6 Header
Next = TCP
TCP Header Application Data
IPv6 Header
Next = Routing
Routing Hdr
Next = TCP
TCP Header Application Data
IPv6 Header Security Hdr
Next = Security Next = Frag
Fragment Hdr
Next = TCP
TCP Header Data
Frag
0

Next Header Routing Type
Reserved
Num. Address
Strict/Loose bit mask
Next Address
Address 1
Address 2
Address n
0

Next header and extension headers 0

• Strict => Discard if Address[Next-Address]  neighbor
• Type = 0 => Current source routing
• Type > 0 => Policy based routing (later)
• New Functionality: Provider selection, Host mobility, Auto-readdressing (route to new address)
0

• Larger Addresses
• Flexible header format
• Improved options
• Support for resource allocation
• Provision for protocol extension
• Built-in Security: Both authentication and confidentiality
0

• Allow plug and play
• BOOTP and DHCP are used in IPv4
• DHCPng will be used with IPv6
• Two Methods: Stateless and Stateful
• Stateless:
– A system uses link-local address as source and multicasts to "All routers on this link"
– Router replies and provides all the needed prefix info
– All prefixes have a associated lifetime
– System can use link-local address permanently if no router
0

Messages communication of the Stateless Autoconfiguration.
0

Flow Chart of the Stateless Autoconfiguration.
0

• Stateful:
– Problem w stateless: Anyone can connect
– Routers ask the new system to go DHCP server (by setting managed configuration bit)
– System multicasts to "All DHCP servers "
– DHCP server assigns an address
0

• Renumbering IPv6 Hosts is easy
– Add a new Prefix to the Router
– Reduce the Lifetime of the old prefix
– As nodes depreciate the old prefix the new Prefix will start to be used for new connections
• Renumbering in IPv6 is designed to happen!
• An end of ISP “lock in”!
– Improved competition
0

• IPv6 Address Scope
– Some addresses are GLOBAL
– Others are Link or Site LOCAL
– Addressing Plan also controls network access
• Configuration Policy Control
– Stateless
– Stateful (DHCPv6)
• Routers Dictate the Configuration Policy
– Router Managers are “in control” of the network
– Routers also dictate MTU size for the Link
0

• IPv6 Mobility is based on core features of IPv6
– The base IPv6 was designed to support Mobility
– Mobility is not an “Add-on” features
• All IPv6 Networks are IPv6-Mobile Ready
• All IPv6 nodes are IPv6-Mobile Ready
• All IPv6 LANs / Subnets are IPv6 Mobile Ready
• IPv6 Neighbor Discovery and Address
Autoconfiguration allow hosts to operate in any location without any special support
0

• No single point of failure (Home Agent)
• More Scalable : Better Performance
– Less traffic through Home Link
– Less redirection / re-routing (Traffic Optimisation)
0

• Interactions with IPsec fully worked out
• Mobile IPv6 testing event
– Bull, Ericsson, NEC, INRIA
• Internet Draft is ready for Last Call
0

• Security features are standardized and mandated
– All implementations must offer them
– No Change to applications
• Authentication (Packet signing)
• Encryption (Data Confidentiality)
• End-to-End security Model
– Protects DHCP
– Protects DNS
– Protects IPv6 Mobility
– Protects End-to-End traffic over IPv4 networks
0

• 1995 v.s. 1975
• IPv6 only twice the size of IPv4 header
• Only version number has the same position and meaning as in IPv4
• Removed: header length, type of service, identification, flags, fragment offset, header checksum
• Datagram length replaced by payload length
• Protocol type replaced by next header
0

• Time to live replaced by hop limit
• Added: Priority and flow label
• All fixed size fields
• No optional fields. Replaced by extension headers
• 8-bit hop limit = 255 hops max (Limits looping)
• Next Header = 6 (TCP), 17 (UDP)
0

• Larger Address Space
• Efficient and Extensible IP datagram
• Efficient Route Computation and Aggregation
• Improved Host and Router Discovery
• Mandated New Stateless and Stateful Address
Autoconfiguration
• Mandated Security for IP datagrams
• Easy renumbering
0

• Most application protocols will have to be upgraded: FTP, SMTP, Telnet, Rlogin
• 27 of 51 Full Internet standards, 6 of 20 draft standards, 25 of 130 proposed standards will be revised for IPv6
• No checksum => checksum at upper layer is mandatory, even in UDP
• non-IETF standards: X-Open, Kerberos, ... will be updated
• Should be able to request and receive new DNS records
0

• Uses same “ longest-prefix match
” routing as IPv4 CIDR
• Key to scalable routing — hierarchical addressing
• Assignment of production IPv6 Sub-TLA address prefixes obtainable from Registries (RIPE-NCC, APNIC, ARIN) since
1999
• Existing routing protocols require extensions for IPv6
• Neighbor discovery — dynamic host <
—
> router
• Can use Routing header with anycast addresses to route packets through particular regions
–e.g., for provider selection, policy, performance, etc.
0

•
Update to existing IPv4 routing protocols to handle bigger addresses
–
RIPv6 (RFC 2080) - Similar to RIPv2
–
BGP4+ - Multi-Protocols Extensions defined in RFC 2283, 2545
–
Integrated IS-IS - Large Address support facilitates IPv6 address
–family. Draft-ietf-isis-ipv6-01.
–
OSPFv6 (RFC 2740) Packet formats changed to reflect 128 bits
• IPv6 Multicast Routing
–PIM, MOSPF, MBGP have IPv6 extensions
–IPv6 Multicast has larger address space removing potential
–IP addresses collision
0

• Primarily give us a second chance to delegate addresses
• Assume:
–~60 Top level addresses
–~2000 next level addresses delegated to small ISPs
–48 addresses in one TLA for multihoming
• Result: Your route table has
–~60 TLAs,
–Your customers and subnets, and …
–Routes you incorporate by bilateral agreement
0

Router Advertisement 0

Router Solicitation
0

• IPv6 documents are at various points in the standards process, core documents are done
• Document review for completeness, followed by issues or additional work.
• To know more about IPv6 specifications
–www.ietf.org/html.charters/ipngwg-charter.html
• Main covered areas are
:
–Architecture, Addressing, Routing, Security, Transition, DNS, Management,
Discovery & Auto-Configuration, Mobility, Multicast, Applications API, ...
0

• Several key components now on Standards Track:
Specification (RFC2460) Neighbour Discovery (RFC2461)
ICMPv6 (RFC2463)
RIP (RFC2080)
IPv6 Addresses (RFC2373/4/5)
BGP (RFC2545)
IGMPv6 (RFC2710) OSPF (RFC2740)
Router Alert (RFC2711) Jumbograms (RFC2675)
Autoconfiguration (RFC2462)
IPv6 over: PPP (RFC2023)
FDDI (RFC2467)
Ethernet (RFC2464)
Token Ring (RFC2470)
NBMA(RFC2491) ATM (RFC2492)
Frame Relay (RFC2590) ARCnet (RFC2549)
0

• Issues remaining open
Multihoming Ongoing work at the moment eg: draft-ietf-ipngwg-ipv6-2260-00.txt
draft-ietf-ipngwg-ipv6multihome-with-aggr-01.txt
ISIS
DHCPv6 draft-ietf-isis-ipv6-01.txt
draft-ietf-dhc-dhcpv6-15.txt
0

• Define the processes by which networks can be transitioned from IPv4 to IPv6
• Define & specify the mandatory and optional mechanism that vendors are to implement in
Hosts, Routers and other components of the
Internet in order for the Transition.
• Http://www.ietf.org/html.charters/ngtranscharter.html
0

• Let sites and ISPs transition at their own pace
– No global coordination
– Minimize any dependencies during the transition
• Provide a multitude of “ tools
”
– Different sites might have different constraints
– Early adopters different than production users?
• Try to provide IPv6 benefits during transition
– Lack of IPv4 address and/ or features will drive transition
• Maintain 100% compatibility with installed base
– Protocols as well as applications
0

• Start with name service upgrade
– Need DNS AAAA support (BIND 4.9.4 or later)
– Need “ ipnodes
” map/ table in NIS/ NIS+
– Upgrade primary server as well as secondaries
– Separate zone for IPv6 nodes or same zone?
• Experimental - hosts only
• Incremental - one subnet at a time + internal tunnels
• Routers first - all routers then hosts
– No need for internal tunnels
0

• Dual stack approach
• Name service support (DNS, NIS, NIS+,
LDAP)
• Tunneling across IPv4 routers
• See RFC 1933 and RFC 2529
• Enables communication between IPv6-only devices and dual stack
“ servers
”
0

• Dual-IP Hosts, Routers, Name servers
• Tunneling IPv6 over IPv4
• Hosts and Routers can be gradually upgraded to IPv6
• It is better (though not required) to upgrade routers before upgrading hosts
HITACHI Toolnet6 http://www.hitachi.co.jp/Prod/comp/network/pexv6-e.htm
0

• 6over4
– Isolated v6 to isolated v6 node
– IPv4 used as link layer
• 6to4
– v6 domain to v6 domain
– IPv4 used as transport tunnel
• NAT-PT
– v6 only to v4 only
• SIIT, AIIH, DTI, BIS, …
0

• Hosts — dual stack
• Networks — tunneling
• Network boundaries IPv4
IPv6 NAT
• Expect combinations of each to be used
…
APPLICATION
TCP/UDP
IPv4 IPv6
DRIVER
More Pragmatic than Building New IPv6 Topology
0

APPLICATION
TCP/UDP
IPv4 IPv6
DRIVER
• When adding IPv6 to a system, do not delete IPv4
– this multi-protocol approach is familiar and well-understood (e.g., for
AppleTalk, IPX, etc.)
– note: in most cases, IPv6 will be bundled with new OS releases, not an extra-cost add-on
• Applications (or libraries) choose IP version to use
– when initiating, based on DNS response:
– if (dest has AAAA or A6 record) use IPv6, else use IPv4
– when responding, based on version of initiating packet
• This allows indefinite co-existence of IPv4 and IPv6, and gradual, app-by-app upgrades to IPv6 usage
0

• IPv6 hosts and routers support both IPv4 and IPv6
– Interoperates with IPv4 and IPv6
• The same applications and transport protocols run on both IP versions
• Upgrading from IPv4 to dual IPv4/ IPv6 does not break anything
– As part of regular new OS release
– Enable IPv6 and record IPv6 address in DNS to turn on the IPv6 features
0

• Encapsulate IPv6 packets inside IPv4 packets
(or MPLS frames)
• any methods exist for establishing tunnels:
–configured tunnels - manual
–automatic tunnels - IPv4 compatible addresses ::<ipv4>
–“ tunnel brokers
”
(using web-based service to create a tunnel)
–“
6-over-4
”
(intra-domain, using IPv4 multicast as virtual LAN)
–“
6-to-4
”
(inter-domain, using IPv4 addr as IPv6 site prefix)
• Can view this as:
–IPv6 using IPv4 as a virtual link-layer, or
–an IPv6 VPN (virtual public network), over the IPv4 Internet
(becoming
“ less virtual
” over time, we hope)
0

IPv6
Network
• Configured tunnels — manual point-2-point links
• Automatic tunnels — via 6to4 mechanism
IPv6
Network 2002::/16 prefix
IPv6 Tunnel
Service Provider
IPv4 Backbone
IPv6 Tunnel
IPv6
Tunnel
IPv4 Header
IPv6 Header
IPv6 Header
Transport
Layer Header
Transport
Layer Header
Data
Data
Mobile Data
Network
0

• May prefer to use IPv6-IPv4 protocol translation for:
–New kinds of IPv6 devices (e.g., cell phones, cars, appliances) accessing
IPv4 servers resources over the Internet
–Smoothly deploying IPv6 on a campus network, providing v4-v6 communications
• This is a simple extension to NAT techniques, to translate header format as well as addresses
–IPv6 nodes behind a translator get full IPv6 functionality when talking to other IPv6 nodes located anywhere
–Methods used to improve NAT functionality (e.g., ALGs, RSIP) can be used equally to improve IPv6-IPv4 functionality
0

NAT-PT
IPv4 Network IPv4/v6 Network v4-only host, router v4 + v6 host, router v4-only link v4 + v6 link v6-only tunnel
0

• IPv6 uses 128-bit addresses
• Allows provider-based, site-local, link-local, multicast, anycast addresses
• Fixed header size. Extension headers instead of options. Extension headers for provider selection, security
• Allows autoconfiguration
• Dual IP router and host implementations for transition
0