SlideShare a Scribd company logo

IPv6 theoryfinalx

Download as PPT, PDF
Pawan Sharma
Pawan Sharma

Complete IPv6 guide

Technology
1 of 72
IPv6 Notes from IP Addressing and Basic Connectivity and TCP/IP Tutorial and Technical Overview
Implementing IPv6 Addressing and Basic Connectivity • IPv6, formerly named IPng (next generation), is the latest version of the Internet Protocol (IP). IP is a packet-based protocol used to exchange data, voice, and video traffic over digital networks.
Implementing IPv6 Addressing and Basic Connectivity • IPv6 quadruples the number of network address bits from 32 bits (in IPv4) to 128 bits. • By being globally unique, IPv6 addresses inherently enable global reachibility and end- to-end security for networked devices.
IPv6 Addressing and Basic Connectivity • The flexibility of the IPv6 address space reduces the need for private addresses and the use of Network Address Translation (NAT) thus, IPv6 enables new application protocols that do not require special processing by border routers at the edge of networks.
IPv6 Address Formats • IPv6 addresses are represented as eight groups of four hexadecimal digits separated by colons (:) in the format: • 2001:0DB8:7654:3210:FEDC:BA98:7654:3210 • 2001:0DB8:0:0:8:800:200C:417A
IPv6 Address Formats • It is common for IPv6 addresses to contain successive hexadecimal fields of zeros. • To make IPv6 addresses less cumbersome, two colons (::) may be used to compress successive hexadecimal fields of zeros at the beginning, middle, or end of an IPv6 address. • Two colons (::) can be used only once in an IPv6 address, to represent the longest successive hexadecimal fields of zeros.
IPv6 Special Addresses IANA maintains the official list of the IPv6 address space. Global unicast assignments can be found at the various RIRs or at the GRH DFP pages. There are a number of addresses with special meaning in IPv6: Unspecified address ::/128 — the address with all zero bits is called the unspecified address. This address must never be assigned to an interface and is to be used only in software before the application has learned its host's source address appropriate for a pending connection. Routers must not forward packets with the unspecified address. Link local addresses ::1/128 — the loopback address is a unicast local host address. If an application in a host sends packets to this address, the IPv6 stack will loop these packets back on the same virtual interface (corresponding to 127.0.0.1 in IPv4). fe80::/10 — The link-local prefix specifies that the address is only valid on a single link. This is analogous to the autoconfiguration IP addresses 169.254.0.0/16 in IPv4.
IPv6 Special Addresses Unique local addresses • fc00::/7 — unique local addresses (ULA) are routable only within a set of cooperating sites. They were defined in RFC 4193 as a replacement for site-local addresses (see below). The addresses include a 40-bit pseudorandom number in the routing prefix that intends to minimize the risk of conflicts if sites merge or packets are misrouted into the Internet. Despite the restricted, local usage of these addresses, their address scope is global. This is a departure from the prior definitions of site-local addresses. Multicast addresses • ff00::/8 — The multicast prefix designates multicast addresses as defined in "IP Version 6 Addressing Architecture" (RFC 4291). Some of these have been assigned to specific protocols, for example ff02::101 will reach all link-local NTP servers (RFC 2375). Solicited-node multicast addresses • ff02::1:FFXX:XXXX — XX:XXXX are the 3 low order octets of the corresponding unicast or anycast address.
IPv6 Special Addresses • IPv4 transition ::ffff:0:0/96 — this prefix is used for IPv4 mapped addresses 2001::/32 — Used for Teredo tunneling. 2002::/16 — this prefix is used for 6 to 4 addressing. • ORCHID 2001:10::/28 — ORCHID (Overlay Routable Cryptographic Hash Identifiers) as per (RFC 4843). These are non-routed IPv6 addresses used for Cryptographic Hash Identifiers. • Documentation 2001:db8::/32 — this prefix is used in documentation (RFC 3849). The addresses should be used anywhere an example IPv6 address is given or model networking scenarios are described.
IPv6 Special Addresses • Deprecated or obsolete addresses ::/96 — This is a 96-bit zero-value prefix originally known as IPv4- compatible addresses. This class of addresses were used to represent IPv4 addresses within an IPv6 transition technology. Such an IPv6 address has its first 96 bits set to zero, while its last 32 bits are the IPv4 address that is represented. The Internet Engineering Task Force (IETF) has deprecated the use of IPv4-compatible addresses with publication RFC 4291. The only remaining use of this address format is to represent an IPv4 address in a table or database with fixed size members that must also be able to store an IPv6 address. fec0::/10 — The site-local prefix specifies that the address is valid only within the site network of an organization. Its use has been deprecated in September 2004 by RFC 3879 and new systems must not support this special type of address. New specifications replace this address type with unique local addresses.
IPv6 Address Type: Unicast • An IPv6 unicast address is an address destined for a single interface, on a single node. • A packet that is sent to a unicast address is delivered to the interface identified by that address. • Cisco IOS software supports the following IPv6 unicast address types: Aggregateable Global Address Site-Local Address Unique-Local Address Link-Local Address
Global Aggregateable Unicast Address • A global unique address is an IPv6 address that’s routable on the internet and may be aggregated upwards through organizations, and eventually to the Internet Service Providers (ISPs). • Addresses with a prefix of 2000::/3 (001) through E000::/3 (111) are required to have 64-bit interface identifiers in the Modified (EUI)-64 format. • The Internet Assigned Numbers Authority (IANA) allocates the IPv6 address space in the range of 2000::/16 to regional registries.
Modified EUI-64 Interface ID
Global Aggregateable Unicast Address The Global Unicast Address consists of a: • 48-bit global routing prefix: which included the Top-Level Aggregator (TLA) and Next-Level Aggregator (NLA) but because they were policy-based they were removed) •16-bit subnet ID: (Site-Level Aggregator) used by individual organizations to create their own local addressing hierarchy and identify subnets (as in IPv4). An organization with an IPv6 subnet ID can support up to 65,535 individual subnets. •Interface-ID: used to identify interfaces on a link, the interface ID must be unique to the link. Interface IDs used in global unicast and other IPv6 address types must be 64 bits long and constructed in the modified EUI-64 format.
Site-Local address • A site-local address is an IPv6 unicast address that uses the prefix FEC0::/10, and concatenates the subnet identifier (16-bit SLA field) with the interface identifier in the modified EUI-64 format. • Site-local addresses can be used to number a complete site without using a globally unique prefix. • Site-local addresses can be considered private addresses because they can be used to restrict communication to a limited domain. • IPv6 routers must not forward packets that have site- local source or destination addresses outside of the site. • Site-local addresses are being obsolecesed by Unique-local addresses, though some still exist.
Site-Local address
Unique Local Address • A unique local address is an IPv6 unicast address with a prefix FC00::/7 or FD00::/7, that’s globally unique, and intended for local communications. They are not expected to be routable on the global Internet and are routable inside of a limited area, such as a site. • A unique local address has: • It has a well-known, globally unique prefix to allow for easy filtering at site boundaries. • It allows sites to be combined or privately interconnected without creating any address conflicts or requiring renumbering of interfaces that use these prefixes. • It is ISP-independent and can be used for communications inside of a site without having any permanent or intermittent Internet connectivity. • If it is accidentally leaked outside of a site via routing or DNS, there is no conflict with any other addresses. • Applications may treat unique local addresses like global scoped addresses.
Unique Local Address
Link-Local Address • A link-local address is an IPv6 unicast address that can be automatically configured on any interface • It Uses the link-local prefix FE80::/10 (1111 1110 10) and the interface identifier in modified EUI-64format. • Link-local addresses are used in the neighbor discovery protocol and the stateless auto- configuration process. • Nodes on a local link can use link-local addresses to communicate; the nodes do not need site-local or globally unique addresses to communicate. • IPv6 routers must not forward packets that have link- local source or destination addresses to other links.
Link-Local Address
Internet transition: Migrating IPv4 to IPv6 • If the Internet is to realize the benefits of IPv6, a period of transition will be necessary when new IPv6 hosts and routers are deployed alongside existing IPv4 systems. • RFC 2893 (Transition Mechanisms for IPv6 Hosts and Routers) and RFC2185 (Routing Aspects of IPv6 Transition), define a number of mechanisms to ensure both the compatibility between old and new systems and a gradual transition that doesn’t impact functionality of the Internet. • These techniques are sometimes collectively termed Simple Internet Transition (SIT).
IPv4/IPv6 Transitional addresses The transition employs the following techniques: • Dual-stack IP implementations for hosts and routers that must interoperate between IPv4 and IPv6. • IPv6-over-IPv4 tunneling mechanisms for carrying IPv6 packets across IPv4 router networks. • IPv4/IPv6 header translation. This technique is intended for use when implementation of IPv6 is well advanced and only a few IPv4-only systems remain. • Embedding of IPv4 addresses in IPv6 addresses. IPv6 hosts will be assigned addresses that are interoperable with IPv4, and IPv4 host addresses will be mapped to IPv6.
IPv4/IPv6 Compatible addresses • An IPv4-compatible IPv6 address is an IPv6 unicast address that has zeros in the high-order 96 bits, and an IPv4 address in the low-order 32 bits of the address. • The format: 0:0:0:0:0:0:192.0.2.128 or ::192.0.2.128 • The IPv6 address of a node is the entire 128-bit IPv4- compatible IPv6 address with embedded IPv4 address and the IPv4 address of the node is the low- order 32 bits from the 128 bit address. • IPv4-compatible IPv6 addresses are assigned to nodes that support both IPv4 and IPv6 protocol stacks and are used in automatic tunnels. 80 bits 16 bits 32 bits zeros 0000(=96) 192.0.2.128
IPv6/IPv4 Mapped addresses • Dual stack IPv6/IPv4 implementations typically support a special class of addresses, the IPv4 mapped addresses. • This address type has its first 80 bits set to zero, the next 16 set to one (FFFF), while its last 32 bits represent an IPv4 address. • For example, ::ffff:c000:280(all hex) is the IPv4 mapped address for the IPv4 address 192.0.2.128.
IPv4 Mapped addresses cont. As an exception to standard IPv6 address notation (all hex), IPv4 mapped addresses are commonly represented with their last 32 bits written in dot-decimal notation (eg. IPv4), appended to the standard IPv6 notation of the leading bits, e.g. ::ffff:c000:280 could be written as ::ffff:192.0.2.128. 80 bits 16 bits 32 bits zeros FFFF 192.0.2.128
IPv4 Mapped addresses cont. • This address type allows the transparent use of the transport layer protocols over IPv4 through the IPv6 networking API. • A benefit of this mechanism is that server applications only need to open a single listening socket to handle connections from clients using IPv6 or IPv4 protocols. • IPv6 clients will be handled natively by default, and IPv4 clients appear as IPv6 clients with an appropriately mapped address. • It can also be used to establish IPv4 connections specifically with an IPv6 socket. While the network protocol on the transmission medium is IPv4, the connection is presented as an IPv6 interface to the application.
IPv6 Address Type: Anycast • An Anycast address is an address that is assigned to a set of interfaces that typically belong to different routers. • A packet sent to an anycast address is delivered to the closest interface as defined by the routing protocols in use. • Anycast addresses are syntactically the same as unicast addresses since they’re allocated from the unicast address space. • Routers to which the anycast address are assigned must be explicitly configured to recognize that the address is an anycast address.
IPv6 Address Type: Anycast • Anycast addresses can be used only by a router, not a host, and anycast addresses must not be used as the source address of an IPv6 packet.
IPv6 Address Type: Multicast • An IPv6 multicast address is an IPv6 address that has a prefix of FF00::/8 (1111 1111). • An IPv6 multicast address is an identifier for a set of interfaces that typically belong to different nodes. • A packet sent to a multicast address is delivered to all interfaces identified by the multicast address.
IPv6 Address Type: Multicast • The second octet following the prefix defines the lifetime and scope of the multicast address. • A permanent multicast address has a lifetime parameter equal to 0. • A temporary multicast address has a lifetime parameter equal to 1. • A multicast address that has the scope of a node, link, site, or organization, or a global scope has a scope parameter of 1, 2, 5, 8, or E, respectively. For example, a multicast address with the prefix FF02::/16 is a permanent multicast address with a link scope.
IPv6 Address Type: Multicast
IPv6 Multicast Groups Group ID (Interface Id, above slide) Identifies the multicast group. Some special purpose multicast addresses are predefined as follows: FF01::1 All interfaces node-local. All interfaces on the host itself. FF02::1 All nodes link-local. All systems on the local network. FF01::2 All routers node-local. All routers local to the host itself. FF02::2 All routers link-local. All routers on the same link as the host. FF05::2 All routers site-local. All routers on the same site as the host. FF02::B Mobile agents link-local. FF02::1:2 All DHCP agents link-local. FF05::1:3 All DHCP servers site-local.
IPv6 Multicast Groups • A special multicast address, the solicited node multicast address, is used by ICMP for neighbor discovery and duplicate address detection. It has the format: • FF02::1:FFxx:xxxx, where xx xxxx is taken from the last 24-bits of a nodes unicast address. • A node’s IPv6 address of 4025::01:800:100F:7B5B belongs to the multicast group FF02::1:FF0F:7B5B. • For a more complete listing of reserved multicast addresses, see the IANA documentation– IPv6 Multicast Addresses Assignments.
IPv6 Header Format • The basic IPv6 packet header has 8 fields with a total size of 40 octets. Fields were removed from the IPv6 header because, in IPv6, fragmentation is not handled by routers and checksums at the network layer are not used. • Instead, fragmentation in IPv6 is handled by the source of a packet and checksums at the data link layer and transport layer are used. • In IPv4, the User Datagram Protocol transport layer uses an optional checksum. In IPv6, use of the UDP checksum is required to check the integrity of the inner packet. • Additionally, the basic IPv6 packet header and options field are aligned to 64 bits, which can facilitate the processing of IPv6 packets.
IPv6 Basic IP Header
IPv6 Basic Packet Header Version Similar to the Version field in the IPv4 packet header, except that the field lists number 6 for IPv6 instead of number 4 for IPv4. Traffic Class Similar to the Type of Service field in the IPv4 packet header. The Traffic Class field tags packets with a traffic class that is used in differentiated services. Flow Label A new field in the IPv6 packet header. The Flow Label field tags packets with a specific flow that differentiates the packets at the network layer. Payload Similar to the Total Length field in the IPv4 packet header. The Payload Length Length field indicates the total length of the data portion of the packet. Next Header Similar to the Protocol field in the IPv4 packet header. The Next Header field determines the type of information following the basic IPv6 header. The type of information following the basic IPv6 header can be a transport-layer packet, for example, a TCP or UDP packet, or an Extension Header, Hop Limit Similar to the Time to Live field in the IPv4 packet header. The value of the Hop Limit field specifies the maximum number of routers that an IPv6 packet can pass through before the packet is considered invalid. Each router decrements the value by one. Because no checksum is in the IPv6 header, the router can decrement the value without needing to recalculate the checksum, which saves processing resources. Source & Similar to the Source & Destination fields in the IPv4 header, except that the Dest. Address field contains a 128-bit address for IPv6, instead of a 32-bit source address for IPv4.
IPv6 Extension Headers
IPv6 Extension Headers Hop by Hop Options 0 This header is processed by all hops in the path of a packet. When present, and always follows immediately after the basic IPv6 packet header. Destination options 60 Is processed at the final destination and also at each visited address header specified by a routing header when followed by the hop-by-hop options header. Alternatively, the destination options header can follow any Encapsulating Security Payload (ESP) header, in which case the destination options header is processed only at the final destination. Routing header 43 The routing header is used for source routing. Fragment header 44 Used when a source must fragment a packet that is larger than the MTU for the path between itself and a destination. Used in each fragmented packet. Authentication header 51 The Authentication header and the ESP header are used within IP Security and Protocol (IPSec) to provide authentication, integrity, and confidentiality of a ESP header 50 packet. These headers are identical for both IPv4 and IPv6. Transport (upper-layer) 6 TCP The Upper-layer headers are the typical transport-layer headers used inside headers a packet to transport the data. The two main transport protocols are TCP and UDP. 17 UDP Mobility header 135 Extension headers used by mobile nodes, correspondent nodes, and home agents in all messaging related to the creation and management of bindings.
Unicast Reverse Path Forwarding • The Unicast RPF feature is invoked to mitigate problems caused by malformed or forged (spoofed) IPv6 source addresses that pass through an IPv6 router. • Malformed or forged source addresses can indicate denial-of- service (DoS) attacks based on source IPv6 address spoofing. • Unicast RPF checks to see if any packet received at a router interface arrives on one of the best return paths to the source of the packet. Unicast RPF does this by doing a reverse lookup in the CEF table. • With Unicast RPF, all equal-cost “best” return paths are considered valid. Unicast RPF works in cases where multiple return paths exist provided that each path is equal to the others in terms of the routing cost (number of hops, weights, and so on) and as long as the route is in the FIB.
Unicast Reverse Path Forwarding • Where NOT to use Unicast RPF. • Unicast RPF should not be used where UPSR ring topologies are implemented such as within the core of an ISP, or on interfaces that are internal to the network. These interfaces are likely to have routing asymmetry meaning the number of hops in the transmit and receive path differ. Unicast RPF should be applied only where there is natural or configured symmetry. As long as administrators carefully plan which interfaces they activate Unicast RPF on, routing asymmetry is not a serious problem. • Routers at the edge of the network of an ISP are more likely to have symmetrical reverse paths than routers that are in the core of the ISP network. • Routers that are in the core of the ISP network have no guarantee that the best forwarding path out of the router will be the path selected for packets returning to the router. Hence, it is not recommended that you apply Unicast RPF where there is a chance of asymmetric routing. It is simplest to place Unicast RPF only at the edge of a network or, for an ISP, at the customer edge of the network.
Unicast Reverse Path Forwarding Unicast RPF Blocking Traffic in an Asymmetrical Routing Environment
Path MTU Discovery for IPv6 • As in IPv4, path MTU discovery in IPv6 allows a host to dynamically discover and adjust to differences in the MTU size of every link along a given data path. • In IPv6, however, fragmentation is handled by the source of a packet when the path MTU of one link along a given data path is not large enough to accommodate the size of the packets. • Having IPv6 hosts handle packet fragmentation saves IPv6 router processing resources and helps IPv6 networks run more efficiently. • In IPv6, the minimum link MTU is 1280 octets. We recommend using an MTU value of 1500 octets for IPv6 links.
IPv6 Neighbor Discovery • Neighbor discovery is a function that enables a node to identify other hosts and routers on its links. • The node needs to know of at least one router so that it knows where to forward packets if a target node is not on its local link. • Neighbor discovery also allows a router to redirect a node to use a more appropriate router if the node has initially made an incorrect choice. • There are two ways that neighbor discovery are performed in IPv6. Statelessly via ICMPv6 and Statefuly via DHCPv6
IPv6 Neighbor Discovery • An IP address is obtained statefuly (DHCPv6) or Statelessly (ICMPv6) • The M bit in an RA message determines how the IP address is obtained. • The O bit determines if other configuration parameters are configured statefuly as well. • An IP address is obtained statefuly (DHCPv6) if the M bit is set (1). • An IP address is obtained Statelessly (ICMPv6) if the M bit is not set (0).
Internet Control Message Protocol Version 6 (ICMPv6) • In order for IP to move data from one node to another successfully, there are many functions that need to be carried out, (error reporting, route discovery, and diagnostics) to name a few. These tasks are carried out by Internet Control Message Protocol • ICMPv6 also carries out the tasks of conveying multicast group membership information, (a function that was previously performed by the IGMP protocol in IPv4), and address resolution, (previously performed by ARP). • ICMPv6 messages and their use are specified in RFC 4443 – Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) and RFC 2461 – Neighbor Discovery for IP Version 6 (IPv6). Both RFCs are draft standards with a status of elective. • Every ICMPv6 message is preceded by an IPv6 header (and possibly some IP extension headers). The ICMPv6 header is identified by a Next Header value of 58 in the immediately preceding header.
Internet Control Message Protocol Version 6 (ICMPv6) There are two classes of ICMPv6 messages. Error messages Type 0 to 127. Informational messages Type 128 to 255.
Internet Control Message Protocol Version 6 (ICMPv6) ICMPv6 message types include: 1 Destination Unreachable 2 Packet Too Big 3 Time (Hop Count) Exceeded 4 Parameter Problem 128 Echo Request 129 Echo Reply 130 Group Membership Query 131 Group Membership Report 132 Group Membership Reduction 133 Router Solicitation 134 Router Advertisement 135 Neighbor Solicitation 136 Neighbor Advertisement 137 Redirect Message
IPv6 Neighbor Discovery Messages • Type 133 Router Solicitation Message • Type 134 Router Advertisement Message • Type 135 Neighbor Solicitation Message • Type 136 Neighbor Advertisement Message • Type 137 Neighbor Redirect Message
IPv6 Neighbor Solicitation Message • When a node wants to determine the link-layer address of another node, the source address in a neighbor solicitation message is the IPv6 address of the node sending the neighbor solicitation message (Type 135). • The destination address in the neighbor solicitation message is the solicited-node multicast address that corresponds to the IPv6 address of the destination node. • The neighbor solicitation message also includes the link-layer address of the source node. • Neighbor solicitation messages are also used to verify the reachability of a neighbor after the link-layer address of a neighbor is identified. • When a node wants to verify the reachability of a neighbor, the destination address in a neighbor solicitation message is the unicast address of the neighbor.
IPv6 Neighbor Solicitation Message
IPv6 Neighbor Solicitation Message
IPv6 Neighbor Advertisement Message • After receiving the neighbor solicitation message, the destination node replies by sending a neighbor advertisement message, (Type 136) in the Type field of the ICMP packet header, on the local link. • The source address in the neighbor advertisement message is the IPv6 address of the node interface sending the neighbor advertisement message. • The destination address in the neighbor advertisement message is the IPv6 address of the node that sent the neighbor solicitation message. • The data portion of the neighbor advertisement message includes the link-layer address of the node sending the neighbor advertisement message. • Neighbor advertisement messages are also sent when there is a change in the link-layer address of a node on a local link. • When there is such a change, the destination address for the neighbor advertisement is the all-nodes multicast address.
IPv6 Neighbor Advertisement Message
IPv6 Neighbor Advertisement Message
IPv6 Router Advertisement Message • Router advertisement (RA) messages, have a value of 134 in the Type field of the ICMP packet header, are periodically sent out each configured interface of an IPv6 router. • For stateless autoconfiguration to work properly, the advertised prefix length in RA messages must always be 64 bits. • The RA messages are sent to the all-nodes multicast address.
IPv6 Router Advertisement Message
IPv6 Router Advertisement Message
IPv6 Router Solicitation Message • Router solicitation messages, value of Type 133 of the ICMP packet header, are sent by hosts at system startup so that the host can immediately autoconfigure without needing to wait for the next scheduled RA message. • Router solicitation messages are usually sent by hosts at system startup (the host does not have a configured unicast address), the source address in router solicitation messages is usually the unspecified IPv6 address (0:0:0:0:0:0:0:0). • RAs are also sent in response to router solicitation messages.
IPv6 Router Solicitation Message
IPv6 Neighbor Redirect Message • Routers send neighbor redirect messages to inform hosts of better first-hop nodes on the path to a destination. • A value of 137 in the Type field of the ICMP packet header identifies an IPv6 neighbor redirect message. • A router must be able to determine the link-local address for each of its neighboring routers in order to ensure that the target address in a redirect message identifies the neighbor router by its link- local address. • For static routing, the address of the next-hop router should be specified using the link-local address of the router. • For dynamic routing, all IPv6 routing protocols must exchange the link-local addresses of neighboring routers.
IPv6 Neighbor Redirect Message
IPv6 Neighbor Redirect Message
IPv6 Stateless Auto-configuration • A node on the link can automatically configure site- local and global IPv6 addresses by appending its 64 bit interface ID to the 64 bit prefixes included in the RA messages. • The resulting 128-bit IPv6 addresses configured by the node are then subjected to duplicate address detection to ensure their uniqueness on the link. • If the prefixes advertised in the RA messages are globally unique, then the IPv6 addresses configured by the node are also guaranteed to be globally unique. • Router solicitation messages, which have a value of 133 in the Type field of the ICMP packet header, are sent by hosts at system startup so that the host can immediately autoconfigure without needing to wait for the next scheduled RA message.
IPv6 Stateless Auto-configuration
DHCP for IPv6 Prefix Delegation • DHCP for IPv6 can be used in environments to deliver statefull and stateless information. • Again the M bit allows the IP address to be obtained statefully when set (1) and statelessly when not (0) • Other configuration parameters can be obtained statefully via the O bit when set (1). • For further information about this feature, see the Implementing DHCP for IPv6 module in the Cisco IOS IPv6 Configuration Library.
IPv6 Prefix Aggregation • The aggregatable nature of the IPv6 address space enables an IPv6 addressing hierarchy. • An enterprise can subdivide a single IPv6 prefix from a service provider into multiple, longer prefixes for use within its internal network. • Conversely, a service provider can aggregate all of the prefixes of its customers into a single, shorter prefix that the service provider can then advertise over the IPv6 internet. (see Figure 17)
IPv6 Prefix Aggregation
IPv6 Site Multi-homing • Multiple IPv6 prefixes can be assigned to networks and hosts. • Having multiple prefixes assigned to a network makes it easy for that network to connect to multiple ISPs without breaking the global routing table. (see Figure 18)
IPv6 Site Multi-homing
Dual IPv4 and IPv6 Protocol Stacks • The Dual IPv4 and IPv6 protocol stack technique can be used to transition to IPv6 by enabling gradual one-by-one upgrades to applications running on nodes. • Applications running on nodes are upgraded to make use of the IPv6 protocol stack. • Applications that are not upgraded, support only the IPv4 coexisting with upgraded applications on a node. • New and upgraded applications make use of both the IPv4 and IPv6 protocol stacks. (see Figure 19).
Dual IPv4 and IPv6 Protocol Stacks
Dual IPv4 and IPv6 Protocol Stacks

Recommended

Basic of IPv6
Basic of IPv6Basic of IPv6
Basic of IPv6Jubin Aghara
 
Cisco presentation2
Cisco presentation2Cisco presentation2
Cisco presentation2ehsan nazer
 
Cisco IPv6 Tutorial
Cisco IPv6 TutorialCisco IPv6 Tutorial
Cisco IPv6 Tutorialkriz5
 
IPv6 Best Practice
IPv6 Best PracticeIPv6 Best Practice
IPv6 Best Practiceflyingpotato
 
About IPv6
About IPv6About IPv6
About IPv6Marco Antonio
 
Introduction to IPv6
Introduction to IPv6Introduction to IPv6
Introduction to IPv6Sara Q. Abedulridha
 
IPv6
IPv6IPv6
IPv6Deepraj Bhujel
 
IPv6_Quick_Start_Guide
IPv6_Quick_Start_GuideIPv6_Quick_Start_Guide
IPv6_Quick_Start_GuideParthiban Nallathambi
 

Recommended

Basic of IPv6
Basic of IPv6Basic of IPv6
Basic of IPv6Jubin Aghara
 
Cisco presentation2
Cisco presentation2Cisco presentation2
Cisco presentation2ehsan nazer
 
Cisco IPv6 Tutorial
Cisco IPv6 TutorialCisco IPv6 Tutorial
Cisco IPv6 Tutorialkriz5
 
IPv6 Best Practice
IPv6 Best PracticeIPv6 Best Practice
IPv6 Best Practiceflyingpotato
 
About IPv6
About IPv6About IPv6
About IPv6Marco Antonio
 
Introduction to IPv6
Introduction to IPv6Introduction to IPv6
Introduction to IPv6Sara Q. Abedulridha
 
IPv6
IPv6IPv6
IPv6Deepraj Bhujel
 
IPv6_Quick_Start_Guide
IPv6_Quick_Start_GuideIPv6_Quick_Start_Guide
IPv6_Quick_Start_GuideParthiban Nallathambi
 
Ipv6 course
Ipv6 courseIpv6 course
Ipv6 courserinnocente
 
IPV6 Hands on Lab
IPV6 Hands on Lab IPV6 Hands on Lab
IPV6 Hands on Lab Cisco Canada
 
IPv6 Fundamentals
IPv6 FundamentalsIPv6 Fundamentals
IPv6 FundamentalsMatt Bynum
 
IPv6 By Vipin
IPv6 By VipinIPv6 By Vipin
IPv6 By VipinVipin Mundayad
 
IPv6 - Neighbour Discovery
IPv6 - Neighbour DiscoveryIPv6 - Neighbour Discovery
IPv6 - Neighbour DiscoveryHeba_a
 
IPv6 Overview
IPv6 OverviewIPv6 Overview
IPv6 OverviewWilliam Lee
 
IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6Ankita Mahajan
 
Introduction to ipv6 v1.3
Introduction to ipv6 v1.3Introduction to ipv6 v1.3
Introduction to ipv6 v1.3Karunakant Rai
 
A very good introduction to IPv6
A very good introduction to IPv6A very good introduction to IPv6
A very good introduction to IPv6Syed Arshad
 
Ipv6
Ipv6Ipv6
Ipv6satish 486
 
Ipv6 the next generation protocol
Ipv6 the next generation protocolIpv6 the next generation protocol
Ipv6 the next generation protocolPRADEEP Cheekatla
 
Internet Protocol version 6
Internet Protocol version 6Internet Protocol version 6
Internet Protocol version 6Rekha Yadav
 
IPv6
IPv6IPv6
IPv6Peter R. Egli
 
IPv6 Autoconfig
IPv6 AutoconfigIPv6 Autoconfig
IPv6 AutoconfigFred Bovy
 
IPv6 next generation protocol
IPv6 next generation protocolIPv6 next generation protocol
IPv6 next generation protocolRupshanker Mishra
 
IPV6 Introduction
IPV6 Introduction IPV6 Introduction
IPV6 Introduction Heba_a
 
IPv6 Theory by Cisco
IPv6 Theory by CiscoIPv6 Theory by Cisco
IPv6 Theory by CiscoFebrian ‎
 
Ipv 4 and ipv6
Ipv 4 and ipv6Ipv 4 and ipv6
Ipv 4 and ipv6Tehmina Gulfam
 
IPv6 address
IPv6 addressIPv6 address
IPv6 addressPina Parmar
 
IPV6 Addressing
IPV6 Addressing IPV6 Addressing
IPV6 Addressing Heba_a
 
Ipv4 vs Ipv6 comparison
Ipv4 vs Ipv6 comparisonIpv4 vs Ipv6 comparison
Ipv4 vs Ipv6 comparisonShailesh Pachori
 
IPV6 INTRODUCTION
IPV6 INTRODUCTIONIPV6 INTRODUCTION
IPV6 INTRODUCTIONAVINASH JURIANI
 

More Related Content

What's hot

IPV6 Hands on Lab
IPV6 Hands on Lab IPV6 Hands on Lab
IPV6 Hands on Lab Cisco Canada
 
IPv6 Fundamentals
IPv6 FundamentalsIPv6 Fundamentals
IPv6 FundamentalsMatt Bynum
 
IPv6 - Neighbour Discovery
IPv6 - Neighbour DiscoveryIPv6 - Neighbour Discovery
IPv6 - Neighbour DiscoveryHeba_a
 
IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6Ankita Mahajan
 
Introduction to ipv6 v1.3
Introduction to ipv6 v1.3Introduction to ipv6 v1.3
Introduction to ipv6 v1.3Karunakant Rai
 
A very good introduction to IPv6
A very good introduction to IPv6A very good introduction to IPv6
A very good introduction to IPv6Syed Arshad
 
Ipv6 the next generation protocol
Ipv6 the next generation protocolIpv6 the next generation protocol
Ipv6 the next generation protocolPRADEEP Cheekatla
 
Internet Protocol version 6
Internet Protocol version 6Internet Protocol version 6
Internet Protocol version 6Rekha Yadav
 
IPv6 Autoconfig
IPv6 AutoconfigIPv6 Autoconfig
IPv6 AutoconfigFred Bovy
 
IPv6 next generation protocol
IPv6 next generation protocolIPv6 next generation protocol
IPv6 next generation protocolRupshanker Mishra
 
IPV6 Introduction
IPV6 Introduction IPV6 Introduction
IPV6 Introduction Heba_a
 
IPv6 Theory by Cisco
IPv6 Theory by CiscoIPv6 Theory by Cisco
IPv6 Theory by CiscoFebrian ‎
 
IPV6 Addressing
IPV6 Addressing IPV6 Addressing
IPV6 Addressing Heba_a
 

What's hot (20)

Ipv6 course
Ipv6 courseIpv6 course
Ipv6 course
 
IPV6 Hands on Lab
IPV6 Hands on Lab IPV6 Hands on Lab
IPV6 Hands on Lab
 
IPv6 Fundamentals
IPv6 FundamentalsIPv6 Fundamentals
IPv6 Fundamentals
 
IPv6 By Vipin
IPv6 By VipinIPv6 By Vipin
IPv6 By Vipin
 
IPv6 - Neighbour Discovery
IPv6 - Neighbour DiscoveryIPv6 - Neighbour Discovery
IPv6 - Neighbour Discovery
 
IPv6 Overview
IPv6 OverviewIPv6 Overview
IPv6 Overview
 
IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6
 
Introduction to ipv6 v1.3
Introduction to ipv6 v1.3Introduction to ipv6 v1.3
Introduction to ipv6 v1.3
 
A very good introduction to IPv6
A very good introduction to IPv6A very good introduction to IPv6
A very good introduction to IPv6
 
Ipv6
Ipv6Ipv6
Ipv6
 
Ipv6 the next generation protocol
Ipv6 the next generation protocolIpv6 the next generation protocol
Ipv6 the next generation protocol
 
Internet Protocol version 6
Internet Protocol version 6Internet Protocol version 6
Internet Protocol version 6
 
IPv6
IPv6IPv6
IPv6
 
IPv6 Autoconfig
IPv6 AutoconfigIPv6 Autoconfig
IPv6 Autoconfig
 
IPv6 next generation protocol
IPv6 next generation protocolIPv6 next generation protocol
IPv6 next generation protocol
 
IPV6 Introduction
IPV6 Introduction IPV6 Introduction
IPV6 Introduction
 
IPv6 Theory by Cisco
IPv6 Theory by CiscoIPv6 Theory by Cisco
IPv6 Theory by Cisco
 
Ipv 4 and ipv6
Ipv 4 and ipv6Ipv 4 and ipv6
Ipv 4 and ipv6
 
IPv6 address
IPv6 addressIPv6 address
IPv6 address
 
IPV6 Addressing
IPV6 Addressing IPV6 Addressing
IPV6 Addressing
 

Viewers also liked

IPv4 to IPv6
IPv4 to IPv6IPv4 to IPv6
IPv4 to IPv6mithilak
 
IPv6 Addressing Fundamentals
IPv6 Addressing FundamentalsIPv6 Addressing Fundamentals
IPv6 Addressing FundamentalsRIPE NCC
 
IPv6 networking training sduffy v3
IPv6 networking training sduffy v3IPv6 networking training sduffy v3
IPv6 networking training sduffy v3Shane Duffy
 
IPv4 and IPv6
IPv4 and IPv6IPv4 and IPv6
IPv4 and IPv6RIPE NCC
 
Apnic IPv6 Deployment
Apnic IPv6 DeploymentApnic IPv6 Deployment
Apnic IPv6 DeploymentAPNIC
 
Message Queueing - by an MQ noob
Message Queueing - by an MQ noobMessage Queueing - by an MQ noob
Message Queueing - by an MQ noobRichard Jones
 
Multicast for IPv6
Multicast for IPv6Multicast for IPv6
Multicast for IPv6Fred Bovy
 
Crypto map based IPsec VPN fundamentals - negotiation and configuration
Crypto map based IPsec VPN fundamentals - negotiation and configurationCrypto map based IPsec VPN fundamentals - negotiation and configuration
Crypto map based IPsec VPN fundamentals - negotiation and configurationdborsan
 
Implementation of IPSec VPN on Cisco routers and Configuring it on ISP. (1)
Implementation of IPSec VPN on Cisco routers and Configuring it on ISP. (1)Implementation of IPSec VPN on Cisco routers and Configuring it on ISP. (1)
Implementation of IPSec VPN on Cisco routers and Configuring it on ISP. (1)Vanitha Joshi
 
IPSec VPN Tutorial Part1
IPSec VPN Tutorial Part1IPSec VPN Tutorial Part1
IPSec VPN Tutorial Part1Abdallah Abuouf
 
IPV6 Skills and expertise programs
IPV6 Skills and expertise programsIPV6 Skills and expertise programs
IPV6 Skills and expertise programsIPv6 Conference
 
ITU in Asia Pacific : Cooperation with APNIC on IPv6 Migration [APRICOT 2015]
ITU in Asia Pacific : Cooperation with APNIC on IPv6 Migration [APRICOT 2015]ITU in Asia Pacific : Cooperation with APNIC on IPv6 Migration [APRICOT 2015]
ITU in Asia Pacific : Cooperation with APNIC on IPv6 Migration [APRICOT 2015]APNIC
 
National IPv6 Strategies and Migration Plans - ITU Telecom World, Doha 7 Dece...
National IPv6 Strategies and Migration Plans - ITU Telecom World, Doha 7 Dece...National IPv6 Strategies and Migration Plans - ITU Telecom World, Doha 7 Dece...
National IPv6 Strategies and Migration Plans - ITU Telecom World, Doha 7 Dece...Mohamed El Bashir, Msc., MBA
 
IPv6 Deployment, Lao ICT Expo 2016
IPv6 Deployment, Lao ICT Expo 2016IPv6 Deployment, Lao ICT Expo 2016
IPv6 Deployment, Lao ICT Expo 2016APNIC
 

Viewers also liked (20)

Ipv4 vs Ipv6 comparison
Ipv4 vs Ipv6 comparisonIpv4 vs Ipv6 comparison
Ipv4 vs Ipv6 comparison
 
IPV6 INTRODUCTION
IPV6 INTRODUCTIONIPV6 INTRODUCTION
IPV6 INTRODUCTION
 
IPv4 to IPv6
IPv4 to IPv6IPv4 to IPv6
IPv4 to IPv6
 
ipv6 ppt
ipv6 pptipv6 ppt
ipv6 ppt
 
IPv6 Addressing Fundamentals
IPv6 Addressing FundamentalsIPv6 Addressing Fundamentals
IPv6 Addressing Fundamentals
 
IPv6 networking training sduffy v3
IPv6 networking training sduffy v3IPv6 networking training sduffy v3
IPv6 networking training sduffy v3
 
Ipv6 basics
Ipv6 basicsIpv6 basics
Ipv6 basics
 
IPv4 and IPv6
IPv4 and IPv6IPv4 and IPv6
IPv4 and IPv6
 
Apnic IPv6 Deployment
Apnic IPv6 DeploymentApnic IPv6 Deployment
Apnic IPv6 Deployment
 
ipv6 programming
ipv6 programmingipv6 programming
ipv6 programming
 
Message Queueing - by an MQ noob
Message Queueing - by an MQ noobMessage Queueing - by an MQ noob
Message Queueing - by an MQ noob
 
Multicast for IPv6
Multicast for IPv6Multicast for IPv6
Multicast for IPv6
 
Crypto map based IPsec VPN fundamentals - negotiation and configuration
Crypto map based IPsec VPN fundamentals - negotiation and configurationCrypto map based IPsec VPN fundamentals - negotiation and configuration
Crypto map based IPsec VPN fundamentals - negotiation and configuration
 
Implementation of IPSec VPN on Cisco routers and Configuring it on ISP. (1)
Implementation of IPSec VPN on Cisco routers and Configuring it on ISP. (1)Implementation of IPSec VPN on Cisco routers and Configuring it on ISP. (1)
Implementation of IPSec VPN on Cisco routers and Configuring it on ISP. (1)
 
Exploring I Pv6
Exploring I Pv6Exploring I Pv6
Exploring I Pv6
 
IPSec VPN Tutorial Part1
IPSec VPN Tutorial Part1IPSec VPN Tutorial Part1
IPSec VPN Tutorial Part1
 
IPV6 Skills and expertise programs
IPV6 Skills and expertise programsIPV6 Skills and expertise programs
IPV6 Skills and expertise programs
 
ITU in Asia Pacific : Cooperation with APNIC on IPv6 Migration [APRICOT 2015]
ITU in Asia Pacific : Cooperation with APNIC on IPv6 Migration [APRICOT 2015]ITU in Asia Pacific : Cooperation with APNIC on IPv6 Migration [APRICOT 2015]
ITU in Asia Pacific : Cooperation with APNIC on IPv6 Migration [APRICOT 2015]
 
National IPv6 Strategies and Migration Plans - ITU Telecom World, Doha 7 Dece...
National IPv6 Strategies and Migration Plans - ITU Telecom World, Doha 7 Dece...National IPv6 Strategies and Migration Plans - ITU Telecom World, Doha 7 Dece...
National IPv6 Strategies and Migration Plans - ITU Telecom World, Doha 7 Dece...
 
IPv6 Deployment, Lao ICT Expo 2016
IPv6 Deployment, Lao ICT Expo 2016IPv6 Deployment, Lao ICT Expo 2016
IPv6 Deployment, Lao ICT Expo 2016
 

Similar to IPv6 theoryfinalx

Lesson 3: IPv6 Fundamentals
Lesson 3: IPv6 FundamentalsLesson 3: IPv6 Fundamentals
Lesson 3: IPv6 FundamentalsMahmmoud Mahdi
 
I pv6(internet protocol version 6)
I pv6(internet protocol version 6)I pv6(internet protocol version 6)
I pv6(internet protocol version 6)Subrata Kumer Paul
 
8-Lect_8 Addressing the Network.tcp.pptx
8-Lect_8 Addressing the Network.tcp.pptx8-Lect_8 Addressing the Network.tcp.pptx
8-Lect_8 Addressing the Network.tcp.pptxZahouAmel1
 
Americas Headquarters IPv6 Addressing White Paper IPv6 Introduction
Americas Headquarters IPv6 Addressing White Paper IPv6 IntroductionAmericas Headquarters IPv6 Addressing White Paper IPv6 Introduction
Americas Headquarters IPv6 Addressing White Paper IPv6 IntroductionScott Faria
 
Why We Need IPv6
Why We Need IPv6Why We Need IPv6
Why We Need IPv6Netwax Lab
 
10 IP VERSION SIX (6) WEEK TEN notes.pptx
10 IP VERSION SIX (6) WEEK TEN notes.pptx10 IP VERSION SIX (6) WEEK TEN notes.pptx
10 IP VERSION SIX (6) WEEK TEN notes.pptxJoshuaAnnan5
 
IPv6 Impo Addressing and Protocols2.pptx
IPv6 Impo Addressing and Protocols2.pptxIPv6 Impo Addressing and Protocols2.pptx
IPv6 Impo Addressing and Protocols2.pptxNandaKumar106002
 
Introduction to IPv6-UoN
Introduction to IPv6-UoNIntroduction to IPv6-UoN
Introduction to IPv6-UoNMwendwa Kivuva
 
Ipv6 Technical White Paper Wp111504
Ipv6 Technical White Paper Wp111504Ipv6 Technical White Paper Wp111504
Ipv6 Technical White Paper Wp111504Erik Ginalick
 
Ipv Technical White Paper Wp111504
Ipv Technical White Paper Wp111504Ipv Technical White Paper Wp111504
Ipv Technical White Paper Wp111504Erik Ginalick
 
Apnic-Training-IPv6_workshop
Apnic-Training-IPv6_workshopApnic-Training-IPv6_workshop
Apnic-Training-IPv6_workshopNguyen Minh Thu
 

Similar to IPv6 theoryfinalx (20)

Lesson 3: IPv6 Fundamentals
Lesson 3: IPv6 FundamentalsLesson 3: IPv6 Fundamentals
Lesson 3: IPv6 Fundamentals
 
I pv6(internet protocol version 6)
I pv6(internet protocol version 6)I pv6(internet protocol version 6)
I pv6(internet protocol version 6)
 
8-Lect_8 Addressing the Network.tcp.pptx
8-Lect_8 Addressing the Network.tcp.pptx8-Lect_8 Addressing the Network.tcp.pptx
8-Lect_8 Addressing the Network.tcp.pptx
 
IPV6
IPV6 IPV6
IPV6
 
IPv6
IPv6IPv6
IPv6
 
IPv6
IPv6IPv6
IPv6
 
01 Ipv6 Addressing
01 Ipv6 Addressing01 Ipv6 Addressing
01 Ipv6 Addressing
 
IPv6.pptx
IPv6.pptxIPv6.pptx
IPv6.pptx
 
Americas Headquarters IPv6 Addressing White Paper IPv6 Introduction
Americas Headquarters IPv6 Addressing White Paper IPv6 IntroductionAmericas Headquarters IPv6 Addressing White Paper IPv6 Introduction
Americas Headquarters IPv6 Addressing White Paper IPv6 Introduction
 
ipv6 addressing.pptx
ipv6 addressing.pptxipv6 addressing.pptx
ipv6 addressing.pptx
 
IPv6 Addressing
IPv6 AddressingIPv6 Addressing
IPv6 Addressing
 
I pv6 addressing
I pv6 addressingI pv6 addressing
I pv6 addressing
 
Why We Need IPv6
Why We Need IPv6Why We Need IPv6
Why We Need IPv6
 
10 IP VERSION SIX (6) WEEK TEN notes.pptx
10 IP VERSION SIX (6) WEEK TEN notes.pptx10 IP VERSION SIX (6) WEEK TEN notes.pptx
10 IP VERSION SIX (6) WEEK TEN notes.pptx
 
IPv6 Impo Addressing and Protocols2.pptx
IPv6 Impo Addressing and Protocols2.pptxIPv6 Impo Addressing and Protocols2.pptx
IPv6 Impo Addressing and Protocols2.pptx
 
Introduction to IPv6-UoN
Introduction to IPv6-UoNIntroduction to IPv6-UoN
Introduction to IPv6-UoN
 
Ipv6 Technical White Paper Wp111504
Ipv6 Technical White Paper Wp111504Ipv6 Technical White Paper Wp111504
Ipv6 Technical White Paper Wp111504
 
Ipv Technical White Paper Wp111504
Ipv Technical White Paper Wp111504Ipv Technical White Paper Wp111504
Ipv Technical White Paper Wp111504
 
Apnic-Training-IPv6_workshop
Apnic-Training-IPv6_workshopApnic-Training-IPv6_workshop
Apnic-Training-IPv6_workshop
 
UNIT-2.pptx
UNIT-2.pptxUNIT-2.pptx
UNIT-2.pptx
 

Recently uploaded

Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 

Recently uploaded (20)

Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 

IPv6 theoryfinalx

  • 1. IPv6 Notes from IP Addressing and Basic Connectivity and TCP/IP Tutorial and Technical Overview
  • 2. Implementing IPv6 Addressing and Basic Connectivity • IPv6, formerly named IPng (next generation), is the latest version of the Internet Protocol (IP). IP is a packet-based protocol used to exchange data, voice, and video traffic over digital networks.
  • 3. Implementing IPv6 Addressing and Basic Connectivity • IPv6 quadruples the number of network address bits from 32 bits (in IPv4) to 128 bits. • By being globally unique, IPv6 addresses inherently enable global reachibility and end- to-end security for networked devices.
  • 4. IPv6 Addressing and Basic Connectivity • The flexibility of the IPv6 address space reduces the need for private addresses and the use of Network Address Translation (NAT) thus, IPv6 enables new application protocols that do not require special processing by border routers at the edge of networks.
  • 5. IPv6 Address Formats • IPv6 addresses are represented as eight groups of four hexadecimal digits separated by colons (:) in the format: • 2001:0DB8:7654:3210:FEDC:BA98:7654:3210 • 2001:0DB8:0:0:8:800:200C:417A
  • 6. IPv6 Address Formats • It is common for IPv6 addresses to contain successive hexadecimal fields of zeros. • To make IPv6 addresses less cumbersome, two colons (::) may be used to compress successive hexadecimal fields of zeros at the beginning, middle, or end of an IPv6 address. • Two colons (::) can be used only once in an IPv6 address, to represent the longest successive hexadecimal fields of zeros.
  • 7. IPv6 Special Addresses IANA maintains the official list of the IPv6 address space. Global unicast assignments can be found at the various RIRs or at the GRH DFP pages. There are a number of addresses with special meaning in IPv6: Unspecified address ::/128 — the address with all zero bits is called the unspecified address. This address must never be assigned to an interface and is to be used only in software before the application has learned its host's source address appropriate for a pending connection. Routers must not forward packets with the unspecified address. Link local addresses ::1/128 — the loopback address is a unicast local host address. If an application in a host sends packets to this address, the IPv6 stack will loop these packets back on the same virtual interface (corresponding to 127.0.0.1 in IPv4). fe80::/10 — The link-local prefix specifies that the address is only valid on a single link. This is analogous to the autoconfiguration IP addresses 169.254.0.0/16 in IPv4.
  • 8. IPv6 Special Addresses Unique local addresses • fc00::/7 — unique local addresses (ULA) are routable only within a set of cooperating sites. They were defined in RFC 4193 as a replacement for site-local addresses (see below). The addresses include a 40-bit pseudorandom number in the routing prefix that intends to minimize the risk of conflicts if sites merge or packets are misrouted into the Internet. Despite the restricted, local usage of these addresses, their address scope is global. This is a departure from the prior definitions of site-local addresses. Multicast addresses • ff00::/8 — The multicast prefix designates multicast addresses as defined in "IP Version 6 Addressing Architecture" (RFC 4291). Some of these have been assigned to specific protocols, for example ff02::101 will reach all link-local NTP servers (RFC 2375). Solicited-node multicast addresses • ff02::1:FFXX:XXXX — XX:XXXX are the 3 low order octets of the corresponding unicast or anycast address.
  • 9. IPv6 Special Addresses • IPv4 transition ::ffff:0:0/96 — this prefix is used for IPv4 mapped addresses 2001::/32 — Used for Teredo tunneling. 2002::/16 — this prefix is used for 6 to 4 addressing. • ORCHID 2001:10::/28 — ORCHID (Overlay Routable Cryptographic Hash Identifiers) as per (RFC 4843). These are non-routed IPv6 addresses used for Cryptographic Hash Identifiers. • Documentation 2001:db8::/32 — this prefix is used in documentation (RFC 3849). The addresses should be used anywhere an example IPv6 address is given or model networking scenarios are described.
  • 10. IPv6 Special Addresses • Deprecated or obsolete addresses ::/96 — This is a 96-bit zero-value prefix originally known as IPv4- compatible addresses. This class of addresses were used to represent IPv4 addresses within an IPv6 transition technology. Such an IPv6 address has its first 96 bits set to zero, while its last 32 bits are the IPv4 address that is represented. The Internet Engineering Task Force (IETF) has deprecated the use of IPv4-compatible addresses with publication RFC 4291. The only remaining use of this address format is to represent an IPv4 address in a table or database with fixed size members that must also be able to store an IPv6 address. fec0::/10 — The site-local prefix specifies that the address is valid only within the site network of an organization. Its use has been deprecated in September 2004 by RFC 3879 and new systems must not support this special type of address. New specifications replace this address type with unique local addresses.
  • 11. IPv6 Address Type: Unicast • An IPv6 unicast address is an address destined for a single interface, on a single node. • A packet that is sent to a unicast address is delivered to the interface identified by that address. • Cisco IOS software supports the following IPv6 unicast address types: Aggregateable Global Address Site-Local Address Unique-Local Address Link-Local Address
  • 12. Global Aggregateable Unicast Address • A global unique address is an IPv6 address that’s routable on the internet and may be aggregated upwards through organizations, and eventually to the Internet Service Providers (ISPs). • Addresses with a prefix of 2000::/3 (001) through E000::/3 (111) are required to have 64-bit interface identifiers in the Modified (EUI)-64 format. • The Internet Assigned Numbers Authority (IANA) allocates the IPv6 address space in the range of 2000::/16 to regional registries.
  • 14. Global Aggregateable Unicast Address The Global Unicast Address consists of a: • 48-bit global routing prefix: which included the Top-Level Aggregator (TLA) and Next-Level Aggregator (NLA) but because they were policy-based they were removed) •16-bit subnet ID: (Site-Level Aggregator) used by individual organizations to create their own local addressing hierarchy and identify subnets (as in IPv4). An organization with an IPv6 subnet ID can support up to 65,535 individual subnets. •Interface-ID: used to identify interfaces on a link, the interface ID must be unique to the link. Interface IDs used in global unicast and other IPv6 address types must be 64 bits long and constructed in the modified EUI-64 format.
  • 15. Site-Local address • A site-local address is an IPv6 unicast address that uses the prefix FEC0::/10, and concatenates the subnet identifier (16-bit SLA field) with the interface identifier in the modified EUI-64 format. • Site-local addresses can be used to number a complete site without using a globally unique prefix. • Site-local addresses can be considered private addresses because they can be used to restrict communication to a limited domain. • IPv6 routers must not forward packets that have site- local source or destination addresses outside of the site. • Site-local addresses are being obsolecesed by Unique-local addresses, though some still exist.
  • 17. Unique Local Address • A unique local address is an IPv6 unicast address with a prefix FC00::/7 or FD00::/7, that’s globally unique, and intended for local communications. They are not expected to be routable on the global Internet and are routable inside of a limited area, such as a site. • A unique local address has: • It has a well-known, globally unique prefix to allow for easy filtering at site boundaries. • It allows sites to be combined or privately interconnected without creating any address conflicts or requiring renumbering of interfaces that use these prefixes. • It is ISP-independent and can be used for communications inside of a site without having any permanent or intermittent Internet connectivity. • If it is accidentally leaked outside of a site via routing or DNS, there is no conflict with any other addresses. • Applications may treat unique local addresses like global scoped addresses.
  • 19. Link-Local Address • A link-local address is an IPv6 unicast address that can be automatically configured on any interface • It Uses the link-local prefix FE80::/10 (1111 1110 10) and the interface identifier in modified EUI-64format. • Link-local addresses are used in the neighbor discovery protocol and the stateless auto- configuration process. • Nodes on a local link can use link-local addresses to communicate; the nodes do not need site-local or globally unique addresses to communicate. • IPv6 routers must not forward packets that have link- local source or destination addresses to other links.
  • 21. Internet transition: Migrating IPv4 to IPv6 • If the Internet is to realize the benefits of IPv6, a period of transition will be necessary when new IPv6 hosts and routers are deployed alongside existing IPv4 systems. • RFC 2893 (Transition Mechanisms for IPv6 Hosts and Routers) and RFC2185 (Routing Aspects of IPv6 Transition), define a number of mechanisms to ensure both the compatibility between old and new systems and a gradual transition that doesn’t impact functionality of the Internet. • These techniques are sometimes collectively termed Simple Internet Transition (SIT).
  • 22. IPv4/IPv6 Transitional addresses The transition employs the following techniques: • Dual-stack IP implementations for hosts and routers that must interoperate between IPv4 and IPv6. • IPv6-over-IPv4 tunneling mechanisms for carrying IPv6 packets across IPv4 router networks. • IPv4/IPv6 header translation. This technique is intended for use when implementation of IPv6 is well advanced and only a few IPv4-only systems remain. • Embedding of IPv4 addresses in IPv6 addresses. IPv6 hosts will be assigned addresses that are interoperable with IPv4, and IPv4 host addresses will be mapped to IPv6.
  • 23. IPv4/IPv6 Compatible addresses • An IPv4-compatible IPv6 address is an IPv6 unicast address that has zeros in the high-order 96 bits, and an IPv4 address in the low-order 32 bits of the address. • The format: 0:0:0:0:0:0:192.0.2.128 or ::192.0.2.128 • The IPv6 address of a node is the entire 128-bit IPv4- compatible IPv6 address with embedded IPv4 address and the IPv4 address of the node is the low- order 32 bits from the 128 bit address. • IPv4-compatible IPv6 addresses are assigned to nodes that support both IPv4 and IPv6 protocol stacks and are used in automatic tunnels. 80 bits 16 bits 32 bits zeros 0000(=96) 192.0.2.128
  • 24. IPv6/IPv4 Mapped addresses • Dual stack IPv6/IPv4 implementations typically support a special class of addresses, the IPv4 mapped addresses. • This address type has its first 80 bits set to zero, the next 16 set to one (FFFF), while its last 32 bits represent an IPv4 address. • For example, ::ffff:c000:280(all hex) is the IPv4 mapped address for the IPv4 address 192.0.2.128.
  • 25. IPv4 Mapped addresses cont. As an exception to standard IPv6 address notation (all hex), IPv4 mapped addresses are commonly represented with their last 32 bits written in dot-decimal notation (eg. IPv4), appended to the standard IPv6 notation of the leading bits, e.g. ::ffff:c000:280 could be written as ::ffff:192.0.2.128. 80 bits 16 bits 32 bits zeros FFFF 192.0.2.128
  • 26. IPv4 Mapped addresses cont. • This address type allows the transparent use of the transport layer protocols over IPv4 through the IPv6 networking API. • A benefit of this mechanism is that server applications only need to open a single listening socket to handle connections from clients using IPv6 or IPv4 protocols. • IPv6 clients will be handled natively by default, and IPv4 clients appear as IPv6 clients with an appropriately mapped address. • It can also be used to establish IPv4 connections specifically with an IPv6 socket. While the network protocol on the transmission medium is IPv4, the connection is presented as an IPv6 interface to the application.
  • 27. IPv6 Address Type: Anycast • An Anycast address is an address that is assigned to a set of interfaces that typically belong to different routers. • A packet sent to an anycast address is delivered to the closest interface as defined by the routing protocols in use. • Anycast addresses are syntactically the same as unicast addresses since they’re allocated from the unicast address space. • Routers to which the anycast address are assigned must be explicitly configured to recognize that the address is an anycast address.
  • 28. IPv6 Address Type: Anycast • Anycast addresses can be used only by a router, not a host, and anycast addresses must not be used as the source address of an IPv6 packet.
  • 29. IPv6 Address Type: Multicast • An IPv6 multicast address is an IPv6 address that has a prefix of FF00::/8 (1111 1111). • An IPv6 multicast address is an identifier for a set of interfaces that typically belong to different nodes. • A packet sent to a multicast address is delivered to all interfaces identified by the multicast address.
  • 30. IPv6 Address Type: Multicast • The second octet following the prefix defines the lifetime and scope of the multicast address. • A permanent multicast address has a lifetime parameter equal to 0. • A temporary multicast address has a lifetime parameter equal to 1. • A multicast address that has the scope of a node, link, site, or organization, or a global scope has a scope parameter of 1, 2, 5, 8, or E, respectively. For example, a multicast address with the prefix FF02::/16 is a permanent multicast address with a link scope.
  • 31. IPv6 Address Type: Multicast
  • 32. IPv6 Multicast Groups Group ID (Interface Id, above slide) Identifies the multicast group. Some special purpose multicast addresses are predefined as follows: FF01::1 All interfaces node-local. All interfaces on the host itself. FF02::1 All nodes link-local. All systems on the local network. FF01::2 All routers node-local. All routers local to the host itself. FF02::2 All routers link-local. All routers on the same link as the host. FF05::2 All routers site-local. All routers on the same site as the host. FF02::B Mobile agents link-local. FF02::1:2 All DHCP agents link-local. FF05::1:3 All DHCP servers site-local.
  • 33. IPv6 Multicast Groups • A special multicast address, the solicited node multicast address, is used by ICMP for neighbor discovery and duplicate address detection. It has the format: • FF02::1:FFxx:xxxx, where xx xxxx is taken from the last 24-bits of a nodes unicast address. • A node’s IPv6 address of 4025::01:800:100F:7B5B belongs to the multicast group FF02::1:FF0F:7B5B. • For a more complete listing of reserved multicast addresses, see the IANA documentation– IPv6 Multicast Addresses Assignments.
  • 34. IPv6 Header Format • The basic IPv6 packet header has 8 fields with a total size of 40 octets. Fields were removed from the IPv6 header because, in IPv6, fragmentation is not handled by routers and checksums at the network layer are not used. • Instead, fragmentation in IPv6 is handled by the source of a packet and checksums at the data link layer and transport layer are used. • In IPv4, the User Datagram Protocol transport layer uses an optional checksum. In IPv6, use of the UDP checksum is required to check the integrity of the inner packet. • Additionally, the basic IPv6 packet header and options field are aligned to 64 bits, which can facilitate the processing of IPv6 packets.
  • 35. IPv6 Basic IP Header
  • 36. IPv6 Basic Packet Header Version Similar to the Version field in the IPv4 packet header, except that the field lists number 6 for IPv6 instead of number 4 for IPv4. Traffic Class Similar to the Type of Service field in the IPv4 packet header. The Traffic Class field tags packets with a traffic class that is used in differentiated services. Flow Label A new field in the IPv6 packet header. The Flow Label field tags packets with a specific flow that differentiates the packets at the network layer. Payload Similar to the Total Length field in the IPv4 packet header. The Payload Length Length field indicates the total length of the data portion of the packet. Next Header Similar to the Protocol field in the IPv4 packet header. The Next Header field determines the type of information following the basic IPv6 header. The type of information following the basic IPv6 header can be a transport-layer packet, for example, a TCP or UDP packet, or an Extension Header, Hop Limit Similar to the Time to Live field in the IPv4 packet header. The value of the Hop Limit field specifies the maximum number of routers that an IPv6 packet can pass through before the packet is considered invalid. Each router decrements the value by one. Because no checksum is in the IPv6 header, the router can decrement the value without needing to recalculate the checksum, which saves processing resources. Source & Similar to the Source & Destination fields in the IPv4 header, except that the Dest. Address field contains a 128-bit address for IPv6, instead of a 32-bit source address for IPv4.
  • 38. IPv6 Extension Headers Hop by Hop Options 0 This header is processed by all hops in the path of a packet. When present, and always follows immediately after the basic IPv6 packet header. Destination options 60 Is processed at the final destination and also at each visited address header specified by a routing header when followed by the hop-by-hop options header. Alternatively, the destination options header can follow any Encapsulating Security Payload (ESP) header, in which case the destination options header is processed only at the final destination. Routing header 43 The routing header is used for source routing. Fragment header 44 Used when a source must fragment a packet that is larger than the MTU for the path between itself and a destination. Used in each fragmented packet. Authentication header 51 The Authentication header and the ESP header are used within IP Security and Protocol (IPSec) to provide authentication, integrity, and confidentiality of a ESP header 50 packet. These headers are identical for both IPv4 and IPv6. Transport (upper-layer) 6 TCP The Upper-layer headers are the typical transport-layer headers used inside headers a packet to transport the data. The two main transport protocols are TCP and UDP. 17 UDP Mobility header 135 Extension headers used by mobile nodes, correspondent nodes, and home agents in all messaging related to the creation and management of bindings.
  • 39. Unicast Reverse Path Forwarding • The Unicast RPF feature is invoked to mitigate problems caused by malformed or forged (spoofed) IPv6 source addresses that pass through an IPv6 router. • Malformed or forged source addresses can indicate denial-of- service (DoS) attacks based on source IPv6 address spoofing. • Unicast RPF checks to see if any packet received at a router interface arrives on one of the best return paths to the source of the packet. Unicast RPF does this by doing a reverse lookup in the CEF table. • With Unicast RPF, all equal-cost “best” return paths are considered valid. Unicast RPF works in cases where multiple return paths exist provided that each path is equal to the others in terms of the routing cost (number of hops, weights, and so on) and as long as the route is in the FIB.
  • 40. Unicast Reverse Path Forwarding • Where NOT to use Unicast RPF. • Unicast RPF should not be used where UPSR ring topologies are implemented such as within the core of an ISP, or on interfaces that are internal to the network. These interfaces are likely to have routing asymmetry meaning the number of hops in the transmit and receive path differ. Unicast RPF should be applied only where there is natural or configured symmetry. As long as administrators carefully plan which interfaces they activate Unicast RPF on, routing asymmetry is not a serious problem. • Routers at the edge of the network of an ISP are more likely to have symmetrical reverse paths than routers that are in the core of the ISP network. • Routers that are in the core of the ISP network have no guarantee that the best forwarding path out of the router will be the path selected for packets returning to the router. Hence, it is not recommended that you apply Unicast RPF where there is a chance of asymmetric routing. It is simplest to place Unicast RPF only at the edge of a network or, for an ISP, at the customer edge of the network.
  • 41. Unicast Reverse Path Forwarding Unicast RPF Blocking Traffic in an Asymmetrical Routing Environment
  • 42. Path MTU Discovery for IPv6 • As in IPv4, path MTU discovery in IPv6 allows a host to dynamically discover and adjust to differences in the MTU size of every link along a given data path. • In IPv6, however, fragmentation is handled by the source of a packet when the path MTU of one link along a given data path is not large enough to accommodate the size of the packets. • Having IPv6 hosts handle packet fragmentation saves IPv6 router processing resources and helps IPv6 networks run more efficiently. • In IPv6, the minimum link MTU is 1280 octets. We recommend using an MTU value of 1500 octets for IPv6 links.
  • 43. IPv6 Neighbor Discovery • Neighbor discovery is a function that enables a node to identify other hosts and routers on its links. • The node needs to know of at least one router so that it knows where to forward packets if a target node is not on its local link. • Neighbor discovery also allows a router to redirect a node to use a more appropriate router if the node has initially made an incorrect choice. • There are two ways that neighbor discovery are performed in IPv6. Statelessly via ICMPv6 and Statefuly via DHCPv6
  • 44. IPv6 Neighbor Discovery • An IP address is obtained statefuly (DHCPv6) or Statelessly (ICMPv6) • The M bit in an RA message determines how the IP address is obtained. • The O bit determines if other configuration parameters are configured statefuly as well. • An IP address is obtained statefuly (DHCPv6) if the M bit is set (1). • An IP address is obtained Statelessly (ICMPv6) if the M bit is not set (0).
  • 45. Internet Control Message Protocol Version 6 (ICMPv6) • In order for IP to move data from one node to another successfully, there are many functions that need to be carried out, (error reporting, route discovery, and diagnostics) to name a few. These tasks are carried out by Internet Control Message Protocol • ICMPv6 also carries out the tasks of conveying multicast group membership information, (a function that was previously performed by the IGMP protocol in IPv4), and address resolution, (previously performed by ARP). • ICMPv6 messages and their use are specified in RFC 4443 – Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) and RFC 2461 – Neighbor Discovery for IP Version 6 (IPv6). Both RFCs are draft standards with a status of elective. • Every ICMPv6 message is preceded by an IPv6 header (and possibly some IP extension headers). The ICMPv6 header is identified by a Next Header value of 58 in the immediately preceding header.
  • 46. Internet Control Message Protocol Version 6 (ICMPv6) There are two classes of ICMPv6 messages. Error messages Type 0 to 127. Informational messages Type 128 to 255.
  • 47. Internet Control Message Protocol Version 6 (ICMPv6) ICMPv6 message types include: 1 Destination Unreachable 2 Packet Too Big 3 Time (Hop Count) Exceeded 4 Parameter Problem 128 Echo Request 129 Echo Reply 130 Group Membership Query 131 Group Membership Report 132 Group Membership Reduction 133 Router Solicitation 134 Router Advertisement 135 Neighbor Solicitation 136 Neighbor Advertisement 137 Redirect Message
  • 48. IPv6 Neighbor Discovery Messages • Type 133 Router Solicitation Message • Type 134 Router Advertisement Message • Type 135 Neighbor Solicitation Message • Type 136 Neighbor Advertisement Message • Type 137 Neighbor Redirect Message
  • 49. IPv6 Neighbor Solicitation Message • When a node wants to determine the link-layer address of another node, the source address in a neighbor solicitation message is the IPv6 address of the node sending the neighbor solicitation message (Type 135). • The destination address in the neighbor solicitation message is the solicited-node multicast address that corresponds to the IPv6 address of the destination node. • The neighbor solicitation message also includes the link-layer address of the source node. • Neighbor solicitation messages are also used to verify the reachability of a neighbor after the link-layer address of a neighbor is identified. • When a node wants to verify the reachability of a neighbor, the destination address in a neighbor solicitation message is the unicast address of the neighbor.
  • 52. IPv6 Neighbor Advertisement Message • After receiving the neighbor solicitation message, the destination node replies by sending a neighbor advertisement message, (Type 136) in the Type field of the ICMP packet header, on the local link. • The source address in the neighbor advertisement message is the IPv6 address of the node interface sending the neighbor advertisement message. • The destination address in the neighbor advertisement message is the IPv6 address of the node that sent the neighbor solicitation message. • The data portion of the neighbor advertisement message includes the link-layer address of the node sending the neighbor advertisement message. • Neighbor advertisement messages are also sent when there is a change in the link-layer address of a node on a local link. • When there is such a change, the destination address for the neighbor advertisement is the all-nodes multicast address.
  • 55. IPv6 Router Advertisement Message • Router advertisement (RA) messages, have a value of 134 in the Type field of the ICMP packet header, are periodically sent out each configured interface of an IPv6 router. • For stateless autoconfiguration to work properly, the advertised prefix length in RA messages must always be 64 bits. • The RA messages are sent to the all-nodes multicast address.
  • 58. IPv6 Router Solicitation Message • Router solicitation messages, value of Type 133 of the ICMP packet header, are sent by hosts at system startup so that the host can immediately autoconfigure without needing to wait for the next scheduled RA message. • Router solicitation messages are usually sent by hosts at system startup (the host does not have a configured unicast address), the source address in router solicitation messages is usually the unspecified IPv6 address (0:0:0:0:0:0:0:0). • RAs are also sent in response to router solicitation messages.
  • 60. IPv6 Neighbor Redirect Message • Routers send neighbor redirect messages to inform hosts of better first-hop nodes on the path to a destination. • A value of 137 in the Type field of the ICMP packet header identifies an IPv6 neighbor redirect message. • A router must be able to determine the link-local address for each of its neighboring routers in order to ensure that the target address in a redirect message identifies the neighbor router by its link- local address. • For static routing, the address of the next-hop router should be specified using the link-local address of the router. • For dynamic routing, all IPv6 routing protocols must exchange the link-local addresses of neighboring routers.
  • 63. IPv6 Stateless Auto-configuration • A node on the link can automatically configure site- local and global IPv6 addresses by appending its 64 bit interface ID to the 64 bit prefixes included in the RA messages. • The resulting 128-bit IPv6 addresses configured by the node are then subjected to duplicate address detection to ensure their uniqueness on the link. • If the prefixes advertised in the RA messages are globally unique, then the IPv6 addresses configured by the node are also guaranteed to be globally unique. • Router solicitation messages, which have a value of 133 in the Type field of the ICMP packet header, are sent by hosts at system startup so that the host can immediately autoconfigure without needing to wait for the next scheduled RA message.
  • 65. DHCP for IPv6 Prefix Delegation • DHCP for IPv6 can be used in environments to deliver statefull and stateless information. • Again the M bit allows the IP address to be obtained statefully when set (1) and statelessly when not (0) • Other configuration parameters can be obtained statefully via the O bit when set (1). • For further information about this feature, see the Implementing DHCP for IPv6 module in the Cisco IOS IPv6 Configuration Library.
  • 66. IPv6 Prefix Aggregation • The aggregatable nature of the IPv6 address space enables an IPv6 addressing hierarchy. • An enterprise can subdivide a single IPv6 prefix from a service provider into multiple, longer prefixes for use within its internal network. • Conversely, a service provider can aggregate all of the prefixes of its customers into a single, shorter prefix that the service provider can then advertise over the IPv6 internet. (see Figure 17)
  • 68. IPv6 Site Multi-homing • Multiple IPv6 prefixes can be assigned to networks and hosts. • Having multiple prefixes assigned to a network makes it easy for that network to connect to multiple ISPs without breaking the global routing table. (see Figure 18)
  • 70. Dual IPv4 and IPv6 Protocol Stacks • The Dual IPv4 and IPv6 protocol stack technique can be used to transition to IPv6 by enabling gradual one-by-one upgrades to applications running on nodes. • Applications running on nodes are upgraded to make use of the IPv6 protocol stack. • Applications that are not upgraded, support only the IPv4 coexisting with upgraded applications on a node. • New and upgraded applications make use of both the IPv4 and IPv6 protocol stacks. (see Figure 19).
  • 71. Dual IPv4 and IPv6 Protocol Stacks
  • 72. Dual IPv4 and IPv6 Protocol Stacks