3. IPv4 and IPv6 Differences
• Addressing
• 128 Bits verses 32 Bits
• Security
• IPSec (Support Required)
• Network Address Translation
• Not needed for IPv6 End-to-End Communication
• Administrative Workload
• Processing Efficiency using Extension Headers
• Mobile Device Support
• MIPv6
4. IPv6 Header
8 16 24 32
Ver Traffic Class Flow Label
Payload Length Next Header Hop Limit
Source IPv6 Address
Destination IPv6 Address
Version (4 Bits) – Always Set to 6
Traffic Class (8 Bits) – Same as TOS Byte of IPv4
Flow Label (20 Bits) – Identifies unique flows (Undefined)
Payload Length (16 Bits) – Length of the payload in bytes
Next Header (8 Bits) – Header or Protocol which follows
Hop Limit (8 Bits) – Functions as IPv4’s time to live (TTL)
Source Address (128 Bits) – Source IPv6 Address
Destination Address (128 Bits) – Destination IPv6 Address
5. Extension Headers
TCP Header +
IPv6 Header
Data
Auth Header
TCP Header +
IPv6 Header Next Header =
Data
TCP
Auth Header ESP Header
TCP Header +
IPv6 Header Next Header = Next Header =
Data
ESP TCP
6. Extension Headers
• Hop-by-hop Options (0)
• Information that must be examined by every node along the path
• Used by Router Alert and Jumbogram
• Routing (43)
• Similar to IPv4’s Loose Source and Record Route option
• Used by MIPv6
• Fragment (44)
• Used to indicate to the Destination how to reassemble the fragments.
• Source node fragments packets larger than path MTU.
• Routers no longer Fragment in IPv6
• Authentication Header (51)
• Used to provide data integrity and authentication
• Encapsulating Security Payload (50)
• Used to provide data integrity and confidentiality
7. Address Architecture
• Address Length
128 bits
= 340,282,366,920,938,463,463,374,607,431,768,211,456 nodes
• Address Format
X:X:X:X:X:X:X:X – Where X is a 16 bits hexadecimal field
2001:0000:0000:BEEF:021C:B3FF:FEBF:6C74
Case insensitive
2001:0000:0000:beef:021c:b3ff:febf:6c74
Leading zeros in a field are optional
2001:0:0:BEEF:21C:B3FF:FEBF:6C74
Successive fields of 0 are represented as ::, but only once in an
address
2001::BEEF:21C:B3FF:FEBF:6C74
9. Unicast Address Alloca5ons
::/0 Default Route
::/128 Unspecified
::1/128 Loopback
::/96 IPv6-Compatible* (Deprecated)
::FFFF:0:0/96 IPv4-Mapped
2001::/16 IPv6 Internet (ARIN, APNIC, RIPE NCC, LACNIC)
2002::/16 6to4 Transition
2003::/16 IPv6 Internet (RIPE NCC)
2400:0000::/19 IPv6 Internet (APNIC)
2400:2000::/19 IPv6 Internet (APNIC)
2400:4000::/21 IPv6 Internet (APNIC)
2600:0000::/22 IPv6 Internet (ARIN)
2604:0000::/22 IPv6 Internet (ARIN)
2608:0000::/22 IPv6 Internet (ARIN)
260C:0000::/22 IPv6 Internet (ARIN)
2A00:0000::/21 IPv6 Internet (RIPE NCC)
2A01:0000::/23 IPv6 Internet (RIPE NCC)
FC00::/7 Unicast Unique Local
FD00::/8 Unicast Unique Local (Locally Assigned)
FE80::/10 Unicast Link-Local
FEC0::/10 Unicast Site-Local* (Deprecated)
FF00::/8 Multicast
10. Unicast Global
Addressing Structure
Global Unicast Address:
2001:0000:CC1E:BEEF:021C:B3FF:FEBF:6C74
2001: 00 00:CC1E: BEEF: 021C:B3FF:FEBF:6C74
3 13 8 24 16 64
FP TLA RES NLA SLA Interface
11. IEEE 802 48bit MAC Address to EUI-64
Interface Identifier for stateless Autoconfiguration
001C:B3BF:6C74 001C:B3FF:FEBF:6C74
Vendor Node
001C:B3 FF:FE BF:6C74 00 1C:B3FF:FEBF:6C74
001C:B3FF:FEBF:6C74 00000000 00000010
Universal/Local Bit Set
021C:B3FF:FEBF:6C74
EUI-64 Interface ID
12. Multicast
• Multicast addresses identify groups of interfaces (one-to-many)
• No broadcast in IPv6. Multicast is used instead, mostly on local links
• Format Prefix
• FF<flags><scope>::<multicast group>
• Scoped Addresses
• Node-Local (FF01)
• Link-Local (FF02)
• Site-Local (FF05)
• Organization (FF08)
• Global (FF0E)
Useful Reserved Multicast Addresses
Address Scope Use
FF02::1 Link-Local All Nodes
FF02::2 Link-Local All Routers
FF02::1:FFxx:xxxx Link-Local Solicited-Node
FF05::2 Site-Local All Routers
13. Solicited-Node Multicast
• Solicited-Node Multicast Address Prefix
• FF02:0:0:0:0:1:FF00::/104
• Address created by appending the lower 24 bits of the IPv6 interface address
Global Unicast Address:
2001:0000:CC1E:BEEF:021C:B3FF:FEBF:6C74
Solicited-Node Multicast Address:
FF02:0000:0000:0000:0000:0001:FF BF:6C74
14. Anycast
• One-to-nearest: great for discovery functions
• Anycast addresses are indistinguishable from unicast addresses
• Allocated from the Unicast Addresses space
• Reserved Anycast Addresses
• 0x7F Unspecified
• 0x7E Mobile IPv6 Home-Agents Anycast [RFC3775]
• 0x00 Reserved
• Few uses
• MobileIPv6 home-agent discovery
• Discussions for DNS discovery
15. ICMPv6
• Internet Control Message Protocol
• Same behavior as in IPv4, but few enhancements
• IPv6 Next Header = 58
8 16 24 32
IPv6 Header
Type Code Checksum
Message Body
• Many messages are the same as the IPv4 counterpart:
• Type 1: Destination Unreachable
• Type 2: Packet Too Big (MTU)
• Type 3: Time Exceeded
• Type 4: Parameter Problem
• Type 128/129: Echo request/Echo reply
16. Path MTU
• No fragmentation done by routers in IPv6
• Fragmentation, if needed, is done by the source
• Source should do Path MTU Discovery to find the right MTU
• Minimum MTU is 1280
• PMTU Discovery Process
• Send a message to the destination with MTU of your link
• If receive a ICMP error message, then resend the message with the new MTU
• Continue to Send/Receive ICMPv6 PMTU until error messages are no longer
received
• Last MTU is the Path MTU
17. Neighbor Discovery
• Uses ICMPv6 messages
• Used to
• Determine link-layer address of neighbor (NS)
• Determine on-link routers and default route (RS)
• Actively keep track of neighbor reachability (NA)
• Send network information from routers to hosts (RA)
• Protocol used for host Autoconfiguration
• All ND messages must have Hop Limit=255
• Must originate and terminate from the same link
18. Neighbor Solicitation
• Sent by a node to determine link-layer address of a neighbor
• Similar to an IPv4 ARP request
• Packet description
• Source Address = Link-Local Address
• Destination = Solicited-Node Multicast Address or All Nodes Multicast (FF02::1)
• Data contains Link-Layer Address of source
• Query is: Please send me your link-layer address
• ICMP type 135
Neighbor Solicitation (NS)
Src: FE80::21C:B3FF:FEBF:6C74
Interface ID Dst: FF02::1:FF01:ABC1
FE80::21C:B3FF:FEBF:6C74
19. Neighbor Advertisement
• Response to a Neighbor Solicitation
• Similar to an IPv4 ARP response
• Includes my MAC address so you can send me information
• Packet description
• Source Address = Link-Local Address of source
• Destination = Destination Address of the NS request
• Data contains Link-Layer address of source
• ICMP type 136
Neighbor Advertisement (NA)
Src: FE80::B412:D86C:108A:ABC1 Interface ID
Dst: FE80::21C:B3FF:FEBF:6C74 FE80::B412:D86C:108A:ABC1
21. Router Advertisement
• Routers advertise periodically
• Max. time between advertisements can be in the range from 4 and 1800 seconds
• The advertisement has a lifetime (= 0 if not a default router)
• Advertisement contains one or more prefixes
• Prefixes have a lifetime
• Preferred lifetime
• Valid lifetime
• Specifies if stateful or stateless autoconfiguration is to be used
• Packet description:
Multicast Group:
• Source: Router Link-Local Address FF02::2
• Destination: All Nodes Multicast Address (FF02::1)
• Data: prefix, lifetimes, default router, options
• ICMP type 134
Router Advertisement (RA)
Src: FE80::2A:B7FF:FE42:0A65
Dst: FF02::1
Network Prefix: 2001::CC1E:BEEF::/64
Default Route: 2001::CC1E:BEEF:2A:B7FF:FE42:0A65/128
22. Duplicate Address Detection
• Similar to IPv4 ARP self
• Packet description
• Source Address = Unspecified
• Destination = Solicited-Node Multicast Address
• Data contains Link-Layer Address of source
• Query is: Please send me your link-layer address
• ICMP type 135
• If no Neighbor Advertisement is received, address is ok
Neighbor Solicitation (NS) - DAD
Src: ::
Interface ID Dst: FF02::1:FFBF:6C74
FE80::21C:B3FF:FEBF:6C74
23. Autoconfiguration States
• Stateful configuration
• Manual IP configuration
• DHCPv6 configuration
• Stateless Address Autoconfiguration
• Applies to hosts only (not to routers)
• No manual configuration required
• Specifies the prefix, default route and lifetime
• RA Does not specify the DNS servers
• Assumes interface has unique identifies
• Assumes multicast capable link
• Uses Duplicate Address Detection