4. 4
Public address space becoming exhausted
Large routing tables for Internet backbone routers
Configuration could be simpler
IP-layer security is not required
Need better support for prioritized delivery
Problem with IPv4
6. 6
Large address space
128-bit (16-byte) source and destination IP addresses.
With a much larger number of available addresses,
address-conservation techniques, such as the deployment
of NAT, are no longer necessary.
New header format
Designed to keep header overhead to a minimum.
Moving both non-essential fields and option fields to
extension headers that are placed after the IPv6 header.
Efficient and hierarchical addressing and routing
infrastructure
7. 7
Stateless and stateful address configuration
To simplify host configuration, IPv6 supports both stateful
address configuration (in the presence of a DHCP server)
and stateless address configuration (in the absence of a
DHCP server).
Built -in security
IPSec architecture
Authentication— MD5 based
Confidentiality— DES, encrypt entire datagram or IP
payload
IPv6 Security header
Authentication Header
Encapsulating Security Payload (ESP)
Multicast support
Multicast support is mandatory.
8. 8
Better support for QoS
New fields in the IPv6 header define how traffic is
identified and handled.
Traffic identification using a Flow Label field in the IPv6
header allows routers to identify and provide special
handling for packets belonging to a flow.
New protocol for neighboring node interaction
Based on ICMPv6 (Internet Control Message Protocol for
IPv6)
Manages the interaction of neighboring nodes (nodes on
the same link).
Extensibility
Can easily be extended for new features by adding
extension headers after the IPv6 header.
10. 10
IPv6 Addressing Model
Addresses are assigned to interfaces
No change from IPv4 Model
Interface ‘expected’ to have multiple addresses
Introduces the concept of limited scope addresses
Link Local
UniqueLocal
Global
Addresses have lifetime
Valid and Preferred lifetime
11. 11
IPv6 Address Syntax
IPv6 address in binary form
0010000000000001000011011011100000000000000000000010111100111011
0000001010101010000000001111111111111110001010001001110001011010
Divided along 16-bit boundaries
0010000000000001 0000110110111000 0000000000000000 0010111100111011
0000001010101010 0000000011111111 1111111000101000 1001110001011010
Each 16-bit block is converted to hexadecimal and
delimited by using colons
2001:0DB8:0000:2F3B:02AA:00FF:FE28:9C5A
Suppress leading zeros within each block
2001:DB8:0:2F3B:2AA:FF:FE28:9C5A
12. 12
Compressing Zeros
Typical IPv6 addresses contain long sequences of
zeros
A single contiguous sequence of 16-bit blocks set
to 0 can be compressed to “::”
Examples
FE80:0:0:0:2AA:FF:FE9A:4CA2 becomes
FE80::2AA:FF:FE9A:4CA2
FF02:0:0:0:0:0:0:2 becomes FF02::2
This mechanism can only be applied once!
2001:3600:0:0:3:0:0:1 2001:3600::3:0000:0000:1
OK
2001:3600:0:0:3:0:0:1 2001:3600::3::1 Wrong!
13. 13
IPv6 Address Prefix
IPv6 Prefix representation
CIDR-Like notation used to specify prefix length
represented with the following notation :
ipv6-address / prefix-length
prefix-length is a decimal value specifying how many of
the left most contiguous bits of the address comprise the
prefix as in the following example: 3FFE:1234::/64
14. 14
Unspecified address (like IPv4’s 0.0.0.0) [Ref.1]
::
Loop-back (like IPv4’s 127.0.0.1) [Ref.1]
0:0:0:0:0:0:0:1
or ::1
Represent an IPv4 address [Ref.1]
IPv4-compatible 0:0:0:0:0:0:199.182.20.17
or ::199.182.20.17
IPv4-mapped IPv4’s 192.0.2.128 is mapped to
IPv6’s ::ffff:c000:280
In web browser URL field
http://[2003:0:0:B3::1234]:8080/URI [Ref.2]
Other IPv6 Addresses’ Representation
15. 15
Basic Address Types
Unicast
Address of a single interface
Delivery to single interface
for one-to-one communication
Multicast
Address of a set of interfaces
Delivery to all interfaces in the set
for one-to-many communication
Anycast
Address of a set of interfaces
Delivery to a single interface in the set
for one-to-nearest communication
No more broadcast addresses
16. 16
Unicast IPv6 Address
Global address
Link-local address
Site-local address
Unique local address
Link Link
Link
Site
Site
Global
Each rounded rectangular is a different zone ; different colors indicate different scopes
17. 17
Global Address
Address scope is the whole IPv6 Internet
Equivalent to public IPv4 addresses
Defined in RFC 3587
Structure
Global Routing Prefix
Subnet ID
Interface ID
Interface ID
64 bits
Subnet ID
45 bits
001 Global Routing Prefix
16 bits
18. 18
Link-Local Address
Address scope is a single link
Equivalent to APIPA IPv4 addresses(169.254.0.1 to
169.254.255.254 )
FE80::/64 prefix
Usage
Single subnet, routerless configurations
Neighbor Discovery processes
1111 1110 10 Interface ID
10 bits 64 bits
000 . . . 000
54 bits
19. 19
Site-Local Address
Address scope is a single site
Equivalent to private IPv4 addresses
FEC0::/10 prefix
Used for intranets that are not connected to the
IPv6 Internet
Recently made obsolete, but supported for current
implementations
1111 1110 11 Interface ID
10 bits 64 bits54 bits
Subnet ID
20. 20
Unique Local Addresses
Private to an organization, yet unique across all the
sites of the organization
FD00::/8 prefix
Replacement for site-local addresses
Global scope
1111 110 Interface ID
7 bits 64 bits
Global ID
40 bits
Subnet ID
16 bits
L
21. 21
IPv6 Interface Identifier
Interface identifiers in IPv6 unicast addresses are
used to identify interfaces on a link
They are required to be unique within a subnet prefix.
Interface identifiers are based the following items.
Extended Unique Identifier (EUI)-64 address
Either assigned to a network adapter card or derived from
IEEE 802 (MAC) addresses
A randomly generated value that changes over time
A value assigned by a stateful address configuration
protocol such as Dynamic Host Configuration Protocol for
IPv6 (DHCPv6)
A manually configured value
22. 22
IEEE 802 addresses
Company ID, OUI(Organizational Unique Identifier)
Extension ID
u bit – Universally (=0)/Locally (=1) Administered
g bit – Unicast (=0)/Group (=1) Address
ccccccug cccccccc cccccccc
24 bits 24 bits
xxxxxxxx xxxxxxxx xxxxxxxx
IEEE administered company ID Manufacturer selected extension ID
23. 23
IEEE EUI-64 addresses
Extended Unique Identifier
Company ID
Extension ID
ccccccug cccccccc cccccccc
24 bits 40 bits
xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx
IEEE administered company ID Manufacturer selected extension ID
25. 25
Converting IEEE 802 addresses to IPv6
interface identifiers
EUI-64 Address:
cccccc00 cccccccc cccccccc
24 bits 24 bits
xxxxxxxx xxxxxxxx xxxxxxxx
cccccc00 cccccccc cccccccc xxxxxxxx xxxxxxxx xxxxxxxx11111111 11111110
0xFF 0xFE
IEEE administered company ID Manufacturer selected extension ID
cccccc10 cccccccc cccccccc
64 bits
11111111 11111110 xxxxxxxx xxxxxxxx xxxxxxxxIPv6 Interface
Identifier:
IEEE 802 Address:
Complement the
universal/locally
administered bit
26. 26
EUI-64 interface ID example
Host A has the MAC address of 00-AA-00-3F-2A-1C
1. Convert MAC address to EUI-64 format
00-AA-00-FF-FE-3F-2A-1C
2. Complement the U/L bit (seventh bit of first byte)
The first byte in binary form is 00000000. When the seventh
bit is complemented, it becomes 00000010 (0x02).
02-AA-00-FF-FE-3F-2A-1C
3. Convert to colon hexadecimal notation
::2AA:FF:FE3F:2A1C
The link-local address for a node with the MAC
address of 00-AA-00-3F-2A-1C is
FE80::2AA:FF:FE3F:2A1C
27. 27
Stateless address configuration:
Relies on the IPv6 address structure.
Addresses are made of a prefix network and of an
identifying interface.
Prefixed networks are generally advertised by routers on
every link while the interface-ID is built locally in the host.
From these elements, every host can build its own IPv6
addresses.
The role of the router is important in this method since it
has to periodically advertise prefixes to be used on the
medium through the Neighbor Discovery protocol.
Stateful address configuration
this method relies on a specific protocol such as DHCP.
IPv6 Address Auto-Configuration
28. 28
Current Allocated IPv6 Addresses (1/2)
Global Unicast 2000::/3
Unique Local Unicast FC00::/7
Reserved by IETF FE00::/9
Link Local Unicast FE80::/10
Reserved by IETF(Deprecated Site Local Unicast)
FEC0::/10
Multicast FF00::/8
Documentation purpose only(must not be routed)
2001:DB8::/32 [Ref.3]
6Bone Testing 3FFE::/16 [Ref.4]
6to4, specific to IPv4/IPv6 integration 2002::/16 [Ref.5]
Teredo 2001:0000::/32 [Ref.6]
29. 29
The range of each RIR(Regional Internet registry)
[Ref.7]
APNIC(Asia Pacific) 2001:0200::/23
HINET-TW-20000208 2001:0238::/35
ARIN(American) 2001:0400::/23
RIPE(Europe, the Middle East and parts of Central Asia )
NCC 2001:0600::/23
Current Allocated IPv6 Addresses (2/2)
31. 31
IPv4 & IPv6 Header Comparsion (1/2)
Ver IHL
Destination Address
Source Address
Ver Flow Label
Payload Length
Next
Header
Hop Limit
Traffic
Class
Service
Type
Identification Flags Offset
TTL Protocol Header Checksum
Source Address
Destination Address
Options + Padding
Total Length
32 bits
32. 32
IPv4 & IPv6 Header Comparsion (2/2)
IPv4 Header Field Change in IPv6
Version New value of 6
Internet Header Length Removed
Type of Service Traffic Class field
Total Length Payload Length field
Identification Removed to Fragment extension header
Fragmentation Flags Removed to Fragment extension header
Fragment Offset Removed to Fragment extension header
Time to Live Hop Limit field
Protocol Next Header field
Header Checksum Removed
Source Address Same, new 128-bit length
Destination Address Same, new 128-bit length
Options Removed to extension headers
33. 33
QoS support in IPv6
Flow Label [Ref.8]
20-bit field
To identify specific flows needing special QoS.
Quantitative promises (e.g., x bits per second), uses
RSVP(Resource ReSerVation Protocol) signaling
Traffic Class
8-bit field
To identify specific classes of packets needing special
QoS(DiffServ)
Qualitative promises (e.g., higher priority), no explicit
signaling
34. 34
IPv6 Extension Headers (1/2)
Next Header field
Identify the type of the next header
Identifier values are the same as IPv4 “protocol” field
The lastes defined numbers could be found in
http://www.iana.org/assignments/protocol-numbers
Currently defined IPv6 extension headers
Hop-by-Hop Option
Special options requiring hop-by-hop processing.
Routing
Extended Routing.
Fragmentation
Fragmentation and Reassembly.
Authentication
Integrity and Authentication for IPsec.
Encapsulation
Confidentiality for IPsec.
Destination Options
Optional information to be examined by the destination node.
35. 35
IPv6 Header
Next Header = 6
(TCP)
TCP Segment
IPv6 Header
Next Header = 43
(Routing)
TCP SegmentRouting Header
Next Header = 6
(TCP)
Authentication Header
Next Header = 6
(TCP)
IPv6 Header
Next Header = 43
(Routing)
Routing Header
Next Header = 51
(AH)
TCP Segment
IPv6 Extension Headers (2/2)
37. 37
What is Multicast Listener Disconvery?
Enabling routers to discover the set of IPv6
multicast addresses for which there are listening
nodes for each attached interface.
Like IGMPv2, MLD discovers only those multicast
addresses that include at least one listener.
Enable host to inform router what set of multicast
addresses it’s interesting to
Use ICMP
38. 38
ICMP Messages for MLD
Multicast Listener Query
Multicast router queries network to determine membership
in a host group
ICMPv6 type 130
Multicast Listener Report
Host declares membership in a host group
ICMPv6 type 131
Multicast Listener Done
Host declares that there might not be any more members
of a host group on a subnet
ICMPv6 type 132
40. 40
What is Neighbor Discovery?
Node(Hosts and Routers) use ND to determinate
the link-layer addresses for neighbors known to
reside on attached links
Hosts also use ND to find neighboring router that
willing to forward packets on their behalf
Nodes use the protocol to actively keep track of
which neighbors are reachable and which are not,
and to detect changed link-layer addresses
Replace ARP, ICMP Router Discovery, and ICMP
Redirect used in IPv4
Use ICMP
42. 42
Neighbor Discovery Process (1/2)
Router discovery
Discover the local hosts on an attached link
Equivalent to ICMPv4 Router Discovery
Prefix discovery
Discovery the network prefix
Equivalent to ICMPv4 Address Mask Request/Reply
Parameter discovery
Discovery additional parameter(ex: link MTU, default hop
limit for outgoing packet)
Address autoconfiguration
Configure IP address for interfaces
Address resolution
Equivalent to ARP in IPv4
43. 43
Next-hop determination
Destination address, or
Address of an on-link default router
Neighbor unreachable detection(NUD)
Duplicate address detection(DAD)
Determine that an address considered for use is not
already in use by a neighboring node
First-hop Redirect function
Inform a host of a better first-hop IPv6 address to reach a
destination
Equivalent to ICMPv4 Redirect
Neighbor Discovery Process (2/2)
44. 44
Neighbor Discovery Example (1/2)
Router solicitations (RS) are sent by booting nodes to
request RAs for configuring the interfaces
1—ICMP Type = 133 (RS)
Src = link-local address (FE80::/10)
Dst = all-routers multicast address
(FF02::2)
Query = please send RA
2. RA1. RS
2—ICMP Type = 134 (RA)
Src = link-local address (FE80::/10)
Dst = all-nodes multicast address
(FF02::1)
Data = options, subnet prefix, lifetime,
autoconfig flag
45. 45
Neighbor Solicitation:
ICMP type = 135
Src = A
Dst = Solicited-node multicast address of B
Data = link-layer address of A
Query = what is your link-layer address?
Neighbor Advertisement:
ICMP type = 136
Src = B
Dst = A
Data = link-layer address of B
A and B Can Now Exchange
Packets on This Link
A B
(1)
(2)
Neighbor Discovery Example (2/2)
