480 likes | 688 Views
IPv6 Addressing Leo T. Chiang E-Mail: tt_chiang@ringline.com.tw. Introduction IPv4 Challenges. Introduction Possible Solution: New Address Scheme. 32 bits for IPv4 addressing 2 32 or 4,294,967,296 IPv4 addresses available 50% of IPv4 address space is still unallocated
E N D
IPv6 AddressingLeo T. ChiangE-Mail: tt_chiang@ringline.com.tw
IntroductionPossible Solution: New Address Scheme • 32 bits for IPv4 addressing • 232 or 4,294,967,296 IPv4 addresses available • 50% of IPv4 address space is still unallocated • 2 billion addresses exhausted for DNS-documented 51 million systems • 70% of Fortune 1000 are using NAT • 128 bits for IPv6 addressing • 340,282,266,920,938,463,463,374,607,431,768,211,465 (or 3.4 x 1038) addresses available • 16-bit ‘colon hexadecimal’ notation
20 octets + options : 13 fields, including 3 flag bits IPv6 Features & BenefitsChanges from IPv4 0 bits 4 8 16 24 31 Ver IHL Service Type Total Length Identifier Flags Fragment Offset Time to Live Protocol Header Checksum 32 bit Source Address 32 bit Destination Address Options and Padding Changed Removed
IPv6 Features & BenefitsHeader: 40 Bytes, 8 Fields 0 4 12 16 24 31 Traffic Class Version Flow Label Payload Length Next Header Hop Limit 128-bit Source Address 128-bit Destination Address
IPv6 Features & BenefitsHeader & Extensions • IP options become optional Extension Headers • Extension Headers are chained together • Enables greater IP service potential IPv6 Header TCP Header Application Data Next = TCP IPv6 Header Routing Hdr TCP Header Application Data Next = Routing Next = TCP IPv6 Header Security Hdr Fragment Hdr TCP Header Data Frag Next = Security Next = Frag Next = TCP
IPv4 options drawbacks IPv4 options required special treatment in routers Options had negative impact on forwarding performance Rarely used Benefits of IPv6 extension headers Extension headers are external to IPv6 header Routers do not look at these options except for Hop-by-hop options No negative impact on routers forwarding performance Easy to extend with new headers and option Benefits of IPv6 extension headers
IPv6 Features & BenefitsHeader Improves Processing Performance • Fixed size IPv6 header • Options not limited to 40 bytes as in IPv4 • Fewer fields in basic header = faster processing of basic packets • 64-bit alignment header/Options • Efficient Option processing • Fields processed only when present • Most Options processed only at destination • Checksum removed from Network Layer • Data links now more reliable • Performed at Upper Layers (e.g. TCP, UDP, ICMPv6) • No Fragmentation in the network • More router cycles available for forwarding • Easier to implement in silicon • Easy for Layer 3 Switching of IP
IPv6 extension header orders RFC 2460 recommends following order: • IPv6 header • Hop-by-hop options header • Destination options header • Routing header • Fragment header • Authentication header • ESP header • Destination options header • Upper-layer header
Currently available IPv6 options • Hop-by-hop • Must be processed by every node on the packet‘s path • Must always appear immediately after IPv6 header • Two Hop-by-hop options already defined: • Router alert option • Jumbo payload option • Destination • Meant to carry information intended to be examined by the destination node • Only options currently defined are padding options to fill out header on a 64-bit boundary if (future) options require it
Global Site-Local Link-Local IPv6 Features & Benefits Addressing Model • Addresses are assigned to interfaces • No change from IPv4 Model • Interface can have multiple addresses • Addresses have scope • Link Local – specifies subnet • Site Local – specifies private address (like 10.x in v4) • Global – specifies global (advertised) significance • Addresses have lifetime • Valid – timer for address life • Preferred – new address; may supersede existing, valid address • Neighbor Discovery • Replaces ARP, ICMP Router Discovery, and ICMP Redirect IPv4 functionality • Used by hosts to: • Discover neighboring routers, addresses, configuration parameters • Used by routers to: • Advertise presence, host configuration parameters, next-hop
Prefix Interface ID 3FFE:0301:DEC1:: 0A00:2BFF:FE36:701E IPv6 Features & Benefits Address Structure • An IPv6 Address formed by two entities: • Separates “who you are” from “who you are connected to” • Routing Prefix - Routing Topology • Node Identification - Interface Identifier • Prefix & Interface ID sections not fixed sizes • Example: Ethernet MAC address mapped to Interface ID Prefix Representation 3FFE:0301:DEC1::/64
IPv6 Address Representation • 128 bits • Represented by 8 colon-separated segments • Each 16-bit segment written in hexadecimal Example: 3ffe:3700:1100:0001:d9e6:0b9d:14c6:45ee
IPv6 Address Compaction • Leading zeroes in a 16-bit segment can be compacted Example: fe80:0210:1100:0006:0030:a4ff:000c:0097 Becomes: fe80:210:1100:6:30:a4ff:c:97
IPv6 Address Compaction • All zeroes in one or more contiguous 16-bit segments can be represented with a double colon (::) Example: ff02:0000:0000:0000:0000:0000:0000:0001 Becomes: ff02::1 BUT…
IPv6 Address Compaction Example: 2001:0000:0000:0013:0000:0000:0b0c:3701 Can be: 2001::13:0:0:b0c:3701 Or: 2001:0:0:13::b0c:3701 But not: 2001::13::b0c:3701 • Double colons can only be used once
Imbedded IPv4 Addresses • Some transition mechanisms imbed IPv4 addresses in IPv6 addresses • Imbedded IPv4 addresses are represented with dotted decimal Examples: ::13.1.68.3 ::ffff:129.144.52.38 fe08::5efe:172.24.240.30
IPv6 Prefix Representation • CIDR-like notation used to specify prefix length Examples: 3ffe:0:0:2300:ce21:233:fea0:bc94/60 201:468:1102:1::1/64
IPv6 Prefix Compaction 2002:0000:0000:18d0:0000:0000:0000:0000/60 Can be represented as: 2002::18d0:0:0:0:0/60 2002:0:0:18d0::/60
IPv6 Address Types • Unicast • Identifies a single interface • Packet sent to a unicast address is delivered to the interface identified by that address • Anycast • Identifies a set of interfaces • Packet sent to an anycast address is delivered to the nearest interface identified by that address (as defined by the routing protocol) • Multicast • Identifies a set of interfaces • Packet sent to a multicast address is delivered to all interfaces identified by that address • IPv6 has no broadcast addresses • IPv6 uses "all-nodes" multicast instead
IPv6 Address Scope • Link-Local • Used on a single link • Packets with link-local source or destination addresses are not forwarded to other links • Site-Local • Used for a single site • Packets with site-local source or destination addresses are not forwarded to other sites • Global • A globally unique address • Packets with global addresses can be forwarded to any part of the global network
Identifying Address Types Type IPv6 Prefix Unspecified ::/128 Loopback ::1/128 Multicast ff00::/8 Link-Local Unicast fe80::/10 Site-Local Unicast fec0::/10 Global Unicast/Anycast everything else
FP TLA-ID Res NLA-ID SLA-ID Interface-ID Global Unicast Addresses:TLA/NLA Format(Being Obsoleted) 128 bits FP = Format Prefix (= 001 for globally aggregated unicast addresses) TLA-ID = Top-level aggreation identifier RES = Reserverd for future use NLA = Next-level aggregation identifier SLA-ID = Site-level aggregation identifier Interface ID = Interface identifier ≥3 ≤13 8 24 16 64 Site Topology Public Topology Interface Identifier Node Portion Network Portion
Global Unicast Addresses:New Format 128 bits 3 45 16 64 001 Global Routing Prefix Subnet Interface-ID Site Topology Public Topology Interface Identifier Node Portion Network Portion • Global Routing Prefix uses CIDR-like hierarchy • Everyone (from corporations to residences) gets 48-bit prefix • Everyone gets 16-bit subnet space • There are some exceptions (very large subscribers, mobile nodes)
Global Unicast Addresses:Why Fixed Prefix and Subnet Lengths? • Changing ISPs becomes simpler • Eliminates need to justify address space • Plenty of room to grow • 001 is only 1/8th of total address space • 16-bit subnet field sufficient for most subscribers • Can simplify multihoming • See RFC 3177 for more information
Interface ID • Unique to the link • Identifies interface on a specific link • Can be automatically derived • IEEE addresses use MAC-to-EUI-64 conversion • Other addresses use other automatic means • Can be used to form link-local address • Can be used to form global address with stateless autoconfiguration
EUI-64 • ipconfig /all MAC : 00-02-3F-75-68-83 2. 00000000-00000010-00111111-01110101-01101000-10000011 • 00000000-00000010-00111111+1111111111111110+01110101-01101000-10000011 • 00000010-00000010-00111111+1111111111111110+01110101-01101000-10000011 • 0000001000000010:0011111111111111:1111111001110101:0110100010000011 • 202:3FFF:FE75:6883 • fe80::202:3FFF:FE75:6883
Multicast Address Format 128 bit 8 4 4 112 11111111 flgs scop Group-ID • Defines address scope • 0 Reserved • Node-local scope • Link-local scope • Site-local scope • Organization local scope • E Global scope • F Reserved First 3 bits set to 0 Last bit defines address type: 0 = Permanent (or well-known) 1 = Locally assigned (or transient)
Configuration Example:IOS Router Interface interface Ethernet2 ip address 206.196.180.113 255.255.255.240 ipv6 address 3FFE:3700:1102:1::1/64 ipv6 address 201:468:1102:1::1/64
Configuration Example:JUNOS Router Interface [edit] lab@Juniper5# show interfaces fe-0/1/1 unit 0 { family inet { address 206.196.180.113/28; } family inet6 { address 3FFE:3700:1102:1::1/64; address 201:468:1102:1::1/64; } }
ICMPv6 • Many of the same functions as ICMPv4 • ICMPv4 Protocol Number = 1 • ICMPv6 Next Header Number = 58 • Adds new messages and functions • Neighbor discovery • Stateless autoconfiguration • Mobile IPv6
ICMPv6 Message Types • Defined in RFC 2463 TypeMessage 1 Destination Unreachable 2 Packet Too Big 3 Time Exceeded 4 Parameter Problem 128 Echo Request 129 Echo Reply
ICMPv6 New Message Types • Defined in RFC 2461 • Used for Neighbor Discovery protocol TypeMessage 133 Router Solicitation (RS) 134 Router Advertisement (RA) 135 Neighbor Solicitation (NS) 136 Neighbor Advertisement (NA) 137 Redirect
IPv6 Neighbor Discovery • RFC 2461 • Neighbor can be router or host • Performs several functions • Link-layer address resolution • Router discovery • Local prefix discovery • Address autoconfiguration • Parameter discovery • Next-hop determination • Tracks neighbor and router reachability • Duplicate address detection • Redirects
Comparison to IPv4 Functions • Similar IPv4 functions • ARP • ICMP Router Discovery • ICMP Redirect • IPv4 has no agreed-upon mechanism for neighbor unreachability detection • Detects failing routers and links • Detects nodes that change their link-layer address • Unlike ARP, detects half-link failures
Improvements over IPv4 • Router discovery part of base protocol • Hosts do not need to “snoop” routing protocols • RAs and redirects carry link-layer addresses • No additional packet exchange needed • RAs carry link prefixes • No separate mechanism to configure “netmasks” • Enables address autoconfiguration • Multiple prefixes can be associated with same link • RAs can advertise link MTUs • Ensures all nodes on link use same MTU value • Immune to reception of off-link ND messages • Hop limit always set to 255 • IPv4 ICMP Redirects and Router Discovery messages can be sent from off-link
IPv6 Features & Benefits Autoconfiguration • Improves Plug-and-Play, operational simplicity • Eases renumbering • Eases address management • Enables local mobility • Types • Stateful- uses DHCPv6 • Clients obtain address and / or configuration from a DHCP server • DHCP server provides tight control over addresses • Stateless - uses Neighbor Discovery • Routers advertise prefixes • Hosts generate an "interface token" • Address is formed by combining the two IPv6 Infrastructure Router Solicitation via ND Router Advertisement via ND Host IP information configured dynamically
Address Autoconfiguration • Stateless autoconfiguration • Requires only a router • Key advantage for applications such as Mobile IP • Stateful autoconfiguration • When more control is desired • DHCPv6 • Stateless and stateful can be combined • “M” and “O” flags in RA • M flag: Stateless Address Autoconfiguration Y/N • O flag: Stateless Autoconfigure Other Parameters Y/N
Stateless Autoconfiguration • Interface ID automatically derived • IEEE addresses use MAC-to-EUI-64 conversion • Other addresses use other means, such as random number generation • Host creates a link-local address • Host performs duplicate address check • Host sends RS to the all-routers multicast address (ff01::2) • Router unicasts RA with prefix information • Host adds prefix to Interface ID to form global unicast address
MAC-to-EUI-64 Conversion • First three octets of MAC becomes Company-ID • Last three octets of MAC becomes Node-ID • 0xfffe inserted between Company-ID and Node-ID • Universal/Local-Bit (U/L-bit) is set to 1 for global scope
MAC-to-EUI-64 Conversion Example • MAC Address: 0000:0b0a:2d51 • In binary: 00000000 00000000 00001011 00001010 00101101 01010001 U/L Bit Company-ID Individual Node-ID • Insert fffe between Company-ID and Node-ID 00000000 00000000 00001011 11111111 11111110 00001010 00101101 01010001 • Set U/L bit to 1 00000010 00000000 00001011 11111111 11111110 00001010 00101101 01010001 • Resulting EUI-64 Address: 0200:0bff:fe0a:2d51 = fffe U/L Bit
Using the EUI-64 Interface ID EUI-64 Address: 200:bff:fe0a:2d51 Link-Local Address: fe80::200:bff:fe0a:2d51 Global Unicast Address: 3ffe:3700:1100:1:200:bff:fe0a:2d51
Stateful Autoconfiguration:DHCPv6 • Currently in Internet-draft • Many changes from DHCPv4: • Configuration of dynamic updates to DNS • Address deprecation for dynamic renumbering • Authentication • Clients can ask for multiple IP addresses • Addresses can be reclaimed • Integration between stateful and stateless autoconfiguration • Uses multicasting • All_DHCP_Agents: ff02::1:2 • All_DHCP_Servers: ff05::1:3
Configuration Example:Router Discovery [edit] lab@Juniper5# show interfaces fe-2/1/0 unit 0 { family inet6 { address 2001:468:1100:1::1/64; address 3ffe:3700:1100:1::1/64; } } [edit] lab@Juniper5# show protocols router-advertisement interface fe-2/1/1.0 { other-stateful-configuration; prefix 3ffe:3700:1100:1::/128; prefix 2001:468:1100:1::/128; }
Configuration Example:Windows XP Host C:\Documents and Settings\Jeff Doyle>ipv6 if 4 Interface 4: Ethernet: Local Area Connection 2 uses Neighbor Discovery uses Router Discovery link-layer address: 00-10-a4-a0-bc-97 preferred global 2001:468:1100:1:d9e6:b9d:14c6:45ee, life 6d21h14m26s/21h12m4s (anonymous) preferred global 2001:468:1100:1:210:a4ff:fea0:bc97, life 29d23h59m25s/6d23h59m25s (public) preferred global 3ffe:3700:1100:1:d9e6:b9d:14c6:45ee, life 6d21h14m26s/21h12m4s (anonymous) preferred global 3ffe:3700:1100:1:210:a4ff:fea0:bc97, life 29d23h59m25s/6d23h59m25s (public) preferred link-local fe80::210:a4ff:fea0:bc97, life infinite multicast interface-local ff01::1, 1 refs, not reportable multicast link-local ff02::1, 1 refs, not reportable multicast link-local ff02::1:ffa0:bc97, 3 refs, last reporter multicast link-local ff02::1:ffc6:45ee, 2 refs, last reporter link MTU 1500 (true link MTU 1500) current hop limit 64 reachable time 22000ms (base 30000ms) retransmission interval 1000ms DAD transmits 1
次序 國家或地區 國家代碼 IPv6數量(單位:/32或/35) 1 JAPAN JP 54 2 KOREA, REPUBLIC OF KR 15 3 TAIWAN TW 10 4 AUSTRALIA AU 4 5 CHINA CN 4 6 SINGAPORE SG 4 7 MALAYSIA MY 3 8 THAILAND TH 3 9 HONG KONG HK 2 10 INDIA IN 1 11 INDONESIA ID 1 12 PAPUA NEW GUINEA PG 1 13 PHILIPPINES PH 1 亞太地區IPv6核發(Allocated)統計亞太地區IPv6總計: 103 資料更新日期: 2003/05/19
次序 IPv6網段名稱 IPv6網址範圍 核發日期 1 HINET-TW-20000208 2001:0238::/32 2000/02/08 2 TANET-TWNIC-TW-20001006 2001:0288::/32 2000/10/06 3 ASNET-TWNIC-TW-20020711 2001:0C08::/32 2002/07/11 4 TTN-TWNIC-TW-20020812 2001:0C50::/32 2002/08/12 5 SIXREN-TWNIC-TW-20020827 2001:0C58::/32 2002/08/27 6 CHTTL-TW-20021002 2001:0CA0::/32 2002/10/02 7 SEEDNET-IPv6-TWNIC-TW-20021209 2001:0CD8::/32 2002/12/09 8 TFN-TWNIC-TW-20030313 2001:0D20::/32 2003/03/13 9 10 TWNIC-TW-v6-20030331 NTT TW (Code name unknown) 2001:0DC1::/32 2001:0D40::/32 2003/05/19 2003/03/31 TAIWAN IPv6所有網段列表