Chapter 8 D IPv6
Transcript of Chapter 8 D IPv6
NEXT GENERATION INTERNET
IPV6
REASONS FOR IPV6
• Number of addresses is huge• IPv4 limited to 4.3 billion host addresses (232)• IPv6 will have about 340 undecillion addresses (2128)
• Improve route aggregation
• IPv6 addresses integrate IP and MAC addresses• First 64 bits are the network address• Second 64 bits are the MAC address• The traditional 48 bit address with some added bits to bring it
up to 64 bits.
ADDRESS EXAMPLE
2001:cdba:0000:0000:0000:0000:3257:9652
Network portion Device portion
ABBREVIATIONS
• Leading zero’s can be omitted• A double colon can be used to denote a string of
zeros, but can only be used once• Ex: FE80:0000:0000:0000:00CF:0000:EA98:1234
becomes FE80::CF:0:EA98:1234• IPV6 Loopback address is ::1
NETWORK/LOCAL LINK ADDRESSES
• Local Link Address is a variation of the MAC address plus the network address• Network address/MAC address + modifications
• Any computer running IPV6 gives itself a local link address even if IPV6 is not being used on the network.• The default network portion of the generated
local link address is FE80::/64• The local link address is a computer’s unique IP
address (before formal network assignment if the network is connected to the Internet)
LOCAL LINK ADDRESS/EUI-64 (EXTENDED UNIQUE IDENTIFIER)
• MAC address: 40-61-86-99-E5-11• Strip dashes, split in half: 406186 99E511• Add FFFE to the middle: 406186FFFE99E511• Convert 2nd Hexadecimal digit to binary, compliment
the 3rd binary digit and convert back to Hex• 0 hex to 0000 bin• 0000 becomes 0010• 0010 bin becomes 2 hex• EUI-64 address: 426186FFFE99E511• Local Link address: FE80::426186FFFE99E511
• MS Windows Vista and 7 generate EUI-64 number as a random number, but this can be disabled
END OF BROADCAST
• IPV6 does not have a broadcast address like IPV4• Unicast: just like IPV4, send to one computer• Multicast: just like IPV4, send to a group of
computers• FF02::1 – broadcast to all hosts • FF02::2 – broadcast to all routers only
• Anycast: An IPV6 address can be assigned to a group of computers and IPV6 routes will send to the closest available one (DNS is an example)
IPv4 versus IPv6 packet
9
8.12: IPV6 PACKET HEADER
IP Version 6 Packet
Source IP Address (128 bits)
Bit 0 Bit 31
Hop Limit(8 bits)
Next Header(8 bits) Nameof next header
Payload Length(16 bits)
Version(4 bits)Valueis 6(0110)
Diff-Serv(8 bits)
Flow Label (20 bits)Marks a packet as part of a specific flow
Destination IP Address (128 bits)
Next Header or Payload (Data Field)
Version fieldis 6 (0110).
© 2013 Pearson Education, Inc. Publishing as Prentice Hall
10
8.12: IPV6 PACKET HEADER
IP Version 6 Packet
Source IP Address (128 bits)
Bit 0 Bit 31
Hop Limit(8 bits)
Next Header(8 bits) Nameof next header
Payload Length(16 bits)
Version(4 bits)Valueis 6(0110)
Diff-Serv(8 bits)
Flow Label (20 bits)Marks a packet as part of a specific flow
Destination IP Address (128 bits)
Next Header or Payload (Data Field)
Diff-Serv (Differentiated Services) fieldspecifies the quality of service
requested for this packet.
© 2013 Pearson Education, Inc. Publishing as Prentice Hall
11
8.12: IPV6 PACKET HEADER
IP Version 6 Packet
Source IP Address (128 bits)
Bit 0 Bit 31
Hop Limit(8 bits)
Next Header(8 bits) Nameof next header
Payload Length(16 bits)
Version(4 bits)Valueis 6(0110)
Diff-Serv(8 bits)
Flow Label (20 bits)Marks a packet as part of a specific flow of packets
Destination IP Address (128 bits)
Next Header or Payload (Data Field)
Flow Label specifies that this packetis part of a specific flow of packetsto be treated in a particular waydefined at the start of the flow.
© 2013 Pearson Education, Inc. Publishing as Prentice Hall
12
8.12: IPV6 PACKET HEADER
IP Version 6 Packet
Source IP Address (128 bits)
Bit 0 Bit 31
Hop Limit(8 bits)
Next Header(8 bits) Nameof next header
Payload Length(16 bits)
Version(4 bits)Valueis 6(0110)
Diff-Serv(8 bits)
Flow Label (20 bits)Marks a packet as part of a specific flow of packets
Destination IP Address (128 bits)
Next Header or Payload (Data Field)IPv6 header is always 40 octets long.Payload Length is the length of theremainder of the packet in octets.
© 2013 Pearson Education, Inc. Publishing as Prentice Hall
13
8.12: IPV6 PACKET HEADER
IP Version 6 Packet
Source IP Address (128 bits)
Bit 0 Bit 31
Hop Limit(8 bits)
Next Header(8 bits) Nameof next header
Payload Length(16 bits)
Version(4 bits)Valueis 6(0110)
Diff-Serv(8 bits)
Flow Label (20 bits)Marks a packet as part of a specific flow of packets
Destination IP Address (128 bits)
Next Header or Payload (Data Field)
IPv6 Hop Limit works exactly likethe Time-to-Live field in IPv4.
The name change wasdone to confuse students.
© 2013 Pearson Education, Inc. Publishing as Prentice Hall
14
8.12: IPV6 PACKET HEADER
IP Version 6 Packet
Source IP Address (128 bits)
Bit 0 Bit 31
Hop Limit(8 bits)
Next Header(8 bits) Nameof next header
Payload Length(16 bits)
Version(4 bits)Valueis 6(0110)
Diff-Serv(8 bits)
Flow Label (20 bits)Marks a packet as part of a specific flow
Destination IP Address (128 bits)Next Header or Payload (Data Field)
Source and Destination Addressesare 128 bits long.
© 2013 Pearson Education, Inc. Publishing as Prentice Hall
• IP Version 4• 32-bit addresses• 232 possible addresses• 4,294,967,296 (about 4 billion)• Running out of these
• IP Version 6• 128-bit addresses• 2128 possible addresses• 340,282,366,920,938,000,000,000,000,000,000,000,000
addresses
8.12: IPV6 PACKET HEADER
© 2013 Pearson Education, Inc. Publishing as Prentice Hall 15
16
8.12: NEXT HEADERS IN IPV6 PACKET HEADERS
IP Version 6 Packet
Source IP Address (128 bits)
Bit 0 Bit 31
Hop Limit(8 bits)
Next Header(8 bits) Nameof next header
Payload Length(16 bits)
Version(4 bits)Valueis 6(0110)
Diff-Serv(8 bits)
Flow Label (20 bits)Marks a packet as part of a specific flow of packets
Destination IP Address (128 bits)
Next Header or Payload (Data Field)
IPv6 has many subheaders,each is linked to the nextvia the Next Header field
© 2013 Pearson Education, Inc. Publishing as Prentice Hall
8.13: NEXT HEADERS IN IPV6 PACKET HEADERS
© 2013 Pearson Education, Inc. Publishing as Prentice Hall 17
Main Header
Hop-by-Hop Options Header (0)
TCP Segment (6)
0
6
Next Header
Next Header
Header Type Value
Extension HeaderHop-by-Hop Options Header 0Routing Header 43Fragmentation Header 44Authentication Header 51Encapsulating Security Protocol Header 50Destination Options Header 60Mobility Header 135No Next Header 59
8.14: IPV6 NEXT HEADER VALUES
© 2013 Pearson Education, Inc. Publishing as Prentice Hall 18
Header Type Value
Upper Layer messagesTCP 6UDP 17ICMPv6 58
8.14: IPV6 NEXT HEADER VALUES
© 2013 Pearson Education, Inc. Publishing as Prentice Hall 19
AGGREGATION
• IPV6 Network addresses are distributed dynamically (not frequently though) from Tier 1 routers down their chain of sub routers unlike IPV4.• Upstream routes can reconfigure downstream
routers with new network addresses• IANA passes out /32 bit subnets to large ISP’s.
ISP’s in tern pass out /48 and /64 subnets to end users
OTHER ASPECTS VS. IPV4
• NAT is no longer used• DHCP is used in IPV6 even though hosts receive
the network address portion of the address in router advertisements from the IPV6 router upon host startup.• DHCP servers in IPV6 still provide DNS info for
hosts and can operate in one of two modes:• Stateful: IPV6 address, subnet masks, default gateway
and DNS server(s) address• Stateless: DNS server(s) address
• Stateless is the most common mode
SECURITY ASPECTS OF IPV6
• IPv6 was originally intended to use IPsec for encrypting packets.• Not widely implemented in applications except for VPN’s• Also can be done in IPv4.
• Biggest advantage is the sheer number of IP addresses that are impossible to scan like can be done with IPv4.
• IPv4 addresses are written in dotted decimal notation.• Divide the 32-bit address into four 8-bit segments.• Convert each segment to a decimal number.• Place dots between the segments.
WRITING IPV6 ADDRESSES
© 2013 Pearson Education, Inc. Publishing as Prentice Hall 23