IPv6 Training Chapter 2

Download Report

Transcript IPv6 Training Chapter 2

IPv6 Paul Schopis [email protected]

IPv4 has 12 mandatory fields in its Header.

Version TTL HD Len Identification Protocol TOS Source Address Flags Total Length Frg Offset Header Checksum Destination Address Options Padding 32 bits 20 Octets

IPv6 removes Six fields and is simpler Version Traffic Class Payload Length Flow Label Next Header Hop Limit Source Address Next Header Destination Address Extension Header Info 32 bits IPv6 Headers are 40 bits long and 64 bit aligned for fast processing. Addresses are 128 bits e.g. 4x IPv4.

Extension Headers Multiple headers must follow designated order 1. IPv6 Header 2. Hop-by-Hop Options 3. Destination Header(Placed here used with Routing Header) 4. Routing Header 5. Fragment Header 6. Authentication Header

Extension Headers 7. Encapsulation Security Payload (ESP) 8. Destination Options 9. Upper Layer (TCP/UDP)

Hop-by-Hop Options Header • Every node processes the Hop-by-Hop Header • Primarily used for – Router Alerts – Jumbograms • Jumbogram = Type 194 – Fragment Header is not present – Packet Exceeds 65,535 octets

Destination Options • Not processed by routers • Header Type = 60 • Options field allows rich number of options e.g. > 256.

Next Header Ext Header Length Options Continued Options

Option Type 8bits Option Data Len Option Data Action Change Number Action Bits “00” “01” “10” “11” Action Skip this Option Discard No ICMP Report Discard send ICMP Report for both unicast and multicast Discard send ICMP Report only if not Multicast.

Routing Header • Type = 43 • Explicit Routing Path • Does not require a complete list • Number of Headers does not change but is updated.

Fragment Header • Host is responsible for fragmenting – Assumes MTU discovery is in use • Only used when packet exceeds MTU • Routers do not deal with Fragmentation Next Header Reserved Fragment Offset Identification Reserved More Frag

Authentication Header Type = 51 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Next Header Payload Len Reserved Security Parameters Index SPI Sequence Number Authentication Data

Upper Layer Protocols • TCP is unchanged • UDP unlike IPv4, checksum is no longer optional it is mandatory.

ICMPv6 • Now includes Multicast functions – Multicast Listener Protocol • Type Field and Code Field allow more discrete treatment per Type.

1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Type Code Checksum Options Packet Data

Two Broad Categories • Error Messages • Informational

Destination Unreachable

Code Meaning

0 1 2 No route to Destination Communication with destination administratively prohibited (Not Assigned) 3 4 Address Unreachable Port Unreachable Type = 1 Code = 0-4 Unused Checksum As much of the original packet that will fit without Violating the MTU

Packet Too Big Type = 2 Code = 0 MTU Checksum As much of the original packet that will fit without Violating the MTU

Time Exceeded Message • Type = 3 • It has two codes – 0 = Hop Limit Exceeded – 1 = Fragment reassembly time exceeded.

• Identical to Destination Unreachable except for type and code values.

Parameter Problem

Code Meaning

0 1 2 Erroneous Header Field Encountered Unrecognized Next Header Type Unrecognized IPv6 Option encountered Type = 4 Code = 0 - 2 Checksum Pointer As much of the original packet that will fit without Violating the MTU

Echo and Echo Reply Type = 128/129 Identifier Code = 0 Data Checksum Sequence Number

Multicast Listener Protocol

Types

130 = Query 131 = Report 132 = Done Type Code Maximum Response Delay Checksum Reserved Multicast Address

Neighbor Discovery Protocol • Combines several IPv4 features into a single protocol.

• Replaces – ARP – Router Discovery – Redirect Messages

Router Solicitation Message Type = 133 Code = 0 Reserved Checksum Destination Address Source Link Layer Address (optional) Destination Address = All routers Multicast Address Source Address = Sending Nodes Address or unspecified

Neighbor Discovery –Router Solicitations RS RA ICMP Type = 133 Src = Unspecified address Dst = All-routers multicast address At boot time, nodes send router solicitations to receive Router Advertisements

Router Advertisement Message 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Type = 134 Code = 0 Hop Limit MO Reserved Reachable Time Checksum Router Lifetime Retransmission Timer Options: 1 Source Link Layer Address 2.MTU

3. Prefix Information If M = 1 hosts use stateful address management ex. DHCPv6 IF O = 1 Hosts use stateful autoconfiguration for non- address configuration

Neighbor Discovery –Router Advertisements RA RA ICMP Type = 134 Src = Router link-local address Dst = All nodes multicast address Data = options, prefix, lifetime, autoconfig flag

Neighbor Solicitation Message 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Type = 135 Code = 0 Reserved Checksum Target Address Optional Source Link Layer Address Sender is requesting Data Link Layer address from Target and provides its Data Link Layer Address

Neighbor Advertisement Message Type =136 RSO Code = 0 Reserved Checksum Target Address Optional Target Link Layer Address R = Router S = Response to Neighbor Solicitation O = Over ride existing LLA cache

Neighbor Discovery-Neighbor Solicitation A B ICMP Type =135 Src =A Dst = Solicited-node multicast of B Data = Link-Layer address of A Query = what is your link address?

Neighbor Discovery-Neighbor Advertisement A B ICMP type = 136 Src = B Dst = A Data = link-layer address of B A and B can now exchange packets

Type = 137 Redirect Message Code = 0 Reserved Checksum Target Address Destination Address Options: Target Link Layer Address Redirected Header Sent by router to inform host of better first hop.

Neighbor Discovery –Redirect 2001:468:B01:2::1/64

R1

A B

R2

Src = A Dst IP = 2001:468:B01:2::1/64 Ether Default = R2 Redirect: Src = R2 Dst = A Data = good router = R1

Neighbor Discovery Options • Type 1 and 2 share the same format • Type 1 is Source Data Link Layer • Type 2 is Target Data Link Layer 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Type Length Link Layer Address

Prefix Information Option 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Type = 3 Length Prefix Length L A Reserved Valid Lifetime Preferred Lifetime Reserved2 Prefix L Bit = May used for on-link determination A Bit = Prefix may be used for address autoconfiguration

Redirected Header Option Type = 4 Length Reserved IP Header + Data Reserved IP Header and Data field contains original packet tuncated so It is <= 1280 Octets

MTU Discovery Option Type = 5 Length = 1 MTU Ensures all links use same MTU Reserved

Path MTU Algorithm Source MTU = Path MTU Send Packet Packet Too Big Message Yes No Reduce Packet Size Send Packet Periodically retest For Path MTU

Address Representation • Format – X:X:X:X:X:X:X:X where X is a 16 bit hexadecimal field – 2001:0468:0B01:0003:0000:0000:0000:0001 • Leading zeros – Leading Zeros may be truncated – 2001:486:B01:3:0:0:0:1 • Successive fields of zeros – May be eliminated with :: but only once within an address – 2001:468:B01:3::1

Address Representation • IPv4-Compatible – =0:0:0:0:0:0:192.168.30.1

– =::192.168.30.1

– =::C0A8:1E01 • In a URL use brackets – http://[2001:1:4F3A::206:AE14]:8080/index.html

– Brackets delimiter for : as part of IPv6 address verses port number

Address Representation Continued • IPv4 Mapped addresses.

– 0:0:0:0:0:FF:192.168.30.1

– =::FF:192.168.30.1

– =::FF:C0A8:1E01

Unspecified and Loopback Address • Unspecified address: – 0:0:0:0:0:0:0:0 or more simply :: – Used as a place holder when no address is available.

• Loopback Address: – 0:0:0:0:0:0:0:1 or ::1 – Same as 127.0.0.1 in IPv4 – Ids self.

10 bits Link-Local 54 bits set to 0 64 bits interface ID • Reserved address: – In binary is 1111 1110 10 – In hexadecimal is FE80::/10 • Link-Local Addresses: – Have scope limited to Link – Automatically configured with interface ID

Site-Local 10 bits Site Local 38 bits of 0 16 bits subnet ID 64 bits Interface • Reserved Address: – In binary 1111 1110 11 – In Hexadecimal FEC0::/10 • Site-Local Address: – Have site limited scope – Gives topology info via the subnet field.

Aggregatable Global Unicast Addresses Host Provider Site TLA RES NLA 3 13 8 24 bits SLA 16 bits Interface ID 64 bits • TLA – Top Level Aggregator • RES – Reserved • NLA – Next Level Aggregator • SLA – Site Level Aggregator

Multicast • First byte is FF e.g. 1111 1111 binary.

• First half of next byte is Flag.

– 0 = permanent – 1 = temporary • Second half is scope.

– 1= node – 2 = link – 5 = site – 8 = organization – E = global

Multicast F F 0 or 1 1,2,5,8 or E – Examples • FF02::/16 = Link-Local • FF08::/16 = Organizational • FF0E::/16 = Global

Multicast Assigned Addresses FF0X:: is reserved where x=(0..F) Address FF01::1 FF02::1 FF01::2 Scope Node-Local Link-Local Node-Local FF02::2 FF05::2 Link-Local Site-Local FF02::1:FFXX:XXXX Link-Local Meaning All Nodes All Nodes All Routers All Routers All Routers Solicited Node

Anycast • Similar to multicast except only one node needs to receive packet • All routers are required to support it • In it’s simplest form it is: Subnet Prefix n bits 128-n of 0s Example: 2002:C058:6301:: for 6t04 relay routers

Anycast EUI-64 Format • 64 bit prefix • 57 bits of ones, except 7 th zero • 7 bit Anycast ID bit from left set to 64 bit prefix 11111101…111 Anycast ID

Anycast Non-EUI-64 • N number of bits in prefix (Variable) – allows greater granularity • (128-n of ones)-7 • 7 bits of Anycast ID Prefix 111111111… Anycast ID Defined Anycast Ids: 7F reserved 7E Mobile home networks 00 – 7D Reserved

Required Node Addresses • Link-Local • Loopback Address • Assigned Unicast Address • All-Nodes Multicast Address • Solicited-Node Multicast for each unicast and anycast address • Multicast address for all groups to which it belongs • Site-Local address if used

Kernel IPv6 routing table Destination ::1/128 Flags Metric Ref Use Iface U 0 0 0 fe80::206:5bff:fe01:7e02/128 U 0 0 0 lo lo fe80::/10 ff00::/8 ::/0 UA 256 0 0 eth0 UA 256 0 0 eth0 UDA 256 0 0 eth0

eth0 Link encap:Ethernet HWaddr 00:06:5B:01:7E:02inet addr:199.18.97.146 Bcast:199.18.97.255 Mask:255.255.254.0 inet6 addr: fe80::206:5bff:fe01:7e02/10 Scope:LinkUP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 lo Link encap:Local Loopbackinet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 sit0 Link encap:IPv6-in-IPv4 NOARP MTU:1480 Metric:1

Required Router Addresses • All required node addresses • Subnet-router anycast addresses for interfaces configured to act as forwarding interfaces.

• Other anycast configured addresses • All-routers multicast address • Specific multicast addresses for routing protocols.

FastEthernet0/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::201:42FF:FE59:B310 Description: Native IPv6 Global unicast address(es): 2001:468:B01:0:201:42FF:FE59:B310, subnet is 2001:468:B01::/64 Joined group address(es): FF02::1 FF02::2 FF02::1:FF59:B310

Addressing Architecture Prefix Hex Size 0000 0000 0000-00FF 1/256 0000 0001 0100-01FF 1/256 0000 001 0200-03FF 1/128 0000 010 0400-05FF 1/128 0000 011 0600-07FF 1/128 0000 1 0800-0FFF 1/32 0001 001 1000-1FFF 1/16 2000-3FFF 1/8 Allocation Reserved Unassigned NSAP IPX->Moving to Unassigned Unassigned Unassigned Unassigned IANA to registries

Prefix 010,011,100,101, 110 1110 1111 0 1111 10 1111 110 1111 1110 0 1111 1110 10 1111 1110 11 1111 1111 Addressing Architecture Continued 4000-CFFF Hex D000-EFFF F000-F7FF F800-FBFF FC00-FDFF FE00-FE7F FE80-FEBF FEC0-FEFF FF00-FFFF1/256 5*1/8=5/8 Size 1/16 1/32 1/64 1/128 1/512 1/1024 1/1024 1/256 Allocation Uassigned Unassigned Unassigned Unassigned Unassigned unassigned Link-Local Site-Local Multicast

IPv6 over Data Link Layers • Ethernet • FDDI • Token Ring • Arcnet • PPP • NBMA • ATM • Frame Relay

IPv6 over Ethernet • IPv6 has a specific Ethernet protocol ID Ethernet Destination Address Ethernet Source Address 0x86DD IPv6 packet

Ethernet MAC Address 48 bits EUI-64 00 90 27 17 FC 0F 00 90 27 17 FC 0F 64 bits Version 00 90 27 FF FE FF FE 17 FC 0F Uniqueness mask 000000X0 where X=1 is unique and X=0 in not unique. So if X=1 then the EUI-64 Address is 02 90 27 FF FE 17 FC 0F

Multicast Mapping over Ethernet FF02 0000 0000 IPv6 Multicast Address 0000 0000 0001 FF17 FC0F Ethernet multicast prefix 33 33 FF 17 FC 0F