Transcript IPv6 Training Chapter 2
IPv6 Paul Schopis [email protected]
IPv4 has 12 mandatory fields in its Header.
Version TTL HD Len Identification Protocol TOS Source Address Flags Total Length Frg Offset Header Checksum Destination Address Options Padding 32 bits 20 Octets
IPv6 removes Six fields and is simpler Version Traffic Class Payload Length Flow Label Next Header Hop Limit Source Address Next Header Destination Address Extension Header Info 32 bits IPv6 Headers are 40 bits long and 64 bit aligned for fast processing. Addresses are 128 bits e.g. 4x IPv4.
Extension Headers Multiple headers must follow designated order 1. IPv6 Header 2. Hop-by-Hop Options 3. Destination Header(Placed here used with Routing Header) 4. Routing Header 5. Fragment Header 6. Authentication Header
Extension Headers 7. Encapsulation Security Payload (ESP) 8. Destination Options 9. Upper Layer (TCP/UDP)
Hop-by-Hop Options Header • Every node processes the Hop-by-Hop Header • Primarily used for – Router Alerts – Jumbograms • Jumbogram = Type 194 – Fragment Header is not present – Packet Exceeds 65,535 octets
Destination Options • Not processed by routers • Header Type = 60 • Options field allows rich number of options e.g. > 256.
Next Header Ext Header Length Options Continued Options
Option Type 8bits Option Data Len Option Data Action Change Number Action Bits “00” “01” “10” “11” Action Skip this Option Discard No ICMP Report Discard send ICMP Report for both unicast and multicast Discard send ICMP Report only if not Multicast.
Routing Header • Type = 43 • Explicit Routing Path • Does not require a complete list • Number of Headers does not change but is updated.
Fragment Header • Host is responsible for fragmenting – Assumes MTU discovery is in use • Only used when packet exceeds MTU • Routers do not deal with Fragmentation Next Header Reserved Fragment Offset Identification Reserved More Frag
Authentication Header Type = 51 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Next Header Payload Len Reserved Security Parameters Index SPI Sequence Number Authentication Data
Upper Layer Protocols • TCP is unchanged • UDP unlike IPv4, checksum is no longer optional it is mandatory.
ICMPv6 • Now includes Multicast functions – Multicast Listener Protocol • Type Field and Code Field allow more discrete treatment per Type.
1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Type Code Checksum Options Packet Data
Two Broad Categories • Error Messages • Informational
Destination Unreachable
Code Meaning
0 1 2 No route to Destination Communication with destination administratively prohibited (Not Assigned) 3 4 Address Unreachable Port Unreachable Type = 1 Code = 0-4 Unused Checksum As much of the original packet that will fit without Violating the MTU
Packet Too Big Type = 2 Code = 0 MTU Checksum As much of the original packet that will fit without Violating the MTU
Time Exceeded Message • Type = 3 • It has two codes – 0 = Hop Limit Exceeded – 1 = Fragment reassembly time exceeded.
• Identical to Destination Unreachable except for type and code values.
Parameter Problem
Code Meaning
0 1 2 Erroneous Header Field Encountered Unrecognized Next Header Type Unrecognized IPv6 Option encountered Type = 4 Code = 0 - 2 Checksum Pointer As much of the original packet that will fit without Violating the MTU
Echo and Echo Reply Type = 128/129 Identifier Code = 0 Data Checksum Sequence Number
Multicast Listener Protocol
Types
130 = Query 131 = Report 132 = Done Type Code Maximum Response Delay Checksum Reserved Multicast Address
Neighbor Discovery Protocol • Combines several IPv4 features into a single protocol.
• Replaces – ARP – Router Discovery – Redirect Messages
Router Solicitation Message Type = 133 Code = 0 Reserved Checksum Destination Address Source Link Layer Address (optional) Destination Address = All routers Multicast Address Source Address = Sending Nodes Address or unspecified
Neighbor Discovery –Router Solicitations RS RA ICMP Type = 133 Src = Unspecified address Dst = All-routers multicast address At boot time, nodes send router solicitations to receive Router Advertisements
Router Advertisement Message 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Type = 134 Code = 0 Hop Limit MO Reserved Reachable Time Checksum Router Lifetime Retransmission Timer Options: 1 Source Link Layer Address 2.MTU
3. Prefix Information If M = 1 hosts use stateful address management ex. DHCPv6 IF O = 1 Hosts use stateful autoconfiguration for non- address configuration
Neighbor Discovery –Router Advertisements RA RA ICMP Type = 134 Src = Router link-local address Dst = All nodes multicast address Data = options, prefix, lifetime, autoconfig flag
Neighbor Solicitation Message 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Type = 135 Code = 0 Reserved Checksum Target Address Optional Source Link Layer Address Sender is requesting Data Link Layer address from Target and provides its Data Link Layer Address
Neighbor Advertisement Message Type =136 RSO Code = 0 Reserved Checksum Target Address Optional Target Link Layer Address R = Router S = Response to Neighbor Solicitation O = Over ride existing LLA cache
Neighbor Discovery-Neighbor Solicitation A B ICMP Type =135 Src =A Dst = Solicited-node multicast of B Data = Link-Layer address of A Query = what is your link address?
Neighbor Discovery-Neighbor Advertisement A B ICMP type = 136 Src = B Dst = A Data = link-layer address of B A and B can now exchange packets
Type = 137 Redirect Message Code = 0 Reserved Checksum Target Address Destination Address Options: Target Link Layer Address Redirected Header Sent by router to inform host of better first hop.
Neighbor Discovery –Redirect 2001:468:B01:2::1/64
R1
A B
R2
Src = A Dst IP = 2001:468:B01:2::1/64 Ether Default = R2 Redirect: Src = R2 Dst = A Data = good router = R1
Neighbor Discovery Options • Type 1 and 2 share the same format • Type 1 is Source Data Link Layer • Type 2 is Target Data Link Layer 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Type Length Link Layer Address
Prefix Information Option 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Type = 3 Length Prefix Length L A Reserved Valid Lifetime Preferred Lifetime Reserved2 Prefix L Bit = May used for on-link determination A Bit = Prefix may be used for address autoconfiguration
Redirected Header Option Type = 4 Length Reserved IP Header + Data Reserved IP Header and Data field contains original packet tuncated so It is <= 1280 Octets
MTU Discovery Option Type = 5 Length = 1 MTU Ensures all links use same MTU Reserved
Path MTU Algorithm Source MTU = Path MTU Send Packet Packet Too Big Message Yes No Reduce Packet Size Send Packet Periodically retest For Path MTU
Address Representation • Format – X:X:X:X:X:X:X:X where X is a 16 bit hexadecimal field – 2001:0468:0B01:0003:0000:0000:0000:0001 • Leading zeros – Leading Zeros may be truncated – 2001:486:B01:3:0:0:0:1 • Successive fields of zeros – May be eliminated with :: but only once within an address – 2001:468:B01:3::1
Address Representation • IPv4-Compatible – =0:0:0:0:0:0:192.168.30.1
– =::192.168.30.1
– =::C0A8:1E01 • In a URL use brackets – http://[2001:1:4F3A::206:AE14]:8080/index.html
– Brackets delimiter for : as part of IPv6 address verses port number
Address Representation Continued • IPv4 Mapped addresses.
– 0:0:0:0:0:FF:192.168.30.1
– =::FF:192.168.30.1
– =::FF:C0A8:1E01
Unspecified and Loopback Address • Unspecified address: – 0:0:0:0:0:0:0:0 or more simply :: – Used as a place holder when no address is available.
• Loopback Address: – 0:0:0:0:0:0:0:1 or ::1 – Same as 127.0.0.1 in IPv4 – Ids self.
10 bits Link-Local 54 bits set to 0 64 bits interface ID • Reserved address: – In binary is 1111 1110 10 – In hexadecimal is FE80::/10 • Link-Local Addresses: – Have scope limited to Link – Automatically configured with interface ID
Site-Local 10 bits Site Local 38 bits of 0 16 bits subnet ID 64 bits Interface • Reserved Address: – In binary 1111 1110 11 – In Hexadecimal FEC0::/10 • Site-Local Address: – Have site limited scope – Gives topology info via the subnet field.
Aggregatable Global Unicast Addresses Host Provider Site TLA RES NLA 3 13 8 24 bits SLA 16 bits Interface ID 64 bits • TLA – Top Level Aggregator • RES – Reserved • NLA – Next Level Aggregator • SLA – Site Level Aggregator
Multicast • First byte is FF e.g. 1111 1111 binary.
• First half of next byte is Flag.
– 0 = permanent – 1 = temporary • Second half is scope.
– 1= node – 2 = link – 5 = site – 8 = organization – E = global
Multicast F F 0 or 1 1,2,5,8 or E – Examples • FF02::/16 = Link-Local • FF08::/16 = Organizational • FF0E::/16 = Global
Multicast Assigned Addresses FF0X:: is reserved where x=(0..F) Address FF01::1 FF02::1 FF01::2 Scope Node-Local Link-Local Node-Local FF02::2 FF05::2 Link-Local Site-Local FF02::1:FFXX:XXXX Link-Local Meaning All Nodes All Nodes All Routers All Routers All Routers Solicited Node
Anycast • Similar to multicast except only one node needs to receive packet • All routers are required to support it • In it’s simplest form it is: Subnet Prefix n bits 128-n of 0s Example: 2002:C058:6301:: for 6t04 relay routers
Anycast EUI-64 Format • 64 bit prefix • 57 bits of ones, except 7 th zero • 7 bit Anycast ID bit from left set to 64 bit prefix 11111101…111 Anycast ID
Anycast Non-EUI-64 • N number of bits in prefix (Variable) – allows greater granularity • (128-n of ones)-7 • 7 bits of Anycast ID Prefix 111111111… Anycast ID Defined Anycast Ids: 7F reserved 7E Mobile home networks 00 – 7D Reserved
Required Node Addresses • Link-Local • Loopback Address • Assigned Unicast Address • All-Nodes Multicast Address • Solicited-Node Multicast for each unicast and anycast address • Multicast address for all groups to which it belongs • Site-Local address if used
Kernel IPv6 routing table Destination ::1/128 Flags Metric Ref Use Iface U 0 0 0 fe80::206:5bff:fe01:7e02/128 U 0 0 0 lo lo fe80::/10 ff00::/8 ::/0 UA 256 0 0 eth0 UA 256 0 0 eth0 UDA 256 0 0 eth0
eth0 Link encap:Ethernet HWaddr 00:06:5B:01:7E:02inet addr:199.18.97.146 Bcast:199.18.97.255 Mask:255.255.254.0 inet6 addr: fe80::206:5bff:fe01:7e02/10 Scope:LinkUP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 lo Link encap:Local Loopbackinet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 sit0 Link encap:IPv6-in-IPv4 NOARP MTU:1480 Metric:1
Required Router Addresses • All required node addresses • Subnet-router anycast addresses for interfaces configured to act as forwarding interfaces.
• Other anycast configured addresses • All-routers multicast address • Specific multicast addresses for routing protocols.
FastEthernet0/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::201:42FF:FE59:B310 Description: Native IPv6 Global unicast address(es): 2001:468:B01:0:201:42FF:FE59:B310, subnet is 2001:468:B01::/64 Joined group address(es): FF02::1 FF02::2 FF02::1:FF59:B310
Addressing Architecture Prefix Hex Size 0000 0000 0000-00FF 1/256 0000 0001 0100-01FF 1/256 0000 001 0200-03FF 1/128 0000 010 0400-05FF 1/128 0000 011 0600-07FF 1/128 0000 1 0800-0FFF 1/32 0001 001 1000-1FFF 1/16 2000-3FFF 1/8 Allocation Reserved Unassigned NSAP IPX->Moving to Unassigned Unassigned Unassigned Unassigned IANA to registries
Prefix 010,011,100,101, 110 1110 1111 0 1111 10 1111 110 1111 1110 0 1111 1110 10 1111 1110 11 1111 1111 Addressing Architecture Continued 4000-CFFF Hex D000-EFFF F000-F7FF F800-FBFF FC00-FDFF FE00-FE7F FE80-FEBF FEC0-FEFF FF00-FFFF1/256 5*1/8=5/8 Size 1/16 1/32 1/64 1/128 1/512 1/1024 1/1024 1/256 Allocation Uassigned Unassigned Unassigned Unassigned Unassigned unassigned Link-Local Site-Local Multicast
IPv6 over Data Link Layers • Ethernet • FDDI • Token Ring • Arcnet • PPP • NBMA • ATM • Frame Relay
IPv6 over Ethernet • IPv6 has a specific Ethernet protocol ID Ethernet Destination Address Ethernet Source Address 0x86DD IPv6 packet
Ethernet MAC Address 48 bits EUI-64 00 90 27 17 FC 0F 00 90 27 17 FC 0F 64 bits Version 00 90 27 FF FE FF FE 17 FC 0F Uniqueness mask 000000X0 where X=1 is unique and X=0 in not unique. So if X=1 then the EUI-64 Address is 02 90 27 FF FE 17 FC 0F
Multicast Mapping over Ethernet FF02 0000 0000 IPv6 Multicast Address 0000 0000 0001 FF17 FC0F Ethernet multicast prefix 33 33 FF 17 FC 0F