IPv6 Jyh-Cheng Chen Department of Computer Science and Institute - - PDF document

IPv6

Jyh-Cheng Chen

Department of Computer Science and Institute of Communications Engineering National Tsing Hua University jcchen@cs.nthu.edu.tw http://www.cs.nthu.edu.tw/~jcchen

2

Outline

IPv6 Header IPv6 Addressing IPv6 Neighbor Discovery IPv6 Autoconfiguration

3

Format of IPv4 Address

Class A Class B Class C Class D Class E 1 1 1 1 1 1 1 1 1 1

24 31 16 8

netid hostid netid netid hostid hostid multicast address reserved for future use

4

IPv4 Header

8 4 16 31 Ver IHL Total Length Identifier Flags Fragment Offset 32 bit Source Address 32 bit Destination Address 24 Service Type Options and Padding Time to Live Header Checksum Protocol IHL: Internet Header Length

5

IPv6 Header

31 Version

Traffic Class

Flow Label Payload Length Next Header Hop Limit 128 bit Source Address 128 bit Destination Address 4 12 24 16

6

V6 vs. V4

Fields removed

IHL Flags Identification Fragmentation offset Header Checksum

Field added

Flow Label

7

V6 vs. V4 (cont.)

Fields renamed

Total Length -> Payload Length Time to Live -> Hop Limit Protocol -> Next Header Service Type -> Traffic Class

Field revised

32-bit address to 128-bit address Option: variable length replaced by extension

header

8

IPv4 and IPv6 Packets

minimum 20 octets maximum 65535 octets

IPv4

Fixed 40 octets maximum 65535 octets

IPv6

0 or more

IPv4 Header

Payload

Payload IPv6 Header

Extension Header Extension Header

9

Next Header

Identify which header follows the basic IP header in the datagram Can indicate an optional IP header or an upper layer protocol The table in next page lists the mapping

Not a completed list 10

Destination Option Header 60 No Next Header 59 Internet Control Message Protocol 58 Authentication Header 51 Encapsulating Security Payload 50 Resource Reservation Protocol 46 Interdomain Routing Protocol 45 Fragment Header 44 Routing Header 43 User Datagram Protocol 17 Transmission Control Protocol 6 Internet Protocol 4 Hop-by-Hop Options Header

11 Hdr Length M Reserved Fragment Offset TCP Header and Data Authentication Data Nxt Hdr:6 Fragment Identification Nxt Hdr:51 Hdr Length Hdr Length Routing Information Nxt Hdr:44 Hop-by-Hop Options Nxt Hdr:43 Destination Address Hop limit Next Header:0 Flow Label Class Source Address Payload Length Vers. 12

Examples

next header = TCP TCP header + data IPv6 header next header = Routing TCP header + data Routing header next header = TCP IPv6 header next header = Routing fragment of TCP header + data Routing header next header = Fragment Fragment header next header = TCP IPv6 header

13

IPv6 Extension Headers

Compromise between generality and efficiency Support functions such as fragmentation, routing, authentication, etc. A sender can choose which extension headers to be included Intermediate routers only need to examine the hop-by-hop extension header

Only endpoints process other extension headers 14

Hop-by-Hop

Specify delivery parameters at each hop on the path to the destination Header Extension Length

Number of 8-byte block in Hop-by-Hop header Don’t include the first 8 bits

Option

Type-Length-Value (TLV) format 0: Pad1– insert single byte of padding 1: PadN – insert 2 or more byte of padding 5: Router Alert – indicate to the router the packets require

additional processing (MLD and RSVP)

194: Jumbo Payload – indicate payload size over 65,535

15

Hop-by-Hop Extension Header

Next Header

Header Extension Length

Options

16

Fragmentation

Fragmentation by sources only

No fragmentation by routers End-to-end fragmentation

Source

Use the Guaranteed Minimum MTU

(maximum transfer unit) of 1280 octets

Perform Path MTU Discovery to identify the

minimum MTU along the path

17

Fragmentation Extension Header

18

Fragmentation Process

Unfragmentable part must be processed by each intermediate node and destination Fragmentable part must only processed at final destination

19

Fragmentation Packets

20

IPv6 Source Routing

Source routing is optional in IPv4 Source routing in IPv6

Leverage Routing Header

21

Routing Header

So far only one type of routing header has been defined, known as type 0 The basic IP header’s destination address indicates the first hop on the desired path. The list in the routing header identifies subsequent hops along that path. The Segment left (Addrs left) field keeps track of the current position in the list.

Each router decrements this field by one 22

Routing Extension Header

23 Source Destination

1 2 3 4 5 Router A Router C Router D Router E

0x000000 I:4 Type:0 Len hops Nxt:43 Flow label 4 Address [3]: Destination Address [2]: Router E Address [0]: Router C 0x00 Nxt Dst: Router A Src: Source Payload length Address [1]: Router D 6 0x000000 I:3 Type:0 Len hops Nxt:43 Flow label 4 Address [3]: Destination Address [2]: Router E Address [0]: Router A 0x00 Nxt Dst: Router C Src: Source Payload length Address [1]: Router D 6 0x000000 I:0 Type:0 Len hops Nxt:43 Flow label 4 Address [3]: Router E Address [2]: Router D Address [0]: Router A 0x00 Nxt Dst: Destination Src: Source Payload length Address [1]: Router C 6

24

Destination Option

The destination options header contains IP options for the datagram’s destination. If the datagram includes a routing header, this header can also precede that header. In that case, its options will be processed by each intermediate hop included in the routing header’s list.

25

Destination Option Header

Next Header

Header Extension Length

Options

26

Outline

IPv6 Header IPv6 Addressing IPv6 Neighbor Discovery IPv6 Autoconfiguration

27

Address Space

2128 = 3.4×1038 addresses

6.65×1023 addresses per m2 of earth

surface

If assigned at the rate of 106/µs, it would take 20 years

28

Addressing Model

Addresses are assigned to interfaces

No change from IPv4 Model

Interface ‘expected’ to have multiple addresses Addresses have scope

Link Local Site Local Global

Addresses have lifetime

Valid and Preferred lifetime

29

Router Router Router Company A IPv6 Internet H1 H2 HA HB

Link-local 1 Site-local Link-local 2 Global

30

Addressing Types

Unicast

Address of a single interface Delivery to single interface

Multicast

Address of a set of interfaces Delivery to all interfaces in the set

Anycast

Address of a set of interfaces Delivery to a single interface in the set

No more broadcast addresses

31

Address Format

Breaks 128 bits into eight 16-bit pieces. Colons separate each piece.

FEDC:BA89:33FE:2145:D34C:3411:2311:A23B

The leading zeros are not necessary, but at least one digit must be present.

1080:0000:0001:0000:0008:0800:200C:417A

=> 1080:0:1:0:8:800:200C:417A

32

Address Format (cont.)

For compact representation, a series of consecutive zero is abbreviated with two colons. For example:

1080::8:800:200C:417A

the “::” abbreviation may only appear once

in an address.

IPv4-embedded

0:0:0:0:0:0:13.1.68.3 or ::13.1.68.3

33

Address Prefix

IPv6-address/prefix-length

prefix-length: a decimal value specifying

how many of the leftmost contiguous bits

• f the address comprise the prefix

1080:0:FF:0::/64

specify the first 64 bits

no mask in IPv6

34 Multicast address (e.g. ff00::/8) 1111 1111 Site local use address (e.g. fec0::/10) 1111 1110 11 Link local use address (e.g. fe80::/10) 1111 1110 10 Unassigned Unassigned Unassigned Unassigned Unassigned Unassigned Unassigned Unassigned Unassigned Unassigned 010 011 100 101 110 1110 1111 0 1111 10 1111 110 1111 1110 0 Aggregatable Global Unicast Address 001 Unassigned Unassigned Unassigned 0000 011 0000 1 0001 Reserved for IPX allocation 0000 010 Reserved for NSAP allocation 0000 001 Unassigned 0000 0001 Reserved 0000 0000 Type of Address Prefix

35

Prefix

Address type Binary prefix IPv4-compatible 0000...0 (96 zero bits) global unicast 001 link-local unicast 1111 1110 10 site-local unicast 1111 1110 11 multicast 1111 1111 all other prefixes reserved (approx. 85%

• f total)

anycast addresses allocated from unicast prefixes

36

Aggregatable Global Unicast Addresses

TLA (Top Level Aggregator) = 13 bits

TLA routers do not have a default route, only route with 16

bits prefix

may be assigned to providers or exchanges

Res= 8 bits

Reserved for future use in expanding the size of either the TLA

• r NLA

NLA (Next Level Aggregator)= 24 bits SLA (Site level Aggregator)= 16 bits Public topology

Collection of larger and smaller ISP

Site topology

Collection of subnets within an organization’s site

site topology (16 bits) interface identifier (64 bits) public topology (45 bits)

interface ID subnet NLA TLA 001 Res

37

Site-Local Unicast Addresses

meaningful only in a single site zone, and may be re-used in other sites Equivalent to the IPv4 private address space Prefix= FEC0::/48

subnet ID interface ID

1111111011

10 bits 38 bits 64 bits 16 bits

38

Link-Local Unicast Addresses

meaningful only in a single link zone, and may be re- used on other links Link-local addresses for use during auto-configuration and when no routers are present Required for Neighbor Discovery process, always automatically configuration An IPv6 router never forwards link-local traffic beyond the link Prefix= FE80::/64

interface ID

1111111010

10 bits 54 bits 64 bits

39

Special Addresses

Unspecified address(0:0:0:0:0:0:0:0 or ::)

Indicate the absence of an address Equivalent to IPv4 0.0.0.0 Never assigned to an interface or used as a

destination address Loopback address (0:0:0:0:0:0:0:1 or ::1)

Identify a loopback interface Equivalent to IPv4 127.0.0.1

IPv4-compatible address (0:0:0:0:0:0:w.c.x.z

• r ::w.c.x.z)

Used by dual-stack nodes IPv6 traffic is automatically encapsulated with an

IPv4 header and send to the destination using the IPv4 infrastructure

40

Interface IDs

Lowest-order 64-bit field of unicast address may be assigned in several different ways:

auto-configured from a 64-bit EUI-64, or

expanded from a 48-bit MAC address (e.g., Ethernet address)

auto-generated pseudo-random number

(to address privacy concerns)

assigned via DHCP manually configured possibly other methods in the future

41

Example of Interface IDs

cccccc0gcccccccccccccccc Manufacturer’s ext. 1111111111111110 cccccc0gcccccccccccccccc Manufacturer’s ext. 24 47 24 40 63

48-bit IEEE 802 address to 64-bit IPv6 Interface ID

42

Outline

IPv6 Header IPv6 Addressing IPv6 Neighbor Discovery IPv6 Autoconfiguration

43

Neighbor Discovery

ND lets a system identify other hosts and routers in its links. Hosts learn of at least one router so they can forward datagrams to systems not on their links. ND also lets routers direct a host to the most appropriate router

44

ICMP Message Format

• Vers. Pri. Flow Label

Payload Length Next: 58 Hop Limit Source Address Destination Address ICMP type ICMP Code Checksum Body of ICMP Message IP Header ICMP Message

45

Address Resolution

This request is a neighbor solicitation message. IP field destination address is FF02::1:C033:6382. This is a special multicast address just for the neighbor solicitation query.

IP address : FE80::0800:2001:C782 MAC address : 080020-01C782 IP address : FE80::0000:C033:6382 MAC address : 020701-33D692 IP address : FE80::0800:0704:0388 MAC address : 080007-040388 IP address : FE80::0800:5A00:B2C4 MAC address : 08005A-00B2C4 Who is FE80::0000:C033:6382?

46

Neighbor Solicitation

Type : 135 Code : 0 Checksum Reserved : 0 Target Address : FE80::0000:C033:6382 Opt Code :1 Opt Len :1 Sender’s Link Address : 0x08002001C782 ICMP Header ICMP Options

47

Address Resolution (cont.)

The address owner sends its neighbor advertisement directly to the workstation.

IP address : FE80::0800:2001:C782 MAC address : 080020-01C782 IP address : FE80::0000:C033:6382 MAC address : 020701-33D692 I am FE80::0000:C033:6382!

48

Neighbor Advertisement

If R is 1, the sender is a router. If S is 1, it is responding to a solicitation. If O is 1, the advertisement should immediately override any previously cached information.

Type : 136 Code : 0 Checksum R S O Reserved : 0 Target Address : FE80::0000:C033:6382 Opt Code :2 Opt Len :1 Target’s Link Address : 0x02070133D692 ICMP Header ICMP Options

49

Router Discovery

ICMP lets routers identify themselves to hosts.

“I am a router” Router

50

Router Advertisement

Type : 134 Code : 0 Checksum Max Hops M O Reserved Router Lifetime Reachability Timeout Reachability Retransmission Interval Opt Code :1 Opt Len :1 Sender’s Link Address : 0x00000C094B76 Opt Code :5 Opt Len :1 Reserved MTU Size Opt Code :3 Opt Len :4 Pfx Len :80 L A Reserved Valid Lifetime Preferred Lifetime Reserved Prefix : 4C00::1:0:0:0 ICMP Header ICMP Options

51

Router Discovery (Cont.)

This host may issue a router solicitation as soon as it connects to the network, which allows it to find routers without having to wait for the next router advertisement.

“Any routers available?” Router

52

Router Solicitation

Type : 133 Code : 0 Checksum Reserved : 0 Opt Code :1 Opt Len :1 Sender’s Link Address : 0x02608C149252 ICMP Header ICMP Options

53

Redirection

Redirect message tells the host system of a more efficient path to a particular destination Target address identifies the router to which the traffic is being redirected. Destination address that follows the target is the destination being redirected.

Left Router Right Router Token Ring PC2 PC1

54

Redirect Message

Type : 137 Code : 0 Checksum Reserved : 0 Target Address : Right Router Destination Address : PC2 Opt Code :2 Opt Len :1 Target’s Link Address : Right Router Opt Code :4 Opt Len Reserved :0 Reserved :0 IP header + data ICMP Header ICMP Options

55

Neighbor Unreachability Detection

In most cases, upper-level layer protocols can help with this monitoring. ICMP periodically probes the neighbor by sending it neighbor solicitations.

56

Outline

IPv6 Header IPv6 Addressing IPv6 Neighbor Discovery IPv6 Autoconfiguration

57

Autoconfiguration

Stateless

add one or more prefix information

Stateful

no prefix information

58

Address State

Tentative Address Invalid Address Preferred Address Valid Address Deprecated Address

By DAD Both are valid After a period of time Expire

59

Duplicate Address Detection

When to DAD() How to DAD()

60

When to DAD()

During stateless autoconfiguration:

If

1.Address != Anycast 2.Address == Unicast 3.DupAddrDetectTransmits > 0

then DAD();

DupAddrDetectTransmits is a variable for each interface Each unicast address SHOULD be tested for uniqueness

1.Interface identifier for a specific interface is unique 2.Addresses are formed by prefix + interface identifier 3.If one address passed uniqueness test, implementation can

choose to omit tests for addresses generated from the same interface.

61

How to DAD()

Create tentative address Join 1.all-nodes multicast address 2.solicited-node multicast address of the tentative address Send Neighbor Solicitation message Wait for Neighbor Advertisement message Valid Invalid

62

Acknowledgments

Some slides are based on the sources from

2002 IPv6 技術巡迴研討會 WIRE Lab internal meetings