Sie sind auf Seite 1von 61

List of Contents

1. IPv6 History
2. IPv6 Global Address Assignment and Allocation
3. About IPv6
4. IPv6 Addressing and Expressions
5. Rules in IPv6 of Missing “0”
6. IPv6 Header Format
7. Different between IPv4 and IPv6 Header
8. Benefits of IPv6
9. IPv6 Address Types
10. IPv6 Addressing Model
11. Overall IPv6 Addressing Structure
12. IPv6 Autoconfigurations
13. IPv4 to IPv6 Mechanism
14. IPv6 Subnetting
15. Labs
❖People become to use IPv6 address because IPv4 address space is not enough for long
time.

❖IPv4 is still alive because people use NAT/PAT , CIDR to solve inefficient addresses.

❖In 1998, IPv6 is published IETF with RFC 2460.

❖IPv6 is also called IPng (Internet Protocol Next Generation)


IPv6 Global Address Assignment and Allocation
About IPv6
➢With IPv6, everything from appliances to automobiles can be interconnected. But an increased
number of IT addresses isn't the only advantage of IPv6 over IPv4.

➢Some old protocols and versions need to use compatible with IPv6.

➢And then, IPv6 use Neighbor Discovery Protocol (NDP) instead of IPv4 in Address
Resolution Protocol (ARP).

➢IPv6 address have 128 bits and 8 octets.

➢ One group in IPv6 have 16 bits and 4 hexadecimal digits, each group is divided with colons
(:).

➢e.g. 2001:0db8:3c4d:0012:0000:0000:1234:56ab
• Base 10 (decimal) number system =10 digits.
• Base 2 (binary) number system = 2 digits.
• Base 16 (hexadecimal) number system =16 digits
Rules in IPv6 of Missing “0”

• There are two rules of IPv6 with missing “0” when assign the address or
configuration.

• 1. Group of Zero to Zero

• 2. Drop Leading Zero

❖ Original : 2001:0000:3c4d:0000:0000:0000:1234:56ab

❖ Short : 2001:0000:3c4d::1234:56ab

❖ Shorter : 2001:0:3c4d::1234:56ab
Rule 1: Group to Zero to Zero

• If IPV6 address include “0” group with 3 octet or 4 octet, hide 3 or 4 octets with ::
Double Column instead of “0” groups.

• IPv6 with group of zero can hide with :: double column each one time.

❖ Original : 2001:0000:3c4d:0000:0000:0000:1234:56ab

❖ Short : 2001:0000:3c4d::1234:56ab
Rule 2: Drop Leading Zero

➢ If one octet have four zero hexadecimal number,

❖ original : 2001:0000:3c4d:0000:0000:0000:0000:56ab

❖ short : 2001:0:3c4d:0:0:0:0:56ab

➢ Use with Group of zero and drop leading zero

❖ original : 2001:0000:3c4d:0000:0000:0000:0000:56ab

❖ short : 2001:0:3c4d::56ab
➢ IPv6 header has a new field, named Flow Label, that can identify packets belonging to the same
flow.
Different between IPv4 and IPv6 Header
Benefits of IPv6
• In honor of World IPv6 Day, there have 6 benefits of IPv6.

1. More Efficient Routing

❖ IPv6 reduces the size of routing tables and makes routing more efficient and hierarchical.

2. More Efficient Packet Processing

❖ Compared with IPv4, IPv6 contains no IP-level checksum, so the checksum does not need to be
recalculated at every router hop.

❖ Most link-layer technologies already contain checksum and error-control capabilities.


3. Directed Data Flows

❖ IPv6 supports multicast rather than broadcast.

❖ Multicast allows packet flows (like multimedia streams) to be sent to multiple destinations
simultaneously, saving network bandwidth.

4. Simplified Network Configuration

❖ Address auto-configuration (address assignment) is built in to IPv6.

❖ A router will send the prefix of the local link in its router advertisements.

❖ A host can generate its own IP address by appending its link-layer (MAC) address, converted
into Extended Universal Identifier (EUI) 64-bit format, to the 64 bits of the local link prefix.
5. Support For New Services

❖ IPv6 is to eliminate NAT (Network Address Translation) technology for multi-device


connectivity and depletion of IPv4 addresses.

❖ True end-to-end connectivity at the IP layer is restored then create, maintain, and new
services such as VoIP and Quality of Service (QoS).

6. Security

❖ IPv6 include built-in IPsec.

❖ IPsec provides confidentiality, authentication and data integrity,

❖ IPv4 ICMP packets are often blocked by corporate firewalls, but ICMPv6 may be
permitted because IPsec can be applied to the ICMPv6 packets.
IPv6 Address Types
IPv6 Addressing Model
• There are 3 types of addressing in IPv6.
❖Unicast
❖Multicast and
❖Anycast
❑Note: Not use Broadcast address, instead of broadcast address want to send packets in LAN use
Link local address (ff02::1).

Unicast Addresses
• An IPv6 unicast address is an identifier for a single interface of on a router or on a host.

• Packets addressed to a unicast address will be delivered to a specific network interface.

• Unicast is unique and there have no same IPv6 address on the internet.
*Global Unicast Address*
✓ Public IP address

✓ Assigned by IANA

✓ Routable IP address

✓ 2000::/3

✓ Too much addresses space that’s why no need NAT, PAT.

Note: ISP network can provide at least /48 network ID.


Subnet ID

✓ Include 16 bits

✓ Use for users, organizations, companies given by IANA for 16bits

✓ Each global IP address can use 65,536 Subnets.


Interface ID

✓ The lowest-order 64 bit field addresses

✓ May be assigned in several different ways

✓ Auto-configured from a 48 bit MAC address expanded into a 64 bit EUI-64 (SLAC)

✓ Assigned with Stateful DHCP

✓ Manually Configured

✓ IPv6 hosts can use the Neighbor Discovery protocol to automatically generate their own interface
IDs.
Interface ID Format
Unique Local Address or Site Local
✓ Private IP address

✓ Non-Routable IP address

✓ Used for intranets that are not connected to the IPv6 Internet

✓ FC00::/7 or FD00::/7 (Default prefix is 7 bits)

✓ Assign address in prefix with /64

❖ E.g. FC00::/64 or FD00::/64


Link Local Address
✓ Start with FE80::/10

✓ Can only communicate on one network segment

✓ Similar to the IPv4 APIPA address (169.254.0.0/16)

✓ To be used for

❖ Auto-address Configuration (SLAC)

❖ Neighbor Discovery
Link-Local Address in Computer

• When Computer generate with FE80::/64


Multicast Address
✓ Prefix ff00::/8

✓ Equivalent to the IPv4 multicast address 224.0. 0.0/4

✓ A device sends a single packet to multiple destinations simultaneously (one-to-many).

✓ Can assign different multicast addresses in one host

✓ Can assign only one multicast address in many hosts

✓ There are three types of Multicast address.

❖ Local Scope Multicast Address

❖ Link–Local Multicast Address

❖Site Local Multicast Address

❖ Solicited-node multicast address


*Local Scope Multicast Address*
✓ Also called Multicast Loopback Address

✓ Packet cannot go through with local scope multicast in current interface

✓ Start with FF01::

❖ FF01:: >> Local Scope All Nodes Multicast Address

❖ FF02:: >> Local Scope All Routers Multicast Address

*Link-Local Multicast Address*


✓ Link-Local Multicast address use in LAN when nodes want to send each other with multicast
address
✓ Start with FF02 ::
❖ FF02::1 Link-Local All Nodes Multicast Address | FF02::5: All OSPFv3 Routers
❖ FF02::2 Link-Local All Routers Multicast Address | FF02::a: All EIGRP (IPv6) Router
*Site Local Multicast Address*
✓ Current network is related with Multicast Address
✓ Start with FF05::
❖ FF05::1 >> Site-Local All nodes (DHCP Nodes)Multicast Address
❖ FF05::2 >> Site-Local Routers Multicast Address

*Solicited Node Multicast Address*


✓ Use in LAN
✓ Every Enable IPv6’s interface include solicited node multicast address
✓ Start with Fe80::1ff:/104
✓ E.g. Original >> Fe80::2aa:ff:fe28:9c5a (exclude Link-local Address)
Solicited >> ff02::1ff28:9c5a
Anycast Address

• An IPv6 anycast address is an address that can be assigned to more than one interface (typically
different devices).

• A packet sent to an anycast address is routed to the “nearest” interface having that address,
according to the router’s routing table.

• Routers will select the desired path on the basis of number of hops, distance, lowest cost, latency
measurements or based on the least congested route.

• The basic idea of Anycast is very simple: multiple servers, which share the same IP address, host
the same service.
Anycast Address Topology
Special Addresses

✓ Unspecified Address

❖ ::/128 = 0000: 0000: 0000: 0000: 0000: 0000: 0000: 0000 = ::/128

❖ Also use ::

❖ 0.0.0.0 in IPv4

❖ Also use in default route in IPv6

✓ Loopback Address

❖ 0:0:0:0:0:0:1 = ::1/128

❖ Also use ::1

❖ 127.0.0.0.1 in IPv4
✓ Discard Address

❖ To discard Remote DDOS Attack Packets

❖ To filter routing traffics in router as block hole filtering

❖ 100::/64

✓ IPv4-Mapped IPv6 Addresses

❖ 0:0:0:0:0:192.168.100.1

❖ ::ffff:0:0/96

❖ IPv4-IPv6 Translation Address

❖ 64:ff9b::/96
IPv6 Addresses with Description
Overall IPv6 Addressing Structure
Zone ID for Link Local Address

• In Window

• E.g. Host A : fe80::2abc:d0ff:fee9:4121%4 Zone ID

Host B : fe80::3123:e0ff:fe12:2001%3 Zone ID

• Ping from Host A to Host B

➢ ping fe80::3123:e0ff:fe12:2001%4 (not %3)

Note : Identifies the interface zone ID on the host which is connected to the segment.
IPv6 Autoconfigurations

• Stateless Autoconfiguration (SLAC)

❖ No Manual configuration required

❖ Minimal Configuration of routers

❖ No additional servers

• Stateful Autoconfiguration (SAC)

❖ Need a DHCP server

❖ DHCPv6
IPv4 to IPv6 Mechanism

• There are 3 types of IPv4 to IPv6 mechanism.

❖ Dual Stack

❖ IPv6 Tunneling over IPv4

❖ NAT64
Dual Stack Network
• A dual stack network involves nodes that are capable of processing IPv4 and IPv6 traffic
simultaneously.

• This is especially important at the router, as the router is typically the first node on a given
network to receive traffic from outside of the network.

• When a node within a dual stack network receives traffic, it is programmed to prefer IPv6 over
IPv4 traffic.
Different Between IPv4 only and Dual Stack
IPv6 over IPv4 Tunneling
• 6 to 4 tunneling is an integration method where an IPV6 packet is encapsulated within an IPv4.

• 6to4 is very useful when trafficking IPv6 data over an IPv4 network, it especially works best in
WAN settings where a remote network is still running IPv4 protocols.

• There are two types of 6 to 4 tunneling.

❖ Manual 6to4 tunneling

❖ Auto 6to4 tunneling


Manual Tunnel (IPv6 over IPv4 GRE Tunnel)
▪ An IPv6 over IPv4 GRE tunnel uses the standard GRE tunneling technology to provide P2P
connections.
▪ Any types of protocol packets that GRE supports can be encapsulated and transmitted through a GRE
tunnel. The protocols may include IPv4, IPv6, Open Systems Interconnection (OSI), and Multiprotocol
Label Switching (MPLS).
Auto Tunnel (Intra-Site Automatic Tunnel Addressing Protoco)
(ISATAP)
• The ISATAP tunnel uses a specially formatted IPv6 address with an IPv4 address embedded into it.

• Different from the IPv6-to-IPv4 address that uses the IPv4 address as the network prefix, the
ISATAP address uses the IPv4 address as the interface ID.
NAT64

• NAT64/DNS64 uses a protocol translation approach, versus an encapsulation approach, to connect


IPv6 users to IPv4 services.

• The NAT64 gateway is a translator between IPv4 and IPv6 protocols for which function it needs at
least one IPv4 address and an IPv6 network segment comprising a 32-bit address space.

• In the NAT64 gateway, two interfaces are connected to the IPv4 for an IPv6 network. Traffic from
IPv6 goes through the gateway, which transfers and translates data packets.

• Although NAT64 is an effective gateway for these two network types, some technologies such as
Skype and other types of real-time interfacing are not supported.
NAT64/ DNS64

❖ Note: A NAT64 connects the IPv6 network to the IPv4 network. This NAT64 uses the Well-
Known Prefix 64:ff9b::/96.
Explanation of NAT64 and DNS64

▪ The IPv6 only client wants to connect to an IPv4 only server.

▪ The IPv4 only server means that the DNS system has only an “A” record for the server and no
“AAAA” records.

▪ DNS64 server should be set as the DNS server of the IPv6 only client.

▪ When the IPv6 only client tries to connect to the web server, it sends a recursive query to the
DNS64 server to find the IPv6 address of the web server.

▪ The DNS64 server uses the normal DNS system to find out the IP address of the web server.
Stateless and Stateful Translations

• There are two types of translations.

• The gateway maintains IPv6-to-IPv4 address mapping, which may be established with an automatic
algorithm (stateless mapping) or with special and manual translations (stateful mapping) when the
first packet from the IPv6 network reaches the NAT64 gateway.
Stateless NAT64
• Stateless NAT64 is a good tool to provide Internet servers with an accessible IP address for both
IPv4 and IPv6 on the global Internet.
• To aggregate many IPv6 users into a single IPv4 address, stateful NAT64 is required.
Stateful NAT64
• Stateful NAT64 allows IPv6-only clients to contact IPv4 servers using unicast UDP, TCP, or ICMP
based on RFC 6146.

• This technology will be used mainly where IPv6-only networks and clients (i.e. Mobile handsets,
IPv6 only wireless, etc...) need access to the IPv4 internet and its services.
Difference Between Stateless and Stateful NAT64 Translations
IPv6 Subnetting
▪ Provider A has been allocated an IPv6 Block

▪ 2001:DB8::/32

▪ Provider A will delegate /48 blocks to its customer

▪ Find the blocks provided to the first 4 customers


Assign IPv6 Network Address
Neighbor Discovery Protocol (NDP)

✓ Replaces ARP, ICMP (redirects, router discovery)

✓ Reachability of neighbors

✓ Hosts use it to discover routers, auto configuration of addresses

✓ Features of NDP

❖ Discovering Routers Dynamically

❖ Discovering Network Prefixes Dynamically:

❖ Resolving MAC address dynamically

❖ Autoconfiguration of IPv6 addresses:

❖ DAD (Duplicate Address Detection)


Five Neighbor Discovery Messages
✓ Router Solicitation Message (RS)

• Router Solicitation messages are requests to IPv6 Routers for Router Advertisement Messages.

✓ Router Advertisement message (RA)

• Router Advertisements are the NDP messages generated by IPv6 Routers to advertise their
presence in the link and to inform other IPv6 devices in the link about important IPv6 link
parameters like network prefix, prefix length, MTU etc.

✓ Neighbor Solicitation message (NS)

• Sent by an IPv6 device to resolve the link-layer address (MAC Address) of an IPv6 neighbor, to
verify the reachability of cached link-layer address (MAC Address) and for Duplicate Address
Detection (DAD)
✓ Neighbor Advertisement message (NA)

• Neighbor Advertisement messages are response to a Neighbor Solicitation message sent from
an IPv6 neighbor.

✓ Redirect message

• Redirect messages are sent by IPv6 routers to inform IPv6 hosts in the link about a better
next hop
Manual Address Assign

Enable for IPv6 on Router ( Global Mode)

With Short term

Assign IP address on interface gi0/0 (manual)

With long term

Assign IP address on int se 0/0


(manual)
✓Enable IPv6 on Router (Global Mode) and Manual
• R1(config)#IPv6 unicast-routing
• R1(config)#interface gi0/0
• R1(config-if)#IPv6 address 2001:DB8::1/48

✓Enable IPv6 on Interface


• R1#conf t
• R1(config)#int fa0/0
• R1(config-if)#IPv6 enable
❖Note: Use for EUI-64
Configure with Eui-64
• R1(config)#ipv6 unicast-routing

• R1(config)#int fa0/0

• R1(config-if)#ipv6 address IPv6 prefix/ prefix-length eui-64

• R1(config-if)#ipv6 address 2001:db8:3c18:1::/64 eui-64

❑ R1#show ipv6 interface fa0/1

Fa0/1 is up, line protocol is up

IPv6 is enabled, link-local address is FE80::260:3dFF:FE47:1720

Global unicast addresses: MAC Address: 0260.3d47.1720


!

2001:DB8:C18:1:260:3EFF:FE47:1720, subnet is 2001:DB8:C18:1::/64


Assign Two interfaces with SLACC and EUI-64

SLACC

EUI-64
IPv6 with ND Command

✓ Ipv6 nd prefix 2001:db8:1234:(router #)::/64 120 120

• ND command = enable RA
Use five minutes = 120 seconds for life time (both preferred and valid)

✓ Change RA interval to 30 seconds

• Ipv6 nd ra interval 30
IPv6 with Show Commands

✓ Show ipv6 interface fa0/0

✓ Debug Ipv6 icmp

✓ Debug ipv6 nd

✓ Ping ipv6 fe80:: (link local address of host)

✓ Show ipv6 neighbors

✓ Undebugg all
Labs

✓ IPv6 with Static Route

✓ Routing with OSPFv3

✓ Manual Tunnel in IPV6

✓ IPv6 with inter-VLAN Routing