Internet Protocol version 6 With an emphasis on differences with Internet Protocol version 4

Abstract The purpose of this document is to briefly describe the IPv6 protocol, with an emphasis on the main differences between IPv6 and IPv4. Unlike IPv4, IPv6 addresses critical areas such as IP addresses and headers, QoS (quality of service), and authentication and security. Finally, conclusions will be drawn based on the current status of IPv6. Introduction

IPv6, also known as IPng, is a new version of the Internet Protocol, designed as a successor to IP version 4 (IPv4). Major changes from IPv4 to IPv6 are intended to correct some of the limitations of IPv4 and include: Scale-the IP address size is increased from 32 bits to 128 bits to support a much larger address space and more addressing flexibility Ease of configuration-Allows hosts to autoconfigure its IP address and network parameters Performance-Simplified header format and option handling, plus proper alignment of all fields in the headers to allow more efficient processing Extensibility-Supports extension headers and expandable header options to allow additions of new capabilities. IPv6 defined The Internet Protocol Version 6 (IPv6) is a new version of the Internet Protocol designed as a successor to Internet Protocol 4 (IPv4). The set of specifications for IP Version 6 are covered under RFC 1883, which is being reviewed by the Internet Engineering Task Force (IETF) Standards Committee. IPv6 was designed so packets formatted for IPv4 or IPv6 can be handled. Address space limitations and low router performance pushed IPv6 development; a 128-bit address space and simpler IP addresses should alleviate those problems. Other enhancements include built-in 64bit encryption and autoconfiguration of IP addresses. Characteristics of IPv6 as defined by RFC 1883 IPv6 Header format

Version: 4-bit Internet Protocol version number = 6. Priority: The 4-bit Priority field in the IPv6 header enables a source to identify the desired delivery priority of its packets, relative to other packets from the same source. The Priority values are divided into two ranges: Values 0 through 7 are used to specify the priority of traffic for which the source is providing congestion control, i.e., traffic that "backs off" in response to congestion, such as TCP traffic. Values 8 through 15 are used to specify the priority of traffic that does not back off in response to congestion, e.g., "real-time" packets being sent at a constant rate. Flow Label: The 24-bit Flow Label field in the IPv6 header may be used by a source to label those packets for which it requests special handling by the IPv6 routers, such as non-default quality of service or real-time service. A flow is a sequence of packets sent from a particular source to a particular (unicast or multicast) destination for which the source desires special handling by the intervening routers Payload Length: 16-bit unsigned integer. Length of payload, i.e., the rest of the packet following the IPv6 header, in octets. If zero, indicates that the payload length is carried in a Jumbo Payload hop-by-hop option. Next Header: 8-bit selector. Identifies the type of header immediately following the IPv6 header. Uses the same values as the IPv4 Protocol field

Hop Limit: 8-bit unsigned integer. Decremented by 1 by each node that forwards the packet. The packet is discarded if Hop Limit is decremented to zero. Source Address: 128-bit address of the originator of the packet. Destination Address: 128-bit address of the intended recipient of the packet (possibly not the ultimate recipient, if a Routing header is present). Types of addresses Unicast - identifier for a single interface. Multicast - identifier for a set of interfaces. A packet sent to multicast address is delivered to all members of the set. All multicast addresses begin with FF, and the fourth address place defines the addresses scope. Anycast - identifier for a set of interfaces. A packet sent to an anycast address is delivered to the "nearest" member of the set. A full implementation of IPv6 includes implementation of the following extension headers: Hop-by-Hop Options: The Hop-by-Hop Options header is used to carry optional information that must be examined by every node along a packet's delivery path. Routing (Type 0): The Routing header is used by an IPv6 source to list one or more intermediate nodes to be "visited" on the way to a packet's destination. This function is very similar to IPv4's Source Route options. Fragment: The Fragment header is used by an IPv6 source to send packets larger than would fit in the path MTU (max transmission unit) to their destinations. Unlike IPv4, fragmentation in IPv6 is performed only by source nodes, not by routers along a packet's delivery path. Destination Options: The Destination Options header is used to carry optional information that need be examined only by a packet's destination node(s). Authentication: Using Authentication Headers, IPv6 has a standard method of determining packet authenticity, to ensure that any two nodes can authenticate each other. This authentication is based upon a secret key Encryption (Encapsulating Security Payload): Using the Encryption Headers, IPv6 can perform two levels of packet encryption. 1.Transport Mode Encryption - In this mode, the transport layer and payload are encrypted, but the IP header and any extension headers before the Encryption header are not encrypted. 2.Full Datagram "Tunnel-mode" Encryption - In this mode, the entire IP datagram is encrypted, and placed inside a new IPv6 and ESP header. This encryption is very expensive, but allows for the creation of tunnels "Steel Pipes" between firewalls at two remote sites. Differences between IPv4 and IPv6 Since IPv6 is being defined to address the shortcomings of IPv4, it is only natural that the changes from IPv4 to IPv6 fall primarily into the following categories: Expanded Addressing Capabilities: IPv4 will be having an address space shortage. With around 4 billion addresses, IPv4 isn't large enough to accommodate the growth of the Internet. Many groups are setting up networks behind masquerading firewalls or other NAT's to avoid this. A class shortage is also forthcoming since the A/B/C class structure didn't hold up through the expansion of the Internet. The CIDR system was introduced to solve this, at the cost of complicated routing management. IPv6 increases the IP address size from 32 bits to 128 bits, to support more

levels of addressing hierarchy, a much greater number of addressable nodes, and simpler auto-configuration of addresses. The scalability of multicast routing is improved by adding a scope field to multicast addresses. And a new type of address called an Anycast address is defined, used to send a packet to any one of a group of nodes. Another drawback to IPv4 has been the way in which addresses are assigned; it's difficult to tell where a given address is located, either geographically or with regard to network topology. Because of this inefficiency, Internet backbone routers maintain huge tables of where to send information for any given address. The end result is an inelegant network design that creates too much work for the routers and slows their performance. IPv6 will reduce this addressing chaos by ensuring that addresses are given out in an elegant hierarchy. Large Internet service providers will receive huge blocks of addresses and pass out smaller blocks of those addresses to subscribers who, in turn, may pass on increasingly smaller address blocks. Header Format Simplification: Some IPv4 header fields have been dropped or made optional, to reduce the common-case processing cost of packet handling and to limit the bandwidth cost of the IPv6 header. Improved Support for Extensions and Options: Changes in the way IP header options are encoded allows for more efficient forwarding, less stringent limits on the length of options, and greater flexibility for introducing new options in the future. Flow Labeling Capability: A new capability is added to enable the labeling of packets belonging to particular traffic flows for which the sender requests special handling, such as non-default quality of service or real-time service. Authentication and Privacy Capabilities: Extensions to support authentication, data integrity, and (optional) data confidentiality are specified for IPv6. Vanilla IPv4 traffic does not support packet encryption. This allows the contents of packets (possibly passwords, credit card numbers, etc.) to be viewed by anyone capable of seeing the packet pass by. IPv4 does have encryption support, but it's not used as often as it should be and can sometimes be problematic to get to machines to communicate. Approach to solving shortcoming by IPv4 and IPv6

Problem Address-space shortage Encryption Quality of service Finding closest instance of resource Finding local router Ensuring unique address Adding new features

IPv4 solution Network Address Translation Add-on protocols (e.g., IP Security protocol, Point to Point Tunneling Protocol) No real solution No solution Dynamic Host Configuration Protocol (DHCP) and BootP can give out the information DHCP New protocols run on top of IP

IPv6 solution Greatly increased address space Built into packet header Built into packet header Anycast Remote Desktop Protocol built into protocol specification Uses Media Access Control address in network address Chained headers allow for future expansion

IPv6 Status The move from IPv4 to IPv6 is inevitable in part because of the short supply of IP addresses. The number of addresses is limited because of the many computers and other devices hooked to the Internet. The new protocol's benefits of simplified deployment of IP devices and enhanced security also will help corporate users. The largest companies need to start the conversion process the earliest. In fact, a report by Cambridge, Mass.-based Forrester Research, Inc. recommends that companies with more than 1,000 IP addresses begin to plan now. The conversion is especially important for customers who rely on the Internet for enterprise resource planning, electronic data interchange and electronic commerce. Those are the kinds of applications that often require a lot of bandwidth for transaction processing, interactive media, push applications and voice-over-IP. The widespread use of work-arounds (NATs, DHCP, CIDR) has made the planning for IPv6 conversion seem less critical. And network managers have many other large projects staring them in the face, including year 2000 and 2038. To smooth the transition, much is being done to maximize application compatibility with IPv6. For example, such protocols as TCP, UDP, ICMP, OSPF, BGP, and even RIP are being upgraded to comply with IPv6. Unfortunately, because most OSes require applications to know about IP addresses, in-house developers will need to update most applications to support IPv6 addresses. Most of the available IPv6 applications are network utilities, such as Telnet and FTP, but there is an IPv6-compatible version of the Apache Web server available. Finally, IPv6 will reduce network administration by obviating the need for Dynamic Host Configuration Protocol (DHCP) on many networks. IPv6 allows autoconfigurable hosts by using the host Media Access Control address for part of the IPv6 address combined with Remote Desktop Protocol, or RDP. Although this lessens the need for protocols such as DHCP, network- or platform-specific information still will need such a mechanism. Basically, there is not a killer application specific to IPv6 yet; however, after IPv6 has deployed well. We have to start by porting DOOM and Netscape onto IPv6.