IPv6 Basics

Session Number Presentation_ID

Outline

Protocol Background
Technology Differences Enhanced Capabilities Transition Technologies

Protocol Background

Session Number Presentation_ID

Why a New IP?

1991 ALE WG studied projections about address consumption rate showed exhaustion by 2008. Bake-off in mid-1994 selected approach of a new protocol over multiple layers of encapsulation.

What Ever Happened to IPv5?

0 1 2 IP IP IP March 1977 version January 1978 version February 1978 version A (deprecated) (deprecated) (deprecated)

3
4 5 6 7 8 9

IP
IPv4 ST IPv6 CATNIP Pip TUBA

February 1978 version B

September 1981 version Stream Transport December 1998 version IPng evaluation IPng evaluation IPng evaluation unassigned

(deprecated)
(current widespread) (not a new IP, little use) (formerly SIP, SIPP) (deprecated) (deprecated)

(formerly TP/IX; deprecated)

10-15

Do We Really Need a Larger Address Space?

Internet Users or PC
~530 million users in Q2 CY2002, ~945 million by 2004

(Source: Computer Industry Almanac) Emerging population/geopolitical and Address space

PDA, Pen-Tablet, Notepad,

~20 million in 2004

Mobile phones
Already 1 billion mobile phones delivered by the industry

Transportation
1 billion automobiles forecast for 2008 Internet access in Planes

Consumer devices
Billions of Home and Industrial Appliances
6

What were the goals of a new IP design?

Expectation of a resurgence of always-on technologies

xDSL, cable, Ethernet-to-the-home, Cell-phones, etc.

Expectation of new users with multiple devices.

China, India, etc. as new growth Consumer appliances as network devices (1015 endpoints)

Expectation of millions of new networks.

IPv6 Technology Scope

IP Service
Addressing Range Autoconfiguration Security

IPv4 Solution
32-bit, Network Address Translation

IPv6 Solution
128-bit, Multiple Scopes
Serverless, Reconfiguration, DHCP IPSec Mandated, works End-to-End Mobile IP with Direct Routing

DHCP
IPSec

Mobility Quality-of-Service IP Multicast

Mobile IP

Differentiated Service, Integrated Service

IGMP/PIM/Multicast BGP

Differentiated Service, Integrated Service

MLD/PIM/Multicast BGP,Scope Identifier
8

How to get an IPv6 allocation?

IPv6 address space at any Regional Internet Registry

http://www.iana.org/numbers

Outline

Protocol Background
Technology Differences Enhanced Capabilities Transition Technologies

10

A new Header

Session Number Presentation_ID

11

IPv4 & IPv6 Header Comparison

IPv4 Header
Version IHL Type of Service Total Length Version Traffic Class Flow Label

IPv6 Header
Fragment Offset Payload Length

Identification Time to Live Protocol

Flags

Header Checksum

Next Header

Hop Limit

Source Address

Destination Address
Options Padding

Source Address

Legend

- fields name kept from IPv4 to IPv6 - fields not kept in IPv6 - Name & position changed in IPv6

Destination Address
12

- New field in IPv6

Summary of Header Changes between IPv4 & IPv6

Streamlined
Fragmentation fields moved out of base header IP options moved out of base header Header Checksum eliminated Header Length field eliminated Length field excludes IPv6 header Alignment changed from 32 to 64 bits

Revised
Time to Live Hop Limit Protocol Next Header Precedence & TOS Traffic Class Addresses increased 32 bits 128 bits

Extended

Flow Label field added

13

Extension Headers
IPv6 header next header = TCP TCP header + data

IPv6 header next header = Routing

Routing header next header = TCP

TCP header + data

IPv6 header
next header = Routing

Routing header
next header = Fragment

Fragment header
next header = TCP

fragment of TCP header + data

14

Fragment Header
Next Header Reserved Fragment Offset Original Packet Identifier 00M

IPv6 fragmentation & reassembly is an end-toend function;

routers do not fragment packets

if packet is too big they send ICMP "packet too big"

though discouraged, can use IPv6 Fragment header to support upper layers that do not (yet) do path MTU discovery
15

Addressing

Session Number Presentation_ID

16

Address Allocation
/23 2001 Registry ISP prefix Site prefix Subnet prefix 0410 /32 /48 /64 Interface ID

The allocation process was recently updated by the registries:

IANA allocates from 2001::/16 to regional registries Each regional registry allocation is a ::/23 ISP allocations from the regional registry is a ::/36 (immediate allocation) or ::/32 (initial allocation) or shorter with justification Policy expectation that an ISP allocates a ::/48 prefix to each customer
17

Text Representation of Addresses

"Preferred" form:

1080:0:FF:0:8:800:200C:417A

Compressed form: FF01:0:0:0:0:0:0:43 becomes FF01::43 IPv4-mapped: 0:0:0:0:0:FFFF:10.1.68.3 or ::FFFF:10.1.68.3

18

IPv6 - Addressing Model

Addresses are assigned to interfaces
change from IPv4 model :

Interface 'expected' to have multiple addresses Addresses have scope

Link Local Site Local Global

Global

Site-Local

Link-Local

Addresses have lifetime

Valid and Preferred lifetime

19

Types of IPv6 Addresses

Unicast
One address on a single interface Delivery to single interface

Multicast
Address of a set of interfaces Delivery to all interfaces in the set

Anycast
Address of a set of interfaces

Delivery to a single interface in the set

No broadcast addresses
20

Address Type Prefixes

Address type IPv4-compatible global unicast link-local unicast site-local unicast multicast Binary prefix 0000...0 (96 zero bits) 001 1111 1110 10 1111 1110 11 1111 1111

all other prefixes reserved (approx. 7/8ths of total)

anycast addresses use unicast prefixes

21

Unicast Address Formats

Link Local
(10bits) 1111111010 RESERVED (54bits) MUST be 0 Interface ID (64bits) MAC derived

Site Local
(10bits)
1111111011

Subnet (38bits)
Locally Administered

Subnet (16bits)
Locally Administered

Interface ID (64bits)
MAC derived or Locally Administered

Global
(3bits)

Registry / provider assigned (45bits)

Subnet (16bits) Locally Administered

Interface ID (64bits) MAC derived or Locally Administered or Random

001

Provider Administered

22

IPv6 Routing

Session Number Presentation_ID

23

IPv6 routing

IPv6 still uses the longest-prefix match routing algorithm.

RIPv2, supports split-horizon with poisoned reverse (RFC 2080)

OSPFv3
ISIS BGP4+

(RFC 2740)
(draft-ietf-isis-ipv6-02) (RFC 2858 and RFC 2545)

24

Outline

Protocol Background
Technology Differences Enhanced Capabilities Transition Technologies

25

Security

Session Number Presentation_ID

26

IPv6 Security

All implementations required to support authentication and encryption headers (IPsec)

Authentication separate from encryption for use in situations where encryption is prohibited or prohibitively expensive Key distribution protocols are under development (independent of IP v4/v6) Support for manual key configuration required

27

Quality of Service

Session Number Presentation_ID

28

IP Quality of Service Approaches

Two basic approaches developed by IETF:

Differentiated Service (diff-serv)
coarse-grain (per-class), qualitative promises (e.g., higher priority), no explicit signaling

Integrated Service (int-serv)

fine-grain (per-flow), quantitative promises (e.g., x bits per second), uses RSVP signaling

29

IPv6 Support for Diff-Serv

8-bit Traffic Class field to identify specific classes of packets needing special QoS
same as dscp definition of IPv4 Type-of-Service byte may be initialized by source or by router enroute; may be rewritten by routers enroute traffic Class value of 0 used when no special QoS requested (the common case today)

30

IPv6 Support for Int-Serv

20-bit Flow Label field to identify specific flows needing special QoS
each source chooses its own Flow Label values; routers use Source Addr + Flow Label to identify distinct flows

Flow Label value of 0 used when no special QoS requested (the common case today)
this part of IPv6 is not standardized yet, and may well change semantics in the future

31

Compromise

Signaled diff-serv (RFC 2998)

uses RSVP for signaling with course-grained qualitative aggregate markings allows for policy control without requiring per-router state overhead

32

Mobility

Session Number Presentation_ID

33

IPv6 Mobility
Mobile hosts have one or more home address
relatively stable; associated with host name in DNS

A Host will acquire a care-of address when it discovers it is in a foreign subnet (i.e., not its home subnet)
uses auto-configuration or local policy to get the address registers the care-of address with a home agent, i.e, a router on its home subnet

Packets sent to the mobiles home address(es) are intercepted by home agent and forwarded to the care-of address, using encapsulation Mobile IPv6 hosts sends binding-updates to correspondent to remove home agent from flow

34

ICMP / Neighbor Discovery

Session Number Presentation_ID

35

ICMP Error Message Types

destination unreachable
no route administratively prohibited address unreachable port unreachable

packet too big

time exceeded
parameter problem
erroneous header field unrecognized next header type unrecognized option

36

Neighbor Discovery
ICMP message types:
router solicitation router advertisement neighbor solicitation neighbor advertisement redirect

Functions performed:
router discovery prefix discovery autoconfiguration of address & other parameters duplicate address detection (DAD) neighbor unreachability detection (NUD) link-layer address resolution first-hop redirect

37

Router Advertisements
Periodically multicast by router to all-nodes multicast address (link scope) Contents:
I am a router (implied) lifetime as default (1 sec 18 hr) list of: prefix

get addresses from DHCP flag

get other stuff from DHCP flag routers link-layer address link MTU suggested hop limit

prefix length
valid lifetime preferred lifetime on-link flag autoconfig OK flag

Not sent frequently enough for unreachability detection

38

Other Neighbor Discovery Messages

Router solicitations
sent only at host start-up, to solicit immediate router advert.
sent to all-routers multicast address (link scope)

Neighbor solicitations
for address resolution: sent to solicited node multicast addr. for unreachability detection: sent to neighbors unicast addr.

Neighbor advertisements
for address resolution: sent to unicast address of solicitor

for link-layer address change: sent to all-nodes multicast addr.

usable for proxy responses (detectable) includes router/host flag
39

Serverless Autoconfiguration (Plug-n-Play)

Hosts generally will construct addresses from RA:
subnet prefix(es) learned from periodic multicast advertisements from neighboring router(s) interface IDs generated locally MAC addresses : pseudo-random temporary

Other IP-layer parameters also learned from router adverts (e.g., router addresses, recommended hop limit, etc.) Higher-layer info (e.g., DNS server and NTP server addresses) discovered by multicast / anycast-based service-location protocol [details being worked out] DHCP is available for those who want explicit control
40

Auto-Reconfiguration (Renumbering)
New address prefixes can be introduced, and old ones withdrawn
we assume some overlap period between old and new, i.e., no flash cut-over

hosts learn prefix lifetimes and preference order from router advertisements
old TCP connections can survive until end of overlap; new TCP connections use longest preferred lifetime

Router renumbering protocol, to allow domaininterior routers to learn of prefix introduction / withdrawal
41

Minimum MTU
Definitions:
link MTUa links maximum transmission unit, i.e., the max IP packet size that can be transmitted over the link path MTU destination the minimum MTU of all the links in a path between a source and a

Minimum link MTU for IPv6 is 1280 octets (versus 68 octets for IPv4) On links with MTU < 1280, link-specific fragmentation and reassembly must be used routers deliver packets without further fragmentation
42

Path MTU Discovery

Implementations are expected to perform path MTU discovery to send packets bigger than 1280 octets:
for each dest., start by assuming MTU of first-hop link if a packet reaches a link in which it cannot fit, will invoke ICMP packet too big message to source, reporting the links MTU; MTU is cached by source for specific destination occasionally discard cached MTU to detect possible increase

Minimal implementation can omit path MTU discovery as long as all packets kept 1280 octets
e.g., in a boot ROM implementation
43

Outline

Protocol Background
Technology Differences Enhanced Capabilities Transition Technologies

44

Outline

Protocol Background
Technology Differences Enhanced Capabilities Transition Technologies

45

IPv6 Timeline
(A pragmatic projection)

20XX

20XX

20XX

20XX

20XX

20XX

20XX

20XX

Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4

Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4

Early adopter Application porting <= Duration 3+ years =>

ISP adoption <= Duration 3+ years => Consumer adoption <= Duration 5+ years =>

Enterprise adoption <= Duration 3+ years =>

Asia

Europe

Americas
46

IPv4-IPv6 Transition / Co-Existence

A wide range of techniques have been identified and implemented, basically falling into three categories:
(1) Dual-stack techniques, to allow IPv4 and IPv6 to co-exist in the same devices and networks

(2) Tunneling techniques, to avoid order dependencies when upgrading hosts, routers, or regions
(3) Translation techniques, to allow IPv6-only devices to communicate with IPv4-only devices

Expect all of these to be used, in combination

47

Transition environments
Enterprise WAN: 6to4, IPv6 over IPv4, Dual Stack 6to4 Relay Cable Dual Stack
Aggregation IPv6 over IPv4 tunnels or Dedicated data link layers IPv6 over IPv4 Tunnels

Residential
6Bone

DSL, FTTH, Dial

Dual Stack or MPLS & 6PE IPv6 over IPv4 tunnels or Dual stack IPv6 over IPv4 tunnels or Dedicated data link layers

ISATAP Telecommuter IPv6 IX

ISPs

Enterprise
48

Environments

Service Provider

Enterprise Unmanaged

49

Tools Dual Stack

IPv6 Enabled

Primary tool Allows continued 'normal' operation with IPv4-only nodes

Address selection rules generally prefer IPv6

DSTM variant allows temporary use of IPv4 pool
50

IPv6 Enabled

IPv4-Only

Tools Tunneling
IPv6 Enabled

Nodes view IPv4 network as a logical NBMA linklayer

IPv4-Only

May be used in conjunction with dualstack

IPv6 Enabled
51

Tools Translation
IPv6 Enabled

Allows for the case where some components are IPv6-only while others are IPv4-only

Tool of last resort

Pay attention to scaling properties

Same application issues as IPv4/IPv4 translation

IPv4-Only
52

IPv6 Provider Edge Router (6PE) over MPLS

MP-iBGP sessions
2001:0620:: v6 v6

2001:0420::

145.95.0.0

v4

6PE

v6

2001:0421::

6PE
Dual Stack IPv4-IPv6 routers

Dual Stack IPv4-IPv6 routers 2001:0621:: v6

CE

P
6PE
IPv4 MPLS

P
6PE
v4 CE

192.76.10.0

v4 CE

192.254.10.0

IPv4 or MPLS Core Infrastructure is IPv6-unaware PEs are updated to support Dual Stack/6PE IPv6 reachability exchanged among 6PEs via iBGP (MP-BGP) IPv6 packets transported from 6PE to 6PE inside MPLS
53