IPv6The New Internet Protocol

Integrated Network Services

Almerindo Graziano

Introduction

• Justification for IPv6

• IPv6 goals

• IPv6 Addressing

• The new Header– Extension Headers

• Recap

Justification for IPv6: What is wrong with IPv4?

• Wasteful of address space

• Not built-in support for hierarchical addressing– Subnetting– CIDR

• Large routing tables

• Large administrative workload:– Changing ISP– Merger or acquisition Renumbering

orNAT

What is wrong with IPv4?

• Routers perform a lot of operations– Table lookup– Options– Checksum– Fragmentation

• Lack of authentication– IP spoofing

• Lack of encryption

IPv6 goals• Support for a larger number of addresses• Reduce the size of routing tables• Simplify the protocol (easier to process)• Provide better security• Better support for Quality of Service• Provide support for mobile users• Allow the protocol to be extensible• Be compatible

IPv6 Addressing scheme

• Designed to be highly scalable and hierarchical• 16-byte long

– 7x1023 IP addresses per square meter!!!

– It “eliminates” the need for private address space

• IPv6 notation8000:0000:0000:0000:0123:8219:E42A:DF3E

8000::123:8219:E42A:DF3E

• IPv4 addresses can be written as::192.31.20.46

Address Allocation• IPv6 could support a number of diverse addressing

schemes– Provider Allocation

hierarchy is based on large service providers,regardless of their location

– Geographic Allocationhierarchy is based on the location of subscribers(similar to the telephony system)

• Both approaches have drawbacksLarge networks do not often conform to providerand/or geographical boundaries!!

Aggregation Based Allocation• Combines provider and geographic allocation

approaches– Based on the existence of limited number of

high-level exchange points• Large providers are represented at one or more

exchange points (provider orientation)

– Exchanges are distributed around the globe (geographic orientation)

• Favoured by the IETF

IPv6 Address Hierarchy

To other TLA

Long-Haul Provider

Interexchange(TLA)

Subscriber

Provider

Subscriber Subscriber

Subscriber

Provider

Subscriber

Long-Haul Provider

Long-Haul Provider

Long-Haul Provider

TLA: Top Level Aggregator

Aggregation-based Allocation• First 3 bits identify the type of address

– unicast, multicast, anycast etc..

• International registries assign block to TLA• TLA allocate block of addresses to NLA

– NLA can be large providers or global corporate networks

• NLA can create their own hierarchy

001 TLA RES NLA SLA Interface ID

3 13 8 24 bits 16 bits 64 bits

Public Topology Local InterfaceSiteTopology

IEEE EUI-64 Address24 bits - Company ID40 bits - interface ID

NLA 1

NLA 2

NLA 3

Site SLA Interface ID

Site SLA Interface ID

Site SLA Interface ID

32 bits

Aggregation-based Allocation

Other Address Types

• Site-Local Addresses– Similar to IPv4 private addresses

• Link-Local Addresses– A router doesn’t exist– Operate over a single link– Used for temporary bootstrapping

Not propagated outside organizational boundaries

Not allocated by public registry authorities

1111111010 00 . …. 00 Interface ID

128 bits

54 bits 64 bits10 bits

Other Address Types

• Multicast Addresses– Logical addresses to communicate to multiple

nodes

• Anycast Addresses– Used to communicate to the closest of a class of

nodes (closest DNS, closest router)– Allocated from the same address space as

Unicast addresses

Address Autoconfiguration• A node combines its MAC address with a network

prefix it learns from a neighbouring router• The autoconfiguration doesn’t need a manually

configured server: stateless address autoconfiguration– It differs from IPv4’s DHCP (stateful address

configuration). DHCPv6 has been developed

– Great advantage when an enterprise is forced to renumber because of an ISP change or M&A

– Great support for mobile users and dynamic workgroups

32 bits

Source Address

Destination Address

Version Priority Flow Label

Payload Length Next Header

Hop Limit

IPv4 Header IPv6 HeaderHeader Comparison

Version Type ofService

IHL Total Length

Identification Flag FragmentOffset

TTL Protocol Header Checksum

Source Address

Destination Address

Options Padding

32 bits

IPv4 Header = 14 fields

IPv6 Header = 8 fields

The new Header• Fixed size

• Fewer fields

• No Checksum– Already performed by other layers– Reliable networks

• Extension Headers replace Options– Routers can skip over some extension headers

Faster processing

Extensible

QoS Support• Priority field (4 bits)

– Congestion-Controlled traffic (0-7)• Traffic where the source backs off in case of congestion (e.g.

TCP)

– Non-Congestion-Controlled traffic (8-15)• Traffic where constant data rate and delay are desirable (real-

time audio/video)

• Flow label field (20 bits)– A sequence of packets sent from a particular source to a

particular destination for which the source desires special handling by intervening routers

Extension Headers Hop-by-Hop options header Destination options header-1 Source Routing header Fragmentation header Authentication header IPv6 Encryption header Destination options header-2

Extention Headers

• Hop-by-Hop– Carries information for all intermediate nodes– Used for management and debugging

• Destination– Carries information to be read just by

destination nodes

• Source Routing– Allows to specify a list of router to traverse

Fragmentation Header

• Each source is responsible for sending packets of the right size– MTU path discovery process

• Packet fragmentation is not permitted by intermediate nodes (routers)– Faster processing

• If fragmentation is required, the fragmentation header is used

Authentication Header

• It gives network applications a guarantee that a packet did in fact come from an authentic source

• A checksum is created based on the key and the content of the packet

• The checksum is re-run at the destination and validated

IPv6 Encryption Header

• Encapsulation Security Payload (ESP)– It provides encryption at the network layer

• Two encryption modes are supported– Transport mode– Tunnel mode (steel pipe)

Encryption modes

IPv6Header

ExtentionHeaders

ESP HeaderTransport Headerand Payload

Unencrypted Encrypted

IPv6Header

ExtentionHeaders

ESP Header

IPv6Header

ExtentionHeaders

Transport Headerand Payload

Unencrypted Encrypted

Original IP packet

Transport Mode

Tunnel Mode

The Transition to IPv6

• IPv6 offers a robust future-oriented solution to integrate physical networks

• Possibly use NAT but– can be a bottleneck

– prevents the use of IP-level security

– breaks Domain Name Servers

• 6Bone– Experimental world-wide network for testing IPv6

IPv6 Resources

– Main IPv6 pagehttp://ipv6.com/

– 6Bone home pagehttp://6bone.net/

– The case for IPv6 (Internet Draft) http://www.6bone.net/misc/case-for-ipv6.html