iLabX Internet Protocol version 6 Erkin Kirdan Lehrstuhl für Netzarchitekturen und Netzdienste Fakultät für Informatik Technische Universität München March 02, 2020 Based on slides of Lukas Schwaighofer and Stefan Liebald 1
Outline Motivation IPv6 vs IPv4 IPv6 Addressing ICMPv6 Neighbor Discovery Protocol (NDP) Stateless Address Auto Configuration (SLAAC) Transition Mechanisms IPv6 Lab overview 2
Motivation Figure: IPv6 exhaustion (source: https://xkcd.com/865) 3
Outline Motivation IPv6 vs IPv4 IPv6 Addressing ICMPv6 Neighbor Discovery Protocol (NDP) Stateless Address Auto Configuration (SLAAC) Transition Mechanisms IPv6 Lab overview 4
IPv4 and IPv6 Header 5
IPv6 Differences ◮ 128 bit addresses compared to 32 bit in IPv4 ◮ Fragmentation only on end-hosts ◮ Header: ◮ Fixed header length (40 byte) + extension headers ◮ Fewer fields (no checksum, fragmentation) ◮ Integrated IPsec via extension header ◮ No more broadcast → multicast ◮ NDP instead of ARP ◮ more efficient routing ◮ . . . 6
IPv4 Train Source: https://www.reddit.com/r/ipv6/comments/b2upap/make_ sure_you_get_a_ticket_for_the_right_ip_train 7
Outline Motivation IPv6 vs IPv4 IPv6 Addressing ICMPv6 Neighbor Discovery Protocol (NDP) Stateless Address Auto Configuration (SLAAC) Transition Mechanisms IPv6 Lab overview 8
IPv6 Address notation ◮ 8 blocks of 2 bytes, colon separated: ◮ e.g.: 2001:0db8:0000:0000:0000:0102:0000:0304 9
IPv6 Address notation ◮ 8 blocks of 2 bytes, colon separated: ◮ e.g.: 2001:0db8:0000:0000:0000:0102:0000:0304 ◮ can be shortened: 9
IPv6 Address notation ◮ 8 blocks of 2 bytes, colon separated: ◮ e.g.: 2001:0db8:0000:0000:0000:0102:0000:0304 ◮ can be shortened: ◮ replace longest sequence of blocks of zeros with :: ◮ omit leading zeros ◮ e.g. 2001:db8::102:0:304 9
IPv6 Address notation ◮ 8 blocks of 2 bytes, colon separated: ◮ e.g.: 2001:0db8:0000:0000:0000:0102:0000:0304 ◮ can be shortened: ◮ replace longest sequence of blocks of zeros with :: ◮ omit leading zeros ◮ e.g. 2001:db8::102:0:304 ◮ What about ports? 9
IPv6 Address notation ◮ 8 blocks of 2 bytes, colon separated: ◮ e.g.: 2001:0db8:0000:0000:0000:0102:0000:0304 ◮ can be shortened: ◮ replace longest sequence of blocks of zeros with :: ◮ omit leading zeros ◮ e.g. 2001:db8::102:0:304 ◮ What about ports? ◮ use [IPv6-address]:port ◮ e.g.: [2001:db8::102:0:304]:80 9
IPv6 Prefix and Interface Identifier ◮ 128 bit IPv6 address can be split in two parts: ◮ 64 bit prefix ← identifies subnet, used for routing ◮ 64 bit interface identifier ← identifies host/interface 10
IPv6 Prefix and Interface Identifier ◮ 128 bit IPv6 address can be split in two parts: ◮ 64 bit prefix ← identifies subnet, used for routing ◮ 64 bit interface identifier ← identifies host/interface ◮ example 2001:db8::102:0:304 10
IPv6 Prefix and Interface Identifier ◮ 128 bit IPv6 address can be split in two parts: ◮ 64 bit prefix ← identifies subnet, used for routing ◮ 64 bit interface identifier ← identifies host/interface ◮ example 2001:db8::102:0:304 ◮ prefix: 2001:db8::/64 ◮ interface identifier: 0:102:0:304 10
IPv6 Prefix and Interface Identifier ◮ 128 bit IPv6 address can be split in two parts: ◮ 64 bit prefix ← identifies subnet, used for routing ◮ 64 bit interface identifier ← identifies host/interface ◮ example 2001:db8::102:0:304 ◮ prefix: 2001:db8::/64 ◮ interface identifier: 0:102:0:304 ◮ ISP could also assign you a /56 or other prefix 10
IPv6 Prefix and Interface Identifier ◮ 128 bit IPv6 address can be split in two parts: ◮ 64 bit prefix ← identifies subnet, used for routing ◮ 64 bit interface identifier ← identifies host/interface ◮ example 2001:db8::102:0:304 ◮ prefix: 2001:db8::/64 ◮ interface identifier: 0:102:0:304 ◮ ISP could also assign you a /56 or other prefix ◮ → You can create 2 8 = 256 /64 subnets from that 10
Subnetting in IPv6 Figure: Subnetting in IPv6 11
IPv6: Important well defined address prefixes source: https://xkcd.com/742 12
IPv6: Important well defined address prefixes Address (prefix) Type ::1/128 fe80::/10 fc00::/7 2001:db8::/32 ff00::/8 13
IPv6: Important well defined address prefixes Address (prefix) Type ::1/128 Loopback fe80::/10 fc00::/7 2001:db8::/32 ff00::/8 13
IPv6: Important well defined address prefixes Address (prefix) Type ::1/128 Loopback fe80::/10 Link-local unicast fc00::/7 2001:db8::/32 ff00::/8 13
IPv6: Important well defined address prefixes Address (prefix) Type ::1/128 Loopback fe80::/10 Link-local unicast fc00::/7 Unique Local unicast 2001:db8::/32 ff00::/8 13
IPv6: Important well defined address prefixes Address (prefix) Type ::1/128 Loopback fe80::/10 Link-local unicast fc00::/7 Unique Local unicast 2001:db8::/32 Documentation ff00::/8 13
IPv6: Important well defined address prefixes Address (prefix) Type ::1/128 Loopback fe80::/10 Link-local unicast fc00::/7 Unique Local unicast 2001:db8::/32 Documentation ff00::/8 Multicast 13
Unicast Address Types Figure: Relevant IPv6 unicast Types 14
Unicast Address Types Figure: Relevant IPv6 unicast Types Bonus: Prefix assignmets to continents https://jacquev6.github.io/IpMap 14
IPv6: Important multicast addresses ◮ Multicast prefix: ff00::/8 15
IPv6: Important multicast addresses ◮ Multicast prefix: ff00::/8 Address Definition ff02::1 All nodes on local network segment ff02::2 All routers on local network segment All DHCPv6 servers on local network ff02::1:2 segment ff02::1:ff00:0/104 Solicited-node multicast prefix 15
Outline Motivation IPv6 vs IPv4 IPv6 Addressing ICMPv6 Neighbor Discovery Protocol (NDP) Stateless Address Auto Configuration (SLAAC) Transition Mechanisms IPv6 Lab overview 16
ICMPv6 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Type Code Checksum Message body ◮ Error reporting and other things for IPv6 ◮ Relevant types: ◮ Echo request/reply ◮ Time exceeded ◮ Packet too big ◮ Destination unreachable 17
Outline Motivation IPv6 vs IPv4 IPv6 Addressing ICMPv6 Neighbor Discovery Protocol (NDP) Stateless Address Auto Configuration (SLAAC) Transition Mechanisms IPv6 Lab overview 18
Neighbor Discovery Protocol (NDP) 19
Neighbor Discovery Protocol (NDP) ◮ Resolves MAC address of given IPv6 address to send packet over ethernet: ◮ Sender sends Neighbour Solicitation to target: ◮ IP dest: Solicited Node Multicast IPv6 Address of target (prefix + last 3 octets of address) ◮ MAC dest: IPv6 multicast over ethernet address (33:33: + last 4 octets of v6 multicast address) ◮ Full IPv6 address of target as payload ◮ Target returns Neighbour Advertisement with MAC as payload 19
Outline Motivation IPv6 vs IPv4 IPv6 Addressing ICMPv6 Neighbor Discovery Protocol (NDP) Stateless Address Auto Configuration (SLAAC) Transition Mechanisms IPv6 Lab overview 20
Stateless Address Auto Configuration (SLAAC) 21
Stateless Address Auto Configuration (SLAAC) 1. Generate Link Local (LL) address 21
Stateless Address Auto Configuration (SLAAC) 1. Generate Link Local (LL) address 2. Perform Duplicate Address Detection (DAD) ◮ Send Neighbour Solicitation for own LL address ◮ No response → assign address 21
Stateless Address Auto Configuration (SLAAC) 1. Generate Link Local (LL) address 2. Perform Duplicate Address Detection (DAD) ◮ Send Neighbour Solicitation for own LL address ◮ No response → assign address 3. Send Router Solicitation (RS) to all routers 21
Stateless Address Auto Configuration (SLAAC) 1. Generate Link Local (LL) address 2. Perform Duplicate Address Detection (DAD) ◮ Send Neighbour Solicitation for own LL address ◮ No response → assign address 3. Send Router Solicitation (RS) to all routers 4. Take information (prefix) from response (Router Advertisement (RA)) and configure global IP address 21
Address Autogeneration Each host must have an Link Local address. Multiple Ways to generate host part: ◮ (Extended) EUI-64: 22
Address Autogeneration Each host must have an Link Local address. Multiple Ways to generate host part: ◮ (Extended) EUI-64: ◮ Split MAC address (48 bit) ◮ Stuff ff:fe in the middle (16 bit) ◮ Flip second least significant bit in first octet ◮ example: MAC 00:01:02:03:04:05 → fe80::201:2ff:fe03:405 22
Address Autogeneration Each host must have an Link Local address. Multiple Ways to generate host part: ◮ (Extended) EUI-64: ◮ Split MAC address (48 bit) ◮ Stuff ff:fe in the middle (16 bit) ◮ Flip second least significant bit in first octet ◮ example: MAC 00:01:02:03:04:05 → fe80::201:2ff:fe03:405 ◮ Stable privacy: ◮ Replacement for EUI-64 ◮ Add secret + subnet identifier to IPv6 address generation ◮ → stable IPv6 address per subnet, can’t be mapped to MAC 22
Recommend
More recommend