Internet Protocol (IP)
IP (short for Internet Protocol) specifies the technical format of packets and the addressing scheme for computers to communicate over a network. Most networks combine IP with a higher-level protocol called Transmission Control Protocol (TCP), which establishes a virtual connection between a destination and a source. It allows you to address a package and drop it in the system, but there's no direct link between you and the recipient. TCP/IP, on the other hand, establishes a connection between two hosts so that they can send messages back and forth for a period of time.
Why do we need IPv6?
New network devices that require IP addresses are on the rise. An example is a single user with a laptop, smartphone, a PC and a netbook. These are four public IPs if the person has to connect with a static IP with no NAT. Multiply that with the population that owns or are planning to acquire these devices.
NAT (Network Address Translation) is seen as an obstacle to innovation; therefore, we are shifting focus to a generation where we require mobility as well as security and a version of IP addresses that will support the next generation of devices
Internet Protocol Version 6 (IPV6)
Internet Protocol version 6 (IPv6) is a network layer for packet-switched internetworks. It is designated as the successor of IPv4, the current version of the Internet Protocol, for general use on the Internet.
The main change brought by IPv6 is a much larger address space that allows greater flexibility in assigning addresses. The extended address length eliminates the need to use network address translation to avoid address exhaustion, and also simplifies aspects of address assignment and renumbering when changing providers. It was not the intention of IPv6 designers, however, to give permanent unique addresses to every individual and every computer.
Features and differences from IPv4
The main features of IPv6 that is driving adoption today are listed below.
- Larger address space (addresses in IPV6 are 128 bits long)
- No more NAT (Network Address Translation)
- Auto-configuration
- No more private address collisions
- Better multicast routing
- Simpler header format
- Simplified, more efficient routing
- True quality of service (QoS), also called "flow labeling"
- Built-in authentication and privacy support
- Flexible options and extensions
- Easier administration (say good-bye to DHCP)
IPv6 Addresses
The primary change you can notice in IPV6 is increasing the size of IP addresses from 32bits to 128 bits change from IPv4 to IPv6 is the length of network addresses. IPv6 addresses are 128 bits long. IPv4 address space contains roughly 4 billion addresses, IPv6 has enough room for 3.4×1038 unique addresses.
IPv6 addresses are so much larger than IPv4 addresses that even using dotted decimal notation becomes problematic. To make addresses shorter, the decision was made in IPv6 to change the primary method of expressing addresses to use hexadecimal instead of decimal. The advantage of this is that it requires fewer characters to represent an address, and that converting from hex to binary and back again is much easier than converting from binary to decimal or vice-versa.
IPv6 addresses are normally written as eight groups of four hexadecimal digits, where each group is separated by a colon (:).
A typical IPv6 address in this notation would appear as follows:
Example: 2001:0DB8:0000:0000:0000::1428:57AB is a valid IPv6 address.
To keep size down, leading zeroes can be suppressed in the notation, so we can immediately reduce this to:
2001:0DB8:0:0:0:1428:57AB
or
2001:0DB8::1428:57AB
or
2001:DB8::1428:57AB
Note: Having more than one double-colon abbreviation in an address is invalid
Network Prefixes
IPv6 pool and are divided into two parts, a network section and a host section. The network section identifies the particular network and the host section identifies the particular node for example, a certain computer on the Local Area Network Allocation
IPv6 networks are written using CIDR (Classless Inter Domain Routing) notation. similar / (forward slash) notation to IPv4 CIDR) which describes the number of contiguous bits used in its netmask. which shows the number of IP addresses contained in that block. Formally this way of writing an address is called an IP prefix but more commonly called the slash format.
For example 2001:0db8:1234::/48 if an Internet Service Provider (ISP) is assigned a “/26” network provides 64 IPv4 addresses. The lower the number after the slash(/), the more addresses contained in that “block”.
An IPv6 network (or subnet) is a contiguous group of IPv6 addresses the size of which must be a power of two; the initial bits of addresses, which are identical for all hosts in the network, are called the network's prefix.
IPv6 Relative Network Sizes
| |  | |
Kinds of IPv6 addresses
IPv6 addresses are divided into 3 categories
- Unicast Addresses – One to One
- Multicast Addresses – One to Many
- Anycast Addresses – One to Closest
Unicast
Identifies a single interface within the scope of the address. (The scope of an IPv6 address is that portion of your network over which this address is unique.) IPv6 packets with unicast destination addresses are delivered to a single interface.Global unicast addresses
- Link-local addresses
- Site-local addresses
- Unique local IPv6 unicast addresses
- Special addresses
Multicast
In IPv6 is similar to the old IPv4 broadcast address a packet sent to a multicast address is delivered to every interface in a group. The IPv6 difference is it's targeted instead of annoying every single host on the segment with broadcast blather, only hosts who are members of the multicast group receive the multicast packets. IPv6 multicast is routable, and routers will not forward multicast packets unless there are members of the multicast groups to forward the packets to. Anyone who has ever suffered from broadcast storms will appreciate this mightily.Multicast addresses begin with the prefix FF00::/8, and their second octet identifies the addresses' scope, i.e. the range over which the multicast address is propagated. Commonly used scopes include link-local (0x2), site-local (0x5) and global (0xE).
Anycast
Identifies multiple interfaces. IPv6 packets with anycast destination addresses are delivered to the nearest interface (measured by routing distance) specified by the address. Currently, anycast addresses are assigned only to routers and can only represent destination addresses.
Special addresses
There are a number of addresses with special meaning in IPv6:
Link local
::/128 – Unspecified This address may only be used as a source address by an initializing host before it has learned its own address.
::1/128 – Loopback This address is used when a host talks to itself over IPv6. This often happens when one program sends data to another.
fe80::/10 - These addresses are used on a single link or a non-routed common access network, such as an Ethernet LAN. They do not need to be unique outside of that
Link-local addresses may appear as the source or destination of an IPv6 packet. Routers must not forward IPv6 packets if the source or destination contains a link local address.
Link-local addresses may appear as the source or destination of an IPv6 packet. Routers must not forward IPv6 packets if the source or destination contains a link local address.
Site local
fc00::/7 Unique Local Addresses (ULAs) These addresses are reserved for local use in home and enterprise environments and are not public address space. These addresses might not be unique, and there is no formal address registration. Packets with these addresses in the source or destination fields are not intended to be routed on the public Internet but are intended to be routed within the enterprise or organization.
IPv4 Mapped
2002::/16 - this prefix is used for 6to4 addressing.
Multicast
- ff00::/8 - The multicast prefix is used for multicast addresses as defined by in "IP Version 6 Addressing Architecture" (RFC 4291).
Used in examples, deprecated, or obsolete
- ::/96 - the zero prefix was used for IPv4-compatible addresses; it is now obsolete.
- 2001:db8::/32 - this prefix is used in documentation (RFC 3849). Anywhere where an example IPv6 address is given, addresses from this prefix should be used.
- fec0::/10 - The site-local prefix specifies that the address is valid only inside the local organization. Its use has been deprecated in September 2004 by RFC 3879 and systems must not support this special type of address.
IPv6 packet
The IPv6 packet is composed of two main parts: the header and the payload.
The header is in the first 40 octets (320 bits) of the packet and contains:
- Version - version 6 (4-bit IP version).
- Traffic class - packet priority (8-bits). Priority values are divided into ranges: traffic where the source provides congestion control and non-congestion control traffic.
- Flow label - QoS management (20 bits). Originally created for giving real-time applications special service, but currently unused.
- Payload length - payload length in bytes (16 bits). When cleared to zero, the option is a "Jumbo payload" (hop-by-hop).
- Next header - Specifies the next encapsulated protocol. The values are compatible with those specified for the IPv4 protocol field (8 bits).
- Hop limit - replaces the time to live field of IPv4 (8 bits).
- Source and destination addresses - 128 bits each.
The Domain Name System (DNS) is fundamental to how name resolution works on both IPv4 and IPv6 networks. On an IPv4 network, host (A) records are used by name servers (DNS servers) to resolve fully qualified domain names (FQDNs) like server1.contoso.com into their associated IP addresses in response to name lookups (name queries) from DNS clients. In addition, reverse lookups-in which IP addresses are resolved into FQDNs-are supported by using pointer (PTR) records in the in-addr.arpa domain.
•Host records for IPv6 hosts are AAAA ("quad-A") records, not A records.
•The domain used for reverse lookups of IPv6 addresses is ip6.arpa, not in-addr.arpa.
Transition mechanisms
Until IPv6 completely supplants IPv4, which is not likely to happen in the foreseeable future, a number of so-called transition mechanisms are needed to enable IPv6-only hosts to reach IPv4 services and to allow isolated IPv6 hosts and networks to reach the IPv6 Internet over the IPv4 infrastructure. Contains an overview of the transition mechanisms mentioned below.
Dual stack
One important mechanism is to allow IPv6 hosts and routers to be implemented in such a way that that supports both IPv4 and IPv6 while sharing most of the code. Such an implementation is called a dual stack or dual IP layer. Most current implementations of IPv6 use a dual stack.
Tunneling
In order to reach the IPv6 Internet, an isolated host or network must be able to use the existing IPv4 infrastructure to carry IPv6 packets. This is done using a technique known as Tunneling, It enables incompatible networks to be bridged, and is usually applied in a point-to-point or sequential manner.
Three mechanisms of tunneling are presented:
IPv6 over IPv4,
IPv6 to IPv4 automatic tunneling,
Tunnel Broker.
which consists of encapsulating IPv6 packets within IPv4, in effect using IPv4 as a link layer for IPv6.
IPv6 packets can be directly encapsulated within IPv4 packets using protocol number 41. They can also be encapsulated within UDP packets e.g. in order to cross a router or NAT device that blocks protocol 41 traffic. They can of course also use generic encapsulation schemes, such as AYIYA or GRE.
Automatic tunneling
Automatic tunneling refers to a technique where the tunnel endpoints are automatically determined by the routing infrastructure. The recommended technique for automatic tunneling is 6to4 tunneling, which uses protocol 41 encapsulation. Tunnel endpoints are determined by using a well-known IPv4 anycast address on the remote side, and embedding IPv4 address information within IPv6 addresses on the local side. 6to4 is widely deployed today.
ISATAP
Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) defines ISATAP addresses used between two nodes running both IPv4 and IPv6 over a private intranet. ISATAP addresses use the locally administered interface ID ::0:5EFE:w.x.y.z in which w.x.y.z is any unicast IPv4 address, public or private. You can combine the ISATAP interface ID with any 64-bit prefix that is valid for IPv6 unicast addresses, including the link-local address prefix (FE80::/64), site-local prefixes, and global prefixes.
Teredo address
The Teredo address is used for communicating between two nodes running both IPv4 and IPv6 over the Internet when one or both of the endpoints are located behind an IPv4 network address translation (NAT) device. You form the Teredo address by combining the 2001::/32 Teredo prefix with the public IPv4 address of a Teredo server and other elements. Teredo is an IPv6 transition technology described in RFC 4380
Tunnel Broker
Configured tunneling is a technique where the tunnel endpoints are configured explicitly, either by a human operator or by an automatic service known as a tunnel broker. Configured tunneling is usually more deterministic and easier to debug than automatic tunneling, and is therefore recommended for large, well-administered networks.
Configured tunneling uses protocol 41 in the Protocol field of the IPv4 packet. This method is also better known as 6in4.
Very Informative nice post yonu
ReplyDelete