IP version 6
IP version 6 (IPv6), the replacement protocol for IPv4, is well known for a couple of reasons.
IP version 6 (IPv6), the replacement protocol for IPv4, is well known for a couple of reasons.
IPv6 provides the ultimate solution for the problem of running out of IPv4
addresses in the global Internet by using a 128-bit address.
addresses in the global Internet by using a 128-bit address.
However, IPv6 hasbeen the ultimate long-term solution for over ten years, in part because the interim
solutions, including Network Address Translation/Port Address Translation (NAT/PAT),
have thankfully delayed the day in which we truly run out of public unicast IP addresses.
solutions, including Network Address Translation/Port Address Translation (NAT/PAT),
have thankfully delayed the day in which we truly run out of public unicast IP addresses.
Foundation Topics
The two biggest reasons why networks might migrate to IPv6 are the need for more
addresses and mandates from government organizations, at least IPv6 includes some
attractive features and migration tools.
addresses and mandates from government organizations, at least IPv6 includes some
attractive features and migration tools.
Some of those advantages are as follows:
- Address assignment features: IPv6 address assignment allows easier renumbering,
dynamic allocation, and recovery of addresses, with nice features for mobile devices
to move around and keep their IP address (thereby avoiding having to close and reopen
an application). - Aggregation: IPv6’s huge address space makes for much easier aggregation of blocks of addresses in the Internet.
- No need for NAT/PAT: Using publicly registered unique addresses on all devices
removes the need for NAT/PAT, which also avoids some of the application layer and
VPN-tunneling issues caused by NAT. - IPsec: IPsec works with both IPv4 and IPv6, but it is required on IPv6 hosts, so you
can rely on support for IPsec as needed for VPN tunneling. - Header improvements: While it might seem like a small issue, the IPv6 header
improves several things compared to IPv4. In particular, routers do not need to
recalculate a header checksum for every packet, reducing per-packet overhead.
Additionally, the header includes a flow label that allows easy identification of packets
sent over the same single TCP or User Datagram Protocol (UDP) connection. - Transition tools: As is covered in the last major section of this chapter, IPv6 has many tools to help with the transition from IPv4 to IPv6.
Global Unicast Addressing, Routing, and Subnetting
The address assignment strategy for IPv6 is elegant, but simple, and can be roughly
summarized as follows:
■ Public IPv6 addresses are grouped (numerically) by major geographic region.
■ Inside each region, the address space is further subdivided by ISP inside that region.
■ Inside each ISP in a region, the address space is further subdivided for each customer.
The same organizations handle this address assignment for IPv6 as for IPv4.
The Internet Corporation for Assigned Network Numbers (ICANN, http://www.icann.org) owns the process.
ICANN assigns one or more IPv6 address ranges to each Regional Internet Registry (RIR), of which five exist at the time of publication, roughly covering North America, Central/South America, Europe, Asia/Pacific, and Africa.
These RIRs then subdivide their assigned address space into smaller portions, assigning prefixes to different ISPs and other smaller registries, with the ISPs then assigning even smaller ranges of addresses to their customers.
NOTE:The Internet Assigned Numbers Authority (IANA) formerly owned the address
assignment process, but it was transitioned to ICANN.
The IPv6 global address assignment plan results in more efficient routing, as shown in
Figure 17-1. The figure shows a fictitious company (Company1) that has been assigned an
IPv6 prefix by a fictitious ISP, NA-ISP1 (standing for North American ISP number 1). The
figure lists the American Registry for Internet Numbers (ARIN), which is the RIR for North America.
As shown in the figure, the routers installed by ISPs in other major geographies of the world
can have a single route that matches all IPv6 addresses in North America. While hundreds
of ISPs might be operating in north America, and hundreds of thousands of enterprise
customers of those ISPs, and tens of millions of individual customers of those ISPs, all the
public IPv6 addresses can be from one (or a few) very large address blocks—requiring only
one (or a few) routes on the Internet routers in other parts of the world. Similarly, routers inside other ISPs in North America (for example, NA-ISP2, indicating North American ISP
number 2 in the figure) can have one route that matches all address ranges assigned to NAISP2.
And the routers inside NA-ISP1 just need to have one route that matches the entire
address range assigned to Company1, rather than needing to know about all the subnets
inside Company1.
Besides keeping the routers’ routing table much smaller, this process also results in fewer
changes to Internet routing tables.
For example, if NA-ISP1 signed a service contract with another enterprise customer, NA-ISP1 could assign another prefix inside the range of addresses already assigned to NA-ISP1 by ARIN.
The routers outside NA-ISP1’s network—the majority of the Internet—do not need to know any new routes, because their
existing routes already match the address range assigned to the new customer. The NAISP2
routers (another ISP) already have a route that matches the entire address range
assigned to NA-ISP1, so they do not need any more routes.
Likewise, the routers in ISPs in Europe and South America already have a route that works as well.
While the general concept might not be too difficult, a specific example can help.
Before seeing a specific example, however, it helps to know a bit about how IPv6 addresses and prefixes are written.
Conventions for Representing IPv6 Addresses
IPv6 conventions use :
IPv6 conventions use :
- 32 hexadecimal numbers
- organized into 8 quartets of 4 hex separated by a colon, to represent a 128-bit IPv6 address.
To make things a little easier, two conventions allow you to shorten what must be typed for an IPv6 address:
■ Omit the leading 0s in any given quartet.
■ Represent 1 or more consecutive quartets of all hex 0s with a double colon (::), but only
for one such occurrence in a given address.
Example:
The bold digits represent digits in which theaddress could be abbreviated
FE00:0000:0000:0001:0000:0000:0000:0056
The following two options:
■ FE00::1:0:0:0:56
■ FE00:0:0:1::56
In particular, note that the :: abbreviation, meaning “one or more quartets of all 0s,” cannot be used twice, because that would be ambiguous. So, the abbreviation FE00::1::56 would not be valid.
Conventions for Writing IPv6 Prefixes
IPv6 prefixes represent a range or block of consecutive IPv6 addresses.The number that represents the range of addresses, called a prefix, is usually seen in IP routing tables, just like you see IP subnet numbers in IPv4 routing tables.
Thinking about IPv4 addressing as classful addresses helps to fully understand some issues
in networking.
With classful addressing, for example, the written value 128.107.3.0/24 means 16 network bits (because the address is in a Class B network) and 8 host bits (because the mask has 8 binary 0s), leaving 8 subnet bits.
The same value, interpreted withclassless rules, means prefix 128.107.3.0, prefix length 24. Same subnet/prefix, same meaning, same router operation, same configuration—it’s just two different ways to think about the meaning of the numbers.
IPv6 uses a classless view of addressing, with no concept of classful addressing. Like IPv4,
IPv6 prefixes list some value, a slash, and then a numeric prefix length. Like IPv4 prefixes,
the last part of the number, beyond the length of the prefix, is represented by binary 0s. And
finally, IPv6 prefix numbers can be abbreviated with the same rules as IPv4 addresses.
Example:
Consider the following IPv6 address that is assigned to a host on a LAN:
2000:1234:5678:9ABC:1234:5678:9ABC:1111/64
This value represents the full 128-bit IP address; in fact, you have no opportunities to abbreviate
this address.
However, the /64 means that the prefix (subnet) in which this address resides is the
subnet that includes all addresses that begin with the same first 64 bits as the address.
Conceptually, it is the same logic as an IPv4 address.
For example, address 128.107.3.1/24 is in the prefix (subnet) whose first 24 bits are the same values as address 128.107.3.1.
Like with IPv4, when writing or typing a prefix, the bits past the end of the prefix length are all binary 0s.
In the IPv6 address shown previously, the prefix in which the addressresides would be as follows:
2000:1234:5678:9ABC:0000:0000:0000:0000/64
When abbreviated, this would be:
2000:1234:5678:9ABC::/64
Example:
If the address just shown with a /64 prefix length instead had a /56 prefix length, the prefix would include all
the first 3 quartets (a total of 48 bits), plus the first 8 bits of the fourth octet.
The last 8 bits (last 2 hex digits) of the fourth octet should now be binary 0s.
So, by convention, the rest of the fourth octet should be written, after being set to binary 0s, as follows:
2000:1234:5678:9A00::/56
How to write IPv6 prefixes:
■ The prefix has the same value as the IP addresses in the group for the first number of
bits, as defined by the prefix length.
■ Any bits after the prefix-length number of bits are binary 0s.
■ The prefix can be abbreviated with the same rules as IPv6 addresses.
■ If the prefix length is not on a quartet boundary, write down the value for the entire
quartet.
