Professional Documents
Culture Documents
Rick Graziani
Cabrillo College
Rick.Graziani@cabrillo.edu
For more information please check out my Cisco Press book and video series:
By Rick Graziani
ISBN-10: 1-58714-313-5
By Rick Graziani
ISBN-10: 1-58720-457-6
IPv4
10.1.1.1
10.1.0.2
IPv4
IPv4 was standardized in 1981,
provisioning 4.29 billion (232) IP
addresses for a world population
IPv4 - 1981
= 100,000,000
= 100,000,000
*www.census.gov
IPv4 Addresses
IPv4
Introducing IPv6
Not a new protocol.
Developed mid to late
1990s.
Much learned from IPv4.
128-bit address space,
written in hexadecimal.
This gives us 340
undecillion addresses!
2001:DB8:CAFE:0001::100
128 bits
128 bits
340 undecillion
= 340,282,366,920,938,463,463,374,607,431,768,211,456
IPv6
How many is 340 undecillion?
340 undecillion addresses is 10
nonillion addresses per person!
Internet is a much different place
and will continue to evolve:
Mobile devices
Video on demand
Internet of Everything
A critical part in how we live,
work, play, and learn.
10 nonillion
= 10,000,000,000,000,000,000,000,000,000,000
IPv6
IPv6 is not just about more
addresses:
Stateless autoconfiguration
End-to-end reachability without
private addresses and NAT
Better support for mobility
Peer-to-peer networking easier to
create and maintain, and
services such as VoIP and
Quality of Service (QoS) become
more robust.
1993, IETF announced a call for white papers with RFC 1550
IP: Next Generation (IPng) White Paper Solicitation.
IETF chose Simple Internet Protocol Plus (SIPP) written by
Steve Deering, Paul Francis, and Bob Hinden but changed the
address size from 64 bits to 128 bits.
1995, IETF published RFC 1883 Internet Protocol, Version 6
(IPv6) Specification - later obsoleted by RFC 2460 in 1998.
RFC 1190
Source: www.potaroo.net/tools/ipv4
Note: APNIC and RIPE are not completely out of addresses
but they are very restrictive on allocation of addresses.
Internet of
Everything
NAT
Customer Network
192.168.1.0/24
Internet
Public IPv4
(RFC 1918)
NAT has been used to help hide customers and works for many clientinitiated applications.
However, NAT also creates some issues, like peer-to-peer networking
and accessing our hidden systems from other networks.
Using NAT to hide IPv6 networks has been the source of some
debate.
IETF continues to state that NAT is not a security feature.
Benefits of IPv6
Transitioning to IPv6?
IPv4 and IPv6 will coexist for
the foreseeable future.
Dual-stack Device running
both IPv4 and IPv6.
Enterprises and ISPs have to
support both protocols, which
is a reason to eventually go to
only IPv6.
IPv4 IPv6
Happy Eyeballs
IPv4
IPv6
Query
Query A
A record?
record?
www.facebook.com
www.facebook.com
Connect
Connect to:
to:
31.13.77.65
31.13.77.65
Query
Query AAAA
AAAA record?
record?
www.facebook.com
www.facebook.com
Connect
Connect to:
to:
2a03:2880:f016:401:face:b00c:01:1
2a03:2880:f016:401:face:b00c:01:1
GET
GET HTTP/1.1
HTTP/1.1
www.facebook.com
www.facebook.com
User:
User:
www.facebook.com
www.facebook.com
Retrieve
Retrieve and
and display
display
First come, first served
Attempt
Attempt IPv4
IPv4 lookup
lookup and
and
connect
connect
300ms
300ms
TIME
TIME
Transitioning to IPv6
RS
IPv4
IPv6
R1
Here is an
IPv6 prefix
and
gateway
Rogue
RA
IPv4
IPv6
I need an
IPv6 prefix
Similar fields
IPv6 Version
IPv4
IPv6
IPv4
1
2
3
4
5
?
IPv6
8 bytes
8 bytes
40 bytes =
8 bytes
8 bytes
8 bytes
IPv4
IPv6
7
IP Precedence
Unsused
IP ECN
IPv4
New field in IPv6 not part of IPv4.
Flow label is used to identify the packets in a common stream or flow.
Traffic from source to destination share a common flow label.
RFC 6437 IPv6 Flow Label Specification
11001011000101100
10110010111000111
IPv6
IPv4 Header
Data (Payload)
IPv4
IPv6
Payload
IPv6 Header
IPv6 Extension
Header (Optional)
Data
IPv4 Fragmentation
IPv4
IPv6
Data
(Protocol: TCP, UDP, ICMPv6, etc.)
IPv4
IPv4
IPv6
IPv4
IPv4
40 bytes =
Next
Header
Extension
Header
Next
Header
Data
(Protocol: TCP, UDP, ICMPv6, etc.)
Extension Header
Name
Hop-by-Hop Options
43
Routing
Allows the source of the packet to specify the path to the destination.
44
Fragment
50
Encapsulating
Security Payload
(ESP)
51
Authentication Header
(AH)
60
Destination Options
IPv6 Main
Header
Next
Header
Hop-by-Hop
Extension
Header
Next
Header
51
AH Extension
Header
Next
Header
TCP
Header
Data
More details in
Lessons 3, 4, 5 & 6
Unicast
Multicast
Assigned
FF00::/8
Anycast
Solicited Node
FF02::1:FF00:0000/104
Global
Unicast
Link-Local
Loopback
Unspecified
Unique
Local
Embedded
IPv4
2000::/3
FE80::/10
::1/128
::/128
FC00::/7
::/80
ICMPv6
Internet Control Message Protocol for IPv6
Header
Header
58
ICMPv6
Header
Data
Router-Device
Router-Device
Messaging
Messaging
Device-Device
Device-Device
Messaging
Messaging
Redirect Message
Similar to ICMPv4 redirect message
Router-to-Device messaging
Router-Device
Router-Device
Messaging
Messaging
Device-Device
Device-Device
Messaging
Messaging
Redirect Message
Similar to ICMPv4 redirect message
Router-to-Device messaging
1
2
II need
need IPv4
IPv4
addressing
addressing
information.
information.
Here
Here is
is everything
everything
you
you need.
need.
II might
might not
not be
be
needed.
needed.
ICMPv6
ICMPv6 Router
Router Solicitation
Solicitation
DHCPv6 Server
To
To all
all IPv6
IPv6 devices:
devices:
Let
Let me
me tell
tell you
you how
how
to
to do
do this
this
ICMPv6
ICMPv6 Router
Router Advertisement
Advertisement
1. SLAAC
2. SLAAC with
Stateless DHCPv6
SLAAC
(Stateless Address Autoconfiguration)
Router Solicitations
Router Advertisements
3. Stateful DHCPv6
Router-Device
Router-Device
Messaging
Messaging
Device-Device
Device-Device
Messaging
Messaging
Redirect Message
Similar to ICMPv4 redirect message
Router-to-Device messaging
Ethernet
ARP Request/Reply
ARP
Cache
My
My IPv4!
IPv4!
Here
Here is
is the
the
MAC?
MAC?
PCB
2
2
1
1
ARP
ARP Reply
Reply
ARP
ARP Request
Request
2
2
My
My IPv6!
IPv6!
Here
Here is
is the
the
MAC?
MAC?
Neighbor
Neighbor
Solicitation
Solicitation
Neighbor
Neighbor
Advertisement
Advertisement
Ethernet
IPv6 Header
PCA
1
1
Neighbor
Cache
Know
Know
IPv4,
IPv4, what
what
is
the
is the
MAC?
MAC?
Know
Know
IPv6,
IPv6, what
what
is
the
is the
MAC?
MAC?
Neighbor Solicitations
Neighbor Advertisements
Redirect Message
ICMPv6 Neighbor Discovery defines 5 different packet types:
Router Solicitation Message
Router Advertisement Message
Used with dynamic address allocation
Router-Device
Router-Device
Messaging
Messaging
Device-Device
Device-Device
Messaging
Messaging
Redirect Message
Similar to ICMPv4 redirect message
Router-to-Device messaging
ICMPv6 Redirect
Network X
R1
R2
Destination:
Network
PCB
X Host
IPv6
Network A PCA
PCB
IPv6
Network B
Router-Device
Router-Device
Messaging
Messaging
Device-Device
Device-Device
Messaging
Messaging
Redirect Message
Similar to ICMPv4 redirect message
Router-to-Device messaging
Hexadecimal: 16 digits
Decimal
10 digits,
starting with 0
Hexadecimal
16 digits,
starting with 0
Dec
0
1
2
3
4
5
6
7
Hex
0
1
2
3
4
5
6
7
Dec
8
9
10
11
12
13
14
15
Hex
8
9
A
B
C
D
E
F
2001:0DB8:AAAA:1111:0000:0000:0000:0100
2001 : 0DB8 : AAAA : 1111 : 0000 : 0000 : 0000 : 0100
16 bits
1
16 bits
2
16 bits
3
16 bits
4
16 bits
5
16 bits
6
16 bits
7
16 bits
8
Number of IPv6
Addresses
IPv4
4.3 billion
IPv4 addresses:
4.3 billion
IPv6 addresses:
340 undecillion
Number name
Scientific
Notation
1 Thousand
10
1,000
1 Million
10
1,000,000
1 Billion
10
1,000,000,000
1 Trillion
10
12
1,000,000,000,000
1 Quadrillion
10
15
1,000,000,000,000,000
1 Quintillion
10
18
1,000,000,000,000,000,000
1 Sextillion
10
21
1,000,000,000,000,000,000,000
1 Septillion
10
24
1,000,000,000,000,000,000,000,000
1 Octillion
10
27
1,000,000,000,000,000,000,000,000,000
1 Nonillion
10
30
1,000,000,000,000,000,000,000,000,000,000
Number of zeros
33
1,000,000,000,000,000,000,000,000,000,000,000
1 Decillion
10
340,282,366,920,938,463,463,374,607,431,768,211,456
IPv6
340 undecillion
1 Undecillion
10
36
1,000,000,000,000,000,000,000,000,000,000,000,00
0
2001:0DB8:0001:1000:0000:0000:0ef0:bc00
2001:DB8:1:1000:0:0:ef0:bc00
2001:0DB8:010d:000a:00dd:c000:e000:0001
2001:DB8:10d:a:dd:c000:e000:1
2001:0DB8:0000:0000:0000:0000:0000:0500
2001:DB8:0:0:0:0:0:500
?
2001:0DB8:ab:1234:5678:9abcd:ef12:3456
2001:0DB8:00ab:1234:5678:9abcd:ef12:3456
2001:0DB8:ab00:1234:5678:9abcd:ef12:3456
2001:0DB8:0ab0:1234:5678:9abcd:ef12:3456
Second rule
First rule
2001:0DB8:1000:0000:0000:0000:0000:0001
2001:DB8:1000::1
2001:DB8:1000::1
2001:DB8:0000:0000:1234:0000:0000:5678
RFC 5952
2001:DB8::1234:0:0:5678
or
2001:DB8:0:0:1234::5678
RFC 5952 states that the longest string of zeroes must be replaced with the :: and if they
are equal then the first string of 0s should use the :: representation.
Maximum reduction of the address is known as the compressed format.
2001:DB8::1234::5678
2001:DB8:0000:0000:0000:1234:0000:5678
2001:DB8:0000:0000:1234:0000:0000:5678
2001:DB8:0000:1234:0000:0000:0000:5678
Network portion
Prefix
PrefixSubnet
BinaryMaskLengthMask
11111111000000000000000000000000/8255.0.0.0
11111111100000000000000000000000/9255.128.0.0
11111111110000000000000000000000/10255.192.0.0
11111111111000000000000000000000/11255.224.0.0
11111111111100000000000000000000/12255.240.0.0
11111111111110000000000000000000/13255.248.0.0
Host portion
11111111111111000000000000000000/14255.252.0.0
11111111111111100000000000000000/15255.254.0.0
11111111111111110000000000000000/16255.255.0.0
11111111111111111000000000000000/17255.255.128.0
11111111111111111100000000000000/18255.255.192.0
bits
11111111111111111110000000000000/19255.255.224.0
11111111111111111111000000000000/20255.255.240.0
11111111111111111111100000000000/21255.255.248.0
11111111111111111111110000000000/22255.255.252.0
11111111111111111111111000000000/23255.255.254.0
11111111111111111111111100000000/24255.255.255.0
11111111111111111111111110000000/25255.255.255.128
11111111111111111111111111000000/26255.255.255.192
11111111111111111111111111100000/27255.255.255.224
11111111111111111111111111110000/28255.255.255.240
11111111111111111111111111111000/29255.255.255.248
11111111111111111111111111111100/30255.255.255.252
11111111111111111111111111111110/31255.255.255.254
11111111111111111111111111111111/32255.255.255.255
Prefix
Interface ID
2001:0DB8:0000:0000:0000:0000:0000:0001
Prefix length /32
/48/52
/56
/64
/60
bits
0000
Prefix
Interface ID
2001:0DB8:0000:0000:0000:0000:0000:0001
Prefix length
/62
/64
/60
Unicast
Lesson 4
Multicast
Lesson 5
Anycast
Assigned
Solicited Node
FF00::/8
FF02::1:FF00:0000/104
Global
Unicast
Link-Local
Loopback
Unspecified
Unique
Local
Embedded
IPv4
2000::/3
FE80::/10
::1/128
::/128
FC00::/7
::/80
IPv4
IPv6
Unicast Addresses
IPv6 Internet
Unicast Addresses
Unicast Addresses
Loopback Address
::1/128
Used by a node to send an IPv6 packet to itself, typically when testing the
TCP/IP stack
Same functionality as IPv4 loopback 127.0.0.1
Not routable.
Unspecified Address
:: (all-0s)
Indicates the absence or anonymity of an IPv6 address (RS source address)
Used as a source IPv6 address during duplicate address detection process
Unicast Addresses
Note: Site local addresses (FEC0::/10)
has been deprecated.
Unicast Addresses
All 0s
96 bits
IPv4 Address
32 bits
Multicast Addresses
Multicast Addresses
Much more in Lesson 6 Multicast Addresses
Anycast Addresses
Best path selected
by router
2001:DB8:A:B::1
2001:DB8:A:B::1
2001:DB8:A:B::1
Anycast Address
A unicast address that is assigned to more than one interface (typically
different devices).
Similar to IPv4 anycast, a packet sent to an anycast address is routed to
the nearest interface having that address, according to the routers
routing table
Unicast
Lesson 4
Lesson 5
Multicast
Anycast
Assigned
Solicited Node
FF00::/8
FF02::1:FF00:0000/104
Global
Unicast
Link-Local
Loopback
Unspecified
Unique
Local
Embedded
IPv4
2000::/3
FE80::/10
::1/128
::/128
FC00::/7
::/80
Multicast
Anycast
Assigned
Solicited Node
FF00::/8
FF02::1:FF00:0000/104
Global
Unicast
Link-Local
Loopback
Unspecified
Unique
Local
Embedded
IPv4
2000::/3
FE80::/10
::1/128
::/128
FC00::/7
::/80
IPv4
IPv6
Range:
2000:
3FFF:
Interface ID
First hextet
Interface ID
Range:
2000::/64 thru 3fff:fff:fff:fff::/64
Except under very specific circumstances, all end users will have a
global unicast address.
Note: A host (an interface) can potentially have multiple IPv6
addresses on the same or different networks.
Terminology:
Prefix equivalent to the network address of an IPv4 address
Prefix length equivalent to subnet mask in IPv4
Interface ID equivalent to host portion of an IPv4 address
/?
Subnet portion Host portion
32 bits
IPv6 Global Unicast Address
/64
/48
16-bit
Global Routing Prefix
Subnet ID
Interface ID
128 bits
16 bits
16 bits
/64
16 bits
16 bits
16 bits
16 bits
16 bits
Interface ID
Subnetting IPv6
Can you count in hex?
Just increment by 1 in Hexadecimal:
2001:0DB8:CAFE:0000::/64
2001:0DB8:CAFE:0001::/64
2001:0DB8:CAFE:0002::/64 ...
2001:0DB8:CAFE:0009::/64
3-1-4 Rule
2001:0DB8:CAFE:000A::/64
Valid abbreviation is to remove the leading 0s:
2001:DB8:CAFE:1::/64
/80
/64
/48
48-bit
16-bit Fixed
32-bit
Subnet
ID
Global Routing Prefix
Interface
ID
Interface
ID
Subnet ID
Prefix
Note:
It Global
is highly
recommendedSubnet-ID
to NOT subnet into
the /64
Routing Prefix
Interface ID
interface ID portion of the address to configure subnets.
0DB8exception
: CAFE : 0000
: 0000
: 0000
: 0000infrastructure
: 0000
2001
The:only
would
be for
network
2001
: 0DB8 : CAFE :
0000 router-to-switch
: 0001 : 0000 : 0000
: 0000
(router-to-router
links,
links,
etc.).
2001 : 0DB8 : CAFE : 0000 : 0002 : 0000 : 0000 : 0000
Networks with an
end system attached should be a /64.
thru
2001 : 0DB8 : CAFE : FFFF : FFFE : 0000 : 0000 : 0000
2001 : 0DB8 : CAFE : FFFF : FFFF : 0000 : 0000 : 0000
/48
Global Routing Prefix
Subnet ID
20 bits
Interface ID
60 bits
/68 Prefix
/48
Global Routing Prefix
Subnet ID
Interface ID
58 bits
22 bits
/70 Prefix
Binary
2001:0DB8:CAFE:0000:0000::/70
0000
2001:0DB8:CAFE:0000:0400::/70
0100
2001:0DB8:CAFE:0000:0800::/70
1000
2001:0DB8:CAF:0000:0C00::/70
1100
Four Bits:
Two leftmost bits:
Subnet-ID
/48
Global Routing Prefix
Subnet ID
79 bits
1bit
/48
Global Routing Prefix
F001
F000
Subnet ID
79 bits
2001:DB8:CAFE:F000::/64
2001:DB8:CAFE:F000::0/127
2001:DB8:CAFE:F000::1/127
2001:DB8:CAFE:F002::/64
2001:DB8:CAFE:F003::/64
And so on...
2001:DB8:CAFE:F001::/64
000
3 bits 1bit
0 or 1
All 0s ::
can be
confusing
2001:DB8:CAFE:F001::0/127
2001:DB8:CAFE:F001::1/127
/48
Global Routing Prefix
F001
F000
Subnet ID
79 bits
2001:DB8:CAFE:F000::/64
2001:DB8:CAFE:F000::A/127
101
3 bits 1bit
0 or 1
2001:DB8:CAFE:F000::B/127
2001:DB8:CAFE:F001::/64
2001:DB8:CAFE:F001::A/127
2001:DB8:CAFE:F001::B/127
/64
Subnet
Sub
ID
Interface ID
*RIR
*ISP Prefix
*Site Prefix
Possible Home Site Prefix
Internet Service
Provider
Subnet Prefix
* This is a minimum allocation. The prefix-length may be shorter if it can be justified.
2001:DB8:0000:0000:0000:0000:0000:0000
64-bit Interface ID
/60 = 16 /64s
/56 = 256 /64s
/52 = 4,096 /64s
/48 = 65,536 /64s (Many sites will get this prefix length)
/44 = 1,048,576 /64s
/40 = 16,777,216 /64s
/36 = 268,435,456 /64s
/32
/48
ISP
Subnet
ID
Interface ID
Dynamic
Stateless
Static
IPv6
unnumbered
Similar to IPv4 unnumbered
Static + EUI 64
Stateful
SLAAC
DHCPv6
SLAAC +
DHCPv6
DHCPv6-PD
Static GUA
Configuration
2001:DB8:CAFE:1::/64
:100
:100
A
B
G0/0
:1
:1
G0/1
2001:DB8:CAFE:3::/64
R1
:1
S0/0/0
2001:DB8:CAFE:2::/64
No space
Static GUA
Configuration
2001:DB8:CAFE:1::/64
:100
:100
A
B
G0/0
:1
:1
G0/1
2001:DB8:CAFE:3::/64
R1
:1
S0/0/0
2001:DB8:CAFE:2::/64
Verifying
Address Using
Running
Configuration
2001:DB8:CAFE:1::/64
:100
:100
A
B
G0/0
:1
:1
G0/0
2001:DB8:CAFE:3::/64
R1
:1
S0/0/0
2001:DB8:CAFE:2::/64
R1# show
running-config
IPv6 address
from
from
from
from
2001:db8:cafe:1::1:
2001:db8:cafe:1::1:
2001:db8:cafe:1::1:
2001:db8:cafe:1::1:
time=1ms
time=1ms
time=1ms
time=1ms
EUI-64
Manual
Dynamic
Stateless
Static
IPv6
unnumbered
Similar to IPv4 unnumbered
Static + EUI 64
Stateful
SLAAC
DHCPv6
SLAAC +
DHCPv6
DHCPv6-PD
R1
G0/1
2001:DB8:CAFE:99::/64
00
03
6B
E9
D4
80
Insert FF-FE
00
03
6B
FF
FE
E9
D4
80
00
03
6B
FF
FE
E9
D4
80
FF
FE
E9
D4
80
0000 0010
0000
02
03
6B
64-bit Interface
R1#showipv6interfacegigabitethernet0/1
ID using EUI-64
GigabitEthernet0/1isup,lineprotocolisup
IPv6isenabled,linklocaladdressisFE80::203:6BFF:FEE9:D480
Globalunicastaddress(es):
EUI-64: 48-bit MAC address
2001:DB8:CAFE:99:203:6BFF:FEE9:D480,
subnetis2001:DB8:CAFE:99::/64
with FFFE (16 bits) inserted
<outputomitted>
and 7th bit flipped
and DHCPv6)
(SLAAC
Dynamic
Stateless
Static
IPv6
unnumbered
Similar to IPv4 unnumbered
Static + EUI 64
Stateful
SLAAC
DHCPv6
SLAAC +
DHCPv6
DHCPv6-PD
DHCP Server
DHCP Client
Here is your IPv4
address, subnet mask,
default gateway and
DNS server addresses.
ICMPv6
Internet Control Message
Protocol for IPv6
Router-Device
Router-Device
Messaging
Messaging
Device-Device
Device-Device
Messaging
Messaging
Multicast: To all
IPv6 routers, I need
IPv6 address
information
DHCPv6
Server
DHCPv6
Server
DHCPv6
DHCPv6 Server
RA
RA
Manual
Lesson 7
Dynamic
Stateless
Static
IPv6
unnumbered
Similar to IPv4 unnumbered
Static + EUI 64
Stateful
SLAAC
DHCPv6
SLAAC +
DHCPv6
DHCPv6-PD
Lesson 8
ICMPv6 Lesson 9
ICMPv6 Neighbor Discovery including packet captures Lesson 10
For more information please check out my Cisco Press book and video series:
By Rick Graziani
ISBN-10: 1-58714-313-5
By Rick Graziani
ISBN-10: 1-58720-457-6