Saturday, March 28, 2015

IPv6 notes. IPv6 packet structure.

IPv6 packet format notes.

 IPv6 vs IPv4 differences

- address became 128 bit long
- no more fragmentation ( no fragment ID, flag, fragment ofset) fragmentation is done by the traffic source using the Path MTU discovery
- no more header checksum ( remains link-layer and transport layer checksum)
- new role for multicast addressing ("scop" field )
- anycast addresses
- autoconfiguraton of address
- header format simplification
- flexibility in using header options
- a new capability to label packets belonging to different flows with "flow label" field
- extension to support authentication and data integrity

Header structure.


IPv6 header fields

IPv6 packet header has a fixed 40-byte length. The data payload following the IPv6 header represents either the upper layer protocol or extension header chain (IPv6 options).

Version

This 8 bit length field shows us what IP protocol version is used. 

Traffic Class

This field is used to carry QOS information (the same way as IPv4)


Flow Label

Is defined in RFC 6437. Allows to separate different flows from single source to particular destination. I haven't seen any real examples of using this field nowadays, always set to zero.

Payload length

Shows us the length of the payload with all extension headers. 16-bit long field.


Next header

This 8-bit field is the pointer that shows us what upper layer protocol or extension header is following the IPv6 header.


Hop limit

This 8-bit field have replaced TTL field and plays the same role.


SA/DA

Source and destination IPv6 addresses. 128-bit long fields.


IPv6 Extensions


As described above there can be inserted an extension header chain between the IPv6 header and upper layer protocol header. The number of extension headers and it's size is limited only by MTU. All extension headers are align in 8-byte boundaries. All IPv6 extensions have TLV format (Type Length Value, where "Type" - is a pointer to the next extension header type).
There are several extension headers and here are some of them:

 Hop-by-hop extension

Identified by the ipv6  "Next header" value 0 . The order of chaining of extension header can be various but there is the rule that says that Hop-By-hop extension should be the first extension header because this header should be decoded by every node on the way of a packet containing this EH  (Extension Header). This extension can be used to provide information that should be processed by all routers (for example some forwarding instructions, using Jumbogramms)

Routing header

Identified by the ipv6  "Next header" value 43. This extension carries information similar to IPv4 Loose Source and Record Route options. Field contains the ordered list of router addresses that must be visited by the packet on the way to the destination.

Destination options

Identified by the ipv6  "Next header" value 60 . This header is used to  carry option information to the packet's destination only.

Fragment header

Identified by the ipv6  "Next header" value 44. This extension  is used to send a packet larger then Path MTU. Here you can find such fields as a "Fragment offset", "Identification" and "More flag" that usually you can find in IPv4 packet. Note, that fragmentation can be done only by the source of a packet.

 Authentication header

Identified by the ipv6  "Next header" value 51. The same as authentication data as in IPsec provides data protection.


IPv6 packet fully described in RFC2640.

Tuesday, March 24, 2015

IPv6 notes. Addressing.

 Addressing 


First every network engineer should know about IPv6 is the  IPv6 addressing.
Here some of them:
     IPv6 addresses can be Unicast, Anycasy and Multicast.

     Unicast 

Unicast address is the identifier of a single interface. Each packet sent to unicast address will be delivered to only one interface.

     Anycast 

Anycast address is the identifier for a set of interfaces(different nodes). Each packet sent to anycast address will be delivered to the "nearest" based on the routing protocol metric. Anycast addresses are taken from unicast addresses spaces.

      Multicast

Multicast address is the identifier of a set of interfaces(different nodes). Each packet sent to multicast address will be delivered to multiple interfaces which "listen" to this multicast address.

     There are no broadcast addresses in IPv6 protocol. 

     Every IPv6 interface can have multiple IPv6 addresses of any type or scope(unicast, anycast, multicast). All interfaces are required to have at least one link-local address.

     IPv6 address has a form x:x:x:x : x:x:x:x where "x"s are 1-4 hex digits (128 bits or 16 bytes at all)
     Examples:
 2001:1234:5678:9101:1121:3141:5161:7181
 2001:1234:5678:9101:0:0:5161:7181
 2001:0:0:1:0:0:0:7181
 2001:0:0:1::7181
     Here are some rules that help you make IPv6 address shorter:
      "Leading zeros" rule that says, that it is not necessary to write leading zeros in an individual field (see Example), to indicate one or more groups of 16 zero bits you can use "::" (see Example). You should remember that you can set "::" symbol only one time to show all zeros 16 bit field. You can not write IPv6 address mentioned above as 2001::1::7181 because it will be impossible to recognize the address and you can's say how match zeros you replaced by "::" symbol.
     Also you there are some form of IPv6 addresses ( within a mixed IPv4 and  IPv6 environment) x:x:x:x:x:x:d.d.d.d where "d" is a decimal ipv4 address field and "x" is a hexadecimal values.
     Examples:
 0:0:0:0:0:0:192.168.1.2             --> ::192.168.1.2
 0:0:0:0:0:FFFF:192.168.1.2        --> ::FFFF:192.168.1.2 

     IPv6 prefix can be written as IPv4 prefix <ipv6-address>/<prefix-length>
     Examples:
 FE80::1/64
 2001:1:2::1/48

    It is possible to identify address type by the high-order bits of the address:




IPv6 address can be represented as follows:






Here is IPv6 address represented as subnet prefix and host portion (as ipv4 CIDR): 







Interface Identifier (Interface ID)

 - identifies each router interface on a link. It is required for node to have unique 64-bit interface ID on a different links. For example: if  nodes within the site will be given the same global unique prefix ( global unicast address )  it required to have unique interface ID's in case getting global unicast address by stateless dhcp ("ipv6 address autoconfiguration" command). You can assign interface ID manually to interface or using EUI-64.

EUI-64

EIU-64 global identifier format of ipv6 address is ieee standard  which describe how to get interface identifier using link-layer address (http://standards.ieee.org/develop/regauth/tut/eui64.pdf) 




Unicast addresses:

unspecified 

0:0:0:0:0:0:0:0 - indicates the absence of an address. This address can not be the source address, can not be manually assigned to interface.

loopback

0:0:0:0:0:0:0:1 - loopback address may be used by a node to send ipv6 packets to itself. This address must never be forwarded by an ipv6 router. A packet received on interface with a destination address of loopback must be dropped

global unicast

Global uncast address have the next forms:
the general format of Global IPv6 unicast address 


 rfc 4291 (ipv6 address architecture) required address format:
RFC 4291 requires that all addresses, except those that start with binary value "000" (ipv6 addresses with embedded ipv4 addresses) have Interface ID that are 64-bit long  and to be constructed in Modified EUI-64 format.  







2000::/3 (prefix begins with "001" 2000::/3- 3FFF::/3)  is example of Global unicast prefix delegated by IANA (https://www.iana.org/about).







link-local

Link-local addresses are designed to address single local link of a node for interaction between nodes within a link scope such a autoconfiguration or neighbor discovery. Link-local addresses are not routed and router must not forward such a packets that have source or destination link-local addresses 
Link-local address format:
          
          FE80::/64


site local

Prefix FEC0::/10. Site local addresses are now deprecated and must no longer be supported. 

unique-local (ULA)

Prefix FC00::/7 (now used the upper half FD00/8) - comparable the ipv4 private addressing. ULA's are routable only within the routing domain, but not in the global Internet.


where prefix is FC00::/7, L - set to 1 means that prefix is locally assigned, Global ID is the globally unique prefix, Subnet ID identifies a subnet within the site. 


IPv6 addresses with embedded ipv4 addresses

- ipv4 to ipv6 compatible (deprecated)
     ::/96 addresses ::x.x.x.x where x - are ipv4 octets.     
- ipv4 to ipv6 mapping
     ::FFFF:0:0
 ::FFFF:x:x:x:x/96 where x - are ipv4 octets







Anycast addresses:

Anycast address is assigned to more than one interface (different nodes). A packet sent to the anycast address will be delivered to the "nearest" interface having that address. There is no special address space for IPv6 anycast address, anycast addresses are allocated from unicast address space.Anycast address must not be used as source address for sending IPv6 packets. Anycast address can be configured with "anycast" cisco ios command.
Another words:  any unicast address assigned to different nodes makes this address anycast with exception that when you configure anycast address on cisco router, Duplicated Address Detection (DAD) becomes automatically disabled.
(config-if)#ipv6 address x::y/z anycast


Multicast addresses:

IPv6 multicast address have the next format:
All multicast addresses begin with 1111 1111 in binary,  as FF in hex or as a prefix FF00::/8







Where : flgs - is a flag field (ff)      

- The higher order flag is reserved and must be initialized to 0 ( zero )
- T = 0 means that address is well known and permanently assigned by IANA, T=1 means that address is "dynamically" assigned (for example generated from IPv4 multicast address). 
- P flag is used for indicating, that multicast address was assigned based on a network prefix (ipv4 based, Source Specific Multicast SSM). P=1 means that T must be set to 1. 
SSM range of IPv6 addresses is FF3x::/32
- R flag  shows us that Rendezvous Point (RP) Address is embedded in IPv6 address, of course P must be set to 1 ant T must be set to 1. 
IPv6 with RP embedded address space is FF70::/32. (RFC 3956)

scop  - is a 64-bit multicast scope value. It shows us the scope of the multicast group (internal-local, link-local,site-local, organization-local e.t.c RFC4291)

Common IPv6 multicast addresses

(XX01::1 - interface local , XX02::1 all nodes in link-local scope): 
FF0x::1 - all nodes 
FF0x::2 - all routers
FF02::5 - all OSPFIGP
FF02::6 - all OSPFIGP DR
FF02::9 - all RIP 
FF02::a - all EIGRP


Solicited-node multicast address

Solicited-node multicast address is formed by taking a 24 low-order bits of node's unicast or anycast address and appending those bits to the special multicast prefix FF02::1:FFxx:xxxx/104 where xx:xxxx - those 24 low-order bits.
When you assign the unicast or anycast address to router's interface, this interface automatically "subscribes" to solicited-node multicast address corresponding to unicast address you assigned.
Cisco IOS command "show ipv6 interface <ifname>" will show you all ipv6 solicited-node multicast addresses.
Example:
IPv6 unicast address: FD00::1234:5678
IPv6 solicited-node mcast address: FF02::1:FF34:5678

Mapping multicast IPv6 address to multicast MAC-address


In IPv6 as in IPv4 you still need to have destination multicast MAC-address to send multicast IPv6 packets. To map IPv6 multicast address to MAC-address you should  append low-order 32 bits of ipv6 address to multicast mac-address whos first two octets are "3333" in hex: