IPv6: Difference between revisions
NickPGSmith (talk | contribs) No edit summary |
NickPGSmith (talk | contribs) m (1 revision imported) |
(No difference)
|
Revision as of 21:02, 17 February 2023
Addresses
- 128 bits
- 8 hextets
- 4 hex characters (16 bits) per hextet
- /64 (decimal): 64 bits in the network prefix
- remaining 64 bits for interface ID
- no subnet masks
- Address Compression:
- Leading zeros can be omitted in a hextet
- Single instance of continuous zeros represented by ::
- eg 2001:0eb8:00c1:2200:0001:0000:0000:00331/64 -> 2001:eb8::c1:2200:1::331/64
- Unicast: Communication from one address to another.
- Multicast: Communication from one address to many. Clients subscribe to specific multicast addresses.
- Anycast: Distribution is done by router/switch
Unicast Scopes:
- Global: everything (i.e. the whole internet)
- Unique local addresses have global scope but are not globally administered
- eg 2001:2eb8:adc1:54ed:1100:697a:3210:3331/64
- 2001:2eb8:adc1:54ed : network
- 1100:697a:3210:3331 : interface ID
- Link Local: will never be routed, valid in one collision domain, i.e. on the same switch)
- Link local addresses and loopback
- eg fe80::1100:697a:3210:3331/10
Link-local addresses can be used to reach the neighbouring nodes attached to the same link; they do not need a globally unique address to communicate. Routers will not forward datagram using link-local addresses. IPv6 routers must not forward packets that have link-local source or destination addresses to other links. All IPv6 enabled interfaces have a link-local unicast address.
Prefix | Purpose |
---|---|
2000-3fff::/3 | Global Unicast - Routable on Internet |
2001:db8:1::/64 (all zeros ID) | Anycast - Shared address to nearest available interface (type of unicast) |
fc00::/8 fd00::/8 | Unique Local - Routable on private network only (ULA) |
fe80::/10 | Local link - network only |
ff00::/8 | Multicast - Sending to groups (~ IPv4 broadcast) |
Subnetting:
Cumulative Mask | Bits | Purpose |
---|---|---|
/3 | first 3 bits | 001 defined for GUA |
/23 | next 20 bits | Regional registry (NA, Africa, etc) |
/32 | next 9 bits | Service provider |
/48 | next 16 bits | Site prefix (eg ISP) |
/64 | next 16 bits | Subnet prefix (eg consumer) |
/128 | last 64 bits | Interface ID |
[48 bit Network Address] + [16 bit subnet address] + [64 bit device address]
eg: 2003:1000:1000:1600:1234::1
would have the network 2003:1000:1000, the subnet 1600, so together the prefix 2003:1000:1000:1600. If the ISP delegated a part of the prefix to the consumer (e.g. 2003:1000:1000:1600/56) then the subnets from 2003:1000:1000:1600 to 2003:1000:1000:16FF could be used for private purposes (ie define 256 subnets).
Address | Purpose |
---|---|
:: /0 | All networks, used for default route |
::1/128 | Loopback, like 127.0.0.1 |
::/128 | Unspecified |
2000::/3 | Global Unicast (Internet) |
2001:0000: | Global Unicast - Teredo |
2001:db8: | Global Unicast - teaching example |
2002::/3 | Global Unicast - 6to4 |
ff02::1 | All-nodes mulitcast |
ff02::1:2 | All DHCP Servers and agents |
ff02::1:ffxx:xxxx | All-solicited nodes multicast |
ff02::2 | All-routers mulitcast |
ff02::101 | All NTP Servers multicast |
ff02::fb | mDNSv6 multicast |
- Typically interfaces have multiple IPs in different scopes (localhost, unique local, global)
- Communucation between nodes happens at the smallest scope
Scopes and special addresses
- 0xe, Global - everything (i.e. the whole internet)
- 0x8, Organisation Local
- 0x5, Site Local
- 0x4, Admin Local
- 0x3, Realm Local
- 0x2, Link Local: (will never be routed, valid in one collision domain, i.e. on the same switch)
- 0x1, Interface Local - localhost
Tools and usage
- To use IPv6 in URLs, enclose in square brackets:
- Command line tools typically accept "-6"
- ping -6 f02::1
- ping fe80::6ab2:9b4f:5cea:6679%wlp12s0
- traceroute
Note that ping for link-local addresses may need to specify the interface.
Protocols
Number | Protocol | Purpose |
---|---|---|
58 | ICMP v6 | Information, Error reporting, diagnostics |
17 | UDP v6 | Stateless |
6 | TCP v6 | Stateful |
ICMP v6
Instead of ports, types are used. Critical/important types have numbers ranging from 1-127, while rather informational types have the numbers 128 and above. Each type can have codes (subtypes) that can be used for further specifications. See here for full list.
Type | Code | Purpose |
---|---|---|
0 | Reserved | |
1 | Destination unreachable | |
1 | 0 | No route to destination |
1 | 2 | Beyond scope of source address |
3 | Time limit exceeded | |
3 | 1 | Hop limit exceeded |
128 | 0 | Echo request |
129 | 0 | Echo reply |
128 | 0 | Echo request |
128 | 0 | Echo request |
133 | 0 | Router solicitation |
134 | 0 | Router advertisement |
135 | 0 | Neighbour solicitation |
136 | 0 | Neighbour advertisement |
Assigning IPv6
Ways to assign IPv6 addresses
- Static - fixed address
- SLAAC - Stateless Address Autoconfiguration (host generates itself)
- DHCPv6 - Dynamic host configuration protocol (assigned by central server)
SLAAC is good for general purpose clients but not good for servers that require special firewall rules, etc where central management of DHCPv6 is better.
Both SLAC and DHCPv6 could be used to assign IPs for a client, if interface is set to Automatic. Alternatively, set to Automatic-DHCPv6 to suppress SLAC. On the server side, flags in the RA can tell the clients whether they should use SLAC or DHCPv6.
eg in OpenWRT:
- IPV6 RA Settings
- Enable SLAC
- RA Flags -> managed config (DHCPv6 is available)
Stateless Address Autoconfiguration (SLAAC)
- PC sends a Router Solicitation (RS) message using ICMPv6
- Type 133
- Source address :: /128 (unspecified)
- Destination address: ff02::2 (all-routers mulitcast)
- Router sends Router Advertisement (RA) message
- Type 134
- Source address: fe80::x (router link-local)
- Destination address: ff02::1 (all-nodes mulitcast)
- PC learns
- IPv6 prefix(es)
- Router lifetime information (0: not default, 1: 9000 seconds)
- Flag information (M: managed address and DNS by dhcpv6 / O: other ie DNS only from dhcpv6)
- Gateway/source address
- PC autoconfigures interface ID, EUI-64 (from MAC or random)
- PC sends Neighbour Solicitation (NS) message (Duplicate Address Detection, pings itself to make sure it's a unique address)
SLAAC: convert 48 bit MAC 08:00:27:00:00:08 to 64 bit interface ID 0a00:27ff:fe00:0008
- ff:ee inserted in the middle
- 7th bit flip
Neighbour Discovery (similar to ARP): type 135 Neighbour Advertisement : type 136
DHCPv6
- DHCP Solicitation from UDP 546 to 547 on the DHCP multicast address ff02::1:2
- The server then replies to the client (UDP/547 to UDP/546) with DHCP advertisement
- The client then sends out a DHCP request
- The server finishes with a DHCP reply
Duplicate Address Detection
Multicast into the network the use of a particular address: if no response, assume no duplicates present.
IPv4 Compatibility
IPv4 addresses are represented within IPv6 space:
- 10.0.176.93 as ::ffff:10.0.176.93, or ::ffff:a00:b05d