IPv6

From Smithnet Wiki
Revision as of 21:02, 17 February 2023 by NickPGSmith (talk | contribs) (1 revision imported)
Jump to navigation Jump to search

Addresses

  • 128 bits
    • 8 hextets
    • 4 hex characters (16 bits) per hextet
    • /64 (decimal): 64 bits in the network prefix
    • remaining 64 bits for interface ID
    • no subnet masks
  • Address Compression:
    • Leading zeros can be omitted in a hextet
    • Single instance of continuous zeros represented by ::
    • eg 2001:0eb8:00c1:2200:0001:0000:0000:00331/64 -> 2001:eb8::c1:2200:1::331/64
  • Unicast: Communication from one address to another.
  • Multicast: Communication from one address to many. Clients subscribe to specific multicast addresses.
  • Anycast: Distribution is done by router/switch

Unicast Scopes:

  • Global: everything (i.e. the whole internet)
    • Unique local addresses have global scope but are not globally administered
    • eg 2001:2eb8:adc1:54ed:1100:697a:3210:3331/64
      • 2001:2eb8:adc1:54ed : network
      • 1100:697a:3210:3331 : interface ID
  • Link Local: will never be routed, valid in one collision domain, i.e. on the same switch)
    • Link local addresses and loopback
    • eg fe80::1100:697a:3210:3331/10

Link-local addresses can be used to reach the neighbouring nodes attached to the same link; they do not need a globally unique address to communicate. Routers will not forward datagram using link-local addresses. IPv6 routers must not forward packets that have link-local source or destination addresses to other links. All IPv6 enabled interfaces have a link-local unicast address.

IPv6 Address Types
Prefix Purpose
2000-3fff::/3 Global Unicast - Routable on Internet
2001:db8:1::/64 (all zeros ID) Anycast - Shared address to nearest available interface (type of unicast)
fc00::/8 fd00::/8 Unique Local - Routable on private network only (ULA)
fe80::/10 Local link - network only
ff00::/8 Multicast - Sending to groups (~ IPv4 broadcast)

Subnetting:

Global Unicast Address Bits
Cumulative Mask Bits Purpose
/3 first 3 bits 001 defined for GUA
/23 next 20 bits Regional registry (NA, Africa, etc)
/32 next 9 bits Service provider
/48 next 16 bits Site prefix (eg ISP)
/64 next 16 bits Subnet prefix (eg consumer)
/128 last 64 bits Interface ID

[48 bit Network Address] + [16 bit subnet address] + [64 bit device address]

eg: 2003:1000:1000:1600:1234::1

would have the network 2003:1000:1000, the subnet 1600, so together the prefix 2003:1000:1000:1600. If the ISP delegated a part of the prefix to the consumer (e.g. 2003:1000:1000:1600/56) then the subnets from 2003:1000:1000:1600 to 2003:1000:1000:16FF could be used for private purposes (ie define 256 subnets).

IPv6 Special Addresses
Address Purpose
:: /0 All networks, used for default route
::1/128 Loopback, like 127.0.0.1
::/128 Unspecified
2000::/3 Global Unicast (Internet)
2001:0000: Global Unicast - Teredo
2001:db8: Global Unicast - teaching example
2002::/3 Global Unicast - 6to4
ff02::1 All-nodes mulitcast
ff02::1:2 All DHCP Servers and agents
ff02::1:ffxx:xxxx All-solicited nodes multicast
ff02::2 All-routers mulitcast
ff02::101 All NTP Servers multicast
ff02::fb mDNSv6 multicast
  • Typically interfaces have multiple IPs in different scopes (localhost, unique local, global)
  • Communucation between nodes happens at the smallest scope

Scopes and special addresses

  • 0xe, Global - everything (i.e. the whole internet)
  • 0x8, Organisation Local
  • 0x5, Site Local
  • 0x4, Admin Local
  • 0x3, Realm Local
  • 0x2, Link Local: (will never be routed, valid in one collision domain, i.e. on the same switch)
  • 0x1, Interface Local - localhost

Tools and usage

  • To use IPv6 in URLs, enclose in square brackets:
  • Command line tools typically accept "-6"
    • ping -6 f02::1
    • ping fe80::6ab2:9b4f:5cea:6679%wlp12s0
    • traceroute

Note that ping for link-local addresses may need to specify the interface.

Protocols

Protocols
Number Protocol Purpose
58 ICMP v6 Information, Error reporting, diagnostics
17 UDP v6 Stateless
6 TCP v6 Stateful

ICMP v6

Instead of ports, types are used. Critical/important types have numbers ranging from 1-127, while rather informational types have the numbers 128 and above. Each type can have codes (subtypes) that can be used for further specifications. See here for full list.

ICMP v6 Types
Type Code Purpose
0 Reserved
1 Destination unreachable
1 0 No route to destination
1 2 Beyond scope of source address
3 Time limit exceeded
3 1 Hop limit exceeded
128 0 Echo request
129 0 Echo reply
128 0 Echo request
128 0 Echo request
133 0 Router solicitation
134 0 Router advertisement
135 0 Neighbour solicitation
136 0 Neighbour advertisement

Assigning IPv6

Ways to assign IPv6 addresses

  • Static - fixed address
  • SLAAC - Stateless Address Autoconfiguration (host generates itself)
  • DHCPv6 - Dynamic host configuration protocol (assigned by central server)

SLAAC is good for general purpose clients but not good for servers that require special firewall rules, etc where central management of DHCPv6 is better.

Both SLAC and DHCPv6 could be used to assign IPs for a client, if interface is set to Automatic. Alternatively, set to Automatic-DHCPv6 to suppress SLAC. On the server side, flags in the RA can tell the clients whether they should use SLAC or DHCPv6.

eg in OpenWRT:

  • IPV6 RA Settings
    • Enable SLAC
    • RA Flags -> managed config (DHCPv6 is available)

Stateless Address Autoconfiguration (SLAAC)

  • PC sends a Router Solicitation (RS) message using ICMPv6
    • Type 133
    • Source address :: /128 (unspecified)
    • Destination address: ff02::2 (all-routers mulitcast)
  • Router sends Router Advertisement (RA) message
    • Type 134
    • Source address: fe80::x (router link-local)
    • Destination address: ff02::1 (all-nodes mulitcast)
    • PC learns
      • IPv6 prefix(es)
      • Router lifetime information (0: not default, 1: 9000 seconds)
      • Flag information (M: managed address and DNS by dhcpv6 / O: other ie DNS only from dhcpv6)
      • Gateway/source address
  • PC autoconfigures interface ID, EUI-64 (from MAC or random)
  • PC sends Neighbour Solicitation (NS) message (Duplicate Address Detection, pings itself to make sure it's a unique address)

SLAAC: convert 48 bit MAC 08:00:27:00:00:08 to 64 bit interface ID 0a00:27ff:fe00:0008

  • ff:ee inserted in the middle
  • 7th bit flip

Neighbour Discovery (similar to ARP): type 135 Neighbour Advertisement : type 136

DHCPv6

  • DHCP Solicitation from UDP 546 to 547 on the DHCP multicast address ff02::1:2
  • The server then replies to the client (UDP/547 to UDP/546) with DHCP advertisement
  • The client then sends out a DHCP request
  • The server finishes with a DHCP reply

Duplicate Address Detection

Multicast into the network the use of a particular address: if no response, assume no duplicates present.

IPv4 Compatibility

IPv4 addresses are represented within IPv6 space:

  • 10.0.176.93 as ::ffff:10.0.176.93, or ::ffff:a00:b05d
  • 6in4
    • IP protocol 41
  • 6to4
    • Address starts 2002
  • ISATAP
    • Interface ID starts 0:5efe followed by IPv4 w.x.y.z
  • Teredo
    • Allows IPv6 clients to work with IPv4 NAT
Retrieved from ‘https://www.smithnet.org.uk/wiki/index.php?title=IPv6&oldid=236