IPv6 – Notes

Posted on June 11, 2015 by Venkat
  • IPv6: 128 bits. Represented in hexadecimal format as eight 16 bits segments.
  • Two rules for IPv6 representation:
    • Leading zeros in 16 bits can be represented as single 0.
    • Single contiguous string of one or more segments are all zeros can be represented as ::

  • Default route is ::/0
  • Unspecified route is ::/128
  • Loopback is identified as ::1/128
  • IPv6 addresses can be classified as;
    • Unicast:
      • Global unicast: Typically have 48 bits routing prefix, 16 bits subnet ID and 64 bits interface ID. As of now 2xxx::/4 or 3xxx::/4
      • Link local: FE80::/10
      • Site local: FEC0::/10
    • Multicast: FF00::/8
      • Multicast prefix(8 bits):flags(4 bits):scope(4 bits):Group ID(112 bits)
      • Multicast prefix(8 bits) always set to binary 1. 0xFF
      • Flags: 3 bits are unused. 4th bit is 0 for well-known or 1 if it is transient.
      • Scope: 0x1 for node. 0x2 for link-local. 0x5 for site local. 0xE for global.
    • Well-known multicast addresses:
      • FF02::1 – all nodes (broadcast address)
      • FF02::2 – all routers
      • FF02::5 – OSPFv3 , FF02::6 – Designated OSPFv3
      • FF02::9 – RIPng
      • FF02::A – EIGRP
      • FF02::D – all PIM routers
    • Anycast:
      • Not an address but a server offered by group of devices. Packets to anycast address are routed to the nearest device which offers that service.
    • IPv6 header:
    • Traffic class for QOS. Flow label to identify a flow from host-host. Currently set to zeros.
    • Next header can be; (in the order of recommended way)
      • Hop-by-hop option: used by all routers on the path. Like router alert.
      • Destination option: used by destination node or nodes listed in routing header
      • Routing: For source routing
      • Fragment: set by originating node if fragment is needed.
      • Authentication header (AH):
      • Encapsulating security payload (ESP): for payload encryption
      • Destination option: used only by destination node
    • ICMPv6 for IPv6 has next header value of 58.
    • ICMPv6 is used for path MTU discovery, neighbor discovery and data-link resolution. NO ARP request/reply mechanism in IPv6.

Neighbor Discovery Protocol (NDP) – ICMPv6 Message types

Router advertisement (RA)

  • Sent by router: periodically or in response to RS.
  • Advertise parameter like link prefix, MTU and hop limits.
  • SRC address: Link-local address of the originating router.
  • DES address:
    • All-nodes address: FF02::1 for unsolicited RA.
    • Link-local address of the node, if RA is in response to RS.
  • By default, router sends RA every 200 seconds. Can be changed by “ipv6 nd ra-interval”
  • By default, router sends all prefix configured on an interface in RA. “ipv6 nd prefix” to control.
  • Important fields:
    • M bit: managed address configuration flag.
      • Set to 1 by router to tell host to use stateful address auto configuration via DHCPv6. Command:
      • Set to 0 by router to tell host to use stateless address auto configuration
      • Can be set by “ipv6 nd managed-config-flag”
    • O bit: Other stateful configuration flag:
      • Set to 1 by router to tell host to use link information from DHCPv6 server
      • Can be set by “ipv6 nd other-config-flag”
    • Router lifetime: Host assumes the router as default-router for this lifetime. By default, the lifetime is 1800 seconds. Can be changed by ““ipv6 nd ra-lifetime”
    • Reachable time: Time, the node should assume the neighbor is reachable. Default is 0 (unspecified) or set by “ipv6 nd reachable-time”
    • Retransmit timer: Minimum time between retransmitted NS message. Default is 0 (unspecified) or set by “ipv6 nd ns-interval”. To configure host on how to send NS
    • By default, host will retransmit NS (for address resolution) every 1 second if the ns-interval is unspecified in RA.

Router Solicitation (RS)

  • Sent by host to request router to send RS.
  • SRC address: IPv6 address assigned to the interface or :/128 if unspecified.
  • DES address: FF02::2. All router address.

Neighbor Solicitation (NS)

  • Originated by nodes. (both router and host)
  • To request another nodes’ L2 address and to detect duplicate address detection and un-reachability detection.
  • SRC address: IPv6 address assigned to the interface or :/128 (for duplicate address detection)
  • DES address: Target address or solicitated-node multicast address corresponds to target address
  • Solicitated-node MC address:{FF02::1:FF00:0/104 and the last 24-bits of the target IPv6 address}

Neighbor advertisement (NA)

  • Sent by nodes in response to NS.
  • Unsolicited NA might be sent if the nodes’ L2 address changes.

Redirect:

  • Sent by router to allow host to send packets to correct L3 router.

Address auto-configuration:

  • Each host can derive its link-local address by concatenating FE08:://64 and 64-bit interface ID.
  • Interface ID is derived by inserting 0xFFFE into the middle of mac-address and flipping the U/L bit to 1.
  • To communicate with devices, connected off the link, we need global IPv6 address which can be;
    • Stateful address auto configuration: Gets IP address from DHCPv6 server. Either configured on the host or the RA has M-bit set.
    • Stateless address auto configuration: Host appends its interface ID to the prefix advertised by router in RA.

Duplicate address detection;

  • An IPv6 host can have more than one IPv6 address. Duplicate address detection can be performed once. Host send NS message with Target address = assigned new address.
  • The SRC and DES addr.. of this NS would be unspecified- :: and solicited-node multicast address.
  • If the originated node receives NA, then duplicate address is detected.

L2 address resolution:

  • “neighbor cache” in IPv6 is same as ARP in IPv4.
  • If the destination address is off the link, then the host will send the packet to the default router.
  • If DES address is local, then the node generates an NS destined to Solicited node MC (last 24 bits is the target address) with its own L2 address in TLV. [neighbor state is “incomplete”]
  • The host retransmit NS every “ns-interval” unless the address is resolved or timeout after 3 attempt. [neighbor state moved to ‘reach’ if resolved]
  • “Privacy address” can be formed by randomly generating interface ID part.

Neighbor cache State:

  • ‘Incomplete’: Address resolution is in progress. NS has been sent but no NA has yet been received.
  • ‘Reachable’: The address has been confirmed as reachable for the last 30 seconds (if Reachable timer is not specified in RA) or reachable timer value.
  • ‘Stale’: The ‘reachable timer’ has been expired since the last confirmation of reachability.
  • ‘Delay’: A stale address will be in this state for 5 sec after a packet is sent to destination to confirm the reachability. If the reachability is not confirmed, then the state is moved to ‘probe’.
  • ‘Probe’: NS is sent to the address every ‘retransmit timer’ (1 sec if not specified) until the reachability is confirmed. (either by ACK of TCP msg or response by RA/NA)
This entry was posted in IPv6, Routing and tagged , , , . Bookmark the permalink.

Leave a comment