IPv6 for IPv4 Experts Yar Tikhiy December 31, 2013 DRAFT License cbnd This draft is licensed under the Creative Commons Attribution-NonCommercial- NoDerivs license. DRAFT 1 Contents Preface 9 1 Defining the Problem 11 2 IPv6 Address 19 2.1 TheIPv6AddressLengthIssue . 19 2.2 TextRepresentationofanIPv6Address . 29 2.3 IPv6AddressTypes ....................... 38 2.4 IPv6AddressScopeandZone . 42 2.5 Well-known Applications of IPv6 Link-local Addresses . 59 2.6 IPv6UnicastAddressStructure . 61 2.7 IPv6InterfaceIDsandEUI-64. 66 2.8 IPv6MulticastAddressStructure . 72 2.9 IPv6 Multicast Addressing Extensions Based on Unicast Ad- dresses . 78 2.10 Site-Local Address Problem and Its Solution . 85 2.11 IPv6AddressesinDNS. 89 3IPv6Packet 92 3.1 IPv6 Packet Layout . 92 3.2 IPv6Header............................ 96 3.3 ExtensionHeaders ........................ 104 3.3.1 A Header That Isn’t There: No Next Header . 104 3.3.2 IPv6DRAFT Options . 105 3.3.3 RoutingHeader ..................... 111 3.3.4 Fragment Header. IPv6 Fragmentation and Reassembly 119 3.3.5 IPSecurityHeaders. 134 3.3.6 ExtensionHeaderOrdering . 142 3.3.7 UnsupportedHeaderHandling. 144 2 CONTENTS 3 4 IPv6 in the Protocol Stack 147 4.1 Link-Level Encapsulation . 147 4.1.1 Ethernet . 148 4.1.2 PPP . 151 4.2 InteractionwithUpper-LayerProtocols . 158 4.3 Control . 162 5 Neighbor Discovery Protocol 172 5.1 Neighbor Discovery and IPv6 Address Resolution . 172 5.2 TheHost,theLink,andtheSubnetinIPv6 . 207 5.3 IPv6AddressingModesRevised. Anycast . 239 5.4 IPv6Autoconfiguration. 247 5.4.1 Interface ID Selection and Duplicate Address Detection 247 5.4.2 Prefix and Router Discovery . 255 6 Advanced IPv6 277 6.1 AnycastingtotheRoutersoftheSubnet . 277 6.2 PrivacyExtensionsforSLAAC . 279 6.3 SecuringNeighborDiscovery . 284 6.4 Managing IPv6 Multicast . 294 6.5 ToFragmentorNottoFragment?. 356 6.6 Handling Multiple Local Addresses and Default Address Se- lection ............................... 361 6.7 NameResolutioninIPv6Environment . 376 6.8 Multihoming and Multipathing with IPv6 . 379 Conclusion 389 BibliographyDRAFT 391 List of Figures 1.1 Version-agnostic IP header format . 17 2.1 Generic format of IPv6 address . 28 2.2 Yoyodyne corporate network (imaginary) . 43 2.3 Resolving address A’s ambiguity by link index extension . 44 2.4 Zone names can be as unconventional as runes or hieroglyphs because they have only local significance . 47 2.5 IPv6 interface belongs to a zone of each possible scope . 50 2.6 A complex zone topology. Valid and invalid site-local paths in it 52 2.7 Packet exchange using addresses from di↵erent zones . 53 2.8 Initial node configuration assuming a one-to-one correspon- dence between interfaces and zones . 56 2.9 Resolving the zone ambiguity of two interfaces connected to the same link . 57 2.10 IPv4 route aggregation in the Internet . 62 2.11 Generalized structure of an IPv6 global unicast address . 64 2.12 ActualformatofanIPv6unicastaddress . 65 2.13 IPv6 link-local address format . 67 2.14 OUI format and mapping between EUI types. 69 2.15 IPv6 multicast address flags field . 73 2.16 IPv6 multicast address format . 76 2.17 Unicast-prefix-based IPv6 multicast address format . 81 2.18 IPv6 source-specific-multicastDRAFT address format . 84 2.19 Unique local IPv6 unicast address format . 88 3.1 Our first approximation to the IPv6 packet structure looks rather traditional . 92 3.2 The composite header of an IPv6 packet . 94 3.3 The type of a header is to be looked up in the preceding header. 94 3.4 How the composite header is linked with payload . 95 4 LIST OF FIGURES 5 3.5 The final structure of the IPv6 packet (the number of extension headersisvariable) ........................ 96 3.6 The IPv6 header . 103 3.7 NoNextHeader.......................... 105 3.8 Options header common format . 107 3.9 IPv6 option format . 107 3.10 Encoding option properties in its type . 109 3.11 Pad1 option . 110 3.12 PadN option . 110 3.13 RoutingHeadercommonformat . 115 3.14HowRH2works.......................... 118 3.15 IPv6 packet layout for fragmentation purposes . 123 3.16 Making raw fragments from an IPv6 packet . 124 3.17 Encapsulated IPv6 fragment . 124 3.18 How IPv6 Fragment O↵setisdetermined . 129 3.19 FragmentHeaderformat . 131 3.20AHformat............................. 137 3.21 ESPencapsulationformat . 140 4.1 IPV6CP: concurrent negotiation without conflict . 156 4.2 IPV6CP: consecutive negotiation without conflict . 156 4.3 IPV6CP: concurrent negotiation with conflict resolution . 157 4.4 IPV6CP: consecutive negotiation with conflict resolution . 157 4.5 IPv6 encapsulation examples . 159 4.6 IPv6 pseudo-header for checksumming purposes . 160 4.7 Basic ICMPv6 message format . 163 4.8 Generic ICMPv6 error message . 169 5.1 Neighbor nodes on a broadcast link (left) and on a point-to- pointlink(right) ......................... 173 5.2 Automatic neighbor discovery: the concept . 175 5.3 IPv6 node data structures and relations between them . 186 5.4 Deorbiting an outdated Neighbor Cache entry: the timeline . 191 5.5 AsimplifiedNDstatediagram.DRAFT . 193 5.6 NDproxy:thebasicidea. 195 5.7 NDproxy-assistedmobility. 196 5.8 NaiveNDproxycausingmobilityfault . 197 5.9 ND state diagram providing for the O-bit and link-layer (L2) address change . 199 5.10 NeighborSolicitationformat . 202 5.11 NDoptionformat......................... 202 LIST OF FIGURES 6 5.12 SLLA (Type =1)andTLLA(Type =2)options:generic format . 203 5.13 SLLA (Type =1)andTLLA(Type =2)optionsforEthernet 203 5.14 NeighborAdvertisementformat . 205 5.15 NBMAstaranditstopologygraph . 210 5.16 NBMA “butterfly” with a star subgraph in it . 213 5.17 Using the default router to access both the NBMA link and the Internet . 214 5.18 One link, one router, two subnets . 221 5.19 IPv6 Redirect at work . 222 5.20 RedirectedHeaderoptionformat . 223 5.21 Redirectmessageformat . 224 5.22 Top half of the conceptual sending algorithm: Next hop selection233 5.23 Conceptual IPv6 host data structures and links between them 234 5.24 RemotesubprefixinIPv4 . 238 5.25 RemotesubprefixinIPv6 . 239 5.26 AnycastDNS:therawidea. 241 5.27 Anycastmustbereproducible . 241 5.28 Thepathtoananycastdestination . 242 5.29 Anycast: the last hop handled through routing . 243 5.30 The source host speaks to a specific anycast node depending on its connection point . 244 5.31 Same-link anycast using Neighbor Discovery . 244 5.32 Real-world anycast using routing and ND. 246 5.33 Two routers on link, owning di↵erent prefixes . 259 5.34 IPv6 unicast address lifecycle . 263 5.35 Router Solicitation format . 264 5.36 RouterAdvertisementformat . 266 5.37 PrefixInformationOption(PIO) . 267 5.38 MTU Option . 267 5.39 Preventing a lifetime-based DoS attack . 275 6.1 SubnetRouterAnycastAddressformatDRAFT . 277 6.2 The lifecycle of an IPv6 temporary address . 283 6.3 CGAParametersdatastructureformat . 289 6.4 To a multicast source, routers look the same as hosts . 299 6.5 RouterAlertoptionformat. 308 6.6 MLDv1 message format . 312 6.7 MLDv2 Report format . 314 6.8 MulticastAddressRecordformat . 319 6.9 Conceptual data structures of an MLDv2-capable router . 323 LIST OF FIGURES 7 6.10 MLDv2 Query format . 324 6.11 Floating-point code for Maximum Response Code (MRC) and QQIC ............................349 6.12 Selecting source address by scope: initial scheme . 367 6.13 Selecting source address by scope: intermediate scheme . 368 6.14 Selecting source address by scope: final scheme. 369 6.15 Careless publication of a site-local address in the public DNS . 378 6.16 Multihoming with di↵erent links . 382 6.17 Multihoming with one link . 382 6.18 Engineers B. Baker, K. Watanabe, and J. Fowler demonstrate the structural principles of the cantilever bridge [227]. Their designs can be relied upon! . 390 DRAFT List of Tables 2.1 Expanding IPv6 prefix notation to raw hex . 37 2.2 How scoped ping looks like in di↵erent OS types . 57 2.3 Rules for mapping EUI-48 and MAC-48 to EUI-64 . 67 2.4 IPv6 multicast address scope codes [21, Section 2.7] . 75 2.5 mDNSv6 multicast addresses of di↵erent scope . 76 2.6 The most important IPv6 multicast groups [21, Section 2.7.1] . 77 2.7 40-bit site ID conflict probability . 87 3.1 The meaning of the high bits in an IPv6 option type . 108 3.2 Mutability of IPv6 header fields . 138 4.1 IPV6CP interface ID negotiation messages . 153 4.2 Multi-version IP-IP encapsulation . 162 4.3 Essential ICMPv6 message types . 165 5.1 Star neighborship matrix—see Fig. 5.15 for topology . 212 5.2 Broadcastlinkneighborshipmatrix . 212 5.3 “Butterfly” neighborship matrix—see Fig. 5.16 for topology . 215 6.1 AddressesclaimedbyNDmessagetypes . 291 6.2 “MLDv0” and MLDv1 feature chart . 313 6.3 MLDv2 listener reporting rules . 320 6.4 ConceptualmodesofanMLDv2routerfilter . 325 6.5 MLDv2DRAFT Query variants . 332 6.6 MLDv2 report processing rules . 333 6.7 Listener compatibility chart . 350 6.8 Multicast router compatibility chart . 350 6.9 MLD message upgrade chart . 351 6.10 Listener“cross-pollination”chart . 352 6.11 MLD compatibility chart: Messages of which version to send . 353 6.12 MLDv1 and MLDv2 feature table . 353 6.13 Fragmentation and PMTUD related socket options . 360 8 Preface Verbum sat sapienti est. (A word to the wise is enough.) Latin proverb Although IPv6 has been around for quite a while now, many network engineers are still hesitant about embracing it, their valid excuse being a mere lack of time to study the new architecture. Granted, everyone knows of the legendary 128-bit IPv6 address but, unfortunately, that’s about it. The irony is, now that the IPv4 address space has been exhausted and everyone seems raring to go IPv6, the rush of a forced and hurried transition.
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages402 Page
-
File Size-