Ipv6 for Ipv4 Experts

Ipv6 for Ipv4 Experts

IPv6 for IPv4 Experts Yar Tikhiy December 31, 2013 DRAFT License cbnd This draft is licensed under the Creative Commons Attribution-NonCommercial- NoDerivs license. DRAFT 1 Contents Preface 9 1 Defining the Problem 11 2 IPv6 Address 19 2.1 TheIPv6AddressLengthIssue . 19 2.2 TextRepresentationofanIPv6Address . 29 2.3 IPv6AddressTypes ....................... 38 2.4 IPv6AddressScopeandZone . 42 2.5 Well-known Applications of IPv6 Link-local Addresses . 59 2.6 IPv6UnicastAddressStructure . 61 2.7 IPv6InterfaceIDsandEUI-64. 66 2.8 IPv6MulticastAddressStructure . 72 2.9 IPv6 Multicast Addressing Extensions Based on Unicast Ad- dresses . 78 2.10 Site-Local Address Problem and Its Solution . 85 2.11 IPv6AddressesinDNS. 89 3IPv6Packet 92 3.1 IPv6 Packet Layout . 92 3.2 IPv6Header............................ 96 3.3 ExtensionHeaders ........................ 104 3.3.1 A Header That Isn’t There: No Next Header . 104 3.3.2 IPv6DRAFT Options . 105 3.3.3 RoutingHeader ..................... 111 3.3.4 Fragment Header. IPv6 Fragmentation and Reassembly 119 3.3.5 IPSecurityHeaders. 134 3.3.6 ExtensionHeaderOrdering . 142 3.3.7 UnsupportedHeaderHandling. 144 2 CONTENTS 3 4 IPv6 in the Protocol Stack 147 4.1 Link-Level Encapsulation . 147 4.1.1 Ethernet . 148 4.1.2 PPP . 151 4.2 InteractionwithUpper-LayerProtocols . 158 4.3 Control . 162 5 Neighbor Discovery Protocol 172 5.1 Neighbor Discovery and IPv6 Address Resolution . 172 5.2 TheHost,theLink,andtheSubnetinIPv6 . 207 5.3 IPv6AddressingModesRevised. Anycast . 239 5.4 IPv6Autoconfiguration. 247 5.4.1 Interface ID Selection and Duplicate Address Detection 247 5.4.2 Prefix and Router Discovery . 255 6 Advanced IPv6 277 6.1 AnycastingtotheRoutersoftheSubnet . 277 6.2 PrivacyExtensionsforSLAAC . 279 6.3 SecuringNeighborDiscovery . 284 6.4 Managing IPv6 Multicast . 294 6.5 ToFragmentorNottoFragment?. 356 6.6 Handling Multiple Local Addresses and Default Address Se- lection ............................... 361 6.7 NameResolutioninIPv6Environment . 376 6.8 Multihoming and Multipathing with IPv6 . 379 Conclusion 389 BibliographyDRAFT 391 List of Figures 1.1 Version-agnostic IP header format . 17 2.1 Generic format of IPv6 address . 28 2.2 Yoyodyne corporate network (imaginary) . 43 2.3 Resolving address A’s ambiguity by link index extension . 44 2.4 Zone names can be as unconventional as runes or hieroglyphs because they have only local significance . 47 2.5 IPv6 interface belongs to a zone of each possible scope . 50 2.6 A complex zone topology. Valid and invalid site-local paths in it 52 2.7 Packet exchange using addresses from di↵erent zones . 53 2.8 Initial node configuration assuming a one-to-one correspon- dence between interfaces and zones . 56 2.9 Resolving the zone ambiguity of two interfaces connected to the same link . 57 2.10 IPv4 route aggregation in the Internet . 62 2.11 Generalized structure of an IPv6 global unicast address . 64 2.12 ActualformatofanIPv6unicastaddress . 65 2.13 IPv6 link-local address format . 67 2.14 OUI format and mapping between EUI types. 69 2.15 IPv6 multicast address flags field . 73 2.16 IPv6 multicast address format . 76 2.17 Unicast-prefix-based IPv6 multicast address format . 81 2.18 IPv6 source-specific-multicastDRAFT address format . 84 2.19 Unique local IPv6 unicast address format . 88 3.1 Our first approximation to the IPv6 packet structure looks rather traditional . 92 3.2 The composite header of an IPv6 packet . 94 3.3 The type of a header is to be looked up in the preceding header. 94 3.4 How the composite header is linked with payload . 95 4 LIST OF FIGURES 5 3.5 The final structure of the IPv6 packet (the number of extension headersisvariable) ........................ 96 3.6 The IPv6 header . 103 3.7 NoNextHeader.......................... 105 3.8 Options header common format . 107 3.9 IPv6 option format . 107 3.10 Encoding option properties in its type . 109 3.11 Pad1 option . 110 3.12 PadN option . 110 3.13 RoutingHeadercommonformat . 115 3.14HowRH2works.......................... 118 3.15 IPv6 packet layout for fragmentation purposes . 123 3.16 Making raw fragments from an IPv6 packet . 124 3.17 Encapsulated IPv6 fragment . 124 3.18 How IPv6 Fragment O↵setisdetermined . 129 3.19 FragmentHeaderformat . 131 3.20AHformat............................. 137 3.21 ESPencapsulationformat . 140 4.1 IPV6CP: concurrent negotiation without conflict . 156 4.2 IPV6CP: consecutive negotiation without conflict . 156 4.3 IPV6CP: concurrent negotiation with conflict resolution . 157 4.4 IPV6CP: consecutive negotiation with conflict resolution . 157 4.5 IPv6 encapsulation examples . 159 4.6 IPv6 pseudo-header for checksumming purposes . 160 4.7 Basic ICMPv6 message format . 163 4.8 Generic ICMPv6 error message . 169 5.1 Neighbor nodes on a broadcast link (left) and on a point-to- pointlink(right) ......................... 173 5.2 Automatic neighbor discovery: the concept . 175 5.3 IPv6 node data structures and relations between them . 186 5.4 Deorbiting an outdated Neighbor Cache entry: the timeline . 191 5.5 AsimplifiedNDstatediagram.DRAFT . 193 5.6 NDproxy:thebasicidea. 195 5.7 NDproxy-assistedmobility. 196 5.8 NaiveNDproxycausingmobilityfault . 197 5.9 ND state diagram providing for the O-bit and link-layer (L2) address change . 199 5.10 NeighborSolicitationformat . 202 5.11 NDoptionformat......................... 202 LIST OF FIGURES 6 5.12 SLLA (Type =1)andTLLA(Type =2)options:generic format . 203 5.13 SLLA (Type =1)andTLLA(Type =2)optionsforEthernet 203 5.14 NeighborAdvertisementformat . 205 5.15 NBMAstaranditstopologygraph . 210 5.16 NBMA “butterfly” with a star subgraph in it . 213 5.17 Using the default router to access both the NBMA link and the Internet . 214 5.18 One link, one router, two subnets . 221 5.19 IPv6 Redirect at work . 222 5.20 RedirectedHeaderoptionformat . 223 5.21 Redirectmessageformat . 224 5.22 Top half of the conceptual sending algorithm: Next hop selection233 5.23 Conceptual IPv6 host data structures and links between them 234 5.24 RemotesubprefixinIPv4 . 238 5.25 RemotesubprefixinIPv6 . 239 5.26 AnycastDNS:therawidea. 241 5.27 Anycastmustbereproducible . 241 5.28 Thepathtoananycastdestination . 242 5.29 Anycast: the last hop handled through routing . 243 5.30 The source host speaks to a specific anycast node depending on its connection point . 244 5.31 Same-link anycast using Neighbor Discovery . 244 5.32 Real-world anycast using routing and ND. 246 5.33 Two routers on link, owning di↵erent prefixes . 259 5.34 IPv6 unicast address lifecycle . 263 5.35 Router Solicitation format . 264 5.36 RouterAdvertisementformat . 266 5.37 PrefixInformationOption(PIO) . 267 5.38 MTU Option . 267 5.39 Preventing a lifetime-based DoS attack . 275 6.1 SubnetRouterAnycastAddressformatDRAFT . 277 6.2 The lifecycle of an IPv6 temporary address . 283 6.3 CGAParametersdatastructureformat . 289 6.4 To a multicast source, routers look the same as hosts . 299 6.5 RouterAlertoptionformat. 308 6.6 MLDv1 message format . 312 6.7 MLDv2 Report format . 314 6.8 MulticastAddressRecordformat . 319 6.9 Conceptual data structures of an MLDv2-capable router . 323 LIST OF FIGURES 7 6.10 MLDv2 Query format . 324 6.11 Floating-point code for Maximum Response Code (MRC) and QQIC ............................349 6.12 Selecting source address by scope: initial scheme . 367 6.13 Selecting source address by scope: intermediate scheme . 368 6.14 Selecting source address by scope: final scheme. 369 6.15 Careless publication of a site-local address in the public DNS . 378 6.16 Multihoming with di↵erent links . 382 6.17 Multihoming with one link . 382 6.18 Engineers B. Baker, K. Watanabe, and J. Fowler demonstrate the structural principles of the cantilever bridge [227]. Their designs can be relied upon! . 390 DRAFT List of Tables 2.1 Expanding IPv6 prefix notation to raw hex . 37 2.2 How scoped ping looks like in di↵erent OS types . 57 2.3 Rules for mapping EUI-48 and MAC-48 to EUI-64 . 67 2.4 IPv6 multicast address scope codes [21, Section 2.7] . 75 2.5 mDNSv6 multicast addresses of di↵erent scope . 76 2.6 The most important IPv6 multicast groups [21, Section 2.7.1] . 77 2.7 40-bit site ID conflict probability . 87 3.1 The meaning of the high bits in an IPv6 option type . 108 3.2 Mutability of IPv6 header fields . 138 4.1 IPV6CP interface ID negotiation messages . 153 4.2 Multi-version IP-IP encapsulation . 162 4.3 Essential ICMPv6 message types . 165 5.1 Star neighborship matrix—see Fig. 5.15 for topology . 212 5.2 Broadcastlinkneighborshipmatrix . 212 5.3 “Butterfly” neighborship matrix—see Fig. 5.16 for topology . 215 6.1 AddressesclaimedbyNDmessagetypes . 291 6.2 “MLDv0” and MLDv1 feature chart . 313 6.3 MLDv2 listener reporting rules . 320 6.4 ConceptualmodesofanMLDv2routerfilter . 325 6.5 MLDv2DRAFT Query variants . 332 6.6 MLDv2 report processing rules . 333 6.7 Listener compatibility chart . 350 6.8 Multicast router compatibility chart . 350 6.9 MLD message upgrade chart . 351 6.10 Listener“cross-pollination”chart . 352 6.11 MLD compatibility chart: Messages of which version to send . 353 6.12 MLDv1 and MLDv2 feature table . 353 6.13 Fragmentation and PMTUD related socket options . 360 8 Preface Verbum sat sapienti est. (A word to the wise is enough.) Latin proverb Although IPv6 has been around for quite a while now, many network engineers are still hesitant about embracing it, their valid excuse being a mere lack of time to study the new architecture. Granted, everyone knows of the legendary 128-bit IPv6 address but, unfortunately, that’s about it. The irony is, now that the IPv4 address space has been exhausted and everyone seems raring to go IPv6, the rush of a forced and hurried transition.

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    402 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us