Saturday, 30 July 2016

Friday, 29 July 2016


IPv6 [Internet Protocol Version 6]
========================
Internet Protocol version 6 is a new addressing protocol designed to incorporate all the possible requirements of future Internet known to us as Internet version 2. This protocol as its predecessor IPv4, works on the Network Layer (Layer-3). Along with its offering of an enormous amount of logical address space, this protocol has ample features to which address the shortcoming of IPv4.

  •  IPv6 utilises 128-bit Internet addresses. Therefore, it can support 2^128 Internet addresses — 340,282,366,920,938,000,000,000,000,000,000,000,000 of them to be exact. 
  •  In other words, there are more than enough IPv6 addresses to keep the Internet operational for a very, very long time.
  • IPv6 address generally represents in Hexadecimal Format (Since it has bigger (128-bit) address space)
  •  IPv6 address represented as XXXX: XXXX: XXXX : XXXX : XXXX: XXXX: XXXX: XXXX  ( XX -> 1 Byte XXXX->2 bytes , total 16 bytes = 128 bits and all the values are represented in the Hexadecimal format).

Why IPv6 is needed?
=================
So far, IPv4 has proven itself as a robust routable addressing protocol and has served us for decades on its best-effort-delivery mechanism. It was designed in the early 80’s and did not get any major change afterwards. Below are the major points that played a key role in the birth of IPv6:

  •  Internet has grown exponentially and the address space allowed by IPv4 is saturating.There is a requirement to have a protocol that can satisfy the needs of future Internet addresses that is expected to grow in an unexpected manner.
  •    IPv4 on its own does not provide any security feature.Data has to be encrypted with some other security application before being sent on the Internet.
  •       Data prioritisation in IPv4 is not up to date.Though IPv4 has a few bits reserved for Type of Service or Quality of Service, but they do not provide much functionality.
  •  IPv4 enabled clients can be configured manually or they need some address configuration mechanism. It does not have a mechanism to configure a device to have globally unique IP address.
IPv6 Address Representation:
=======================
Like IPv4, IPv6 address also has network address and Interface Id. 64 bits represents Network address and 64 bits represents the Interface Id.
  
For example:   
==========
 21DA:00D3:0000:2F3B: 02AA:00FF:FE28:9C5A  ( In this example first portion of 64 bits represents the network address and  remaining portion of 64 bits represents the host address.)

There are many ways of representing the IPv6 address:
Zero compression:   If there are zeros in the IPv6 address, then it can be compressed.

1: Leading zeros in the address field are optional and can be compressed as below.
Ex 1:     
2031:0000:130F:0000:0000:09C0:876A:130B  = 2031:0:130F:0:0:9C0:876A:130B
                                                                                                (Compressed form)
Ex 2:
            0000 = 0 (compressed form)

A pair of colons (::) represents successive fields of 0. However, the pair of colons is allowed only once in a valid IPv6 address.

Ex1:
            2031:0:130F:0:0:9C0:876A:130B = 2031:0:130F :: 9C0:876A:130B
                                                                            (Compressed form)

Ex2:
FF01:0:0:0:0:0:1 = FF01 :: 1

Ex3:
2031:0000:130F:0000:0000:09C0:876A:130B 
(Compressed forms below)
2031:0:130F:0:0:9C0:876A:130B        
2031:0:130F::9C0:876A:130B 

  
IPv6 Address Prefix:
================
An IPv6 Address Prefix is represented in "address/prefix-length"
   
Note: Prefix Length indicates the No.of Bits represents the Network Address.
   
For Example: FE80:2233:4445:2244:1133:1122:0:1/64
In the above example prefix length is 64, first 64 bits represents the
Network Address ( FE80:2233:4445:2244 )


IPv6 Sub-netting:
==============
IPv6 sub netting is little different than IPv4 sub netting. Let’s take small example to understand about IPv6 sub netting.

2000: 4567 :7896/48 , The first 48 bits represents the NETWORK address and Next 16 bits used for Sub netting and Last 64 bits are Host bits. 

2000:   4567:   7896:             XXXX :                 3456:   7895:   1233:  9876
<Network Address>            <Subnet Id>             < HOST Bits(64)  address >

The Number of sub nets are (2^16) =65536 and each sub-net will have 2^64 hosts can be connected.
The Sub-net addresses are shown below.

2000:   4567:       7896:          0000:
2000:   4567:       7896:          0001:
2000:   4567:       7896:          0002:
|                                                |
|                                                |                      
2000:   4567:       7896:          FFFF:           


What if Prefix length is not multiple of 4?
=================================
To properly express a subnet with a prefix where its prefix length is not a multiple of 4, we must complete hexadecimal to binary conversions to determine the appropriate subnet identifier.

For example:
    - To express the subnet of the address and prefix of

         
21DA: D3: 0: 2F3B: 2AA: FF: FE28: 9C5A/59 59 bits represents the Network Address, remaining 5 bits represents the subnet, so total of subnets are 2^5 = 32  and 64 Bits represents the Host Address.

         21DA:   D3:    0:    2F3B:     2AA:FF:FE28:9C5A/59

         - we must convert the “3B” in “2F3B” to binary (0011 1011),

         21DA:   D3:    0:    2F  0011 1011:

        <------59 bits-------------->                     
(  MASK  with AND & operator)

         21DA:   D3:    0:    2F  1110  0000:

        ============================
         21DA:   D3:    0:    2F  0010 0000 =>   
 21DA:   D3:    0:    2F20 is the Subnet Identifier


IPv6 Address Modes (Classes):
=========================
In computer networking, addressing mode refers to the mechanism of hosting an address on the network. IPv6 offers several types of modes by which a single host can be addressed. More than one host can be addressed at once or the host at the closest distance can be addressed.

 1.   Unicast Addressing ( ONE-ONE Communication )
-     =========================================
In unicast mode of addressing, an IPv6 interface (host) is uniquely identified in a network segment. The IPv6 packet contains both source and destination IP addresses. A host interface is equipped with an IP address which is unique in that network segment.When a network switch or a router receives a unicast IP packet, destined to a single host, it sends out one of its outgoing interface which connects to that particular host.
Unicast Addressing

2. Multicast Addressing ONE- MANY Communication )
    ========================================
The IPv6 multicast mode is same as that of IPv4. The packet destined to multiple     hosts is sent on a special multicast address. All the hosts interested in that multicast information, need to join that multicast group first. All the interfaces that joined the group receive the multicast packet and process it, while other hosts not interested in multicast packets ignore the multicast information.
Multicast Addressing



3. Anycast Addressing ( ONE- to - ONE -of MANY communication)
    ================================================
 IPv6 has introduced a new type of addressing, which is called Anycast addressing. In this addressing mode, multiple interfaces (hosts) are assigned same Anycast IP address. When a host wishes to communicate with a host equipped with an Anycast IP address, it sends a Unicast message. With the help of complex routing mechanism, that Unicast message is delivered to the host closest to the Sender in terms of Routing cost.
Anycast Addressing


Let’s take an example of google.com Web Servers, located in all continents. Assume that all the Web Servers are assigned a single IPv6 Anycast IP Address. Now when a user from India wants to reach google.com the DNS points to the server that is physically located in India itself. If a user from US tries to reach google.com, the DNS will then point to the Web Server physically located in US. Nearest or Closest terms are used in terms of Routing Cost.
In the above picture, when a client computer tries to reach a server, the request is forwarded to the server with the lowest Routing Cost.
 Broadcast in IPv6? 
====== 
There is no broadcast in IPv6. This functionality is taken over by multicast.

A consequence of this is that the all 0’s and all 1’s addresses are legal.

Unicast Address Types:
=================
IPv6 has several major unicast address types.
Below table list the types.

Address typeBinary prefixIPv6 notation
Unspecified00 . . . 0 (128 bits)::/128
Loopback00 . . . 1 (128 bits)::1/128
Multicast11111111FF00::/8
Link-local unicast1111111010FE80::/10
Site-local unicast1111111011FEC0::/10
Global unicast(everything else)starts from (2000::/3 - E000::/3)
  
  • As shown in the table above , the address 0:0:0:0:0:0:0:0/128 does not specify anything and is said to be an unspecified address. After simplifying, all the 0s are compacted to ::/128.
  • In IPv4, the address 0.0.0.0 with netmask 0.0.0.0 represents the default route. The same concept is also applied to IPv6, address 0:0:0:0:0:0:0:0 with netmask all 0s represents the default route. After applying IPv6 rule, this address is compressed to ::/0.
  • Loopback addresses in IPv4 are represented by 127.0.0.1 to 127.255.255.255 series. But in IPv6, only 0:0:0:0:0:0:0:1/128 represents the Loopback address. After loopback address, it can be represented as ::1/128.

 IPv6 Link-Local Unicast Address:
===========================
A link-local unicast address is an IPv6 unicast address that is automatically configured on an IPv6 node interface by using the link-local prefix FE80::/10 (1111 1110 11) and the interface ID in the EUI-64 format.


It is used to communicate with other nodes on the same link. The below figure shows two nodes on a single subnet using Link local IP addresses.  Two nodes on a same sub-net communicate using the Link local IP address No need of Routers)





NOTE:Routers will not forward any packets with link-local source or destination addresses to other links.


How to Use of EUI-64 Format in IPv6 Addresses in link local Address or Global?=====================================================

EUI- Extended Universal Identifier
To create the IPv6 interface identifier from the 48-bit (6-byte) Ethernet MAC address:

The hexadecimal digits 0xFF-FE are inserted between the third and fourth bytes of the MAC address.

The Universal/Local bit (the second low-order bit of the first byte of the MAC address) is complemented. If it is a 1, it is set to 0; and if it is a 0, it is set to 1.

For example, for the MAC address of 00-60-08-52-F9-D8:
The hexadecimal digits 0xFF-FE are inserted between 0x08 (the third byte) and 0x52 (the fourth byte) of the MAC address, forming the 64-bit address of 00-60-08-FF-FE-52-F9-D8.
The Universal/Local bit, the second low-order bit of 0x00 (the first byte) of the MAC address, is complemented. The second low-order bit of 0x00 is 0 which, when complemented, becomes 1. The result is that for the first byte, 0x00 becomes 0x02.

As a result, the IPv6 interface identifier that corresponds to the Ethernet MAC address of 00-60-08-52-F9-D8 is 02-60-08-FF-FE-52-F9-D8.

The link-local address of a node is the combination of the prefix FE80::/64 and the 64-bit interface identifier expressed in colon-hexadecimal notation.

As a result, the link-local address of this example node, with the prefix of FE80::/64 and the interface identifier 02-60-08-FF-FE-52-F9-D8, is FE80::260:8FF:FE52:F9D8.

For Example:
=======

Uniqueness mask 000000X0 where X=1 is unique and X=0 in not unique. So if X=1 then the EUI-64 Address is 02 90 27 FF FE 17 FC 0F

NOTE :IMPORTANT

Characteristics:
==========
  • Mandatory addresses that are used exclusively for communication between two IPv6 devices on the same link
  • Automatically assigned by device as soon as IPv6 is enabled
  • Not routable addresses (Their scope is link-specific only.)
  • Identified by the first 10 bits (FE80)
  • Typically created using the EUI-64 format
Addressing:
=======
  • Link Local Identifier (10 bits): Always begins with FE80::/10 (i.e. 1111 1110 10)
  • Remainder (54 bits): Could be all zeros or manually configured to another value.
  • Example: FE80:0000:0000:0000:0987:65FF:FE01:2345 or FE80::987:65FF:FE01:2345 (shorthand format


 IPv6 Global Unicast Address:
========================

A global unicast address is simply what we call a public IP address in IPv4—that is, an IP address that is routed across the whole Internet.
You can make out a global unicast address easily: The first three bits are set to 001. Thus, the address prefix of a global IPv6 address is2000::/3 because 0010000000000000 is 2000 in hex.

However, in the future, the IANA (Internet Assigned Numbers Authority) might delegate currently unassigned portions of the IPv6 address space. Hence, 2000::/3 won’t always be the prefix for global unicast addresses.

NOTE :IMPORTANT

Characteristics:
==========
  • Routable and reachable across the Internet
  • IPv6 addresses for widespread generic use
  • Structured as a hierarchy to allow address aggregation
  • Identified by their three high-level bits set to 001 (2000::/3)
Addressing:
=======
  • Global Routing Prefix (32 bits): 001 + 29 bit global routing prefix. Assigned to a service provider by IANA.
  • Site Level Aggregator (16 bits): Assigned to a customer by a service provider.
  • LAN (16 bits): Assigned to an individual network by the customer.

  Example:  

In this example, the routers R1, R2 and R3 are connected via serial interface and have the IPv6 addresses configured as mentioned in the network diagram. Loopback addresses are configured on the routers R1 and R3, and the routers use OSPFv3 to communicate with each other. This example uses the ping command to demonstrate the connectivity between the routers using link-local addresses. The routers R1 and R3 can ping each other with the IPv6 global unicast address, but not with their link-local address. However, router R2 being directly connected to R1 and R3 can communicate with both the routers using their link-local address, because link-local addresses are used only within that local network specific to the physical interface.
















IPv6  Multicast Address?  

==================

A multicast address identifies not one device but a set of devices multicast group. A packet being sent to a multicast group is originated by a single device; therefore a multicast packet normally has a unicast address as its source address and a multicast address as its destination address. A multicast address never appears in a packet as a source address.

The members of a multicast group might include only a single device, or even all devices in a network.
Characteristics
  • Contain an 8 bit prefix identifier – FF00::/8 (i.e 1111 1111)
  • The second octet defines the lifetime and scope of the multicast address
  • Multicast addresses are always destination addresses. Multicast addresses are used for router solicitations (RS), router advertisements (RA), DHCPv6, multicast applications, and so forth.
  • Important Note: A default gateway configuration is not required by IPv6 clients because routers are discovered using RSs and RAs.
Common Addresses
  • FF01::1 – Node local, within the same node
  • FF02::1 – Link-local, all nodes on a link
  • FF01::2 – Node-local, same router
  • FF02::2 – Link-local, all routers on a link
  • FF05::2 – Site-local, all routers on the Internet
  • FF02::1:FFxx:xxxx – Link-local, solicited node
Examples of well-known IPv6 multicast addresses.

IPv6 – Communication Mechanism:
=============================
In IPv4, a host that wants to communicate with another host on the network needs to have an IP address acquired either by means of DHCP or by manual configuration. As soon as a host is equipped with some valid IP address, it can speak to any host on the subnet. To communicate on layer-3, a host must also know the IP address of the other host. Communication on a link, is established by means of hardware embedded MAC Addresses. To know the MAC address of a host whose IP address is known, a host sends ARP broadcast and in return, the intended host sends back its MAC address.
In IPv6, there are no broadcast mechanisms. It is not a must for an IPv6 enabled host to obtain an IP address from DHCP or manually configured, but it can auto-configure its own IP.
NOTE: ARP has been replaced by ICMPv6 Neighbor Discovery Protocol.
Neighbor Discovery Protocol
=====================
A host in IPv6 network is capable of auto-configuring itself with a unique link-local address. As soon as host gets an IPv6 address, it joins a number of multicast groups. All communications related to that segment take place on those multicast addresses only. A host goes through a series of states in IPv6:
·      Neighbor Solicitation: After configuring all IPv6’s either manually, or by DHCP Server or by auto-configuration, the host sends a Neighbor Solicitation message out to FF02::1/16 multicast address for all its IPv6 addresses in order to know that no one else occupies the same addresses.
·      DAD (Duplicate Address Detection): When the host does not listen from anything from the segment regarding its Neighbor Solicitation message, it assumes that no duplicate address exists on the segment.
·      Neighbor Advertisement: After assigning the addresses to its interfaces and making them up and running, the host once again sends out a Neighbor Advertisement message telling all other hosts on the segment, that it has assigned those IPv6 addresses to its interfaces.

Once a host is done with the configuration of its IPv6 addresses, it does the following things:
·      Router Solicitation: A host sends a Router Solicitation multicast packet (FF02::2/16) out on its segment to know the presence of any router on this segment. It helps the host to configure the router as its default gateway. If its default gateway router goes down, the host can shift to a new router and makes it the default gateway.
·      Router Advertisement: When a router receives a Router Solicitation message, it response back to the host, advertising its presence on that link.
·      Redirect: This may be the situation where a Router receives a Router Solicitation request but it knows that it is not the best gateway for the host. In this situation, the router sends back a Redirect message telling the host that there is a better ‘next-hop’ router available. Next-hop is where the host will send its data destined to a host which does not belong to the same segment.