IPv6

IPv6

Objectives:

• Describe the technological requirements for running IPv6 in conjunction with IPv4 (including: protocols, dual stack, tunneling, etc.)
• Describe IPv6 addresses

IPv6 is a workable IP version that was created in anticipation of the inevitable exhaustion of IPv4 addresses. Cisco routers are capable of routing IPv4 and IPv6 traffic in the event that networks start to use IPv6 addressing on a regular basis. At this point, organizations are primarily requesting small IPv6 networks from IANA for testing purposes to make sure they are prepared for the day when IPv4 addresses are no longer available. IPv6 provides the same functionality as IPv4. Like IPv4, IPv6 also manages Network layer packet addressing and routing. The sheer size of assignable IPv6 addresses is astounding. The format of this version offers trillions of available IP addresses. For this reason, IPv6 should never experience a shortage of address space.

IPv6 Communications

There are three different types of IPv6 communications: unicast, multicast, and anycast. As you know, these terms also exist in the world of IPv4. Whereas unicast means a one-to-one communication, just as it does with IPv4, multicast and anycast take on new meaning.

With IPv6, multicast refers to one-to-many communication. Multicast can be on a local link, a local site, an organization, or even the entire Internet.

Anycast can be described as one-to-closest communication. With anycast, you assign the same IP address to multiple devices. So, when a packet is destined for this IP address, the path to the closest destination device is chosen. This can also offer redundancy. For example, if two servers have the same IP address and one of the servers goes offline, the other server is chosen
as the destination.

IPv6 Address Format

This may be an understatement, but IPv6 addresses are much longer than their 32-bit IPv4 address counterparts. Each address is 128 bits long and is represented by 32 hexadecimal digits. I guess it’s a good thing that we covered hexadecimal earlier in this chapter. As you will recall, IPv4 is represented by dotted-decimal notation. Because hexadecimal digits are used, IPv6 is also written differently. First, IPv6 addresses consist of two parts:

• A 64-bit network prefix
• A 64-bit local identifier

Here is a sample IPv6 address:
2001:0BD2:0200:08F1:0000:0000:0000:16AB

As you can see, each address is broken into eight smaller groups of four hexadecimal digits that are separated by colons. In this example, the network prefix is 2001:0BD2:0200:08F1, and the local identifier is 0000:0000:0000:16AB.

IPv6 address format summary:

• Defined by RFC 2373 and RFC 2374.
• Consists of 128 bits with a 64-bit network prefix and a 64-bit local identifier.
• Represented by 32 hexadecimal digits broken into eight smaller groups of four.
• Uses CIDR notation (slash notation) to discern a subnet range. So you might see the same IP address subnetted and written out as 2001:0BD2:0200:08F1:0000:0000:0000:16AB/16.

As you can see, IPv6 addresses are quite long and complex-looking. To help make IPv6 notation a bit easier, leading zeros in a group may be removed when the address is written. Also, if there is a four-digit group of all 0s or contiguous groups of all 0s, the group or groups can be removed from the address and replaced with ::. Don’t go too crazy, though. Keep in mind that
the :: can be used only once in the address.

To demonstrate, the same IPv6 IP address can be written in all of the following ways:

2001:0BD2:0200:08F1:0000:0000:0000:16AB
2001:BD2:200:8F1:0:0:0:16AB
2001:BD2:200:8F1::16AB

EXAM ALERT
For the exam, know that leading 0s can be omitted from an IPv6 address and that four-digit groups of all 0s can be omitted and replaced with ::.

Types of IPv6 Addresses

IPv6 has four types of IPv6 addresses: link-local, unique/site-local, global, and multicast.

Link-Local Address
Link-local addresses have the shortest reach of the IP address types. They can go only as far as the Layer 2 domain. These addresses are autogenerated with or without the use of a DHCP server. So, when an IPv6 node goes online, this address is assigned automatically.

Link-local addresses always start with FE80. This means that the first 16 bits of this IPv6 address always begin with 1111 1110 0100 0000, followed by all 0 bits to equal the 64-bit network prefix.

The 64-bit local identifier of a link-local address is interesting, to say the least. The last 64 bits are generated using the MAC address of an interface. Remember, though, that MAC addresses consist of only 48 bits, so there is a discrepancy of 16 bits. The solution to this issue is to add FFFE to the 24th bit of the MAC address. Basically, FFFE is squeezed right into the middle of the MAC address.

Here is an example of how the last 64 bits of the IPv6 link-local address are determined:

MAC address: 0017.C101.DCF6
IPv6 local identifier: 0017:C1FF:FE01:DCF6

Unique/Site-Local Address
Two RFCs describe a unique or site-local address type. RFC 3513 originally outlined the sitelocal address, which was later rewritten in RFC 4193 and given the new name unique address. People are asked to use the term unique address going forward. Be sure you know this type of address by either name for the exam.

Unique/site-local addresses have a broader scope than link-local addresses. They can expand to the size of an organization and are used to describe the boundary of the organizational network. These are the private addresses for IPv6.

The first 7 bits of the address are FC00 (also written as FC00::/7). Based on the diagram, the fixed prefix written in bits is 1111 110(L). The letter L can represent the number 1 for locally assigned addresses, or the number 0 for future-use addresses. If you are assigning an address, you would use the number 1 for the eighth bit of the network prefix. As a result, site addresses actually begin with FD00 (also written as FD00::/8), which in binary form is 1111 1101.

Global Address
Global addresses have the broadest scope of all. As the name indicates, these addresses are for global use—that is, Internet communications. Figure 5.5 shows the format of a global address. The global routing prefix consists of 48 bits or less, and the first 3 bits are set to 001 (also written as 2xxx::/3). Because the number is variable, it is represented by the letter N in Figure 5.4. The subnet ID is made up of whatever bits remain after the global routing prefix. The subnet ID has 64 – N bits. As usual, the interface ID or local identifier makes up the last 64 bits of the address. If you were to go to IANA for a trial block of IPv6 address space, you would get an IP subnet from the 2001::/16 range.

Multicast Address
Multicast addresses for IPv6 will be extremely important because of their use in group communications and broadcast messaging. Figure 5.6 shows the multicast address format.

The first 8 bits are always 1111 1111 or FF. The next 4 bits or flag bits each have their own meaning, which can be determined using the abbreviation 0RPT:

0 indicates an unassigned bit.
R indicates whether the bit is a rendezvous point.
P indicates whether the bit is based on a unicast address.
T can be either a 0 for a permanently assigned address or 1 if not.

The scope field indicates how far the multicast address will travel. This bit is defined by one of the following seven hexadecimal digits:
1 = Interface
2 = Link
3 = Subnet
4 = Admin
5 = Site
8 = Organization
E = Global

Autoconfiguration

IPv4 uses Dynamic Host Configuration Protocol (DHCP), which allows a device to dynamically obtain the IPv4 address, default router, and DNS server if available. DHCPv6 was created to work with IPv6 addressing. DHCP and DHCPv6 are both considered stateful protocols. With a stateful protocol, a dedicated server maintains a table of the information that was gathered. Unlike IPv4, IPv6 also supports a stateless protocol for autoconfiguration. This means that a dedicated server is no longer required.

With the exception of routers, IPv6 creates a unicast global address for each device. It also allows every NIC to have multiple IPv6 addresses. These address types include link-local, sitelocal, and global. At a minimum, each NIC has a link-local address, but it is more likely that it will have a link-local and global address.

Example of a global address:
2001:0BD2:12C3:08F1:000C:32FF:FED2:16AB/64 scope global

Example of a local-link address:
2001:0BD2:12C3:08F1:000C:32FF:FED2:16AB/10 scope link

Integrating IPv4 and IPv6

Now that you understand both IPv4 and IPv6 better, how can we get the two versions to interact or coexist? Well, there are several ways to integrate the two versions. You can implement dual-stack, tunneling, or translation techniques to help IPv4 and IPv6 addresses to exist together on the network simultaneously. First, a dual-stack IP layer solution is in place when every node has an IPv4 and an IPv6 address. This offers comprehensive support for both protocols and can operate in one of three modes: IPv4-only when IPv6 is disabled, IPv6-only when IPv4 is disabled, or IPv4 and IPv6 concurrently.

Two tunneling techniques also can be used—manual and automatic tunneling. Manual tunneling requires that the network administrator configure a point-to-point tunnel by hand. Automatic tunneling uses a different address type such as 6to4 to set up a dynamic tunnel. In both cases, the IPv6 packet is tunneled or encapsulated into IPv4.

Finally, the translation technique translates between the two IP versions using a system such as 6to4. With this system, a 6to4 gateway or router encapsulates IPv6 packets into IPv4 packets. This is considered a temporary solution for IP integration.

ICMPv6

In addition to DHCPv6, ICMPv6 has been created to help manage IPv6 addressing. Although ICMPv6 builds on the same functionality as ICMP with ping, ARP, and RARP, there are also enhancements such as neighbor discovery (ND). ND can identify neighboring link layer devices, whether they are reachable, and if the link layer address changes. ND can also discover routers. The caveat is that ICMPv6 must be set up on all IPv6 devices.

Network Layer Devices

The most common network device found at the Network layer is a router; however, Layer 3 switches may also be implemented to create a WAN.
Both routers and Layer 3 switches can carry out these functions:

• Suppress broadcasts or multicasts
• Determine the best path for data transfer (routing)
• Strip down and add to Data Link layer frames
• Implement access lists for packet filtering (permit/deny statements)
• Set up quality of service (QoS) qualifiers to measure network performance

It is important to know that both these devices can be used at the Network layer. However, for the purpose of the CCNA exam, routers are more widely recognized and, therefore, are referred to when discussing Layer 3 functions.

Routers
Routers join a minimum of two networks together to create an internetwork or WAN. So far, we have discussed devices that are used at the Physical layer (hubs and repeaters) and the Data Link layer (Layer 2 switches and bridges). Layer 2 switches and bridges create a separate collision domain for each segment of the LAN. Routers and Layer 3 switches create a separate broadcast domain for each segment of a WAN. A broadcast domain is a group of nodes that can receive one another’s broadcast messages. Figure 5.7 demonstrates how a router creates broadcast domains whereas the connected switches create collision domains.

Figure 5.8 demonstrates a simple LAN with one router and two segments. In this network, any traffic that is generated by Matt’s PC has the source MAC and source IP address of that PC. If Matt is sending a frame to the server on the other segment of that WAN, the destination IP address will be that of the server he is trying to reach. Because the server is not on the same
segment as Matt, the destination MAC address is that of the router, which is the default gateway. The router takes a look at the frame and at its own routing table. It then decides what interface to use to forward the frame based on the network portion of the IP address. The router attaches its own MAC address as the source MAC address of the frame before sending
the frame to the server.
A routing table on a router contains the following information:

• Network Address
• Interface: Exit interface used to forward packets
• Metric: Distance to reach a remote network

Figure 5.9 exemplifies a WAN with two routers. Each router has a separate routing table to make best path decisions.

Routers provide packet switching between networks and can provide packet filtering based on a network address or application layer port level.

Two packet types are used at Layer 3:

• Data packets: Transport data across the internetwork and are supported by routed protocols such as IP and IPX.
• Route update packets: Send updates to neighbor routers about all networks connected to that internetwork and are supported by routing protocols such as RIP, EIGRP, and OSPF.

Layer 3 Switches
Layer 3 switches are typically called multilayer switches. I already listed the commonalities between routers and Layer 3 switches. There are also a couple of differences worth mentioning. The number one difference between a router and a Layer 3 switch is packet switching throughput. Whereas a router has evolved over the years to process more than one million packets per second (pps), a Layer 3 switch can process millions of pps. That said, Layer 3 switches process more traffic in a shorter time.

Whereas routers use microprocessor-based engines, Layer 3 switches use ASIC hardware to perform packet switching. Layer 2 switches use ASIC hardware to forward frames.

• CCNA Study Guide