15: Introduction to IPv6

IPv6 is defined by the IETF to replace IPv4. RFC2460

IPv4 vs. IPv6

The main problem with IPv4 is address space exhaustion. However, IPv6 has several other improvements over IPv4. IPv6 uses Stateless Address Autoconfiguration (SLAAC) to assign IP addresses, rather than DHCP. IPsec support is necessary in IPv6, but optional in IPv4. IPv6 has improved support for options using header extensions.

IPv6 supports more efficient routing, QoS, elimination of NAT, Network Layer security, ease of management and reduced header overhead.

IPv6 Structure

The IPv6 header has a fixed length of 40 bytes. Additional options are supported via extension headers. Because the header length is fixed, the header length field from IPv4 is no longer necessary.

The fields are (length in bits);

Version (4) set to ‘6’
Traffic Class (8) determines the traffic priority
Flow Label (20) is used for QoS
Payload Length (16)
Next Header (8) indicates the encapsulated protocol type
Hop Limit (8) replaces TTL
Source Address (128)
Destination Address (128)

If IPv6 needs to fragment a packet, this is accomplished with extension headers.

The Flow Label field is new in IPv6.

Extension Headers

There are six extension headers:

Hop-by-hop options, examined at every hop
Routing, a list of nodes that should be visited on the path to the destination
Fragment, when a packet has been fragmented by the source
Destination options, examined only by the destination node and may appear twice in a packet
Authentication, used with IPsec to verify authenticity
Encrypted security payload, carries data used for secure communication with IPsec

Address Types

Addresses are unicast, multicast or anycast.

A multicast address represents a group of IPv6 interfaces. An IPv6 packet with a multicast address as its destination travels to all interfaces in the multicast group.

An anycast address is assigned to multiple interfaces, but an IPv6 packet with an anycast address only travels to one interface, usually the closest one.

Address Notation

Eight 16-bit blocks represented by four hexadecimal digits each separated by colons
Leading zeroes in a block may be omitted
The longest section of continuous zero blocks may be replaced with a double colon

Prefixes

RFC4291 defines prefixes in IPv6. Special prefixes are;

Prefix	Description
`::/128`	Unspecified
`::1/128`	The loopback
`FF00::/8`	Multicast
`FE80::/10`	The local link

Address Allocation

This is still a work in progress, however, RFC3177 defines allocation sizes for different subscriber types.

Subscriber	Prefix
Homes	`/48`
Small and large enterprises	`/48`
Very large subscribers	`/47` or `/48`
Mobile networks	`/64`
Single PC	`/128`

Address Scope

Unicast addresses are local or global. FE80::/10 addresses are supported on the local link only and are not routed.

Multicast addresses support sixteen different types of scope. The scope of multicast packets is identified by a four bit field in the address.

Link-Local Unicast Address

Use a common prefix (FE80::/64) on all subnets. They are only guaranteed to be unique on a single link. They are often used by routing protocols and for neighbour discovery.

Global Unicast Address

The format prefix is always set to 001 for global unicast addresses. The global routing prefix represents the highest level routed by Tier 1 ISPs and peeringpoints. It is very important that the global routing prefix bits be allocated wisely, as this will have a large impact in how traffic on the Internet is routed.

The subnet identifier is assigned by the local network engineer. The last 64 bits are reserved for the local interface ID, allowing easy configuration, via SLAAC, on the local network.

Interface ID

The 64 bit interface ID is based on the EUI-64 generated from the local MAC address.

To obtain the EUI-64 from a 48 bit MAC address, insert 0xFFFE between the first and last 24 bits of the MAC address, and invert the seventh bit of the new address. This is the universal/local bit. Inverting this bit signifies that the address is globally unique.

CCCCCCCC CCCCCCCC CCCCCCCC 11111111 11111111 11111110 EEEEEEEE EEEEEEEE EEEEEEEE
      ^ Invert this bit

IPv6 Autoconfiguration

Static IP addressing and DHCP are considered ‘stateful’ assignment methods.

Stateless Autoconfiguration

A host determines its 64 bit EUI-64 identifier. An IPv6 router periodically sends Router Advertisement (RA) messages, or in response to an RS message. The RA message announces the existence of the router and its supported features. Router Solicitation (RS) messages are sent by hosts to discover routers.

The IPv6 router sends a prefix list in its RAs. When a host receives a prefix in an RA, it can use the prefix to configure its address.

Neighbour Discovery

IPv6 Neighbour Discovery (ND) combines and improves on ARP and ICMP. Defined in RFC 2461. ND is optional on IPv6 devices, but a router with ND enabled can send ND information to end devices.

Stateful Autoconfiguration

RFC 3315 defines stateful DHCPv6. This may be preferred when dynamic assignment of DNS servers is required, or when the MAC address should be excluded from the IPv6 address on security grounds.

Displaying IPv6 Routing Information

Use the show route table inet6 command to view IPv6 routes.

Displaying IPv6 Neighbours

User the show ipv6 neighbors command to view IPv6 neighbours. Neighbours are only visible after they have been discovered through Neighbour Discovery. To force a neighbour to be discovered, use the ping command.

IPv6 Multicast

Multicast addresses are identified by the FF first byte. IPv6 multicast builds on IPv4 multicast with multicast groups. Some multicast packets are routed.

There are three types of multicast address;

Solicited node multicast addresses are used for NS messages
All nodes multicast addresses are used for RA messages
All routers multicast addresses are used for RS messages

IPv6 Anycast

Anycast is defined explicitly in IPv6 in RFC 2526. A packet travels to just one interface in the anycast group. Anycast addresses can be used by nodes to access one of a collection of servers providing a well known service, without having to maintain a list of addresses. They can also be used to force routing through a specific ISP by using an anycast source address.

Routing Protocol Configuration Examples

Examples of routing protocol configurations involving IPv6.

Static Routes

routing-options {
    rib inet6.0 {
        static {
            route 0::/0 {
                next-hop ...;
                preference 250;
            }
        }
    }
}

Show Static IPv6 Routes

show route table inet6.0 protocol static

OSPFv3

Note that the router id is still a 32-bit value. It will be configured automatically from a numbered interface if not set explicitly. Setting the RID explicitly is recommended.

routing-options {
    router-id ...;
}

protocols {
    ospf3 {
        area 0.0.0.0 {
            interface ...;
        }
    }
}

Most operational commands for OSPFv3 are the same as for OSPFv2, replacing ospf with ospf3.

IS-IS

The configuration of IS-IS is the same for IPv6 as for IPv4, except that IPv6 addresses are used.

interfaces {
    ge-0/0/0 {
        unit 0 {
            family iso;
            family inet6 {
                address ...;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet6 {
                address .../128;
            }
            family iso {
                address 49.001.0192.0168.0201.00;
            }
        }
    }
}

The operational mode commands are identical.

BGP

The configuration of BGP is almost identical for IPv6 as for IPv4.

protocols {
    bgp {
        group int-64700 {
            type internal;
            local-address fec0:0:0:1001::1;
            neighbor fec0:0:0:1002::1;
        }
        group ext-65100 {
            type external;
            peer-as 65100;
            neighbor fec0:0:0:2005::2;
        }
    }
}

The same operational mode show commands are used as for IPv4.

Tunnelling IPv6 over IPv4

The IPv4 to IPv6 transition method suggests using tunnels to span IPv4 networks until all intermediate routers have been upgraded.

There are four broad approaches;

IPv4 compatible addressing
Configured tunnels
6to4
6over4

Configured Tunnels

A tunnel is configured using GRE.

interfaces {
    gr-0/0/0 {
        unit 0 {
            tunnel {
                source <IPV4_ADDRESS>;
                destination <IPV4_ADDRESS>;
            }
            family inet6 {
                address fec0:0:0:1000::1/126;
            }
        }
    }
}

Routes are required to send IPv6 traffic through the tunnel.

routing-options {
    rib inet6.0 {
        static {
            route fec0:0:0:2001::/64 next-hop gr-0/0/0.0;
        }
    }

    static {
        route ... next-hop ...;
    }
}