General IPv6 Concepts

Terminology and Introduction

IPv6

- Is the newest protocol for transmitting data over the Internet.
- It replaces the current IPv4 (aka the "IP" most people are familiar with).
- It is not backwards compatible with IPv4.
- All upper layer protocols, such as TCP, UDP, HTTP, etc function exactly the same for both IPv4 and IPv6.
- ICMP is different (it's not really an upper layer protocol).
- Host names stay the same (such as www.ornl.gov)

Why IPv6

- IPv4 doesn't have enough IP addresses to satisfy current/future needs. IPv4 has 4.3 billion addresses.
- IPv6 has 340 undecillion addresses (that's enough to give every blade of grass on Earth an IP address).
- IP addresses are needed on many devices including phones, refrigerators, cars, etc.
- Makes Internet routing easier.

Global Scope Address

- An IPv6 address that can communicate (if permitted) to other hosts on the Internet. The "scope" of the address is global.

Link local address

- An IPv6 address used to communicate ONLY with hosts within the same subnet. The "scope" of the address is limited to the "local link."
- This address cannot be used to communicate with another host outside the local subnet.
- Typically begins with fe80: (but could be any address beginning with fe80: through fe8f:)
- Each network interface has one.
- The link local address for www1.ornl.gov's main interface is fe80::203:baff:fee7:e0b3

IPv6 address structure

- 128 bits wide
- represented as 32 hex digits in groups of 4, separated by colons.
     2620:0000:2b30:aaaa:bbbb:cccc:dddd:eeee
- There are 3 parts to an IPv6 address - Site Allocation:Subnet:Host-interface
- Example:
     Site Allocation for ORNL 2620:0:2b30::/44
          . First available address 2620:0:2b30:0::0
          . Last available address 2620:0:2b3f:ffff:ffff:ffff:ffff:ffff
          . 19.3 septillion addresses (19 x 10**24)
     Host-interface - each network interface has at least one v6 address
     IPv6 address for www.ornl.gov 2620::2b30:302:e0cb:1dd2:9c92:61f6
          . Site Allocation is 2620:0:2b30
          . Subnet is 302
          . Host-interface is e0cb:1dd2:9c92:61f6

Collapsing Zeroes in IPv6 addresses

- Makes reading and handling IPv6 addresses easier.
- Leading zeroes can be dropped
     2620:0000:2b30:0300:0000:0000:0bad:0fee becomes
     2620:0:300:0:0:bad:fee
- Replace two or more consecutive "all zero" fields with "::" - but this can only be done once.
     2620:0:2b30:300::bad:fee
- If more than one group of consecutive zero fields, then replace the longest group of consecutive zero fields.
     2004:0:0:1:0:0:0:cafe becomes
     2004:0:0:1::cafe
- When those groups are equal in length, then remove the leftmost group.
     2004:0:0:1:0:0:a:cafe becomes
     2004::1:0:0:a:cafe

Current IPv6 Deployment at ORNL (last updated 8/2/13)

- Several web servers that are accessible from the Internet (such as www.ornl.gov)
- Email servers that are accessible from the Internet
- DNS servers
- Hosts in IPv6 test network
- CSIIR project

Transition Technologies

- Dual Stack: Host can communicate using IPv4 and/or IPv6. In some cases IPv4 may be used while in other cases IPv6 may be used. Usually both are tried simultaneously with IPv6 being preferred if it's available.
- 6to4 tunnel - Encapsulate IPv6 traffic within IPv4 packets. Transmit IPv4 packets across the Internet to another site where the IPv6 packet is extracted from the IPv4 packet and delivered to an IPv6 host. Each end node has an IPv6 address, but the path between them is IPv4. Traffic is "tunneled" to a 6to4 relay. 6to4 addresses begin with 2002::/16
- Teredo - Similar to 6to4. Traffic is "tunneled" to a Teredo server out on the Internet. Teredo addresses begin with 2001:0::/32

Happy Eyeballs

- The name comes from the idea of an end user having a "good Internet experience" - thus he has Happy Eyeballs. Process where a computer attempts both IPv4 and IPv6 communication paths at the same time. Whichever protocol responds first is preferred for that "session." This causes additional network traffic, but "should" provide the best end-to-end performance in a world where some systems communicate IPv4 and others communicate IPv6.

Describing Dual Stack

- Click here to watch an informative video presented by Geoff Huston from APNIC describing dual stack, happy eyeballs and other issues with rolling out IPv6.

A vs. AAAA record (DNS - Domain Name Service)

- IPv4 address is an "A" record. The "A" record for www.ornl.gov is 128.219.176.9
- IPv6 address is a "AAAA" record (called quad-A). The "AAAA" record for www.ornl.gov is 2620::2b30:302:e0cb:1dd2:9c92:61f6
- You can get a AAAA record via IPv4 or IPv6
- You can get an A record via IPv4 or IPv6
- You can only communicate to an IPv4 address using IPv4 protocol
- You can only communicate to an IPv6 address using IPv6 protocol

SLAAC - Stateless Address Auto Configuration

- process where each system determines it's own IPv6 address. Each system can create "Link Local" addresses with no input from any other source. To create a "Global Scope" address the system receives the "network portion" (leftmost 64 bits) of the IPv6 address from a router. In this case the rightmost 64 bits (aka host-interface) are created by each system.

EUI-64 address

- An IPv6 address (created by SLAAC) that is based on the MAC (i.e., hardware) address of the network interface card on the host system. This is the rightmost 64 bits of the address.

Privacy address

- An IPv6 address (created by SLAAC) that is not based on the MAC (i.e., hardware) address of the network interface card. Instead the address is "randomly" generated. This is the rightmost 64 bits of the address.

DHCPv6

- Dynamic Host Configuration Protocol for IPv6 - used to provide hosts with configuration information for those hosts to communicate on the IPv6 network. Information provided by a DHCPv6 server can include the following.
- IPv6 address
- DNS server
- Time server

Neighbor Discovery Protocol (NDP)

- a suite of commands used to acquire network configuration information and/or map an IPv6 address to a MAC address. This protocol replaces the Address Resolution Protocol (ARP) which is used by IPv4. NDP consists of the following.
- Router Advertisement (RA)
- Router Solicitation (RS)
- Neighbor Advertisement (NA)
- Neighbor Solicitation (NS)
- Duplicate Address Detection (DAD)

Router Advertisement (RA)

- Multicast message sent from a router to all hosts on the local network. This message contains network configuration information, such as the following.
- Should the system use DHCPv6 or SLAAC to get it's IPv6 address.
- The default router that should be used.
- Should the system use a DHCPv6 server for "other" configuration information.
These messages are sent every 2-3 minutes by the router.

Router Solicitation (RS)

- Multicast message sent from a host to all routers on the local network. This message requests that a Router Advertisement be sent immediately.

Neighbor Advertisement (NA)

- Unicast or multicast message sent to indicate the link layer address of a host. An NA message is sent in response to an NS message, or it is sent unsolicited to provide other information about the host.

Neighbor Solicitation (NS)

- Multicast or unicast message sent from a host to a group of hosts (or to a single host). Message contains a request to provide the MAC address for a given IP address.

Duplicate Address Detection (DAD)

- Process to determine if the IPv6 address, that a system intends to use, is already being used by another system. If so, then either another IPv6 address must be selected, or IPv6 must be disabled on the host.

DHCP Unique Identifier (DUID)

- a unique number (usually represented in hex) assigned to each network interface. The DUID is used by DHCPv6 to uniquely identify a particular host so that DHCPv6 can assign it the appropriate IPv6 address (and other network configuration information).