IPv6 Application Analysis

1
IPv6 Application Analysis

• Xi Chen scotor317_at_gmail.com

2
IPv6 Addressing
Overall Application Scenario
3
IPv6 Addressing
IPv6 Addressing Architecture
xxxxxxxx x is a 16 bits hexadecimal
field E.g. 20010000123400000000C1C0ABCD087
6 Case insensitive 20010000123400000000c1c0
abcd0876 Leading zeros in a field are
optional 20010123400C1C0ABCD876
Successive fields of 0 are represented as , but
only once in an address 200101234C1C0ABCD8
76 Not valid 20011234C1C0ABCD876 Other
examples FF020000001 gt FF021
00000001 gt 1 00000000 gt
4
IPv6 Addressing
IPv6 Addressing Allocation
Allocation Binary Prefix Fraction of address space
Unicast 001 1/8
Link Local address space 1111 1110 10 1/1024
Site Local address space 1111 1110 11 1/1024
Multicast 1111 1111 1/256
The Anycast addressing use the same address
allocation as Unicast.
Example Unicast 20800008800200C317A1080
8800200C317A Multicast FF01000000101FF0
1101
5
IPv6 Addressing
IPv6 Addressing Format
3
13
8
24
16
64
Site Topology
Public Topology
Interface Identifier
Node Portion
Network Portion
FP Format Prefix ( 001 for globally aggregated
unicast addresses) TLA-ID Top-level aggreation
identifier RES Reserved for future use NLA
Next-level aggregation identifier SLA-ID
Site-level aggregation identifier Interface ID
Interface identifier
6
IPv6 Addressing
Interface ID

• MAC Address 00000B0A2D51
• In binary
• 00000000 00000000 00001011 00001010 00101101
  01010001

• Insert FFFE between Company-ID and Node-ID
• 00000000 00000000 00001011 11111111 11111110
  00001010 00101101 01010001
• Set U/L bit to 1
• 00000010 00000000 00001011 11111111 11111110
  00001010 00101101 01010001
• Resulting EUI-64 Address 02000BFFFE0A2D51

7
IPv6 Addressing
Unicast Addressing
8
IPv6 Addressing
Anycast Addressing
9
IPv6 Addressing
Multicast Addressing Format
128 bit
8
4
112
4
Group-ID
11111111
flgs
scope

• Defines address scope
• 0 Reserved
• Node-local scope
• Link-local scope
• Site-local scope
• Organization local scope
• E Global scope
• F Reserved

First 3 bits set to 0 Last bit defines address
type 0 Permanent (or well-known) 1 Locally
assigned (or transient)
10
IPv6 Addressing
Multicast Addressing
11
IPv6 Addressing
Link local Addressing
128 bit
10
54
64
Interface-ID
1111111010
0

• Examples
• FE80006008FFFEB17EA2
• FE80200CFFFE0A2C51

12
IPv6 Addressing
Site Local Addressing
128 bit
10
54
64
16
Interface-ID
1111111011
0
Subnet-ID (SLA-ID)

• Examples
• FEC0006008FFFEB17EA2
• FEC0200CFFFE0A2C51

13
ICMPv6
ICMPv6
Type 1 Destination Unreachable Type 2
Packet Too Big (MTU) Type 3 Time Exceeded
Type 4 Parameter Problem Type 128/129 Echo
request/Echo reply
14
ICMPv6
Destination Unreachable
32 bits
Type1
Code
Checksum
Unused
As much of invoking packet as will fit without
the ICMPv6 packet exceeding the minimum IPv6 MTU
Code 0 - no route to destination 1 -
communication with destination administratively
prohibited 2 - (not assigned) 3 - address
unreachable 4 - port unreachable
Unused This field is unused for all code values.
It must be initialized to zero by the sender and
ignored by the receiver.
15
ICMPv6
Packet too big(MTU)
32 bits
Type2
Code
Checksum
MTU
As much of invoking packet as will fit without
the ICMPv6 packet exceeding the minimum IPv6 MTU
Code Set to 0 by the sender and ignored by the
receiver MTU The maximum transmission unit of the
next-hop link
16
ICMPv6
Time Exceeded
32 bits
Type3
Code
Checksum
Unused
As much of invoking packet as will fit without
the ICMPv6 packet exceeding the minimum IPv6 MTU
Unused This field is unused for all code values.
It must be initialized to zero by the sender and
ignored by the receiver.
Code 0 Hop limit exceeded in transit 1
Fragment reassembly time exceeded
17
ICMPv6
Parameter Problem
32 bits
Type4
Code
Checksum
Pointer
Pointer
As much of invoking packet as will fit without
the ICMPv6 packet exceeding the minimum IPv6 MTU
As much of invoking packet as will fit without
the ICMPv6 packet exceeding the minimum IPv6 MTU
Pointer Identifies the octet offset within the
invoking packet where the error was detected.
The pointer will point beyond the end of the
ICMPv6 packet if the field in error is beyond
what can fit in the maximum size of an ICMPv6
error message.
Code 0 - erroneous header field encountered 1
- unrecognized Next Header type encountered 2
- unrecognized IPv6 option encountered
18
ICMPv6
Echo Request
32 bits
Type128
Code0
Checksum
Identifier
Sequence Number
Data
Code 0 Identifier An identifier to aid in
matching Echo Replies to this Echo Request. May
be zero. SN A sequence number to aid in matching
Echo Replies to this Echo Request. May be
zero. Data Zero or more octets of arbitrary data.

19
ICMPv6
Echo Reply
32 bits
Type129
Code0
Checksum
Identifier
Sequence Number
Data
Code 0 Identifier The identifier from the
invoking Echo Request message. SN The sequence
number from the invoking Echo Request
message Data The data from the invoking Echo
Request message.
20
Neighbor Discovery
Neighbor Discovery

• Defines five ICMPv6 packets
• Router solicitation (RS)
• Router advertisement (RA)
• Neighbor solicitation (NS)
• Neighbor advertisement (NA)
• Redirect

21
Neighbor Discovery
Router solicitation (RS)
32 bits
Type133
Code
Checksum
Reserved
Options....
22
Neighbor Discovery
Router advertisement (RA)
32 bits
Type134
Code
Checksum
Hop Limit
M
O
Reserved
Router lifetime
Reachable Time
Retransmit Timer
Options....
23
Neighbor Discovery
RS and RA procedure
24
Neighbor Discovery
Router advertisement in routers
25
Neighbor Discovery
Neighbor solicitation (NS)
32 bits
Type135
Code
Checksum
Reserved
Target address
Options....
26
Neighbor Discovery
Neighbor advertisement (NA)
32 bits
Type136
Code
Checksum
Reserved
R
S
O
Target address
Options....
27
Neighbor Discovery
Redirect
32 bits
Type137
Code
Checksum
Reserved
Target address
Destination address
Options....
28
Neighbor Discovery
Redirect Procedure
E
Default GW-List
A
B
C
D
A
C
B
G
F
Host 3
29
Neighbor Discovery
Next Hop Discovery

• Check neighbor cache for existing next-hop entry
  for particular destination
• Check whether destination is on- or off-link
• On-link Sent directly to destination
• Off-link Sent to default router
• Identify link-layer address of next-hop

30
Neighbor Discovery
Address Resolution

• Uses Neighbor solicitation advertisements
• Node checks neighbor cache first
• If no entry exists, node creates IP entry with
  state INCOMPLETE
• Node then sends NS to solicited-node multicast
  address
• Source address of NS is a unicast address
• Receiving node responds with NA indicating its
  own link-level address
• Soliciting node updates neighbor cache entry from
  INCOMPLETE to REACHABLE upon receiption of NA

31
Neighbor Discovery
Neighbor Unreachability Detection

• 2 ways to verify neighbor reachability
• Using hints from upper-layer protocols
• From responses to neighbor solicitations
• Forward direction communication (FDC) must be
  possible for a neighbor to be REACHABLE
• FDC is verified if forward progress is being made
  by an upper-layer protocol (i.e. TCP, receiption
  of TCP acks)
• If no verification can be received from
  upper-layer protocols (like UDP)
• Node actively probes neighbors to determine
  reachability state
• Probes are sent in conjunction with traffic. No
  traffic, no probes!
• Probe is neighbor solicitation (NS)
• Neighbor advertisement (NA) reply is expected to
  establish FDC

32
Neighbor Discovery
Duplicate Address Detection

• Must be performed by all nodes
• Performed before assigning a unicast address to
  an interface
• Performed on interface initialization
• Not performed for anycast addresses
• Link must be multicast capable
• New address is called "tentative" as long as
  duplicate address detection takes place
• Interface joins all-nodes multicast group
• Interface joins solicited-node multicast group
• Node sends (one) NS with
• Target address tentative IP address
• Source address unspecified ()
• Destination address tentative solicited-node
  address
• If address already exists, the particular node
  sends a NA reply with
• Target address tentative IP address
• Destination address tentative solicited-node
  address
• If soliciting node receives NA reply with target
  address set to the tentative IP address, the
  address must be duplicate

33
Thank You !