IPv6 Networking

A little history of IPv6, and key features

Around 1992, the IETF became aware of a global shortage of IPv4 addresses, and technical obstacles in deploying new protocols due to limitations imposed by IPv4. An IPng (IP next generation) effort was started to solve these issues. The discussion is outlined in a bunch of RFCs, starting from RFC1550. After a large amount of discussion, around 1995, IPv6 (IP version 6) was picked as the final IPng proposal. The IPv6 base specification is specified in RFC2460.
In a single sentence, IPv6 is a re-engineering effort against IP technology. Key features are listed below:
  • Larger IP address space. IPv4 uses only 32 bits for IP address space, which allows only 4 billion nodes to be identified on the Internet. 4 billion may look like a large number; however, it is less than the human population on the earth! IPv6 allows 128 bits for IP address space, allowing 340282366920938463463374607431768211456 (three hundred forty undecillion) nodes to be uniquely identified on the Internet. A larger address space allows true end to end communication, without NAT or other short term workarounds against the IPv4 address shortage. (These days NAT is a headache for new protocol deployment and has scalability issues; we really need to decommission NAT networks for the Internet to grow further).
  • Deploy more recent technologies. After IPv4 was specified 20 years ago, we saw many technical improvements in networking. IPv6 includes a number of those improvements in its base specification, allowing people to assume these features are available everywhere, anytime. "Recent technologies" include, but are not limited to, the following:
    • Autoconfiguration. With IPv4, DHCP exists but is optional. A novice user can get into trouble if they visit another site without a DHCP server. With IPv6, a "stateless host autoconfiguration" mechanism is mandatory. This is much simpler to use and manage than IPv4 DHCP. RFC2462 has the specification for it.
    • Security. With IPv4, IPsec is optional and you need to ask the peer if it supports IPsec. With IPv6, IPsec support is mandatory. By mandating IPsec, we can assume that you can secure your IP communication whenever you talk to IPv6 devices.
    • Friendly to traffic engineering technologies. IPv6 was designed to allow better support for traffic engineering like diffserv or intserv (RSVP). We do not have a single standard for traffic engineering yet, so the IPv6 base specification reserves a 24-bit space in the header field for those technologies and is able to adapt to coming standards better than IPv4.
    • Multicast. Multicast is mandatory in IPv6, which was optional in IPv4. The IPv6 base specifications themselves extensively use multicast.
    • Better support for ad-hoc networking. Scoped addresses allow better support for ad-hoc (or "zeroconf") networking. IPv6 supports anycast addresses, which can also contribute to service discoveries.
    • and more.
  • A cure to routing table growth. The IPv4 backbone routing table size has been a big headache to ISPs and backbone operators. The IPv6 addressing specification restricts the number of backbone routing entries by advocating route aggregation. With the current IPv6 addressing specification, we will see only 8192 routes on the default-free zone.
  • Simplified header structures. IPv6 has simpler packet header structures than IPv4. It will allow future vendors to implement hardware acceleration for IPv6 routers easier.
  • Allows flexible protocol extensions. IPv6 allows more flexible protocol extensions than IPv4 does, by introducing a protocol header chain. Even though IPv6 allows flexible protocol extensions, IPv6 does not impose overhead to intermediate routers. It is achieved by splitting headers into two flavors: the headers intermediate routers need to examine, and the headers the end nodes will examine. This also eases hardware acceleration for IPv6 routers.
  • Smooth transition from IPv4. There were number of transition considerations made during the IPv6 discussions. Also, there are large number of transition mechanisms available. You can pick the most suitable one for your site.
  • Follows the key design principles of IPv4. IPv4 was a very successful design, as proven by the ultra large-scale global deployment. IPv6 is "new version of IP", and it follows many of the design features that made IPv4 very successful. This will also allow smooth transition from IPv4 to IPv6.
  • and more.
IPv6 and Subnet Prefix Length
IPv6 is upon us, well soon anyways and there has been much confusion about IPv6. This post will hopefully clear up some of this confusion. This post assumes that IPv4 doesn’t bother you.

IPv6 address look like such:
1234:5678:90AB:CDEF:1234:5678:90AB:CDEF
8 Sets of 4 hexdecimal numbers (0-F) By standard, first four sets of numbers is reserved for network part and last 4 sets of number is reserved for the hosts inside the network. Example, your ISP would give you IP of 2607:f0d0:54fc:4564 giving you last 4 group for your network around 18 trillion address per network.
You can shorten an IPv6 by putting :: between a string of zeros but only once. Example, 1234:1234:0000:0000:0000:0000:0000:ABCD would be shorten to 1234:1234::ABCD. However, 1234:1234:0000:0000:ABCD:0000:0000:9999 could NOT be shorten to 1234:1234::ABCD::9999 Only 1234:1234::ABCD:0000:0000:9999 or 1234:1234:0000:0000:ABCD::9999
Biggest change for most admins is subnet mask has been replaced with Subnet Prefix length which is basically Subnet Mask replaced with / identifier similar that 192.168.1.0/24
Here is table of subnet prefixes:
1234:: /16
1234:5678:: /32
1234:5678:90AB:: /48
1234:5678:90AB:CDEF:: /64 (standard)
1234:5678:90AB:CDEF:1234:: /80
1234:5678:90AB:CDEF:1234:5678:: /96
1234:5678:90AB:CDEF:1234:5678:90AB:: /112
1234:5678:90AB:CDEF:1234:5678:90AB:CDEF /128 (Single IP)
DNS
DNS remains the same except A record become AAAA records. Past that, everything remains the same. However, due to complexity of IPs, DNS is critical to get working.
Windows XP/2003 and IPv6
Windows XP has IPv6 along with Windows 2003. However, it’s support is spotty where it will not make DNS lookups over IPv6 and many services fail to listen on IPv6. It’s basically experimental and I wouldn’t recommend it for production. Vista and beyond do have very effective IPv6 support. However, some products like Threat Management Gateway 2010 do not support IPv6.

Post a Comment

0 Comments