Describe IPv6 addresses.
In the early 1990s, the Internet Engineering Task Force (IETF) grew concerned about the exhaustion of the IPv4 network addresses and began to look for a replacement for this protocol. This activity led to the development of what is now known as IPv6. Today’s review focuses on an overview of the IPv6 protocol and IPv6 address types.
Note
If you have not yet purchased a copy of Rick Graziani’s IPv6 Fundamentals to add to your library of study tools, now is the time to do so. His book is my definitive source for everything IPv6.
The capability to scale networks for future demands requires a limitless supply of IP addresses and improved mobility that private addressing and NAT alone cannot meet. IPv6 satisfies the increasingly complex requirements of hierarchical addressing that IPv4 does not provide. Several of the main benefits and features of IPv6 include
Extended address space: A 128-bit address space represents about 340 trillion trillion trillion addresses. That’s enough to assign an address to every atom on the earth and still have enough addresses for another 100 earths.
Stateless Address Autoconfiguration: IPv6 provides host devices with a method for generating their own routable IPv6 addresses. IPv6 also supports stateful configuration using DHCPv6.
Eliminates the need for NAT/PAT: NAT/PAT was conceived as a part of the solution to IPv4 address depletion. With IPv6, address depletion is no longer an issue. NAT64, however, does play an important role in providing backward compatibility with IPv4.
Simpler header: A simpler header offers several advantages over IPv4:
Better routing efficiency for performance and forwarding-rate scalability
No broadcasts and thus no potential threat of broadcast storms
No requirement for processing checksums
Simpler and more efficient extension header mechanisms
Mobility and security: Mobility and security help ensure compliance with mobile IP and IPsec standards functionality. Mobility enables people with mobile network devices—many with wireless connectivity—to move around in networks:
IPv4 does not automatically enable mobile devices to move without breaks in established network connections.
In IPv6, mobility is built in, which means that any IPv6 node can use mobility when necessary.
IPsec is enabled on every IPv6 node and is available for use, making the IPv6 Internet more secure.
Transition strategies: You can incorporate existing IPv4 capabilities with the added features of IPv6 in several ways:
You can implement a dual-stack method, with both IPv4 and IPv6 configured on the interface of a network device.
You can use tunneling, which will become more prominent as the adoption of IPv6 grows.
You know the 32-bit IPv4 address as a series of four 8-bit fields, separated by dots. However, larger 128-bit IPv6 addresses need a different representation because of their size. Table 22-1 compares the binary and alphanumeric representations of IPv4 and IPv6 addresses.
Figure 22-1 compares the IPv4 header with the main IPv6 header. Notice that the IPv6 header is represented in 64-bit words instead of the 32-bit words used by IPv4.
Note
Refer to RFC 2460 and “Study Resources” for the full specification of IPv6.
IPv4 has three address types: unicast, multicast, and broadcast. IPv6 does not use broadcasts. Instead, IPv6 uses unicast, multicast, and anycast. Figure 22-2 illustrates these three types of IPv6 addresses.
The first classification of IPv6 address types shown in Figure 22-2 is the unicast address. A unicast address uniquely identifies an interface on an IPv6 device. A packet sent to a unicast address is received by the interface that is assigned to that address. Similar to IPv4, source IPv6 addresses must be a unicast address. Because unicast addressing—as opposed to multicast and anycast addressing—is, by far, the major focus of a CCENT or CCNA candidate, we will spend some time reviewing the Unicast branch shown in Figure 22-2.
IPv6 has an address format that enables aggregation upward eventually to the ISP. An IPv6 global unicast address is globally unique. Similar to a public IPv4 address, it can be routed in the Internet without any modification. An IPv6 global unicast address consists of a 48-bit global routing prefix, a 16-bit subnet ID, and a 64-bit interface ID. Use Rick Graziani’s method of breaking down the IPv6 address with the 3-1-4 Rule (also known as the pi rule for 3.14), as shown in Figure 22-3.
Each number refers to the number of hextets, or 16-bit segments, of that portion of the address:
3: Three hextets for the Global Routing Prefix
1: One hextet for the Subnet ID
4: Four hextets for the Interface ID
The current global unicast address that is assigned by the Internet Assigned Numbers Authority (IANA) uses the range of addresses that start with binary value 001 (2000::/3), which is one-eighth of the total IPv6 address space and is the largest block of assigned addresses. Figure 22-4 shows how the IPv6 address space is divided into an eight-piece pie based on the value of the first 3 bits.
Using the 2000::/3 pie piece, the IANA assigns /23 or shorter address blocks to the five Regional Internet Registries (RIR). From there, ISPs are assigned /32 or shorter address blocks. ISPs then assign sites—their customers—a /48 or shorter address block. Figure 22-5 shows the breakdown of global routing prefixes.
In IPv6, an interface can be configured with multiple global unicast addresses, which can be on the same or different subnets. In addition, an interface does not have to be configured with a global unicast address, but it must at least have a link-local address.
A global unicast address can be further classified into the various configuration options available, as shown in Figure 22-6.
EUI-64 and Stateless Address Autoconfiguration are reviewed in more detail later in this day. The rest of the configuration options shown in Figure 22-6 will be reviewed in more detail in the upcoming days. But for now, we can summarize them as shown in Table 22-2.
As shown earlier in Figure 22-2, link-local addresses are a type of unicast address. Link-local addresses are confined to a single link. They only need to be unique to that link because packets with a link-local source or destination address are not routable off the link.
Link-local addresses are configured in one of three ways:
Dynamically, using EUI-64
Random-generated interface ID
Statically, entering the link-local address manually
Link-local addresses provide a unique benefit in IPv6. A device can create its own link-local address completely on its own. Link-local unicast addresses are in the range of FE80::/10 to FEBF::/10, as shown in Table 22-3.
Figure 22-7 shows the format of a link-local unicast address.
The loopback address for IPv6 is an all-0s address except for the last bit, which is set to a 1. Like IPv4, the IPv6 loopback address is used by an end device to send an IPv6 packet to itself to test the TCP/IP stack. The loopback address cannot be assigned to an interface and is not routable outside the device.
The unspecified unicast address is the all-0s address, represented as ::. It cannot be assigned to an interface but is reserved for communications when the sending device does not have a valid IPv6 address yet. For example, a device will use :: as the source address when using the Duplicate Address Detection (DAD) process. The DAD process ensures a unique link-local address. Before a device can begin using its newly created link-local address, it sends out an all-nodes multicast to all devices on the link with its new address as the destination. If the device receives a response, it knows that link-local address is in use and will, therefore, need to create another link-local address.
Unique local addresses (ULA) are defined by RFC 4193, Unique Local IPv6 Unicast Addresses. Figure 22-8 shows the format for ULAs.
These are private addresses. However, unlike IPv4, IPv6 ULAs are globally unique. This is possible because of the relatively large amount of address space in the Global ID portion shown in Figure 22-8: 40 bits, or more than 1 trillion unique global IDs. As long as a site uses the Pseudo-Random Global ID Algorithm, it will have a very high probability of generating a unique global ID.
Unique local addresses have the following characteristics:
Possess a globally unique prefix or at least have a very high probability of being unique.
Allow sites to be combined or privately interconnected without address conflicts or requiring addressing renumbering.
Are independent of any Internet service provider and can be used within a site without having any Internet connectivity.
If accidentally leaked outside of a site either by routing or Domain Name System (DNS), there won’t be a conflict with any other addresses.
Can be used just like a global unicast address.
IPv4 and IPv6 packets are not compatible. Features such as NAT-PT (now deprecated) and NAT64 are required to translate between the two address families. IPv4-mapped IPv6 addresses are used by transition mechanisms on hosts and routers to create IPv4 tunnels that deliver IPv6 packets over IPv4 networks.
Note
NAT64 is beyond the scope of the CCENT and CCNA exam topics.
To create an IPv4-mapped IPv6 address, the IPv4 address is embedded within the low-order 32 bits of IPv6. Basically, IPv6 just puts an IPv4 address at the end, adds 16 all-1 bits, and pads the rest of the address. The address does not have to be globally unique. Figure 22-9 illustrates this IPv4-mapped IPv6 address structure.
Note
Not shown is the IPv4-compatible IPv6 address, which uses all-0s in the 16 bits before the IPv4 address. The IPv4-compatible IPv6 address was rarely used and is now deprecated. Current IPv6 transition mechanisms no longer use this address type.
The second major classification of IPv6 address types shown in Figure 22-2 is multicast. Multicast is a technique used for a device to send a single packet to multiple destinations simultaneously. An IPv6 multicast address defines a group of devices known as a multicast group and is equivalent to IPv4 224.0.0.0/4. IPv6 multicast addresses have the prefix FF00::/8.
There are two types of IPv6 multicast addresses:
Assigned multicast
Solicited node multicast
Assigned multicast addresses are used in context with specific protocols.
Two common IPv6 assigned multicast groups include
FF02::1 All-nodes multicast group: This is a multicast group that all IPv6-enabled devices join. Similar to a broadcast in IPv4, all IPv6 interfaces on the link process packets sent to this address. For example, a router sending an ICMPv6 Router Advertisement (RA) would use the all-nodes FF02::1 address. IPv6-enabled devices can then use the RA information to learn the link’s address information such as prefix, prefix length, and the default gateway.
FF02::2 All-routers multicast group: This is a multicast group that all IPv6 routers join. A router becomes a member of this group when it is enabled as an IPv6 router with the ipv6 unicast-routing global configuration command. A packet sent to this group is received and processed by all IPv6 routers on the link or network. For example, IPv6-enabled devices send ICMPv6 Router Solicitation (RS) messages to the all-routers multicast address requesting an RA message.
In addition to every unicast address assigned to an interface, a device will also have a special multicast address known as a solicited-node multicast address, as shown in Figure 22-2. These multicast addresses are automatically created using a special mapping of the device’s unicast address with the solicited-node multicast prefix FF02:0:0:0:0:1:FF00::/104.
As shown in Figure 22-10, solicited-node multicast addresses are used for two essential IPv6 mechanisms, both part of Neighbor Discovery Protocol (NDP):
Address resolution: Equivalent to ARP in IPv4, an IPv6 device sends an NS message to a solicited-node multicast address to learn the link layer address of a device on the same link. The device recognizes the IPv6 address of the destination on that link but needs to know its data-link address.
Duplicate Address Detection (DAD): As reviewed earlier, DAD allows a device to verify that its unicast address is unique on the link. An NS message is sent to the device’s own solicited-node multicast address to determine whether anyone else has this same address.
As shown in Figure 22-11, the solicited-node multicast address consists of two parts:
FF02:0:0:0:0:FF00::/104 multicast prefix: This is the first 104 bits of the all solicited-node multicast address.
Least significant 24 bits: These bits are copied from the far-right 24 bits of the global unicast or link-local unicast address of the device.
The last major classification of IPv6 address types shown in Figure 22-2 is the anycast address. IPv6 anycast addressing is still somewhat experimental and beyond the scope of the CCENT or CCNA candidate. So, we will only briefly review this address type.
An IPv6 anycast address is an address that can be assigned to more than one device or interface. A packet sent to an anycast address is routed to the “nearest” device that is configured with the anycast address, as shown in Figure 22-12.
For today’s exam topics, refer to the following resources for more study.
18.216.32.116