Day 19 Basic IPv6 Concepts
CCNA 640-802 Exam Topics
Describe IPv6 addresses.
Describe the technological requirements for running IPv6 in conjunction with IPv4 (including protocols, dual stack, tunneling).
Key Topics
In the early 1990s, the Internet Engineering Task Force (IETF) grew concerned about the exhaustion of the IPv4 network addresses and began to look for a replacement for this protocol. This activity led to the development of what is now known as IPv6. Today’s review focuses on the rapidly emerging replacement for IPv4.
Note The study resources detail basic IPv6 addressing and routing configuration. Although interesting to read and practice on real equipment, IPv6 configuration is not a CCNA objective. Therefore, it will not be a part of our Key Topics. However, by practicing configuration tasks you will also be reinforcing basic IPv6 concepts.
Overview of IPv6
The capability to scale networks for future demands requires a limitless supply of IP addresses and improved mobility that private addressing and NAT alone cannot meet. IPv6 satisfies the increasingly complex requirements of hierarchical addressing that IPv4 does not provide.
Table 19-1 compares the binary and alphanumeric representations of IPv4 and IPv6 addresses.
An IPv6 address is a 128-bit binary value, which can be displayed as 32 hexadecimal digits. IPv6 should provide sufficient addresses for future Internet growth needs for many years to come.
IPv6 is a powerful enhancement to IPv4. Several features in IPv6 offer functional improvements.
Larger address space: Larger address space includes several enhancements:
— Improved global reachability and flexibility
— The aggregation of prefixes that are announced in routing tables
— Multihoming to several ISPs
— Autoconfiguration that can include data-link layer addresses in the address space
— Plug-and-play options
— Public-to-private readdressing end to end without address translation
— Simplified mechanisms for address renumbering and modification
Simpler header: A simpler header offers several advantages over IPv4:
— Better routing efficiency for performance and forwarding-rate scalability
— No broadcasts and thus no potential threat of broadcast storms
— No requirement for processing checksums
— Simpler and more efficient extension header mechanisms
— Flow labels for per-flow processing with no need to open the transport inner packet to identify the various traffic flows
Mobility and security: Mobility and security help ensure compliance with mobile IP and IPsec standards functionality. Mobility enables people with mobile network devices—many with wireless connectivity—to move around in networks:
— IPv4 does not automatically enable mobile devices to move without breaks in established network connections.
— In IPv6, mobility is built in, which means that any IPv6 node can use mobility when necessary.
— IPsec is enabled on every IPv6 node and is available for use, making the IPv6 Internet more secure.
Transition strategies: You can incorporate existing IPv4 capabilities with the added features of IPv6 in several ways:
— You can implement a dual-stack method, with both IPv4 and IPv6 configured on the interface of a network device.
— You can use tunneling, which will become more prominent as the adoption of IPv6 grows.
— Cisco IOS Software Release 12.3(2)T and later include Network Address Translation-Protocol Translation (NAT-PT) between IPv6 and IPv4.
You know the 32-bit IPv4 address as a series of four 8-bit fields, separated by dots. However, larger 128-bit IPv6 addresses need a different representation because of their size.
IPv6 conventions use 32 hexadecimal numbers, organized into 8 quartets of 4 hex digits separated by a colon, to represent a 128-bit IPv6 address. For example:
2340:1111:AAAA:0001:1234:5678:9ABC
To make things a little easier, two conventions allow you to shorten what must be typed for an IPv6 address:
Omit the leading 0s in any given quartet.
Represent 1 or more consecutive quartets of all hex 0s with a double colon (::), but only for one such occurrence in a given address.
Note The term quartet comes from Wendell Odom’s book CCNA ICND2 Official Exam Certification Guide Second Edition. For IPv6, a quartet is one set of four hex digits. Eight quartets are in each IPv6 address.
For example, consider the following address. The bold digits represent digits in which the address could be abbreviated.
FE00:0000:0000:0001:0000:0000:0000:0056
This address has two locations in which one or more quartets have four hex 0s, so two main options exist for abbreviating this address, using the :: abbreviation in one or the other location. The following two options show the two briefest valid abbreviations:
FE00::1:0:0:0:56
FE00:0:0:1::56
In the first example, the second and third quartets preceding 0001 were replaced with ::. In the second example, the fifth, sixth, and seventh quartets were replaced with ::. In particular, note that the :: abbreviation, meaning “one or more quartets of all 0s,” cannot be used twice, because that would be ambiguous. So, the abbreviation FE00::1::56 would not be valid.
Conventions for Writing IPv6 Prefixes
IPv6 prefixes represent a range or block of consecutive IPv6 addresses. The number that represents the range of addresses, called a prefix, is usually seen in IP routing tables, just like you see IP subnet numbers in IPv4 routing tables.
As with IPv4, when writing or typing a prefix in IPv6, the bits past the end of the prefix length are all binary 0s. The following IPv6 address is an example of an address assigned to a host:
2000:1234:5678:9ABC:1234:5678:9ABC:1111/64
The prefix in which this address resides would be as follows:
2000:1234:5678:9ABC:0000:0000:0000:0000/64
When abbreviated, this would be
2000:1234:5678:9ABC::/64
If the prefix length does not fall on a quartet boundary (is not a multiple of 16), the prefix value should list all the values in the last quartet. For example, assume the prefix length in the previous example is /56. So, by convention, the rest of the fourth quartet should be written, after being set to binary 0s, as follows:
2000:1234:5678:9A00::/56
The following list summarizes some key points about how to write IPv6 prefixes:
The prefix has the same value as the IP addresses in the group for the first number of bits, as defined by the prefix length.
Any bits after the prefix-length number of bits are binary 0s.
The prefix can be abbreviated with the same rules as IPv6 addresses.
If the prefix length is not on a quartet boundary, write down the value for the entire quartet.
Table 19-2 shows several sample prefixes, their format, and a brief explanation.
IPv6 Global Unicast Address
IPv6 has an address format that enables aggregation upward eventually to the ISP. An IPv6 global unicast address is globally unique. Similar to a public IPv4 address, it can be routed in the Internet without any modification. An IPv6 global unicast address consists of a 48-bit global routing prefix and a 16-bit subnet ID, as shown in Figure 19-1.
The current global unicast address that is assigned by the IANA uses the range of addresses that start with binary value 001 (2000::/3), which is one-eighth of the total IPv6 address space and is the largest block of assigned addresses.
Reserved, Private, and Loopback Addresses
The IETF reserves a portion of the IPv6 address space for various uses, both present and future. Reserved addresses represent 1/256 of the total IPv6 address space. Some of the other types of IPv6 addresses come from this block.
A block of IPv6 addresses is set aside for private addresses, just as is done in IPv4. These private addresses are local only to a particular link or site and therefore are never routed outside a particular company network. Private addresses have a first-octet value of FE in hexadecimal notation, with the next hexadecimal digit being a value from 8 to F.
These addresses are further divided into two types, based on their scope:
Site-local addresses: These are for an entire site or organization. However, the use of site-local addresses is problematic and is being deprecated as of 2003 by RFC 3879. In hexadecimal, site-local addresses begin with FE and then C to F for the third hexadecimal digit. So, these addresses begin with FEC, FED, FEE, or FEF.
Link-local addresses: These have a smaller scope than site-local addresses; they refer to only a particular physical link (physical network). Routers do not forward datagrams using link-local addresses, not even within the organization; they are only for local communication on a particular physical network segment. They are used for link communications such as automatic address configuration, neighbor discovery, and router discovery. Many IPv6 routing protocols also use link-local addresses. Link-local addresses begin with FE and then have a value from 8 to B for the third hexadecimal digit. So, these addresses start with FE8, FE9, FEA, or FEB.
Just as in IPv4, a provision has been made for a special loopback IPv6 address for testing. The loopback address is 0:0:0:0:0:0:0:1, which normally is expressed using zero compression as ::1.
The IPv6 Interface ID and EUI-64 Format
Figure 19-1 showed the format of an IPv6 global unicast address, with the second half of the address called the host or interface ID. The value of the interface ID portion of a global unicast address can be set to any value, as long as no other host in the same subnet attempts to use the same value. However, the size of the interface ID was chosen to allow easy autoconfiguration of IP addresses by plugging the MAC address of a network card into the interface ID field in an IPv6 address.
MAC addresses are 6 bytes (48 bits) in length. So to complete the 64-bit interface ID, IPv6 fills in 2 more bytes by separating the MAC address into two 3-byte halves. It then inserts hex FFFE in between the halves and sets the seventh bit in the first byte to binary 1 to form the interface ID field. Figure 19-2 shows this format, called the EUI-64 format (EUI stands for Extended Unique Identifier).
For example, the following two lines list a host’s MAC address and corresponding EUI-64 format interface ID, assuming the use of an address configuration option that uses the EUI-64 format:
MAC Address: 0034:5678:9ABC
EUI-64 Interface ID: 0234:56FF:FE78:9ABC
Note To change the seventh bit (reading left to right) in the example, convert hex 00 to binary 00000000, change the seventh bit to 1 (00000010), and then convert back to hex, for hex 02 as the first two digits.
IPv6 Address Management
Two options exist for static IPv6 address configuration for both routers and hosts:
Static configuration of the entire address
Static configuration of a /64 prefix with the host calculating its EUI-64 interface ID to complete the IP address.
IPv6 supports two methods of dynamic configuration of IPv6 addresses:
DHCPv6: Works the same conceptually as DHCP in IPv4.
Stateless autoconfiguration: A host dynamically learns the /64 prefix through the IPv6 Neighbor Discovery Protocol (NDP) and then calculates the rest of its address by using an EUI-64 interface ID based on its network interface card (NIC) MAC address.
Transitioning to IPv6
The transition from IPv4 to IPv6 does not require upgrades on all nodes at the same time. Many transition mechanisms enable smooth integration of IPv4 and IPv6. Other mechanisms that allow IPv4 nodes to communicate with IPv6 nodes are available. Different situations demand different strategies. Different transition mechanisms include the following:
Dual stacking: An integration method in which a node has implementation and connectivity to both an IPv4 and IPv6 network. This is the recommended option and involves running IPv4 and IPv6 at the same time.
Tunneling: Several tunneling techniques are available:
Manually configured tunnels (MCT): An IPv6 packet is encapsulated within the IPv4 protocol. This method requires dual-stack routers.
Dynamic 6to4 tunnels: This term refers to a specific type of dynamically created tunnel, typically done on the IPv4 Internet, in which the IPv4 addresses of the tunnel endpoints can be dynamically found based on the destination IPv6 address.
Intrasite Automatic Tunnel Addressing Protocol (ISATAP): Another dynamic tunneling method, typically used inside an enterprise. Unlike 6to4 tunnels, ISATAP tunnels do not work if IPv4 NAT is used between the tunnel endpoints.
Teredo tunneling: This method allows dual-stack hosts to create a tunnel to another host, with the host itself both creating the IPv6 packet and encapsulating the packet inside an IPv4 header.
NAT-Protocol Translation (NAT-PT): This transition option allows direct communication between IPv4-only hosts and IPv6-only hosts. These translations are more complex than IPv4 NAT. At this time, this translation technique is the least favorable option and should be used as a last resort.
Remember this advice: “Dual stack where you can; tunnel where you must.” These two methods are the most common techniques to transition from IPv4 to IPv6.
Table 19-3. Summary of IPv6 Transition Options">Table 19-3 summarizes the transition options for IPv6.
