You have learned about IP addressing, but the discussion so far has been about IPv4, how to address a network, and how to overcome some of its limitations. IPv6 is the solution to many of the limitations in addressing that are seen in IPv4. Although there are IPv6 implementations, IPv6 is yet to be seen as a widespread solution, mainly because of the overwhelming task of readdressing networks and upgrading applications. Both NAT and private addressing are creative solutions to the inherent capacity problem that IPv4 has encountered. As the demand for IP addresses increases, these solutions, however creative, cease to be effective.
IPv6 quadruples the address space, providing 128 bits instead of the 32 bits currently available with IPv4. In real terms, that increases the number of addresses from just more than four million to a nearly inﬁnite number of addresses. The address size is quadrupled, allowing approximately 1030 addresses per person on the planet.
With IPv6, the ability to dispense with solutions such as NAT, private addresses, and temporarily assigned addresses through DHCP means that end-to-end connectivity is available. With this direct connectivity come some technical enhancements. Both security and QoS might be implemented more efﬁciently when there is end-to-end connectivity, with no intermediary translations.
IPv6 offers the following beneﬁts and features:
■ Larger address space
■ Unicast and multicast addressing
■ Address aggregation
■ A simple and efﬁcient header
■ Options for transitioning from IPv4 to IPv6
■ Routing protocols
The following sections describe each of these features in detail.
IPv6 Address Format
The IPv6 address is very different from the IPv4 address. Not only is it four times the length, increasing the length from 32 to 128 bits, but it is also represented in hexadecimal as opposed to decimal notation. Colons separate the 16-bit hexadecimal number ﬁelds, which are portions of the 128-bit address, from the 128 bits.
An example of an IPv6 address follows:
To avoid confusion, error, and unnecessary complication, the following rules have been determined. These rules simplify the address where possible, making it more manageable:
■ The hexadecimal numbers are not case sensitive, preventing operator error in entering addresses.
■ Leading 0s in any 16-bit ﬁeld can be dropped and represented by colons.
■ A pair of colons (::) indicates the successive 16-bit ﬁelds of 0s have been dropped. The process easily identiﬁes the number of 0s dropped by adding 0s until the address is once again 128 bits long.
■ Only one pair of colons is allowed in any address, because the process would not be able to identify how many 0s should be replaced in each location.
NOTE The rules for the addressing of IPv6, including guidelines for simpliﬁcation, are given
in the RFC 2373, “IP Version 6 Addressing Structure.”
Keeping these rules in mind, the following address:4021:0000:240E:0000:0000:0AC0:3428:121C
can be written in the following form:4021:0:240E::0AC0:3428:121C
Although there cannot be two instances of a double colon, those ﬁelds with only 0s can be shown as 0. In this example, the second ﬁeld shows the 0s reduced to one representational zero.
If the address is that of a network with no host ID shown, the address can end in a double colon, for example: 4021:0:240E::
IPv6 addressing comes in many forms, and it is able to solve many of the limitations of IPv4 not simply through additional bits but through greater ﬂexibility and complexity.
IPv6 Unicast Addresses
The IPv6 unicast addresses are divided up according to functionality. Although a unicast address is tied to a speciﬁc node with a unique address to identify it, the scope of the search for that end system is clearly deﬁned in IPv6. This minimizes the resources required, making the transport of packets across the network faster and more efﬁcient all around.
IPv6 unicasts come in the following ﬂavors:
■ Link local —This is a speciﬁc address, known as a local link unicast address, where the end system is on the same physical link. This would include discovery protocols, routing protocols, and other control protocols. These addresses are autoconﬁgured and use the preﬁx FE80::/10.
■ Site local —This is a system that is within the same site but might be on a different network. It requires no connection to the global network of the Internet, because there is no guarantee that the addressing is globally unique.
■ Aggregate global unicast —This is an Internet address that is globally unique.
■ Unspecified and loopback —This address is simply a placeholder, often used when downloading software or requesting an address. The loopback address is used to test the interface in basic troubleshooting. The address is:
IPv6 Multicast Addresses
A multicast address is an address that identiﬁes a group of interfaces, typically on different end systems. The packet is delivered to all the systems identiﬁed in the multicast address.
Using multicast addresses is much more efﬁcient than using broadcasts, which require every end system to stop what it is doing, taking both time and resources. Because a multicast address is an address to a group of systems, if the receiving system is not part of the multicast group, it discards the packet at Level 2. However, broadcasts are processed through the OSI stack before the system can determine that the broadcast is not relevant to them.
Layer 2 devices (bridges and switches) propagate broadcasts because broadcast addresses are not stored in its forwarding CAM table. Unlike a router, whose default is to drop packets with unknown addresses, a switch will propagate a frame with an unknown destination address out of every interface. Theoretically, this is also true of multicast addresses, though some devices have intelligence built into the software to restrict multicast propagation. The LAN technologies can propagate these broadcasts around and around if there is a problem, thus causing a broadcast storm that can seriously affect response time and, in extreme cases, network connectivity.
IPv6 does not use broadcasts at all, relying solely on the use of multicast addresses. Though IPv4 uses multicasts as deﬁned in RFC 2365, “Administratively Scoped IP Multicast,” it uses them in a different manner. The IPv6 multicast has a much larger address range.
All IPv6 multicast addresses start with the ﬁrst 8 bits of the address set to 1. Thus all multicast addresses start with the hexadecimal notation FF (1111 1111). The multicast range is as follows:
The second octet, following the ﬁrst octet of FF, identiﬁes both the scope and the lifetime of the multicast address. In this way, IPv6 has millions of group multicast addresses to use in current and emerging technologies.
Summarization, wherever possible, is crucial within the Internet. The current offering of IPv4 and the routing tables makes summarization critical. The routing tables are more manageable with the implementation of CIDR. Although the addressing scheme in IPv6 allows for an almost inﬁnite amount of addresses to be allocated, the address structure must employ a hierarchical structure so as not to overrun itself.
As in IPv4, the leftmost bits of the address are used to summarize networks that appear lower in the bit structure. Thus, the IPv4 address 220.127.116.11/17 could include the subnets 18.104.22.168/24 through to 22.214.171.124/24. This would mean that the routing tables could route to all the subnets, but that instead of having 128 subnets listed in the routing tables, there is a single entry. To locate a minor subnet, the normal rules of routing are followed and the packet is sent to the router advertising
126.96.36.199/17. This router, armed with the more detailed routing table, forwards the packet on until it reaches the destination.
In IPv6, the address structure allows for greater granularity in the external address format used within the Internet. The address is very long, and each part serves a function. The ﬁrst 48 bits of the address are a header used by the IANA for external routing within the Internet to create the Aggregate Global Unicast. The ﬁrst 3 bits (or the 3 leftmost bits) are ﬁxed as 001 to indicate a global address.
The Site Level Aggregator (SLA) is the address used for routing within the autonomous system and identiﬁes the destination network. It can be used without the 48-bit preﬁx assigned by the IANA. If this 48-bit preﬁx is not granted or used, the addressing scheme is similar to IPv4 private addressing, and the autonomous system must not attach to the Internet.
The interface address is often autoconﬁgured by using the MAC address of the interface.
The IPv6 address that is unique to the Internet is called the Aggregate Global Unicast. The various components described are summarized to the bit allocation below, showing the following address structure:
A ﬁxed preﬁx of 001 3 bits
IANA allocated preﬁx 45 bits
Site Level Aggregator (SLA) 16 bits
Interface 64 bits
The local or directly connected router sends out the preﬁx of the local link and the router’s default route. This is sent to all the nodes on the wire, allowing them to autoconﬁgure their own IPv6 addresses. The local router provides the 48-bit global preﬁx and the SLA or subnet information to each end system. The end system simply adds its own Layer 2 address, which is unique because it is the burned-in address (MAC address) taken from the interface card. This MAC address, when appended to the 48-bit global address and the 16-bit subnet address, makes up the unique 128-bit IPv6 end system address.
The ability to simply plug in a device without any conﬁguration or DHCP server allows new devices to be added to the Internet, such as cell phones, wireless devices, and even the home toaster. The Internet has become “plug-and-play.”
The ability to connect remote devices automatically alleviates many other tasks that were previously administrative nightmares, requiring months of project planning. In IPv4, the mere thought of readdressing the network made experienced, competent network managers turn pale and shake. IPv6 autoconﬁguration allows the router to provide the required information to all the hosts on its network. This means they can renumber or reconﬁgure their address with ease. This is a requirement if and when you change service providers, because the service provider issues the addressing scheme for its customers. With IPv6, it is reassuring to know that such a radical change can be transparent to the end user.
Simple and Efficient Header
The IPv6 header has been simpliﬁed to speed up processing and, thus, the performance and efﬁciency of the router. This has been achieved in the following ways:
■ There are fewer ﬁelds in the header.
■ The ﬁelds are aligned to 64 bits.
■ The checksum is removed.
The reduction in processing is because of the fewer ﬁelds to process. Memory is used more efﬁciently with the ﬁelds aligned to 64 bits. This allows the lookups to be very fast, because the 64-bit ﬁelds take advantage of the 64-bit processors in use today. The only drawback is the use of the 128-bit address, which is larger than the current atomic word size.
The removal of the checksum reduces the processing time further. A calculation has been moved up the stack to the transport layer, where both the connection and connectionless transport are required to issue checksums. Remember that the improved efﬁciency is realized at each router in the path to the destination host, which greatly increases the overall efﬁciency.
Figure 3-7 compares the IPv4 header with the IPv6 header.
IPv6 Extension Header
Instead of including the Options ﬁeld within the header as IPv4 does, IPv6 attaches the Options ﬁeld to the end of the header, indicating with the Next Header ﬁeld whether there is something additional to process. This speeds up the processing and also allows for protocol evolution, because many extension ﬁelds can be chained together.
Figure 3-7 The IPv4 and IPv6 Headers Compared
With direct end-to-end connectivity achieved with a larger address space, security is a more realistic option with IPv6. Because the need for ﬁrewalls and NAT processes between the end hosts is decreased, a wider and more direct approach can be given to security by placing the encryption within the host systems.
Although IPSec is available with IPv4, it is mandatory in IPv6. The use of extension headers allows for a protocol dedicated to end-to-end security.
IPv6 was designed with mobility built into the protocol using Mobile IP, which is an Internet Engineering Task Force (IETF) standard. Mobile IP allows end systems to move location without the connection being lost, which is essential for wireless products, such as IP phones and GPS systems in cars.
The IPv6 routing header allows the end system to change its IP address by using a home address as the source of the packets. The home address is stable, allowing the roving address to maintain mobility.
Although IPv4 offers Mobile IP, it does so by tunneling back to the home network and then forwarding the data to the ﬁnal destination. This is called triangle routing, and though it works, it is more cumbersome than the solution that is provided by IPv6.