Pages

4.18.2013

IPv6 Part 1 - The Basics

I was first introduced to IPv6 during my CCNP studies about 3+ years back but have not been exposed to IPv6 in production outside of disabling it on anything supporting the feature. For that reason I always seem to struggle with keeping the details of IPv6 fresh in my head.

Im going to start with the basics, then move on to IPv6  address assignment and neighbor discovery and then finish up with supported routing protocols. So lets get started...

Why IPv6?

We ran out of IPv4 address and need more. There are plenty of places on the net to argue the need for IPv6 and I'm not going there with this post. So, enough said on why... :)

The RFC's:

RFC 3587  IPv6 Global Unicast Address Format
RFC 6177 IPv6 Address Assignment to End Sites
RFC 2373 IPv6 Addressing Architecture
Im sure there are more...

The Basics

IPv6 is represented with a 128-bit hex address (xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/128 ) compared to IPv4's 32-bit decimal address (xx.xx.xx.xx/32). This equals a crap ton of usable addresses!


So how are these addresses hacked up and portioned out to sites and down to vlans?

RFC 3177 was generated to address how IPv6 prefixes are structured and how RIRs assign prefixes to end-site. The RFC recommended all addresses be assigned in /48 blocks for everyone in general. /64s could be assigned to small sites with only a single subnet and a /128 could be assigned when only a single host exist. RFC 6177 later deprecated this RFC allowing more flexibility in assignments.

For years there has been huge debates over how end-sites should be allocated address space. Ill leave that fight alone for now but you might want to search around and see what is happening with this issue.

IPv6 uses the same premise as IPv4 with bits assigned to network, subnet, and host portions of the address. /48 subnets are broken down as follows:

  • First 3 bits reserved and equal 001 (or 2000::/3)
  • Next 45 bits represent the global routing prefix (Network bits)
  • Last 16 bits of a prefix are Site Level Aggregator (SLA) bits (Subnet bits)

This assignment looks something like 2000:nnnn:nnnn:ssss:hhhh:hhhh:hhhh:hhhh/48.


IPv6 addresses can be represented and configured in full, or shortened with several methods. Two rules apply to shortening an IPv6 address
  • One or more successive 16-bit group, consisting of all zeros, can be condensed with two colons (::). This can only be used once within an address. 
          ex: FEC0:1992:EF5B:0000:0000:0000:0000:0001 = FEC0:1992:EF5B::0001
  • Leading zeros (one or more) of any 16-bit group can be removed.
          ex: FEC0:1992:EF5B::0001 = FEC0:1992:EF5B::1

           Another example is the loopback address which is represented as ::1/128

Cisco devices support multiple IPv6 addresses on a single interface compared to only one (and a standby) with IPv4.


Address Types

Compared to IPv4 which has three address types, Unicast, Broadcast and Multicast, IPv6 has changed things up a little by dropped the broadcast address type and adding several other address type.

Global Unicast - As the name implies this address is globally unique. Global unicast addresses are the exact same as Public IPv4 addresses.

  • Uses the range 2000::/3

Site-Local Unicast - Originally defined in RFC 1884 for private use in a single site. These addresses are the equivalent to RFC 1918 private addresses for IPv4. As the story goes no one could agree on the exact use for site-local addresses and they were deprecated in RFC 3879.

This means no more NAT and no more private addresses within a LAN. YAY!!

  • Uses the range FEC0::/8

IPv6 configuration is pretty straight forward. Notice how the mask is no longer represented in dotted decimal?




Link Local Unicast - Used only between neighbors on a link and can't be routed beyond the link. Link local addresses are assigned automatically once an interfaced is enabled for IPv6 and inject the interfaces MAC address into the host bits to insure uniqueness. IPv6 Link local addresses are the same thing as the IPv4 link local addresses 169.254.x.x seen when an interface can't obtain an IP address.

Link-local addresses were designed to aid in address auto-configuration and neighbor discovery. Neighbors are able to detect each other and start communicating without any configuration taking place.

  • Use the range FE80::/10

To manually configure an interfaces link-local address just add the link-local keyword to the end of the address. Notice how a mask is not needed?



Multicast - the exact same as IPv4 multicast but now takes on the role of broadcast.

  • Uses the range FF00::/8
          First 8 bits are always FF.
          Next group of 8 bits are broken down into two groups:
                First 4 bits =  lifetime.
                Second 4 bits = scope of multicast group (how far the packet can travel)

  • Link Local Multicast uses the range FF02::/8
         ex:
         FF02::1 - All hosts
         FF02::5 - OSPFv3 routers

Anycast - Used to pool any number of devices for load balancing or regional routing. Anycast addresses are similar to virtual IP's (VIPs) and are assigned to multiple devices to provide the same service. When hosts communicate with an anycast address the specific server or device they establish a session with is determined by the unicast routing metric for that particular path.

An example would be you need to access a specific website. When the address resolves to an anycast IPv6 address you are routed to the closest geographical data center hosting that specific website. When you are in North America you will hit the New York data center and when you are in the United Kingdom you will hit the London data center.

  • Uses the Global Unicast range but Cisco IOS requires the use of the anycast keyword when configuring the address.



When You are all said and done show ipv6 interface will give you the IPv6 details of the interface.You will notice the anycast address is represented under the Global unicast address(es) section with [ANY].

Also notice the last two multicast groups joined (FF02::1:FF00:0 and FF02::1:FF00:1)? Those are called Solicited-node multicast addresses. One exist for each unicast address assigned to the interface, but we will go into those in more detail during my next post.