Wednesday, 28 March 2012

IPv6 Routing - Understanding and Implementing IPv6 Addressing Part 1

  • Will we ever need to upgrade to IPv6?
  • IPv6 Addressing format
  • IPV6 headers and address types
  • In depth exploration: understanding the new addresses


Will we ever need to upgrade to IPv6?
....maybe, probably not ... but will we? :0)

Main problem is the IPv4 addresses were poorly assigned;
For example originally Asia and Africa were only assigned a class C subnet of public IP addresses! ( they have been upgraded since).  Some Campuses in USA were assigned whole class B subnets, which are still hardly touched! When IPV4 first came round they always thought we would never run out and were poorly  assigned ..... HMMMmmmmm kinda sounds like IPV6 dont it! lol

Other counties already upgraded and moved to IPV6 because of the allocation decisions above (whereas some states in the USA still has plenty of IPV4 addresses and other countries too, estimated we will run out anytime from now - 2041)

New network devices on the rise

NAT (our current solution) is now seen as a hinderence to innovation:
Now moving to IPV6, becuase devices could do alot more if not behind NAT, it is blocking
alot of the features/apps that could otherwise be used on devices.. The goal is to elimate NAT

Potential future features:
* IPSEC is native (can be),
* Mobility: A moving device keeping the same address but moving over
different networks (currently we accomplish this with tunneling etc)
* Simplier header, although the header is bigger it is now less heavy on the processor of the device which means the routers can scale higher.




IPV6 Addressing format

Address size moved from 32-bit (IPV4) to 128-bit (IPV6)

PROVIDES
340,282,366,920,938,463,463,374,607,431,770,000,000 addresses....

Thats something like you can have an IP address for every atom on earth! and still have some addresses left for 100 earths beyond that!

Becuase of this, they have agreed to leave 85% of the allocation untouched/reserved, until they have revised the standard, so we dont have addresses scattered around everywhere!!!


To make addresses more manageable, divided into 8 groups of 4 hex (not decimal) characters each

2001:0050:0000:0000:0000:0AB4:1E2B:98AA
Where as each octet (well they are not octets anymore, but you know what i mean) was 8 bits on IPV4, they are now 16 bits (16x8 = 128)

Rule 1: Elimate groups of consective zeros (ONCE per address)
2001:0050::0AB4:1E2B:98AA

Rule 2: Drop leading zeros
2001:50::AB4:1E2B:98AA

So this makes the loopback address 127.0.0.1 =  ::1 - lol!!!!
apart from speciality addresses, the addresses are never going to be as easy as IPV4 to type :0(


 So as you can see, although the header is bigger this just means it needs more bandwidth (these days, not as issue!) but its processor cyles it saves us on and its more secure as they are less fields.



NO more private IP addresses in IPV6, so no NAT (well its optional now)

BYE BYE DHCP ....
IPv6 hosts can configure themselves automatically when connected to a routed IPv6 network using ICMP version 6 (ICMPv6) router discovery messages. When first connected to a network, a host sends a link-local router solicitation multicast request for its configuration parameters; if configured, routers respond to such a request with a router advertisement packet that contains network-layer configuration parameters.



SO, lets have a looksie on my router (you may need an IOS upgrade)...

R1(config)#inter loopback50
R1(config-if)#ipv6 address ?
  WORD                General prefix name
  X:X:X:X::X          IPv6 link-local address
  X:X:X:X::X/<0-128>  IPv6 prefix
  autoconfig          Obtain address using autoconfiguration

R1(config-if)#ipv6 address 2011:2803:1234:AAA:BBBB:CCCC:1234:5678/64

Man is it hard to randomly make up an IP now!!!! and notice at last its gone CIDR!!! so thats better, no more typing the subnet mask!
So i have set the first 64bits to the network and the remainder 64bits are the host (its gonna take a while getting used to the size of these masks)


R1#show ipv6 interface loopback 50
Loopback50 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::C201:14FF:FEA8:0
  Global unicast address(es):
    2011:2803:1234:AAA:BBBB:CCCC:1234:5678, subnet is 2011:2803:1234:AAA::/64
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FF34:5678
  MTU is 1514 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ND DAD is not supported
  ND reachable time is 30000 milliseconds


* Notice we have auto-generated a link-local address!
* it starts with FE80
* it has FFEE in the address
* the last 64bits are the MAC Address - the MAC itself is 48bit (if a loopback it will borrow the MAC of one of the FastEthernet interfaces)



Lets have a look at how other devices will configure themselfs automatically on the network:


R1(config)#inter loopback51
R1(config-if)#ipv6 address ?
  WORD                General prefix name
  X:X:X:X::X          IPv6 link-local address
  X:X:X:X::X/<0-128>  IPv6 prefix


R1(config-if)#ipv6 address 2001:1234:abcd:5678::/64?
  anycast  Configure as an anycast
  eui-64   Use eui-64 interface identifier
  <cr>

R1(config-if)#ipv6 address 2001:1234:abcd:5678::/64 eui-64

this as the command suggests, enable the 64bit interface indentifer (the MAC and the FFEE bit)


R1#show ipv6 interface loopback 51
Loopback51 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::C201:14FF:FEA8:0
  Global unicast address(es):
    2001:1234:ABCD:5678:C201:14FF:FEA8:0, subnet is 2001:1234:ABCD:5678::/64 [EUI]
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FFA8:0
  MTU is 1514 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ND DAD is not supported
  ND reachable time is 30000 milliseconds


There is it is! notice the EUI bit, which was auto generated!!! :0)  so if the other devices are configured with this auto config set, they too will now know the subnet ID and will also auto generate there own address from the interface ID to give them a global address!!!

SO DHCP is optional now too! ..... WOW!