After decades of faithful service, the current version of IP, also known as IP version 4 (IPv4), is showing signs of age. The growth of the Internet and the inclusion of a variety of unanticipated technologies are putting a strain on the original design. Before webegin to discuss IPv4's pitfalls, we must take a moment to reflect on the design of IPv4. This protocol was designed in the late 1970s (roughly the Bronze Age of computing) and has risen above all other networking protocols to become the de facto world standard for data communications. There are not many computer technologies that were designed in 1978 that are still in use today, much less as the cornerstone of a global communications infrastructure.
Note |
As this book is primarily about IPv4, the coverage of IPv6 in this chapter is deliberately written to provide an overview of the technology and how it compares with IPv4. Throughout the rest of this book, when IP is used, it denotes IPv4. For more information about IPv6 and its implementation in Microsoft Windows XP and the Windows Server 2003 family, see the book Understanding IPv6 (Redmond, Wash: Microsoft Press, 2003) by Joseph Davies. |
In today's Internet, IPv4 has the following disadvantages:
This limited address space has forced the wide deployment of Network Address Translators (NATs), which can share one public IPv4 address among several privately addressed computers. NATs have the side effect of blocking secure traffic, specifically Internet Protocol security (IPSec)–protected traffic, anddisabling some types of peer-to-peer applications. Although many workarounds for NAT issues are in development, they only add complexity to what should be an end-to-end addressable network.
All of these issues and others prompted the Internet Engineering Task Force (IETF) to begin the development of a replacement protocol for IPv4 that would solve the problems of IPv4 and be extensible to solve additional problems in the future. This replacement for IPv4 is IPv6.
Note |
The version number 5 was reserved for a different replacement protocol for IPv4 that was never implemented. |
IPv6 solves the problems of IPv4 in the following ways:
Note |
IPv6 is not designed to be a superset of IPv4 functionality and is not backward compatible with IPv4. |
The IPv6 address is 128 bits long, creating an address space of almost inconceivable size. With 128 bits you can express more than 3.4 1038 combinations. Unlike IPv4 unicast addresses, the structure of an IPv6 unicast address is very simple: The first 64 bits areused to express a subnet identifier and the last 64 bits are used to express an interface identifier. Although you can perform variable-length subnetting within the 64 bits of the subnet identifier, the host ID equivalent for IPv6 is always the same size. The 64 bits of subnet identifier are used to provide enough addressing space to enumerate networks from the Internet backbone to the subnets within an organization's site. The 64 bits of interface identifier are used to map 48-bit media access control (MAC) addresses used by today's network adapters and 64-bit MAC addresses used by tomorrow's network adapters.
With such a large address space, expressing an individual address became problematic. The designers of IPv6 settled on colon-hexadecimal notation. The 128-bit address isdivided into 16-bit blocks and delimited by colons. Each 16-bit block is expressed in hexadecimal format (rather than decimal format for IPv4). The result is the IPv6 address.
The following are some examples of IPv6 unicast addresses:
Notice that the leading zeros within each block are suppressed, as long as each block contains at least one hexadecimal digit.
There are many IPv6 addresses that have a sequence of blocks set to 0. To further compress IPv6 addresses, a single contiguous set of 0 blocks can be expressed as "::", anotation known as double-colon. For example:
To express a subnet identifier, a route, or an address range, IPv6 uses the network prefix length notation (also used for Classless Inter-Domain Routing [CIDR] for IPv4). There are no subnet masks in IPv6. For example, 3FFE:FFFF:2A:41CD::/64 is a subnet identifier; 3FFE:FFFF:2A::/48 is a route; and FF::/8 is an address range (the range of all IPv6 multicast addresses).
IPv6 defines three types of addresses: unicast, multicast, and anycast. Unicast and multicast addresses work in the same way as they do for IPv4. An anycast address, however, is a strange mixture of unicast and multicast. Whereas a unicast address is used for one-to-one delivery and a multicast address is used for one-to-many delivery, an anycast address is used for one-to-one-of-many delivery. A set of interfaces, known as an anycast group, listens on the anycast address. When a sending host sends packets to an anycast address, the packets are delivered to the anycast group member that is topologically closest to the sending host. This delivery to the closest anycast group member is facilitated by host routes in the routing infrastructure that indicate with routing metrics where the closest group member is located. This new type of address allows some types of network resources, such as Domain Name System (DNS) servers, to be scattered across an organization's network. For example, when a DNS query is sent, it is sent to a reserved DNS Servers anycast address and delivered to the DNS server that is closest to the querying node.
Just as there are different types of IPv4 unicast addresses (such as public and private), there are different types of IPv6 unicast addresses.
Global
Aggregatable global unicast addresses, also known as global addresses, are the equivalent of IPv4 public addresses. Global addresses are globally reachable on the IPv6 Internet. Unlike public IPv4 network IDs, which are a combination of flat and summarizableaddress spaces, IPv6 global addresses have a defined structure that makes them easy to aggregate and summarize at address space boundaries. This results in fewer routes in the various routing domains of the Internet.
Local-Use Unicast Addresses
Local-use unicast addresses are those unicast addresses that are not globally reachable on the IPv6 Internet. These addresses are designed to be used within the site or on the link.
Site-local addresses, which are used within the same site, are equivalent to IPv4 public addresses. Organizations can use them internally without conflicting with global addresses and these addresses can be safely used even when the organization has a direct, routed connection to the IPv6 Internet. Site-local addresses always begin with "FEC0".
Link-local addresses, which are used on the same link, are equivalent to Automatic Private IP Addressing (APIPA) addresses used by current Microsoft desktop and server operating systems. Link-local addresses are automatically configured and can be used to provide automatic addressing for nodes connected to the same network segment when there is no router present. Link-local addresses always begin with "FE80".
The interface identifier, the last 64 bits of an IPv6 unicast address, is determined in the following ways:
To resolve domain names to IPv6 addresses, RFC 1886 defines the use of the AAAA (or quad-A) DNS resource record to resolve a DNS name to an IPv6 address. The AAAA record is analogous to the address (A) record that exists for resolving a DNS name to an IPv4 address. To obtain an AAAA record in a DNS query response, a querying host must specify either AAAA records or all records in its DNS query.
For reverse name resolution, RFC 1886 also describes the use of pointer (PTR) records to determine the name of an IPv6 node from its address. The IP6.ARPA reverse namedomain is used as the root of the reverse namespace rather than IN-ADDR.ARPA. To create the reverse query name, the IPv6 address is fully expressed as a sequence of hexadecimal digits (including all 0 digits), and then each hexadecimal digit in reverse orderbecomes a separate level in the reverse domain namespace.
For example, for the IPv6 address FEC0:0:0:41CD:2AA:FF:FE5F:47D1 (fully expressed as FEC0:0000:0000:41CD:02AA:00FF:FE5F:47D1), the name in the reverse domain namespace is 1.D.7.4.F.5.E.F.F.F.0.0.A.A.2.0.D.C.1.4.0.0.0.0.0.0.0.0.0.C.E.F.IP6.ARPA.
The core protocols of the IPv6 protocol suite consist of the following:
The IPv6 header is described in RFC 2460. It has a new, streamlined design that removes unneeded fields and moves seldom-used fields to extension headers. Even with addresses that are four times larger than IPv4 addresses, the size of the IPv6 header is only twice as large as the IPv4 header, with a 40-byte fixed size. Although larger, the IPv6 header contains fewer fields and is more efficiently processed by routers. Like IPv4, IPv6 is connectionless and provides a best-effort delivery to the destination.
The IPv6 header is not compatible with the IPv4 header. An IPv4-only node silently discards IPv6 packets and an IPv6-only node silently discards IPv4 packets.
ICMPv6, defined in RFC 2463, provides error reporting and diagnostic functions for IPv6. Additionally, ICMPv6 provides a common packet structure for the messages of ND and MLD. Analogous to ICMP for IPv4, ICMPv6 provides the following types of messages:
ICMPv6 also includes a Packet Too Big message that is equivalent to the RFC 1191–defined Destination Unreachable-Fragmentation Needed and DF Set message. The ICMPv6 Packet Too Big message is used for IPv6-based path maximum transmission unit (PMTU) discovery.
ND, defined in RFC 2461, consists of a set of ICMPv6 messages, message options, and defined processes that allow neighboring nodes to discover each other, discover the routers on the link, and provide support for host redirection. ND replaces the following facilities in IPv4:
The five ND messages are as follows:
ND defines the following processes:
MLD, defined in RFC 2710, is the IPv6 equivalent to Internet Group Management Protocol (IGMP) version 2 for IPv4. MLD defines ICMPv6 messages that are used by hosts to register group membership, by hosts to leave a group, and by routers to query the subnet for group membership.
There are many differences between IPv4 and IPv6, and Table 10-1 lists some of the more obvious differences.
Category |
IPv4 |
IPv6 |
---|---|---|
Address length |
32 bits |
128 bits |
Header size |
20–60 bytes |
40 bytes |
IPSec support |
Optional |
Required |
QoS support |
Limited |
Better |
Fragmentation |
Done by hosts and routers |
Done by hosts only |
Is a header checksum present? |
Yes |
No |
Does the header include options? |
Yes |
No |
Link-layer address resolution |
Broadcast ARP frames |
Multicast Neighbor Solicitation messages |
Error reporting and diagnostic protocol |
ICMP (for IPv4) |
ICMPv6 |
Multicast group membership protocol |
IGMP |
MLD |
Router discovery support |
Optional |
Required |
Network layer broadcast addresses? |
Yes |
No |
Host configuration |
DHCP or manual |
Automatic, DHCP, or manual |
DNS record type for name resolution |
A record |
AAAA record |
DNS record type and location for |
PTR records in IN-ADDR.ARPA domain |
PTR records in reverse name resolution IP6.ARPA domain |
The IPv6 suite of protocols is a revision of the Internet Layer protocols of the currentTCP/IP protocol suite and replaces IP, ICMP, IGMP, and ARP. IPv6 attempts to solvethe problems of IPv4 with efficient and plentiful addressing, a streamlined InternetLayer header that is easier for routers to process, and more efficient neighboring node interaction.
Part I - The Network Interface Layer
Part II - Internet Layer Protocols
Part III - Transport Layer Protocols
Part IV - Application Layer Protocols and Services