bashfulflowersΛογισμικό & κατασκευή λογ/κού

30 Ιουν 2012 (πριν από 4 χρόνια και 11 μήνες)

240 εμφανίσεις

IPv6 – The Next Generation Internet Protocol
Yuanlei Zhang
In the early 1990s, the Internet Engineering Task Force began an effort to develop
a successor to the IPv4 protocol. A prime motivation for this effort was the realization
that the 32-bit IP address space was beginning to be used up, with new networks and IP
nodes being attached to the Internet (and being allocated unique IP addresses) at a
breathtaking rate. To respond to this need for a large IP address space, a new IP
protocol, IPv6, was developed. The designers of IPv6 also took this opportunity to
tweak and augment other aspects of IPv4, based on the accumulated operational
experience with IPv4.
IPv6 Overview
IPv6 was designed to take an evolutionary step from IPv4. It was not a design goal
to take a radical step away from IPv4. Functions that work in IPv4 were kept in IPv6.
Functions that didn't work were removed. The changes from IPv4 to IPv6 fall
primarily into the following categories:
• Header Format Simplification
• Improved Support for Options
• Expanded Routing and Addressing Capabilities
• Quality-of-Service Capabilities
• Authentication and Privacy Capabilities
IPv6 Header Format
The format of the IPv6 header is shown in Figure 1 [1]. The most important
changes introduced in IPv6 are evident in the header format:
￿ Expanded addressing capabilities. IPv6 increases the size of the IP address from
32 to 128 bits. This ensures that the world won't run out of IP addresses. In
addition to unicast and multicast addresses, a new type of address, called an
anycast address, has also been introduced.
￿ A streamlined 40-byte header. As discussed below, a number of IPv4 fields have
been dropped or made optional. The resulting 40-byte fixed-length header allows
for faster processing of the IP datagram. A new encoding of options allows for
IPv6 – The Next Generation Internet Protocol
Yuanlei Zhang
more flexible options processing.
￿ Flow labeling and priority. IPv6 has an elusive definition of a "flow". This new
idea allows the labeling of packets belonging to particular flows. The IPv6 header
also has an eight-bit Traffic Class field. This field, like the TOS field in IPv4, can
be used to give priority to certain packets within a flow, or it can be used to give
priority to datagrams from certain applications over datagrams from other
Figure 1. IPv6 header format

Traffic Class Flow Label
Payload Length Next Hdr Hop Limit
Source Address
(128 bits)
Destination Address
(128 bits)

Fields defined in the IPv6 header are: [1]
￿ Version. This 4-bit field identifies the IP version number. For IPv6, it is 6.
￿ Traffic class. This 8-bit field is similar in spirit to the ToS field in IPv4.
￿ Flow label. This 20-bit field is used to identify a "flow" of datagrams.
￿ Payload length. This 16-bit value is treated as an unsigned integer giving the
number of bytes in the IPv6 datagram following the 40-byte packet header.
￿ Next header. 8-bit selector. Identifies the type of header immediately following the
IPv6 header. Uses the same values as the IPv4 Protocol field.
￿ Hop limit. 8-bit unsigned integer. Decremented by 1 by each node that forwards
the packet. The packet is discarded if Hop Limit is decremented to zero.
￿ Source Address. 128-bit address of the originator of the packet.
￿ Destination Address. 128-bit address of the intended recipient of the packet.
32 bits
IPv6 – The Next Generation Internet Protocol
Yuanlei Zhang
Several fields appearing in the IPv4 header are no longer present in the IPv6
￿ Fragmentation/Reassembly. IPv6 does not allow for fragmentation and reassembly
at intermediate routers; these operations can be performed only by the source and
destination. Fragmentation and reassembly is a time-consuming operation;
removing this functionality from the routers and placing it squarely in the end
systems considerably speeds up IP forwarding within the network.
￿ Checksum. Because the transport layer and data link protocols in the Internet
layers perform checksumming, the designers of IPv6 felt that this functionality
was sufficiently redundant in the network layer that it could be removed.
Furthermore, since the IPv4 header contains a TTL field (similar to the hop limit
field in IPv6), the IPv4 header checksum needed to be recomputed at every router.
As with fragmentation and reassembly, this too was a costly operation in IPv4.
￿ Options. An options field is no longer a part of the standard IP header. However, it
has not gone away. Instead, the options field is one of the possible "next headers"
pointed to from within the IPv6 header. That is, just as TCP or UDP protocol
headers can be the next header within an IP packet, so too can an options field.
The removal of the options field results in a fixed length, 40-byte IP header.
IPv6 Extensions
IPv6 includes an improved option mechanism over IPv4. IPv6 options are placed
in separate extension headers that are located between the IPv6 header and the
transport-layer header in a packet. Most IPv6 extension headers are not examined or
processed by any router along a packet's delivery path until it arrives at its final
destination. This facilitates a major improvement in router performance for packets
containing options.
The other improvement is that unlike IPv4 options, IPv6 extension headers can be
of arbitrary length and the total amount of options carried in a packet is not limited to
40 bytes. This feature plus the manner in which they are processed, permits IPv6
options to be used for functions that were not practical in IPv4.
IPv6 – The Next Generation Internet Protocol
Yuanlei Zhang
In order to improve the performance when handling subsequent option headers and
the transport protocol which follows, IPv6 options are always an integer multiple of 8
octets long, in order to retain this alignment for subsequent headers.
The IPv6 extension headers that are currently defined are: [3]
￿ Routing: Extended Routing (like IPv4 loose source route).
￿ Fragmentation: Fragmentation and Reassembly.
￿ Authentication: Integrity and Authentication. Security
￿ Encapsulation: Confidentiality.
￿ Hop-by-Hop Options: Special options which require hop-by-hop processing.
￿ Destination Options: Optional information to be examined by the destination node.
IPv6 Addressing
IPv6 addresses are 128-bit identifiers for interfaces and sets of interfaces. There
are three types of addresses: [2]
￿ Unicast: An identifier for a single interface. A packet sent to a unicast address is
delivered to the interface identified by that address.
￿ Anycast: An identifier for a set of interfaces (typically belonging to different
nodes). A packet sent to an anycast address is delivered to one of the interfaces
identified by that address (the "nearest" one, according to the routing protocols'
measure of distance).
￿ Multicast: An identifier for a set of interfaces (typically belonging to different
nodes). A packet sent to a multicast address is delivered to all interfaces identified
by that address.
There are no broadcast addresses in IPv6, their function being superseded by
multicast addresses.
IPv6 addresses of all types are assigned to interfaces, not nodes. An IPv6 unicast
address refers to a single interface. Since each interface belongs to a single node, any
of that node's interfaces' unicast addresses may be used as an identifier for the node.
All interfaces are required to have at least one link-local unicast address. A single
interface may also be assigned multiple IPv6 addresses of any type (unicast, anycast,
IPv6 – The Next Generation Internet Protocol
Yuanlei Zhang
and multicast) or scope. Unicast addresses with scope greater than link-scope are not
needed for interfaces that are not used as the origin or destination of any IPv6 packets
to or from non-neighbors. This is sometimes convenient for point-to-point interfaces.
Currently IPv6 continues the IPv4 model that a subnet prefix is associated with
one link. Multiple subnet prefixes may be assigned to the same link.
The specific type of an IPv6 address is indicated by the leading bits in the address.
The variable-length field comprising these leading bits is called the Format Prefix (FP).
The initial allocation of these prefixes is as follows: [2]
Table 1. Initial allocation of IPv6 FP’s
Fraction of
Address Space
Reserved 0000 0000 1/256
Unassigned 0000 0001 1/256
Reserved for NSAP Allocation 0000 001 1/128
Reserved for IPX Allocation 0000 010 1/128
… … …
Aggregatable Global Unicast Addresses

001 1/8
Unassigned 010 1/8
Unassigned 011 1/8
Unassigned 100 1/8
… … …
Link-Local Unicast Addresses 1111 1110 10 1/1024
Site-Local Unicast Addresses 1111 1110 11 1/1024
Multicast Addresses 1111 1111 1/256
IPv6 Routing
Routing in IPv6 is almost identical to IPv4 routing under CIDR except that the
addresses are 128-bit IPv6 addresses instead of 32-bit IPv4 addresses. With very
straightforward extensions, all of IPv4's routing algorithms (OSPF, RIP, IDRP, ISIS,
etc.) can used to route IPv6.
IPv6 – The Next Generation Internet Protocol
Yuanlei Zhang
IPv6 also includes simple routing extensions that support powerful new routing
functionality. These capabilities include: [3]
• Provider Selection (based on policy, performance, cost, etc.)
• Host Mobility (route to current location)
• Auto-Readdressing (route to new address)
The new routing functionality is obtained by creating sequences of IPv6 addresses
using the IPv6 Routing option. The routing option is used by an IPv6 source to list one
or more intermediate nodes (or topological group) to be "visited" on the way to a
packet's destination. This function is very similar in function to IPv4's Loose Source
and Record Route option.
In order to make address sequences a general function, IPv6 hosts are required in
most cases to reverse routes in a packet it receives (if the packet was successfully
authenticated using the IPv6 Authentication Header) containing address sequences in
order to return the packet to its originator. This approach is taken to make IPv6 host
implementations from the start support the handling and reversal of source routes. This
is the key for allowing them to work with hosts that implement the new features such
as provider selection or extended addresses.
IPv6 Quality-of-Service Capabilities
The Flow Label and the Traffic Class fields in the IPv6 header may be used by a
host to identify those packets for which it requests special handling by IPv6 routers,
such as non-default quality of service or "real-time" service. This capability is
important in order to support applications that require some degree of consistent
throughput, delay, and/or jitter. These types of applications are commonly described as
"multi-media" or "real-time" applications.
A flow is a sequence of packets sent from a particular source to a particular
(unicast or multicast) destination for which the source desires special handling by the
intervening routers. The nature of that special handling might be conveyed to the
routers by a control protocol, such as a resource reservation protocol, or by information
within the flow's packets themselves, e.g., in a hop-by-hop option.
IPv6 – The Next Generation Internet Protocol
Yuanlei Zhang
There may be multiple active flows from a source to a destination, as well as
traffic that are not associated with any flow. A flow is uniquely identified by the
combination of a source address and a non-zero flow label. Packets that do not belong
to a flow carry a flow label of zero.
All packets belonging to the same flow must be sent with the same source address,
same destination address, and same non-zero flow label. If any of those packets
includes a Hop-by-Hop Options header, then they all must be originated with the same
Hop-by-Hop Options header contents (excluding the Next Header field of the
Hop-by-Hop Options header). If any of those packets includes a Routing header, then
they all must be originated with the same contents in all extension headers up to and
including the Routing header (excluding the Next Header field in the Routing header).
Routers are free to "opportunistically" set up flow-handling state for any flow,
even when no explicit flow establishment information has been provided to them via a
control protocol, a hop-by-hop option, or other means.
The 8-bit Traffic Class field in the IPv6 header is available for use by originating
nodes and/or forwarding routers to identify and distinguish between different classes or
priorities of IPv6 packets.
IPv6 Security
The current Internet has a number of security problems and lacks effective privacy
and authentication mechanisms below the application layer. IPv6 remedies these
shortcomings by having two integrated options that provide security services. These
two options may be used singly or together to provide differing levels of security to
different users. This is very important because different user communities have
different security needs.
The first mechanism, called the "IPv6 Authentication Header", is an extension
header, which provides authentication and integrity (without confidentiality) to IPv6
datagrams. While the extension is algorithm-independent and will support many
different authentication techniques, the use of keyed MD5 is proposed to help ensure
interoperability within the worldwide Internet. Its placement at the Internet layer can
IPv6 – The Next Generation Internet Protocol
Yuanlei Zhang
help provide host origin authentication to those upper layer protocols and services that
currently lack meaningful protections.
The second security extension header provided with IPv6 is the "IPv6
Encapsulating Security Header". This mechanism provides integrity and confidentiality
to IPv6 datagrams. It is simpler than some similar security protocols (e.g., SP3D, ISO
NLSP) but remains flexible and algorithm-independent. To achieve interoperability
within the global Internet, DES CBC is being used as the standard algorithm for use
with the IPv6 Encapsulating Security Header.
Transitioning from IPv4 to IPv6
Besides the technical details of IPv6, a very practical matter of IPv6 is: how will
the public Internet, which is based on IPv4, be transitioned to IPv6? The problem is
that while new IPv6-capable systems can be made "backwards compatible”, already
deployed IPv4-capable systems are not capable of handling IPv6 datagrams. Several
options are possible.
Probably the most straightforward way to introduce IPv6-capable nodes is a
dual-stack approach, where IPv6 nodes also have a complete IPv4 implementation as
well. Such a node, referred to as an IPv6/IPv4 node, has the ability to send and receive
both IPv4 and IPv6 datagrams. When interoperating with an IPv4 node, an IPv6/IPv4
node can use IPv4 datagrams; when interoperating with an IPv6 node, it can speak
IPv6. IPv6/IPv4 nodes must have both IPv6 and IPv4 addresses. They must
furthermore be able to determine whether another node is IPv6-capable or IPv4-only.
This problem can be solved using the DNS, which can return an IPv6 address if the
node name being resolved is IPv6-capable, or otherwise return an IPv4 address.
In the dual-stack approach, if either the sender or the receiver is only IPv4-
capable, an IPv4 datagram must be used. As a result, it is possible that two IPv6-
capable nodes can end up, in essence, sending IPv4 datagrams to each other. This is
illustrated in Figure 2 [4].

IPv6 – The Next Generation Internet Protocol
Yuanlei Zhang
Figure 2. A dual-stack approach

From the illustration, we see that in performing the conversion from IPv6 to IPv4,
there will be IPv6-specific fields in the IPv6 datagram (for example, the flow identifier
field) that have no counterpart in IPv4. The information in these fields will be lost.
Therefore, even though E and F can exchange IPv6 datagrams, the arriving IPv4
datagrams at E from D do not contain all of the fields that were in the original IPv6
datagram sent from A.
An alternative to the dual-stack approach is known as tunneling. Tunneling can
solve the problem noted above. The basic idea behind tunneling is illustrated in Figure
3 [4]. (The intervening set of IPv4 routers between two IPv6 routers is referred to as a
With tunneling, the IPv6 node on the sending side of the tunnel (router B) takes
the entire IPv6 datagram and puts it in the data field of an IPv4 datagram. This IPv4
datagram is then addressed to the IPv6 node on the receiving side of the tunnel (router
E) and sent to the first node in the tunnel (router C). The intervening IPv4 routers in
the tunnel route this IPv4 datagram among themselves, just as they would any other
datagram, blissfully unaware that the IPv4 datagram itself contains a complete IPv6
datagram. The IPv6 node on the receiving side of the tunnel eventually receives the
IPv4 datagram, determines that the IPv4 datagram contains an IPv6 datagram, extracts
the IPv6 datagram, and then routes the IPv6 datagram exactly as it would if it had
received the IPv6 datagram from a directly connected IPv6 neighbor.
IPv6 – The Next Generation Internet Protocol
Yuanlei Zhang

Figure 3. Tunneling

The future of IPv6
Since the early 1990s, numerous new network-layer protocols have been
trumpeted as the next major revolution for the Internet, but most of these protocols
have had limited penetration to date. These protocols include IPv6, multicast protocols,
and resource reservation protocols. On the other hand, the Internet has witnessed rapid
deployment of new protocols at the application layer. The classic example, of course, is
HTTP and the Web; other examples include audio and video streaming and chat. From
this experience, we know that it is enormously more difficult to change network-layer
protocols than to change application-layer protocols. Therefore we may conclude that
in the future we can expect to see changes in the Internet's network layer, but these
changes will likely occur on a time scale that is much slower than the changes that will
occur at the application layer. IPv6 will make its way to the Internet, but it takes time.
IPv6 – The Next Generation Internet Protocol
Yuanlei Zhang

[1] RFC 2460, “Internet Protocol, Version 6 Specification”, December 1998
[2] RFC 2373, “IP Version 6 Addressing Architecture”, July 1998
[3] Robert M. Hinden, “IP Next Generation Overview ”, May 14, 1995
[4] James F. Kurose, “Computer Networking: A Top-Down Approach Featuring the
Internet”, 2001 (ISBN 0-201-47711-4)