Class: CO5I-A-B Adv.

Computer Network (22520)Year:2019-20-21

Subject Teacher: Manish V. Salvi. (Computer Engineering)

COURSEOUTCOMES (COs)
The theory, practical experiences and relevant soft skills associated with this course are to be
Taught and implemented, so that the student demonstrates the following industry oriented
COs associated with the above mentioned competency:
a) Implement Network Layer Protocols.
b) Configure IPv6 Network.
c) Choose routing protocol in the given network situation.
d) Implement different Transport Layer Protocols.
e) Configure various Application Layer Protocols.
Unit 2: Next generation IP
2.1 IPv6 Addressing: Representation, address space, address space allocation, Auto-
configuration, Renumbering.
2.2 Transition from IPv4 to IPv6: Dual Stack, Tunneling, Header Translation.
2.3 IPv6 Protocol: Packet format, Extension Header.
IPV6 Addressing:
 IP Features:
 Layer 3 (Network layer)
 Unreliable, Connectionless, Datagram
 Best-effort delivery
 Popular version: IPv4
 Major functions
 Global addressing
 Datagram lifetime
 Fragmentation & Reassembly
Why IPv6?
 Deficiency of IPv4
 Address space exhaustion
 New types of service  Integration
 Multicast
 Quality of Service
 Security
 Mobility (MIPv6)
Header and format limitations
Advantages of IPv6 over IPv4
 Larger address space Allows billions of devices to be interconnected, mean no forced
Network Address Translators
 Allow coherent end-to-end packet delivery
 Improve the potential for use of end-to-end security tools for encryption and
authentication
 IPv6 is “more secure” than V4
 Better header format
 New options
 Allowance for extension
 Only IPv6 supports mobility
 IPv6 offers “bundled” QoS
Quality of service (QoS) refers to any technology that manages data traffic to reduce packet
loss, latency and jitter on the network. QoS controls and manages network resources by
setting priorities for specific types of data on the network. (Packet-based and stream-based
QoS)
 Support for resource allocation

1
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

 Support for more security

 Support for mobility
 There are 90 RFCs (Request for Comments) that describe aspects of IPv6
 Only V6 offers plug and play auto-configuration
 IPv6 allows rapid renumbering

Why IPv6?
o Shortage of IPv4 addresses
 Internet is expanding very rapidly in developing countries
like India, China
 New devices like phones need IP address
o End-to-End Reachability is not possible without IPv6
o New Features like Auto-configuration, better support for QoS,
Mobility and Security, Route Aggregation, Jumbo Frames
IPv4: 32 bits or 4 bytes long
4,200,000,000 possible addressable nodes
IPv6: 128 bits or 16 bytes
 3.4 * 1038 possible addressable nodes
 340,282,366,920,938,463,374,607,432,768,211,456
 5 * 1028 addresses per person
o
IPv6 Header Format
IPv4 Header IPv6 Header

Header: from IPv4 to IPv6

2
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

CHANGED CHANGED

IPv6 Header Format

3
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

 IPv6 Packet Structure / Representation

 Address space allocation

 Auto-configuration
 Renumbering

IPv6 Address Representation Examples:

2031:0000:130F:0000:0000:09C0:876A:130B
2031:0:130f::9c0:876a:130b
FF01:0:0:0:0:0:0:1 >>> FF01::1
0:0:0:0:0:0:0:1 >>> ::1
0:0:0:0:0:0:0:0 >>> ::
Notations in 128 bit
 Dotted decimal 123.145.20.34
 hexadecimal notation. 23BA:1234:00B1:0000:BF30:3456:000A:FFFF
 Mixed representation 23BA:1234:123:56:BF30:3456:000A:FFFF
 CIDR notation. FDC1:AB23:0:FFFF/27
Ref.: TechKnowledge

Example:
IPV6 use 16 bytes addresses If a block of 1 milion addresses is allocated every
picosecond how long will be the addresses last?
Ans.:
 Total no. of address bit = 18* 8 =128
 Number of addresses = 2 128 = 3.4 * 1036
 One picosecond = 1 * 1012 seconds
 1 million addresses = 1 *106 address
 1 picosecond = 1 * 106 address
Therefore, X = 3.4 * 1038
3.4* 1038
X = ------------- * 1 picoseconds
1 * 106
Therefore, X = 3.4* 1032 picoseconds

X = 3.4* 1020 seconds

X = 9.44*1016 Hours
X = 3.9352 * 1015 days = 1.0781 * 1013 years

4
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

Address space:
 For IPV6 it is 2 128 = 3.4 * 1036 it is 296 times bigger than IPV4.
 No possible Address Depletion inIPV6.
 There are three types of addresses in IPV6:
1. Unicast Addresses: Single computer as a destination, means packet delivered
to specific address.
In IPV6 it is possible to assign unicast addresses to the interfaces.
2. Anycast Addresses: Used to define group computers with addresses which
have the same prefix. It delivers the packets only one of the member of the
group which is closest or the most easily accessible. No special or separate
address block is assigned for anycasting in IPV6. These are assigned for block
of unicast addresses.
3. Multicast addressing: Defines group of computers which may or may not
share the same prefix and may not connected to the same physical network.
Packet sent by this is meant to be delivered to each of the group. There is
broad cast address as multicast perform same function. Type of address
is determined by leading bits.
OR
 Unicast
o Address is for a single interface.
o IPv6 has several types (for example, global and IPv4 mapped).
 Anycast
o One-to-nearest (allocated from unicast address space).
o Multiple devices share the same address.
o All anycast nodes should provide uniform service.
o Source devices send packets to anycast address.
o Routers decide on closest device to reach that destination.
o Suitable for load balancing and content delivery services.
 Multicast
o One-to-many
o Enables more efficient use of the network
o Uses a larger address range

IPv6 Address Scope

5
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

 Link-local: The scope is the local link (nodes on the same subnet)
 Hosts on the same link (the same subnet) use these automatically
configured addresses to communicate with each other.
 Neighbor Discovery provides address resolution.
 The prefix for link-local addresses is FE80::/64.
 The following illustration shows the structure of a link-local address

 Unique-local: The scope is the organization (private site addressing)

 IPv6 unicast unique-local addresses are similar to IPv4 private
addresses.
 The scope of a unique-local address is the internetwork of an
organization‘s site. (You can use both global addresses and unique-local
addresses in your network)
 The prefix for unique-local addresses is FC00::/8.

 Mandatory address for communication between two IPv6 devices

 Automatically assigned by router as soon as IPv6 is enabled

 Global: The scope is global (IPv6 Internet addresses)

 Global unicast and anycast addresses are defined by a global routing

prefix, a subnet ID, and an interface ID.
IPv6 Address Representation EUI 64-Autoconfiguration
IPv6 uses the extended universal identifier (EUI)-64 format to do
stateless auto-configuration.
This format expands the 48-bit MAC address to 64 bits by inserting
―FFFE‖ into the middle 16 bits.
To make sure that the chosen address is from a unique Ethernet MAC
address, the universal/local (U/L bit) is set to 1 for global scope (0 for
local scope).

6
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

Stateless Auto-configuration:
 Stateless Address Configuration (IP Address, Default Router Address)
 Routers sends periodic Router Advertisement
 Node gets prefix information from the Router advertisement and
generates the complete address using its MAC address
 Global Address=Link Prefix + EUI 64 Address
 Router Address is the Default Gateway
Stateless Autoconfiguration Example
 MAC address: 00:0E:0C:31:C8:1F
 EUI 64 Address: 20E:0CFF:FE31:C81F
 Router Solicitation is sent on FF01::2 (All Router Multicast Address)
and Advertisement sent on FF01::1 (All Node Multicast Address)

DHCPv6 https://www.youtube.com/watch?v=S43CFcpOZSI
Stateful Configuration
Provides not only IP address, also other configuration parameters like DNS

Client
 Initiates requests on a link to obtain configuration parameters
 use its link local address to connect the server
 Send requests to FF02::1:2 multicast address
(All_DHCP_Relay_Agents_and_Servers)

Relay Agent/ DHCPv6 Server

7
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

 node that acts as an intermediary to deliver DHCP messages

 between clients and servers
 is on the same link as the client
 listening on multicast addresses:
All_DHCP_Relay_Agents_and_Servers
Routing in IPv6
o Same Protocols as in IPv4
 Static
 RIPng
 OSPFv3
 MP-BGP4
o Use ping6 and traceroute6 commands to check reachability and route
IPv6 protocol responds to the above issues using the following main changes in the
protocol:
Larger address space.
An IPv6 address is 128 bits long. Compared with the 32-bit address of IPv4, this is a huge
Better header format.

IPv6 uses a new header format in which options are separated from the base header and
inserted, when needed, between the base header and the upper-layer data. This simplifies
and speeds up the routing process because
Most of the options do not need to be checked by routers.

New options.
IPv6 has new options to allow for additional functionalities.

Allowance for extension.

IPv6 is designed to allow the extension of the protocol if required by new technologies or
applications.

Support for resource allocation.

In IPv6, the type-of-service field has been removed, but two new fields, traffic class and
flow label
have been added to enable the source to request special handling of the packet. This
mechanism can be used to support traffic such as real-time audio and video.

Support for more security.

The encryption and authentication options in IPv6
provide confidentiality and integrity of the packet.

8
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

 Aggregation of prefixes announced in the global routing table

 Efficient and scalable routing

The following is a list of changes I did for IPv6 and for legacy IP — just an overview to get an
idea of differences and stumbling blocks.

IPv6 Auto-configuration and Renumbering

 IPv6 is a facility to allow devices on an IPv6 to actually configure themselves

independently.
 But in IPv4 hosts were originally configured manually.
 Further host configuration protocols like DHCP enabled servers to allocate IP
addresses to hosts that joined the network.
 IPv6 supports by defining a method for some devices to automatically configure their
IP address and other parameters without the need for a server.
 It also defines a method whereby the IP addresses on a network can be renumbered
(changed new numbering/sequencing).
 These are the sorts of features that make TCP/IP network administrators support.
 The IPv6 autoconfiguration and renumbering feature is defined in RFC 2462,
 IPv6 Stateless Address Autoconfiguration.
 The word ―stateless‖ contrasts this method to the server-based method using something
like DHCPv6, which is called ―stateful‖.
 This method is called ―stateless‖ because it begins from a ―dead start‖ with no
information (or ―state‖) at all for the host to work with, and has no need for a DHCP
server.
 Stateless auto-configuration exploits several other new features in IPv6, including
 link-local addresses,
 multicasting,
 the Neighbor Discovery (ND) protocol, and
 the ability to generate the interface identifier of an address from the
underlying data link layer address.

The general idea is to have a device generate a temporary address until it can determine the
characteristics of the network it is on, and then create a permanent address it can use based
on that information. In the case of multi-homed devices,

9
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

Auto-configuration is performed for each interface separately,

The following is a summary of the steps a device takes when using stateless auto-
configuration:
1. Link-Local Address Generation: The device generates a link-local address.
 Recall that this is one of the two types of local-use IPv6 addresses.
Link-local addresses have ―1111 1110 10‖ for the first ten bits.
 The generated address uses those ten bits followed by 54 zeroes and then
the 64 bit interface identifier.
 This will be derived from the data link layer (MAC) address or it may be
a ―token‖ generated in some other manner.
2. Link-Local Address Uniqueness Test:
 The node tests to ensure that the address it generated isn't for some reason
already in use on the local network.
 if the link-local address came from a MAC address ,if it was based on a
generated token.
 It sends a Neighbor Solicitation message using the
 Neighbor Discovery (ND) protocol. It listens for a Neighbor
Advertisement in response, it indicates that another device is already
using its link-local address; if so, either a new address must be generated,
or auto-configuration fails and another method must be employed.

3. Link-Local Address Assignment:

 Assuming the uniqueness test passes, the device assigns the link-local
address to its IP interface.
 This address can be used for communication on the local network, but
not on the wider Internet (since link-local addresses are not routed).

4. Router Contact: The node next attempts to contact a local router for
more information on continuing the configuration.
 This is done either by listening for Router Advertisement messages sent
periodically by routers, or
 by sending a specific Router Solicitation to ask a router for information
on what to do next.
 This is in reference with IPv6 Neighbor Discovery protocol.
5. Router Direction:
 The router provides direction to the node on how to proceed with the
auto-configuration.
 It may tell the node that on this network “stateful” auto-
configuration is in use, and tell it the address of a DHCP server to
use.
 Means it will tell the host how to determine its global Internet
address.
6. Global Address Configuration:
 Assuming that stateless auto-configuration is in use on the network,
 the host will configure itself with its globally-unique Internet address.
 This address is generally formed from a network prefix provided to the host
by the router, combined with the device's identifier as generated in the
first step.
 Numerous advantages over both manual and server-based
configuration.

10
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

 helpful in supporting mobility of IP devices, as they can move to new

networks and
 Get a valid address without any knowledge of local servers or network
prefixes.
 It still allows management of IP addresses using the (IPv6-compatible)
version of DHCP if that is desired.

 Routers on the local network will typically tell hosts which type of
auto-configuration is supported using special flags in ICMPv6
Router Advertisement messages.
 IPv6 includes an interesting feature called stateless address auto-
configuration, which allows a host to actually determine its own IPv6
address from its layer two address by following a special procedure.

IPv6 Device Renumbering

 Renumbering of devices is a method related to auto-configuration.

 Like host configuration, it can be implemented using protocols like DHCP,
through the use of IP address ―leases‖ that expire after a period of time.
 IPv6, networks can be renumbered by having routers specify an expiration
interval for network prefixes when auto-configuration is done. Later, they can
send a new prefix to tell devices to regenerate their IP addresses. Devices can
actually maintain the old ―deprecated‖ address for a while and then move over to
the new address.
 A similar technique was also defined for renumbering router addresses, in
RFC 2894. It uses special ICMPv6 messages .
 Moving to another ISP required changing all IP addresses.
 Changing public IPv4 addresses was done in a few minutes. Changing public
IPv6 addresses took me a couple of weeks.
 It was not only changing the interface IPv6 addresses but also lots of
configuration details in almost all services/appliances where IPv6 GUAs were
used as well.

Simplified processing by routers

 The packet header in IPv6 is simpler than the IPv4 header.

 Many rarely used fields have been moved to optional header extensions.
 the simplified IPv6 packet header the process of packet forwarding by routers
has been simplified.
 Although IPv6 packet headers are at least twice the size of IPv4 packet headers,
packet processing by routers is generally more efficient,
 because less processing is required in routers due to the headers being aligned to
match common word sizes
 an IPv6 header does not include a checksum.
 The IPv4 header checksum is calculated for the IPv4 header, and has to be
recalculated by routers every time the time to live (called hop limit in the IPv6
protocol) is reduced by one.
 The absence of a checksum in the IPv6 header furthers the end-to-end principle
of Internet design, which envisioned that most processing in the network occurs
in the leaf nodes.

11
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

 Integrity protection for the data that is encapsulated in the IPv6 packet is
assumed to be assured by both the link layer or error detection in higher-layer
protocols, namely the Transmission Control Protocol (TCP) and the User
Datagram Protocol (UDP) on the transport layer.
 Thus, while IPv4 allowed UDP datagram headers to have no checksum
(indicated by 0 in the header field), IPv6 requires a checksum in UDP headers.
 IPv6 routers do not perform IP fragmentation.
 IPv6 hosts are required to either perform path MTU discovery,
 perform end-to-end fragmentation, or
 to send packets no larger than the default Maximum transmission unit (MTU),
which is 1280 octets.

Mobility

 Unlike mobile IPv4, mobile IPv6 avoids triangular routing and is therefore as
efficient as native IPv6.
 IPv6 routers may also allow entire subnets to move to a new router connection
point without renumbering.
 Extension headers
 The IPv6 packet header has a minimum size of 40 octets (320 bits).
 Options are implemented as extensions.
 This provides the opportunity to extend the protocol in the future without
affecting the core packet structure.
 However, a study in 2015 indicated that some network operators dropped IPv6
packets with extension headers when they traversed transit autonomous systems.

Changes overview

 The following table summarizes the number of changes I did for both Internet
protocols.
 In fact, it is a list that compares the usage of IPv6 GUA addresses vs IPv4 private
addresses in server configurations.

 IPv6 global addresses are similar to IPv4 public addresses. As the name
implies, they are routable on the internet. ...
 A global Unicast Address IPv6 (GUA) address consists of two parts:

 subnet ID – 64 bits long. Contains the site prefix (obtained from a Regional
Internet Registry) and the
 subnet ID (subnets within the site).

IPv6 Legacy IP

Host/Device/VM 23x (address + gateway + None! LOL Everything

Interface Addresses DNS server) with private addresses

Firewall: Interfaces 7x 2x

Firewall: Static Routes 10x 2x

12
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

IPv6 Legacy IP

Firewall: Host/Network 29x 9x

Objects

Firewall: NATs NOT A SINGLE ONE! 1x outgoing, 0x incoming

STRIKE! This is why since objects (row above)
we're all here. were used

Firewall: VPNs 3x 10x (since most VPNs are

over v4)

Firewall: Miscellaneous 6x (custom reports, None

LLDP profile, DNS-
Proxy, RDNSS)

DNS Names AAAA 47x 23x

and A

DNS Authoritative 5x 4x
Zones: masters, also-
notify

DNS Glue Record: 1x 1x

ns1.weberdns.de

Reverse DNS PTR 40x (incl. new zone for None (since internal RFC
Records new v6 range) 1918 addresses haven't
changed)

Syslog Forwarding 11x None

NTP Restricts (for 6x None

access from MRTG)

SNMP read access 2x 1x

Pulse Connect Secure: 1x 1x

Admin Auth Policy

Pulse RA VPN: Client 1x None

Addressing

ntopng: local-networks 1x None

DNS caching BIND: 1x None

allow-recursion

RIPE Atlas 2x 1x
measurements

Postfix: relayhost, 2x None

mynetworks

13
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

IPv6 Legacy IP

Cisco ESA: Host 4x None

Access Table (HAT),
Relaylist

MRTG: Targets w/ 3x None

static IPs

FileZilla FTP Server: None 1x

NAT external IP
Note, the number of ‗None‘ counts for IPv4, while for IPv6 I had to adjust several
configuration files. Counting the mere numbers, it‘s 205x changes of IPv6 addresses vs
56x changes of legacy IPv4 addresses. It changes dependancies.

Dual-stack IP implementation

 Dual-stack IP implementations provide complete IPv4 and IPv6 protocol stacks in

the operating system of a computer or network device on top of the
common physical layer implementation, such as Ethernet.
 This permits dual-stack hosts to participate in IPv6 and IPv4 networks
simultaneously.
 The method is defined in RFC 4213.
 A device with dual-stack implementation in the operating system has an IPv4
and IPv6 address, and

14
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

 can communicate with other nodes in the LAN or the Internet using either IPv4 or
IPv6.
 The Domain Name System (DNS) protocol is used by both IP protocols to
resolve fully qualified domain names (FQDN) and IP addresses,
 but dual stack requires that the resolving DNS server can resolve both types of
addresses.
 Such a dual stack DNS server would hold IPv4 addresses in the A records, and
IPv6 addresses in the AAAA records.
 Depending on the destination that is to be resolved, a DNS name server may
return an IPv4 or IPv6 IP address, or both.
 A default address selection mechanism, or preferred protocol, needs to be
configured either on hosts or the DNS server.
 The IETF(Internet Engineering Task Force) has published Happy Eyeballs ==
called Fast Fallback) is an algorithm published by the IETF which can make dual-
stack applications more responsive to users )to assist dual stack applications, so that
they can connect using both IPv4 and IPv6, but prefer an IPv6 connection if it is
available.
 dual-stack also needs to be implemented on all routers between the host and the
service for which the DNS server has returned a IPv6 address.
 Dual-stack clients should only be configured to prefer IPv6, if the network is able to
forward IPv6 packets using the IPv6 versions of routing protocols.
 When dual stack networks protocols are in place the application layer can be
migrated to IPv6.
 While dual-stack is supported by major operating system and network
device vendors, legacy networking hardware and servers don't support IPv6.
Tunneling is a feature that is used to transport packets from one type of network over a
network of a different type.

 The most common type is 6to4 tunneling. This type of tunneling allows for IPv6
packets to be transported over an IPv4 network through encapsulation.
 6to4 tunneling was created to support both IP types during the transition from IPv4
to IPv6. A less common type of tunneling is 4to6 tunneling.

15
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

 This type of tunneling allows for IPv4 packets to be transported over an IPv6
network.
 This article explains how to configure tunneling on the RV215W.
Tunneling 6 to 4 Tunneling:
 allows for the transmission of IPv6 packets over an IPv4 network.
 is achieved by encapsulating the IPv6 packet into an IPv4 packet.
 Once the packet is received by the remote IPv6 network,
 the packet is de-capsulated back to an IPv6 packet.
 This type of tunneling is used if your ISP does not provide 6RD (Rapid
Deployment) tunneling.
Step 1. Log in to the web configuration utility and choose
Networking > IPv6 > Tunneling. The Tunneling page opens:

Step 2. Check Enable in the 6 to 4 Tunneling field to enable 6to4 tunneling.

Note: To use 6to4 tunneling the LAN must be configured to IPv6 and the WAN
IPv4 on the IP Mode page. As per the article IP Mode Configuration on
RV215W.
Step 3. Click the 6to4 radio button to configure the tunneling type as 6to4.
Step 4. Check Enable in the Automatic Tunneling field to have 6to4 tunneling configure
automatically. Automatic 6to4 tunneling treats the IPv4 network as a non-
broadcast multi-access (NBMA) network, where multiple host are attached but
data is transmitted directly from one host to another over a virtual circuit.
 The IPv4 address embedded in the IPv6 address is used to determine the other
end of the tunnel.
Step 5. If automatic tunneling is not enabled, enter the end point IPv4 address of the
network you want to create a manual tunnel to.
 A manual tunnel is a permanent link between two IPv6 domains over an IPv4
network.
Step 6. Click Save.

16
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

6RD Tunneling
6 Rapid Deployment (6RD) is a more secure version of 6to4 tunneling.
In 6RD each ISP provides its own unique IPv6 prefix instead of the standard 2002::/16
6to4 prefix.
This allows the ISP to control QoS of the tunnel and who gets to use the relay servers.
 Quality of Service (QOS) in IPv6. Several features are added to IPv6 specification in
addition to 128-bits addressing as the IPv6 specification made its way through the IETF
committee process. ... Quality of Service (QOS) is an important term and an emerging
feature of modern networks

Step 1. Log in to the web configuration utility and choose Networking > IPv6 >
Tunneling.
The Tunneling page opens:

Step 2. Check Enable in the 6 to 4 Tunneling field to enable 6to4 tunneling.

Note: To use 6to4 tunneling the LAN must be configured to IPv6 and the
WAN IPv4 on the IP Mode page.
Step 3. Click the 6RD radio button to configure the tunneling type as 6RD.
Step 4. Click the radio button that corresponds to the desired Tunneling Connection
Mode.
• Auto — The 6RD tunneling configures automatically. Automatic 6to4 tunneling
treats the IPv4 network as a non-broadcast multi-access (NBMA) network, where
multiple host are attached but data is transmitted directly from one host to another
over a virtual circuit.
The IPv4 address embedded in the IPv6 address is used to determine the other end
of the tunnel.
• Manual — The 6RD tunneling must be configured manually.
A manual tunnel is a permanent link between two IPv6 domains over an IPv4
network.
Step 5. If the connection mode is manual, configure the following fields.
• IPv6 Prefix — Enter the IPv6 prefix that the ISP uses for the tunnel.
• IPv6 Prefix Length — Enter the prefix length of the IPv6 address.
• Border Relay — Enter the IPv6 address of the border router.

17
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

• IPv4 Mask Length — Enter the IPv4 mask length of the remote end point.
Step 6. Click Save.

4 to 6 Tunneling
 4to6 tunneling allows for the transmission of IPv4 packets over an IPv6 network.
This feature is used when the local IPv4 network sends packets across an IPv6
inter-network to a remote IPv4 network.
Step 1. Log in to the web configuration utility and
choose Networking > IPv6 > Tunneling.
The Tunneling page opens:

Step 2. Check Enable in the 4 to 6 Tunneling field to enable 4 to 6 tunneling.

Note: To use 4to6 tunneling the LAN must be configured to IPv6 and the WAN to IPv4
on the IP Mode page.
Step 3. Enter the IPv6 address of the RV215W in the Local WAN IPv6 Address field.
Step 4. Enter the IPv6 address of the remote end point that you want to create a tunnel to in
the Remote IPv6 Address field.
Step 5. Click Save.
IPv6 packets

Fig. IPv6 packet header

18
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

An IPv6 packet has two parts: a header and payload.

The header consists of a fixed portion with minimal functionality required for all
packets and
may be followed by optional extensions to implement special features.
 The fixed header occupies the first 40 octets (320 bits) of the IPv6 packet.
 It contains the source and destination addresses,
 traffic classification options,
 a hop counter, and
 the type of the optional extension or payload which follows the header.
 This Next Header field tells the receiver how to interpret the data which follows
the header.
 If the packet contains options, this field contains the option type of the next
option.
 The "Next Header" field of the last option, points to the upper-layer protocol that is
carried in the packet's payload.
 Extension headers carry options that are used for special treatment of a packet in
the network, e.g., for routing, fragmentation, and for security using
the IPsec framework.
 Without special options, a payload must be less than 64kB. With a Jumbo Payload
option (in a Hop-By-Hop Options extension header), the payload must be less than
4 GB.
 Unlike with IPv4, routers never fragment a packet.
 Hosts are expected to use Path MTU Discovery (Path MTU Discovery (PMTUD) is a
standardized technique in computer networking for determining the maximum transmission unit
(MTU) size on the network path between two Internet Protocol (IP) hosts)
 to make their packets small enough to reach the destination without needing to be
fragmented.

 Transition From IPv4 to IPv6

Complete transition from IPv4 to IPv6 might not be possible because IPv6 is not
backward compatible.
This results in a situation where either a site is on IPv6 or it is not.
It is unlike implementation of other new technologies where the newer one is
backward compatible so the older system can still work with the newer version without
any additional changes.
To overcome this short-coming, we have a few technologies that can be used to ensure
slow and smooth transition from IPv4 to IPv6.

19
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

IPv6 Packet Header Format

The IPv6 protocol defines a set of headers, including the basic IPv6 header and the IPv6
extension headers. The following figure shows the fields that appear in the IPv6 header
and the order in which the fields appear.

Figure 11-3 IPv6 Basic Header Format

The following list describes the function of each header field.

 Version – 4-bit version number of Internet Protocol = 6.
 Traffic class – 8-bit traffic class field.
 Flow label – 20-bit field. designed to provide special handling for a particular flow
of data.
 Payload length – 16-bit unsigned integer, which is the rest of the packet that
follows the IPv6 header, in octets.
 Next header – 8-bit selector. Identifies the type of header that immediately follows
the IPv6 header. Uses the same values as the IPv4 protocol field.
 Hop limit – 8-bit unsigned integer. Decremented by one by each node that forwards
the packet. The packet is discarded if the hop limit is decremented to zero.
 Source address – 128 bits. The address of the initial sender of the packet.
 Destination address – 128 bits. The address of the intended recipient of the packet.
The intended recipient is not necessarily the recipient if an optional routing header
is present.

2.3 IPv6 Extension Headers

IPv6 options are placed in separate extension headers
That are located between the IPv6 header and the transport-layer header in a packet.
Most IPv6 extension headers are not examined or processed by any router
along a packet's delivery path until the packet arrives at its final destination.
Provides a major improvement in router performance for packets that contain
options.
But In IPv4, the presence of any options requires the router to examine all options.
Unlike IPv4 options, IPv6 extension headers can be of arbitrary length. Also,
The number of options that a packet carries is not limited to 40 bytes.
This feature, in addition to the manner in which IPv6 options are processed, permits
IPv6 options to be used for functions that are not practical in IPv4.
To improve performance when handling subsequent option headers, and the
transport protocol that follows, IPv6 options are always an integer multiple of 8
octets long. The integer multiple of 8 octets retains the alignment of subsequent
headers.

20
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

The following IPv6 extension headers are currently defined:

 Routing – Extended routing, such as IPv4 loose source route
 Fragmentation – Fragmentation and reassembly
 Authentication – Integrity and authentication, and security
 Encapsulating Security Payload – Confidentiality
 Hop-by-Hop options – Special options that require hop-by-hop processing
 Destination options – Optional information to be examined by the destination
node

AUTOCONFIGURATION

 One of the interesting features of IPv6 addressing is the auto-configuration of

hosts.
 In IPv4, the host and routers are originally configured manually by the
network manager.
 Dynamic Host Configuration Protocol, DHCP, can be used to allocate an
IPv4 address to a host that joins the network.
 In IPv6, DHCP protocol can still be used to allocate an IPv6 address to a
host, but a host can also configure itself.

When a host in IPv6 joins a network, it can configure itself using the following
process:
1. The host first creates a link local address for itself. This is by taking the 10-bit
link Local prefix (1111 1110 10), adding 54 zeros, and adding the 64-bit
interface identifier, which any host knows how to generate it from its interface
card. The result is a 128-bit link local address.
2. The host then tests to see if this link local address is unique and not used by
other
hosts. Since the 64-bit interface identifier is supposed to be unique, the link
local address generated is unique with a high probability. However, to be sure,
the host sends a neighbor solicitation message (see Chapter 28) and waits for
neighbor advertisement message. If any host in the subnet is using this link local
address, the process fails and the host cannot auto-configure itself; it needs to
use other means such as DHCP protocol for this purpose.
3. If the uniqueness of the link local address is passed, the host stores this address
as its link-local address (for private communication), but it still needs a global
unicast address. The host then sends a router solicitation message (see Chapter
28) to a local router. If there is a router running on the network, the host
receives a router advertisement message that includes the global unicast prefix
and the subnet prefix that the host needs to add to its interface identifier to
generate its global unicast address. If the router cannot help the host with the
configuration, it informs the host in the router advertisement message (by
setting a flag). The host then needs to use other means for configuration.

Example:
Assume a host with Ethernet address ( F5-A9-23-11-9B-E2) has joined the network.
What would be its global unicast address if the global unicast prefix of the organization
is 3A21:1216:2165 and the subnet identifier is A245:1232.
Solution

21
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

The host first creates its interface identifier as

F7A9:23FF:FE11:9BE2
using the Ethernet address read from its card. The host then creates its link-local
address as
FE80::F7A9:23FF:FE11:9BE2
Assuming that this address is unique, the host sends a router solicitation message
and receives the router advertisement message that announces the
combination of global unicast prefix and the subnet identifier as
3A21:1216:2165:A245:1232. The host then appends its interface identifier to this
prefix to find and store its global unicast address as:
3A21:1216:2165:A245:1232:F7A9:23FF:FE11:9BE2

RENUMBERING:
 To allow sites to change the service provider, renumbering of the address
prefix ( ) was built into IPv6 addressing.
 Each site is given a prefix by the service provider to which it is connected.
 If the site changes the provider, the address prefix needs to be changed.
 A router to which the site is connected can advertise a new prefix and
 let the site use the old prefix for a short time before disabling it.
 In other words, during the transition period, a site has two prefixes.
 The main problem in using the renumbering mechanism is the support of the
DNS, which needs to propagate the new addressing associated with a domain
name.
 A new protocol for DNS, called Next Generation DNS, is under study to provide
support for this mechanism.

TRANSITION FROM IPv4 TO IPv6

Because of the huge number of systems on the Internet, the transition from IPv4 to
IPv6 cannot happen suddenly. It will take a considerable amount of time before every
system in the Internet can move from IPv4 to IPv6.
The transition must be smooth to prevent any problems between IPv4 and IPv6
systems.
Three strategies have been devised by the IETF to help the transition shown in fig:

Dual Stack
 It is recommended that all hosts, before migrating completely to version 6,
have a dual stack of protocols.
 In other words, a station must run IPv4 and IPv6 simultaneously until all
the Internet uses IPv6. The layout of a dual-stack configuration is :

22
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

 To determine which version to use when sending a packet to a destination, the

source host queries the DNS.
 If the DNS returns an IPv4 address, the source host sends an IPv4 packet.
 If the DNS returns an IPv6 address, the source host sends an IPv6 packet.
Tunneling:
 Is a strategy used when two computers using IPv6 want to communicate with
each other and the packet must pass through a region that uses IPv4.
 To pass through this region, the packet must have an IPv4 address.
 So the IPv6 packet is encapsulated in an IPv4 packet when it enters the region,
and
 it leaves its capsule when it exits the region.
 It seems as if the IPv6 packet passes goes through a tunnel at one end and
emerges at the other end.
 To make it clear that the IPv4 packet is carrying an IPv6 packet as data, the
protocol value is set to 41.

Header Translation
 is necessary when the majority of the Internet has moved to IPv6 but some
systems still use IPv4.
 The sender wants to use IPv6, but the receiver does not understand IPv6.
 Tunneling does not work in this situation because the packet must be in the
IPv4 format to be understood by the receiver.
 In this case, the header format must be totally changed through header
translation.
 The header of the IPv6 packet is converted to an IPv4 header

Header translation uses the mapped address to translate an IPv6 address to an IPv4 address.
The following lists some rules used in transforming an IPv6 packet header to an IPv4 packet
header.
 The IPv6 mapped address is changed to an IPv4 address by extracting the rightmost 32 bits.
 The value of the IPv6 priority field is discarded.

23
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

 The type of service field in IPv4 is set to zero.

 The checksum for IPv4 is calculated and inserted in the corresponding field.
 The IPv6 flow label is ignored.
 Compatible extension headers are converted to options and inserted in the IPv4 header. Some may
have to be dropped.
 The length of IPv4 header is calculated and inserted into the corresponding field.
 The total length of the IPv4 packet is calculated and inserted in the corresponding field.

Internet Protocol version 6 (IPv6)

There are several reasons for the need of a new protocol,
 The main reason was the address depletion
 Other reasons are related to the slowness of the process due to some unnecessary processing,
 the need for new options, support for multimedia,
 and the desperate need for security.

IPv6 protocol responds to the above issues using the following main changes in the protocol:

Larger address space.

 An IPv6 address is 128 bits long. Compared with the 32-bit address of IPv4, this is a huge (296
times) Better header format increase in the address space.
 IPv6 uses a new header format in which options are separated from the base header and inserted,
when needed, between the base header and the upper-layer data.
 This simplifies and speeds up the routing process because most of the options do not need to be
checked by routers.
New options.
 IPv6 has new options to allow for additional functionalities.
Allowance for extension.
 IPv6 is designed to allow the extension of the protocol if required by new
technologies or applications.
Support for resource allocation.
 In IPv6, the type-of-service field has been removed, but two new fields, traffic
class and flow label have been added to enable the source to request special
handling of the packet. This mechanism can be used to support traffic such as real-
time audio and video.
Support for more security.
 The encryption and authentication options in IPv6 provide confidentiality and
integrity of the packet.

PACKET FORMAT

 Each packet is composed of a mandatory base header followed by the payload.

 The payload consists of two parts:
 optional extension headers and
 data from an upper layer.
 The base header occupies 40 bytes,
 whereas the extension headers and data from the upper layer contain up to
65,535 bytes of information.

24
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

Base Header

Fig. The format of base header with its eight fields.

These fields are as follows:
 Version: This 4-bit field defines the version number of the IP. For IPv6, the value is 6.
 Traffic Class. This 8-bit field is used to distinguish different payloads with different
delivery requirements. It replaces the service class field in IPv4.
 Flow label. is a 20-bit field that is designed to provide special handling for a particular
flow of data.
 Payload length. The 2-byte payload length field defines the length of the IP datagram
excluding the base header.
 Next header. is an 8-bit field defining the header that follows the base header in the
datagram.
 is either one of the optional extension headers used by IP or the header of an
encapsulated packet.
 such as UDP or TCP.
 Each extension header also contains this field. Table27.1 shows the values of next
headers. Note that this field in version 4 is called the protocol
.

 Hop limit. This 8-bit hop limit field serves the same purpose as the TTL field in
IPv4.
 Source address. The source address field is a 16-byte (128-bit) Internet address
that identifies the original source of the datagram.
 Destination address. The destination address field is a 16-byte (128-bit) Internet
address that usually identifies the final destination of the datagram. However, if
source routing is used, this field contains the address of the next router.
Comparison between IPv4 and IPv6 Headers

25
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

The header length field is eliminated in IPv6 because the length of the header is fixed in
this version.
 The service type field is eliminated in IPv6.
 The traffic class and flow label fields together take over the function of the service type
field.
 The total length field is eliminated in IPv6 and replaced by the payload length field.
 The identification, flag, and offset fields are eliminated from the base header in IPv6.
 They are included in the fragmentation extension header.
 The TTL field is called hop limit in IPv6.
 The protocol field is replaced by the next header field.
 The header checksum is eliminated because the checksum is provided by upper layer
protocols; hence not needed at this level.
 The option fields in IPv4 are implemented as extension headers in IPv6.

Extension Headers

 The length of the base header is fixed at 40 bytes.

 However, to give more functionality to the IP datagram, the base header can be
followed by up to six extension headers.
 Many of these headers are options in IPv4.
 Six types of extension headers have been defined.
These are
1. hop-by-hop option,
2. source routing,
3. fragmentation,
4. authentication,
5. encrypted security payload, and
6. destination option

26
Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

The hop-by-hop option

 is used when the source needs to pass information to all routers visited by
the datagram.
 For example, perhaps routers must be informed about certain
management, debugging, or control functions. Or, if the length of the
datagram is more than the usual 65,535 bytes, routers must have this
information. Figure 27.5 shows the format of the hop-by-hop option
header.
 The first field defines the next header in the chain of headers.
 The header length defines the number of bytes in the header (including
the next header field).
 The rest of the header contains different options.
So far, only three hop-by-hop options have been defined:
 Pad1,
 PadN,
 jumbo payload.

27
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

Figure 27.6 shows the general format of the option.

Pad1. This option is 1 byte long and is designed for alignment purposes.
 Some options need to start at a specific bit of the 32-bit word (see the jumbo
payload description to come). If an option falls short of this requirement by exactly
one and byte,
 Pad1 is added to make up the difference.
 Pad1 contains neither the option length field nor the option data field.
 It consists solely of the option code field with all bits set to 0 (action is 00, the
change bit is 0, and type is 00000).
 Pad1 can be inserted anywhere in the hop-by-hop option header (see Figure 27.7).

PadN.
 PadN is similar in concept to Pad1. The difference is that PadN is used when 2
or more bytes are needed for alignment.
 This option consists of 1 byte of option code, 1 byte of the option length, and a
variable number of zero padding bytes.
 The value of the option code is 1 (action is 00, the change bit is 0, and type is
00001).
 The option length contains the number of padding bytes. See Figure 27.8.

Jumbo payload.
 The length of the payload in the IP datagram can be a maximum of 65,535
bytes.
 if for any reason a longer payload is required, we can use the jumbo payload
option to define this longer length.
 The jumbo payload option must always start at a multiple of 4 bytes plus 2 from
the beginning of the extension headers. The jumbo payload option starts at the
(42) byte, where n is a small integer n. See Figure 27.9

Destination Option

28
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

 is used when the source needs to pass information to the destination only.
 Intermediate routers are not permitted access to this information.
 The format of the destination option is the same as the hop-by-hop option (refer
back to Figure 27.5).
 So far, only the Pad1 and PadN options have been defined.
Source Routing
 The source routing extension header combines the concepts of the strict source
route and the loose source route options of IPv4.
 The source routing header contains a minimum of seven fields (see Figure
27.10).
 The first two fields, next header and header length, are identical to that of
the hop-by-hop extension header.
 The type field defines loose or strict routing. The addresses left field indicates the
number of hops still needed to reach the destination.
 The strict/loose mask field determines the rigidity of routing.
 If set to strict, routing must follow exactly as indicated by the source. If, instead,
the mask is loose, other routers may be visited in addition to those in the header.

 The destination address in source routing does not conform to our previous
definition (the final destination of the datagram). Instead, it changes from router
to router.

For example, in Figure 27.11,

 Host A wants to send a datagram to Host B using a specific route:
 A to R1 to R2 to R3 to B. Notice the destination address in the base headers.
 It is not constant as you might expect. Instead, it changes at each router.
 The addresses in the extension headers also change from router to router.

29
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

Fragmentation
 The concept of fragmentation is the same as that in IPv4. However, the place
where fragmentation occurs differs.
 In IPv4, the source or a router is required to fragment if the size of the datagram
is larger than the MTU of the network over which the datagram travels.
 In IPv6, only the original source can fragment.
 A source must use a Path MTU Discovery technique to find the smallest MTU
supported by any network on the path.
 The source then fragments using this knowledge.
 If the source does not use a Path MTU Discovery technique, it fragments the
datagram to a size of 1,280 bytes or smaller.
 This is the minimum size of MTU required for each network connected to the
Internet. Figure 27.12 shows the format of the fragmentation extension
header.

Authentication
 The authentication extension header has a dual purpose:
 it validates the message sender and
 ensures the integrity of data.
 The former is needed so the receiver can be sure that a message is from the
genuine sender and not from an imposter.
 The latter is needed to check that the data is not altered in transition by some
hacker.
 The format of the authentication extension header is shown in Figure 27.13.
 The security parameter index field defines the algorithm used for
authentication.
 The authentication data field contains the actual data generated by the
algorithm.
 Many different algorithms can be used for authentication.
 Figure 27.14 outlines the method for calculating the authentication data field.
 The sender passes a 128-bit security key, the entire IP datagram, and the 128-
bit security key again to the algorithm.
 Those fields in the datagram with values that change during transmission (for
example, hop count) are set to zero.
 The datagram passed to the algorithm includes the authentication header
extension, with the authentication data field set to zero.
 The algorithm creates authentication data which is inserted into the extension
header prior to datagram transmission.
 The receiver functions in a similar manner.
 It takes the secret key and the received datagram (again, with changeable fields
set to zero) and passes them to the authentication algorithm.
 If the result matches that in the authentication data field, the IP datagram is
authentic; otherwise, the datagram is discarded.

30
 Class: CO5I-A-B Adv. Computer Network (22520)Year:2019-20-21
Subject Teacher: Manish V. Salvi. (Computer Engineering)

Encrypted Security Payload

 The encrypted security payload (ESP) is an extension that provides
confidentiality and guards against eavesdropping.
 Figure 27.15 shows the format. The security parameter index field is a 32-bit
word that defines the type of encryption/decryption used.
 The other field contains the encrypted data along with any extra parameters
needed by the algorithm.
 Encryption can be implemented in two ways: transport mode or tunnel mode,


Comparison between IPv4 and IPv6

The following shows a quick comparison between the options used in IPv4 and the
options used in IPv6 (as extension headers).
 The no-operation and end-of-option options in IPv4 are replaced by Pad1 and
PadN options in IPv6.
 The record route option is not implemented in IPv6 because it was not used.
 The timestamp option is not implemented because it was not used.
 The source route option is called the source route extension header in IPv6.
 The fragmentation fields in the base header section of IPv4 have moved to the
fragmentation extension header in IPv6.
 The authentication extension header is new in IPv6.
 The encrypted security payload extension header is new in IPv6.

31