ipv6 Addressing

ipv6 Tutorial

ipv6 Addressing graphic ipv6 Tutorial image ipv6 RFC image ipv6 Addressing

Thursday, July 26, 2007

Routing Header Type 0

Routing header is used by an IPv6 source to list one or more intermediate nodes to be "visited" on the way to a packet's destination. Routing header may appear in an IPv6 packet in the extension header field.

No. of segments left: This is one of the fields in the Routing header, which indicates the no. of nodes left to be visited before reaching the final destination. Each intermediate node that receives this packet and needs to forward it, decrements the value in this field by 1.

If after processing a Routing Header of a received packet, an intermediate node determines that the packet is to be forwarded onto a link whose link MTU is less than the size of the packet, the node discards the packet and sends an ICMP Packet Too Big message to the packet's source address.

In general, an Echo Request may be included with a routing header, if the intermediate node address is also mentioned for Eg:

ping6 2001:db8:0:8:280:91ff:fe4c:338d 2001:db8:0:8:280:91ff:fe4c:012b

The above command implies that, the Echo request packet must be routed through the intermediate node with address 2001:db8:0:8:280:91ff:fe4c:338d, before reaching the actual destination with address 2001:db8:0:8:280:91ff:fe4c:012b. Here the routing header includes the final destination address while the IP header has the intermediate node's address as the destination address. While the intermediate node is processing this packet, it parses this routing header, and

a. Swaps the destination address with the address in the routing header.

b. Decrements the segments left value by 1.

c. Replaces the source address with its own address.

Before forwarding the packet.

Incase of any invalid values like that of, invalid routing header type, or hop limit that after decrementing reduces to less than 1, this intermediate node sends a ICMPv6 parameter problem (Header) packet back to the sender.

Wednesday, July 25, 2007

Different states of the auto configured address

1) Tentative: It is the state where the address is not verified as unique. A node with address in tentative state can only receive multicast neighbor advertisement.

2) Valid: In this state a node can send and receive unicast traffic. Valid states include both deprecated and preferred states.

Preferred: A node with address in preferred state can send and receive unicast traffic from and to a node with preferred address. In auto configuration the preferred lifetime is determined from the router advertisement.

Deprecated: When the preferred lifetime expires, state of the address moves to deprecated. At this point node should not accept new connections. It can still use the existing connection before the state moves to invalid.

3) Invalid: Address can no longer be used for reception or transmission of packets.

Network Access Protection in Vista

Feature Description

Windows Vista includes an agent that can prevent a Windows Vista-based client from connecting to your private network if it lacks current security updates or lacks virus signatures. Network Access Protection can be used to protect your network from remote access clients as well as local area network (LAN) clients. The agent reports Windows Vista client health status, such as having current updates and up-to-date virus signatures installed, to a server-based Network Access Protection enforcement service. A Network Access Protection infrastructure, included with Windows Server Code Name Longhorn, determines whether to grant the client access to your private network or to a restricted network.


Network Access Protection can enforce health requirements for mobile computers, remote computers, and computers directly connected to your private network. Often, users who travel with their computers are unable to connect to your private network for weeks at a time. When they do connect, their connections might be so brief that their computers do not have time to download the latest updates, security configuration settings, and virus signatures. Therefore, mobile computers are often in a less-healthy state than other computers. Network Access Protection improves the security of these mobile computers by ensuring that the latest updates are installed before users connect to your private network.

DNS Enhancements for IPv6

In RFC 1886, a new DNS resource record type, AAAA (also known as "quad A"), is used for resolving a fully qualified domain name to an IPv6 address. AAAA records use the DNS record type of 28. AAAA records are comparable to the host address (A) resource records used for IPv4 name resolution. The resource record type is named AAAA because 128-bit IPv6 addresses are four times longer than 32-bit IPv4 addresses.

The AAAA resource record in a typical DNS database file has the following structure:

Name IN AAAA Address

Where Name is the fully qualified domain name and Address is the IPv6 address associated with the name. The following is an example of an AAAA resource record:

host1.agni2k3.com IN AAAA FEC0::1:2AA:FF:FE3F:2A1C

RFC 1886 also describes the IP6.INT domain created for IPv6 reverse queries. Also called pointer queries, reverse queries determine a host name based on the address. To create the namespace for reverse queries, each hexadecimal digit in the fully expressed 32-digit IPv6 address becomes a separate level in the reverse domain hierarchy in inverse order. For example, the reverse lookup domain name for the address FEC0::1:2AA:FF:FE3F:2A1C (fully expressed as FEC0:0000:0000:0001:02AA:00FF:FE3F:2A1C) is C.1.A.2.F.3.E.F.F.F.0.0.A.A. An example pointer (PTR) record is the following :


IN PTR host1.agni2k3.com

The DNS support defined in RFC 1886 is a simple way to both map host names to IPv6 addresses and provide reverse name resolution. It is a direct translation of IPv4 name and reverse name resolution techniques to IPv6.

IPv6 Neighbor Discovery

IPv6 Neighbor Discovery (ND) is a set of messages and processes that determine relationships between neighboring nodes. ND replaces ARP, ICMP router discovery, and the ICMP Redirect message used in IPv4. ND also provides additional functionality.

ND is used by nodes to:

Resolve the link-layer address of a neighboring node to which an IPv6 packet is being forwarded.

Determine when the link-layer address of a neighboring node has changed.

Determine whether a neighbor is still reachable.

ND is used by hosts to:

Discover neighboring routers.

Autoconfigure addresses, address prefixes, routes, and other configuration parameters.

ND is used by routers to:

Advertise their presence, host configuration parameters, routes, and on-link prefixes.

Inform hosts of a better next-hop address to forward packets for a specific destination.

How to Form a Link Local address from MAC Address

1. A MAC address (IEEE 802) is 48 bits long. The space for the local identifier in an IPv6 address is 64 bits. The EUI-64 standard explains how to stretch IEEE 802 addresses from 48 to 64 bits, by inserting the 16 bits 0xFFFE at the 24th bit of the IEEE 802.

2. By doing so, transforming MAC address 00-0C-29-C2-52-FF using the EUI-64 standards leads to 00-0C-29-FF-FE-C2-52-FF.

3. Using IPv6 notation, we get 000C:29FF:FEC2:52FF

4. Invert the universal bit ("u" bit) in the 6th position of the first octet. Thus the result is: 020c:29ff:fec2:52ff.

5. The second phase of creating automatically a link-local address is to prefix the well-known prefix fe80::/64 to the identifier resulting from phase one

Finally we obtain fe80::20c:29ff:fec2:52ff

IPv6 address configuration

The auto-configuration involves, creating a link-local address and verifying its uniqueness on the link, determining what information should be auto-configured (addresses, other options or both) and in case of addresses, whether they should be acquired through stateless mechanism, stateful mechanism or both. The stateless approach is used when a site is not particularly concerned with the exact addresses the hosts use, so long as they are perfectly unique and properly routable. The stateful approach is used when a site requires tighter control over exact address assignment.

Stateless Address Auto-Configuration : Stateless address auto-configuration requires no manual configuration of the hosts, minimal configuration of routers, and no additional servers. The stateless mechanism allows a host to generate its own addresses using a combination of locally available information and information advertised by the routers.

Stateful Address Auto-Configuration: In the stateful address auto-configuration a client acquires IPv6 address and optional configuration parameters from the DHCPv6 server on a UDP link. In case the DHCPv6 server is not present in the same link, special nodes called the relay agents help forward these request packets from the client to either the DHCPv6 server in the neighboring link or further to the next relay agent. The hop limit is one of the parameters in the outgoing packet from the client.

Tuesday, July 24, 2007


ISATAP is an address assignment and host-to-host, host-to-router, and router-to-host automatic tunneling technology that is used to provide unicast IPv6 connectivity between IPv6 hosts across an IPv4 intranet. ISATAP is described in the Internet draft titled "Intra-Site Automatic Tunnel Addressing Protocol (ISATAP)." ISATAP hosts do not require any manual configuration and create ISATAP addresses by using standard address autoconfiguration mechanisms.

ISATAP can be used for communication between IPv6/IPv4 nodes on an IPv4 network. ISATAP addresses use the locally administered interface identifier ::0:5EFE:w.x.y.z where:

  • The 0:5EFE portion is formed from the combination of an Organizational Unit Identifier (OUI) assigned by the Internet Assigned Numbers Authority (IANA) (00-00-5E), and a type that indicates an embedded IPv4 address (FE).
  • The w.x.y.z portion is any unicast IPv4 address, which includes both public and private addresses.

The ISATAP interface identifier can be combined with any 64-bit prefixthat is valid for IPv6 unicast addresses. This includes the link-local addressprefix (FE80::/64), site-local prefixes, and global prefixes (including 6to4 prefixes). Like IPv4-mapped addresses, 6over4 addresses, and 6to4 addresses, ISATAP addresses contain an embedded IPv4 address that can be used to determine either the source or destination IPv4 addresses within the IPv4 header when ISATAP-addressed IPv6 traffic is tunneled across an IPv4 network.By default, the IPv6 protocol for Windows XP and the Windows .NET Server 2003 family automatically configures the link-local ISATAP address ofFE80::5EFE:w.x.y.z on the Automatic Tunneling Pseudo-Interface (interface index 2) for each IPv4 address that is assigned to the node. These link-local ISATAP addresses allow two hosts to communicate over an IPv4 network by using each other's link-local ISATAP address.

IPv6 Mobility Components

IPv6 mobility consists of the following components,

  • Home link: The home link is the link that is assigned the home subnet prefix. The mobile node uses the home subnet prefix to create a home address.
  • Home address: A home address is an address assigned to the mobile node when it is attached to the home link and through which the mobile node is always reachable, regardless of its location on the IPv6 Internet. Packets addressed to addresses matching the home subnet prefix are delivered to the home link using normal IPv6 routing processes. If the mobile node is attached to the home link, IPv6 mobility processes are not used and communication occurs normally. If the mobile node is away from home (not attached to the home link), IPv6 mobility processes are used to either deliver or tunnel traffic addressed to the mobile node's home address to its current location on the IPv6 Internet. Because the mobile node is always assigned the home address, it always has a virtual connection to the home link. This relationship is shown in Figure 12-1 as the Virtual Mobile Node.
  • Home agent: The home agent is a router on the home link that maintains an awareness of the mobile nodes of its home link that are away from home and the addresses that they are currently using. If the mobile node is on the home link, the home agent acts as an IPv6 router, forwarding packets addressed to the mobile node. If the mobile node is away from home, the home agent tunnels data sent to the mobile node's home address to the mobile node's current location on the IPv6 Internet.
  • Mobile node: A mobile node is an IPv6 node that can change links, and therefore addresses, and maintain reachability using its home address. A mobile node has awareness of its home address and the global address of its current link address, and indicates its home address/current link address mapping to the home agent and IPv6 nodes with which it is communicating.
  • Foreign link: A foreign link is a link that is not the mobile node's home link. A foreign link is assigned a foreign subnet prefix.
  • Care-of address: A care-of address is an address used by a mobile node while it is attached to a foreign link. The care-of address is a combination of the foreign subnet prefix and an interface ID determined by the mobile node. A mobile node can be assigned multiple care-of addresses; however, only one care-of address is registered as the primary care-of address with the mobile node's home agent. The association of a care-of address with a home address for a mobile node is known as a binding. Correspondent nodes and home agents keep information on bindings in a binding cache.
  • Correspondent node: A correspondent node is an IPv6 node that is capable of communicating with a mobile node while it is away from home. A correspondent node can also be a mobile node.

Address autoconfiguration process in IPv6 host:

The address autoconfiguration process defined in RFC 2462 for IPv6 host is the following:

  1. The host sends a Router Solicitation message. While routers pseudo-periodically send router advertisements, the host sends a Router Solicitation message to request an immediate router advertisement, rather than waiting until the next router advertisement. By default, up to three Router Solicitation messages are sent.
  2. If no Router Advertisement messages are received, the host uses a stateful address autoconfiguration protocol to obtain addresses and other configuration parameters.
  3. If a Router Advertisement message is received, the hop limit, reachable time, retransmission timer, and the MTU (if the MTU option is present) are set.
  4. For each Prefix Information option present:

If the On-Link flag is set to 1, the prefix is added to the prefix list.

If the Autonomous flag is set to 1, the prefix and an appropriate interface identifier are used to derive a tentative address.

Duplicate address detection is used to verify the uniqueness of the tentative address.

If the tentative address is in use, the use of the address is not initialized for the interface.

If the tentative address is not in use, the address is initialized. This includes setting the valid and preferred lifetimes based on the Valid Lifetime and Preferred Lifetime fields in the Prefix Information option. If needed, it also includes registering the link-layer multicast address of the solicited-node address corresponding to the new address with the network adapter.

  1. If the Managed Address Configuration flag in the Router Advertisement message is set to 1, a stateful address autoconfiguration protocol is used to obtain additional addresses.
  2. If the Other Stateful Configuration flag in the Router Advertisement message is set to 1, a stateful address autoconfiguration protocol is used to obtain additional configuration parameters.

Monday, July 16, 2007


6to4 is an address assignment and router-to-router automatic tunneling technology that is used to provide unicast IPv6 connectivity between IPv6 sites and hosts across the IPv4 Internet. 6to4 is described in RFC 3056. 6to4 uses the global address prefix:


in which WWXX:YYZZ is the NLA ID portion of a global address and the colon hexadecimal representation of a public IPv4 address (w.x.y.z) assigned to a site. The full 6to4 address is:

2002:WWXX:YYZZ:[ SLA ID]:[Interface ID]

RFC 3056 defines the following terms:

  • 6to4 host:A 6to4 host is any IPv6 host that is configured with at least one 6to4 address (a global address with the 2002::/16 prefix). 6to4 hosts do not require manual configuration and they create 6to4 addresses by using standard address autoconfiguration mechanisms.
  • 6to4 router:A 6to4 router is an IPv6/IPv4 router that supports the use of a 6to4 tunnel interface and is typically used to forward 6to4-addressed traffic between the 6to4 hosts within a site and other 6to4 routers or 6to4 relay routers on an IPv4 network, such as the Internet. 6to4 routers require additional processing logic for proper encapsulation and decapsulation and might require additional manual configuration.
  • 6to4 relay router:A 6to4 relay router is an IPv6/IPv4 router that forwards 6to4-addressed traffic between 6to4 routers on the Internet and hosts on the IPv6 Internet.

Wednesday, July 11, 2007

Coexistence Mechanisms

To coexist with an IPv4 infrastructure and to provide eventual migration to an IPv6-only infrastructure, the following mechanisms are used:

  • Dual IP layer
  • IPv6 over IPv4 tunneling
  • DNS infrastructure

Dual IP Layer: The dual IP layer is an implementation of the TCP/IP suite of protocols that includes both an IPv4 Internet layer and an IPv6 Internet layer. This is the mechanism used by IPv6/IPv4 nodes so that communication with both IPv4 and IPv6 nodes can occur. A dual IP layer contains a single implementation of Host-to-Host layer protocols such as TCP and UDP. All upper layer protocols in a dual IP layer implementation can communicate over IPv4, IPv6, or IPv6 tunneled over IPv4.

The dual IP layer architecture The dual stack architecture

The IPv6 protocol for Windows XP and the Windows 2003 family is not a dual IP layer. The IPv6 protocol driver, Tcpip6.sys, contains a separate implementation of TCP and UDP and is sometimes referred to as a dual-stack implementation.

Tuesday, July 10, 2007


Like IPv4, the specification for the IPv6 header and extension headers does not provide facilities for reporting errors. Instead, IPv6 uses an updated version of the Internet Control Message Protocol (ICMP) named ICMP version 6 (ICMPv6). ICMPv6 has the common IPv4 ICMP functions of reporting delivery and forwarding errors, and providing a simple echo service for troubleshooting. ICMPv6 is defined in RFC 2463 and is required for an IPv6 implementation.The ICMPv6 protocol also provides a packet structure framework for the following:

Neighbor Discovery :Neighbor Discovery (ND) is a series of five ICMPv6 messages that manage node-to-node communication on a link. ND replaces Address Resolution Protocol (ARP), ICMPv4 Router Discovery, and the ICMPv4 Redirect message.

Multicast Listener Discovery:Multicast Listener Discovery (MLD) is a series of three ICMPv6 messages that are equivalent to version 2 of the Internet Group Management Protocol (IGMP) for IPv4 to manage subnet multicast membership.

Types of ICMPv6 messages:There are two types of ICMPv6 messages:

  • Error messages :Error messages report errors in the forwarding or delivery of IPv6 packets by either the destination node or an intermediate router. The high-order bit of the 8-bit Type field for all ICMPv6 error messages is set to 0. Therefore, valid values for the Type field for ICMPv6 error messages are in the range of 0 through 127. ICMPv6 error messages include Destination Unreachable, Packet Too Big, Time Exceeded, and Parameter Problem.
  • Informational messages :Informational messages provide diagnostic functions and additional host functionality such as MLD and ND. The high-order bit of the 8-bit Type field for all ICMPv6 informational messages is set to 1. Therefore, valid values for the Type field for ICMPv6 information messages are in the range of 128 through 255. ICMPv6 informational messages described in RFC 2463 include Echo Request and Echo Reply.

IPv6 Multicast

In IPv4, multicast support is optional. In IPv6, multicast support is required. This section provides an overview of IPv6 multicast concepts. In addition to unicast and anycast support, IPv6 also provides a mechanism to send and receive IPv6 multicast traffic. IPv6 multicast traffic is sent to a single destination address but is received and processed by multiple IPv6 hosts, regardless of their location on the network. Hosts listen to a specific IPv6 multicast address and receive all packets to that address. Multicast is more efficient than IPv6 unicast for one-to-many delivery of data. Instead of having multiple unicast packets sent, only one packet is sent.

The additional elements of IPv6 multicast include the following:

• The set of hosts listening on a specific IPv6 multicast address is called a multicast group.

• Multicast group membership is dynamic, and hosts can join and leave the group at any time.

• There are no limitations to the size of a multicast group.

• A multicast group can span IPv6 routers across multiple subnets. This configuration requires IPv6 multicast support on IPv6 routers and the ability for hosts to register themselves with the router. Host registration is accomplished by using MLD.

• A host can send traffic to a multicast address without being a member of the group.

In an IPv6 multicast-enabled network, any host can send multicast traffic to any multicast address, and any host can receive multicast traffic from any multicast address regardless of their location. To facilitate this capability, the hosts and routers of the network must support multicast traffic.

Routing Protocol Technologies

Routing protocols are based either on a distance vector, link state, or path vector technology.

Distance Vector: Distance vector routing protocols propagate routing information in the form of a network ID and its "distance" (hop count). Routers use distance vector-based routing protocols to periodically advertise the routes in their routing tables. Routing information exchanged between typical distance vector-based routers is unsynchronized and unacknowledged. The advantages of distance vector-based routing protocols include simplicity and ease of configuration. The disadvantages of distance vector-based routing protocols include relatively high network traffic, a long convergence time, and inability to scale to a large or very large network.

Link State : Routers using link state-based routing protocols exchange link state advertisements (LSAs) throughout the network to update routing tables. LSAs consist of a router's attached network prefixes and their assigned costs and are advertised upon startup and when changes in the network topology are detected. Link state updates are sent using unicast or multicast traffic rather than broadcasting. Link state routers build a database of link state advertisements and use the database to calculate the optimal routes to add to the routing table. Routing information exchanged between link state-based routers is synchronized and acknowledged.The advantages of link state-based routing protocols are low network overhead, low convergence time, and the ability to scale to large and very large networks. The disadvantages of link state-based routing protocols are that they can be more complex and difficult to configure.

Path Vector : Routers use path vector-based routing protocols to exchange sequences of hop numbers, for example autonomous system numbers, indicating the path for a route. An autonomous system is a portion of the network under the same administrative authority. Autonomous systems are assigned a unique, autonomous system identifier. Routing information exchanged between path vector-based routers is synchronized and acknowledged. The advantages of path vector-based routing protocols are low network overhead, low convergence time, and the ability to scale to very large networks containing multiple autonomous systems. The disadvantages of path vector-based routing protocols are that they can be complex and difficult to configure.

Coexistence and Migration

Protocol transitions are not easy and the transition from IPv4 to IPv6 is no exception. Protocol transitions are typically deployed by installing and configuring the new protocol on all nodes within the network and verifying that all host and router operations work successfully. Although this might be easily managed in a small or medium-sized organization, the challenge of making a rapid protocol transition in a large organization is very difficult. Additionally, given the scope of the Internet, rapid protocol transition of the total environment becomes an impossible task.

The designers of IPv6 recognize that the transition from IPv4 to IPv6 will take years and that there might be organizations or nodes within organizations that will continue to use IPv4 indefinitely. Therefore, although migration is the long-term goal, equal consideration must be given to the interim coexistence of IPv4 and IPv6 nodes.

The inherent lack of dependencies between IPv4 and IPv6 hosts, IPv4 routing infrastructure, and IPv6 routing infrastructure requires a number of mechanisms that allow seamless coexistence.

  • IPv4-only node: An IPv4-only node implements only IPv4 (and is assigned only IPv4 addresses). This node does not support IPv6. Most hosts and routers installed today are IPv4-only nodes.
  • IPv6-only node: This node implements only IPv6 (and is assigned only IPv6 addresses). It is able to communicate with IPv6 nodes and applications only. Although this type of node is not common today, it may become more prevalent as smaller devices such as cellular phones and handheld computing devices include IPv6 stacks.
  • IPv6/IPv4 node: This node has an implementation of both IPv4 and IPv6. It is IPv6-enabled if it has an IPv6 interface configured.
  • IPv4 node: An IPv4 node implements IPv4 (it can send and receive IPv4 packets). It can be an IPv4-only node or an IPv6/IPv4 node.
  • IPv6 node: This node implements IPv6 (it can send and receive IPv6 packets). An IPv6 node can be an IPv6-only node or an IPv6/IPv4 node.

For coexistence to occur, the largest number of nodes (IPv4 or IPv6 nodes) can communicate using an IPv4 infrastructure, an IPv6 infrastructure, or an infrastructure that is a combination of IPv4 and IPv6. True migration is achieved when all IPv4 nodes are converted to IPv6-only nodes. However, for the foreseeable future, practical migration is achieved when as many IPv4-only nodes as possible are converted to IPv6/IPv4 nodes. IPv4-only nodes can communicate with IPv6-only nodes only when using an IPv4-to-IPv6 proxy or translation gateway.

Compatibility Addresses

The following addresses are defined to aid in the coexistence of IPv4 and IPv6 nodes:

  • IPv4-compatible addresses: The IPv4-compatible address, 0:0:0:0:0:0:w.x.y.z or ::w.x.y.z (where w.x.y.z is the dotted decimal representation of a public IPv4 address), is used by IPv6/IPv4 nodes that are communicating with IPv6 over an IPv4 infrastructure. When the IPv4-compatible address is used as an IPv6 destination, the IPv6 traffic is automatically encapsulated with an IPv4 header and sent to the destination using the IPv4 infrastructure.
  • IPv4-mapped addresses: The IPv4-mapped address, 0:0:0:0:0:FFFF:w.x.y.z or ::FFFF:w.x.y.z, is used to represent an IPv4-only node to an IPv6 node. It is used only for internal representation. The IPv4-mapped address is never used as a source or destination address of an IPv6 packet. The IPv4-mapped address is used by some IPv6 implementations when acting as a translator between IPv4-only and IPv6-only nodes.
  • 6over4 addresses: 6over4 addresses are composed of a valid 64-bit unicast address prefix and the interface identifier ::WWXX:YYZZ (where WWXX:YYZZ is the colon hexadecimal representation of w.x.y.z, a unicast IPv4 address assigned to an interface). An example of a link-local 6over4 address based on the IPv4 address of is FE80::836B:45C. When the automatic tunneling mechanism defined in RFC 2529 is used, 6over4 addresses are assigned to IPv6 nodes that are connected to an IPv4 multicast-enabled infrastructure.
  • 6to4 addresses: 6to4 addresses are based on the prefix 2002:WWXX:YYZZ::/48 (in which WWXX:YYZZ is the colon hexadecimal representation of w.x.y.z, a public IPv4 address). When the automatic tunneling mechanism defined in RFC 3056 is used, 6to4 address prefixes are used to create global address prefixes for sites and global addresses for IPv6 nodes within sites.
  • ISATAP (Intra-Site Automatic Tunnel Addressing Protocol )addresses: ISATAP addresses are composed of a valid 64-bit unicast address prefix and the interface identifier ::0:5EFE:w.x.y.z (where w.x.y.z is a unicast IPv4 address assigned to an interface). An example of a link-local ISATAP address is FE80::5EFE: When the automatic tunneling mechanism is used, addresses using ISATAP-derived interface identifiers are assigned to IPv6/IPv4 nodes.
http://ipv6-tips.blogspot.com ipv6 Addressing