CHALK-TALK

ON IPV6
Abhishek Garg
Why we need IPv6 ??

IPv6 is the successor of IPv4 and the main reason we need it is because we are running out of IPv4 address space. IPv4 uses 32-bit
addresses and offered us about 4.3 billion addresses, IPv6 is a 128-bit addresses so it offers huge amount of addresses. (340
trillion addresses)
As we all know different technologies works over IP (like – IOT,5G, IPTV, VOIP, VSAT), so IPV6 is our requirement
Where is IPv5 ??
IP version 5 was used for an experimental project called “Internet Stream Protocol”. It’s defined in an RFC1819
So, in short, IPv5 does not exist as a separate and distinct protocol, and its functionality was incorporated into other protocols such
as IPv6.

Benefits of IPv6

No need of NAT ( in ipv4 generally ISP uses NAT-44, NAT-88, CGNAT for reduce the use of public ipv4 address )
No need of Subnetting
State-less auto-configuration (No need DHCP Server)

Disadvantages
IPv6 is not directly backwards compatible with IPv4
There are several transition mechanisms that have been developed to help organizations make the transition to IPv6, such as
Tunnelling (GRE), Translation(NAT-PT), and Dual Stack (both IPv4 and Ipv6 simenationously )
IPv6 header

Class – TOS
Flow label – identification
Next header – protocol
Hope-limit -  TTL
Checksum - Instead of using a checksum, IPv6 relies on other mechanisms for error detection and correction, such as the use of
the CRC (Cyclic Redundancy Check) checksum in the data link layer, and the use of higher-level protocols that have their own
error detection and correction mechanisms.
IPv6 address types
 Unicast
 Global Unicast - Ipv6 public address
 Unique Local - Ipv6 private address
 Link-Local - ipv6 local address

 Anycast - basically Any unicast address that is configured more than one device is suddenly an anycast address. , CDN
provider use anycast network , (suppose a user want to access Netflix and as we all know Netflix uses aws infra for their
services , aws provides the CDN so it redirect the user to the nearest Netflix server )
 Provide better user experience
 Reduce latency
 Reduce requirement of IP addresses

 Multicast - in IPv4 we use 224.0.0.05 and 224.0.0.6 for OSPF while we use FF02::5 and FF02::6 for ipv6.

 FF02::5 – all OSPFv3 routers.

 FF02::6 – all OSPFv3 DR routers.
 FF02::9 – RIPng routers
 FF02::A – EIGRP routers
Some common ipv6 address

FF00 ::/8= Multicast address

FC00 ::/7= Private Address(Unique local Unicast) these are used for Intra network communication
2000::/3 = Public Address(Global unicast address) these are used for communication in global (Internet)
FE80::/10 = Link Local Address
::/0 - default route
Ipv6 formatting
It is 128 bits Hexadecimal no which is Divided into 8 blocks and Separated by (:)
16 bit: 16 bit: 16 bit: 16 bit: 16 bit: 16 bit: 16 bit: 16 bit
Starting 64 bit represent network bit
Last 64 bit represent host bit
It uses hexa-decimal no (0-9 to A-F)

Every 4 bit contain a hexadecimal digit (0 to 9 A to F) means (0-15) because 2^4= 16 means (12FA) it is the first block of ip
address every block contain 4 digit and size of every digit 4 bit
How to configure Ipv6 address

0192:0168:1001:0002:0003:0004:0005:0006
Method 1 (remove 0 that is in starting of block) we perform omitting leading 0

192:168:1001:2:3:4:5:6

0192:0168:1001:0000:0000:0000:1010:0001
Method 2 ( we merge continuous 0 and represent in :: double colon but only used by once

 192:168:1001::1010:1
ICMPv6
IPv6 doesn’t use ARP for resolving destination MAC-ADDRESS
It uses NDP (Neighbour discovery protocol)

NDP – neighbour discovery protocol has four messages

NS – (neighbour solicitation)
NA – (neighbour advertisement)
RS – (Router solicitation)
RA – (Router advertisement)
How NDP works?

● NDP uses L3 Multicast address in the destination (the first 104 bit is reserved and it uses 24 bit of destination Ip address )
● The first 104 bit is FF02::1:FF/104 and add 24 bit of destination IP
● Every layer 3 multicast address is mapped to a layer 2 multicast MAC address (33:33:xx:xx:xx:xx) where xx:xx:xx:xx are
the last 32 bits of the solicited-node multicast address
● #sh ipv6 neighbors to check neighbor mac address
PC -1 Ip 1920:1680:1:2:1010:2020:3333:1111 PC2 ip  1920:1680:1:2:1010:2020:3333:1112
Step-1 ping PC1 to PC2 but PC 1 don’t have mac address of PC2
Step-2 PC1 generate NDP NS multicast message using destination FF02::1:FF33:1112 IP (use-24 bit destination Ip address )
and use multicast mac-address 33:33:FF:33:11:12 (32 bit of destination .solicited ip address ) (NS message type -135)
STEP 3 pc2 receive the multicast frame and send unicast NA message towards PC1 (NA message type 136)
Router flag 0 as a response going from another node.
Solicited flag 1 as its response to an NS message. 

Step 4 – PC1 receive unicast from PC2 and store MAC-address

NDP transition states
INCOMPLETE-->STALE->DELAY->PROBE->REACH

According to RFC 2461, a Neighbor Cache entry can be in one of five states.
Each Neighbor cache entry has a well-defined state, namely INCOMPLETE, REACHABLE, STALE, DELAY and PROBE. A
host is capable of sending packets to a destination in all states, except INCOMPLETE or when there is no corresponding NC
entry. In INCOMPLETE state the data packets are queued pending completion of address resolution Each Neighbor cache entry
has a well-defined state, namely INCOMPLETE, REACHABLE, STALE, DELAY and PROBE.
States of Neighbour Cache entries State Description
There are five possible neighbour discovery reachability states:

1. Incomplete: In the reachability state incomplete, address resolution is taking place. The router sends an NS message to
the destination address and waits for a response. If the router receives a response, the neighbour state changes to reachable.
2. Reachable: As long as there is bidirectional traffic, the neighbour state will always report reachable. When the
neighbour stops transmitting packets, a 30-second reachability countdown timer begins. Once the reachability timer
expires, the address will be moved to the stale state.
3. Stale: The stale state signifies that address resolution is needed. Stale entries are kept in the ND cache for 4 hours before
being removed. Traffic will still forward in stale state . Once forwarded the neighbor unreachability detection (NUD)
mechanism begins, and the neighbour reachability state transitions to the delay state.
4. Delay: The delay state indicates that the router is waiting for a packet response.
5. Probe: If there is no response after 5 seconds, the neighbor reachability state changes to probe and three NS messages
are sent for address resolution. If a response is received from the neighbor the state changes to reachable again. If there is no
response to the three NS requests, the neighbor entry is deleted.
What is IPv6 link-local address

A link local address in IPv6 is an address that is automatically assigned to an IPv6 interface
It is use network address FE80/10
When you enable IPv6 interface then it automatically create IPv6 IP
A link local IP address is generated in various ways
IPv6 link local address used to communicate in a LAN

A window device generate IPv6 link-local address randomly by default , it doesn’t use EUI

why we need link local address ?

Link-local addresses are designed to be used for addressing on a single link for purposes such as automatic address configuration,
neighbour discovery, or in the absence of routers.
It is same like APIPA in IPv4
How link-local creates
it uses 48 bit of mac-address
EUI – equal unique identifier use 16 bit FFFE use in between the 24 bit of MAC-address

Suppose we have interface 48 bit mac-address 0001:0002:0003

Host bit = EUI + MAC address
16 bit 48 bit = 64 bit
0001:00FF:FE02:0003 this is the host address of IPv6

Step 2 – rescue 7 bit

If the 7 bit is 0 then convert to 1
If the 7 bit is 1 then convert to 2
 
0001:00FF:FE02:0003

1234 5678 one digit contain 4 bit

0 0 0 0 0000
0 0 0 0 0 010
21 20
1 0 =1  FE80::0101:00FF:FE02:0003/64 it is the link address of IPv6
DHCP with IPv6
IPv6 uses two types of DHCP server

State-full DHCP
Need to configure DHCP server with DHCP pool
IpV4/ipV6
DHCP server binds the ip address with mac-address

State-less DHCP
No need to configure DHCP server
Only IPv6 support
No binding
IPv6 with stateless DHCP
It uses two NDP message
RS router solicitation generate by client to router with multicast destination address FF02:2 and message-type is 133
RA router advertisement generate by router towards the client use multicast address FF02:1 and message type is 134
When PC1 generate RS message and Receive RA message from router
So PC1 uses 192:168:101:1:FF2F:19F2:0001:0003/64
PC 1 uses network address that is receive from router and calculate his host address with the help of Mac-address of interface and
EUI
PC1 uses network address that is the address of router LAN interface

DAD- IPv6 uses DAD (duplicate address detection) instead of G-ARP it is help to identify duplicate address
Static routing configuration
R1(config)#ipv6 route :: 0 192::1

Next-hope link-local address

R1(config)#ipv6 route 2:: 64 FE80::C802:4FF:FE70:8

Next-hope global unicast address

R1(config)#ipv6 route 2::2 128 192::1

tejas# conf t
tejas(config)# ipv6 unicast-routing
tejas(config)# interface 10gigabitethernet 1/1/27
tejas(config-if)# no shut
tejas(config-if)# vlan 339
tejas(config-if)# no shu
tejas(config-if)# ipv6 address 0192::0002 64
tejas(config-if)# no shut
THANKS