Some IPv6 Basics

IPv6 is one of my favorite topics as it looks very complex but it is really nice and easy.

• easy deployed
• easy to manage

IPv6 Header as you can see constructed of

8 bit – Version 8 bit - Traffic Class (also known as TOS byte) 20 bit – Flow Label 20 bit - Payload Length 8 bit – Next Header 8 bit – Hop Limit (similar to TTL idea) 128 bit – S. Address 128 bit – D. Address

Total 40byte header

Compare it to the IPv4 Header:

You can see a smaller header 20byte but much more complex and with the options it can be extended up to 60byte so that is much more then IPv6 Ok now I would like to get to some demonstration of how easy just to get you the taste of IPv6 On my PC (OS-Win7) i didn't configure any IPv6 manually, by default OS win7 and most linux distributions are IPv6 enabled once installed, what that mean you ask?! It mean ipv6 link local address is configured automatically, now for those of you that are new to IPv6 you will ask me, what is link local IPv6 address?! Link Local – it is a non routable ipv6 address that is unique to the local segment, a link local address start with the following FE80::/10 in Cisco the link local address is created from FE80:: + MAC address after taking the 7th bit and converting it (if it was 0 –> 1 and if 1 –>0) so example from my router

HOME-GUEZ(config-if)#do sh int vl16 Vlan16 is up, line protocol is up Hardware is EtherSVI, address is 0017.5922.8114 (bia 0017.5922.8114)

Take 0017.5922.8114 7th bit is 0 change it to 1 makes it 0217.5922.8114 and in the middle inserting 0xFFFE so the full address should look like:

FE80:0000:0000:0000:0217:59FF:FE22:8114 = 128 bit or in short FE80::217:59FF:FE22:8114 and as you can see from the show bellow I was correct :-)

HOME-GUEZ(config-if)#do sh ipv6 int vl16 Vlan16 is up, line protocol is up IPv6 is enabled, link-local address is FE80::217:59FF:FE22:8114

Now I would like to show you something, I have enabled debug of ipv6 packets and under my vlan interface I have added a unicast global ipv6 address and at that moment like magic you can see the router starting working automaticly

HOME-GUEZ#debug ipv6 packet detail IPv6 unicast packet debugging is on (detailed) HOME-GUEZ#term mon HOME-GUEZ# HOME-GUEZ#conf t Enter configuration commands, one per line. End with CNTL/Z. HOME-GUEZ(config)#int vl16 HOME-GUEZ(config-if)#ipv6 address 2001::1/64 HOME-GUEZ(config-if)# Mar 2 21:05:53.956: IPV6: source :: (local) Mar 2 21:05:53.956: dest FF02::1:FF22:8114 (Vlan16) #### prot 58 is ICMPv6, Routers with IPv6 use ICMPv6 control messages to solicit and advertise neighbors, also notice to the use of the last 24 bits 22:8114 at the end of the destination address, the router is sending his own link local last 24 bits to verify that he is the only one of the link local with such address, also called DAD (Duplicate Address Detection) #### I didnt mention this before as I wanted to show you before I talk about it, but the next headed filed job in the ipv6 header is to indicate what is coming after the ipv6 header #### In the first packet you so prot 58 witch is ICMPv6, but in the next you can see prot 0 and that mean hop by hop option is directly after the ipv6 header, #### unlike the ipv4 the ipv6 options are not really part of the ipv6 header, the hop by hop header job is informative extension that each routing node should know about #### not very interesting to us now. Mar 2 21:05:53.956: traffic class 224, flow 0x0, len 64+16, prot 58, hops 255, originating Mar 2 21:05:53.956: IPv6: Sending on Vlan16 Mar 2 21:05:53.960: IPV6: source :: (local) Mar 2 21:05:53.960: dest FF02::16 (Vlan16) Mar 2 21:05:53.960: traffic class 224, flow 0x0, len 76+0, prot 0, hops 1, originating Mar 2 21:05:53.960: IPv6: Sending on Vlan16 Mar 2 21:05:53.960: IPV6: source :: (local) Mar 2 21:05:53.960: dest FF02::16 (Vlan16) Mar 2 21:05:53.960: traffic class 224, flow 0x0, len 76+0, prot 0, hops 1, originating Mar 2 21:05:53.960: IPv6: Sending on Vlan16 Mar 2 21:05:53.960: IPV6: source :: (local) Mar 2 21:05:53.960: dest FF02::16 (Vlan16) Mar 2 21:05:53.960: traffic class 224, flow 0x0, len 76+0, prot 0, hops 1, originating Mar 2 21:05:53.960: IPv6: Sending on Vlan16 Mar 2 21:05:53.960: IPV6: source :: (local) Mar 2 21:05:53.960: dest FF02::16 (Vlan16) Mar 2 21:05:53.960: traffic class 224, flow 0x0, len 76+0, prot 0, hops 1, originating Mar 2 21:05:53.964: IPv6: Sending on Vlan16 Mar 2 21:05:54.456: IPV6: source :: (local) Mar 2 21:05:54.456: dest FF02::16 (Vlan16) Mar 2 21:05:54.456: traffic class 224, flow 0x0, len 76+0, prot 0, hops 1, originating Mar 2 21:05:54.456: IPv6: Sending on Vlan16 #### Here is neighbor advertisement Mar 2 21:05:54.956: IPV6: source FE80::217:59FF:FE22:8114 (local) Mar 2 21:05:54.956: dest FF02::1 (Vlan16) Mar 2 21:05:54.956: traffic class 224, flow 0x0, len 72+8, prot 58, hops 255, originating Mar 2 21:05:54.956: IPv6: Sending on Vlan16 #### And that is a Router Advertisement after my PC had received the router advertisement it already configured him self with a global unicast ipv6 address #### IPv6 Address. . . . . . . . . . . : 2001::6df4:5c91:aac1:9a36(Preferred) Mar 2 21:05:54.956: IPV6: source FE80::217:59FF:FE22:8114 (local) Mar 2 21:05:54.956: dest FF02::1 (Vlan16) Mar 2 21:05:54.956: traffic class 224, flow 0x0, len 104+1396, prot 58, hops 255, originating

And you can see I could ping my router IPv6 global unicast ipv6 address

C:\Users\shiran>ping 2001::1

Pinging 2001::1 with 32 bytes of data: Reply from 2001::1: time=4ms Reply from 2001::1: time=1ms Reply from 2001::1: time=1ms Reply from 2001::1: time=1ms

Ping statistics for 2001::1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 1ms, Maximum = 4ms, Average = 1ms

Now I made the debugging shorter then it is but let me show you how dose the router advertisement look like and that will be the last for this post:

Now I know that this post is not very organized and it should contain much more explanation but I wanted to give you some 10000 feet view on how it looks complex but at the end I did on my router only 2 commands and I had my home network running IPv6

ipv6 unicast-routing <under the interface> ipv6 address 2001::1/64

Now yes that is not a grand design but think what you had to do if you wanted the same simple network for ipv4….