Today we will study the IPv6 protocol. The previous version of the CCNA course did not require detailed familiarization with this protocol, however, in the third version 200-125, its in-depth study is mandatory for passing the exam. The IPv6 protocol was developed a long time ago, but for a long time it was not widely used. It is very important for the future development of the Internet, as it is intended to eliminate the shortcomings of the ubiquitous IPv4 protocol.
Since the IPv6 protocol is a rather broad topic, I have divided it into two video tutorials: Day 24 and Day 25. The first day we will devote to the basic concepts, and on the second we will look at configuring IPv6 IP addresses for Cisco devices. Today, as usual, we will cover three topics: the need for IPv6, the format of IPv6 addresses, and the types of IPv6 addresses.
So far in our lessons, we have been using v4 IP addresses, and you are used to the fact that they look quite simple. When you saw the address shown on this slide, you understood perfectly well what it was all about.
However, v6 IP addresses look quite different. If you are unfamiliar with how addresses are created in this version of the Internet Protocol, you will first be surprised that this type of IP address takes up a lot of space. In the fourth version of the protocol, we had only 4 decimal numbers, and everything was simple with them, but imagine that you need to tell a certain Mr. X his new IP address like 2001:0db8:85a3:0000:0000:8a2e:0370: 7334.
But don't worry - we'll be in a much better position at the end of this video tutorial. Let's first look at why the need to use IPv6 arose.
Today, most people use IPv4 and are quite happy with it. Why did you need to upgrade to the new version? First, version 4 IP addresses are 32 bits long. This allows you to create approximately 4 billion addresses on the Internet, that is, the exact number of IP addresses is 232. At the time of the creation of IPv4, the developers believed that this number of addresses was more than enough. If you remember, addresses of this version are divided into 5 classes: active classes A, B, C and reserve classes D (multicasting) and E (research). Thus, although the number of working IP addresses was only 75% of the 4 billion, the creators of the protocol were confident that they would be enough for all of humanity. However, due to the rapid development of the Internet, a shortage of free IP addresses began to be felt every year, and if it were not for the use of NAT technology, free IPv4 addresses would have ended long ago. In fact, NAT has become the savior of this Internet protocol. That is why it became necessary to create a new version of the Internet protocol, devoid of the shortcomings of the 4th version. You may ask why you jumped straight from version 5 to version 1,2. This is because version 3, like versions XNUMX and XNUMX, were experimental.
So, v6 IP addresses have a 128-bit address space. How many times do you think the number of possible IP addresses has increased? You will probably say: β4 times!β. But it's not, because 234 is already 4 times as large as 232. So 2128 is incredibly large - it's equal to 340282366920938463463374607431768211456. That's the number of IP addresses available over IPv6. This means that you can assign an IP address to anything you want: your car, phone, wristwatch. A modern person can have a laptop, several smartphones, smart watches, a smart home - a TV connected to the Internet, a washing machine connected to the Internet, a whole house connected to the Internet. This number of addresses allows the concept of "Internet of Things", which is supported by Cisco. This means that all things in your life are connected to the internet and they all need their own IP address. With IPv6 it's possible! Every person on Earth can use millions of addresses of this version for their devices, and still there will be too many free ones. We cannot predict how technology will develop, but we can hope that humanity will not come to the time when only 1 computer remains on Earth. It can be assumed that IPv6 will exist for a long, long time. Let's take a look at what the sixth version IP address format is.
These addresses are displayed as 8 groups of hexadecimal numbers. This means that each character of the address is 4 bits long, so each group of 4 such characters is 16 bits long, and the entire address is 128 bits long. Each group of 4 characters is separated from the next group by a colon, unlike in IPv4 addresses where groups were separated by dots, because the dot is the decimal representation of numbers. Since such an address is not easy to remember, there are several rules for shortening it. The first rule says that groups of all zeros can be replaced by double colons. A similar operation can be done over each IP address only 1 time. Let's see what that means.
As you can see, in the given address example, there are three groups of 4 zeros. The total number of colons separating these 0000:0000:0000 groups is 2. Thus, if you use a double colon ::, this will mean that groups of zeros are located at this address location. So how do you know how many groups of zeros this double colon stands for? If you look at the abbreviated form of the address, you can count 5 groups of 4 characters. But since we know that the complete address consists of 8 groups, then the double colon means 3 groups of 4 zeros. This is the first rule of the abbreviated form of the address.
The second rule says that you can discard leading zeros in each group of characters. For example, the 6th group of the long form of the address looks like 04FF, and its abbreviated form will look like 4FF, because we dropped the leading zero. Thus, the entry 4FF means nothing more than 04FF.
Using these rules, you can shorten any IP address. However, even after the shortening, this address doesn't look really short. Later we will look at what you can do about it, for now just remember these 2 rules.
Let's take a look at what the IPv4 and IPv6 address headers are.
This picture I took from the internet explains very well the difference between the two headers. As you can see, the IPv4 address header is much more complex and contains more information than the IPv6 header. If the header is complex, then the router spends more time processing it to make a routing decision, so when using simpler IP addresses of the sixth version, routers work more efficiently. This is why IPv6 is so much better than IPv4.
An IPv4 header length from 0 to 31 bits takes up 32 bits. Excluding the last line of Options and Padding, a version 4 IP address is a 20-byte address, meaning its minimum size is 20 bytes. The address length of the sixth version has no minimum size, and such an address has a fixed length of 40 bytes.
In the IPv4 header, version comes first, followed by the length of the IHL header. The default is 20 bytes, but if additional Options information is specified in the header, it can be longer. Using Wireshark, you can read a Version value of 4 and an IHL value of 5, which means five vertical blocks of 4 bytes (32 bits) each, not counting the Options block.
The Type of Service indicates the nature of the packet - for example, a voice packet or a data packet, because voice traffic takes precedence over other types of traffic. In short, this field indicates the priority of the traffic. Total Length is the sum of the header length of 20 bytes plus the length of the payload, which is the data being transferred. If it is 50 bytes, then the total length will be 70 bytes. The Identification packet is used to verify the integrity of the packet using the checksum parameter of the Header Checksum header. If the package is fragmented into 5 parts, each of them must have the same identifier - fragment offset Fragment Offset, which can have a value from 0 to 4, while each fragment of the package must have the same offset value. The flags indicate whether fragment shifting is allowed. If you don't want data fragmentation to occur, you set the DF - don't fragment flag. There is a flag MF - more fragment. This means that if the first packet is fragmented into 5 pieces, then the second packet will be set to 0, meaning no more fragments! In this case, the last fragment of the first package will be marked 4, so that the receiving device can easily disassemble the package, that is, apply defragmentation.
Pay attention to the colors used on this slide. Fields that have been excluded from the IPv6 header are marked in red. The blue color shows the parameters that have been transferred from the fourth to the sixth version of the protocol in a modified form. The yellow boxes remained unchanged in both versions. The green color shows a field that first appeared only in IPv6.
The Identification, Flags, Fragment Offset, and Header Checksum fields have been removed due to the fact that fragmentation does not occur in modern data transfer conditions and checksum verification is not required. Many years ago, with slow data transfers, fragmentation was quite common, but today IEEE 802.3 Ethernet with a 1500-byte MTU is ubiquitous, and fragmentation is no longer encountered.
TTL, or packet time to live, is a countdown counter - when the time to live reaches 0, the packet is dropped. In fact, this is the maximum number of hops that can be made in this network. The Protocol field indicates which protocol, TCP or UDP, is being used on the network.
Header Checksum is a deprecated parameter, so it has been removed from the new version of the protocol. Next are the 32-bit source address and 32-bit destination address fields. If we have some information in the Options line, then the IHL value changes from 5 to 6, indicating that there is an additional field in the header.
The IPv6 header also uses the Version version, and the Traffic Class corresponds to the Type of Service field in the IPv4 header. The Flow Label is similar to the Traffic Class and is used to simplify the routing of a homogeneous flow of packets. Payload Length means the length of the payload, or the size of the data field located in the field below the header. The length of the header itself, 40 bytes, is constant and therefore not mentioned anywhere.
The next header field, Next Header, indicates what type of header the next packet will have. This is a very useful function that sets the type of the next transport protocol - TCP, UDP, etc., and which will be in great demand in future data transfer technologies. Even if you use your own protocol, you can find out which protocol is next.
The hop limit, or Hop Limit, is analogous to the TTL in the IPv4 header, it is a mechanism to prevent routing loops. Next are the 128-bit source address and 128-bit destination address fields. The entire header is 40 bytes in size. As I said, IPv6 is much simpler than IPv4 and much more efficient for router routing decisions.
Consider the types of IPv6 addresses. We know what unicast is - it is a directed transmission when one device is directly connected to another and both devices can only communicate with each other. Multicast is a broadcast transmission and means that several devices can communicate with one device at the same time, which, in turn, can communicate with several devices at the same time. In this sense, multicast is like a radio station, whose signals are distributed everywhere. If you want to hear a specific channel, you must tune your radio to a specific frequency. If you remember the video tutorial about the RIP protocol, then you know that this protocol uses the broadcast domain 255.255.255.255 to distribute updates, to which all subnets are connected. But only those devices that use the RIP protocol will receive these updates.
Another type of broadcast that was not seen in IPv4 is called Anycast. It is used when you have many devices with the same IP address and allows you to send packets to the nearest destination from a group of recipients.
In the case of the Internet, where we have CDN networks, we can give an example of the YouTube service. This service is used by many people in different parts of the world, but this does not mean that they all connect directly to the company's server in California. The YouTube service has many servers around the world, for example, my Indian YouTube server is located in Singapore. Similarly, the IPv6 protocol has a built-in mechanism for implementing CDN transmission using a geographically distributed network structure, that is, using Anycast.
As you can see, there is another broadcast type missing here, Broadcast, because IPv6 doesn't use it. But Multicast in this protocol acts similar to Broadcast in IPv4, only in a more efficient way.
The sixth version of the protocol uses three types of addresses: Link Local, Unique Site Local and Global. We remember that in IPv4 one interface has only one IP address. Let's assume that we have two routers connected to each other, so each of the connection interfaces will have only 1 IP address. When using IPv6, each interface automatically receives a Link Local IP address. These addresses start with FE80::/64.
These IP addresses are only used for local connections. People working with Windows know very similar addresses like 169.254.X.X - these are addresses automatically configured by the IPv4 protocol.
If a computer asks a DHCP server for an IP address, but for some reason cannot communicate with it, Microsoft devices have a mechanism that allows the computer to assign an IP address to itself. In this case, the address will be something like this: 169.254.1.1. A similar situation will arise if we have a computer, a switch and a router. Suppose the router did not receive an IP address from the DHCP server and automatically assigned itself the same IP address 169.254.1.1. After that, it will send an ARP broadcast request over the network through the switch, in which it will ask if some network device has this address. Having received a request, the computer will answer him: βYes, I have exactly the same IP address!β, After which the router will assign itself a new random address, for example, 169.254.10.10, and again send an ARP request over the network.
If no one reports that he has the same address, then he will keep the address 169.254.10.10 for himself. Thus, devices on the local network may not use the DHCP server at all, using the mechanism of automatic assignment of IP addresses to themselves in order to communicate with each other. This is what IP address autoconfiguration is, which we have seen many times but never used.
Similarly, IPv6 has a mechanism for assigning Link Local IP addresses starting with FE80::. The slash 64 means the separation of network addresses and host addresses. In this case, the first 64 means the network, and the second 64 means the host.
FE80:: means addresses like FE80.0.0.0/, where the slash is followed by part of the host address. These addresses are not the same for our device and the interface connected to it and are configured automatically. In this case, the host part uses the MAC address. As you know, the MAC address is a 48-bit IP address, consisting of 6 blocks of 2 hexadecimal numbers. Microsoft uses such a system, Cisco uses 3 blocks of 4 hexadecimal numbers.
In our example, we will use the Microsoft sequence of the form 11:22:33:44:55:66. How does it assign the MAC address of a device? This sequence of numbers in the host address, representing the MAC address, is divided into two parts: on the left are three groups of 11:22:33, on the right are three groups of 44:55:66, and FF and FE are added between them. This creates a 64 bit block of the host's IP address.
As you know, the sequence 11:22:33:44:55:66 is a MAC address that is unique for each device. By setting FF:FE MAC addresses between two groups of numbers, we get a unique IP address for this device. This is how an IP address of the Local Link type is created, which is used only to establish communication between neighbors without special configuration and special servers. Such an IP address can only be used within one network segment and cannot be used for external communication outside of this segment.
The next type of address is the Unique Site Local Scope, which correspond to the internal (private) IPv4 IP addresses like 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. The reason why internal private and external public IP addresses are used is because of the NAT technology we talked about in previous lessons. Unique Site Local Scope is a technology that generates internal IP addresses. You can say: "Imran, because you said that each device can have its own IP address, that's why we switched to IPv6", and you will be absolutely right. But some people prefer to use the concept of internal IP addresses for security reasons. In this case, NAT is used as a firewall, and external devices cannot arbitrarily communicate with devices located inside the network, because they have local IP addresses that are not accessible from the external Internet. However, NAT creates a lot of problems with VPNs, such as the ESP protocol. IPv4 used IPSec for security, but IPv6 has a built-in security mechanism, so communication between internal and external IP addresses is very easy.
To do this, IPv6 has two different types of addresses: while Unique Local addresses correspond to IPv4 internal IP addresses, Global addresses correspond to IPv4 external addresses. Many people choose not to use Unique Local addresses at all, others cannot do without them, so this is the subject of constant debate. I believe that you will get a lot more benefits if you use only external IP addresses, primarily in terms of mobility. For example, my device will have the same IP address whether I'm in Bangalore or New York, so I can easily use any of my devices anywhere in the world.
As I said, IPv6 has a built-in security mechanism that allows you to create a secure VPN tunnel between your office location and your devices. Previously, we needed an external mechanism to create such a VPN tunnel, but in IPv6 this is a built-in standard mechanism.
Since we have discussed enough topics today, I will interrupt our lesson to continue the discussion of the sixth version of the IP Internet Protocol in the next video. For homework, I will ask you to study well what the hexadecimal number system is, because in order to understand IPv6, it is very important to understand the conversion of the binary number system to hexadecimal and vice versa. For example, you should know that 1111=F, and so on, just ask Google to sort it out. In the next video tutorial, I will try to practice with you in such a transformation. I recommend that you watch today's video tutorial several times so that you do not have any questions regarding the topics covered.
Thank you for staying with us. Do you like our articles? Want to see more interesting content? Support us by placing an order or recommending to friends, 30% discount for Habr users on a unique analogue of entry-level servers, which was invented by us for you: (available with RAID1 and RAID10, up to 24 cores and up to 40GB DDR4).
Dell R730xd 2 times cheaper? Only here in the Netherlands! Dell R420 - 2x E5-2430 2.2Ghz 6C 128GB DDR3 2x960GB SSD 1Gbps 100TB - from $99! Read about
Source: habr.com