Difference between revisions of "IPv6 Address"
m |
m (→Nice To Know Address Allocations) |
||
Line 41: | Line 41: | ||
|- | |- | ||
|} | |} | ||
+ | =Articles= | ||
+ | *[[Configuring IPv6 addresses]] | ||
[[Category:IPv6]] [[Category:IPv6 Address Type]] | [[Category:IPv6]] [[Category:IPv6 Address Type]] | ||
Revision as of 12:14, 13 June 2011
IPv6 Address Types[1]
Need To Know Address Allocations
Prefix | Example | Designation | IPv4 Equivalent |
---|---|---|---|
::/128 | Unspecified | 0.0.0.0 | |
::1/128 | Loopback | 127.0.0.1 | |
::ffff/96 | ::ffff:83.90.47.30 | IPv4-Mapped | No Equivalent |
fc00:/7 | fdf8:f53b:82e4::53 | Unique Local Address (ULA) | 10/8, 172.16/12, 192.168/16 |
fe80::/10 | fe80::221:86ff:fea0:ce84 | Link-Local Address | 169.254.0.0/16 |
2002::/16 | 2002:cb0a:3cdd:1::1 | 6to4 | No Equivalent |
2000::/3 | 2001:470:1f08:197d::2 | Global Unicast | No single block. |
ff00::/8 | ff01::2 | Multicast IPv6 Address | 224.0.0.0/4 |
Nice To Know Address Allocations
Prefix | Example | Designation | IPv4 Equivalent |
---|---|---|---|
2001:0000::/32 | 2001:0000:41ef::A819 | Teredo | No Equivalent |
2001:0002::/48 | 2001:0002:6c::430 | Benchmarking | 198.18.0.0/15 |
2001:0010::/28 | 2001:0010:10:240:ab::a | Orchid | No Equivalent |
2001::db8/32 | 2001:db8:8:4::2 | Documentation | Fx. 192.0.2.0/24 |
IPv6 Address Type: | Link-Local |
Prefix: | fe80::/10 |
Local Routeable: | No |
Global Routeable: | No |
Global Unique: | No |
Example: | FE80::21B:D4FF:FE0F:8CA2 |
IPv4 Equivalent: | 169.254.0.0/16 Link-Local |
Described in: | rfc4291 |
These addresses are used on a single link or a non-routed common access network, such as an Ethernet LAN.
They do not need to be unique outside of that link.
Link-local addresses may appear as the source or destination of an IPv6 packet.
Routers must not forward IPv6 packets if the source or destination contains a link-local address.
IPv6 Link-Local Addresses
Link-Local Addresses are used by Nodes to communicate to other Nodes on the same Link. Link-Local addresses are not Routeable.
IPv6#<input>sh ipv6 int fa0/0</input>
FastEthernet0/0 is up, line protocol is up
IPv6 is enabled, <notice>link-local address is FE80::21B:D4FF:FE0F:8CA2</notice>
No Virtual link-local address(es):
Description: Outside: Internet connection to ISP
Global unicast address(es):
2001:16D8:DD85:146::2, subnet is 2001:16D8:DD85:146::/64
Joined group address(es):
FF02::1
FF02::2
FF02::D
FF02::16
FF02::1:FF00:2
FF02::1:FF0F:8CA2
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds
Hosts use stateless autoconfig for addresses. |
Example why originating interface is important
Notice in the example below, we telnet to the Heimdal Router - the very same we're on - even I know that the Link-Local address FE80::218:18FF:FE7C:B440 is on a neighboring Router called Campus1.
<notice>Heimdal</notice>#<input>telnet FE80::218:18FF:FE7C:B440</input>
Trying FE80::218:18FF:FE7C:B440 ... Open
!!!Netadmin Please upgrade the network security!!!
banner motd
User Access Verification
Password:
<notice>Heimdal</notice>><input>exit</input>
[Connection to FE80::218:18FF:FE7C:B440 closed by foreign host]
Link-Local addresses are local on a link. We need to tell on which interface the Link-Address are on. First we need to find the interface on which the address resides.
Heimdal#<input>show ipv6 neighbor | inc B440</input>
FE80::218:18FF:FE7C:B440 0 0018.187c.b440 STALE <notice>Vl1</notice>
In the output in previous command, it's seen that the Link-Local address lives in Vlan1. Now we telnet from that source-interface - and Voila everything works as expected.
<notice>Heimdal</notice>#<input>telnet FE80::218:18FF:FE7C:B440 /source-interface vlan1</input>
Trying FE80::218:18FF:FE7C:B440 ... Open
!!!Netadmin please upgrade Network Security!!!
banner motd
User Access Verification
Password:
<notice>Campus1</notice>>
IPv6 Address Type: | Global Unicast |
Prefix: | 2000::/3 |
Local Routeable: | Yes |
Global Routeable: | Yes |
Global Unique: | Yes |
Example: | 2001:6D8:D85:4:210:11FF:FE34:540A |
IPv4 Equivalent: | In IPv4 there are several Global Unicast block in Class A, B and C |
Described in: | rfc4291 |
IANA Unicast Assignments | |
These are the Global IPv6 addresses used for Global Unicast communication. The ISP's Route these addresses - except those listed in IANA IPv6 Global Unicast Address Assignments
IPv6 Address Type: | Multicast |
Prefix: | ff00::/8 |
Local Routeable: | Yes and No |
Global Routeable: | Yes and No |
Global Unique: | Yes and No |
Example: | FF0E::101 |
IPv4 Equivalent: | 224.0.0.0/4 |
Described in: | rfc4291 section 2.7 |
These addresses are used to identify multicast groups. They should only be used as destination addresses, never as source addresses.
Multicast Address Format
The IPv6 Multicast addresses contains two fields describing which kind of Multicast it is. Flag and Scope.
Flag Field
The flag field consists of four flags. |
|
Flag | Explanation |
---|---|
T |
T = 0 indicates a permanently-assigned well-known multicast address assigned by IANA. T = 1 indicates a non-permanently-assigned ("transient" or "dynamically" assigned) multicast address. See rfc4292 |
P |
P = 0 indicates a multicast address that is not assigned based on the network prefix. P = 1 indicates a multicast address that is assigned based on the network prefix. See rfc3306 |
R |
R = 0 indicates a multicast address that does not embed the address of the RP R = 1 indicates a multicast address that embed an RP (Rendezvous Point) See rfc3956 |
0 | The high-order flag is reserved, and must be initialized to 0. |
Scope Field
The Scope field is used to limit the Scope of the Multicast Group.
Value | Scope | Explanation |
---|---|---|
1 | Interface-Local | Interface-Local scope spans only a single interface on a node and is useful only for loopback transmission of multicast. |
2 | Link Local | Link-Local multicast scope spans the same topological region as the corresponding unicast scope. |
4 | Admin Local | Admin-Local scope is the smallest scope that must be administratively configured, i.e., not automatically derived from physical connectivity or other, non-multicast-related configuration. |
5 | Site Local | Site-Local scope is intended to span a single site. |
8 | Organization Local | Organization-Local scope is intended to span multiple sites belonging to a single organization. |
E | Global | Global span. |
Variable Scope Multicast Addresses
The "meaning" of a Variable Scope or permanently-assigned multicast address is independent of the scope value. For example, if the "NTP servers group" is assigned a permanent multicast address with a group ID of FF0x::101 (hex), then
- FF01::101 means all NTP servers on the same interface (i.e., the same node) as the sender.
- FF02::101 means all NTP servers on the same link as the sender.
- FF05::101 means all NTP servers in the same site as the sender.
- FF0E::101 means all NTP servers in the Internet.
Well Known Multicast examples
Address | Scope | Meaning | Description |
---|---|---|---|
FF01::1 | Node | All Nodes | All nodes on the interface-local scope |
FF01::2 | Node | All Routers | All routers on the interface-local scope |
FF02::1 | Link Local | All Nodes | All nodes on the local-link scope |
FF02::2 | Link Local | All Routers | All routers on the link-local scope |
FF05::2 | Site | All Routers | All routers in a site scope |
Pinging Multicast Addresses
In the first example below By pinging FF02::2 - All Routers on Local-Link - it's seen from the output below that there are two Routers responding
Campus1#<input>ping FF02::2 source vlan 1 repeat 1</input>
Output Interface: <input>vlan 1</input>
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to FF02::2, timeout is 2 seconds:
Packet sent with a source address of FE80::218:18FF:FE7C:B440
Reply to request 0 received from FE80::128C:CFFF:FE96:F76F, 0 ms
Reply to request 0 received from FE80::219:E7FF:FE51:8C0, 0 ms
Success rate is 100 percent (1/1), round-trip min/avg/max = 0/0/0 ms
2 multicast replies and 0 errors.
When pinging FF02::1 - All Nodes on Local-Link - it's seen that there are ten Nodes, including the two Routers from previous example. Using Local-Link address as source.
Campus1#<input>ping FF02::1 source vlan 1 repeat 1</input>
Output Interface: <input>vlan 1</input>
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to FF02::1, timeout is 2 seconds:
Packet sent with a source address of FE80::218:18FF:FE7C:B440
Reply to request 0 received from FE80::22CF:30FF:FEF0:C81A, 0 ms
Reply to request 0 received from FE80::22CF:30FF:FEF0:C880, 0 ms
Reply to request 0 received from FE80::250:56FF:FE8B:C, 0 ms
Reply to request 0 received from FE80::250:56FF:FE8B:3E, 0 ms
Reply to request 0 received from FE80::250:56FF:FE8B:2, 0 ms
Reply to request 0 received from FE80::250:56FF:FE8B:32, 0 ms
Reply to request 0 received from FE80::250:56FF:FE8B:36, 0 ms
Reply to request 0 received from FE80::207:E9FF:FE40:ABF, 0 ms
Reply to request 0 received from FE80::128C:CFFF:FE96:F76F, 0 ms
Reply to request 0 received from FE80::219:E7FF:FE51:8C0, 0 ms
Success rate is 100 percent (1/1), round-trip min/avg/max = 0/0/0 ms
10 multicast replies and 0 errors.
When pinging with Global Unicast as Source Address, some of the nodes respond with their Global Unicast Address. Appently
Campus1#<input>ping FF02::1 source 2001:16D8:DD85:139:218:18FF:FE7C:B441 repeat 1</input>
Output Interface: <input>vlan 139</input>
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to FF02::1, timeout is 2 seconds:
Packet sent with a source address of 2001:16D8:DD85:139:218:18FF:FE7C:B441
Reply to request 0 received from 2001:16D8:DD85:139:250:56FF:FE8B:A, 17 ms
Reply to request 0 received from 2001:16D8:DD85:139:20C:29FF:FE36:45B1, 17 ms
Reply to request 0 received from 2001:16D8:DD85:139:21B:21FF:FE52:917D, 17 ms
Reply to request 0 received from 2001:16D8:DD85:139:216:76FF:FE9F:FEF6, 17 ms
Reply to request 0 received from 2001:16D8:DD85:139:214:5EFF:FE67:614A, 17 ms
Reply to request 0 received from 2001:16D8:DD85:139:20C:29FF:FE4C:C0C, 17 ms
Reply to request 0 received from 2001:16D8:DD85:139:4A5B:39FF:FE5A:A7F7, 17 ms
Reply to request 0 received from 2001:16D8:DD85:139:9221:55FF:FEBC:BD97, 17 ms
Success rate is 100 percent (1/1), round-trip min/avg/max = 17/17/17 ms
8 multicast replies and 0 errors.
RFC's
rfc4291 "IP Version 6 Addressing Architecture" defines new flags in rfc3306 "Unicast-Prefix-based IPv6 Multicast Addresses" and rfc3956 "Embedding the Rendezvous Point (RP) Address in an IPv6 Multicast Address"
IPv6 Address Type: | Unique Local (ULA) |
Prefix: | fc00::/7 |
Local Routeable: | Yes |
Global Routeable: | No |
Global Unique: | Preferable |
Example: | fdf8:f53b:82e4::53 |
IPv4 Equivalent: | Private rfc1918 Adresses
|
Described in: | rfc4193 |
These addresses are reserved for local use in home and enterprise environments and are not public address space.
These addresses might not be unique, and there is no formal address registration. Packets with these addresses in the source or destination fields are not intended to be routed on the public Internet but are intended to be routed within the enterprise or organisation.
See RFC 4193 for more details.
IPv6 Address Type: | Unspecified |
Prefix: | ::/128 |
Local Routeable: | No |
Global Routeable: | No |
Global Unique: | No |
IPv4 Equivalent: | 0.0.0.0 |
Described in: | rfc4291 |
This address may only be used as a source address by an initialising host before it has learned its own address
Prefix ::/128 is the same as 0000:0000:0000:0000:0000:0000:0000:0000
IPv6 Address Type: | Loopback |
Prefix: | ::1/128 |
Local Routeable: | No |
Global Routeable: | No |
Global Unique: | No |
IPv4 Equivalent: | 127.0.0.1 |
Described in: | rfc4291 |
This address is used when a host talks to itself over IPv6. This often happens when one program sends data to another.
IPv6 Address Type: | IPv4 Mapped |
Prefix: | ::ffff/96 |
Local Routeable: | Yes |
Global Routeable: | Yes |
Global Unique: | Yes |
Example: | ::ffff:83.90.47.30 |
IPv4 Equivalent: | None |
Described in: | rfc4291 |
rfc4038 section 4.2 | |
These addresses are used to embed IPv4 addresses in an IPv6 address. One use for this is in a dual stack transition scenario where IPv4 addresses can be mapped into an IPv6 address.
See RFC 4038 for more details
IPv4-mapped IPv6 addresses are used in scenarios where IPv6 an IPv6-only application need to communicate with an IPv4 only application using IPv4 packets.
The IPv4-mapped address, 0:0:0:0:0:FFFF:w.x.y.z or ::FFFF:w.x.y.z, is used to represent an IPv4-only node to an IPv6 node. It is used only for internal representation. The IPv4-mapped address is never used as a source or destination address for an IPv6 packet. The IPv6 protocol does not support the use of IPv4-mapped addresses.[1]
Dual-stack sockets always require IPv6 addresses. The ability to interact with an IPv4 address requires the use of the IPv4-mapped IPv6 address format. Any IPv4 addresses must be represented in the IPv4-mapped IPv6 address format which enables an IPv6 only application to communicate with an IPv4 node. The IPv4-mapped IPv6 address format allows the IPv4 address of an IPv4 node to be represented as an IPv6 address. The IPv4 address is encoded into the low-order 32 bits of the IPv6 address, and the high-order 96 bits hold the fixed prefix 0:0:0:0:0:FFFF. The IPv4-mapped IPv6 address format is specified in RFC 4291. For more information, see www.ietf.org/rfc/rfc4291.txt. The IN6ADDR_SETV4MAPPED macro in Mstcpip.h can be used to convert an IPv4 address to the required IPv4-mapped IPv6 address format.
If the underlying protocol is actually IPv4, then the IPv4 address is mapped into an IPv4-mapped IPv6 address format. That is the, family field in the SOCKADDR structure indicates AF_INET6, but an IPv4-mapped IPv6 address is encoded in the IPv6 address structure. For a dual-stack socket in listening mode, this means that any accepted IPv4 connections will return an IPv4-mapped IPv6 address. For a dual-stack socket that is connecting to an IPv4 destination, the SOCKADDR structure passed to connect must be an IPv4-mapped IPv6 address. Applications must take care to handle these IPv4-mapped IPv6 addresses appropriately and only use them with dual stack sockets. If an IP address is to be passed to a regular IPv4 socket, the address must be a regular IPv4 address not a IPv4-mapped IPv6 address.[2]
Only seen working application using IPv4-mapped IPv6 addresses is Windows 7 ping!!!
<input>
C:\Users\Henrik thomsen><notice>ping ::ffff:192.168.139.50</notice>
Pinging 192.168.139.50 with 32 bytes of data:
Reply from 192.168.139.50: bytes=32 time<1ms TTL=62
Reply from 192.168.139.50: bytes=32 time<1ms TTL=62
Reply from 192.168.139.50: bytes=32 time<1ms TTL=62
Reply from 192.168.139.50: bytes=32 time<1ms TTL=62
Ping statistics for 192.168.139.50:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
</input>
or same as
<input>
C:\Users\Henrik thomsen><notice>ping ::ffff:c0a8:8b32</notice>
Pinging 192.168.139.50 with 32 bytes of data:
Reply from 192.168.139.50: bytes=32 time<1ms TTL=62
Reply from 192.168.139.50: bytes=32 time<1ms TTL=62
Reply from 192.168.139.50: bytes=32 time<1ms TTL=62
Reply from 192.168.139.50: bytes=32 time<1ms TTL=62
Ping statistics for 192.168.139.50:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
</input>
IPv6 Address Type: | 6to4 |
Prefix: | 2002::/16 |
Local Routeable: | Yes |
Global Routeable: | Yes |
Global Unique: | Yes |
Example: | 2002:cb0a:3cdd:1::1 |
IPv4 Equivalent: | No equivalent |
Described in: | rfc3056 |
Cisco Routing IPv6 over IPv4 | |
version6.net on 6to4 |
A 6to4 gateway adds its IPv4 address to this 2002::/16, creating a unique /48 prefix. As the IPv4 address of the gateway router is used to compose the IPv6 prefix, it is possible to reverse the process and identify the IPv4 address, which can then be looked up in the relevant RIR’s Whois database.
You can do this on the following webpage: http://www.potaroo.net/cgi-bin/ipv6addr
EUI-64 or Modified EUI-64 are often used as the lower 64 bit of a IPv6 Address.
EUI-64
EUI-64[1] or Extended Unique Identifier is a 64 bit Global Identifier administered by IEEE[2]
Examples of use
FireWire[3] and in IPv6 as least significant 64 bits in Link-Local and Global Unicast if Stateless Autoconfiguration. (Except Systems that will choice a Random page fx. Windows 7)
EUI-48
EUI-48[4] or Extended Unique Identifier is a 48 bit Global Identifier administered by IEEE[5].
Examples of use
Ethernet MAC addresses is a example of EUI-48 usage. Other examples of technologies that use EUI-48 are Bluetooth and 802.11 Wireless Networks.
IPv6 Modifed EUI-64 Address
Understanding the MAC-AddressThe MAC-Address is divided into two parts.
The MAC-Address is Global Unique and has two flag in its first octet. (Byte)
|
|
Generating the Modified EUI-64When generating a modified EUI-64 as the 64 lower bits of a IPv6 Address the hosts EUI-48 (MAC-Address) is expanded to 64 bits by inserting FF:FE between the OUI and the Extension Identifer or NIC and setting the Locally Administered Bit. Example
|