IPV6 ADDRESSING - MODULO 12 Flashcards
IPv4 Issues
Need for IPv6
You already know that IPv4 is running out of addresses. That is why you need to learn
about IPv6.
IPv6 is designed to be the successor to IPv4.
IPv6 has a larger 128-bit address space, providing 340 undecillion (i.e., 340 followed by 36
zeroes) possible addresses.
However, IPv6 is more than just larger addresses.
When the IETF began its development of a successor to IPv4, it used this opportunity to fix
the limitations of IPv4 and include enhancements.
One example is Internet Control Message Protocol version 6 (ICMPv6), which includes
address resolution and address autoconfiguration not found in ICMP for IPv4 (ICMPv4).
The depletion of IPv4 address space has been the motivating factor for moving to IPv6.
As Africa, Asia and other areas of the world become more connected to the internet, there
are not enough IPv4 addresses to accommodate this growth.
IPv4 has a theoretical maximum of 4.3 billion addresses.
Private addresses in combination with Network Address Translation (NAT) have been
instrumental in slowing the depletion of IPv4 address space.
However, NAT is problematic for many applications, creates latency, and has limitations
that severely impede peer-to-peer communications.
With the ever-increasing number of mobile devices, mobile providers have been leading the
way with the transition to IPv6.
The top two mobile providers in the United States report that over 90% of their traffic is over
IPv6.
Most top ISPs and content providers such as YouTube, Facebook, and NetFlix, have also
made the transition.
Many companies like Microsoft, Facebook, and LinkedIn are transitioning to IPv6-only
internally.
In 2018, broadband ISP Comcast reported a deployment of over 65% and British Sky
Broadcasting over 86%.
Internet of Things
The internet of today is significantly different than the internet of past decades.
The internet of today is more than email, web pages, and file transfers between
computers.
The evolving internet is becoming an Internet of Things (IoT).
No longer will the only devices accessing the internet be computers, tablets, and
smartphones.
The sensor-equipped, internet-ready devices of tomorrow will include everything from
automobiles and biomedical devices, to household appliances and natural ecosystems.
With an increasing internet population, a limited IPv4 address space, issues with NAT and
the IoT, the time has come to begin the transition to IPv6.
IPv4 and IPv6 Coexistence
There is no specific date to move to IPv6.
Both IPv4 and IPv6 will coexist in the near future and the transition will take several years.
The IETF has created various protocols and tools to help network administrators migrate
their networks to IPv6.
The migration techniques can be divided into three categories:
Dual stack allows IPv4 and IPv6 to coexist on the same network segment.
Dual stack devices run both IPv4 and IPv6 protocol stacks simultaneously.
Known as native IPv6, this means the customer network has an IPv6 connection to their
ISP and is able to access content found on the internet over IPv6.
Tunneling
is a method of transporting an IPv6 packet over an IPv4 network.
. The IPv6 packet is encapsulated inside an IPv4 packet, similar to other types of data.
Network Address Translation 64 (NAT64)
Network Address Translation 64 (NAT64) allows IPv6-enabled devices to communicate with
IPv4-enabled devices using a translation technique similar to NAT for IPv4.
An IPv6 packet is translated to an IPv4 packet and an IPv4 packet is translated to an IPv6
packet.
Note:
Tunneling and translation are for transitioning to native IPv6 and should only be used
where needed. The goal should be native IPv6 communications from source to destination.
IPv6 Addressing Formats
The first step to learning about IPv6 in networks is to understand the way an IPv6 address
is written and formatted.
IPv6 addresses are much larger than IPv4 addresses, which is why we are unlikely to run
out of them.
IPv6 addresses are 128 bits in length and written as a string of hexadecimal values.
Every four bits is represented by a single hexadecimal digit; for a total of 32 hexadecimal
values, as shown in the figure.
IPv6 addresses are not case-sensitive and can be written in either lowercase or
uppercase.
Preferred Format
x:x:x:x:x:x:x:x, with each “x” consisting of four hexadecimal values.
The term octet refers to the eight bits of an IPv4 address.
In IPv6, a hextet is the unofficial term used to refer to a segment of 16 bits, or four
hexadecimal values.
Each “x” is a single hextet which is 16 bits or four hexadecimal digits
Preferred format means that you write IPv6 address using all 32 hexadecimal digits.
It does not necessarily mean that it is the ideal method for representing the IPv6 address.
In this module, you will see two rules that help to reduce the number of digits needed to
represent an IPv6 address.
These are examples of IPv6 addresses in the preferred format.
Rule 1 – Omit Leading Zeros
The first rule to help reduce the notation of IPv6 addresses is to omit any leading 0s (zeros)
in any hextet. Here are four examples of ways to omit leading zeros:
* 01ab can be represented as 1ab
* 09f0 can be represented as 9f0
* 0a00 can be represented as a00
* 00ab can be represented as ab
This rule only applies to leading 0s, NOT to trailing 0s, otherwise the address would be
ambiguous. For example, the hextet “abc” could be either “0abc” or “abc0”, but these do not
represent the same value.
Omitting Leading 0s
Type Format
Preferred 2001 : 0db8 : 0000 : 1111 : 0000 : 0000 : 0000 : 0200
No
leading
0s
2001 : db8 : 0 : 1111 : 0 : 0 : 0 : 200
Preferred 2001 : 0db8 : 0000 : 00a3 : ab00 : 0ab0 : 00ab : 1234
No
leading
0s
2001 : db8 : 0 : a3 : ab00 : ab0 : ab : 1234
Preferred 2001 : 0db8 : 000a : 0001 : c012 : 90ff : fe90 : 0001
No
leading
0s
2001 : db8 : a : 1 : c012 : 90ff : fe90 : 1
Preferred 2001 : 0db8 : aaaa : 0001 : 0000 : 0000 : 0000 : 0000
No
leading
0s
2001 : db8 : aaaa : 1 : 0 : 0 : 0 : 0
Preferred fe80 : 0000 : 0000 : 0000 : 0123 : 4567 : 89ab : cdef
No
leading
0s
fe80 : 0 : 0 : 0 : 123 : 4567 : 89ab : cdef
Rule 2- Double Colon
The second rule to help reduce the notation of IPv6 addresses is that a double colon (::)
can replace any single, contiguous string of one or more 16-bit hextets consisting of all
zeros.
For example, 2001:db8:cafe:1:0:0:0:1 (leading 0s omitted) could be represented as
2001:db8:cafe:1::1.
The double colon (::) is used in place of the three all-0 hextets (0:0:0).
The double colon (::) can only be used once within an address, otherwise there would be
more than one possible resulting address.
When used with the omitting leading 0s technique, the notation of IPv6 address can often
be greatly reduced.
This is commonly known as the compressed format.
Here is an example of the incorrect use of the double colon: 2001:db8::abcd::1234.
The double colon is used twice in the example above. Here are the possible expansions of
this incorrect compressed format address:
* 2001:db8::abcd:0000:0000:1234
* 2001:db8::abcd:0000:0000:0000:1234
* 2001:db8:0000:abcd::1234
* 2001:db8:0000:0000:abcd::1234
If an address has more than one contiguous string of all-0 hextets, best practice is to use
the double colon (::) on the longest string.
If the strings are equal, the first string should use the double colon (::).
Omitting Leading 0s and All 0 Segments
Type Format
Preferred 2001 : 0db8 : 0000 : 1111 : 0000 : 0000 : 0000 : 0200
Compressed/spaces 2001 : db8 : 0 : 1111 : : 200
Compressed 2001:db8:0:1111::200
Preferred 2001 : 0db8 : 0000 : 0000 : ab00 : 0000 : 0000 : 0000
Compressed/spaces 2001 : db8 : 0 : 0 : ab00 ::
Compressed 2001:db8:0:0:ab00::
As with IPv4, there are different types of IPv6 addresses.
In fact, there are three broad categories of IPv6 addresses:
- Unicast - An IPv6 unicast address uniquely identifies an interface on an IPv6
enabled device. - Multicast - An IPv6 multicast address is used to send a single IPv6 packet to
multiple destinations. - Anycast - An IPv6 anycast address is any IPv6 unicast address that can be
assigned to multiple devices. A packet sent to an anycast address is routed to the
nearest device having that address. Anycast addresses are beyond the scope of
this course.
Unlike IPv4, IPv6 does not have a broadcast address. However, there is an IPv6 all-nodes
multicast address that essentially gives the same result.
IPv6 Prefix Length
The prefix, or network portion, of an IPv4 address can be identified by a dotted-decimal
subnet mask or prefix length (slash notation).
For example, an IPv4 address of 192.168.1.10 with dotted-decimal subnet mask
255.255.255.0 is equivalent to 192.168.1.10/24.
In IPv6 it is only called the prefix length.
IPv6 does not use the dotted-decimal subnet mask notation.
Like IPv4, the prefix length is represented in slash notation and is used to indicate the
network portion of an IPv6 address.
The prefix length can range from 0 to 128.
The recommended IPv6 prefix length for LANs and most other types of networks is /64, as
shown in the figure.
IPv6 Prefix Length
It is strongly recommended to use a 64-bit Interface ID for most networks.
This is because stateless address autoconfiguration (SLAAC) uses 64 bits for the Interface
ID. It also makes subnetting easier to create and manage.
Types of IPv6 Unicast Addresses
An IPv6 unicast address uniquely identifies an interface on an IPv6-enabled device.
A packet sent to a unicast address is received by the interface which is assigned that
address.
Similar to IPv4, a source IPv6 address must be a unicast address.
The destination IPv6 address can be either a unicast or a multicast address.
The figure shows the different types of IPv6 unicast addresses.
Unlike IPv4 devices that have only a single address, IPv6 addresses typically have two
unicast addresses:
- Global Unicast Address (GUA) - This is similar to a public IPv4 address. These
are globally unique, internet-routable addresses. GUAs can be configured statically
or assigned dynamically. - Link-local Address (LLA) - This is required for every IPv6-enabled device. LLAs
are used to communicate with other devices on the same local link. With IPv6, the
term link refers to a subnet. LLAs are confined to a single link. Their uniqueness
must only be confirmed on that link because they are not routable beyond the link.
In other words, routers will not forward packets with a link-local source or
destination address.
A Note About the Unique Local
Address
Unique local addresses (range fc00::/7 to fdff::/7) are not yet commonly implemented.
Therefore, this module only covers GUA and LLA configuration.
However, unique local addresses may eventually be used to address devices that should
not be accessible from the outside, such as internal servers and printers.
The IPv6 unique local addresses have some similarity to RFC 1918 private addresses for
IPv4, but there are significant differences:
* Unique local addresses are used for local addressing within a site or between a
limited number of sites.
* Unique local addresses can be used for devices that will never need to access
another network.
* Unique local addresses are not globally routed or translated to a global IPv6
address.
Note: Many sites also use the private nature of RFC 1918 addresses to attempt to secure
or hide their network from potential security risks. However, this was never the intended
use of these technologies, and the IETF has always recommended that sites take the
proper security precautions on their internet-facing router.
IPv6 GUA
IPv6 global unicast addresses (GUAs) are globally unique and routable on the IPv6
internet.
These addresses are equivalent to public IPv4 addresses.
The Internet Committee for Assigned Names and Numbers (ICANN), the operator for IANA,
allocates IPv6 address blocks to the five RIRs.
Currently, only GUAs with the first three bits of 001 or 2000::/3 are being assigned, as
shown in the figure.
The figure shows the range of values for the first hextet where the first hexadecimal digit for
currently available GUAs begins with a 2 or a 3.
This is only 1/8th of the total available IPv6 address space, excluding only a very small
portion for other types of unicast and multicast addresses.
Note: The 2001:db8::/32 address has been reserved for documentation purposes, including
use in examples.
Global Routing Prefix
The global routing prefix is the prefix, or network, portion of the address that is assigned by
the provider, such as an ISP, to a customer or site.
For example, it is common for ISPs to assign a /48 global routing prefix to its customers.
The global routing prefix will usually vary depending on the policies of the ISP.
The previous figure shows a GUA using a /48 global routing prefix.
/48 prefixes are a common global routing prefix that is assigned and will be used in most of
the examples throughout this course.
For example, the IPv6 address 2001:db8:acad::/48 has a global routing prefix that indicates
that the first 48 bits (3 hextets) (2001:db8:acad) is how the ISP knows of this prefix
(network).
The double colon (::) following the /48 prefix length means the rest of the address contains
all 0s.
The size of the global routing prefix determines the size of the subnet ID.
Subnet ID
The Subnet ID field is the area between the Global Routing Prefix and the Interface ID.
Unlike IPv4 where you must borrow bits from the host portion to create subnets, IPv6 was
designed with subnetting in mind.
The Subnet ID is used by an organization to identify subnets within its site.
The larger the subnet ID, the more subnets available.
Note: Many organizations are receiving a /32 global routing prefix. Using the recommended
/64 prefix in order to create a 64-bit Interface ID, leaves a 32 bit Subnet ID. This means an
organization with a /32 global routing prefix and a 32-bit Subnet ID will have 4.3 billion
subnets, each with 18 quintillion devices per subnet. That is as many subnets as there are
public IPv4 addresses!
The IPv6 address in the previous figure has a /48 Global Routing Prefix, which is common
among many enterprise networks.
This makes it especially easy to examine the different parts of the address.
Using a typical /64 prefix length, the first four hextets are for the network portion of the
address, with the fourth hextet indicating the Subnet ID.
The remaining four hextets are for the Interface ID.
Interface ID
The IPv6 interface ID is equivalent to the host portion of an IPv4 address.
The term Interface ID is used because a single host may have multiple interfaces, each
having one or more IPv6 addresses.
The figure shows an example of the structure of an IPv6 GUA.
It is strongly recommended that in most cases /64 subnets should be used, which creates
a 64-bit interface ID.
A 64-bit interface ID allows for 18 quintillion devices or hosts per subnet.
A /64 subnet or prefix (Global Routing Prefix + Subnet ID) leaves 64 bits for the interface
ID.
This is recommended to allow SLAAC-enabled devices to create their own 64-bit interface
ID.
It also makes developing an IPv6 addressing plan simple and effective.
Note: Unlike IPv4, in IPv6, the all-0s and all-1s host addresses can be assigned to a
device. The all-1s address can be used because broadcast addresses are not used within
IPv6. The all-0s address can also be used, but is reserved as a Subnet-Router anycast
address, and should be assigned only to routers.
IPv6 LLA
An IPv6 link-local address (LLA) enables a device to communicate with other IPv6-enabled
devices on the same link and only on that link (subnet).
Packets with a source or destination LLA cannot be routed beyond the link from which the
packet originated.
The GUA is not a requirement. However, every IPv6-enabled network interface must have
an LLA.
If an LLA is not configured manually on an interface, the device will automatically create its
own without communicating with a DHCP server.
IPv6-enabled hosts create an IPv6 LLA even if the device has not been assigned a global
unicast IPv6 address.
This allows IPv6-enabled devices to communicate with other IPv6-enabled devices on the
same subnet.
This includes communication with the default gateway (router).
IPv6 LLAs are in the fe80::/10 range. The /10 indicates that the first 10 bits are 1111 1110
10xx xxxx.
The first hextet has a range of 1111 1110 1000 0000 (fe80) to 1111 1110 1011 1111 (febf).
The figure shows an example of communication using IPv6 LLAs. The PC is able to
communicate directly with the printer using the LLAs.
Note:
Typically, it is the LLA of the router, and not the GUA, that is used as the default
gateway for other devices on the link.
There are two ways that a device can obtain an LLA:
- Statically - This means the device has been manually configured.
- Dynamically - This means the device creates its own interface ID by using
randomly generated values or using the Extended Unique Identifier (EUI) method,
which uses the client MAC address along with additional bits.
Static GUA Configuration on a
Router
As you learned in the previous topic, IPv6 GUAs are the same as public IPv4 addresses.
They are globally unique and routable on the IPv6 internet.
An IPv6 LLA lets two IPv6-enabled devices communicate with each other on the same link
(subnet).
It is easy to statically configure IPv6 GUAs and LLAs on routers to help you create an IPv6
network.
This topic teaches you how to do just that!
Most IPv6 configuration and verification commands in the Cisco IOS are similar to their
IPv4 counterparts.
In many cases, the only difference is the use of ipv6 in place of ip within the commands.
For example, the Cisco IOS command to configure an IPv4 address on an interface is ip
address ip-address subnet-mask.
In contrast, the command to configure an IPv6 GUA on an interface is ipv6 address ipv6
address/prefix-length.
Notice that there is no space between ipv6-address and prefix-length.
The example configuration uses the topology shown in the figure and these IPv6 subnets:
* 2001:db8:acad:1::/64
* 2001:db8:acad:2::/64
* 2001:db8:acad:3::/64
Static GUA Configurati
Manually configuring the IPv6 address on a host is similar to configuring an IPv4 address.
As shown in the figure, the default gateway address configured for PC1 is
2001:db8:acad:1::1.
This is the GUA of the R1 GigabitEthernet interface on the same network.
Alternatively, the default gateway address can be configured to match the LLA of the
GigabitEthernet interface.
Using the LLA of the router as the default gateway address is considered best practice.
Either configuration will work.
There are two ways in which a device can obtain an IPv6 GUA automatically:
- Stateless Address Autoconfiguration (SLAAC)
- Stateful DHCPv6
SLAAC and DHCPv6 are covered in the next topic.
Note: When DHCPv6 or SLAAC is used, the LLA of the router will automatically be
specified as the default gateway address.
