Transition Mechanisms for Transition Mechanisms for Ipv6 Hosts and Routers Ipv6 Hosts and Routers

RFC2893RFC2893

By Michael PfeifferBy Michael Pfeiffer

TerminologyTerminology

IP v4 only nodeIP v4 only node IP v6 only nodeIP v6 only node IP v4/IP v6 nodeIP v4/IP v6 node IP v4 compatible IP v6 AddressIP v4 compatible IP v6 Address

High order 96 bits prefix 0:0:0:0:0:0High order 96 bits prefix 0:0:0:0:0:0 Low order 32 bits are the IP v4 addressLow order 32 bits are the IP v4 address

Techniques Used in the TransitionTechniques Used in the Transition

IP v6-over-IP v4 tunnelingIP v6-over-IP v4 tunneling Configured tunnelingConfigured tunneling Automatic tunnelingAutomatic tunneling IP v4 multicast tunnelingIP v4 multicast tunneling

Dual IP Layer OperationDual IP Layer Operation

Modes of Operations for IP v4/v6 nodesModes of Operations for IP v4/v6 nodes Both stack enabledBoth stack enabled Disabling one or the other stacksDisabling one or the other stacks

Tunneling techniquesTunneling techniques NoneNone Configured tunneling onlyConfigured tunneling only Both configured and automatic tunneling Both configured and automatic tunneling

Address configurationAddress configuration

IP v4/v6 node an have two addressesIP v4/v6 node an have two addresses IP v4 addressIP v4 address

• 32 bit address 32 bit address • Acquired using IP v4 addressing mechanismsAcquired using IP v4 addressing mechanisms

IP v6 addressIP v6 address• 128 bit address128 bit address• Acquired using IP v6 addressing mechanismsAcquired using IP v6 addressing mechanisms

Domain Name SystemDomain Name System

Ability to map between both IP versionsAbility to map between both IP versions Example: What happen when IP v6 node requests Example: What happen when IP v6 node requests

a record that as been defined with a IP v4 addressa record that as been defined with a IP v4 address The resolver libraries must be capable of The resolver libraries must be capable of

handling both IP v6/IP v4 recordshandling both IP v6/IP v4 records

DNSDNS

Returning records to IP v4/v6 nodes Returning records to IP v4/v6 nodes Filtered Filtered

• Return only IP v6 addressReturn only IP v6 address• Return only IP v4 addressReturn only IP v4 address

OrderedOrdered• Return both addressesReturn both addresses

May change the order of addresses two influence the receiving May change the order of addresses two influence the receiving node.node.

Addressing Addresses in the DNS Addressing Addresses in the DNS

Before a IP v4/v6 record is added all of the Before a IP v4/v6 record is added all of the following should be true:following should be true: The address is assigned to the interface on the The address is assigned to the interface on the

nodenode The address is configured on the interface.The address is configured on the interface. The interface is on a link which is connected to the The interface is on a link which is connected to the

IP v6 infastructure.IP v6 infastructure.

Common Tunneling MechanismsCommon Tunneling Mechanisms

Will take a while to build up IP v6 infastructure Will take a while to build up IP v6 infastructure so we need a means of sending packetsso we need a means of sending packets

Tunneling is a way to use IP v4 infrastructure Tunneling is a way to use IP v4 infrastructure to send IP v6 packetsto send IP v6 packets

This is done by sticking a IP v6 packet into the This is done by sticking a IP v6 packet into the body of a IP v4 packet.body of a IP v4 packet.

Types of tunnelingTypes of tunneling

Configured TunnelingConfigured Tunneling Router to RouterRouter to Router Host to RouterHost to Router

Automatic TunnelingAutomatic Tunneling Host to HostHost to Host Router to HostRouter to Host

Tunneling ConfigurationTunneling Configuration

11stst The encapsulating node creates an The encapsulating node creates an encapsulating IP v4 header and transmitsencapsulating IP v4 header and transmits

22ndnd The decapsulating node receives the The decapsulating node receives the encapsulated packet, reassmebles the packet encapsulated packet, reassmebles the packet (if needed) , and removes the IP v4 header.(if needed) , and removes the IP v4 header.

Note:(The primary diffence in tunneling Note:(The primary diffence in tunneling scheme is how the determine the header scheme is how the determine the header packet end address.)packet end address.)

EncapsulationEncapsulation

+-------------++-------------+| IP v4 || IP v4 |

| Header | | Header | +------------++------------+ +-------------+ +-------------+ | IP| IP v6 |v6 | | IP v6 || IP v6 || Header || Header | | Header || Header |+------------++------------+ +------------++------------+| Transport || Transport | ====> ====> | Transport || Transport || Layer | | Layer | | Layer || Layer || Header || Header | | Header || Header |+------------++------------+ +------------++------------+| || | | || || Data | | Data | | Data || Data || || | | || |+------------++------------+ +------------++------------+

Handling FragmentsHandling Fragments

What happens when a IP v6 packet is too big What happens when a IP v6 packet is too big for the payload of IP v4 packet?for the payload of IP v4 packet? IP packet is fragmented and two or more packets IP packet is fragmented and two or more packets

are send?are send? This can be avoided in when the encapsulating This can be avoided in when the encapsulating

node knows about the tunneling.node knows about the tunneling.

Fragmentation ProblemsFragmentation Problems

Fragmentation in tunneling not sent by the Fragmentation in tunneling not sent by the sending nodesending node

Resassembling packets at the router.Resassembling packets at the router.

Reducing Fragmentation Reducing Fragmentation

Making packet small enough for additional IP Making packet small enough for additional IP v4 headerv4 header

Using a IP v4 Path Discovery Protocal.Using a IP v4 Path Discovery Protocal. If you have a large number of tunnels then i might If you have a large number of tunnels then i might

not be able to store all of them.not be able to store all of them. This will not completely elminate This will not completely elminate

fragmentation but will reduce it.fragmentation but will reduce it.

Hop LimitHop Limit

IP v6-over-IP v4 tunnels are considered as IP v6-over-IP v4 tunnels are considered as one hop.one hop. This means the IP v6 hop limit is decremented by This means the IP v6 hop limit is decremented by

one at the end of each tunnelone at the end of each tunnel This hide the existance of tunneling.This hide the existance of tunneling.

IP v6 header only gets used at the beginning and IP v6 header only gets used at the beginning and end of the tunnel.end of the tunnel.

ICMP ErrorsICMP Errors

Errors are sent to the encapsulating nodeErrors are sent to the encapsulating node ICMP “packet too big” error is handled ICMP “packet too big” error is handled

according to the path dicoveryaccording to the path dicovery Which will change the packet along the pathWhich will change the packet along the path

Handling of other errors depend of the size of Handling of other errors depend of the size of the “packet in error” field sent back.the “packet in error” field sent back.

IP v4 Header for tunnelingIP v4 Header for tunneling

Version field: 4Version field: 4 IP header length in 32 bit words: 5IP header length in 32 bit words: 5 Type of service: 0Type of service: 0

Note (work is underway to redefine the service Note (work is underway to redefine the service byte , so this might be different in the future.)byte , so this might be different in the future.)

Total Length: (Payload + IP v6 header + IP v4 Total Length: (Payload + IP v6 header + IP v4 header)header)

IP v4 Header Cont.IP v4 Header Cont.

Identification: Generated uniquely as for any Identification: Generated uniquely as for any IP v4 packet transmitted by the system.IP v4 packet transmitted by the system.

Flags: Flags: Don't Fragment flagDon't Fragment flag More Fragmentsd flagMore Fragmentsd flag

Fragment offset: set if there is a Fragment offset: set if there is a fragmentationfragmentation

Time to Live: Set in implementation specific Time to Live: Set in implementation specific mannermanner

IP v4 Header Cont.IP v4 Header Cont.

Protocal: 41 (Assigned payload type Protocal: 41 (Assigned payload type number for IP v6)number for IP v6)

Header checksum: calculated checksum for Header checksum: calculated checksum for the IP v4 headerthe IP v4 header

Source address: IP v4 address of Source address: IP v4 address of encapsulating nodeencapsulating node

Destination address: IP v4 address at end Destination address: IP v4 address at end of tunnel.of tunnel.

DecapsulationDecapsulation

Accurs when a node recieves a packet with it's Accurs when a node recieves a packet with it's IP v4 address and the protocal field is set to IP v4 address and the protocal field is set to 4141

Reassembles packet if it was fragmentedReassembles packet if it was fragmented IP v6 header will be untouched since it had IP v6 header will be untouched since it had

been encapsulatedbeen encapsulated Hop limit will be decremented by oneHop limit will be decremented by one

DecapsulationDecapsulation

Decapsulating node performs IP v4 Decapsulating node performs IP v4 reassembly before decapsulating the IP v6 reassembly before decapsulating the IP v6 packetpacket Done to preserve all IP v6 options even if Done to preserve all IP v6 options even if

fragmentedfragmented Node must not forward on decapsulated Node must not forward on decapsulated

packet unless explicitly configured too.packet unless explicitly configured too.

Discarding packetsDiscarding packets

The IP v4 header should be discardedThe IP v4 header should be discarded Node should silently discard packet with an Node should silently discard packet with an

invalid IP v4 source address (eg. Multicast, invalid IP v4 source address (eg. Multicast, broadcast)broadcast)

The node should also silently discard packets The node should also silently discard packets with invalid IP v6 source addresswith invalid IP v6 source address

Link-Layer AddressesLink-Layer Addresses

Both configured and automatic tunneling must Both configured and automatic tunneling must have link-local addresses so routing protocal have link-local addresses so routing protocal can operatecan operate

The Interface Identifier should be the 32 bit The Interface Identifier should be the 32 bit address that is in the IP v4 header.address that is in the IP v4 header.

The IP v6 Link-Local address for IP v4 virtual The IP v6 Link-Local address for IP v4 virtual interface is FE80::IP v4 addressinterface is FE80::IP v4 address

Neighor DiscoveryNeighor Discovery

Automatic and unidirectional tunnels are Automatic and unidirectional tunnels are condsider undictionalcondsider undictional Neighor discovery is only used for formation of link Neighor discovery is only used for formation of link

local addresseslocal addresses Bidirectional tunnels use Neighbor Bidirectional tunnels use Neighbor

Unreachability Detection (NUD) Packets to Unreachability Detection (NUD) Packets to setup a tunnel.setup a tunnel.

Configured TunnelingConfigured Tunneling

Determination of which tunnel to use is done Determination of which tunnel to use is done by routing tableby routing table Uses prefix mask and match techniqueUses prefix mask and match technique

The Default RouteThe Default Route

Configured Tunneling with IP v4 Configured Tunneling with IP v4 Anycast AddressAnycast Address Uses the Anycast Address to forward the IP v6 Uses the Anycast Address to forward the IP v6

packet onpacket on Receiving node treats the address as if it is it's Receiving node treats the address as if it is it's

ownown After decapsulated transmits it toward the correct After decapsulated transmits it toward the correct

addressaddress Could have problem with fragmentationCould have problem with fragmentation

Automatic TunnelingAutomatic Tunneling

Allows IP v6/v4 nodes to communicate without Allows IP v6/v4 nodes to communicate without pre-configured tunnelspre-configured tunnels

Nodes using automatic tunneling are assigned Nodes using automatic tunneling are assigned IP v4 compatible addresses.IP v4 compatible addresses.

IP v4 address is globally unique as long as IP v4 address is globally unique as long as address is not for a private network.address is not for a private network.

Address ConfigurationAddress Configuration

Will serve as both IP v4 and v6 addressesWill serve as both IP v4 and v6 addresses Will acquire address through IP v4 address Will acquire address through IP v4 address

configuration protocols and then Map it to IP configuration protocols and then Map it to IP v6 addressv6 address DHCP, BOOTP, RARP, Manual, etc.DHCP, BOOTP, RARP, Manual, etc.

Automatic Tunneling OperationsAutomatic Tunneling Operations

Only used when endpoint address is an IP v4 Only used when endpoint address is an IP v4 compatible address compatible address

A special static routing table can be setup for A special static routing table can be setup for automatic tunnelingautomatic tunneling

Must not be sent to IP v4 broadcast or Must not be sent to IP v4 broadcast or multicast destinationsmulticast destinations

Source Address cofigurationSource Address cofiguration

Which format:Which format: Native IP v6Native IP v6 IP v4 compatibleIP v4 compatible

Determines the type of traffic that will be Determines the type of traffic that will be returned.returned.

Work sitedWork sited

RFC 2893, RFC 2893, http://www.faqs.org/rfc/rfc2893.htmlhttp://www.faqs.org/rfc/rfc2893.html