m (→Larger Address Space for Global Reachability and Scalability)
(→IPv6 Packet Header Format)
|Line 96:||Line 96:|
Revision as of 18:57, 13 June 2011
Many of the finest developers and engineering minds have been working on IPv6 since the early 1990s. Hundreds of RFCs have been written and have detailed some major areas, including expanded addressing, simplified header format, flow labeling, authentication, and privacy. Expanded addressing moves us from 32-bit address to a 128-bit addressing method. It also provides newer unicast and addressing methods, injects hexadecimal into the IP address, and moves from using "." to using ":" as delimiters.
This IP Version 6 information is intended for network professionals with good IP version 4 (IPv4) networking skills and knowledge. It is ideal for anyone, including account managers and system engineers, who is required to analyze IPv6 network requirements and develop strategies for the deployment of IPv6 networks. In addition to the content listed in the Resources and References section, you can also find information on IPv6 implementation details including the roadmap, software configuration, and Statement of Direction at http://www.cisco.com/go/ipv6.
Introduction: Rationale for a New Version of IP
IP version 6 is a new IP protocol designed to replace IP version 4, the Internet protocol that is predominantly deployed and extensively used throughout the world. IPv4 has proven to be robust, easily implemented, and interoperable, and has stood the test of scaling an internetwork to a global utility the size of the Internet today.
However, the initial design did not anticipate the following conditions:
- Recent exponential growth of the Internet and the impending exhaustion of the IPv4 address space
- Growth of the Internet and the ability of Internet backbone routers to maintain large routing tables
- Need for simpler autoconfiguration and renumbering
- Requirement for security at the IP level
- Need for better support for real-time delivery of data?also called quality of service (QoS)
Though the 32-bit address space of IPv4 supports about 4 billion IP devices, the IPv4 addressing scheme is not optimal, as described by Christian Huitema in RFC 3194, The Host-Density Ratio for Address Assignment Efficiency: An Update on the H Ratio. A good number of the initially allocated class A addresses are probably still not used, but are not likely to be reclaimed.
The Internet Engineering Task Force (IETF) first recognized the problem of eventual IPv4 address exhaustion around 1990 and predicted that we had about ten years to solve this problem. Interestingly, this prediction was made before the explosive growth of the Internet and the World Wide Web in the 1990s. Indeed, it is only very recently that the IP address "crunch" has become widely acknowledged.
The current IP address space is unable to satisfy the potential huge increase in the number of users or the geographical needs of the Internet expansion, let alone the requirements of emerging applications such as Internet-enabled personal digital assistants (PDAs), home area networks (HANs), Internet-connected transportations (for example, automobiles), integrated IP telephony services, IP wireless services, and distributed gaming. IPv6 is designed to meet these requirements and allow a return to a global environment where the addressing rules of the network are again transparent to the applications.
The lifetime of IPv4 has been extended by using techniques such as address reuse with Network Address Translation (NAT), classless interdomain routing (CIDR), and temporary-use allocations Dynamic Host Configuration Protocol (DHCP) and RADIUS/PPP. Although these techniques appear to increase the address space and satisfy the traditional server/client setup, they fail to meet the requirements of the peer-to-peer and server (home)-to-client (Internet) applications. The need for always-on environments (such as residential Internet through broadband, cable modem, or Ethernet-to-the-home) to be contactable precludes these IP address conversion, pooling, and temporary allocation techniques, and the "plug-and-play" required by consumer Internet appliances further increases the address requirements.
Temporary or semi-permanent connections such as dialup or cable modem/xDSL are being given either temporary IPv4 addresses or private addresses. Millions of the new technology devices such as wireless phones, PDAs, cars, and home appliances will not be able to get global IPv4 addresses any longer. Though we do not expect to ever see the last IPv4 address handed out, it is getting much harder to get IPv4 addresses.
IPv4 will soon reach the stage where you will have to choose between new capabilities or a larger network, but not both. So, we need a new protocol to provide new and enhanced features in addition to solving the IP address exhaustion problem.
Network Address Translation
Emerging countries are facing the IPv4 address crunch more strongly than Europe or the United States. Although the use of NAT has delayed the IPv4 address exhaustion, the use of NAT introduces some complications that can be overcome only with a new IP protocol.
In IPv4 networks, NAT is typically used to connect internal networks by translating packets between an internal network, which uses the private address space, as described in RFC 1918 Address Allocation for Private Internets, and the Internet. NAT uses only a few global (external) addresses even in a large internal network.
Limitations of NAT
Note that the use of NAT only delays the time of exhaustion of the IPv4 addresses but does not solve the real large-scale growth problem, because IP is now widely adopted as the applications convergence layer for non-computing devices. Additionally, use of NAT has many implications, as identified in RFC 2775, Internet Transparency, and RFC 2993, Architectural Implications of NAT. Some of these problems follow and can be solved only with a new protocol, such as IPv6:
With IPv4, only the endpoints handle the connection and the underlying layers do not handle any connection. However, when NAT is used, it breaks the end-to-end connection model of IP.
Because NAT must handle the translation of addresses and ports, NAT requires the network to keep the states of the connections. In case of failure of the NAT device or the links near the NAT device, the need to keep the state of the connections in NAT makes fast rerouting difficult.
NAT also inhibits the implementation of end-to-end network security. The integrity of the IP header is protected by some cryptographic functions. This header cannot be changed between the origin of the packet, which protects the integrity of the header and the final destination, where the integrity of the received packet is checked. Any translation of parts of the headers along the path will break the integrity check
With applications that are not "NAT-friendly," more than just port and address mapping is necessary to forward the packet through the NAT device. NAT must embed complete information of all the applications to accomplish this goal, especially in the case of dynamically allocated ports with rendezvous ports, embedded IP addresses in application protocols, security associations, and so on. Every new deployment of a non-NAT-friendly application will require the upgrading of the NAT device.
When different networks that are using the same private address space, such as 10.0.0.0/8, need to be combined or connected, as in the case of a merger, an address space collision will result. Though techniques such as renumbering or twice-NAT can resolve this collision, these techniques are very difficult and will increase the complications of NAT.
The ratio of internal/reachable to external addresses mapping must be large to make NAT effective. However, when there are many servers inside, the same protocol cannot be multiplexed on the same port using the NAT external address. For example, two internal servers using the same port (80) cannot use the same external outside address without changing the port number. Each inside server that must be reachable from the outside will start using one external address. Because there are many protocols that make nodes as servers and consume many external addresses, NAT is not quite as useful if the number of inside servers is large.
Meeting Future Network Requirements
Though the exhaustion of IPv4 addresses is the primary reason for the development of a new protocol, the designers of IPv6 added other new features and some critical improvements to IPv4.
IPv6 is designed to meet the user, application, and service requirements, and allow a return to a simpler environment where the operation of the network is again transparent to the applications.
The anticipated rollout of wireless data services has been identified as a key IPv6 driver. The wireless industry standardization bodies, for example, the 3rd Generation Partnership Project (www.3gpp.org), Universal Mobile Telecommunication System (www.umts-forum.org), and Mobile Wireless Internet Forum (www.mwif.org) are considering IPv6 as the foundation for future IP services. Today, IPv6 services are available over IEEE 802.11 from some "hot-spot" locations.
The overall market adoption of IPv6 will be determined by the ability of the architecture to best accommodate Internet growth, new IP applications, and services. All these factors underscore the original rationale behind definition of IPv6 and the market drivers.
Evolution of Internet Protocol Version 6
IPv5 is an experimental resource reservation protocol intended to provide QoS, defined as the Internet Stream Protocol or ST. ST is not a replacement of IP, but uses an IP version number (number five), because it uses the same link-layer framing as IPv4. Resource reservation is now done using other protocols (for example, resource reservation protocol (RSVP)). IPv5/ST protocol is documented in RFC 1190, Experimental Internet Stream Protocol, Version 2 (ST-II) and RFC 1819, Internet Stream Protocol Version 2 (ST2) Protocol Specification - Version ST2+.
The original proposal for IPv6 proposed in RFC 1752, The Recommendation for the IP Next Generation Protocol was the Simple Internet Protocol Plus (SIPP) with a larger (128 bit) address space. The main author of SIPP was Steve Deering, now a Cisco Fellow. Following that proposal, the IETF started a working group and the first specification came in late 1995 with RFC 1883, Internet Protocol, Version 6 (IPv6) Specification. RFC 2460, Internet Protocol, Version 6 (IPv6) Specification, by Steve Deering (Cisco) and Rob Hinden (Nokia), obsoletes RFC 1883 and is the present standard for IPv6.
IPv6 quadruples the number of network address bits from 32 bits (in IPv4) to 128 bits, which provides more than enough globally unique IP addresses for every network device on the planet. The use of globally unique IPv6 addresses simplifies the mechanisms used for reachability and end-to-end security for network devices, functionality that is crucial to the applications and services that are driving the demand for the addresses.
The flexibility of the IPv6 address space provides the support for private addresses but should reduce the use of Network Address Translation (NAT) because global addresses are widely available. IPv6 reintroduces end-to-end security and quality of service (QoS) that are not always readily available throughout a NAT-based network.
Features and Benefits of Using IPv6
In addition to meeting the anticipated future demand for globally unique IP addresses, IPv6 provides the following benefits to network and IT professionals:
- Larger address space for global reachability and scalability
- Simplified header format for efficient packet handling
- Hierarchical network architecture for routing efficiency
- Support for widely deployed routing protocols
- Autoconfiguration and plug-and-play support
- Elimination of need for network address translation (NAT) and application's layered gateway (ALG)
- Embedded security with mandatory IPSec implementation
- Enhanced support for Mobile IP and Mobile Computing Devices
- Increased number of multicast addresses
Larger Address Space for Global Reachability and Scalability
The availability of an almost unlimited number of IP addresses is the most compelling benefit of implementing IPv6 networks. Compared to IPv4, IPv6 increases the number of address bits by a factor of 4, from 32 bits to 128 bits. The 128 bits provide approximately 3.4x1038 addressable nodes, enough to allocate about 1030 addresses per person on this planet. Figure 1 shows the general format of an IPv6 address.
Figure: IPv6 Packet Header Format shows the IPv6 packet header format.
Description of IPv6 Packet Header
The simplified header is 40 bits long and the format consists of Version, Class, Flow Label, Payload Length, Next Header, Hop Limit, Source Address, Destination Address, Data, and Payload fields.
At its simplest, hex numbers are base 16. Decimal is base 10, counting from 0 to 9, as we do in decimal, and then adding a column to make 10. Counting in hex goes from 0 to F before adding a column.
The characters A through F represent the decimal values of 10 through 15, as illustrated in Figure: Hex Characters A Through F Represent the Numbers 10 Through 15.
Figure: Hex Characters A Through F Represent the Numbers 10 Through 15
Counting in hex goes as follows: 0 1 2 3 4 5 6 7 8 9 A B C D E F 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F 20 21 and up, as far as you want to go.
Let's look at an example of IPv6 address. The address is an eight-part hex address separated by colons (:). Each part n can equal a 16-bit number and is eight parts long, providing a 128-bit address length (16 * 8 = 128),
Addresses are n:n:n:n:n:n:n:n n = 4 digit hexadecimal integer, 16 * 8 = 128 address.
1080:0:0:0:8:800:200C:417A Unicast address
FF01:0:0:0:0:0:0:101 Multicast address
Included in IPv6 are a number of methods:
Note that there is no explicit notion of "broadcast" in IPv6.
Unicast is a communication between a single host and a single receiver. Packets sent to a unicast address are delivered to the interface identified by that address, as seen in Figure: Unicast Sends Packets to a Specified Interface.
Figure: Unicast Sends Packets to a Specified Interface
Multicast is communication between a single host and multiple receivers. Packets are sent to all interfaces identified by that address, as seen in Figure: Multicast Sends Packets to a Subnet, and Defined Devices Listen for Multicast Packets.
Figure: Multicast Sends Packets to a Subnet, and Defined Devices Listen for Multicast Packets
Packets sent to an anycast address or list of addresses are delivered to the nearest interface identified by that address. Anycast is a communication between a single sender and a list of addresses, as shown in Figure: Anycast Sends Packets to Specified Interface List and Can Contain End Nodes and Routers.
Figure: Anycast Sends Packets to Specified Interface List and Can Contain End Nodes and Routers
Some of the benefits of IPv6 seem obvious: greater addressing space, built-in QoS, and better routing performance and services. However, a number of barriers must be overcome before the implementation of IPv6. The biggest question for most of us will be what the business need is for moving from current IPv4 to IPv6. The killer app has not appeared yet, but it may be closer than we think. The second consideration is the cost-it may not have much to do with hardware replacement cost. All the larger routers have upgradable OSs IOS; the only necessity is the commitment to upgrading IOS. More likely to do with training and support of minor IP devices such as printers and network faxes, they will support the new address space. IPv6 has schemes to support old and new, however, so this may not even be a barrier. The last issue to consider is training: This will need to happen sooner or later because we all need to start thinking about 128-bit addressing based on MAC addresses in HEX. This involves all new ways of addressing and will be an uncomfortable change for many people.
This conclusion may seem negative, but the greater good will overpower all the up-front issues. The issue is not whether you will have to move to IPv6, but when! We all need IPv6; the increased address space is needed for the growth of IP appliances that we are starting to hear about weekly. IP-ready cars are already shipping today. This requires mobility, which is addressed in IPv6.
Of course, a number of very important features have not been discussed in this section, including QoS, mobile IP, autoconfiguration, and security. All these areas are extremely important, and until IPv6 is finished, you should keep referring to the IETF Web site for the most current information. Several new books on IPv6 also are starting to show up on bookstore shelves and should provide the deeper technical detail on address headers and full packet details.
Q - What is the main reason for IPv6 being developed?
A - The main issue surrounding IPv6 is addressing, or the lack of addressing. Many people believe that we are nearly out of the four billion addresses available in IPv4. IPv6 could be the solution to many problems, but IPv6 is still not fully developed and is not yet a standard.
Q - How many bits does the new expanded addressing provide?
A - The expanded addressing moves us from 32-bit address to a 128-bit addressing method.
Q - What other benefits does expanded addressing provide?
A - It provides newer unicast and addressing methods. Expanded addressing also injects hexadecimal into the IP address and moves from using . to using : as delimiters.
Q - What are the new addressing methods included in IPv6?
A - Unicast, multicast, and anycast.
Q - What is unicast?
A - Unicast is a communication between a single host and a single receiver.
Q - What is multicast?
A - Multicast is communication between a single host and multiple receivers.
Q - What is anycast?
A - Anycast is a communication between a single sender and a list of addresses.