Chapter 7
Loopback addresses
(127.0.0.0 /8 or 127.0.0.1 to 127.255.255.254) - More commonly identified as only 127.0.0.1, these are special addresses used by a host to direct traffic to itself.
Link-Local addresses
(169.254.0.0 /16 or 169.254.0.1 to 169.254.255.254) - More commonly known as the Automatic Private IP Addressing (APIPA) addresses, they are used by a Windows DHCP client to self-configure in the event that there are no DHCP servers available. Useful in a peer-to-peer connection.
TEST-NET addresses
(192.0.2.0/24 or 192.0.2.0 to 192.0.2.255) - These addresses are set aside for teaching and learning purposes and can be used in documentation and network examples.
the private address blocks are
10.0.0.0 /8 or 10.0.0.0 to 10.255.255.255 172.16.0.0 /12 or 172.16.0.0 to 172.31.255.255 192.168.0.0 /16 or 192.168.0.0 to 192.168.255.255
An EUI-64 Interface ID is represented in binary and is made up of three parts:
24-bit OUI from the client MAC address, but the 7th bit (the Universally/Locally (U/L) bit) is reversed. This means that if the 7th bit is a 0, it becomes a 1, and vice versa. The inserted 16-bit value FFFE (in hexadecimal). 24-bit Device Identifier from the client MAC address.
Global unicast IPv6
A global unicast address is similar to a public IPv4 address. These are globally unique, Internet routable addresses. Global unicast addresses can be configured statically or assigned dynamically.
Solicited-Node IPv6 Multicast Addresses
A solicited-node multicast address is similar to the all-nodes multicast address. The advantage of a solicited-node multicast address is that it is mapped to a special Ethernet multicast address. This allows the Ethernet NIC to filter the frame by examining the destination MAC address without sending it to the IPv6 process to see if the device is the intended target of the IPv6 packet.
Address Resolution
Address resolution is used when a device on the LAN knows the IPv6 unicast address of a destination but does not know its Ethernet MAC address. To determine the MAC address for the destination, the device will send an NS message to the solicited node address. The message will include the known (targeted) IPv6 address. The device that has the targeted IPv6 address will respond with an NA message containing its Ethernet MAC address. Figure 2 shows two PCs exchanging NS and NA messages.
Host Confirmation
An ICMP Echo Message can be used to determine if a host is operational. The local host sends an ICMP Echo Request to a host. If the host is available, the destination host responds with an Echo Reply. In the figure, click the Play button to see an animation of the ICMP Echo Request/Echo Reply. This use of the ICMP Echo messages is the basis of the ping utility.
Time Exceeded
An ICMPv4 Time Exceeded message is used by a router to indicate that a packet cannot be forwarded because the Time to Live (TTL) field of the packet was decremented to 0. If a router receives a packet and decrements the TTL field in the IPv4 packet to zero, it discards the packet and sends a Time Exceeded message to the source host. ICMPv6 also sends a Time Exceeded message if the router cannot forward an IPv6 packet because the packet has expired. IPv6 does not have a TTL field; it uses the hop limit field to determine if the packet has expired.
Anycast IPv6
An IPv6 anycast address is any IPv6 unicast address that can be assigned to multiple devices. A packet sent to an anycast address is routed to the nearest device having that address
IPv6 Link-Local Unicast Addresses
An IPv6 link-local address enables a device to communicate with other IPv6-enabled devices on the same link and only on that link (subnet). Packets with a source or destination link-local address cannot be routed beyond the link from which the packet originated.
Multicast IPv6
An IPv6 multicast address is used to send a single IPv6 packet to multiple destinations.
Unicast IPv6
An IPv6 unicast address uniquely identifies an interface on an IPv6-enabled device. As shown in the figure, a source IPv6 address must be a unicast address.
Unique local
Another type of unicast address is the unique local unicast address. IPv6 unique local addresses have some similarity to RFC 1918 private addresses for IPv4, but there are significant differences. Unique local addresses are used for local addressing within a site or between a limited number of sites. These addresses should not be routable in the global IPv6 and should not be translated to a global IPv6 address. Unique local addresses are in the range of FC00::/7 to FDFF::/7.
Assigned Multicast
Assigned multicast addresses are reserved multicast addresses for predefined groups of devices. An assigned multicast address is a single address used to reach a group of devices running a common protocol or service. Assigned multicast addresses are used in context with specific protocols such as DHCPv6.
Broadcast Transmission
Broadcast may be directed or limited. A directed broadcast is sent to all hosts on a specific network. For example, a host on the 172.16.4.0/24 network sends a packet to 172.16.4.255. A limited broadcast is sent to 255.255.255.255. By default, routers do not forward broadcasts.
CIDR
Classless Inter-Domain Routing (CIDR, pronounced "cider"). In 1993, the IETF created a new set of standards that allowed service providers to allocate IPv4 addresses on any address bit boundary (prefix length) instead of only by a class A, B, or C address. This was to help delay the depletion and eventual exhaustion of IPv4 addresses.
Randomly Generated Interface IDs
Depending upon the operating system, a device may use a randomly generated Interface ID instead of using the MAC address and the EUI-64 process. For example, beginning with Windows Vista, Windows uses a randomly generated Interface ID instead of one created with EUI-64. Windows XP and previous Windows operating systems used EUI-64. After the Interface ID is established, either through the EUI-64 process or through random generation, it can be combined with an IPv6 prefix in the RA message to create a global unicast address,
Class A (0.0.0.0/8 to 127.0.0.0/8)
Designed to support extremely large networks with more than 16 million host addresses. It used a fixed /8 prefix with the first octet to indicate the network address and the remaining three octets for host addresses. All class A addresses required that the most significant bit of the high-order octet be a zero creating a total of 128 possible class A networks.
Class C (192.0.0.0 /24 - 223.255.255.0 /24)
Designed to support small networks with a maximum of 254 hosts. It used a fixed /24 prefix with the first three octets to indicate the network and the remaining octet for the host addresses. The most significant three bits of the high-order octet must be 110 creating over 2 million possible networks.
Class B (128.0.0.0 /16 - 191.255.0.0 /16)
Designed to support the needs of moderate to large size networks with up to approximately 65,000 host addresses. It used a fixed /16 prefix with the two high-order octets to indicate the network address and the remaining two octets for host addresses. The most significant two bits of the high-order octet must be 10 creating over 16,000 networks.
The migration techniques can be divided into three categories:
Dual Stack Tunneling Translation
A global unicast address has three parts:
Global routing prefix Subnet ID Interface ID
EUI-64 Process
IEEE defined the Extended Unique Identifier (EUI) or modified EUI-64 process. This process uses a client's 48-bit Ethernet MAC address, and inserts another 16 bits in the middle of the 48-bit MAC address to create a 64-bit Interface ID. Ethernet MAC addresses are usually represented in hexadecimal and are made up of two parts: Organizationally Unique Identifier (OUI) - The OUI is a 24-bit (6 hexadecimal digits) vendor code assigned by IEEE. Device Identifier - The device identifier is a unique 24-bit (6 hexadecimal digits) value within a common OUI.
Multicast Transmission
IPv4 has reserved the 224.0.0.0 to 239.255.255.255 addresses as a multicast range. The IPv4 multicast addresses 224.0.0.0 to 224.0.0.255 are reserved for multicasting on the local network only. These addresses are to be used for multicast groups on a local network. A router connected to the local network recognizes that these packets are addressed to a local network multicast group and never forwards them further.
Unicast Transmission
IPv4 unicast host addresses are in the address range of 0.0.0.0 to 223.255.255.255.
IPv6 Address Representation
IPv6 addresses are 128 bits in length and written as a string of hexadecimal values. Every 4 bits is represented by a single hexadecimal digit; for a total of 32 hexadecimal values
The Need for IPv6
IPv6 is designed to be the successor to IPv4. IPv6 has a larger 128-bit address space, providing for 340 undecillion addresses.
Assigned IPv6 Multicast Addresses
IPv6 multicast addresses are similar to IPv4 multicast addresses. Recall that a multicast address is used to send a single packet to one or more destinations (multicast group). IPv6 multicast addresses have the prefix FF00::/8. Note: Multicast addresses can only be destination addresses and not source addresses. There are two types of IPv6 multicast addresses: Assigned multicast Solicited node multicast
Link-local IPv6
Link-local addresses are used to communicate with other devices on the same local link. With IPv6, the term link refers to a subnet. Link-local addresses are confined to a single link. Their uniqueness must only be confirmed on that link because they are not routable beyond the link. In other words, routers will not forward packets with a link-local source or destination address.
IPv6 Router Configuration
Most IPv6 configuration and verification commands in the Cisco IOS are similar to their IPv4 counterparts. In many cases, the only difference is the use of ipv6 in place of ip within the commands. The command to configure an IPv6 global unicast address on an interface is ipv6 address ipv6-address/prefix-length. Notice that there is not a space between ipv6-address and prefix-length.
Translation
Network Address Translation 64 (NAT64) allows IPv6-enabled devices to communicate with IPv4-enabled devices using a translation technique similar to NAT for IPv4. An IPv6 packet is translated to an IPv4 packet and vice versa.
The ICMPv6 RA message is a suggestion to a device on how to obtain an IPv6 global unicast address. The ultimate decision is up to the device's operating system. The ICMPv6 RA message includes:
Network prefix and prefix length - Tells the device which network it belongs to. Default gateway address - This is an IPv6 link-local address, the source IPv6 address of the RA message. DNS addresses and domain name - Addresses of DNS servers and a domain name.
Private addresses are defined in _______________
RFC 1918.
RA Option 3: Stateful DHCPv6
Stateful DHCPv6 is similar to DHCP for IPv4. A device can automatically receive its addressing information including a global unicast address, prefix length, and the addresses of DNS servers using the services of a stateful DHCPv6 server. With this option the RA message suggests devices use: The router's link-local address, the RA's source IPv6 address for the default gateway address. A stateful DHCPv6 server to obtain a global unicast address, DNS server address, domain name and all other information. A stateful DHCPv6 server allocates and maintains a list of which device receives which IPv6 address. DHCP for IPv4 is stateful.
There are two ways in which a device can obtain an IPv6 global unicast address automatically:
Stateless Address Autoconfiguration (SLAAC) Stateful DHCPv6
Dynamic Configuration - SLAAC
Stateless Address Autoconfiguration (SLAAC) is a method that allows a device to obtain its prefix, prefix length, default gateway address, and other information from an IPv6 router without the use of a DHCPv6 server. Using SLAAC, devices rely on the local router's ICMPv6 Router Advertisement (RA) messages to obtain the necessary information.
The EUI-64 process Steps
Step 1: Divide the MAC address between the OUI and device identifier. Step 2: Insert the hexadecimal value FFFE, which in binary is: 1111 1111 1111 1110. Step 3: Convert the first 2 hexadecimal values of the OUI to binary and flip the U/L bit (bit 7). In this example, the 0 in bit 7 is changed to a 1.
Interface ID
The IPv6 Interface ID is equivalent to the host portion of an IPv4 address. The term Interface ID is used because a single host may have multiple interfaces, each having one or more IPv6 addresses. It is highly recommended that in most cases /64 subnets should be used.
Subnet ID
The Subnet ID is used by an organization to identify subnets within its site. The larger the subnet ID, the more subnets available.
ANDing
The actual process used to identify the network portion and host portion.
Rule 1 - Omit Leading 0s
The first rule to help reduce the notation of IPv6 addresses is to omit any leading 0s (zeros) in any 16-bit section or hextet. For example: 01AB can be represented as 1AB 09F0 can be represented as 9F0 0A00 can be represented as A00 00AB can be represented as AB This rule only applies to leading 0s, NOT to trailing 0s, otherwise the address would be ambiguous. For example, the hextet "ABC" could be either "0ABC" or "ABC0", but these do not represent the same value.
Global Routing Prefix
The global routing prefix is the prefix, or network, portion of the address that is assigned by the provider, such as an ISP, to a customer or site. Typically, RIRs assign a /48 global routing prefix to customers. This can include everyone from enterprise business networks to individual households. The structure of a global unicast address using a /48 global routing prefix. /48 prefixes are the most common global routing prefixes assigned and will be used in most of the examples throughout this course. The size of the global routing prefix determines the size of the subnet ID.
ICMPv6 Router Solicitation and Router Advertisement Messages
The informational and error messages found in ICMPv6 are very similar to the control and error messages implemented by ICMPv4. However, ICMPv6 has new features and improved functionality not found in ICMPv4. ICMPv6 messages are encapsulated in IPv6. ICMPv6 includes four new protocols as part of the Neighbor Discovery Protocol (ND or NDP). Messaging between an IPv6 router and an IPv6 device: Router Solicitation (RS) message Router Advertisement (RA) message Messaging between IPv6 devices: Neighbor Solicitation (NS) message Neighbor Advertisement (NA) message Note: ICMPv6 ND also includes the redirect message, which has a similar function to the redirect message used in ICMPv4.
Rule 2 - Omit All 0 Segments
The second rule to help reduce the notation of IPv6 addresses is that a double colon (::) can replace any single, contiguous string of one or more 16-bit segments (hextets) consisting of all 0s. The double colon (::) can only be used once within an address, otherwise there would be more than one possible resulting address. When used with the omitting leading 0s technique, the notation of IPv6 address can often be greatly reduced. This is commonly known as the compressed format.
ICMPv4 and ICMPv6
The types of ICMP messages and the reasons why they are sent, are extensive. We will discuss some of the more common messages. ICMP messages common to both ICMPv4 and ICMPv6 include: Host confirmation Destination or Service Unreachable Time exceeded Route redirection
FF02::2 All-routers multicast group
This is a multicast group that all IPv6 routers join. A router becomes a member of this group when it is enabled as an IPv6 router with the ipv6 unicast-routing global configuration command. A packet sent to this group is received and processed by all IPv6 routers on the link or network.
FF02::1 All-nodes multicast group
This is a multicast group that all IPv6-enabled devices join. A packet sent to this group is received and processed by all IPv6 interfaces on the link or network. This has the same effect as a broadcast address in IPv4. The figure shows an example of communication using the all-nodes multicast address. An IPv6 router sends Internet Control Message Protocol version 6 (ICMPv6) RA messages to the all-node multicast group. The RA message informs all IPv6-enabled devices on the network about addressing information, such as the prefix, prefix length, and default gateway.
IPv4 TTL and IPv6 Hop Limit
Traceroute makes use of a function of the TTL field in IPv4 and the Hop Limit field in IPv6 in the Layer 3 headers, along with the ICMP time exceeded message. Play the animation in the figure to see how Traceroute takes advantage of TTL. The first sequence of messages sent from traceroute will have a TTL field value of 1. This causes the TTL to time out the IPv4 packet at the first router. This router then responds with an ICMPv4 message. Traceroute now has the address of the first hop. Traceroute then progressively increments the TTL field (2, 3, 4...) for each sequence of messages. This provides the trace with the address of each hop as the packets timeout further down the path. The TTL field continues to be increased until the destination is reached, or it is incremented to a predefined maximum. After the final destination is reached, the host responds with either an ICMP port unreachable message or an ICMP echo reply message instead of the ICMP time exceeded message.
Round Trip Time (RTT)
Using traceroute provides round trip time for each hop along the path and indicates if a hop fails to respond. The round trip time is the time a packet takes to reach the remote host and for the response from the host to return. An asterisk (*) is used to indicate a lost or unreplied packet. This information can be used to locate a problematic router in the path. If the display shows high response times or data losses from a particular hop, this is an indication that the resources of the router or its connections may be stressed.
Duplicate Address Detection
When a device is assigned a global unicast or link-local unicast address, it is recommended that DAD is performed on the address to ensure that it is unique. To check the uniqueness of an address, the device will send an NS message with its own IPv6 address as the targeted IPv6 address, shown in Figure 3. If another device on the network has this address, it will respond with an NA message. This NA message will notify the sending device that the address is in use. If a corresponding NA message is not returned within a certain period of time, the unicast address is unique and acceptable for use. Note: DAD is not required, but RFC 4861 recommends that DAD is performed on unicast addresses.
Destination or Service Unreachable
When a host or gateway receives a packet that it cannot deliver, it can use an ICMP Destination Unreachable message to notify the source that the destination or service is unreachable. The message will include a code that indicates why the packet could not be delivered. Some of the Destination Unreachable codes for ICMPv4 are: 0 - Net unreachable 1 - Host unreachable 2 - Protocol unreachable 3 - Port unreachable Note: ICMPv6 has similar but slightly different codes for Destination Unreachable messages.
Class D multicast block
consisting of 224.0.0.0 to 239.0.0.0 and a Class E experimental address block consisting of 240.0.0.0 - 255.0.0.0.
Dual Stack
dual stack allows IPv4 and IPv6 to coexist on the same network segment. Dual stack devices run both IPv4 and IPv6 protocol stacks simultaneously.
Experimental Addresses
in the block 240.0.0.0 to 255.255.255.254 that are reserved for future use (RFC 3330).
RA Option 2: SLAAC and Stateless DHCPv6
ith this option, the RA message suggests devices use: SLAAC to create its own IPv6 global unicast address. The router's link-local address, the RA's source IPv6 address for the default gateway address. A stateless DHCPv6 server to obtain other information such as a DNS server address and a domain name. A stateless DHCPv6 server distributes DNS server addresses and domain names. It does not allocate global unicast addresses.
Preferred Format
the preferred format for writing an IPv6 address is x:x:x:x:x:x:x:x, with each "x" consisting of four hexadecimal values. When referring to 8 bits of an IPv4 address we use the term octet. In IPv6, a hextet is the unofficial term used to refer to a segment of 16 bits or four hexadecimal values. Each "x" is a single hextet, 16 bits or four hexadecimal digits.
Unicast Transmission Process
the unicast address applied to an end device is referred to as the host address. For unicast communication, the addresses assigned to the two end devices are used as the source and destination IPv4 addresses. During the encapsulation process, the source host uses its IPv4 address as the source address and the IPv4 address of the destination host as the destination address. Regardless of whether the destination specified a packet as a unicast, broadcast or multicast; the source address of any packet is always the unicast address of the originating host.
Tunneling
tunneling is a method of transporting an IPv6 packet over an IPv4 network. The IPv6 packet is encapsulated inside an IPv4 packet, similar to other types of data.
