sybex ccna 640-802 chapter 13: ipv6. chapter 13 objectives the ccna topics covered in this chapter...
TRANSCRIPT
Sybex CCNA 640-802 Chapter 13: IPv6
Chapter 13 ObjectivesThe CCNA Topics Covered in this chapter include:• What is IPv6?• Why do we need IPv6?• IPv6 Addressing• Address types• Special Addresses• Autoconfiguration• Configuring IPv6• Tunneling
2
What is IPv6? (and why is it good?)
People refer to IPv6 as “the next-generation Internet protocol,” and it was originally created as the answer to IPv4’s inevitable, looming address-exhaustion crisis.
Though you’ve probably heard a thing or two about IPv6 already, it has been improved even further in the quest to bring us the flexibility, efficiency, capability, and optimized functionality that can truly meet our ever-increasing needs.
[One benefit of using NAT, CIDR and private addressing is that they have given us time to tweak IPv.6 so that we now have a much-improved version of what originally a protocol with compatibility a performance issues. Now that we have IPv6, however, NAT should just go away, or to paraphrase the Philadelphia sports fans, “Go NAT, and take PAT with you!]
3
What is IPv6? (continued)
• Why does NAT suck? First because it’s a chokepoint on a network, through which every packet must pass and be altered. This is a lot of overhead and it slows down the network. Second, it’s a security nightmare. It complicates every service on your network and forces them all to install kluges, hacks and workarounds.
• Another IPv6 benefit is the form of the IP header (next page). The required items are moved to the front of the header and all the options are put into an extension header (next page). The IPv4 header is something of a jumble (below) with 10 fields and a number of flags.
TTL
source address
destination address
options (variable)
version length
offsetident
0 8 16 31
hdr len TOS
flags
checksumprotocol
pad (variable)
What is IPv6? (continued)
options (variable number, usually fixed length)
version flow label
hop limitpayload length
0 8 16 31
priority
next header
source address 4 words
destination address 4 words
• The IPv6 header has only six fields and no flags.
• This is one example of an extension header.
next header offset
ident
0 8 16 31
reserved reserved M
What is IPv6? (continued)
next header # of addresses
strict/loose routing bitmap
0 8 16 31
0 next address
1 – 24 addresses
next header type
value
0 8 16 31
length
next header 194
Payload length in bytes
0 8 16 31
0 0
• Three other examples of extension headers.
7
IPsec Architecture with IPv.6
Tunnel Mode
Router Router
Transport Mode
• With NAT, your end-to-end connection ended at the router; but with IPv6, NAT goes away because you no longer need to translate from public to private addresses and vice-versa. So, the tunnel can now go from one end device all the way to the other. What IPSec has always called “transport mode”.
Why do we need IPv6?• Because we need to communicate, and our current system isn’t
really cutting it anymore—kind of like how the Pony Express can’t compete with airmail. Just look at how much time and effort we’ve invested in coming up with slick new ways to conserve bandwidth and IP addresses.
• The amount of people and devices that connect to networks increases each and every day.
• With more addresses in existence every day, we need to organize them better. The structure of the IPv6 address allows them to be easily placed into a hierarchy and to be aggregated more efficiently. With IPv4 this was handled by using CIDR and by supernetting addresses. With IPv6 everything you need to place an address into a routing table is contained in the address itself – no need to borrow bits or to treat the address as something different just for the purpose of creating a routing table. 8
IPv6 Addressing
9
IPv6 addresses are 128 bits
• IPv.6 gives us 3.4 x 10^38 addresses, or 340,000,000,000,000,000,000,000,000,000,000,000,000 – more or less.
• For those of you keeping track, this is either 340 undecillion (the American version), or 340 sextillion (British version), or a s***load (my first impression).
Shortened Expression
10
You can actually leave out parts of the address to abbreviate it, but to get away with doing that you have to follow a couple of rules.
•First, you can drop any leading zeros in each of the individual blocks.•After you do that, the sample address from earlier would then look like this:
2001:db8:3c4d:12:0:0:1234:56ab
Okay, that’s a definite improvement—at least we don’t have to write all of those extra zeros! But what about whole blocks that don’t have anything in them except zeros? Well, we can kind of lose those too—at least some of them. Again referring to our sample address, we can:
•remove the two blocks of zeros by replacing them with double colons, like this:
2001:db8:3c4d:12::1234:56ab(Each number separated by double colon represents 2 bytes, 4 Hex chars.)
Address Types• Unicast: 1-1• Global Unicast• Link-local: private address
– This is the equivalent of our 10.x.x.x or 192.168.x.x addresses. Their “scope” is “local”. One step up from this are Site-local addresses: They have a broader scope than link-local (they have one extra bit) and are intended to cover an entire “site”, or a company, for example. These have been largely replaced, however, by “Unique Local” addresses, below, because of confusion over what made up a “Site”.
• Unique Local: globally unique (the IETF allocated a block of addresses as a non-routable subnet for use as private addresses. Not exactly like IPv4 addresses, they can be seen by other routers, but only a very small chance that they might overlap. A Registry exists to ensure no overlap.
• Multicast: 1-many• Anycast: 1-one of many
11
Special Addresses
12
0:0:0:0:0:0:0:0 Equals ::. This is the equivalent of IPv4’s 0.0.0.0, and is typically the source address of a host when you’re using stateful configuration.
0:0:0:0:0:0:0:1 Loopback testEquals ::1. The equivalent of 127.0.0.1 in IPv4.
0:0:0:0:0:0:192.168.100.1This is how an IPv4 address would be written in a mixed IPv6/IPv4 network environment.
2000::/3The global unicast address range. (Like any IPv4 address)
FC00::/7The unique local unicast range. (Like the IPv4 private addresses: 10.x.x.x, etc.)
FE80::/10The link-local unicast range. (Also meant for private addressing, but with the addition of being unique – imagine if you used the 192.168.x.x range for your company, and no other company used that range).
Special Addresses Cont.
13
FF00::/8The multicast range. (a one-to-many packet, just as with the 224 to 239 range in IPv4)
3FFF:FFFF::/32 Reserved for examples and documentation. (like Class E in IPv4)
2001:0DB8::/32 Also reserved for examples and documentation. (also like Class E in IPv4)
2002::/16Used with 6to4, which is the transition system—the structure that allows IPv6 packets to be transmitted over an IPv4 network without the need to configure explicit tunnels.
Autoconfiguration
14
RS: Router SolicitationRA: Router Advertisement
Autoconfiguration simplifies address assignment and network renumbering when you change your internet connection.
Stateless Address Autoconfiguration (from another PPt)
3 ways to configure network interfaces: Manually, Stateful, Stateless
IPSAA IPv6 addr. Separated into 2 2 parts: network and interface id.
Link- local addresses: prefix FE80::0 + interface identifier (EUI-64 format)
Obtain network id through Router solicitation (RS)
Configuring IPv6
16
In order to enable IPv6 on a router, you have to use the ipv6 unicast-routing global configuration command:
Corp(config)#ipv6 unicast-routingIPv6 isn’t enabled by default on any interfaces either, so we have
to go to each interface individually and enable it. You use the interface configuration command
ipv6 address <ipv6prefix>/<prefix-length> [eui-64] to get this done.
Here’s an example:Corp(config-if)#ipv6 address
2001:db8:3c4d:1:0260.d6FF.FE73.1987/64
You can specify the entire 128-bit global IPv6 address or you can use the eui-64 option. Remember, the eui-64 format allows the device to use its MAC address and pad it to make the interface ID.
Corp(config-if)#ipv6 address 2001:db8:3c4d:1::/64 eui-64
Tunneling 6to4
17