IPV6 basic theory and tunnel access 1

IPV6 basic theory and tunnel access



IPV6 basic theory and tunnel access 1. Foreword Internet After nearly 20 years of development, the existing IPv4 protocol faces some difficult issues, such as land Address space depletion, routing table explosion. At the same time IP applications, extensions to the IP also made new demands, such as the Internet On the multi-media information dissemination, mobile user's network access, etc., all have opened up a new IP-research space. Internet Engineering Task Force (IETF) developed out of the new IPv6 protocol, not only to solve an old version of the problem, but also To the IP brought some new features, allowing IP protocol address management, mobility, security and multimedia support are Have great flexibility. In this paper, Ipv6 basic concepts and principles to do the discussion. Meanwhile, many learners lack of support for Ipv6 Ipv6 network equipment, it is difficult to integrate theory with practical learning, this chapter focuses on some of the tunnel FREE Road server and how to use these resources will be PC to connect Ipv6 networks, access to the first step in Ipv6 practical experience. 2. Ipv6 basic knowledge of Following is a brief basic theory of IPV6. 2.1. What is the IPv6 protocol IPv6 protocol is IP protocol version 6, as a successor to IPv4 protocol designed a new version of IP co Proposal. IPv6 compared to IPv4 are mainly the following changes: Expanded addressing capabilities and address management Between IPv4 and IPv6 addresses the most obvious difference is the length, IPv6 will be IP address length from 32-bit extensions to the 128, to support more levels of address hierarchy, more addressable nodes, and simpler auto-configuration of addresses. Changed the allocation of IPv6 addresses from the ISP users have become owners, can effectively control the routing information to avoid Routing explosion phenomenon. IPv6 Address Auto-configuration provides a mechanism to automatically generate the address of the host. Address management Li program also includes address resolution (ARP) and the accessibility testing. Ipv6 cancel the broadcast package, defines a new address type called "Anycast Address" (anycast),



Contracted out to a group of nodes used to send any one; multicast address by adding a "scope" field to improve a number of Point to send routing scalability. IPV6 basic theory and tunnel access to Chapter 6 Connecting The IP World Simplified header format IPv6 header format to simplify the use of a fixed format header and reduce the need to examine and deal with the number of fields and Router processing requirements, thus improving the efficiency of routing. IPv4 header field, although there are some IPv6 is similar, but actually completely unchanged, only the version number. Because in the same transmission line must be Ensure that IPv4 and IPv6 compatibility. IPv6 retains the source and destination addresses, but will be extended from the 32bit For 128bit. The standard IPv4 header is variable length, the range of 20-60 bytes. IPv6 basic header for a fixed 40 Bytes. Extension header and options for improved support Some IPv4 header fields are removed or become an option to reduce the packet processing in the routine treatment and limit the consumption of IPv6 header consumes bandwidth. IPv6 in the option added in a separate extension header (including the sub-header and routing header). In this way, expansion of the first only in the source and destination addresses when necessary only need to check and deal with all the Intermediate nodes can be completely ignored in the expansion of sub-head, to improve the efficiency of packet routing, and provide the future introduction of new Options for greater flexibility. The ability to identify flow Adds a new capacity, making identification belonging to the sender requests special handling (such as non-default quality of service received "Real time" services) a particular traffic "flow" of packets is possible. In an increasingly wide range of multimedia applications today, the Internet provides multimedia support will be of great significance. Multimedia The general is characterized by the high bandwidth requirements, continuing a long time. To this end the introduction of the concept of simplifying Internet streaming multimedia processing. Flow is a particular source and destination of packets between the sequences, the source requests intermediate routers on these messages for special treatment. In general



, The router receives a packet stream, based on the stream identifier to check the router to save the context of the flow, convection in the Packets to do the same treatment accelerated packet processing speed. IPv6 was specifically designed to support consideration of convection. IP header format, there is a special 20bit flow label field. Host sends packets, if you need to transmit packets into the stream, simply fill in the corresponding tag in the stream flow numbers. Otherwise, fill in the Flow Label to zero on the inside as a general message processing. Routers receive the first packet stream when the stream ID For the indexing processing context, the follow-up stream packets are handled according to the context. IPv6 also defines a flow priority, each support different business needs. IPV6 basic theory and tunnel access to Chapter 7 Connecting The IP World Authentication and encryption capabilities IPv6 support is specified in authentication, data integrity and (optional) data confidentiality of the extensions. Safety Communication IPv6 packet sent two methods used to implement authentication and security (Authentication Header and Encapsulating Security Net Netherlands), which enables secure password transmission, encryption and digital signature of the packet. IPv6 defines the ISAP-OALEY Association Proposed, based on Diff-Hellman algorithm. The provisions of the first for certificate exchange, to confirm the authenticity of each other's address, And then proceed with the verification process of key exchange, key exchange is an intermediary to prevent the interception. The agreement also defines the corresponding hand Segment to allow consultations encryption parameters, as well as AH and ESP and usage. Mobility IPv6 for mobility provides the inherent support. Routers in the multicast router advertisement packet, the instructions that it is the Not able to act as a local agent. The same sub-net to allow multiple local agents exist, the mobile host can any one of the To agent registration. A local agent in the preservation of the inherent address of the mobile host and its care-of address (care of address) Comparison table, sent to the mobile host received packets, based on the comparison table to forward packets to the mobile host.



2.2. IPv6 header The new header structure of IPv6 over IPv4 is much simpler, IPv6 header of the IPv4 header removed many of infrequently With the domain, into the header which can be options and expansion; IPv6 options in the more stringent definition. IPv4 there are 10 Fixed-length field, two address space and a number of options, IPv6, only six domains and two address space. The length of the IPv4 header (header length), service type (type of service, TOS), S Identifier (identification), flag (flag), fragment offset (fragment offset) and the header checksum And (header checksum) the six domains are deleted. Packet length (total length), protocol type (protocol type) and survival time (time to live, TTL) 3 domains of the name or part of the function is changed, the options (options) Function was completely changed, the new increase of two domains, namely, priority and flow label. Here we briefly explain the content and the role of IPv6-header. In fact, IPv6 header is divided into two parts, First, the basic header, which will be followed later in some special options for Baotou, Baotou, we call it expansion. 1. Basic Header Let's look at the basic header structure. Participation in the table below. IPV6 basic theory and tunnel access to Page 8 Connecting The IP World ipv6 Header Format 4bit version The number 4bit Priority Class 24bit flow label Payload Length (16bit) Next Header (8bit) HOP limit (8bit) Source IP address (128bit) The purpose of IP address (128bit) Of which: Version (Version): said that the version of IP packet of information, namely, the sixth version of the



Priority (Priority): different data packets to provide different priority Traffic signs (Flow Label): different data packets have different symbol Data length (Payload Length): Record the length of the entire data packet size (not including IPv6, header) Next header (Next Header): a record of an extension header type that immediately after the basic header Is an extension header. IPv4 belonging to the Transport Layer of the TCP or UDP in IPv6 is also seen as a A special header Hop Limit (Hop Limit): After a transmission for each station, the value of the field is automatically subtract one, until the Value is zero, it will no longer transmit the data, hop limit is mainly used to avoid the erroneous data has been transmitted in the network, Cause infinite loop Starting address and destination address: the IPv4 is basically the same, but the median was extended to 128 bits. IPv6-section only by the source node and destination node, thus simplifying the header and reduce the road for the election Overhead. By-hop section is considered a harmful way. First of all, it will generate more end-to-sub-sub Segment. In addition, in transmission, a loss will result in all the sub-sub-retransmission. IPv6 can indeed, through its extension header To support the section. 2. Extension Header IPv6, in the same packet, it can be extended with different Baotou, to carry out different control. All Baotou has a certain order, in addition to the basic IPv6 header, the extension header followed by combination, extending between Baotou There are sequence, the following is a data package can contain all the extension header and the order: Station to Station option header (Hop-by-Hop Header) IPV6 basic theory and tunnel access to Page 9 Connecting The IP World Destination options header (Destination Option Header): When the destination options header needs of data transmission The process for each station have to be processed by Routing options Baotou (Routing Header) Segmentation options Baotou (Fragment Header) Card Options header (Authentication Header) Data Encryption option header (Encapsulating Security Payload Header) Destination options header (Destination Option Header): When the destination options header only requires data transmission



Lost during processing by the destination Upper layer protocol option header (Upper-Layer Header) Each of these extension header, in addition to the destination options header, the rest of the header in a packet can only Appear once. So processed, after an extended header, we can know whether an extension header to the next. 2.3. IPv6 address and said that the scheme There are three types of IPv6 addresses, unicast, multicast and anycast addresses. Unicast and multicast address and the address of a very kind Ipv4 Appears; but IPv6 is no longer supported Ipv4 in the broadcast address (IPv6 solution to this is to use an "all sections Point "multicast address instead of the situation which must use the radio, while those who had used the broadcast address field Together, then use some more limited multicast address), while the addition of a pan-multicast address. This section describes the IPv6 Addressing model, address type, address expressions, as well as address a special case. The IP address of an IPv6 address from the eight sections, each section contains 16 address bits to four hexadecimal digits Writing, between the sections and the sections separated by a colon. Ipv6 address the basic expression is X: X: X: X: X: X: X: X, where X Is a 4-bit hexadecimal integer (16 bits). Each figure includes four, each containing 4 integer numbers, each of Address including eight integers, a total of 128 (4 × 4 × 8 = 128). Please note that these integers are hexadecimal integer, the A to F in that the 10 to 15. Address each of the integer must be expressed, but the starting 0 need not be Said. This is a relatively standard IPv6 address expression, in addition to two other more clear and easy to use Way. Some IPv6 addresses may contain a long list of 0, when this happens, the standard permits the use of "gap" To indicate that a long list of 0. In other words, address 2000:0:0:0:0:0:0:1 can be expressed as: 2000:: 1 IPV6 basic theory and tunnel access to No. 10 Connecting The IP World The two colon indicates that the address can be extended to a full 128-bit addresses. In this method, only when the All 16 group is 0 only when replaced by two colons, and two colons in the address can only occur once. In a mixed IPv4 and IPv6 environment, there may be a third way. IPv6



address can be a minimum 32-bit Yu said the IPv4 address that can follow a mixed expression, that is, X: X: X: X: X: X: dddd, in which X represents a 16-bit integer, and d represents a 8-bit decimal integers. For example, address 0:0:0:0:0:0:10.0.0.1 Is a valid IPv4 address. The two possible means of expression together, the address can also be expressed As follows: :: 10.0.0.1 RFC2373 defines three kinds of IPv6 address types: Unicast, Anycast and Multicast. The following were introduced: 2.3.1. Unicast A single interface identifier. Sent to a unicast address of the packet will be sent to the address identifies the interface. In addition to A 128-bit address space, IPv6 also provides point to point communication designed a hierarchical structure with the address, this address Known to aggregate global unicast address (aggregatable global unicast address), its classification Structure divided as shown: IPv6 defined in RFC 2373 can be gathering global unicast address format At the beginning of three types of address bits is the address prefix used to distinguish between types of other addresses. The subsequent 13 TLA ID, 32-bit NLA ID, 16 Wei SLA ID and 64-bit host interface ID, were used to identify the hierarchical structure from the top to the bottom row of Column TLA (TopLevel Aggregator, top-polymers), NLA (Next Level Aggregator, under the Class polymer), SLA (Site Level Aggregator, location-class polymer) and the host interface. TLA with the long Passers-by service providers and telephone companies interconnected public network access points, it is from international organizations such as the Internet Registration IANA obtained addresses. NLA is usually a large ISP, it from the TLA Office to apply for addresses and the allocation of addresses for the SLA. SLA may also be known as the subscriber (subscriber), it can be an institution or a small ISP.SLA responsible for part of It is the allocation of addresses of subscribers. SLA is usually assigned by the successive addresses of its subscribers, the composition of the address block, so that these institutions can



To build their own hierarchical structure of the address to identify the different subnets. Hierarchical structure of the bottom level is the network host. IPV6 basic theory and tunnel access to Page 11 Connecting The IP World Address the special address and retention In the first 1 / 256 IPv6 address space, all the addresses of the first an 8-bit: 00 million be retained. Large Part of the empty address space for a special address: 1 - Unspecified Address: This is an "all 0" address, when there is no valid address, it can be used that address. For example, When a host from the network first started, it has not been an IPv6 address, you can use this address, that is When the issue of configuration information request, the source address in IPv6 packets fill that address. The address can be expressed as 0:0:0:0:0:0:0:0, as mentioned above can also be written as::. 2 - return address: In IPv4, the return address is defined as 127.0.0.1. No return address of the packet must be sent Through the protocol stack to the network interface, but does not send to the network links. Network Interface itself must accept these packages, like For example, the node received the same from the outside, and back to the protocol stack. Return function is used to test software and configuration. IPv6 In addition to the return address of the lowest things, are all 0, that is, the return address can be expressed as 0:0:0:0:0:0:0:1 or:: 1. 3 - embedded IPv4 addresses, IPv6 addresses: There are two types of addresses, a class to allow IPv6 nodes to access does not support IPv6 The IPv4 node, and the other to allow IPv6 router using the tunnel mode IPv6 in IPv4 packets sent over the network. Provides two types of IPv6 addresses with embedded IPv4 addresses specific. Address these two types of high-end 80 are 0, low-cost 32-bit with IPv4 addresses. When the middle of the 81-96 bit is set 0000, then direct that the address is IPv4-compatible addresses. When the middle of the 81-96 bits are set to FFFF, then direct that the IPv4 address, IPv6 address mapping. RFC 2373 definition of IPv6 addresses with embedded IPv4 addresses IPV6 basic theory and tunnel access to Page 12 Connecting The IP World IPv4-compatible address is the node for the tunnel through the IPv4 routers send IPv6 packets. These nodes only reason



Solution is further understood that IPv6.IPv4 mapping IPv4 addresses were used to access the IPv6 node, the node only supports IPv4. IPv4-compatible address is defined as 128-bit addresses, high-end 96-bit all to 0, while the final 32-bit with IPv4 Address. Can automatically tunnel IPv6 packets in IPv4 network means transmission of IPv4/IPv6 nodes will use these Address. Dual-stack node, then for IPv4 packets and IPv6 packets use the same address. Only support IPv4 nodes to pairs of Stack node sends packets, the use of dual stack node's IPv4 address; but only supports IPv6 nodes using dual stack node IPv6 addresses, IPv4 addresses will fill the original 0 became 128. In short, these nodes can be used as the router chain IPv6 access networks, using automatic tunneling through the IPv4 network approach. The router receives from a local IPv6 network IPv6 Package, these packets encapsulated in IPv4 packets, and then use the IPv4-compatible address to send to the IPv4 network the other side of the other A dual-stack router. So to continue, encapsulated packets through the IPv4 network group forward, until it reaches the other end of the tunnel The dual-stack router, the router on the IPv4 packet by the unpacking, releasing IPv6 packets and forwarded to the local IPv6 hosts. 4 - Link-local and site-local address Similar Ipv4 private addresses, Ipv6 also defines two types will not appear on the INTERNET private address: Link-local and site-local address: FE80:: / 64 FEC0:: / 48 RFC 2373 specified in the link local and site-local network address IPV6 basic theory and tunnel access to No. 13 Connecting The IP World 2.3.2. Anycast (Anycast) A set of interfaces (typically belonging to different nodes) identifier. Sent to an anycast address packets will be sent to the address Interface, one identity (based on routing protocols for the calculation of choices from the "recent" in one). In general, Anycast addresses, and unicast host address is no different. Anycast right to provide certain types of services particularly useful, especially for the client and the server does not require any special Given the relationship between some of the services, such as domain name servers and time server.'s Name server is a name server, not On the distance should have worked just as well. Similarly, a recent time server, from the accuracy of the run, be preferable. Thus, when a host in order to obtain information, a request to the



anycast address, the response should be the multicast address associated with the pan United's recent servers. The use of Anycast in DNS technology 2.3.3. Multicast A set of interfaces (typically belonging to different nodes) identifier. Sent to a multicast address of the packet will be sent to have the land Identify all interfaces on the site. IPv6 multicast address format is different from the IPv6 unicast address, using more stringent as shown in Figure 6-6 format. Multicast address is used only for the purpose of address, there is no data reported to the multicast address as the source address. Address format in the first 1 byte of all "1", marking it as multicast addresses. Multicast address accounting for IPv6 addresses Space, a full 1 / 256. Multicast address format, in addition to the first one byte beyond the rest, including the following three fields: Flag field: from 4 composed of a single-bit flag. Currently only specifies the first four, the bit is used to mean that the address is No agency designated by the Internet well-known multicast address, or a particular occasion to use the temporary multicast address. Such as the IPV6 basic theory and tunnel access to Page 14 Connecting The IP World Fruit of the flag is "0" indicates that the address is well-known address; if the bit is "1" indicates that the address is temporarily Site. The other three flag bits reserved for future use. Range of fields: Long 4, used to indicate the scope of multicast. That is, multicast group is only one local network, the same Site, the same institution in the node, or do they include any IPv6 global address space, the location of the node. The 4-bit The possible values from 0 to 15, see below:



RFC 2373 specified in the IPv6 multicast address format Group ID Field: length 112, used to identify the multicast group. According to the multicast address is temporary or a well-known to And address the scope of, the same identifier can be expressed in different multicast groups. A permanent multicast address with the specified given a special The meaning of the group identifier, group members will depend on the group identifier, but also depends on the scope.



All IPv6 multicast addresses start with FF that address the first one 8-bit for the whole "1." At present, because the signs The remaining bits is not defined, it addresses the first three hexadecimal digits if it is "0", then known address; if it is "1", then the temporary address. The first four hexadecimal digits range, which can be unallocated value or reserved