Fiction Ipv6 Essentials 3rd Edition Pdf


Wednesday, May 8, 2019

IPv6 Essentials Silvia Hagen - Selection from IPv6 Essentials, 3rd Edition [Book]. IPv6 Essentials 3rd Edition. IPv. Free Books Download PDF / Free Books Online / Free eBook Download PDF / Free Ipv6 Deployment And Management Book. If your organization is gearing up for IPv6, this in-depth book provides the practical information and guidance you need to plan for, design, and.

Language:English, Spanish, Dutch
Genre:Science & Research
Published (Last):25.06.2016
ePub File Size:29.45 MB
PDF File Size:13.54 MB
Distribution:Free* [*Regsitration Required]
Uploaded by: ELVIS

For example: “IPv6 Essentials, Second Edition, by The third bit of the Options Type field specifies whether the option information can change en route (value. This PDF has been edited and contains Media, Inc. IPv6 Essentials, Third Edition, the image of a rigatella snail, and related trade dress are. Short Desciption: This books is Free to download. "IPv6 Essentials 3rd Edition book" is available in PDF Formate. Learn from this free book and enhance your.

GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together. If nothing happens, download GitHub Desktop and try again. If nothing happens, download Xcode and try again. If nothing happens, download the GitHub extension for Visual Studio and try again. Skip to content.

International Edition. IPv6 Essentials. IPv6 Network Administration. IPv6 Essentials but wait for the 3rd edition coming out in July. Computer Networking: Android Essentials 3rd edition. Updated to cover Wireshark 2. NET Framework Essentials 3rd test. Start a career in networking. Cisco Networking Essentials, 2nd Edition provides the latest for those beginning a career in networking. This book provides the.

Hagen, IPv6 Essentials, 2nd. Beasley and Piyasat Nilkaew. It was originally designed and implemented for IPv6 but was later backported and made fully-compatible.. Jul 11 posted in book. Basics and Volume 1: Richard Stevens. Essential Techniques 3rd. Sedgewick, Robert. Addison Wesley. Algorithms in Java, Parts. IPV6 Essentials. In , she was Penthouse Pet of the Year in the Czech edition of the magazine. Apache The Definitive Guide 3rd test. Essential System Administration 3rd test. Scott Empson: Books Essentials for any Cisco professional!

This hands-on class will teach you the basics of Linux V6, a powerful open-source operating system. This class is one in a series of training classes to prepare. Why should.

As with previous editions, Todd and the editors have worked hard to ensure that the study. Internet Protocol Version 6 IPv6. Their terrific contributions are still evident in the third edition.

I would like to thank. See below for more information. It is important to understand that an IPv6 node can have an address based on the interface identifier, but this is not a requirement. As an alternative, the IPv6 device can have an address like the ones currently used with IPv4, either static and manually configured or dynamically assigned by a DHCP server. This interface ID can also change over time. It is sometimes also called a temporary address. The temporary address is then used for outgoing communications and the EUI based address for server functions and incoming connections.

But a host running a browser or an FTP client does not need to have the same address every time it connects to the Internet. This way, they use DHCPv6 to manage their address space but prevent anyone from topology mapping their network or tracking their nodes. With the address architecture in IPv6, you can choose between two types of addresses: Temporary transient IP addresses Assigned using a random number that changes in regular intervals and can be used in place of the stable interface identifier.

While the temporary privacy addresses provide some security by complicating the task of eavesdroppers and other information collectors e. As a result, some organizations disabled the use of temporary addresses even at the expense of reduced privacy. This method then applies to all prefixes a host may use, such as link-local, global, or unique-local.

As mentioned before, concerns have been raised that embedding hardware information in an IPv6 address creates security and privacy risks. Special Addresses There are a number of special addresses that we need to discuss. The first part of the IPv6 address space with the prefix of is reserved.

Out of this prefix, special addresses have been defined as follows: The unspecified address The unspecified address has a value of 0: It is comparable to 0. If you apply the notation conventions discussed earlier in this chapter, the unspecified address can also be abbreviated as It should never be statically or dynamically assigned to an interface, and it should not appear as a Destination IP address or within an IPv6 Routing header.

It is sometimes used in configuration files for software to tell a program to use any IPv6 address configured on an interface. The loopback address The IPv4 loopback address, It is helpful in troubleshooting and testing the IP stack because it can be used to send a packet to the protocol stack without sending it out on the subnet. With IPv6, the loopback address works the same way and is represented as 0: It should never be statically or dynamically assigned to an interface.

IPv6 Addressing The next sections describe different types of addresses that have been specified to be used with different transition mechanisms, which can be used in the migration to IPv6. These virtual interfaces are commonly called pseudo-interfaces. A description of the transition mechanisms can be found in Chapter 7. Both are described in RFC IPv6 nodes that use this technique are assigned a special IPv6 unicast address that carries an IPv4 address in the low-order 32 bits.

This address type has so far rarely been used and was deprecated in RFC An IPv6 node can use this address to send a packet to an IPv4-only node.

The address also carries the IPv4 address in the low-order 32 bits of the address. Figure shows the format of both these addresses. The only difference is the 16 bits in the middle.

I describe 6to4 in Chapter 7, and it is specified in RFC The 6to4 TLA identifier is 0x The address format is shown in Figure Format of the 6to4 address The prefix has a total length of 48 bits. The IPv4 address in the prefix must be a public IPv4 address and is represented in hexadecimal notation.

For instance, if you configure an interface for 6to4 with an IPv4 address of Through this interface, all IPv6 hosts on this link can tunnel their packets over the IPv4 infrastructure. The 6to4 specification was written when the global unicast address format according to RFC was current, so it uses the old terms and formats format prefix, TLA, SLA.

The address format is based on 6to4 and shown in Figure Format of the 6rd address 30 Chapter 2: The prefix has a total length of 64 bits and is divided into the ISP prefix and the site IPv4 address. As the figure shows, these two parts are of variable length. In most cases this is not recommended. Even home sites will need multiple subnets in the future. The important point here is to assign prefixes to home users that allow them to have multiple subnets.

Refer to Chapter 9 for a description of regional Registry policies and home networks. It is designed for dual-stack nodes that are separated by an IPv4-only infrastructure. It treats the IPv4 network as one large link- layer network and allows those dual-stack nodes to automatically tunnel between each other using any format of IPv4 address.

Within the first 16 bits, a type identifier shows whether the IPv4 address is from the private range or a globally unique address The next eight bits contain a type identifier to indicate that this is an IPv6 address with an embedded IPv4 address. The type identifier is 0xFE. Assume we have a host with an IPv4 address of Alternatively, you can use the hexadecimal representation for the IPv4 address, in which case the address is written The link-local address for this host is fe Teredo is specified in RFC Current Internet statistics show that this is not the case.

You can refer to the Google statistics to see how the red line representing 6to4 and Teredo traffic declined to almost zero. A Teredo address has the format shown in Figure Format of the Teredo address The prefix has a length of 32 bits. The server IPv4 address field has a length of 32 bits and contains the IPv4 address of a Teredo server. The flags field has 16 bits and specifies the type of address and NAT in use.

IPv6 Addressing address of the client. The corresponding private key can then be used to sign messages sent from this address. This prevents attackers from taking over an IPv6 address and can be used in environments where no PKI Public Key infrastructure is present. The original IPv6 specification allocated two separate address spaces scopes for link- and site-local use, both identified by their prefixes.

The prefix for site-local addresses was fec The site-local address has been deprecated in RFC Too many potential problems arose in the application of this address. A link-local address is for use on a single link and should never be routed. You can connect your computers using a wireless network or a cross cable between your Ethernet interfaces, and you can share files without any special configuration by using the link-local address.

It is specified in RFC These addresses are globally unique but should not be routed to the global Internet. They are designed to be used within corporate sites or confined sets of networks. The characteristics of unique local IPv6 unicast addresses are the following: Address formats for link- and site-local use In hexadecimal notation, a link-local address is identified by the prefix fe The 8th bit is currently set to 1 and specifies local administration of the prefix.

Setting the 8th bit to 0 may be used in the future for centrally administrated addresses. For the moment, it was decided to standardize only a locally assigned version.

The centrally assigned form may be defined in the future if a strong need is identified. In the meantime, you can use the Sixxs unofficial registration site and find out. You will also find other cool IPv6 information and tools there. IPv6 Addressing So for locally administered addresses, we currently have a hexadecimal prefix of fd It is followed by the 40 bits for the global ID, which is randomly created to ensure a high probability of uniqueness; 16 bits used for subnet ID; and 64 bits for the interface identifier.

You may still find the deprecated site-local address with the prefix fec This algorithm includes values such as time, hardware identifiers, and other system-specific values, among others. This is to ensure that your prefix is going to be unique and there should be no ULA collision when merging your network with any other ULA network. As mentioned previously, these local addresses should not be routed to the Internet.

Border routers should be configured to filter these prefixes. Local addresses should not appear in global DNS servers. They can be used on your internal, private DNS server. Link-local addresses fe Find a discussion about whether and when to use ULAs in Chapter 9.

Anycast Address Anycast addresses are designed to provide redundancy and load balancing in situations where multiple hosts or routers provide the same service. The RFC allots a special prefix for anycast, which would make an anycast address recognizable as such based on the prefix. In practice, anycast has not been implemented as it was designed to be.

Often a method called shared unicast address is chosen. This method is implemented by assigning a regular unicast address to multiple interfaces and creating multiple entries in the routing table. In this case, the network and transport layer assume that it is a globally unique IP address.

If it is not, the mechanism to deal with ambiguous addresses needs to be built into the application. As this procedure does not require any support from the network layer, it can also be used with IPv6.

From the beginning, the IPv6 developers considered anycast to be incorporated in the network layer according to RFC No special prefix was assigned. Within the region where the interfaces containing the same anycast addresses are, each host must be advertised as a separate entry in the routing tables.

Within one network where a group of routers can provide access to a common routing domain, they can be assigned a single address.

When a client sends a packet to this address, it will be forwarded to the next available router. One example is the 6to4 relay anycast address that is specified in RFC and described in Chapter 7.

Understanding IPv6 3rd Edition Book

The Mobile IPv6 specification also uses anycast addresses. When using anycast addresses, we have to be aware that the sender has no control over which interface the packet will be delivered to. This decision is taken on the level of the routing protocol. When a sender sends multiple packets to an anycast address, the packets may arrive at different destinations due to routing table instability or changes during the requests.

If there is a series of requests and replies or if the packet has to be fragmented, this may cause problems. The subnet-router anycast address, which is defined in RFC and shown in Figure , is a required anycast address. Format of the subnet-router anycast address Basically, the address looks like a regular unicast address with a prefix specifying the subnet and an identifier set to all zeros.

A packet sent to this address will be delivered to one router on that subnet. All routers are required to support the subnet-router anycast address for subnets to which they have interfaces. A reserved subnet anycast address can have one of two formats, as shown in Figure IPv6 Addressing Figure General format of anycast addresses RFC specifies that within each subnet, the highest interface identifier values are reserved for assignment as subnet anycast addresses.

Currently, the anycast IDs listed in Table have been reserved. Reserved anycast IDs Decimal Hexadecimal Description 7F Reserved 7E Mobile IPv6 Home-Agents anycast 0— 00—7D Reserved The main difference between this form of using anycast and the shared unicast address is that in the latter, the application needs to support anycast, while in the former, this support is avoided if possible.

Guidelines of how to use this and modifications to existing stateful transport protocols are needed. Multicast Address This section covers the multicast address format. For a general overview and summary of multicast topics, refer to Chapter 5. A multicast address is an identifier for a group of nodes identified by the high-order byte ff, or in binary notation refer to Table earlier in the chapter.

The Multicast Address 37 multicast prefix is ff A node can belong to more than one multicast group. When a packet is sent to a multicast address, all members of the multicast group process the packet. Multicast exists in IPv4, but it has been redefined and improved for IPv6. The multicast address format is shown in Figure Format of the multicast address The first byte identifies the address as a multicast address.

The next four bits are used for Flags, defined as follows: A Rendezvous Point is a point of distribution for a specific multicast stream in a multicast network RFC The third bit indicates whether this multicast address embeds prefix information discussed later in this chapter; see also RFC The last bit of the Flag field indicates whether this address is permanently assigned— i. A value of zero for the last bit defines a well-known address; a value of one indicates a temporary address.

The Scope field is used to limit the scope of a multicast address. The possible values are shown in Table IPv6 Addressing Value Description E Global scope F Reserved The boundaries of zones of a scope other than interface-local, link-local, and global must be defined and configured by network administrators.

The reserved scopes should not be used. Some assignments are made for fixed scopes, and some assignments are valid over all scopes. Table gives an overview of the addresses that have been assigned for fixed scopes. Note the scope values that are listed in Table in the byte just following the multicast identifier of ff first byte. Well-known multicast addresses Address Description Interface-local scope ff XXXX Solicited-node address ff All those addresses are noted beginning with ff0X; X is the placeholder for a variable scope value.

The IPv4 broadcast address is replaced by the link-local all-nodes multicast address ff Find the most updated list of multicast address assignments here: The multicast group ID is 0x This group ID can be used with different scope values as follows: IPv6 Addressing ff Temporarily assigned multicast addresses are meaningful only within a defined scope. Multicast addresses should not be used as a Source address in IPv6 packets or appear in any routing header.

Solicited-Node Multicast Address The solicited-node multicast address is a multicast address that every node must join for every unicast and anycast address it is assigned. It is used in Neighbor Discovery, which is described in Chapter 4. RFC specifies the solicited-node multicast address. In the IPv6 world, resolving the MAC address of an interface is done by sending a Neighbor Solicitation message discussed in Chapter 4 to the solicited-node multicast address, and not to the link-local all-nodes multicast address.

This way only the node registered to this multicast address will examine the packet. This address is formed by taking the low-order 24 bits of an IPv6 address the last part of the host ID and appending those bits to the well-known prefix ff Thus, the range for solicited-node multicast addresses goes from ff For example, our host Marvin has the IPv6 address fe The corresponding solicited-node multicast address is ff If this host has other IPv6 unicast or anycast addresses, each one will have a corresponding solicited- node multicast address for which the host must be registering.

The following four bytes correspond to the last four bytes of the IPv6 multicast address. Figure shows how a multicast address is mapped to a MAC address. The mapping for other media types is specified in separate RFCs. You can find more information about other media types in Chapter 5 or by searching the RFC database.

It is based on a modified multicast address format that contains prefix information. The goal of this specification is to reduce the number of protocols needed for the allocation of multicast addresses.

Figure shows the format of the extended multicast address. Format of the extended multicast address 42 Chapter 2: IPv6 Addressing In the original specification, the Flags field only uses the last bit T to specify whether the multicast address is a well-known or temporary one.

The extended format shown here uses the second last bit P to indicate whether the multicast address assignment is based on the network prefix value 1 or not value 0. A P setting of 1 indicates that it is a multicast address following the extended format. The use of the scope field has not changed. If the P flag is set to 1, the eight bits following the Scope field are reserved and set to 0. The next eight bits PLen specify the length of the prefix in the prefix field.

If the prefix length is smaller than 64 bits, the unused bits in the prefix field should be set to 0. The group ID uses 32 bits. Note that when P is set to 1 extended multicast address , the T flag should also be set to 1 temporary multicast address. Multicast Listener Discovery is used for multicast management.

MLDv2 supports source-specific multicast. For an overview of source-specific multicast, refer to RFC In the traditional multicast model called any-source multicast ASM , a multicast listener cannot control the source of the data it wants to receive. With source-specific multicast SSM , an interface can register for a multicast group and specify the source s for the data. For a source-specific multicast address, the T and the P flag are set to 1.

Prefix length and network prefix are both set to 0. This leads to a multicast prefix of ff3x: The source address in the IPv6 header identifies the owner of the multicast address. All SSM addresses have the format ff3X:: The extension allows for the use of interface identifiers to allocate link-local scoped multicast addresses. In this multicast address, the flags field is set to binary ; the Scope field is set to 2 for link-local scope; the pLen field is set to ff all ones in binary ; and the 64 bits of the network ID field are used for the interface identifier.

It is designed for environments in which link-local scope multicast addresses are used. Multicast Address 43 Required Addresses The standard specifies that each host must assign the following addresses to identify itself: The addresses may differ in scope link-local, global or state preferred, deprecated ; they may be part of mobility home-address, care-of-address or multihoming situation; or they may be permanent public addresses or virtual tunnel interfaces. Dual-stack hosts have IPv6 and IPv4 addresses.

The result is that IPv6 implementations that need to initiate a connection are often faced with a choice between multiple Source and Destination addresses. Imagine a situation where a client issues a DNS request for an external service and receives a global IPv6 and a public IPv4 address back.

If this client has a private IPv4 address and a global IPv6 address, it might make sense to use IPv6 to access this external service. But if the client has a tunneled IPv6 address and a public IPv4 address, it should choose the IPv4 address for connecting to the service.

These are types of situations and choices that will have to be dealt with in the future world of mixed networks, some IPv4- only, some IPv6-only, and some dual-stack. The way this is dealt with depends on the implementations. Application developers have to be aware of this and try to provide 44 Chapter 2: IPv6 Addressing mechanisms that will make their applications behave optimally in every possible environment.

The algorithms specify default behavior for IPv6 nodes. The algorithms do not override choices made by applications, upper- layer protocols, or other policies. The RFC contains a policy table that, similar to a routing table, is a longest-matching-prefix lookup table.

The precedence is used for sorting Destination addresses; the label value is used to define policies that associate a specific Source address to a given Destination address. The rules in RFC are to be used in all situations when nothing else is specified. Default Address Selection 45 Now that you are familiar with the extended address space and the IPv6 address types, the next chapter discusses the IPv6 header and the Extension headers. References The following are lists of the most important RFCs and drafts mentioned in this chapter.

Sometimes I include additional subject-related RFCs for your personal further study. To locate the latest version of a draft, refer to https: You can enter the draft name without a version number and the most current version will come up.

If a draft does not show up, it was possibly deleted. It also discusses Extension headers, which are new in IPv6. Understanding the structure of a protocol header and the type of information that comes with it is the best foundation for working with a protocol. This understanding helps you to identify how the protocol can best be configured and what the options are.

It also helps you to identify possible sources of problems and issues when troubleshooting. The header has a fixed length of 40 bytes. The two fields for Source and Destination addresses each use 16 bytes bits , so there are only 8 bytes for general header information. The base IPv6 header is therefore much simpler and leaner than the IPv4 header, allowing for more efficient processing and, as we will see, more flexibility in extending the protocol to meet future needs.

In IPv4, the minimum header length is 20 bytes, but if options are added, it can be extended in 4-byte increments up to 60 bytes.

Therefore, with IPv4, the information 49 about the total length of the header is important. The Identification, Flags, and Fragment Offset fields are the fields that are used for the fragmentation of a packet in the IPv4 header. Fragmentation happens if a large packet has to be sent over a network that supports only smaller packet sizes.

In that case, the IPv4 router splits the packet into smaller slices and forwards multiple packets. The destination host collects the packets and reassembles them.

If only one packet is missing or has an error, the whole transmission has to be redone; this is very inefficient. If a sending IPv6 host wants to fragment a packet, it will use an Extension header to do so.

IPv6 routers along the path of a packet do not provide fragmentation as they did with IPv4. This is the reason that the Identification, Flags, and Fragment Offset fields were removed from the IPv6 header and will be inserted in an Extension header by the source host if needed. I explain Extension headers later in this chapter. The Header Checksum field was removed to improve processing speed. If routers do not have to check and update checksums, processing becomes much faster.

Today, the risk for undetected errors and misrouted packets is minimal. Since IP is a best-effort delivery protocol, it is the responsibility of upper layer protocols to ensure integrity. IPv6 has a different mechanism to handle preferences. A Flow Label field was added. Figure provides an overview of the IPv6 header. The fields are discussed in detail in the following list. Fields in the IPv6 header Figure shows that even though the header has a total size of 40 bytes, which is twice as long as a default IPv4 header, it has actually been streamlined because most of the header is taken up by the two byte IPv6 addresses.

That leaves only 8 bytes for other header information. Version 4 bits This 4-bit field contains the version of the protocol. In the case of IPv6, the number is 6. Version number 5 could not be used because it was already assigned to the experimental stream protocol RFC It facilitates the handling of real-time data and any other data that requires special handling, and sending nodes and forwarding routers can use it to identify and distinguish between different classes or priorities of IPv6 packets.

Flow label 20 bits This field distinguishes packets that require the same treatment in order to facilitate the handling of real-time traffic. A sending host can label sequences of packets with a set of options. The flow label and address of the source node uniquely identify the flow. All packets belonging to the same flow must have the same Source and Destination IP address.

The use of the Flow Label field is experimental and is currently still under discussion at the IETF at the time of writing. Payload length 2 bytes This field specifies the payload—i. The calculation in IPv6 is different from the one in IPv4. IPv6 has a Jumbogram Option, which supports bigger packet sizes if needed. But if Extension headers are used with IPv6, this field contains the type of the next Extension header.

Extension headers are located 52 Chapter 3: Table lists possible values in the Next Header field. The new IPv6-related headers are bold.

Go to http: Originally, the IPv4 TTL field contained a number of seconds, indicating how long a packet can remain in the network before being destroyed. In fact, IPv4 routers simply decrement this value by one at each hop.

This field has been renamed to Hop Limit in IPv6 to reflect the purpose. The value in this field expresses a number of hops. Every forwarding node decrements the number by one. Source address 16 bytes This field contains the IP address of the originator of the packet.

Destination address 16 bytes This field contains the IP address of the intended recipient of the packet. Figure shows the IPv6 header in the trace file.

The IPv6 header in a trace file This trace file shows all of the header fields discussed and how they can be presented in a trace file. The Version field is set to 6 for IPv6. The Hop Limit is set to , and the Source and Destination addresses contain the link-local addresses of my IPv6 nodes.

The first line in the detail window shows Ethertype 0x86DD. This value indicates that this is an IPv6 packet. For IPv4, the value would be 0x This field can be used to set an analyzer filter for all native IPv6 packets. Analyzer tools can decode packets in different ways. The difference is not in the packet, but in the way the packet is presented in the analyzer interface. This capacity has rarely been used because it causes a performance hit. For example, IPv4 hardware forwarding implementations have to pass the packet containing options to the main processor software handling.

The simpler a packet header, the faster the processing is. IPv6 has a new way to deal with options that has substantially improved processing: Extension headers are inserted into a packet only if the options are needed.

And in most cases, the Extension headers are only processed by the final destination, not by intermediate devices. The current IPv6 specification defines six Extension headers, which must be supported by all IPv6 nodes: Extension headers are placed between the IPv6 header and the upper-layer protocol header. Each Extension header is identified by the Next Header field in the preceding header.

If the address in the Destination address field Extension Headers 55 is a multicast address, the Extension headers are examined and processed by all the nodes belonging to that multicast group.

Extension headers must be strictly processed in the order in which they appear in the packet header. It is indicated by the value 0 in the Next Header field of the IPv6 header see Table earlier in this chapter. The first four Extension headers are described in RFC This architecture is very flexible for developing additional Extension headers for future uses as needed.

New Extension headers can be defined and used without changing the IPv6 header. Figure shows how Extension headers are used. If a node is required to process the next header but cannot identify the value in the Next Header field, it is required to discard the packet and send an ICMPv6 Parameter Problem message back to the source of the packet.

If more than one Extension header is used in a single packet, the following header order should be used RFC IPv6 header 2.

Hop-by-Hop Options header 3.

Destination Options header for options to be processed by the first destination that appears in the IPv6 Destination address field, plus subsequent destinations listed in the Routing header 4. Routing header 5. Fragment header 6. Authentication header 7. Encapsulating Security Payload header 8. Upper-Layer header RFC leaves some space for interpretation. Although this is the recommended order, IPv6 nodes must attempt to process Extension headers in any order.

Hop-by-Hop Options Header The Hop-by-Hop Options header carries optional information that must be examined by every node along the path of the packet. It must immediately follow the IPv6 header and is indicated by a Next Header value of 0.

With IPv4, the only way for a router to determine whether it needs to examine a datagram is to at least partially parse upper-layer data in all datagrams. This process slows down the routing process substantially. With IPv6, in the absence of a Hop-by- Hop Options header, a router knows that it does not need to process router-specific Extension Headers 57 information and can route the packet immediately to the final destination.

If there is a Hop-by-Hop Options header, the router needs only to examine this header and does not have to look further into the packet.

The format of the Hop-by-Hop Options header is shown in Figure Format of the Hop-by-Hop Options header The following list describes each field: The Next Header field uses the values listed in Table , shown earlier in this chapter. The length calculation does not include the first eight bytes.

So if the header is shorter than eight bytes, this field contains the value 0. Options variable size There can be one or more options.

The length of the options is variable and is determined in the Header Extension Length field. The Option Type field, the first byte of the Options fields, contains information about how this option must be treated in case the processing node does not recognize the option. The value of the first two bits specifies the actions to be taken: Skip and continue processing. Discard the packet. The Structure of the IPv6 Protocol The third bit of the Options Type field specifies whether the option information can change en route value 1 or does not change en route value 0.

The IPv6 Payload Length field supports a maximum packet size of 65, bytes. The Option Type value of indicates the Jumbo Payload option. The Jumbo Payload Length field has 32 bits and therefore supports the transmission of packets that are between 65, and 4,,, bytes. All devices on the path of a Jumbogram must support the option. Option Router Alert This Option Type indicates to the router that the packet contains important information to be processed when forwarding the packet.

These control packets use a Hop-by-Hop Options header, so only routers process the packet. The first three bits of the Option Type field are set to 0. In the remaining five bits of the first byte, the option type 5 is specified. The Option Data Length field contains the value 2, which indicates that the following value field has a length of two bytes refer to Figure The list of Router Alert values can be found at the following link: Figure show the Hop-by-Hop Options header in the trace file.

Extension Headers 59 Figure The Hop-by-Hop Options header in a trace file The screenshot shows the details of packet number The Routing header is identified by a Next Header value of 43 in the preceding header. Figure shows the format of the Routing header. Format of the Routing header 60 Chapter 3: Next Header 1 byte The Next Header field identifies the type of header that follows the Routing header.

Extension Header Length 1 byte This field identifies the length of the Routing header in 8-byte units. The length calculation does not include the first 8 bytes. Routing Type 1 byte This field identifies the type of Routing header.

Find the links to these drafts in the draft section at the end of this chapter. Whether this specification is going to see the light of day you may know by the time you read these lines.

Segments Left 1 byte This field identifies how many nodes are left to be visited before the packet reaches its final destination. The complete header is always a multiple of 8 bytes.

If a node processing a Routing header cannot identify a Routing Type value, the action taken depends on the content of the Segments Left field. If a forwarding node cannot process the packet because the next link MTU size is too small, it discards the packet and sends an ICMP Packet Too Big message back to the source of the packet.

Figure shows the Type 2 Routing header in a trace file. Extension Headers 61 Figure Routing header Type 2 in a trace file To show the Type 2 Routing header we must take a Mobile IPv6 trace, the specification that defines this type of Routing header. The Routing header contains the fields discussed earlier in this section.

Next Header is a Mobility header indicated by a Next Header value of in the routing header. The Header Length contains two 8-byte units, which add up to a total length of 16 bytes one address. The Segments Left field contains the value 1 because there is one address entry in the Options field. Finally, the Options field lists the Home Address option with the home address.

Refer to Chapter 8 to find out how the Routing header is used for Mobility. If the packet to be sent is larger than the supported MTU, the source host fragments the packet. Unlike in IPv4, with IPv6 a router along the path does not fragment packets. Fragmentation occurs only at the source host sending the packet. The destination host 62 Chapter 3: The Structure of the IPv6 Protocol handles reassembly. A Fragment header is identified by a Next Header value of 44 in the preceding header.

The format of the Fragment header is shown in Figure Format of the Fragment header The following list describes each field: Next Header 1 byte The Next Header field identifies the type of header that follows the Fragment header. It uses the same values as the IPv4 Protocol Type field. See Table Reserved 1 byte Not used; set to 0.

Fragment Offset 13 bits The offset in 8-byte units of the data in this packet relative to the start of the data in the original packet. Reserved 2 bits Not used; set to 0. M-Flag 1 bit Value 1 indicates more fragments; a value of 0 indicates the last fragment. Identification 4 Bytes Generated by the source host in order to identify all packets belonging to the original packet. This field is usually implemented as a counter, increasing by one for every packet that needs to be fragmented by the source host.

It is not necessary, because routers no longer fragment in IPv6. Only the source host can fragment a packet. The initial unfragmented packet is referred to as the original packet. The fragmentable part of the original packet consists of any Extension headers that need only to be processed by the final destination, plus the Upper-Layer headers and any data.

Figure RFC illustrates the fragmenting process. Fragmentation with IPv6 The unfragmentable part of the original packet appears in every fragment, followed by the Fragmentation header and then the fragmentable data.

The IPv6 header of the original packet has to be slightly modified. The Length field reflects the length of the fragment excluding the IPv6 header and not the length of the original packet. The destination node collects all the fragments and reassembles them. The fragments must have identical Source and Destination addresses and the same identification value in order to be reassembled.

If all fragments do not arrive at the destination within 60 seconds after the first fragment, the destination will discard all packets. Figure shows a Fragment header.

IPv6 Essentials 3rd ed (pdf)

Fragment header in a trace file The whole fragment set consists of two packets, the first of which is shown in Figure In the IPv6 header, the Payload Length field has a value of 1,, which is the length of the fragmentation header and this one fragment, not the length of the whole original packet.

The Next Header field specifies the value 44, which is the value for the Fragment header. The first field in the Fragment header is the Next Header field. Because this is a ping, it contains the value 58 for ICMPv6. And because this is the first packet in the fragment set, the value in the Offset field is 0 and the M-Flag is set to 1, which means there are more fragments to come. The Identification field is set to 1 and has to be identical in all packets belonging to this fragment set.

Figure shows the second packet of the fragment set. The last packet in the fragment set The second and last packet of this fragment set has an Offset value of 0x00b5, which translates to in decimal notation, the length of the first fragment. The M-Flag is set to 0, which indicates that it is the last packet and tells the receiving host that it is time to reassemble the fragments. The Identification field is set to 1 in both packets. Extension Headers 65 The specification in RFC allows for overlapping fragments, which creates a security issue.

A Next Header value of 60 identifies this type of header. As mentioned previously, the Destination Options header can appear twice in an IPv6 packet.

When inserted before a Routing header, it contains information to be processed by the routers listed in the Routing header. When inserted before the upper-layer protocol headers, it contains information for the final destination of the packet. Figure shows the format of the Destination Options header.

Format of the Destination Options header As you can see, the format is similar to the format of the Hop-by-Hop Options header. The following list describes each field: It uses the same values listed in Table , shown earlier in this chapter. The Options field is used in a similar way as with the Hop-by-Hop Options header, which I discussed earlier in this chapter.

You can find a detailed description of Mobile IPv6 in Chapter 8. Find the most current list of defined options for the Routing and the Destination Options header at http: Figure shows the Destination Options header in the trace file. This is a Binding Update message. Refer to Chapter 8 to find out how the Destination Options header is used for Mobility. New Extension Header Format With the exception of the Hop-by-Hop and Routing header, Extension headers are usually only processed by the final destination of a packet.

In practice there are devices on the path of a packet, such as routers and firewalls, which are capable of parsing past or ignoring Extension headers at wire speed. The new Extension header format The following list describes each field: Extension Header Length 1 byte This field identifies the length of the Extension header in 8-byte units. Options variable size The length of the options is variable and is determined in the Header Extension Length field.

The format of the basic Extension headers described in this chapter will not change. But if new Extension headers are defined in the future, they must follow this format.

This means that any device that deals with Extension headers, such as firewalls, must be 68 Chapter 3: The Structure of the IPv6 Protocol capable of properly processing the basic Extension headers, but also new Extension headers using the new format. Several rules are defined in RFC and summarized below: Only if that is not possible can a new Extension header be defined. The goal of this architecture was that new Extension headers can be introduced and only end nodes need to be updated.

This process would be transparent to forwarding nodes along the path of the packet. Practice has shown that this is not always applicable. Very often, if they do not recognize an Extension header, they simply drop the packet, which leads to connectivity failures.

Also the Hop-by-Hop Extension header is often not handled by high-speed routers or is processed on a slow path. The RFC says that there should be a policy on these devices to be individually configurable.

IPv6 Essentials, 3rd下载

The default configuration should allow all standard Extension headers. For firewalls, the RFC requires that, in particular, packets containing standard Extension headers are only to be discarded as a result of an intentionally configured policy. Another problem was that there was not one single place where all Extension headers can be found and the number may increase regularly as new specifications come out. So it is difficult for vendors to identify what Extension headers they have to support in their implementations.

With regard to the header chain which includes the IPv6 header, any Extension headers, plus the upper protocol header , note the following: In the IPv6 base specification there is no limit to the number of Extension headers in a packet. So it is possible that when a packet is fragmented, the header chain may span multiple fragments.

IPv6 Essentials 3rd Edition

References The following is a list of the most important RFCs and drafts mentioned in this chapter. It reports errors if packets cannot be processed properly and sends informational messages about the status of the network. For example, if a router cannot forward a packet because it is too large to be sent out on another network, it sends an ICMP message back to the originating host. The source host can use this ICMP message to determine a better packet size and then resend the data.

Neighbor Discovery ND is introduced; it uses ICMPv6 messages to determine link-layer addresses for neighbors attached to the same link, find routers, keep track of which neighbors are reachable, and detect changed link-layer addresses. New message types have been defined to allow for simpler renumbering of networks and updating of address information between hosts and routers.

The protocol is defined in RFC Neighbor Discovery is defined in RFC Tables and list ICMPv6 message types and numbers. Refer to Tables and for a detailed list. In order to calculate the checksum, a node must determine the Source and Destination address in the IPv6 header. There is a pseudoheader included in the checksum calculation, which is new with ICMPv6.

Message body variable size Depending on the type and code, the message body will hold different data. In the case of an error message, to assist in troubleshooting, it will contain as much as possible of the packet that invoked the message. Tables and provide an overview of the different message types, along with the additional code information, which depends on the message type.

There are two classes of ICMP messages: ICMP error message types are, therefore, in the range from 0 to ICMP informational messages Informational messages have a 1 in the high-order bit of their message Type field. ICMP informational message types are, therefore, in the range from to This value is different from the value for ICMPv4 which has the value 1. The values for the Next Header field are discussed in Chapter 3. The following message types are described in RFC Used for the ping command.

Used for multicast goup management. Used for Neighbor Discovery and Autoconfiguration. It is, therefore, set to zero. Therefore it is not a good idea to completely filter all ICMP messages at firewalls, as has been the practice in many IPv4 networks.

The following sections outline the structure of each type of ICMPv6 message. A Type field with the value 1 identifies this message. The format of the Destination Unreachable message is shown in Figure Format of the Destination Unreachable message The Type field is set to 1, which is the value for the Destination Unreachable message. The Code field supplies more information about the reason why the datagram was not delivered.

The possible codes are listed in Table This can happen only if the router does not have an entry for a default route. It might also be sent if a node is configured not to accept unauthenticated Echo Requests. If the destination is unreachable due to congestion, no ICMP message is generated.

A host that receives a Destination Unreachable message must inform the upper-layer process. In this case, the Code field is not used and is set to 0. The important information for this type of message is the MTU field, which contains the MTU size of the next hop link. RFC states that an ICMPv6 message should not be generated as a response to a packet with an IPv6 multicast Destination address, a link-layer multicast address, or a link-layer broadcast address.

The Packet Too Big message is an exception to this rule. A host that receives a Packet Too Big message must inform the upper-layer process. The hop limit makes sure that a packet does not endlessly travel through a network.

Figure shows the format of the Time Exceeded message. The Code field can be set to 0, which means the hop limit was exceeded in transit, or to 1, which means that the fragment reassembly time is exceeded. An incoming Time Exceeded message must be passed to the upper-layer process. Table shows the Code fields for the Time Exceeded message. Traceroute is helpful in determining the path that a packet takes when traveling through the network.

In order to do this, a first packet is sent out with a hop limit of 1. The source host now knows the address of the first hop router. Next, it sends out a second packet with a hop limit of 2.

This packet is forwarded by the first router, which decrements the hop limit to 1. The second router in the path decrements the hop limit to 0, discards the packet, and sends back an ICMP message type 3, code 0.

Now the source knows about the second router in the path. Raising the hop limit by one with every packet sent until the packet reaches the final destination continues this process. Every router in the path to the final destination sends an ICMP message back to the source host, thereby providing its IP address.

It is important to know that if there are redundant paths to the destination, traceroute does not necessarily show the same route for all tests because it might choose different paths. Parameter Problem If an IPv6 node cannot complete the processing of a packet because it has a problem identifying a field in the IPv6 header or in an Extension header, it must discard the packet, and it should send an ICMP Parameter Problem message back to the source of the problem packet. This type of message is often used when an error that does not fit into any of the other categories is encountered.

STACEY from Washington
I do love reading books calmly . Feel free to read my other articles. I enjoy collecting sports cards.