Do you understand these IPv6 issues?

[[348221]]

1. We are currently using IPv4 network. What do we need to do to deploy IPv6?

The current network is IPv4. It is neither necessary nor possible to upgrade all nodes to IPv6 at the same time. When deploying IPv6, you can gradually transition and try to use some technologies to make the network upgrade smoother. The commonly used technologies in the process of converting from IPv4 to IPv6 are:

(1) Dual stack technology: the device or terminal supports both IPv4 and IPv6 protocol stacks, so that the device can work normally in both IPv4 and IPv6 environments (all devices need to support dual stack)

(2) Tunnel: Solving the IPv6 "island" problem

<1> Manual tunnel: The end point of the tunnel needs to be manually specified

a. IPv6 over IPv4 manual tunnel

Directly encapsulate IPv6 packets in IPv4 packets. The border device must be a dual-stack device, and the intermediate IPv4 device processes it according to normal packet forwarding.

b. GRE tunnel

Encapsulate the IPv6 message in the GRE message and add the IPv4 header before the GRE

Compared with ipv6 over ipv4 tunnel, GRE has an additional 4-byte GRE header, and the overhead caused by encapsulation and decapsulation is relatively large.

<2> Automatic tunnel: can automatically obtain the IPv4 address of the tunnel endpoint

a. 6to4

Put the destination in the 2nd and 3rd blocks of the IPv6 address

The format of the tunnel address is: 2002:32bit ipv4 address::x/64

Write two static routes:

2002::/16 tunnel

The next hop of the target network: the tunnel port address of the target network (2002: ipv4 address:: x)

(3) NAT-PT: Enables mutual access between IPv6 hosts and IPv4 hosts

• NAT-PT mechanism of static mapping
• Dynamic mapping NAT-PT mechanism: address pool needs to be established
• NAPT-PT mechanism: When different IPv6 addresses are converted, they can correspond to the same IPv4 address, and the port number is used to distinguish different IPv6 hosts, so that multiple IPv6 hosts can share one IPv4 address to complete the conversion.

2. What are the advantages and disadvantages of stateless autoconfiguration and stateful autoconfiguration? What are the special addresses?

(1) Stateless automatic configuration

The IPv6 stateless address configuration method is currently the most widely used IPv6 address automatic configuration method. A host configured with this protocol only needs to enable the IPv6 routing announcement function on the adjacent device, and the local address can be automatically configured based on the prefix information contained in the announcement message.

In the stateless address configuration scheme, the device does not record the specific address information of the connected IPv6 host, which has poor manageability. In addition, the current stateless address configuration method cannot enable the IPv6 host to obtain the configuration information such as the IPv6 address of the DNS server, which has certain defects in usability.

(2) Stateful automatic configuration

Compared with other IPv6 address allocation methods (manual configuration, stateless automatic configuration of network prefixes in router advertisement messages, etc.), DHCPv6 has the following advantages:

• Better control over the allocation of IPv6 addresses. The DHCPv6 method can not only record the addresses allocated to IPv6 hosts, but also allocate specific addresses to specific IPv6 hosts for easier network management.
• DHCPv6 supports the allocation of IPv6 prefixes to network devices, facilitating automatic configuration of the entire network and hierarchical management of the network.
• In addition to assigning IPv6 addresses/prefixes to IPv6 hosts, you can also assign network configuration parameters such as DNS server IPv6 addresses

(3) Special address

<1> Unspecified address

0:0:0:0:0:0:0:0/128 or ::/128

Indicates that an interface or node has no IP address.

<2> Loopback address

0:0:0:0:0:0:0:1/128 or::1/128

It has the same function as 127.0.0.1 in IPv4 and is used to test whether the protocol stack is working properly.

3. What are the ways to configure IPv6 addresses?

(1) Manual configuration

(2) Stateless automatic configuration

The network prefix is ​​announced to this network segment through "router discovery". When the device receives the network prefix, it generates an IPv6 address based on the received network prefix and EUI-64.

IPv6 host stateless automatic configuration process:

• Generate a link-local address based on the interface identifier
• Send out neighbor solicitation for duplicate address detection
• If there is an address conflict, the automatic configuration will be stopped and manual configuration is required.
• If there is no conflict, the link-local address takes effect and the node has the ability to communicate on the local link.
• The host will send RS messages (or receive RA messages sent periodically by the device)
• Get the IPv6 address based on the prefix information and interface identifier in the RA message

(3) Stateful autoconfiguration (DHCPv6 multicast address: FF02::1:2)

This is usually achieved through DHCPv6, which is divided into two types: stateful autoconfiguration and stateless autoconfiguration:

a. DHCPv6 stateful automatic allocation

The four-step interactive address allocation process of DHCPv6 is as follows:

• The DHCPv6 client sends a Solicit message to request the DHCPv6 server to allocate an IPv6 address and network configuration parameters to it.
• If the Solicit message does not carry the Rapid Commit option, or if the Solicit message carries the Rapid Commit option but the server does not support the rapid allocation process, the DHCPv6 server replies with an Advertise message to inform the client of the address and network configuration parameters that can be allocated to it.
• If the DHCPv6 client receives Advertise messages from multiple servers, it selects a server with the highest priority based on parameters such as the server priority in the Advertise message and sends a Request multicast message to all servers. The message carries the DUID of the selected DHCPv6 server.
• The DHCPv6 server replies with a Reply message, confirming that the address and network configuration parameters are allocated to the client.

b. DHCPv6 stateless automatic allocation

The DHCPv6 stateless working process is as follows:

• The DHCPv6 client sends an Information-Request message to the DHCPv6 server in multicast mode. The message carries the Option Request option, which specifies the configuration parameters that the DHCPv6 client needs to obtain from the DHCPv6 server.
• After receiving the Information-Request message, the DHCPv6 server allocates network configuration parameters to the DHCPv6 client and unicasts a Reply message to return the network configuration parameters to the DHCPv6 client. The DHCPv6 client completes the DHCPv6 client stateless configuration based on the parameters provided in the Reply message.

4. What is EUI-64?

(1) The IEEE EUI-64 specification is the process of converting the MAC address of an interface into an IPv6 interface identifier. The first 24 bits of the MAC address are the manufacturer identifier, and the last 24 bits are the extended identifier. The upper 7 bits are 0, indicating that the MAC address is locally unique. The first step of the conversion is to insert FFFE between the manufacturer identifier and the extended identifier of the MAC address, and the second step is to change the upper 7 bits of 0 to 1 to indicate that this interface identifier is globally unique. This method of generating an IPv6 address interface identifier from a MAC address can reduce the configuration workload, especially when stateless address automatic configuration is used. Only an IPv6 prefix needs to be obtained to form an IPv6 address with the interface identifier. However, the biggest disadvantage of using this method is that anyone can deduce the third-layer IPv6 address from the second-layer MAC address.

(2) The serial interface will borrow the MAC address of the Ethernet interface

5. How is the link-local address generated? What is its function? Compared with IPv4, explain its importance

(1) A link-local address is a type of address with limited application scope in IPv6 and can only be used between nodes connected to the same local link. It uses a specific link-local prefix FE80::/10 (the highest 10 bits are 1111111010) and adds the interface identifier to the lower 64 bits of the address.

(2) When a node starts the IPv6 protocol stack, each interface of the node will automatically configure a link-local address (the interface identifier formed by its fixed prefix + EUI-64 rule). This mechanism allows two IPv6 nodes connected to the same link to communicate without any configuration. Therefore, link-local addresses are widely used in applications such as neighbor discovery and stateless address configuration.

(3) Function:

• For local link communication
• Used for router discovery (stateless autoconfiguration)
• Neighbors used to establish the protocol
• The next hop for the route entry

6. What fields are there in the IPv6 header? Which one indicates the priority?

Basic header 40 bytes:

• version (4 bits): version
• Traffic class (8 bits): Traffic classification, which has the same function as the tos field in the ipv4 header
• Flow label (20 bits): flow label. If the flow labels of two packets are the same, it means they are the same data flow.
• Payload length (16 bits): Payload length. Payload refers to the other parts of the datagram that follow the IPv6 header (i.e., the extension header and the upper-layer protocol data unit).
• Next header (8 bits): Next header. This field defines the type of the first extension header (if any) following the IPv6 header, or the protocol type in the upper layer protocol data unit.
• Hop limit (8 bits): similar to ipv4's ttl
• source address (128 bits): source address
• destination address (128 bits): destination address

Traffic class indicates the priority.

7. IPv6 mobility?

Divided into 3 stages

• Proxy Discovery
• Registration Phase
• Tunnel establishment

8. Can IPv4 develop stateless auto-configuration?

Stateless autoconfiguration is to announce the network prefix of the network segment through a certain (RA) message. After receiving the network prefix, the client calculates the host number (interface ID) according to a specific algorithm. This is completely achievable in ipv4, but problems may often occur because the address space of ipv4 is very small. After the network prefix is ​​allocated, the host number calculated by the host may conflict, and there may be a large number of address conflicts in the network:

• Anycast addresses and unicast addresses use the same address space
• The anycast address must be specified during configuration to distinguish between unicast and anycast addresses.
• Anycast addresses cannot be used as multicast sources because after receiving an IP message, the router does not know whether the address is unicast or anycast.
• Subnet anycast address: The host is all 0s. When the host accesses this anycast address, it will access the router closest to the host in this subnet.