The past and present of IPv6 and the comparison with IPv4

IPv6 is the abbreviation of Internet Protocol Version 6, where Internet Protocol is translated as "Internet Protocol". IPv6 is the next-generation IP protocol designed by IETF (Internet Engineering Task Force) to replace the current version of IP protocol (IPv4), claiming that it can encode a URL for every grain of sand in the world.

[[252442]]

The biggest problem with IPv4 is the limited network address resources, which seriously restricts the application and development of the Internet. The use of IPv6 can not only solve the problem of the number of network address resources, but also solve the obstacles for various access devices to connect to the Internet.

Development History

By early 1992, some proposals on the Internet address system were put forward in the IETF (Internet Engineering Task Force) and formed a white paper at the end of 1992. In September 1993, the IETF established a temporary ad-hoc Next Generation IP (IPng) area to specifically address the next generation of IP. This new area was led by Allison Mankin and Scott Bradner, and its members consisted of 15 engineers from different work backgrounds. The IETF adopted the IPng model on July 25, 1994, and formed several IPng working groups.

Since 1996, a series of RFCs defining IPv6 have been published, the first version of which is RFC1883. Due to differences in IPv4 and IPv6 address formats, IPv4 and IPv6 will coexist on the Internet for a long time in the future. In a network where IPv4 and IPv6 coexist, if the end system has only IPv4 addresses or only IPv6 addresses, the two cannot communicate directly. In this case, communication can be achieved by relying on intermediate gateways or other transition mechanisms.

On January 22, 2003, IETF released the IPv6 test network, namely the 6bone network. It is an IPng project carried out by IETF to test IPv6 networks. The purpose of the project is to test how to migrate IPv4 networks to IPv6 networks. As a platform for testing IPv6 issues, the 6bone network includes functions such as protocol implementation and IPv4 to IPv6 migration. The 6bone operation is based on the allocation of IPv6 experimental addresses. It uses the IPv6 prefix of 3FFE::/16 to provide a test environment for the testing and pre-commercial deployment of IPv6 products and networks.

As of June 2009, 6bone network technology has supported 260 organizations in 39 countries. The 6bone network is designed to be a global hierarchical IPv6 network, similar to the actual Internet, which includes pseudo top-level transit providers, pseudo secondary transit providers, and pseudo site-level organizations. The pseudo top-level providers are responsible for connecting organizations around the world. Pseudo top-level providers communicate with each other through the IPv6 lBGP-4 extension. Pseudo secondary providers are also connected to pseudo regional top-level providers through BGP-4, and pseudo site-level organizations are connected to pseudo secondary providers. Pseudo site-level organizations can connect to their pseudo providers through default routing or BGP-4. 6bone originally started as a virtual network, which uses IPv6-over-IPv4 tunnel transition technology. Therefore, it is a network based on the IPv4 Internet that supports IPv6 transmission, and later gradually established pure IPv6 links.

[[252443]]

Schematic diagram of China's IPV6 backbone nodes

Since 2011, most operating systems used in personal computers and server systems have supported high-quality IPv6 configuration products. For example, Microsoft Windows has supported IPv6 since Windows 2000, and it has entered the product completion stage by Windows XP. Windows Vista and later versions, such as Windows 7 and Windows 8, have fully supported IPv6 and have made improvements to improve support. Mac OS X Panther (10.3), Linux 2.6, FreeBSD, and Solaris also have mature products that support IPv6. Some applications are based on IPv6, such as the BitTorrent point-to-point file transfer protocol, which avoids the common problem that IPv4 private networks using NAT cannot be used normally.

On June 6, 2012, the Internet Society held the World IPv6 Launch Day, on which the global IPv6 network was officially launched. Many well-known websites, such as Google, Facebook and Yahoo, began to permanently support IPv6 access at 0:00 GMT (8:00 Beijing time) on that day.

According to Hurricane Electronics statistics, as of September 2013, 283 of the 318 top-level domains on the Internet support IPv6 access to their DNS, accounting for about 89.0%, of which 276 domains contain IPv6 adhesion records, and a total of 5,138,365 domains have IPv6 address records in their respective domains.

On November 26, 2017, the General Office of the Communist Party of China Central Committee and the General Office of the State Council issued the "Action Plan for Promoting Large-Scale Deployment of Internet Protocol Version 6 (IPv6)".

In June 2018, the three major operators and Alibaba Cloud announced that they would provide IPv6 services to the public and plan to help China's Internet truly achieve "IPv6 Only" by 2025. In July, Baidu Cloud formulated China's IPv6 transformation plan. On August 3, the Ministry of Industry and Information Technology's Communications Department held a national teleconference on IPv6 large-scale deployment and special supervision in Beijing. China will promote the large-scale construction of IPv6 networks in stages and in an orderly manner to achieve the deep integration of the next generation of Internet in various fields of the economy and society.

Composition structure

Representation method

The address length of IPv6 is 128 bits, which is four times the length of IPv4 address. Therefore, the dotted decimal format of IPv4 is no longer applicable and hexadecimal representation is adopted. IPv6 has three representation methods.

1. Hexadecimal representation of the number of points

The format is X:X:X:X:X:X:X:X:X, where each X represents 16 bits in the address, expressed in hexadecimal, for example:

ABCD:EF01:2345:6789:ABCD:EF01:2345:6789

In this representation, the leading 0 of each X can be omitted, for example:

2001:0DB8:0000:0023:0008:0800:200C:417A→ 2001:DB8:0:23:8:800:200C:417A

2. 0-bit compression representation

In some cases, an IPv6 address may contain a long segment of zeros. You can compress the continuous segment of zeros into "::". However, to ensure the uniqueness of address resolution, "::" can only appear once in an address. For example:

FF01:0:0:0:0:0:0:1101 → FF01::1101

0:0:0:0:0:0:0:1 → ::1

0:0:0:0:0:0:0:0 → ::

3. Embedded IPv4 address representation

In order to achieve IPv4-IPv6 interoperability, the IPv4 address will be embedded in the IPv6 address. At this time, the address is often expressed as :X:X:X:X:X:X:dddd. The first 96b is expressed in dotted hexadecimal, and the last 32b of the address is expressed in IPv4 dotted decimal. For example, ::192.168.0.1 and ::FFFF:192.168.0.1 are two typical examples. Note that in the first 96b, the method of compressing 0 bits is still applicable.

Message Content

The overall structure of an IPv6 message consists of three parts: an IPv6 header, an extension header, and upper-layer protocol data. The IPv6 header is a mandatory message header with a fixed length of 40B, which contains the basic information of the message; the extension header is an optional header, which may exist 0, 1, or more. The IPv6 protocol implements a variety of rich functions through the extension header; the upper-layer protocol data is the upper-layer data carried by the IPv6 message, which may be an ICMPv6 message, a TCP message, a UDP message, or other possible messages.

The IPv6 message header structure is as follows:

Extension header: There is no longer an "option" field in the IPv6 message. Instead, the option function is implemented through the "next header" field in conjunction with the IPv6 extension header. When using an extension header, the type of the first extension header is indicated in the next header field of the IPv6 message, and then the extension header is read and processed according to the type. Each extension header also contains a next header field. If there are other extension headers, the type of the next extension header will continue to be indicated in this field, thereby achieving the purpose of adding multiple consecutive extension headers. In the next header field of the last extension header, the type of the upper layer protocol of the message is indicated for reading the upper layer protocol data.

Address Type

The IPv6 protocol mainly defines three types of addresses: unicast address, multicast address and anycast address. Compared with the original IPv4 address, the "anycast address" type is newly added, and the broadcast address in the original IPv4 address is cancelled, because the broadcast function in IPv6 is completed through multicast.

Unicast address: It is used to uniquely identify an interface, similar to the unicast address in IPv4. Data packets sent to a unicast address will be transmitted to an interface identified by this address.

Multicast address: used to identify a group of interfaces (usually this group of interfaces belongs to different nodes), similar to the multicast address in IPv4. Data packets sent to the multicast address are transmitted to all interfaces identified by this address.

Anycast address: used to identify a group of interfaces (usually this group of interfaces belongs to different nodes). Data packets sent to the anycast address are transmitted to the interface closest to the source node (measured according to the routing protocol used) in the group of interfaces identified by this address.

The IPv6 address type is determined by the address prefix. The correspondence between the main address types and address prefixes is as follows:

Unicast Address

IPv6 unicast addresses, like IPv4 unicast addresses, identify only one interface. To accommodate load balancing systems, RFC3513 allows multiple interfaces to use the same address, as long as these interfaces appear as a single interface of IPv6 implemented on the host. There are four types of unicast addresses: global unicast addresses, local unicast addresses, compatibility addresses, and special addresses.

1. Global unicast address: Equivalent to the public network address in IPv4, it can be globally routed and accessed on the IPv6 Internet. This address type allows the aggregation of routing prefixes, thereby limiting the number of global routing table entries.

2. Local unicast address:

Both link-local addresses and unique local addresses are local unicast addresses. In IPv6, local unicast addresses refer to unicast addresses used by the local network, which are also LAN-specific addresses in IPv4 addresses. Each interface must have at least one link-local unicast address, and any type (unicast, anycast, and multicast) or range of IPv6 addresses can also be assigned.

(1) Link-local address (FE80::/64): It is used only for a single link (the link layer cannot cross VLANs) and cannot be routed between different subnets. Nodes use link-local addresses to communicate with adjacent nodes on the same link. For example, on a single-link IPv6 network without a router, a host uses a link-local address to communicate with other hosts on the link.

(2) Unique local address (FC00::/7): The unique local address is locally global and is used for local communications but is not routed through the Internet, limiting its scope to the boundaries of the organization.

(3) Site-local address (FEC0::/10, replaced by unique local address in the new standard): equivalent to the LAN-specific address in IPv4, which can only be used in the local LAN. For example, a private Intranet that does not have a direct routing connection to the IPv6 Internet can use a site-local address that will not conflict with the global address. The site-local address can be used in conjunction with the global unicast address, that is, the site-local address and the global unicast address can be configured on one interface at the same time. However, data packets using the site-local address as the source or destination address will not be forwarded to other sites outside the local site (equivalent to a private network).

3. Compatibility address: The IPv6 conversion mechanism also includes a technology that dynamically transmits IPv6 packets through an IPv4 routing interface in a tunneling manner. Such an IPv6 node will be assigned an IPv6 global unicast address with a global IPv4 unicast address in the lower 32 bits. There is also an IPv6 address embedded in IPv4, which is used within a local area network. This type of address is used to treat an IPv4 node as an IPv6 node. In addition, there is an IPv6 address called "6to4" that is used to communicate between two nodes that run both IPv4 and IPv6 over the Internet.

4. Special addresses: including unspecified addresses and loopback addresses. Unspecified addresses (0:0:0:0:0:0:0:0 or ::) are used only to indicate that an address does not exist. It is equivalent to the IPv4 unspecified address 0.0.0.0. Unspecified addresses are usually used as the source address of packets that attempt to verify the uniqueness of a tentative address, and will never be assigned to an interface or used as a destination address. The loopback address (0:0:0:0:0:0:0:1 or ::1) is used to identify the loopback interface, allowing a node to send packets to itself. It is equivalent to the IPv4 loopback address 127.0.0.1. Packets sent to the loopback address are never sent to a link and are never forwarded through an IPv6 router.

Multicast Address

An IPv6 multicast address can identify multiple interfaces, corresponding to the addresses of a group of interfaces (usually belonging to different nodes). Data packets sent to a multicast address are sent to each interface identified by the address. Using an appropriate multicast routing topology, data packets sent to a multicast address are sent to all interfaces identified by the address. IPv6 nodes at any location can listen to multicast communications on any IPv6 multicast address. IPv6 nodes can listen to multiple multicast addresses at the same time and can join or leave a multicast group at any time.

The most obvious feature of an IPv6 multicast address is that the highest 8 bits are fixed to 1111 1111. IPv6 addresses are easy to distinguish multicast addresses because they always start with FF.

Anycast Address

An IPv6 anycast address, like a multicast address, can identify multiple interfaces, corresponding to the addresses of a group of interfaces. In most cases, these interfaces belong to different nodes. However, unlike a multicast address, a packet sent to an anycast address is sent to one of the interfaces identified by the address.

With an appropriate routing topology, packets destined for anycast addresses will be sent to a single interface (the nearest interface identified by the address, and the nearest interface is defined based on the closest routing distance), while multicast addresses are used for one-to-many communication and sent to multiple interfaces. An anycast address must not be used as the source address of an IPv6 packet; it cannot be assigned to an IPv6 host, and can only be assigned to an IPv6 router.

Usage Agreement

Address Configuration Protocol

IPv6 uses two address auto-configuration protocols, namely the Stateless Address Auto-Configuration Protocol (SLAAC) and the IPv6 Dynamic Host Configuration Protocol (DHCPv6). SLAAC does not require the server to manage the address. The host directly calculates the local IPv6 address based on the router announcement information in the network and the local MAC address to achieve address auto-configuration; DHCPv6 is managed by the DHCPv6 server. The user host requests and obtains the IPv6 address and other information from the server to achieve the purpose of address auto-configuration.

1. Stateless Address Autoconfiguration

The core of stateless address autoconfiguration is that there is no need for an additional server to manage the address status. The host can calculate the address by itself for address autoconfiguration, which includes 4 basic steps:

1. Link-local address configuration. The host calculates the local address.

2. Duplicate address detection to ensure that the current address is unique.

3. The global prefix is ​​obtained and the host calculates the global address.

4. The prefix is ​​renumbered and the host changes its global address.

2. IPv6 Dynamic Host Configuration Protocol

The IPv6 Dynamic Host Configuration Protocol (DHCPv6) is developed from the DHCP in the IPv4 scenario. The client obtains the local IP address and automatically configures it by sending an application to the DHCP server. The DHCP server is responsible for managing and maintaining the address pool and the mapping information between the address and the client.

DHCPv6 has made some improvements and expansions on the basis of DHCP. It includes three roles: DHCPv6 client, which is used to dynamically obtain IPv6 addresses, IPv6 prefixes or other network configuration parameters; DHCPv6 server, which is responsible for allocating IPv6 addresses, IPv6 prefixes and other configuration parameters to DHCPv6 clients; DHCPv6 relay, which is a forwarding device. Normally, DHCPv6 clients can communicate with DHCPv6 servers through multicast addresses within the local link range. If the server and client are not within the same link range, DHCPv6 relay is required for forwarding. The existence of DHCPv6 relay makes it unnecessary to deploy DHCPv6 servers within each link range, saving costs and facilitating centralized management.

Routing Protocols

The unreasonable planning of IP addresses in the early days of IPv4 made the network very complex and the routing table entries numerous. Although this problem has been alleviated to a certain extent by dividing subnets and routing aggregation, it still exists. Therefore, at the beginning of IPv6 design, the address was changed from user-owned to operator-owned, and on this basis, the routing strategy has undergone some changes. In addition, the length of IPv6 addresses has changed, so the routing protocol has undergone corresponding changes.

Like IPv4, IPv6 routing protocols are also divided into interior gateway protocols (IGP) and exterior gateway protocols (EGP). IGP includes RIPng, which is derived from RIP, OSPFv3, which is derived from OSPF, and IS-ISv6, which is derived from IS-IS. EGP is mainly BGP4+, which is derived from BGP.

1. RIPng

The next generation RIP protocol (RIPng) is an extension of the original RIPv2. Most of the concepts of RIP can be used in RIPng. In order to be applied in IPv6 networks, RIPng has modified the original RIP protocol:

UDP port number: Use UDP port 521 to send and receive routing information.

Multicast address: Use FF02::9 as the RIPng router multicast address in the link-local scope.

Routing prefix: Use a 128-bit IPv6 address as the routing prefix.

Next hop address: Use a 128-bit IPv6 address.

2. OSPFv3

RFC 2740 defines OSPFv3 to support IPv6. The main differences between OSPFv3 and OSPFv2 are as follows:

1. Modified the type and format of LSA to support the advertisement of IPv6 routing information.

2. Modified some protocol processes. The main modifications include using Router-ID to identify neighbors and using link-local addresses to discover neighbors, so that the network topology itself is independent of the network protocol to facilitate future expansion.

3. Further streamlined the relationship between topology and routing. OSPFv3 separates topology from routing information in LSA. Type 1 and 2 LSAs no longer carry routing information, but only simple topology description information. In addition, type 8 and 9 LSAs are added, combining the original type 3, 5, and 7 LSAs to publish routing prefix information.

4. Improved protocol adaptability. By introducing the concept of LSA diffusion range, the process of handling unknown LSAs is further clarified, so that the protocol can make appropriate processing as needed without identifying LSAs, improving the scalability of the protocol.

BGP 4+

Traditional BGP 4 can only manage IPv4 routing information. For applications using other network layer protocols (such as IPv6, etc.), there are certain restrictions when they are transmitted across autonomous systems. In order to provide support for multiple network layer protocols, the RFC2858 document released by IETF has extended BGP 4 with multiple protocols to form BGP4+.

In order to support IPv6 protocol, BGP 4+ must reflect the information of IPv6 network layer protocol into NLR1 (Network Layer Reachable Information) and Next Hop attributes. To this end, the following two NLRI attributes are introduced in BGP4+.

MP_REACH_NLRI: Multi-protocol reachable NLRI, used to publish reachable routes and next hop information.

MP_UNREACH_NLRI: Multi-protocol unreachable NLRI, used to revoke unreachable routes.

The Next Hop attribute in BGP 4+ is represented by an IPv6 address, which can be an IPv6 global unicast address or a link-local address of the next hop. The original message mechanism and routing mechanism of BGP 4 remain unchanged.

IV. ICMPv6 Protocol

The ICMPv6 protocol is used to report error messages that occur during packet processing at IPv6 nodes and implement simple network diagnostics. The newly added neighbor discovery function of ICMPv6 replaces the function of the ARP protocol, so there is no ARP protocol in the IPv6 architecture. In addition to supporting the IPv6 address format, ICMPv6 also adds some new message types to support routing optimization, IP multicast, mobile IP, etc. in IPv6.

Transition Technology

IPv6 cannot replace IPv4 immediately, so IPv4 and IPv6 will coexist in the same environment for quite some time. To provide a smooth transition process and minimize the impact on existing users, a good transition mechanism is needed. This issue is the main goal of the IETF ngtrans working group. Many transition mechanisms have been proposed, and some have been used on 6Bone. IETF recommends transition mechanisms such as dual protocol stack, tunneling technology, and network address translation:

1. IPv6/IPv4 Dual Stack Technology

The dual stack mechanism enables IPv6 network nodes to have an IPv4 stack and an IPv6 stack, supporting both IPv4 and IPv6 protocols. IPv6 and IPv4 are network layer protocols with similar functions. Both are applied to the same physical platform and carry the same transport layer protocol TCP or UDP. If a host supports both IPv6 and IPv4 protocols, then the host can communicate with hosts that only support IPv4 or IPv6 protocols.

2. Tunnel Technology

Tunnel Technology

The tunnel mechanism is a mechanism that encapsulates IPv6 packets as data in IPv4 packets when necessary, so that IPv6 packets can be transmitted on the existing IPv4 infrastructure (mainly IPv4 routers). With the development of IPv6, some local IPv6 networks separated from the backbone network running the IPv4 protocol have emerged. In order to achieve communication between these IPv6 networks, tunnel technology must be used. The tunnel is transparent to the source site and the destination site. At the entrance of the tunnel, the router encapsulates the IPv6 data packet in IPv4. The source address and destination address of the IPv4 packet are the IPv4 addresses of the tunnel entrance and exit respectively. At the exit of the tunnel, the IPv6 packet is taken out and forwarded to the destination site. The advantage of tunnel technology lies in the transparency of the tunnel. The communication between IPv6 hosts can ignore the existence of the tunnel, and the tunnel only serves as a physical channel. Tunnel technology was widely used in the early stage of the evolution from IPv4 to IPv6. However, tunnel technology cannot achieve communication between IPv4 hosts and IPv6 hosts.

3. Network Address Translation Technology

Network Address Translator (NAT) technology treats IPv4 addresses and IPv6 addresses as internal addresses and global addresses, respectively, or vice versa. For example, when an internal IPv4 host wants to communicate with an external IPv6 host, the IPv4 address (equivalent to the internal address) is converted into an IPv6 address (equivalent to the global address) in the NAT server, and the server maintains a mapping table between IPv4 and IPv6 addresses. Conversely, when an internal IPv6 host communicates with an external IPv4 host, the IPv6 host is mapped to the internal address and the IPv4 host is mapped to the global address. NAT technology can solve the intercommunication problem between IPv4 hosts and IPv6 hosts.

Advantages and features

Comparison of IPv4 and IPv6 addresses

Compared with IPV4, IPV6 has the following advantages:

1. IPv6 has a larger address space. IPv4 stipulates that the length of an IP address is 32, and the maximum number of addresses is 2^32; while the length of an IP address in IPv6 is 128, that is, the maximum number of addresses is 2^128. Compared with a 32-bit address space, its address space increases by 2^128-2^32.

2. IPv6 uses a smaller routing table. IPv6 address allocation follows the principle of aggregation from the beginning, which enables the router to use one entry in the routing table to represent a subnet, greatly reducing the length of the routing table in the router and increasing the speed at which the router forwards data packets.

3. IPv6 adds enhanced multicast support and flow control, which enables multimedia applications on the network to have great development opportunities and provides a good network platform for quality of service (QoS) control.

4. IPv6 adds support for automatic configuration, which is an improvement and extension of the DHCP protocol, making network (especially LAN) management more convenient and faster.

H3C IPv6 Network Solution

5. IPv6 has higher security. When using IPv6 network, users can encrypt data at the network layer and verify IP messages. The encryption and authentication options in IPv6 provide confidentiality and integrity of packets, which greatly enhances the security of the network.

6. Allow expansion: If new technologies or applications require it, IPV6 allows the protocol to be expanded.

7. Better header format. IPV6 uses a new header format, in which options are separated from the basic header. If necessary, the options can be inserted between the basic header and the upper layer data. This simplifies and speeds up the routing selection process because most options do not need to be selected by the router.

8. New options. IPV6 has some new options to implement additional functions.

Safety performance

The original Internet security mechanism is only established at the application level, such as E-mail encryption, SNMPv2 network management security, access security (HTTP, SSL), etc., which cannot guarantee the security of the Internet from the IP layer. IP-level security guarantees the authentication and privacy characteristics of packets, and its specific implementation is mainly achieved by IP's AH (Authentication Header) and ESP (Encapsulating Security Payload) tags. IPv6 achieves IP-level security.

1. Security protocol suite: It is a two-way agreement between the sender and the receiver, determined only by the target address and the security parameter index (SPI).

2. Packet header authentication: provides data integrity and packet authentication.

3. Security Header Encapsulation: ESP supports the privacy and data integrity of IP packets according to different user requirements. It can be used for encryption of the transport layer (such as TCP, UDP, ICMP), called transport layer mode ESP, and can also be used for encryption of the entire packet, called tunnel mode ESP.

4. ESPDES-CBC method: ESP processing generally must execute the DES-CBC encryption algorithm. The data is divided into 64-bit blocks for processing. The input of the decryption logic is the AND or of the current data and the previously encrypted data block.

5. Authentication plus privacy: According to different business models, the two IP security mechanisms can be combined in a certain order to achieve the purpose of packet transmission encryption. According to the different orders, it is divided into encryption before authentication and authentication before encryption.

Application prospects

Although IPv6 is still in the research stage globally, many technical problems need to be further solved, and the number of devices supporting IPv6 is very limited. But in general, the development of global IPv6 technology is ongoing, and as IPv4 is exhausted, many countries have realized the advantages of IPv6 technology, especially China, which has promoted the full deployment and large-scale commercial use of IPv6 next-generation Internet through some national projects. As IPv6 technologies become more and more perfect, the problems of high cost, slow development and insufficient support of IPv6 will soon fade out of people's sight.