Today, in a world driven by the Internet, IP has become the de facto protocol
for most of the data communication. The existing IPv4 address space has served
the world well for over a decade, and today, thanks to its widespread success,
we are at the risk of exhausting it. Anticipating this, the IETF has drafted a
comprehensive set of specifications for the next generation protocol or address
space called IPv6.
Apart from offering a larger address space, IPv6 also has more inherent
benefits like stateless auto-configuration and in-built security, which
facilitate the next generation network applications like mobile. These have been
built in while redesigning IP.
Ipv6: An Overview
IPv6 was approved as a standard by IETF in the year 1994. Multiple working
groups simultaneously focused on the different areas that are involved in the
protocol redesign– addressing architectures, routing protocols, security, QoS,
etc. The addressing model of IPv6 and the associate routing protocols are
briefed in the following sections.
Addressing architecture
IPv6 addresses are 128 bits in length, and hence it can
support, 3.4x1038 individual addresses. In contrast, IPv4 could potentially
support a maximum of 4.2x109 individual addresses, which was considered enormous
at the time IP was evolved. IPv6 has been designed up from the ground level to
support a flexible and an efficient global routing hierarchy.
Although there are a number of allocation schemes,
aggregation-based hierarchy is preferred because it combines the power of
geographic and provider allocation schemes. In aggregation-based allocation, the
top of the hierarchy would be top level aggregators (TLAs), which are the public
transit points where long-haul providers and large telcos establish peer
connections.
With the above specification, the first three bits in the
address represent the type of address (unicast, multicast, anycast, etc), while
the next 13 bits are reserved for the TLAs. This can be represented as follows :
The 32 bits after the TLA represent next level aggregators (NLA).
This field can be further subdivided as per the NLA’s hierarchy requirements.
The last two fields represent SLA and Interface ID. SLA can
be assigned to huge enterprise networks who can address their networks with as
many as 65,535 subnets. Typically, an Interface ID will be derived from the
physical MAC address of the network element.
For example, one of the class ‘A’ service providers in
India, would allocate a TLA address, and one of their large customers would
slice the SLA into multiple hierarchies to represent the functional or
geographical allocation, and then an individual PC would take the interface ID
from its NIC card.
IPv6 Architecture |
||||
3 | 13 | 32bits | 16bits | 64bits |
001 | TLA | NLA | SLA | Interface ID |
Public Topology |
Site Topology |
Local Interface |
IPv6 routing protocols
Routing protocols are an essential part of the IP
infrastructure, and RIP, OSPF, IS-IS and BGP, are all being re-designed to
support IPv6 natively.
Interior Gateway Protocols
RIPng is the IPv6 variant of the routing information protocol
(RIP), which is in common use as the IGP for small- to medium-sized computer
networks. As the first and the simplest routing protocol standardized for IPv6,
RIPng will probably see wide adaptation during the initial phases of IPv6
implementation.
In case of large networks, where link state protocols are
used, the choice for the deployment is OSPFv3, which has been designed for IPv6.
Although OSPFv3 retains most of the algorithms from OSPFv2, certain changes have
been called for due to the changes in the protocol semantics between IPv4 and
IPv6, and also to handle the large address size of IPv6. RFC 2740 goes into more
details on OSPFv3.
Exterior Gateway Protocol
Routers currently use Version 4 of the Border Gateway
Protocol (BGP) for routing between autonomous systems. RFC 2283 defines
multi-protocol extensions to BGP that allows it to carry information of networks
other than its native IPv4, including IPv6 prefixes. This will provide the
routing of IPv6 networks over IPv4 clouds.
Transition Mechanisms
Many transition methods have been discussed for the IPv6
deployments and some of them are detailed out in this section.
Dual stacking
This calls for the configuration of both the IPv4 and IPv6
protocol stacks in all the hosts. Most of the operating systems support this
feature. Though dual stacking is possible in the end-stations and network
equipment, it is very difficult to maintain two different address space and
route on an Internet wide scale. Hence, this can be considered as a solution
only at an enterprise level and may not be for the global Internet.
Transitional address structures
Two transitional address structures have been defined–IPv4-compatible
IPv6 address and IPv4-mapped IPv6 address. In both of these, the lower 32 bits
of IPv6 are mapped with IPv4, while the higher order bits are padded with some
recognizable values.
The first address structure is used when two IPv6 networks
communicate over an IPv4 cloud. The second is used when the two IPv4 networks
communicate over an IPv6 cloud.
RFC 3056 and 2766 specification
RFC 3056 provides the specifications for connecting the IPv6
domains over IPv4 clouds and this is generally referred to as 6to4. An
end-to-end IPv6 communication is established over tunnels. The end points of the
tunnels are identified using a reserved 6to4 prefix, where the NLA field of IPv6
represents the globally unique IPv4 address for the site.
RFC 2766 is also called Network Address Translation-Protocol
Translation (NAT-PT). This defines a translation procedure from IPv6 to IPv4
address, including the packet header format and vice versa. This will be
deployed at the interconnection points and this method eliminates the need for
dual stack at the network hosts level.
The RFC2766 and 3506 will provide a flexible and
comprehensive transition from IPv4 to IPv6.
IPv6 and Mobile
Mobile usage has rocketed globally in the last few years. The 3G
specifications for wireless communication calls for packetization of mobile
voice traffic and also re-designing the wireless networks to support high-speed
data communication. Today, mobile has become a major thrust for moving to Ipv6,
as the number of addresses required by the millions of mobile users make it
unfeasible to use IPv4.
With the existing routing mechanisms, roaming becomes difficult. If the
mobile handset retains its IP address and roams into a different network
(different AS), it would violate the routing constraint that the two different
ASs could not carry the same IP address. If the new operator swaps the IP
address as soon as the handset enters the new network then the TCP/IP sessions
being used by the handset would be naturally dropped. This is an example of some
of the paradoxes faced by juxtaposing Internet and mobility. To overcome some of
these limitations, IETF has drafted a standard called Mobile IP both for IPv4
and IPv6.
Benefits of IPv6
End-to-end addressing
Instead of an almost ubiquitous reliance on Network Address
Translation (NAT) that is required for many networks in the IPv4 Internet,
devices will be able to have their own globally unique address. This will reduce
the amount of end-to-end packet processing and the amount of interference with
upper-layer protocols.
Smaller routing tables
The IPv6 addressing architecture allows for a better
hierarchical design of the Internet. This facilitates a better address
aggregation of the routes, especially at the backbone of the Internet.
Stateless auto-configuration
Stateless auto-configuration makes it possible for
end-stations to configure their own addresses, without the need of a static DHCP
server. Typically, the end-station combines its 48-bit MAC address with a
network prefix it learns from a neighboring router to form its IPv6 address.
Security
The IPv6 packet format includes optional authentication
header and encapsulating security header, providing comprehensive security
features at the network layer. While the format provides authenticity of the
source, the latter provides data integrity and confidentiality.
P Muthukrishnan is
with Juniper Networks