ADM389

IPv6
in association with
Rafal Lukawiecki www.ip426.com
rafal@projectbotticelli.co.uk
www.projectbotticelli.co.uk
Strategic Consultant
Project Botticelli Ltd
2

Objectives

Make a (brief) case for IPv6 (level 200)

Give you a crash-course on the main
aspects of the protocol (level 300)
Explain the available technology support
including migration strategies (level 300)
3

Why IPv6?
4

IP Address Allocation History

1981 - IPv4 protocol published
1985 ~ 1/16 of total space
1990 ~ 1/8 of total space
1995 ~ 1/3 of total space
2000 ~ 1/2 of total space
2002.5 ~ 2/3 of total space

This despite increasingly intense conservation efforts:

PPP / DHCP address sharing
NAT (network address translation)
CIDR (classless inter-domain routing)
plus some address reclamation
Theoretical limit of 32-bit space: ~4 billion devices
Practical limit of 32-bit space: ~250 million devices (RFC 3194)
5

Running Out of Addresses

Even if every company used only 1

address by fully utilising NATs (Network
Address Translation)…

…we would be out of addresses in the

next 3-5 years

“Slower that Y2K problem, but a surer

one”
6

More IPv4 Pain

Argh, NATs 
Peer-to-peer is difficult
NAT security record is dubious
Management is a pain
Security is an optional add-on
QoS (Quality of Service) is rare and not real-time
Routing tables too large and process slow
Mobility is a pain
But peer-to-peer mobility is the future of Internet
Device autoconfiguration is rare
DHCP & address ownership does not work across organisational
boundaries
Using external agents for autoconfiguration is a non-starter
7

US versus ROW

US accounts for 90% of address allocation

Some universities in US have more allocated
addresses than the whole of Asia

The so-called, in US, “Rest of the World” is

hardly an even partner
Reliance on American organisations may be
politically difficult, at times, for large or
governmental Internet projects
Gives US an unwelcome monopoly power
8

6 Benefits of IPv6

Address depletion solved

International misallocation solved
End-to-end communication restored
Scoped addresses & address selection
More efficient forwarding
Built-in security and mobility
9

Who’s Doing IPv6?

More places than you would think!

Japanese city of Kyoto (now)
JANET (Joint Academic Network) in UK
US Deparment of Defence
June 13th 2003 decision made by Pentagon (
http://story.news.yahoo.com/news?tmpl=story&cid=1509&ncid
=738&e=6&u=/afp/20030613/tc_afp/us_military_internet
)
Planning and preparation in 2003-4
Transition in 2005
Completion in 2008
10

Crash Course on IPv6

11

Features of IPv6

New header format

Large address space
Efficient and hierarchical addressing and
routing infrastructure
Stateless and stateful address configuration
Built-in security
Better support for QoS
New protocol for neighboring node interaction
Extensibility
12

Differences Between IPv4 & IPv6

Feature IPv4 IPv6
Address length 32 bits 128 bits
IPSec support Optional Required
QoS support Some Better
Fragmentation Hosts and routers Hosts only
Packet size 576 bytes 1280 bytes
Checksum in header Yes No
Options in header Yes No
Link-layer address resolution ARP (broadcast) Multicast Neighbor
Discovery Messages
Multicast membership IGMP Multicast Listener
Discovery (MLD)
Router Discovery Optional Required
Uses broadcasts Yes No
Configuration Manual, DHCP Automatic, DHCP
DNS name queries Uses A records Uses AAAA
records
DNS reverse queries Uses IN-ADDR.ARPA Uses IP6.INT
13

IPv6 Terminology
Neighbors

Host Host Host

Bridge Intra-subnet
router Router

LAN segment

Link

Subnet

Additional subnets

Network
14

The IPv6 Address Space

128-bit address space
2128 possible addresses
340,282,366,920,938,463,463,374,607,431,768,211,456
addresses (3.4 x 1038)
6.65 x 1023 addresses per square metre of Earth’s
surface
128 bits were chosen to allow multiple levels of
hierarchy and flexibility in designing hierarchical
addressing and routing
Typical unicast IPv6 address:
64 bits for subnet ID, 64 bits for interface ID
15

IPv6 Address Syntax

IPv6 address in binary form:
0010000111011010000000001101001100000000000000000010111100111011
0000001010101010000000001111111111111110001010001001110001011010

Divided along 16-bit boundaries:

0010000111011010 0000000011010011 0000000000000000 0010111100111011
0000001010101010 0000000011111111 1111111000101000 1001110001011010

Each 16-bit block is converted to hexadecimal

and delimited with colons:
21DA:00D3:0000:2F3B:02AA:00FF:FE28:9C5A
Suppress leading zeros within each 16-bit
block:
21DA:D3:0:2F3B:2AA:FF:FE28:9C5A
16

Compressing Zeros
Some IPv6 addresses contain long sequences of
zeros
A single contiguous sequence of 16-bit blocks set
to 0 can be compressed to “::” (double-colon)
Example:
FE80:0:0:0:2AA:FF:FE9A:4CA2 becomes
FE80::2AA:FF:FE9A:4CA2
FF02:0:0:0:0:0:0:2 becomes FF02::2
Cannot use zero compression to include part of a
16-bit block
FF02:30:0:0:0:0:0:5 does not become FF02:3::5.
17

IPv6 Prefixes
Prefix is the part of the address where the bits
have fixed values or are the bits of a route or
subnet identifier
IPv6 subnets or routes always uses
address/prefix-length notation
CIDR notation
Examples:
21DA:D3::/48 for a route
21DA:D3:0:2F3B::/64 for a subnet
No more dotted decimal subnet masks! 
18

Types of IPv6 Addresses

Unicast
Address of a single interface
One-to-one delivery to single interface
Multicast
Address of a set of interfaces
One-to-many delivery to all interfaces in the set
Anycast
Address of a set of interfaces
One-to-one-of-many delivery to a single interface in the
set that is closest
No more broadcast addresses
19

Unicast IPv6 Addresses

Aggregatable global unicast addresses

Link-local addresses
Site-local addresses
Special addresses
Compatibility addresses
NSAP addresses
20

Aggregatable Global Unicast

Addresses
Top-Level Aggregation ID (TLA ID)
Next-Level Aggregation ID (NLA ID)
Site-Level Aggregation ID (SLA ID)
Interface ID
13 bits 8 bits 24 bits 16 bits 64 bits

001 TLA ID Res NLA ID SLA ID Interface ID

21

Topologies Within Global

Addresses
Public Topology
Site Topology
Interface ID
001 TLA ID Res NLA ID SLA ID Interface ID

48 bits 16 bits 64 bits

Public Topology Site Topology Interface Identifier

22

Local-Use Unicast Addresses

Link-local addresses
Used between on-link neighbors and for
Neighbour Discovery
Site-local addresses
Used between nodes in the same site
23

Link-Local Addresses
Format Prefix 1111 1110 10
FE80::/64 prefix
Used for local link only
Single subnet, no router
Address autoconfiguration
Neighbor Discovery
10 bits 54 bits 64 bits

1111 1110 10 000 . . . 000 Interface ID

24

Site-Local Addresses

Format Prefix 1111 1110 11

FEC0::/48 prefix for site
Used for local site only
Replacement for IPv4 private addresses
Intranets not connected to the Internet
Routers do not forward site-local traffic
outside the site
10 bits 38 bits 16 bits 64 bits

1111 1110 11 000 . . . 000 Subnet ID Interface ID

25

NSAP Addresses

7 bits 121 bits

0000001 NSAP-mapped address

26

Special IPv6 Addresses

Unspecified address
0:0:0:0:0:0:0:0 or ::
Loopback address
0:0:0:0:0:0:0:1 or ::1

By the way, DNS server is normally at:

FEC0:0:0:0:FFFF::1, FEC0:0:0:0:FFFF::2,
FEC0:0:0:0:FFFF::3
27

Compatibility Addresses
IPv4-compatible address
0:0:0:0:0:0:w.x.y.z or ::w.x.y.z
IPv4-mapped address
0:0:0:0:0:FFFF:w.x.y.z or ::FFFF:w.x.y.z
6over4 address
Interface ID of ::WWXX:YYZZ
6to4 address
Prefix of 2002:WWXX:YYZZ::/48
ISATAP address
Interface ID of ::0:5EFE:w.x.y.z
28

Structure of an IPv6 Packet

IPv6 Extension Upper Layer

Header Headers Protocol Data Unit

Payload

IPv6 Packet
29

Structure of the IPv6 Header

Version
Traffic Class
Flow Label
Payload Length
Next Header
Hop Limit
Source Address

Destination Address
30

Values of the Next Header Field

Value Header
0 Hop-by-Hop Options Header
6 TCP
17UDP
41Encapsulated IPv6 Header
43Routing Header
44Fragment Header
50Encapsulating Security Payload
51Authentication Header
58ICMPv6
59No next header
60Destination Options Header
31

Configuration

Besides using DHCP, you can always

autoconfigure an address
Check twice it is not a duplicate
Talk to routers and neighbours to be sure
Addresses expire, no concept of globally
permanent addresses
32

Temporary Address Interface

Identifiers
Random IPv6 interface identifier
Prevent identification of traffic regardless of the
prefix - anonymity
Initial value based on random number
Future values based on MD5 hash of history value
and EUI-64-based interface identifier
Result is a temporary address
Generated from public address prefixes using
stateless address autoconfiguration
Changes over time
33

Multiple Addresses on a Node

Unlike in IPv4, a node always has multiple

addresses
Link-local, site-local*, global etc.
It is the job of the protocol stack on each node
to decide which address to use depending on
who are we talking to
Greatly simplifies the job of routers, of course
This is in the spirit of peer-to-peer and distribution
of processing power, by the way
34

Mobility

Concept of Home Address (HA) and Care-of-

Address (CoA)
Wherever you are, you can always discover a
way to your home
Notify it where you are
It will tunnel things to you
You can do Binding Updates with anyone you
correspond to establish a direct path
Result: no loss of a session while you roam!
35

Technology Support and

Migration Strategy
36

Coexistence and Migration

The transition from IPv4 to IPv6 will take years
Some hosts will use IPv4 indefinitely
Migration is the long term goal, coexistence in the interim
Transition criteria:
Existing IPv4 hosts can be upgraded at any time
independent of the upgrade of other hosts or routers
New hosts using only IPv6 can be added at any time without
dependencies on other hosts or routing infrastructure
Existing IPv4 hosts with IPv6 installed can continue to use
their IPv4 address and do not need additional addresses
Little preparation is needed to upgrade existing IPv4 nodes
to IPv6 or to deploy new IPv6 nodes
37

Dual IP Layer Architecture

Application
Layer

Transport Layer (TCP/UDP)

IPv6 IPv4

Network
Interface Layer
38

Dual Stack Architecture

Application
Layer

TCP/UDP TCP/UDP

IPv6 IPv4

Network
Interface Layer
39

Windows Server 2003 IPv6

Windows Sockets applications

Windows Sockets

Windows Sockets components

TDI

IPv4 IPv6
(Tcpip.sys) (Tcpip6.sys)

NDIS

Network
adapter drivers
40

WS2003 IPv6 Features

Basic stack support
Only Ethernet and FDDI (no Token Ring or PPP)
No Microsoft-specific IPv4 enhancements (from W2K)
6to4, ISATAP, 6over4, PortProxy
Temporary addresses
DNS support (dynamic AAAA and reverse)
IPSec6 support
Generically incompatible with IPSec for IPv4
No ESP for data encryption, no IKE for SA negotiation –use
ipsec6.exe for manual configuration of SAs
Address selection and autoconfiguration
Can be a static router
Site prefixes in router advertisements
41

Application Support in WS2003

Internet Explorer
Telnet client
FTP client
Internet Information Services, version 6
File and print sharing
Windows Media Services
Network Monitor
SNMP MIB support
42

Application Programming
Interfaces in WS2003
Windows Sockets (WinSock)
Remote Procedure Call (RPC)
Internet Protocol Helper (IPHelper)
Win32 Internet Extensions (WinInet)
.NET Framework
43

IPv6-enabled Utilities

Ipconfig
Route
Ping
Tracert
Pathping
Netstat
44

IPv6 Command Line Utilities

Netsh.exe
interface ipv6
interface ipv6 6to4
interface ipv6 isatap
interface portproxy
Ipsec6.exe
45

Installing & Configuring IPv6

Install
Add the “Microsoft TCP/IP version 6” protocol
when configuring the properties of a LAN
connection in Network Connections
Execute netsh interface ipv6 install at a
command prompt
Configure
IPv6 is self-configuring
For manual configuration, use commands in the
netsh interface ipv6 context
46

Migrating to IPv6

1. Upgrade your applications to be

independent of IPv4 or IPv6
2. Update the DNS infrastructure to support
IPv6 addresses and PTR records
3. Upgrade hosts to IPv4/IPv6 nodes
4. Upgrade routing infrastructure for native
IPv6 routing
5. Convert IPv4/IPv6 nodes to IPv6-only nodes
47

Summary

IPv6 is the natural future of the

Internet
Start planning your migration
now, especially if you are a
developer in association with
www.ip426.com
Prepare your infrastructure
over the next year, if possible
Contact the experts for help 
www.ip426.com at your service
48

Ask The Experts

Get Your Questions Answered
I will be at the Ask The Experts stand on
Friday from 12:00 till 14:00 waiting for
you

Alternatively, you can contact me via

email on rafal@projectbotticelli.co.uk
My average response time is about 3
weeks at present. Please mark as
URGENT if necessary.
49

Community Resources

Community Resources
http://www.microsoft.com/communities/default.mspx

Most Valuable Professional (MVP)

http://www.mvp.support.microsoft.com/

Newsgroups
Converse online with Microsoft Newsgroups, including Worldwide
http://www.microsoft.com/communities/newsgroups/default.mspx

User Groups
Meet and learn with your peers
http://www.microsoft.com/communities/usergroups/default.mspx
50

Suggested Reading & Resources

“Understanding IPv6”, Joseph Davies,

Microsoft Press, ISBN 0-7356-1245-5
Available (limited copies) on Microsoft
Press stand near the conference rooms
during TechEd 2003 at a discount!

www.microsoft.com/ipv6
www.ipv6forum.org
www.ip426.com
51

evaluations
52

© 2003 Microsoft Corporation & Project Botticelli Ltd. All rights reserved. This presentation is for informational
purposes only. MICROSOFT AND PROJECT BOTTICELLI MAKE NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.