Wednesday, May 25, 2011

Lesson 56 - Introduction to IPv6 - Address Structure

After a very short introduction to IPv6 types of addresses and the header presentation, let's dig deeper and find out more about IPv6 addresses.

Hexadecimal Address Notation
I have already mentioned that IPv6 global space begins with 2000::/3. This means that all public IPv6 addresses now use three bits which amount to value 2 in hex.

Look at this notation of global address one more time:

2000::/3
This is a shortcut for:

2001:0000:0000:0000:0000:0000:0000:0000/3

And just like in IPv4 addresses this '/3' tells us to pay attention to the three most significant bits. Hexadecimal to binary conversion is simple. Two digits in hex (for instance: 20) is a one byte value (eight bits). One character stands for four bits (called a nibble). They need to be converted as two separate entities.

Pic. 1 - Hex-to-Binary Conversion.


This way, the hexadecimal 20 becomes 00100000.

In the global IPv6 address scope the first three bits ('/3') will always be set like shown below (as of writing this post):

Pic. 2 - IPv6 Global Address Sequence of Bits.

Okay. What about the hierarchy in IPv6 address?

IPv6 Hierarchy
It is not very different from what we used in IPv4 classes! Do you remember these bits settings in IPv4? If not, look at the below numbers:

Class A - 0xxxxxxx.xxxxxxxx.xxxxxxxx.xxxxxxxx /8
Class B - 10xxxxxx.xxxxxxxx.xxxxxxxx.xxxxxxxx /16
Class C - 110xxxxx.xxxxxxxx.xxxxxxxx.xxxxxxxx /24

The blue color denotes the network portion of the address in these classes. For instance, the '/24' means that 24 most significant bits are the network bits. The remaining ones (eight of them left) are the host bits. This way we create the hierarchy in IPv4 addresses.

What does it look like in IPv6 then? It is much simpler. See for yourself:

2001:acbd:1234:a1b2:0000:0000:0000:0001/64

The first sixty four bits (blue) are network bits, the remaining ones are the host's interface identifier (host bits). But this, we already know based on the previous post. The network portion is going to be given to us either by the ISP or by the registry (ARIN in the US, RIPE in Europe etc.) if we're a big organization. 

We're told that the length of the prefix assigned to different organizations looks like this:
  • Registries will be assigned /23
  • ISP will be assigned /32
  • Sites will be assigned /48
Say, you are the organization that receives /48 prefix like this:
2001:1234:5678:0000:0000:0000:0000:0000/48.

This gives you two bytes (shown in red) in the network portion to create different networks (red portion: 2^16=65536 different numbers). By the way, get used to the shortcuts:

2001:1234:5678:0000:0000:0000:0000:0000/48 = 2001:1234:5678:0000::/48

IPv6 Interface Identifier (host bits)
How do we get the host portion then? 

In terms of creating the host portion of IPv6 address, if DHCP is not used, we have two options. One way is to do this by hand like presented below (the red color is the interface identifier or the host bits if you will):

2001:1234:5678:1000::1
(abbreviated address which could be expanded to 2001:1234:5678:1000:0000:0000:0000:0001)

But this approach seems somewhat tedious. I mean, who wants to assign addresses on 500 hosts this way?

Another way is to use EUI-64 method which creates the host portion of IPv6 address based on the MAC address of the first Ethernet interface which, at least in theory, should be unique!

Because the MAC address has only 48 bits and not 64, a special procedure has been developed to fill in the gap. Check it out the MAC address of the interface on the router:

Pic. 3 - MAC address of F1/0 Interface.

In the EUI-64 method the operating system takes the MAC address (highlighted) and uses it to create the host bits for the link-local address by default (you can also do this manually). And the same method can be used to assign the host bits in the global address. 

Here is the detailed description of how 48 bits of MAC address becomes 64 bit host portion of IPv6 address in EUI-64 method (operating system takes care of these details itself).

Step 1
Flip the 7th bit (counting from left to right) in the MAC address (if it's 1 change it to 0, if it's 0, change it to 1).

In order to do that, operating system must first convert the hexadecimal number of the first byte to the binary form. MAC address used in the example is (as per pic. 3):

CC00.19BA.0010.

(Hex) CC ==> (Bin) 11001100
C=1100

Counting from left to right the 7th bit is: 11001100. This one must be flipped like shown below:
11001110. This gives us the hexadecimal value of: CE.

Step 2
Use the MAC address after modifying the 7th bit in step 1 and inject the FFFE between OUI (first three bytes on the left) and the serial number of the adapter (first three bytes on the right). I will use the colon (:) as the delimiter and blocks of 2-bytes to make it compliant with the IPv6 convention. Look at the result below:

CE00:19FF:FEBA:0010

This way we get 64-bit host portion of the IPv6 address. So my link-local address which uses this method to create the host bits will look like this:

CE00:19FF:FEBA:0010, which is abbreviated to this form:
CE00:19FF:FEBA:10

Step 3
Add the network portion to this construct calculated in step 2. For instance, we know that link-local's network bits are always FF80::/10. So, the whole link-local address is going to be (abbreviated as per Lesson 55's explanation):

FF80::CE00:19FF:FEBA:10
(again, the full 128-bit version is: FF80:0000:0000:0000:E00:19FF:FEBA:0010)

Let's see if this is true when I enable IPv6 support on F1/0 interface. Pay attention to link local address value.

Pic. 4 - IPv6-enabled F1/0 Interface.

Note that just by enabling IPv6 support on the interface IOS automatically creates link-local address using EUI-64, allowing this interface to communicate with hosts residing on this local subnet/network. However, in order to communicate with hosts outside this link-local network, the interface needs a global address as well. This leads us to a correct conclusion that each interface will have two addresses: link-local and global in order to fully operate in IPv6 domain.

IPv6 Global Address Configuration
There are two major methods of configuring IPv6 addresses on our devices:
  • Manual method - You will configure them like we sometimes do with IPv4 right now.
  • Dynamic method - This one offers us IPv6 DHCP servers or the hosts can obtain the network portion of the IPv6 address from their local router (special message is sent called 'Router Solicitation'). In the latter situation the host portion will be generated automatically using the EUI-64 method described above.
Since this post has enough information for one sitting, I'll show you the manual and router solicited methods of configuring IPv6 addresses in my next post. I will also explain what happened to our IPv4 ARP request since broadcast does not exist in IPv6 world anymore!