Internet Protocol Analysis/IPv6

This lesson continues the Internet layer and looks at IPv6 and a variety of IPv6 transition technologies. Activities include using Wireshark to examine IPv6 network traffic.

Readings

edit
  1. Wikipedia: IPv6
  2. Wikipedia: Link-local address
  3. Wikipedia: Teredo tunneling
  4. Wikipedia: ISATAP
  5. Wikipedia: 6to4
  6. Wikipedia: 6in4
  7. Wikipedia: NAT64

Multimedia

edit
  1. YouTube: An overview of IPv4 and IPv6 - CompTIA Network+ N10-005: 1.3
  2. YouTube: IPv6 Transition Technology

Activities

edit
  1. Use netsh to configure IPv6 settings.
  2. Use Wireshark to capture and analyze local IPv6 traffic.
  3. Use Wireshark to capture and analyze remote IPv6 traffic.
  4. Use Wireshark to capture and analyze IPv6 Teredo traffic.
  5. Use Wireshark to capture and analyze IPv6 6to4 traffic.
  6. Use Wireshark to capture and analyze IPv6 6in4 traffic.
  7. Consider situations in which a packet analyzer might be used to troubleshoot IPv6 traffic.

Lesson Summary

edit
  • IPv6 is an Internet-layer protocol for packet-switched internetworking and provides end-to-end datagram transmission across multiple IP networks.[1]
  • IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of running out of IPv4 addresses.[2]
  • IPv6 uses 128-bit addresses, commonly displayed to users as eight groups of four hexadecimal digits separated by colons.[3]
  • In an IPv6 address, leading zeroes may be removed from any group of hexadecimal digits. Multiple consecutive groups of zeroes may be replaced with a double colon (::).[4]
  • The IPv6 subnet size has been standardized by fixing the size of the host identifier portion of an address to 64 bits.[5]
  • IPv6 does not implement interoperability features with IPv4, but essentially creates a parallel, independent network. Exchanging traffic between the two networks requires special translator gateways.[6]
  • Work on IPv6 began by 1992, and was first published in a series of RFCs in 1996.[7]
  • Most transport and application-layer protocols need little or no change to operate over IPv6.[8]
  • Multicasting is part of the base specification in IPv6. IPv6 does not implement traditional IP broadcast and does not define broadcast addresses.[9]
  • IPv6 hosts can configure themselves automatically when connected to a routed IPv6 network using the Neighbor Discovery Protocol via Internet Control Message Protocol version 6 (ICMPv6) router discovery messages.[10]
  • IPv6 routers do not perform fragmentation.[11]
  • Privacy extensions for IPv6 allow the operating system to generate ephemeral IP addresses by concatenating a randomly generated host identifier with the assigned network prefix for communication with remote hosts.[12]
  • The IPv6 header consists of a fixed portion with minimal functionality required for all packets and may be followed by optional extensions to implement special features. The fixed header requires 40 octets (320 bits) and contains the source and destination addresses, traffic classification options, a hop counter, and the type of the optional extension or payload which follows the fixed header.[13]
  • The IPv6 loopback address is ::1.[14]
  • Link-local addresses begin with fe80::/10.[15]
  • Tunneling may be used to enable IPv4 networks to communicate with IPv6 networks. In tunneling, IPv6 packets are encapsulated within IPv4 packets, in effect using IPv4 as a link layer for IPv6.[16]
  • Teredo is an automatic inter-site tunneling technique that uses UDP encapsulation and can cross Network Address Translation (NAT) nodes.[17] Teredo addresses begin with 2001:0::/32.[18]
  • ISATAP is an automatic intra-site tunneling technique that uses IPv4 encapsulation. It cannot cross NAT nodes.[19]ISATAP addresses begin with fe80::200:5efe/96.[20]
  • 6to4 is an automatic inter-site tunneling technique that uses IPv4 encapsulation. It cannot cross NAT nodes.[21] 6to4 addresses begin with 2002::/16 and relay through 192.88.99.1.[22]
  • 6in4 is a configured inter-site tunneling technique that uses IPv4 encapsulation. It can cross NAT nodes with proper configuration.[23] 6in4 addresses are public addresses assigned by the tunnel broker, and therefore create security risks.[24]
  • NAT64 is a network address translation technique that allows IPv6-only hosts to communicate with IPv4-only servers. NAT64 server addresses begin with 64:ff9b::/96.[25]

Key Terms

edit
anycast
A network addressing and routing methodology in which datagrams from a single sender are routed to the topologically nearest node in a group of potential receivers, though it may be sent to several nodes, all identified by the same destination address.[26]
Data Over Cable Service Interface Specification (DOCSIS)
An international telecommunications standard that permits the addition of high-speed data transfer to an existing cable TV (CATV) system.[27]
end-to-end principle
A classic computer network design principle which states that application-specific functions ought to reside in the end hosts of a network rather than in intermediary nodes – provided they can be implemented completely and correctly in the end hosts.[28]
hop count
A count of the intermediate devices (routers) through which data must pass between source and destination.[29]
jumbogram
An internet layer packet exceeding the standard Maximum Transmission Unit (MTU) of the underlying network technology.[30]
Mobile IP
An Internet Engineering Task Force (IETF) standard communications protocol that is designed to allow mobile device users to move from one network to another while maintaining a permanent IP address.[31]
Path MTU Discovery (PMTUD)
A standardized technique for determining the maximum transmission unit (MTU) size on the network path between two Internet Protocol (IP) hosts.[32]
proxy server
A computer system or application that acts as an intermediary for requests from clients seeking resources from other servers.[33]
Quality of Service (QoS)
The ability to provide different priority to different applications, users, or data flows, or to guarantee a certain level of performance to a data flow.[34]
Stateless Address Autoconfiguration (SLAAC)
A method by which a node automatically creates a link-local address with the prefix fe80::/64 on each IPv6-enabled interface, even if globally routable addresses are manually configured or obtained through configuration protocols.[35]
tunneling protocol
The use of one network protocol (the delivery protocol) to encapsulate a different payload protocol.[36]
World IPv6 Launch
The Internet Society declared June 6, 2012 to be the date for "World IPv6 Launch", with participating major websites enabling IPv6 permanently, participating ISPs offering IPv6 connectivity, and participating router manufacturers offering devices enabled for IPv6 by default.[37]

Review Questions

edit
Enable JavaScript to hide answers.

Click on a question to see the answer.

  1. IPv6 is an _____-layer protocol for packet-switched internetworking and provides end-to-end datagram transmission across multiple IP networks.
    IPv6 is an Internet-layer protocol for packet-switched internetworking and provides end-to-end datagram transmission across multiple IP networks.
  2. IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of _____.
    IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of running out of IPv4 addresses.
  3. IPv6 uses _____-bit addresses, commonly displayed to users as _____ groups of _____ hexadecimal digits separated by _____.
    IPv6 uses 128-bit addresses, commonly displayed to users as eight groups of four hexadecimal digits separated by colons.
  4. In an IPv6 address, leading zeroes may be removed from any group of hexadecimal digits. Multiple consecutive groups of zeroes may be replaced with _____.
    In an IPv6 address, leading zeroes may be removed from any group of hexadecimal digits. Multiple consecutive groups of zeroes may be replaced with a double colon (::).
  5. The IPv6 subnet size has been standardized by fixing the size of the host identifier portion of an address to _____ bits.
    The IPv6 subnet size has been standardized by fixing the size of the host identifier portion of an address to 64 bits.
  6. IPv6 does not implement interoperability features with IPv4, but essentially creates a _____. Exchanging traffic between the two networks requires special translator _____.
    IPv6 does not implement interoperability features with IPv4, but essentially creates a parallel, independent network. Exchanging traffic between the two networks requires special translator gateways.
  7. Work on IPv6 began by _____, and was first published in a series of RFCs in _____.
    Work on IPv6 began by 1992, and was first published in a series of RFCs in 1996.
  8. Most transport and application-layer protocols need _____ to operate over IPv6.
    Most transport and application-layer protocols need little or no change to operate over IPv6.
  9. Multicasting is part of the base specification in IPv6. IPv6 does not implement traditional IP _____ and does not define _____.
    Multicasting is part of the base specification in IPv6. IPv6 does not implement traditional IP broadcast and does not define broadcast addresses.
  10. IPv6 hosts can configure themselves automatically when connected to a routed IPv6 network using the _____ via Internet Control Message Protocol version 6 (ICMPv6) router discovery messages.
    IPv6 hosts can configure themselves automatically when connected to a routed IPv6 network using the Neighbor Discovery Protocol via Internet Control Message Protocol version 6 (ICMPv6) router discovery messages.
  11. IPv6 routers do not perform _____.
    IPv6 routers do not perform fragmentation.
  12. Privacy extensions for IPv6 allow the operating system to generate _____ for communication with remote hosts.
    Privacy extensions for IPv6 allow the operating system to generate ephemeral IP addresses by concatenating a randomly generated host identifier with the assigned network prefix for communication with remote hosts.
  13. The IPv6 header consists of a fixed portion with minimal functionality required for all packets and may be followed by optional extensions to implement special features. The fixed header requires _____ octets (_____ bits) and contains _____.
    The IPv6 header consists of a fixed portion with minimal functionality required for all packets and may be followed by optional extensions to implement special features. The fixed header requires 40 octets (320 bits) and contains the source and destination addresses, traffic classification options, a hop counter, and the type of the optional extension or payload which follows the fixed header.
  14. The IPv6 loopback address is _____.
    The IPv6 loopback address is ::1.
  15. Link-local addresses begin with _____.
    Link-local addresses begin with the prefix fe80::/10.
  16. Tunneling may be used to enable IPv4 networks to communicate with IPv6 networks. In tunneling, _____ packets are encapsulated within _____ packets, in effect using _____ as a _____ layer for _____.
    Tunneling may be used to enable IPv4 networks to communicate with IPv6 networks. In tunneling, IPv6 packets are encapsulated within IPv4 packets, in effect using IPv4 as a link layer for IPv6.
  17. Teredo is an _____ _____-site tunneling technique that uses _____ encapsulation and _____ cross Network Address Translation (NAT) nodes.
    Teredo is an automatic inter-site tunneling technique that uses UDP encapsulation and can cross Network Address Translation (NAT) nodes.
  18. Teredo addresses begin with _____.
    Teredo addresses begin with 2001:0::/32.
  19. ISATAP is an _____ _____-site tunneling technique that uses _____ encapsulation. It _____ cross NAT nodes.
    ISATAP is an automatic intra-site tunneling technique that uses IPv4 encapsulation. It cannot cross NAT nodes.
  20. ISATAP addresses begin with _____.
    ISATAP addresses begin with fe80::200:5efe/96.
  21. 6to4 is an _____ _____-site tunneling technique that uses _____ encapsulation. It _____ cross NAT nodes.
    6to4 is an automatic inter-site tunneling technique that uses IPv4 encapsulation. It cannot cross NAT nodes.
  22. 6to4 addresses begin with _____ and relay through _____.
    6to4 addresses begin with 2002::/16 and relay through 192.88.99.1.
  23. 6in4 is a _____ _____-site tunneling technique that uses _____ encapsulation. It _____ cross NAT nodes.
    6in4 is a configured inter-site tunneling technique that uses IPv4 encapsulation. It can cross NAT nodes.
  24. 6in4 addresses are _____ addresses assigned by the tunnel broker, and therefore create security risks.
    6in4 addresses are public addresses assigned by the tunnel broker, and therefore create security risks.
  25. NAT64 is a _____ that allows _____-only hosts to communicate with _____-only servers.
    NAT64 is a network address translation technique that allows IPv6-only hosts to communicate with IPv4-only servers.
  26. NAT64 server addresses begin with _____.
    NAT64 server addresses begin with 64:ff9b::/96.

Assessments

edit

References

edit
  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.