This chapter describes how to use IPv6.
IP Version 6 (IPv6) is a new version of the Internet Protocol. It is designed as a successor to IP Version 4 (IPv4). The following list identifies some of the advantages provided by IPv6:
IPv6 uses a 128-bit address.
Using the large address size, IPv6 provides an hierarchical address scheme which allows you to create a flexible routing hierarchy.
NDP provides host autoconfiguration.
IPv6 makes IP Security mandatory.
The IPv6 header has priority and flow label fields to accommodate integrated Quality of Service.
The IPv6 header is fixed and simplified. The router is no longer required to perform fragmentation, simplifying packet processing. In addition, options type data is implemented in extension headers that are only processed by the destination node.
IPv6 includes many changes from IPv4. The most significant changes are:
IPv6 addressing increases the address from 32 bits to 128 bits. This increase allows more degrees of hierarchy than the basic layers of network, subnet and host.
IPv6 addresses belong to one of three categories:
Broadcast addressing has been replaced by multicast addressing in IPv6.
The IPv6 address is composed of 128 bits. These bits are written as eight 16-bit integers separated by colons.
Example:
ABCD:1234:0000:1234:5555:FFEE:7777:0123
You can use the following simplifying rules:
Example:
ABCD:1234:0:1234:0:FFEE:7777:123
Example:
ABCD:1234::1234:5555:FFEE:7777:123
1234::7899
The double colon can be used only once inside the address.
, where the x's are hexadecimal values of the six high-order 16-bit pieces of the address, and the d's are the decimal values of the four low-order 8-bit pieces of the address in standard IPv4 representation.
Example:
ABCD:1234::1234:5555:FFEE:1.2.3.4
::1.2.3.4
An IPv6 address prefix is represented by the notation:
IPv6-address/prefix-length
The IPv6 address can use any of the notations listed in "IPv6 Address Format" and the prefix length is a decimal value specifying how many of the leftmost contiguous bits of the address comprise the prefix.
Example:
ABCD:1234::1234:5555:FFEE:1.2.3.4/64
The IPv6 header has a total of 8 fields, eliminating some IPv4 fields such as checksum and fragmentation.
The minimum MTU for IPv6 is 1280 bytes. You cannot enable IPv6 on an interface with an MTU less than 1280 bytes.
Path MTU Discovery is a protocol that allows a host to determine the maximum size packet that will successfully traverse a path to a destination without fragmentation. As packets are generated and sent from the host, the MTU of the particular output interface that the packet will be transmitted to is available.
If the packet will fit on the output interface, either as a whole or in fragments, it is transmitted. If a router in the path needs to forward that packet onto a net with a smaller MTU than the packet size, the packet will be dropped and an ICMP message will be sent to the originator of the packet indicating the packet size that is necessary to fit onto the output net of the intermediate router. The host receiving this message will adjust the size of subsequent packets forwarded on the path. This process may occur multiple times before the packet reaches its final destination. Once the packet reaches its destination, subsequent packets should not be dropped because their packet size being too large.
Because the route can change dynamically, the path MTU may increase and will need adjustment in the host node. Learned path MTUs are aged and the Path MTU Discovery process re-occurs. This allows the transmitted packet size to react to the dynamic nature of routes through the network.
Path MTU Discovery is mandatory because fragmentation is not allowed on transit routers.
If the device is acting as a transit router, it will not forward packets that are larger than the output net's MTU. It will generate an ICMP Packet Too Big message back to the source of the packet.
The enable path-mtu-discovery command at the IPv6 Config> prompt can be used to enable or disable path MTU discovery. Path MTU discovery is enabled by default.
Use the set path-mtu-aging-timer command at the IPv6 Config> prompt to specify the aging time for path MTUs that have been determined.
An IPv6 node must support IP security. IP security can be enabled or disabled. See "Using IP Security" and "Configuring and Monitoring IP Security" in the Using and Configuring Features for additional information about IP security.
IPv6 uses NDP to perform autoconfiguration. NDP allows IPv6 nodes on the same link to discover each other's presence, to determine each other's link-layer addresses, to find routers, and to maintain reachability information about the paths to active neighbors.
NDP is supported on the following media types:
Hosts use Router Discovery to discover routers that reside on an attached link. Each router periodically multicasts a Router Advertisement packet, if configured, announcing its availability. Router advertisements contain a list of prefixes used for on-link determination and autonomous address configuration. Hosts can use the advertised on-link prefixes to determine when a packet's destination is on the link or beyond a router.
Router advertisements allow routers to inform host how to perform address autoconfiguration. Routers can specify whether hosts use stateful or autonomous (stateless) address configuration.
Routers accomplish address resolution by multicasting a neighbor solicitation message that asks the target node to return its link-layer address. The link-layer address is returned in a unicast neighbor advertisement. By including its link-layer address in the neighbor solicitation message, a single request-response pair of messages, the message initiator and the target can determine each other's link-layer addresses.
NDP can detect the failure of a neighbor or the failure of the forward path to the neighbor. When no positive confirmation has been received from a neighbor for a time interval, the node actively probes the neighbor using unicast neighbor solicitation messages to verify that the forward path is still working.
If the source address of the packet and the next hop are on the same network, a router may send a redirect message informing the sender that the next hop is a neighbor.
Use the p ndp command at the Config> prompt to configure NDP parameters.
IPv6 over IPv4 tunneling allows you to migrate from IPv4 networks to IPv6 networks without the need to simultaneously upgrade all equipment to IPv6 support. IPv6 over IPv4 tunneling allows IPv6 frames to cross an IPv4 network and reach an IPv6 destination. The IPv6 frame is encapsulated in an IPv4 frame and this encapsulated frame is forwarded through the IPv4 network to a specific IPv4 destination, called the endpoint of the tunnel. At this endpoint, the packet is decapsulated and forwarded to the final IPv6 destination.
Adding a configured tunnel causes a virtual interface to be added. That virtual interface is then treated as a normal interface by IPv6 and may be used by RIP for route establishment.
Use the add tunnel command at the IPv6 Config> prompt to add an IPv6 over IPv4 tunnel.
Protocol Independent Multicast (PIM) is a broadcast and prune multicast protocol used by IPv6. It works well in campus networks, where bandwidth is plentiful and users are closely grouped, not dispersed over a wide area of networks. PIM uses a broadcast and prune approach for the multicast forwarding of datagrams and is used when multicast groups are densely distributed across the internet. It assumes that all downstream systems want to receive multicast datagrams and prunes back branches from those systems which do not.
PIM is based on PIM sparse-mode (PIM-SM), which employs the same packet formats. Unlike DVMRP, PIM forwards on all outgoing interfaces until pruning and truncating occurs. This means that PIM does not maintain its own routing tables, as does DVMRP which uses parent-child information to reduce the number of interfaces used before pruning. Once pruning has occurred, the pruning state is maintained and datagrams are only forwarded to downstream members
PIM-DM is a soft state protocol. This means that the prune states, if not removed by some other activity (such as grafting or joining), are removed after a period of time (configurable) and the multicast data is once again broadcast to all downstream systems where pruning once again occurs.
PIM-DM establishes adjacency to neighboring PIM routers by exchanging Hello messages with all neighbors. It keeps the adjacency active until it is timed out. As long as the neighboring routers are active and running, new Hello messages are sent to refresh the Hello state and prevent the adjacency from timing out. How often Hello messages are sent is configurable. Through this mechanism, a designated router is also chosen. For PIM-DM, since it is a broadcast and prune protocol, the designated router has no real function. The designated router is used mainly for PIM-SM operation.
PIM-DM is completely independent of the under-lying unicast protocol. It uses the unicast routing table, regardless which unicast protocol owns an entry, to perform the reverse path forwarding calculation on a received multicast datagram. Reverse path forwarding (rpf) is used to validate whether the received multicast datagram arrived on an interface that would be valid for forwarding to the source address contained in the multicast datagram. If this is an incorrect interface, the datagram is discarded, else a new multicast entry is built and the multicast datagram is forwarded on all other interfaces (those with PIM-DM active, local host members, and any additional interfaces added by other multicast protocols). The use of rpf to validate input interfaces requires unicast routing to be symmetrical.
Grafting is also supported to allow hosts to dynamically join a group. This grafts a branch to an already existing multicast tree, removing all prune states where required to ensure the joined hosts receive the requested group multicast datagrams.
Due to the independent nature of PIM with respect to unicast routing protocols and the broadcast nature of PIM-DM, parallel paths from the source may occur and duplicate multicast data may be forwarded. PIM-DM uses an Assert procedure to choose the appropriate forwarding router when this occurs. Preferences may be configured on routers that run different unicast routing protocols to resolve which router is desired to have precedence. When unicast routing is the same, unicast metric costs to the source is used to determine the best route. And when all else is equal, the router with the largest IP interface address is chosen as the appropriate forwarder.
Use the p pim command at the Config> prompt to configure PIM parameters.