This chapter describes how to use IPv6.
IP Version 6 (IPv6) is a new version of the Internet Protocol. It is designed as a successor to IP Version 4 (IPv4). The following list identifies some of the advantages provided by IPv6:
IPv6 uses a 128-bit address.
Using the large address size, IPv6 provides an hierarchical address scheme which allows you to create a flexible routing hierarchy.
NDP provides host autoconfiguration.
IPv6 makes IP Security mandatory.
The IPv6 header has priority and flow label fields to accommodate integrated Quality of Service.
The IPv6 header is fixed and simplified. The router is no longer required to perform fragmentation, simplifying packet processing. In addition, options type data is implemented in extension headers that are only processed by the destination node.
IPv6 includes many changes from IPv4. The most significant changes are:
IPv6 addressing increases the address from 32 bits to 128 bits. This increase allows more degrees of hierarchy than the basic layers of network, subnet and host.
IPv6 addresses belong to one of three categories:
Broadcast addressing has been replaced by multicast addressing in IPv6.
The IPv6 address is composed of 128 bits. These bits are written as eight 16-bit integers separated by colons.
Example:
ABCD:1234:0000:1234:5555:FFEE:7777:0123
You can use the following simplifying rules:
Example:
ABCD:1234:0:1234:0:FFEE:7777:123
Example:
ABCD:1234::1234:5555:FFEE:7777:123
1234::7899
The double colon can be used only once inside the address.
, where the x's are hexadecimal values of the six high-order 16-bit pieces of the address, and the d's are the decimal values of the four low-order 8-bit pieces of the address in standard IPv4 representation.
Example:
ABCD:1234::1234:5555:FFEE:1.2.3.4
::1.2.3.4
An IPv6 address prefix is represented by the notation:
IPv6-address/prefix-length
The IPv6 address can use any of the notations listed in "IPv6 Address Format" and the prefix length is a decimal value specifying how many of the leftmost contiguous bits of the address comprise the prefix.
Example:
ABCD:1234::1234:5555:FFEE:1.2.3.4/64
The IPv6 header has a total of 8 fields, eliminating some IPv4 fields such as checksum and fragmentation.
The minimum MTU for IPv6 is 1280 bytes. You cannot enable IPv6 on an interface with an MTU less than 1280 bytes.
Path MTU Discovery is a protocol that allows a host to determine the maximum size packet that will successfully traverse a path to a destination without fragmentation. As packets are generated and sent from the host, the MTU of the particular output interface that the packet will be transmitted to is available.
If the packet will fit on the output interface, either as a whole or in fragments, it is transmitted. If a router in the path needs to forward that packet onto a net with a smaller MTU than the packet size, the packet will be dropped and an ICMP message will be sent to the originator of the packet indicating the packet size that is necessary to fit onto the output net of the intermediate router. The host receiving this message will adjust the size of subsequent packets forwarded on the path. This process may occur multiple times before the packet reaches its final destination. Once the packet reaches its destination, subsequent packets should not be dropped because their packet size being too large.
Because the route can change dynamically, the path MTU may increase and will need adjustment in the host node. Learned path MTUs are aged and the Path MTU Discovery process re-occurs. This allows the transmitted packet size to react to the dynamic nature of routes through the network.
Path MTU Discovery is mandatory because fragmentation is not allowed on transit routers.
If the device is acting as a transit router, it will not forward packets that are larger than the output net's MTU. It will generate an ICMP Packet Too Big message back to the source of the packet.
The enable path-mtu-discovery command at the IPv6 Config> prompt can be used to enable or disable path MTU discovery. Path MTU discovery is enabled by default.
Use the set path-mtu-aging-timer command at the IPv6 Config> prompt to specify the aging time for path MTUs that have been determined.
An IPv6 node must support IP security. IP security can be enabled or disabled. See "Using IP Security" and "Configuring and Monitoring IP Security" in the Using and Configuring Features for additional information about IP security.
IPv6 uses NDP to perform autoconfiguration. NDP allows IPv6 nodes on the same link to discover each other's presence, to determine each other's link-layer addresses, to find routers, and to maintain reachability information about the paths to active neighbors.
Hosts use Router Discovery to discover routers that reside on an attached link. Each router periodically multicasts a Router Advertisement packet, if configured, announcing its availability. Router advertisements contain a list of prefixes used for on-link determination and autonomous address configuration. Hosts can use the advertised on-link prefixes to determine when a packet's destination is on the link or beyond a router.
Router advertisements allow routers to inform host how to perform address autoconfiguration. Routers can specify whether hosts use stateful or autonomous (stateless) address configuration.
Routers accomplish address resolution by multicasting a neighbor solicitation message that asks the target node to return its link-layer address. The link-layer address is returned in a unicast neighbor advertisement. By including its link-layer address in the neighbor solicitation message, a single request-response pair of messages, the message initiator and the target can determine each other's link-layer addresses.
NDP can detect the failure of a neighbor or the failure of the forward path to the neighbor. When no positive confirmation has been received from a neighbor for a time interval, the node actively probes the neighbor using unicast neighbor solicitation messages to verify that the forward path is still working.
If the source address of the packet and the next hop are on the same network, a router may send a redirect message informing the sender that the next hop is a neighbor.
Use the p ndp command at the Config> prompt to configure NDP parameters.
IPv6 over IPv4 tunneling allows you to migrate from IPv4 networks to IPv6 networks without the need to simultaneously upgrade all equipment to IPv6 support. IPv6 over IPv4 tunneling allows IPv6 frames to cross an IPv4 network and reach an IPv6 destination. The IPv6 frame is encapsulated in an IPv4 frame and this encapsulated frame is forwarded through the IPv4 network to a specific IPv4 destination, called the endpoint of the tunnel. At this endpoint, the packet is decapsulated and forwarded to the final IPv6 destination.
Adding a configured tunnel causes a virtual interface to be added. That virtual interface is then treated as a normal interface by IPv6 and may be used by RIP for route establishment.
Use the add tunnel command at the IPv6 Config> prompt to add an IPv6 over IPv4 tunnel.
See Using PIM for usage information about the PIM protocol.