Thursday, January 27, 2005

IPv6 Part - B-2 : Network part, also known as prefix

Now lets take a look at the different types of prefixes (and therefore address types):

- Link local address type

These are special addresses which will only be valid on a link of an interface. Using this address as destination the packet would never pass through a router. It's used for link communications such as:

  • anyone else here on this link?
  • anyone here with a special address (e.g. looking for a router)?

They begin with ( where "x" is any hex character, normally "0")

fe8x: <- currently the only one in use.
An address with this prefix is found on each IPv6-enabled interface
after stateless auto-configuration (which is normally always the case).

- Site local address type

These are addresses similar to the RFC 1918 / Address Allocation for Private Internets in IPv4 today, with the added advantage that everyone who use this address type has the capability to use the given 16 bits for a maximum number of 65536 subnets. Comparable with the in IPv4 today.
Another advantage: because it's possible to assign more than one address to an interface with IPv6, you can also assign such a site local address in addition to a global one.
It begins with:
fecx: <- most commonly used.
fefx:(where "x" is any hex character, normally "0")

- Global address type "(Aggregatable) global unicast"

Today, there is one global address type defined (the first design, called "provider based," was thrown away some years ago RFC 1884 / IP Version 6 Addressing Architecture [obsolete], you will find some remains in older Linux kernel sources).
It begins with (x are hex characters)
Note: the prefix "aggregatable" is thrown away in current drafts.There are some further subtypes defined…

- Multicast addresses

Multicast addresses are used for related services.
They alway start with (xx is the scope value)
They are split into scopes and types:

1. Multicast scopes:

Multicast scope is a parameter to specify the maximum distance a multicast packet can travel from the sending entity.
Currently, the following regions (scopes) are defined:

  • ffx1: node-local, packets never leave the node.
  • ffx2: link-local, packets are never forwarded by routers, so they never leave the specified link.
  • ffx5: site-local, packets never leave the site.
  • ffx8: organization-local, packets never leave the organization (not so easy to implement, must be covered by routing protocol).
  • ffxe: global scope.
  • others are reserved.

2. Multicast types:

There are many types already defined/reserved (see RFC 2373 / IP Version 6 Addressing Architecture for details). Some examples are:

  • All Nodes Address: ID = 1h, addresses all hosts on the local node (ff01:0:0:0:0:0:0:1) or the connected link (ff02:0:0:0:0:0:0:1).
  • All Routers Address: ID = 2h, addresses all routers on the local node (ff01:0:0:0:0:0:0:2), on the connected link (ff02:0:0:0:0:0:0:2), or on the local site (ff05:0:0:0:0:0:0:2).

3. Solicited node link-local multicast address:

Special multicast address used as destination address in neighborhood discovery, because unlike in IPv4, ARP no longer exists in IPv6.
An example of this address looks like ff02::1:ff00:1234
Used prefix shows that this is a link-local multicast address. The suffix is generated from the destination address. In this example, a packet should be sent to address "fe80::1234", but the network stack doesn't know the current layer 2 MAC address. It replaces the upper 104 bits with "ff02:0:0:0:0:1:ff00::/104" and leaves the lower 24 bits untouched. This address is now used `on-link' to find the corresponding node which has to send a reply containing its layer 2 MAC address.

- Anycast addresses

Anycast addresses are special addresses and are used to cover things like nearest DNS server, nearest DHCP server, or similar dynamic groups. Addresses are taken out of the unicast address space (aggregatable global or site-local at the moment). The anycast mechanism (client view) will be handled by dynamic routing protocols.
Note: Anycast addresses cannot be used as source addresses, they are only used as destination addresses:

- Subnet-router anycast address:

A simple example for an anycast address is the subnet-router anycast address. Assuming that a node has the following global assigned IPv6 address:
3ffe:ffff:100:f101:210:a4ff:fee3:9566/64 <- Node's address The subnet-router anycast address will be created blanking the suffix (least significant 64 bits) completely:
3ffe:ffff:100:f101::/64 <- subnet-router anycast address.

Monday, January 24, 2005

IPv6 Part - B-1 : Address Space Forms

I'll start with two useful questions :

Q: Why is the name IPv6 and not IPv5 as successor for IPv4?

A: On any IP header, the first 4 bits are reserved for protocol version. So theoretically a protocol number between 0 and 15 is possible:

The next free number was 6. Hence IPv6 was born!

Q: IPv6 addresses: why such a high number of bits?

A:During the design of IPv4, people thought that 32 bits were enough for the world. Looking back into the past, 32 bits were enough until now and will perhaps be enough for another few years. However, 32 bits are not enough to provide each network device with a global address in the future. Think about mobile phones, cars (including electronic devices on its CAN-bus), toasters, refrigerators, light switches, and so on...So designers have chosen 128 bits, 4 times more in length and 2^96 greater in size than in IPv4 today.The usable size is smaller than it may appear however. This is because in the currently defined address schema, 64 bits are used for interface identifiers. The other 64 bits are used for routing. Assuming the current strict levels of aggregation (/48, /32, ...), it is still possible to "run out" of space, but hopefully not in the near future.

- Addresses without a special prefix

This is a special address for the loopback interface, similiar to IPv4 with its "". With IPv6, the localhost address is:
0000:0000:0000:0000:0000:0000:0000:0001 or compressed ::1

- Unspecified address

This is a special address like "any" or "" in IPv4 . For IPv6 it's:
0000:0000:0000:0000:0000:0000:0000:0000 or ::
These addresses are mostly used/seen in socket binding (to any IPv6 address) or routing tables.
Note: the unspecified address cannot be used as destination address.

- IPv6 address with embedded IPv4 address

1. IPv4-mapped IPv6 address:

IPv4-only IPv6-compatible addresses are sometimes used/shown for sockets created by an IPv6-enabled daemon, but only binding to an IPv4 address.
These addresses are defined with a special prefix of length 96 (a.b.c.d is the IPv4 address):
0:0:0:0:0:ffff:a.b.c.d/96 or ::ffff:a.b.c.d/96
For example, the IPv4 address looks like this: ::ffff:

- IPv4-compatible IPv6 address

Used for automatic tunneling (RFC 2893 / Transition Mechanisms for IPv6 Hosts and Routers), which is being replaced by 6to4 tunneling.
0:0:0:0:0:0:a.b.c.d/96 or ::a.b.c.d/96

Protect your browser from attack ads

A newly discovered security flaw in Internet Explorer 6 is being exploited by virus writers to spread a worm via online advertisements...

The bug is caused by the way iFrames – the HTML commands for displaying frames on a Web page – are processed in IE6. When you click the attack program's link, it triggers a buffer overflow error, causing the browser to fail. A clever attacker can then load his or her own program onto your PC and take over your machine. If you don't click the malicious ad, your computer will not be attacked.
Poeple using Windows XP Service Pack 2 are not affected by the bug. Prior versions of Windows, however, from 98 through XP Service Pack 1, are vulnerable. Users should install Microsoft's patch to block potential attacks. The patch is also a cumulative update for IE, so you will get all the previous patches in this single download.