Presentation is loading. Please wait.

Presentation is loading. Please wait.

Rick Graziani Cabrillo College Fall 2013.

Published byDiana Barnett Modified over 8 years ago

Similar presentations

Presentation on theme: "Rick Graziani Cabrillo College Fall 2013."— Presentation transcript:

1 Rick Graziani Cabrillo College graziani@cabrillo.edu Fall 2013

2 Topics In this Presentation and An Introduction to ICMPv6

3 3 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Described in RFC 4443 Much more robust than ICMP for IPv4 Contains new functionality and improvements. More than just “messaging” but “how IPv6 conducts business”. General message similar to ICMP for IPv4 Also uses Type and Code fields like in ICMPv4. Two types of ICMPv6 messages Error messages Informational messages

4 4 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada The ICMPv6 error messages are: Destination Unreachable Packet Too Big Time Exceeded Parameter Problem ICMPv6 informational messages used by the ping command: Echo Request Echo Reply Similar to ICMP for IPv4. Quick look at these first. We will familiarize ourselves with the IPv6 version of these.

5 5 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada ICMPv6 informational messages used for Multicast Listener Discovery (RFC 2710 ): Multicast Listener Query Multicast Listener Report Multicast Listener Done ICMPv6 informational messages used by Neighbor Discovery (RFC 4861): Router Solicitation Message Router Advertisement Message Neighbor Solicitation Message Neighbor Advertisement Message Redirect Message Similar to IGMP (Internet Group Message Protocol) for IPv4. We won’t be covering these. Most of our time will be spent on the first four of these. Redirect Message is similar to Redirect Messages for IPv4.

6 6 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada ipv6 unicast-routing PC1 R1 2001:0DB8:AAAA:0001::/64 MAC Address 00-21-9B-D9-C6-44 2 Neighbor Solicitation Message From: :: (Unspecified source address) To: FF02::1:FFBB:66E1 (Solicited Node Multicast) Target IPv6 Address: FE80::50A5:8A35:A5BB:66E1 Link-local address (Tentative) NDP Router Advertisement From: FE80::1 To: FF02::1 (All-nodes multicast) NDP Router Solicitation From: FE80::50A5:8A35:A5BB:66E1 To: FF02::2 (All-routers multicast) 3 4 6 Neighbor Solicitation Message From: :: (Unspecified source address) To: Solicited Node Multicast Target IPv6 Address: Addressing Information Added 5 1 Link-local address automatically created DAD performed on Link-local address Global unicast address created using SLAAC DAD performed on global unicast address Stateless Address Autconfiguration

7 7 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada ipv6 unicast-routing 3 4 2001:DB8:AAAA:1::100/64 PC1 R1 Neighbor Solicitation Message From Ethernet MAC address: 00-21-9B-D9-C6-44 To Ethernet MAC address: 33-33-FF-00-02-00 (IPv6 Mapped Multicast) From: 2001:DB8:AAAA:1::100 To: FF02::1:FF00:200 (Solicited Node Multicast) Target IPv6 Address: 2001:DB8:AAAA:1::200 Link-layer address: 00:21:9B:D9:C6:44 PC2 2001:0DB8:AAAA:0001::/64 2001:DB8:AAAA:1::200/64 FF02::1:FF00:200 (Solicited Node Multicast) Neighbor Advertisement Message From Ethernet MAC address: 00-1B-24-04-A2-1E To Ethernet MAC address: 00-21-9B-D9-C6-44 From: 2001:DB8:AAAA:1::200 To: 2001:DB8:AAAA:1::100 Target IPv6 Address: 2001:DB8:AAAA:1::200 Link-layer address: 00:1B:24:04:A2:1E MAC Address 00-21-9B-D9-C6-44 MAC Address 00-1B-24-04-A2-1E PC1> ping 2001:DB8:AAAA:1::200 1 Neighbor Cache 25 Address Resolution (ARP in IPv4)

8 8 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada No Entry Exists Incomplete Reachable Stale – no action required (Requires reresolution) Delay (Resolution pending) Probe (Reresolution in progress) Neighbor Solicitation (NS) sent Neighbor Advertisement (NA) received Reachable Time exceeded (timeout) Or Unsolicited NA received Packet sent Packet returned 5 sec NS sent and Na received 3 NS sent with no NA Neighbor Solicitation (NS) = ARP Request Neighbor Advertisement (NA) = ARP Reply 3 NS sent with no NA Neighbor Cache (“ARP Cache”)

9 General Message Format ICMPv6 Error Messages

10 10 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada IPv6 Next Header Value: 58 decimal or 3A hexadecimal IPv6 Header Next Header 58 ICMPv6 Header ICMPv6 Message Body IPv6 Data ICMPv6 General Message Format (similar to ICMP for IPv4) Type CodeChecksum 8 16 32 24 Message Body

11 11 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada The ICMPv6 error messages are: Destination Unreachable Packet Too Big Time Exceeded Parameter Problem ICMPv6 informational messages used by the ping command: Echo Request Echo Reply Similar to ICMP for IPv4. Quick look at these first. We will familiarize ourselves with the IPv6 version of these.

12 12 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Sent when a packet cannot be delivered to its destination for reasons other than congestion. A router (or a firewall) usually generates these messages. Various code values give more detail, such as (4) port unreachable.

13 13 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Important difference with IPv6… IPv4 routers fragment a packet when the MTU (Maximum Transmission Unit) of the outgoing link is smaller than the size of the packet. The destination device is responsible for reassembling the fragmented packets. IPv6 routers do not fragment packets (unless it is the source of the packet).

14 14 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Source Destination MTU = 1500 MTU = 1350 MTU = 1500 IPv6 Packet with MTU = 1,500 bytes ICMPv6 Packet Too Big message, use MTU 1,350 IPv6 Packet with MTU = 1,350 bytes 1 2 3 Packet Received 4 R1 R2 R3 PC-A PC-B MTU of outgoing link smaller than packet size – drop packet

15 15 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Before a router forwards an IPv6 packet it decrements the Hop Limit field by one. If the Hop Limit (same as TTL in IPv4) results in a zero Packet is dropped and a Time Exceeded message is sent to the source.

16 16 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Generated when a receiving device finds a problem with a field in the main IPv6 header such as the Next Header field. Means the device didn’t understand the information in the IPv6 header and had to discard it.

17 ICMPv6 Informational Messages: Echo Request and Echo Reply

18 18 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Type = 128 or 129Code = 0Checksum 8 16 32 24 Data Identifier Sequence Number Echo Reply: Type = 128 Echo Request: Type = 129 Like for IPv4, ICMPv6 Echo Request and Echo Reply are two ICMP messages used by ping.

19 19 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada IPv6 Topology 2001:0DB8:AAAA:1::100 FE80::50A5:8A35:A5bb:66E1 2001:0DB8:AAAA:1::200 2001:0DB8:AAAA:2::/64 2001:0DB8:AAAA:1::/64 Fa0/0.1 Fa0/1.1 Fa0/0.2 R1R2 2001:0DB8:AAAA::/48 FE80::1/64 FE80::2/64 PC1 PC2

20 20 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Ping global unicast address from PC1 to R1 PC1> ping 2001:db8:aaaa:1::1 Pinging 2001:db8:aaaa:1::1 from 2001:db8:aaaa:1::100 with 32 bytes of data: Reply from 2001:db8:aaaa:1::1: time=1ms Ping statistics for 2001:db8:aaaa:1::1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 1ms, Maximum = 1ms, Average = 1ms PC1>

21 21 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Echo Request from PC1 to R1 Internet Protocol Version 6 0110.... = Version: 6.... 0000 0000.................... = Traffic class: 0x00000000............ 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000 Payload length: 40 Next header: ICMPv6 (0x3a) Hop limit: 128 Source: 2001:db8:aaaa:1::100 Destination: 2001:db8:aaaa:1::1 Internet Control Message Protocol v6 Type: 128 (Echo (ping) request) Code: 0 (Should always be zero) Checksum: 0x8f38 [correct] ID: 0x0001 Sequence: 0 Data (32 bytes)

22 22 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Internet Protocol Version 6 0110.... = Version: 6.... 0000 0000.................... = Traffic class: 0x00000000............ 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000 Payload length: 40 Next header: ICMPv6 (0x3a) Hop limit: 64 Source: 2001:db8:aaaa:1::1 Destination: 2001:db8:aaaa:1::100 Internet Control Message Protocol v6 Type: 129 (Echo (ping) reply) Code: 0 (Should always be zero) Checksum: 0x8e38 [correct] ID: 0x0001 Sequence: 0 Data (32 bytes) Echo Reply from R1 to PC1

23 23 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada R1# ping fe80::50a5:8a35:a5bb:66e1 Output Interface: fastethernet 0/0 % Invalid interface. Use full interface name without spaces (e.g. Serial0/1) Output Interface: fastethernet0/0 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to FE80::50A5:8A35:A5BB:66E1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms R1#

24 24 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Echo Request: Link-local address from R1 to PC1 Internet Protocol Version 6 0110.... = Version: 6.... 0000 0000.................... = Traffic class: 0x00000000............ 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000 Payload length: 60 Next header: ICMPv6 (0x3a) Hop limit: 64 Source: fe80::1 Destination: fe80::50a5:8a35:a5bb:66e1 Internet Control Message Protocol v6 Type: 128 (Echo (ping) request) Code: 0 (Should always be zero) Checksum: 0x0444 [correct] ID: 0x0a24 Sequence: 0 Data (52 bytes)

25 25 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Internet Protocol Version 6 0110.... = Version: 6.... 0000 0000.................... = Traffic class: 0x00000000............ 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000 Payload length: 60 Next header: ICMPv6 (0x3a) Hop limit: 64 Source: fe80::50a5:8a35:a5bb:66e1 Destination: fe80::1 Internet Control Message Protocol v6 Type: 129 (Echo (ping) reply) Code: 0 (Should always be zero) Checksum: 0x0344 [correct] ID: 0x0a24 Sequence: 0 Data (52 bytes) Echo Reply: Link-local address from PC1 to R1

26 ICMPv6 Informational Messages Used by Neighbor Discovery Router Solicitation Message Router Advertisement Message Neighbor Solicitation Message Neighbor Advertisement Message Redirect Message

27 Router Solicitation & Router Advertisement Messages and SLAAC (Stateless Address Autoconfiguration)

28 28 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Static configuration Stateless Address Autoconfiguration (SLAAC) SLAAC only SLAAC with DHCPv6 Note: Host OS determines if it will use EUI-64 or random value for Interface ID Stateful Autoconfiguration DHCPv6 only

29 29 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Stateless Address Autoconfiguration (SLAAC) is an automatic method for assigning global unicast addresses to interfaces. Defined in RFC 4862, IPv6 Stateless Address Autoconfiguration Uses: Prefix and other information from -> ND Router Advertisement Interface ID from -> IEEE modified EUI-64 format or random value No need for DHCPv6 server (unless need DNS) NDP Router Solicitation ipv6 unicast-routing 1 2 MAC: 00-19-D2-8C-E0-4C RouterA EUI-64 NDP Router Advertisement

30 30 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential. Cisco Networking Academy, US/Canada ipv6 unicast-routing R1 DHCPv6 Server R1(config)# ipv6 unicast-routing Router Solicitation and Router Advertisement messages are about communications between a host and a router. Router Advertisement includes: Prefix, prefix-length, default-gateway, MTU, Hop limit and more. NDP Router Advertisement NDP Router Solicitation “Need information from the router” Time for me to send out a Router Advertisement I just booted up, send me a Router Advertisement

31 31 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada ipv6 unicast-routing 2 R1 DHCPv6 Server NDP Router Solicitation “Need information from the router” 1 The router’s Router Advertisement can determine how the host gets its dynamic address configuration. ipv6 unicast-routing command enables router to send Router Advertisements. NDP Router Advertisement “I’m everything you need (Prefix, Prefix-length, Default Gateway)” Or “Here is my information but you need to get other information such as DNS addresses from a DHCPv6 server.” Or “I can’t help you. Ask a DHCPv6 server for all your information.”

32 32 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada NDP Router Advertisement Prefix: 2001:DB8:AAAA:1:: Prefix-length: /64 To: FF02::1 (All-hosts multicast) From: FE80::1 (Link-local address) NDP Router Solicitation ipv6 unicast-routing 1 2 3 MAC: 00-19-D2-8C-E0-4C Prefix: 2001:DB8:AAAA:1:: Prefix-length: /64 EUI-64 Interface ID: 02-19-D2-FF-FE-8C-E0-4C Global Unicast Address: 2001:DB8:AAAA:1:0219:D2FF:FE8C:E04C Default Gateway: FE80::1 (Default Router List) PC1> ipconfig IPv6 Address...... : 2001:DB8:AAAA:1:0219:D2FF:FE8C:E04C Default Gateway.... : fe80::1 R1 EUI-64 Duplicate Address Detection (DAD)4

33 33 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada NDP Router Advertisement “Here is my information but you need to get other information such as DNS addresses from a DHCPv6 server.” Or “I can’t help you. Ask a DHCPv6 server for all your information.” NDP Router Solicitation ipv6 unicast-routing 1 2 3 R1 4 DHCPv6 Advertise Message “I’m a DHCPv6 Server.” DHCPv6 Solicit Message “I need a DHCPv6 Server.” DHCPv6 Server 5 DHCPv6 Request Message “I need addressing information. 6 DHCPv6 Reply Message “Here is your address and other information.” Stateless Addressing DHCPv6 Addressing Duplicate Address Detection (DAD) 7

34 34 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada ICMPv6 Router Solicitation Message Type = 133Code = 0Checksum 8 1632 24 Valid Options: Source link-layer address Reserved ICMPv6 Router Advertisement Message Type = 134Code = 0Checksum 8 16 32 24 Possible Options: Source link-layer address MTU Prefix Information Reachable Time Retrans Time Cur Hop Limit Reserved Router Lifetime M O

35 35 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada NDP Router Advertisement From: FE80::1 To: FF02::1 (All-nodes multicast) Prefix: 2001:DB8:AAAA:1:: Prefix-length: /64 NDP Router Solicitation From: FE80::50A5:8A35:A5BB:66 To: FF02::2 (All-routers multicast) ipv6 unicast-routing 1 2 3 MAC: 00-21-9B-D9-C6-44 PC1 R1 Prefix: 2001:DB8:AAAA:1:: [EUI-64: Not used, Interface ID is randomly generated] Global Unicast Address: 2001:DB8:AAAA:1:50A5:8A35:A5BB:66E1 Prefix-length: /64 2001:0DB8:AAAA:0001::/64 4 Default Router List Default Gateway: FE80:: 1 Link-local address: FE80::50A5:8A35:A5BB:66E1 Randomly generated Inter ID

36 36 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Router Solicitation (RS) from PC1 Ethernet II, Src: 00:21:9b:d9:c6:44, Dst: 33:33:00:00:00:02 Internet Protocol Version 6 0110.... = Version: 6 [Traffic class and Flowlabel not shown] Payload length: 16 Next header: ICMPv6 (0x3a) Hop limit: 255 Source: fe80::50a5:8a35:a5bb:66e1 Destination: ff02::2 Internet Control Message Protocol v6 Type: 133 (Router solicitation) Code: 0 Checksum: 0x3277 [correct] ICMPv6 Option (Source link-layer address) Type: Source link-layer address (1) Length: 8 Link-layer address: 00:21:9b:d9:c6:44 Link-local address of PC1 All-routers multicast address Router Solicitation message MAC address of PC1 but RA sent as all-host multicast Next header is an ICMPv6 header All IPv6 routers multicast MAC address

37 37 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada R1(config)# ipv6 unicast-routing R1# show ipv6 interface fastethernet 0/0 FastEthernet0/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::1 Global unicast address(es): 2001:DB8:AAAA:1::1, subnet is 2001:DB8:AAAA:1::/64 Joined group address(es): FF02::1 FF02::2 FF02::1:FF00:1 MTU is 1500 bytes ND advertised retransmit interval is 0 milliseconds ND router advertisements are sent every 200 seconds ND router advertisements live for 1800 seconds Hosts use stateless autoconfig for addresses. R1# All-routers multicast group

38 38 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Router Advertisement (RA) from Router R1 Ethernet II, Src: 00:03:6b:e9:d4:80, Dst: 33:33:00:00:00:01 Internet Protocol Version 6 0110.... = Version: 6.... 1110 0000.................... = Traffic class: 0x000000e0............ 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000 Payload length: 64 Next header: ICMPv6 (0x3a) Hop limit: 255 Source: fe80::1 Destination: ff02::1 Link-local address of R1. Added to the Default Router List and is the address hosts will use as their default gateway All-nodes multicast group Next Header is an ICMPv6 header All IPv6 hosts multicast MAC address

39 39 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Router Advertisement from Router R1 – some fields omitted Internet Control Message Protocol v6 Type: 134 (Router advertisement) Code: 0 Cur hop limit: 64 Flags: 0x00 ICMPv6 Option (Source link-layer address) Type: Source link-layer address (1) Length: 8 Link-layer address: 00:03:6b:e9:d4:80 ICMPv6 Option (MTU) Type: MTU (5) Length: 8 MTU: 1500 ICMPv6 Option (Prefix information) Type: Prefix information (3) Length: 32 Prefix Length: 64 Prefix: 2001:db8:aaaa:1:: Recommended Hop Limit value for hosts M and O flags indicate that no information is available via DHCPv6 R1’s MAC address MTU of the link. Prefix-length (/64) to be used for autoconfiguration. Prefix of this network to be used for autoconfiguration

40 40 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada M Flag: Managed Address Configuration flag Tells the host whether to use the configuration information in this Router Advertisement (SLAAC by default) or to get all of its information from a DHCPv6 server. O Flag: Other Configuration flag When SLAAC is being used (using the RA), it tells the host whether more information (like DNS) is available from a DHCPv6 server. Internet Control Message Protocol v6 Type: 134 (Router advertisement) Code: 0 Cur hop limit: 64 Flags: 0x00 <output omitted for brevity? M and O flags Router Advertisement message

41 41 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada ipv6 unicast-routing R1 DHCPv6 Server NDP Router Advertisement M Flag = 0 (Default) Use SLAAC, info in RA, prefix, etc. M Flag = 1 Use DHCPv6 for everything O Flag = 0 (Default) No additional information via DHCPv6 O Flag = 1 Additional information via DHCPv6 like DNS address X X M Flag SLAAC or DHCPv6? O Flag Additional information via DHCPv6? R1(config)# ipv6 managed-config-flag R1(config)# ipv6 other-config-flag

42 Address Resolution

43 43 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Two more protocols used with ICMPv6 Neighbor Discovery: Neighbor Solicitation Neighbor Advertisement Used by a device to: Request layer 2 address information from another device on the same network Provide this information to the requesting device. Part of three important processes: Address resolution (like ARP in IPv4) Duplicate Address Detection (DAD) Neighbor Unreachability Detection (NUD)

44 44 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada ICMPv6 Neighbor Solicitation Message ICMPv6 Neighbor Advertisement Message If this is your Target IPv6 Address please send me your MAC address. The Target IPv6 Address you are looking for belongs to me, here is my layer 2 (MAC) address.

45 45 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada ipv6 unicast-routing 3 4 2001:DB8:AAAA:1::100/64 PC1 R1 Neighbor Solicitation Message From Ethernet MAC address: 00-21-9B-D9-C6-44 To Ethernet MAC address: 33-33-FF-00-02-00 (IPv6 Mapped Multicast) From: 2001:DB8:AAAA:1::100 To: FF02::1:FF00:200 (Solicited Node Multicast) Target IPv6 Address: 2001:DB8:AAAA:1::200 MAC address of PC1: 00:21:9B:D9:C6:44 PC2 2001:0DB8:AAAA:0001::/64 2001:DB8:AAAA:1::200/64 FF02::1:FF00:200 (Solicited Node Multicast) Neighbor Advertisement Message From Ethernet MAC address: 00-1B-24-04-A2-1E To Ethernet MAC address: 00-21-9B-D9-C6-44 From: 2001:DB8:AAAA:1::200 To: 2001:DB8:AAAA:1::100 Target IPv6 Address: 2001:DB8:AAAA:1::200 MAC address of PC2: 00:1B:24:04:A2:1E MAC Address 00-21-9B-D9-C6-44 MAC Address 00-1B-24-04-A2-1E PC1> ping 2001:DB8:AAAA:1::200 1 Neighbor Cache 25 Address Resolution (ARP in IPv4)

46 46 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada IPv6 Addressing What about that Solicited Node Multicast? MulticastUnicastAnycast Assigned Solicited Node Global Unicast Unspecified Loopback Embedded IPv4 Link-Local Unique Local FF00::/8 FF02::1:FF00:0000/104 ::/128::1/1282000::/3 3FFF::/3 FE80::/10 FEBF::/10 FC00::/7 FDFF::/7 ::/80

47 47 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada NIC: I will also listen for my MAC multicast addresses IP: I will also listen for my IP multicast addresses (Global and Link-local) NIC: I will also listen for my MAC multicast addresses IP: I will also listen for my IP multicast addresses (Global and Link-local) Global Unicast Address: Solicited Node Multicast(Global): MAC Unicast Address: Multicast (MAC): 2001:0DB8:AAAA:0001:0000:0000:0000:0200 FF02::1:FF00:200 00-1B-24-04-A2-1E 33-33-FF-00-02-00 PC-2 Why Solicited Node Addresses? Devices also have solicited node multicast addresses Broadcasts are sent to all devices. Devices must process all broadcasts at least to layer 3. Solicited Node Multicasts are only processed by those devices with the matching last 24 bits (usually one device). If I know the IPv6 address but not the MAC address I can send it to a solicited node addresses instead of a broadcast to everyone… Broadcasts

48 48 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Interface ID FF020000 0001F Global Routing Prefix 104 bits 24 bits PC2’s Global Unicast Address PC2’s IPv6 Solicited-Node Multicast Address Copy PC2’s IPv6 Solicited-node multicast address: FF02::1:FF00:200 PC2’s mapped solicited-node Ethernet multicast address : 33-33-FF-00-02-00 Subnet ID 2001:0DB8:AAAA00010000:0000:0000:0200 FF-00-02- 00 Copy 33-33 Solicited-node Multicast address mapped to Ethernet destination MAC address

49 49 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Neighbor Solicitation from PC1 (ARP Request) Ethernet II, Src: 00:21:9b:d9:c6:44, Dst: 33:33:ff:00:02:00 Internet Protocol Version 6 0110.... = Version: 6.... 0000 0000.................... = Traffic class: 0x00000000............ 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000 Payload length: 32 Next header: ICMPv6 (0x3a) Hop limit: 255 Source: 2001:db8:aaaa:1::100 Destination: ff02::1:ff00:200 Internet Control Message Protocol v6 Type: 135 (Neighbor solicitation) Code: 0 Checksum: 0xbbab [correct] Reserved: 0 (Should always be zero) Target: 2001:db8:aaaa:1::200 ICMPv6 Option (Source link-layer address) Type: Source link-layer address (1) Length: 8 Link-layer address: 00:21:9b:d9:c6:44 Global unicast address of PC1 Solicited-node multicast address of PC2 Neighbor Solicitation message Target IPv6 address, needing MAC address Next header is an ICMPv6 header MAC address of the sender, PC1 Mapped multicast address for PC2

50 50 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Neighbor Advertisement from PC2 (ARP Reply) Ethernet II, Src: 00:1b:24:04:a2:1e, Dst: 00:21:9b:d9:c6:44 Internet Protocol Version 6 0110.... = Version: 6.... 0000 0000.................... = Traffic class: 0x00000000............ 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000 Payload length: 32 Next header: ICMPv6 (0x3a) Hop limit: 255 Source: 2001:db8:aaaa:1::200 Destination: 2001:db8:aaaa:1::100 Internet Control Message Protocol v6 Type: 136 (Neighbor advertisement) Code: 0 Checksum: 0x1b4d [correct] Flags: 0x60000000 Target: 2001:db8:aaaa:1::200 ICMPv6 Option (Target link-layer address) Type: Target link-layer address (2) Length: 8 Link-layer address: 00:1b:24:04:a2:1e 1 1 0 – Router Flag = 1, Solicitation Flag = 1, Override Flag = 0 Next header is an ICMPv6 header Unicast MAC address of PC2 Global unicast address of PC2 Global unicast address of PC1 Neighbor Advertisement message MAC address of the sender, PC2 IPv6 address of the sender, PC2

51 51 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada ipv6 unicast-routing 2001:DB8:AAAA:1::100/64 PC1 R1 PC2 2001:0DB8:AAAA:0001::/64 2001:DB8:AAAA:1::200/64 FF02::1:FF00:200 (Solicited Node Multicast) MAC Address 00-21-9B-D9-C6-44 MAC Address 00-1B-24-04-A2-1E PC1> ping 2001:DB8:AAAA:1::200 1 Neighbor Cache 25 6 ICMPv6 Echo Request From Ethernet MAC address: 00-21-9B-D9-C6-44 To: Ethernet MAC address: 00-1B-24-04-A2-1E From: 2001:DB8:AAAA:1::100 To: 2001:DB8:AAAA:1::100 7 ICMPv6 Echo Reply From: Ethernet MAC address: 00-1B-24-04-A2-1E To: Ethernet MAC address: 00-21-9B-D9-C6-44 From: 2001:DB8:AAAA:1::200 To: 2001:DB8:AAAA:1::100 3 4 Neighbor Solicitation Neighbor Advertisement

52 52 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada ICMPv6 Echo Request from PC1 Ethernet II, Src: 00:21:9b:d9:c6:44, Dst: 00:1b:24:04:a2:1e Internet Protocol Version 6 0110.... = Version: 6.... 0000 0000.................... = Traffic class: 0x00000000............ 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000 Payload length: 40 Next header: ICMPv6 (0x3a) Hop limit: 128 Source: 2001:db8:aaaa:1::100 Destination: 2001:db8:aaaa:1::200 Internet Control Message Protocol v6 Type: 128 (Echo (ping) request) Code: 0 (Should always be zero) Checksum: 0x7b37 [correct] ID: 0x0001 Sequence: 13 Data (32 bytes)

53 53 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada ICMPv6 Echo Reply from PC2 Ethernet II, Src: 00:1b:24:04:a2:1e, Dst: 00:21:9b:d9:c6:44 Internet Protocol Version 6 0110.... = Version: 6.... 0000 0000.................... = Traffic class: 0x00000000............ 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000 Payload length: 40 Next header: ICMPv6 (0x3a) Hop limit: 64 Source: 2001:db8:aaaa:1::200 Destination: 2001:db8:aaaa:1::100 Internet Control Message Protocol v6 Type: 129 (Echo (ping) reply) Code: 0 (Should always be zero) Checksum: 0x7a37 [correct] ID: 0x0001 Sequence: 13 Data (32 bytes)

54 Duplicate Address Detection

55 55 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Duplicate Address Detection (DAD) – Used to determine whether or not an address it wishes to use is already employed in use. Similar to a gratuitous ARP in IPv4. With some exceptions, RFC 4861 recommends that DAD be performed on every unicast address before it is assigned to an interface.

56 56 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Duplicate Address Detection (DAD) For Link-local address ipv6 unicast-routing PC1 R1 Link-local address (Tentative) – Used Random Interface ID FE80::50A5:8A35:A5BB:66E1 2001:0DB8:AAAA:0001::/64 Neighbor Advertisement Message if it is in use… To: FF02::1 (All-nodes multicast) MAC Address 00-21-9B-D9-C6-44 2 1 3 Neighbor Solicitation Message From Ethernet MAC address: 00-21-9B-D9-C6-44 To Ethernet MAC address: 33-33-FF-BB-66-E1 (IPv6 Mapped Multicast) From: :: (Unspecified source address – I don’t have an IPv6 address yet) To: FF02::1:FFBB:66E1 (Solicited Node Multicast) Target IPv6 Address: FE80::50A5:8A35:A5BB:66E1

57 Neighbor Cache

58 58 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Similar to ARP tables in IPv4, the Neighbor Cache keeps track of the reachability of neighbors: IPv6 address and MAC address mappings. The Neighbor Cache entry can be in one of five states (RFC 4861): Reachable: Packets have recently been received providing confirmation that this device is reachable. Stale: A certain time period has elapsed since a packet has been received from this address. Other three: (We will talk about all of these) INCOMPLETE—Address resolution is in progress, and the link-layer address is not yet known. DELAY—Neighbor is pending re-resolution, and traffic might flow to this neighbor. PROBE—Neighbor re-resolution is in progress, and traffic might flow to this neighbor.

59 59 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Neighbor Cache (“ARP Cache”) for R1 R1# show ipv6 neighbors IPv6 Address Age Link-layer Addr State Interface FE80::50A5:8A35:A5BB:66E1 16 0021.9bd9.c644 STALE Fa0/0 2001:db8:aaaa:1::100 16 0021.9bd9.c644 STALE Fa0/0 R1# ping 2001:db8:aaaa:1::100 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2001:DB8:AAAA:1::100, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms R1# show ipv6 neighbors IPv6 Address Age Link-layer Addr State Interface FE80::50A5:8A35:A5BB:66E1 16 0021.9bd9.c644 STALE Fa0/0 2001:DB8:AAAA:1::100 0 0021.9bd9.c644 REACH Fa0/0 R1#

60 60 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada No Entry Exists Incomplete Reachable Stale – no action required (Requires reresolution) Delay (Resolution pending) Probe (Reresolution in progress) Neighbor Solicitation (NS) sent Neighbor Advertisement (NA) received Reachable Time exceeded (timeout) Or Unsolicited NA received Packet sent Packet returned 5 sec NS sent and NA received 3 NS sent with no NA returned Neighbor Solicitation (NS) = ARP Request Neighbor Advertisement (NA) = ARP Reply 3 NS sent with no NA returned Neighbor Cache (“ARP Cache”)

61 To summarize…

62 62 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Described in RFC 4443 Much more robust than ICMP for IPv4 Contains new functionality and improvements. General message similar to ICMP for IPv4 Also uses Type and Code fields like in ICMPv4. Two types of ICMPv6 messages Error messages Informational messages

63 63 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada The ICMPv6 error messages are: Destination Unreachable Packet Too Big Time Exceeded Parameter Problem ICMPv6 informational messages used by the ping command: Echo Request Echo Reply Similar to ICMP for IPv4. Quick look at these first.

64 64 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada ICMPv6 informational messages used for Multicast Listener Discovery (RFC 2710 ): Multicast Listener Query Multicast Listener Report Multicast Listener Done ICMPv6 informational messages used by Neighbor Discovery (RFC 4861): Router Solicitation Message Router Advertisement Message Neighbor Solicitation Message Neighbor Advertisement Message Redirect Message Similar to IGMP (Internet Group Message Protocol) for IPv4. We won’t be covering these. Most of our time will be spent on the first four of these. Redirect Message is similar to Redirect Messages for IPv4.

65 65 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada ipv6 unicast-routing PC1 R1 2001:0DB8:AAAA:0001::/64 MAC Address 00-21-9B-D9-C6-44 2 Neighbor Solicitation Message From: :: (Unspecified source address) To: FF02::1:FFBB:66E1 (Solicited Node Multicast) Target IPv6 Address: FE80::50A5:8A35:A5BB:66E1 Link-local address (Tentative) NDP Router Advertisement From: FE80::1 To: FF02::1 (All-nodes multicast) NDP Router Solicitation From: FE80::50A5:8A35:A5BB:66E1 To: FF02::2 (All-routers multicast) 3 4 6 Neighbor Solicitation Message From: :: (Unspecified source address) To: Solicited Node Multicast Target IPv6 Address: Addressing Information Added 5 1 Link-local address automatically created DAD performed on Link-local address Global unicast address created using SLAAC DAD performed on global unicast address Stateless Address Autconfiguration

66 66 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada ipv6 unicast-routing 3 4 2001:DB8:AAAA:1::100/64 PC1 R1 Neighbor Solicitation Message From Ethernet MAC address: 00-21-9B-D9-C6-44 To Ethernet MAC address: 33-33-FF-00-02-00 (IPv6 Mapped Multicast) From: 2001:DB8:AAAA:1::100 To: FF02::1:FF00:200 (Solicited Node Multicast) Target IPv6 Address: 2001:DB8:AAAA:1::200 MAC address of PC1: 00:21:9B:D9:C6:44 PC2 2001:0DB8:AAAA:0001::/64 2001:DB8:AAAA:1::200/64 FF02::1:FF00:200 (Solicited Node Multicast) Neighbor Advertisement Message From Ethernet MAC address: 00-1B-24-04-A2-1E To Ethernet MAC address: 00-21-9B-D9-C6-44 From: 2001:DB8:AAAA:1::200 To: 2001:DB8:AAAA:1::100 Target IPv6 Address: 2001:DB8:AAAA:1::200 MAC address of PC2: 00:1B:24:04:A2:1E MAC Address 00-21-9B-D9-C6-44 MAC Address 00-1B-24-04-A2-1E PC1> ping 2001:DB8:AAAA:1::200 1 Neighbor Cache 25 Address Resolution (ARP in IPv4)

67 67 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada No Entry Exists Incomplete Reachable Stale – no action required (Requires reresolution) Delay (Resolution pending) Probe (Reresolution in progress) Neighbor Solicitation (NS) sent Neighbor Advertisement (NA) received Reachable Time exceeded (timeout) Or Unsolicited NA received Packet sent Packet returned 5 sec NS sent and NA received 3 NS sent with no NA returned Neighbor Solicitation (NS) = ARP Request Neighbor Advertisement (NA) = ARP Reply 3 NS sent with no NA returned Neighbor Cache (“ARP Cache”)

68 68 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, US/Canada Rick Graziani - graziani@cabrillo.edugraziani@cabrillo.edu PowerPoints for CCNA, CCNP, IPv6 www.cabrillo.edu/~rgraziani Username = cisco Password = perlman Shameless plug! Quality time with my two nieces…

Download ppt "Rick Graziani Cabrillo College Fall 2013."

Similar presentations

11: IPv6 Routing Table and Static Routes

11: IPv6 Routing Table and Static Routes
10: ICMPv6 Neighbor Discovery

10: ICMPv6 Neighbor Discovery
DHCPv6.

DHCPv6.
Neighbor Discovery for IPv6 Mangesh Kaushikkar. Overview Introduction Terminology Protocol Overview Message Formats Conceptual Model of a Host.

Neighbor Discovery for IPv6 Mangesh Kaushikkar. Overview Introduction Terminology Protocol Overview Message Formats Conceptual Model of a Host.
1 IPv6. 2 Problem: 32-bit address space will be completely allocated by 2008. Solution: Design a new IP with a larger address space, called the IP version.

1 IPv6. 2 Problem: 32-bit address space will be completely allocated by Solution: Design a new IP with a larger address space, called the IP version.
© 2006 Cisco Systems, Inc. All rights reserved.IP6FD v2.0—2-1 IPv6 Operations Defining and Configuring Neighbor Discovery.

© 2006 Cisco Systems, Inc. All rights reserved.IP6FD v2.0—2-1 IPv6 Operations Defining and Configuring Neighbor Discovery.
1 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada Regional Cisco Networking Academy Conference.

1 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada Regional Cisco Networking Academy Conference.
2: Comparing IPv4 and IPv6 Rick Graziani Cabrillo College

2: Comparing IPv4 and IPv6 Rick Graziani Cabrillo College
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: IP Addressing Introduction to Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: IP Addressing Introduction to Networks.
1 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. Cisco Networking Academy, US/Canada Regional Cisco Networking Academy Conference.

1 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. Cisco Networking Academy, US/Canada Regional Cisco Networking Academy Conference.
5: Link-Local Addresses Rick Graziani Cabrillo College

5: Link-Local Addresses Rick Graziani Cabrillo College
6: IPv6 Multicast Addresses

6: IPv6 Multicast Addresses
IPv6: Neighbor Discovery

IPv6: Neighbor Discovery
LOGO IPv6 Application Analysis Xi Chen

LOGO IPv6 Application Analysis Xi Chen
Chapter 8b Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Describe the structure of an IPv4 address.  Describe.

Chapter 8b Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Describe the structure of an IPv4 address.  Describe.
1 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. Cisco Networking Academy, US/Canada DHCPv6 and IPv6 Automatic Address Allocation.

1 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. Cisco Networking Academy, US/Canada DHCPv6 and IPv6 Automatic Address Allocation.
7: SLAAC (Stateless Address Autoconfiguration) Rick Graziani Cabrillo College

7: SLAAC (Stateless Address Autoconfiguration) Rick Graziani Cabrillo College
Understanding IPv6 - Addressing & Subnetting Part 3

Understanding IPv6 - Addressing & Subnetting Part 3
Guide to TCP/IP Fourth Edition

Guide to TCP/IP Fourth Edition
1 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential. Cisco Networking Academy, US/Canada ICMPv6 & Neighbor Discovery Protocol: Learn It.

1 © 2012 Cisco Systems, Inc. All rights reserved. Cisco confidential. Cisco Networking Academy, US/Canada ICMPv6 & Neighbor Discovery Protocol: Learn It.

Similar presentations

Ads by Google