IPv6 Essentials

7.1. Layer 2 Support for IPv6

Different terms are used when the Data Link layer is discussed. The TCP/IP model has four layers, the first of which is called the Link layer. The OSI model has seven layers. It subdivides the Link layer of the TCP/IP model into two layers: the Physical layer and the Data Link layer. Thus, the term "Layer 2" refers to the second layer of the OSI model.

IPv6's independency of the physical network media is important. When a packet is sent from one network to another, we do not usually know in advance the kind of physical networks through which the packet will travel. IP cares only about the Destination address and finding a way to get there regardless of the network hardware used. IP then passes the packet to the Data Link layer. In 802 networks, the interface driver on the Data Link layer applies a Media Access Control (MAC) header to the datagram and sends it out to the physical network. The interface driver needs to be aware of the physical requirements for transmission. Each network's hardware technology defines a specific addressing mechanism. Neighbor Discovery, as described in Chapter 4, is used to map between IPv6 addresses and MAC addresses.

The rules and packet sizes for the transport of IPv6 datagrams differ depending on the topology. There is an RFC covering each topology in detail. This chapter summarizes the main points to consider; a complete list of the RFCs can be found in the Appendix B.

7.1.1. Ethernet (RFC 2464)

Ethernet is a widely used LAN technology developed in the early 1970s at Xerox. There are many different variants used these days: Twisted Pair Ethernet, also known as 10Base-T and operating at 10 Mbps; Fast Ethernet, also known as 100Base-T and operating at 100 Mbps; Gigabit Ethernet, also known as 1000Base-T and operating at 1 Gbps; and now even 10 Gigabit Ethernet, also known as 10GE and operating at 10 Gbps. The Institute of Electrical and Electronic Engineers (IEEE) together with a number of IT and telecom companies have defined a new standard called "Ethernet for the First Mile" (EFM, IEEE 802.3ah), which could allow usage of the Ethernet standard for first-mile connections to homes and companies.

RFC 2464 describes the format of IPv6 datagrams transmitted over Ethernet and how link-local and stateless autoconfigured addresses are formed. It obsoletes RFC 1972 and supports all Ethernet variants and VLAN technologies, such as 802.1Q and Cisco's Inter-Switch Link (ISL).

Ethernet hardware addresses use a 48-bit addressing scheme. Ethernet hardware manufacturers are assigned blocks of Ethernet addresses, known as OUI or company ID . No two Ethernet hardware interfaces have the same address, because each vendor assigns the addresses within its block in sequence. An Ethernet frame can be of variable size, but it can be no smaller than 64 bytes and no larger than 1518 bytes (header, data, and CRC). Packets over Ethernet have a default MTU of 1500 bytes. A smaller MTU can be configured through Router Advertisements containing an MTU option or through manual configuration of each device. If a Router Advertisement contains an MTU larger than 1500 bytes or larger than a manually configured MTU, the Router Advertisement must be ignored.

The Ethernet header contains the source and destination Ethernet addresses and the Ethernet type code. The Ethernet type code for IPv6 is 0x86DD. Figure 7-1 shows the Ethernet header for an IPv6 datagram.

Figure 7-1. The Ethernet header for an IPv6 datagram

The Destination and Source Address fields each have six bytes, and the Ethernet Type field takes two bytes, containing the value 86DD for IPv6.

For Stateless autoconfiguration, the MAC address is used to build the IPv6 address. Chapter 3 explains how this process works. If the Destination address is a multicast address, the first two bytes of the MAC address are set to 3333 and the last four bytes are the last four bytes of the IPv6 destination multicast address. Figure 7-2 shows the format.

Figure 7-2. Relation of the IPv6 multicast address to Ethernet MAC address

Figure 7-3 shows how this looks in a trace file.

Figure 7-3. MAC header for an IPv6 multicast Destination address

In the summary line at the top of the figure, you can see the IPv6 Source address, which is the address of my Cisco router. The Destination address is the all-nodes multicast address. The Ethernet destination prefix shows 3333, which identifies this MAC address as a multicast address, and the remaining four bytes contain the last four bytes of the IPv6 Destination addressin this case 00-00-00-01. The Ethernet Source address contains the MAC address of the Cisco router, and the Ethertype has the value for IPv6, which is 0x86DD.

For useful information about Ethernet, refer to Charles E. Spurgeon's site at http://www.ethermanage.com/ethernet/ethernet.html. He is also the author of Ethernet: The Definitive Guide (O'Reilly).

7.1.2. FDDI (RFC 2467)

Fiber Distributed Data Interconnect (FDDI) is a LAN technology operating at 100 Mbps over optical fiber using light pulses. FDDI is a Token Ring protocol, using a token to control transmission. A station that wants to transmit waits for the token circulating the ring sends the packet and passes the token to the next station in the ring. Like Token Ring, FDDI has a lot of built-in self-healing mechanisms. An FDDI frame has fields measured in 4-bit units called symbols .

RFC 2467 describes the format of IPv6 datagrams transmitted over FDDI. It also describes how link-local and Stateless autoconfigured addresses are formed and specifies the content of the Source/Target Link-layer Address option that is used in Router Solicitation, Router Advertisement, Neighbor Solicitation, Neighbor Advertisement, and Redirect messages when transmitted over an FDDI network. It obsoletes RFC 2019.

An FDDI hardware address can be either 4 or 12 symbols long. The maximum packet size for FDDI is 4500 bytes (9,000 symbols). 22 bytes are used for Data Link encapsulation when long-format addresses are used, and another 8 bytes are used for the LLC/SNAP header. This leaves a maximum size of 4470 bytes for the IPv6 packet. The default MTU size for IPv6 packets on FDDI networks has been set to 4352 bytes to allow for possible future extensions. This size can be reduced either by Router Advertisements containing an MTU option or by manual configuration of each device. If a Router Advertisement contains an MTU value higher than 4352 bytes or higher than a manually configured value, this option is ignored. The IPv6 datagrams are transmitted in asynchronous frames using unrestricted tokens and with a LLC/SNAP frame using 48-bit long-format addresses. Figure 7-4 shows the format of the FDDI header.

Figure 7-4. The FDDI header for an IPv6 datagram

The Frame Code field (FC) has a size of 1 byte and contains a value in the range 0x50 to 0x57. The three low-order bits indicate the frame priority. Both the Destination Service Access Point (DSAP) and the Source Service Access Point (SSAP) fields contain the value AA, which indicates SNAP encapsulation. The Control field (CTL) is set to 0x03, indicating Unnumbered Information. The Organizationally Unique Identifier (OUI) is set to 0. The Ethertype field contains the value 0x86DD for IPv6.

The rules that govern how a Stateless autoconfigured IPv6 address is built from the MAC address and the rules that govern how IPv6 multicast Destination addresses are converted to MAC addresses are the same as those used and described in the earlier discussion on Ethernet.

For tutorials and resources on FDDI, refer to http://www.iol.unh.edu/training/fddi.

7.1.3. Token Ring (RFC 2470)

Token Ring is a well-known LAN technology developed by IBM. It is a token-ring protocol using a token for transmission control as described for FDDI. It operates at either 4 or 16 Mbps. The frame size of a Token Ring packet varies depending on the time a node can hold the token.

RFC 2470 describes the format of IPv6 datagrams transmitted over Token Ring. It also describes how link-local and Stateless autoconfigured addresses are formed, and specifies the content of the Source/Target Link-layer Address option that is used in Router Solicitation, Router Advertisement, Neighbor Solicitation, Neighbor Advertisement, and Redirect messages when transmitted over a Token Ring network.

A Token Ring hardware address uses a 48-bit format. Because the frame size is variable, it should be configured either through Router Advertisements or manually. In the absence of information, a default size of 1500 bytes should be used. As is always the case when working with Token Ring, we have to consider that Token Ring adapters read the address in noncanonical rather than canonical form, meaning that they read the bits in reverse order (last bit first). Thus, when analyzing and troubleshooting Token Ring in mixed environments, we need to make sure that implementations process the addresses correctly.

The Token Ring header is shown in Figure 7-5.

Figure 7-5. The Token Ring header for an IPv6 datagram

The first three fields for Starting Delimiter (SD), Access Control (AC), and Frame Control (FC) each have a size of one byte. The Source and Destination Address fields each have six bytes. The DSAP and SSAP fields are set to the value AA, which indicates SNAP encapsulation. The Control field (CTL) is set to the value 0x03, indicating Unnumbered Information. The OUI is set to 0, and the Ethertype field contains the value for IPv6: 0x86DD.

The rule governing how a Stateless autoconfigured IPv6 address is built from the MAC address is the same as the one described in the earlier discussion on Ethernet. Multicast addresses are treated differently with Token Ring, as described in RFC 2470. Packets with multicast Destination addresses are sent to Token Ring Functional Addresses. The RFC states 10 different functional addresses, and multiple IPv6 multicast addresses are mapped to each. Table 7-1 lists the mappings that have been defined.

Table 7-1. Mapping IPv6 multicast addresses to Token Ring Functional Addresses

MAC Functional Address (canonical)

Multicast addresses

03-00-80-00-00-00

All-nodes (FF01::1 and FF02::1)

Solicited-node (FF02:0:0:0:0.1:FFxx:xxxx)

03-00-40-00-00-00

All-routers (FF0X::2)

03-00-00-80-00-00

Any other multicast address with three least significant bits = 000

03-00-00-40-00-00

Any other multicast address with three least significant bits = 001

03-00-00-20-00-00

Any other multicast address with three least significant bits = 010

03-00-00-10-00-00

Any other multicast address with three least significant bits = 011

03-00-00-08-00-00

Any other multicast address with three least significant bits = 100

03-00-00-04-00-00

Any other multicast address with three least significant bits = 101

03-00-00-02-00-00

Any other multicast address with three least significant bits = 110

03-00-00-01-00-00

Any other multicast address with three least significant bits = 111

You can find a Token Ring Tutorial at http://www.techtutorials.info/tokenring.html.

7.1.4. Point-to-Point Protocol (RFC 2472)

Point-to-Point Protocol (PPP) is a mechanism for running IP and other network protocols over a serial link. It supports synchronous and asynchronous lines. RFC 2472 describes the method for transmitting IPv6 packets over PPP and how IPv6 link-local addresses are formed on PPP links.

PPP's control protocol for IPv6, IPV6CP, is responsible for establishing and configuring IPv6 communication over PPP. One IPv6 packet can be encapsulated in a PPP Data Link layer frame, and the protocol field is set to 0x0057 for IPv6. If the PPP link is to support IPv6, the MTU size must be configured to IPv6's minimum MTU size of IPv6, which is 1280 bytes. A higher value (1500 bytes) is recommended.

IPV6CP has a distinct set of options for the negotiation of IPv6 parameters. The Options field has the same format as that which is defined for the standard Link Control Protocol (LCP). Currently the only defined options for IPV6CP are Interface-Identifier and IPv6-Compression Protocol. A PPP interface does not have a MAC address. The Interface-Identifier option provides a way to negotiate a 64-bit interface identifier, which must be unique within the PPP link. The IPv6-Compression option is used to negotiate a specific packet compression protocol, which applies only to IPv6 packets transmitted over the PPP link. The option is not enabled by default.

IPv6 address negotiation is different from IPv4. It is done through ICMPv6 Neighbor Discovery and not through PPP, as it is with IPv4. For ISPs, PPP in combination with IPv6 offers many advantages. For instance, it is no longer a problem to assign static addresses to customers, because the IPv6 address space is large enough. With IPv4, due to the shortage of addresses, ISPs often have to use dynamic addresses. The IPv6 functionality for address autoconfiguration supports easy administration and customer configuration with minimal cost. Prefix assignment to the customer site can be done through router discovery or through IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) Version 6 (RFC 3633). To get IPv6 to work over ADSL, ISPs need to choose an encapsulation that meets their needs, such as PPP over ATM (PPPoA) or PPP over Ethernet (PPPoE). IPv6 also has an impact on the Authentication, Authorization, Accounting (AAA) process. With IPV6CP, the address assignment occurs after the authentication. ISPs should note that Radius must support IPv6 attributes.

7.1.5. ATM (RFC 2492)

Asynchronous Transfer Mode (ATM) is a connection-oriented, high-speed network technology that is used in both LANs and WANs. It works over optical fiber and operates at up to gigabit speed by using special hardware and software mechanisms. An ATM network uses fixed-size frames called cells . Each cell is exactly 53 bytes long, and because it always has the same size, processing is very fast. An ATM cell has a header length of 5 bytes and 48 bytes of data. The ATM Adaptation layer (AAL5, RFC 2684) is the mechanism responsible for dividing a big packet, such as an IP packet, into small cells. This process can be compared to the way fragmentation works. The sender divides the packet into a set of 53 byte cells, and the receiver verifies that the packet has been received intact without errors and puts it back together again. If one cell is lost in transit, the whole set has to be resent. Because ATM does not support hardware broadcast and multicast, another mechanism that emulates it has been defined. All hosts in an ATM network register with the ATMARP server. If a host on the subnet sends a broadcast or multicast, the packet is sent to the ATMARP server, which distributes the packet to all registered hosts on the subnet/link. ATMARP is a variant of ARP and is defined in RFC 2225.

RFC 2492 describes the transmission of IPv6 packets over an ATM network in a companion document to RFC 2491, "IPv6 over Non-Broadcast Multiple Access (NBMA) Networks."

When the ATM network is used as a Permanent Virtual Circuit (PVC), each PVC connects two nodes, and the use of Neighbor Discovery is limited. IPv6 ATM interfaces have only one neighbor on each link. Multicast and broadcast are transmitted as a unicast on the ATM level. PVCs do not have link-layer addresses, so the link-layer address option is not used in Neighbor Discovery messages. IPv6 unicast and multicast packets sent over ATM are encapsulated using the LLC/SNAP encapsulation. Just as with FDDI and Token Ring, the DSAP and SSAP fields contain the value AA, and the CT field contains the value 0x03. The OUI field is set to 0 and the Ethertype field contains the value for IPv6, 0x86DD (see Figures 7-4 and 7-5). The default MTU size for an ATM PVC link is 9180 bytes.

If the ATM network is used as a Switched Virtual Circuit (SVC), unicast packets are transmitted using LLC/SNAP encapsulation, as described for PVC. For the transmission of multicast packets over SVC, the OUI field is set to 0x00005E, and the Ethertype field to 0x0001.

A good site for information about ATM can be found at http://cell-relay.indiana.edu.

There were a lot of discussions going on about whether IP was necessary on ATM networks: why not write applications to run natively on ATM? Finally, "IP over Everything" was developed. With the growing popularity of Fast Ethernet and Gigabit Ethernet, application designers have decided not to port their applications for transport over ATM directly. By writing their applications for IP, they needed only to write one interface and use the layer 2 functionality to run on all physical networks.

7.1.6. Frame Relay (RFC 2590)

Frame Relay is a connection-oriented, high-speed network technology used in WANs. It was developed in the Bell Labs in the late 1980s as part of the ISDN specification. The standard was refined in the early 1990s. By using a short, two-byte header, Frame Relay is very efficient in forwarding packets.

RFC 2590 specifies how IPv6 packets are transmitted over Frame Relay links, how IPv6 link-local addresses are formed, and how IPv6 addresses are mapped to Frame Relay addresses. It applies to Frame Relay devices that act as end stations (Data Terminal Equipment [DTEs]) on public or private Frame Relay networks. The Frame Relay Virtual Circuits can be PVCs or SVCs, and they can be point-to-point or point-to-multipoint. The default IPv6 MTU size for a Frame Relay interface is 1592 bytes.

Figure 7-6 shows the header of an IPv6 packet transmitted over Frame Relay.

Figure 7-6. The Frame Relay header for an IPv6 datagram

The field for the Q.922 Address can be 2 or 4 bytes, depending on the address. The Control field (CTL) is set to 0x03, indicating Unnumbered Information. The Next Level Protocol ID (NLPID) contains the value 0x8E, indicating IPv6. The mapping of IPv6 addresses follows the specification for Neighbor Discovery as described in Chapter 3. A discussion of the details regarding addressing mechanisms and formats of Frame Relay addresses is in RFC 2590.

Категории