Network Applications U3

UNIT 3 i
IPv6 migration and network applications
Unit 3
TSN 304/05
Network Applications
IPv6 Migration
and Network
Applications
ii WAWASAN OPEN UNIVERSITY
TSN 304/05 Network Applications
COURSE TEAM
Course Team Coordinator: Dr. Karen Khor Ean Teng
Content Writer: Ms. Saravadee Sae Tan
Instructional Designer: Ms. Michelle Loh Woon Har
Academic Member: Ms. Azrina Jamal
COURSE COORDINATOR
Dr. Karen Khor Ean Teng
EXTERNAL COURSE ASSESSOR

Associate Professor Dr. Lau Hing Keung
PRODUCTION
Editor: Penerbitan Pelangi Sdn. Bhd.
In-house Editor: Ms. Michelle Loh Woon Har
Graphic Designers: Ms. Audrey Yeong and Ms. Valerie Ooi
Wawasan Open University is Malaysia’s first private not-for-profit tertiary institution dedicated to
adult learners. It is funded by the Wawasan Education Foundation, a tax-exempt entity established
by the Malaysian People’s Movement Party (Gerakan) and supported by the Yeap Chor Ee Charitable
and Endowment Trusts, other charities, corporations, members of the public and occasional grants
from the Government of Malaysia.
The course material development of the university is funded by Yeap Chor Ee Charitable and
Endowment Trusts.
© 2015 Wawasan Open University
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or
transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or
otherwise, without prior written permission from WOU.
Wawasan Open University

(KPT/JPT/DFT/US/P01)
Wholly owned by Wawasan Open University Sdn. Bhd. (700364-W)
54, Jalan Sultan Ahmad Shah, 10050 Penang.
Tel: (604) 2180333 Fax: (604) 2279214
Email: enquiry@wou.edu.my
Website: www.wou.edu.my
UNIT 3 iii
Contents
Unit 3 IPv6 Migration and Network
Applications
Unit overview 1
Unit objectives 1
3.1 Migration to IPv6 3
Objectives 3
Introduction 3
IPv4 address exhaustion 3
Benefits of IPv6 4
Effects of IPv6 on network applications 6
Suggested answers to activities 8
3.2 IPv6 address and subnet 9
Objectives 9
Introduction 9
IPv6 address type 9
Fundamentals of IPv6 subnets 16
3.3 IPv6 routing and configuration 21
Objectives 21
Introduction 21
Basic IPv6 routing 21
IPv6 routing with RIPng 25

iv WAWASAN OPEN UNIVERSITY
3.4 IPv6 tunnelling and other transition 31

mechanisms
Objectives 31
Introduction 31
Transition from IPv4 to IPv6 32
IPv6 tunnelling 33
Encryption and security protocol 37
Suggested answers to activity 42
Summary of Unit 3 43
Suggested answers to self-tests 45
References 47
Glossary 49
UNIT 3 1
Unit Overview
T he current version of Internet Protocol (IP), known as version 4 or IPv4,

was developed in the early 70s. It was developed to facilitate communication
and information sharing between government researchers and academics in the
United States. When IPv4 was initially developed, it was not designed to support
a worldwide network that consists of millions of computers and devices. IPv4
uses a 32-bit addressing scheme which allows nearly 4 billion possible addresses.
However, due to the very rapid growth of devices connected to the Internet, the
pool of unallocated IPv4 addresses has been exhausted. The IPv4 address exhaustion
prompted the development of Internet Protocol version 6 (IPv6). IPv6 uses 128-bit
addresses which are represented in hexadecimal format. In addition to the larger
address space, IPv6 is designed to be more effective in terms of security, reliability
and ease of management.
The Internet Assigned Numbers Authority (IANA) has exhausted the global IPv4
address space. Therefore, IPv4 to IPv6 migration has become inevitable and fairly
urgent. IPv4 and IPv6 are different protocols with different addressing schemes
and they are not directly interoperable. The transition from IPv4 to IPv6 will not
happen overnight. To ensure smooth transition, a number of transition mechanisms
are needed to allow the coexistence of IPv4 and IPv6 networks for a period of time.
The routing protocols in IPv4 have to be modified in order to support longer IPv6
addresses and different header structures.
Unit Objectives
By the end of Unit 3, you should be able to:
1. Describe the IPv4-IPv6 migration.
2. Explain IPv6 addressing schemes and routing protocols.
3. Describe various IPv4 – IPv6 transition mechanisms.
4. Apply the principles of IPv6 subnet design.
5. Set up IPv6 networks during migration.

2 WAWASAN OPEN UNIVERSITY
UNIT 3 3
3.1 Migration to IPv6

Objectives
By the end of this section, you should be able to:
1. Describe the motivation for IPv6 migration.
2. Explain the benefits of IPv6.
3. Examine the effects of IPv6 on network applications.
Introduction
The exhaustion of IPv4 address space is the main reason that prompted the
development of IPv6. IPv4 uses a 32-bit addressing scheme, which allows 232
possible addresses. Due to the increasing numbers of devices connected to the
Internet, the available IPv4 addresses are depleting. Internet Protocol Version 6
or IPv6 was developed to deal with the depletion of the IPv4 address space. IPv6
uses a 128-bit addressing scheme, which is able to support 2128 possible addresses.
In addition to the larger address space, IPv6 has other features such as simpler
header format, multicasting, stateless address configuration, etc.
IPv4 address exhaustion

IPv4 address exhaustion is the depletion of the pool of unallocated Internet Protocol
Version 4 (IPv4) addresses, which has been anticipated since the late 1980s. Due to
the increasing numbers of devices such as smartphones, servers, laptops, desktops,
etc., the available IPv4 addresses are depleting. This depletion is the main reason
for the development and deployment of its successor protocol, Internet Protocol
version 6 or IPv6.
Every node of an Internet Protocol (IP) network, such as a computer, router, or

network printer, is assigned an IP address that is used to locate and identify the node
in communications with other nodes on the network. Internet Protocol version 4
provides 232 (4,294,967,296) addresses. However, large blocks of IPv4 addresses are
reserved for special uses and are unavailable for public use.
The reasons for IPv4 address exhaustion include:
1. Mobile devices
The increasing numbers of mobile devices such as smartphones and tablets

being connected to the Internet is one of the main reasons for IPv4 address
exhaustion.
2. Always-on connections
Throughout the 1990s, the predominant mode of Internet access was

telephone modem dial-up. The rapid increase in the number of the dial-up
networks increased address consumption rates, although it was common
that the modem pools, and as a result, the pool of assigned IP addresses,
were shared amongst a larger customer base. By 2007, however, broadband
Internet access had begun to exceed 50% penetration in many markets.
Broadband connections are always active as the gateway devices (routers,
broadband modems) are rarely turned off, so the address uptake by Internet
service providers continued at an accelerating pace.
3. Internet demographics
There are hundreds of millions of households in the developed world. In

1990, only a small fraction of these had Internet connectivity. Just 15 years
later, almost half of them had persistent broadband connections. The many
new Internet users in countries such as China and India are also driving
address exhaustion.
4. Inefficient address use
Organisations that obtained IP addresses in the 1980s were often allocated

far more addresses than they actually required, because the initial network
allocation by class was inadequate to reflect reasonable usage. For example,
large companies or universities were assigned class A address blocks with
over 16 million IPv4 addresses each because the next smaller allocation unit,
the class B block with 65,536 addresses, was too small for their intended
deployments.
Source: Wikipedia (2014) IPv4 Address Exhaustion
Benefits of IPv6
Due to the exhaustion of IPv4 address pool, a new addressing protocol, Internet
Protocol version 6 (IPv6), was designed to satisfy the requirement of future Internet.
In this section, we will describe the benefits of IPv6 (Wikipedia: IPv6 2014).
Larger address space
The main advantage of IPv6 over IPv4 is its larger address space. The length of an
IPv6 address is 128 bits, compared with 32 bits in IPv4. The address space therefore
has 2128 or approximately 3.4 × 1038 addresses. This would be about 100 addresses
for every atom on the surface of the earth and almost four /64s per square centimetre
of the planet.
UNIT 3 5
Multicasting
Multicasting, the transmission of a packet to multiple destinations in a single send

operation, is part of the base specification in IPv6. In IPv4, multicasting is optional
although it is a commonly implemented feature. IPv6 multicast addressing shares
common features and protocols with IPv4 multicast, but also provides changes
and improvements by eliminating the need for certain protocols. IPv6 does not
implement traditional IP broadcast, i.e., the transmission of a packet to all hosts
on the attached link using a special broadcast address, and therefore does not
define broadcast addresses. In IPv6, the same result can be achieved by sending
a packet to the link-local all nodes multicast group at address ff02::1, which
is analogous to IPv4 multicast to address 224.0.0.1. IPv6 also provides new
multicast implementations, including embedding rendezvous point addresses in
an IPv6 multicast group address, which simplifies the deployment of inter-domain
solutions.
Stateless address autoconfiguration (SLAAC)
IPv6 hosts can configure themselves automatically when connected to an IPv6

network using the Neighbor Discovery Protocol via Internet Control Message
Protocol version 6 (ICMPv6) router discovery messages. When first connected
to a network, a host sends a link-local router solicitation multicast request for
its configuration parameters; routers respond to such a request with a router
advertisement packet that contains Internet Layer configuration parameters.
If IPv6 stateless address autoconfiguration is unsuitable for an application, a network

may use stateful configuration with the Dynamic Host Configuration Protocol
version 6 (DHCPv6) or the hosts may be configured manually using static methods.
Routers present a special case of requirements for address configuration, as they

are often sources of autoconfiguration information, such as router and prefix
advertisements. Stateless configuration of routers can be achieved with a special
router renumbering protocol.
Simplified processing by routers
In IPv6, the packet header and the process of packet forwarding have been simplified.
Although IPv6 packet headers are at least twice the size of IPv4 packet headers, packet
processing by routers is generally more efficient, thereby extending the end-to-end
principle of Internet design. Specifically:
1. The packet header in IPv6 is simpler than that used in IPv4, with many
rarely used fields moved to separate optional header extensions.
2. IPv6 routers do not perform fragmentation. IPv6 hosts are required to

either perform path MTU discovery, perform end-to-end fragmentation, or
send packets no larger than the IPv6 default MTU size of 1280 octets.
3. The IPv6 header is not protected by a checksum; integrity protection is

assumed to be assured by both link-layer and higher-layer (TCP, UDP,
etc.) error detection. UDP/IPv4 may actually have a checksum of 0, indicating
no checksum; IPv6 requires UDP to have its own checksum. Therefore,
IPv6 routers do not need to recompute a checksum when header fields
(such as the time-to-live (TTL) or hop count) change. This improvement
may not be really necessary due to the development of routers that perform
checksum computation at link speed using dedicated hardware, but it is
still relevant for software-based routers.
4. The TTL field of IPv4 has been renamed to Hop Limit in IPv6, reflecting
the fact that routers are no longer expected to compute the time spent by
a packet in a queue.
Activity 3.1
What are the three main reasons to switch to IPv6?
Activity 3.2
What are the disadvantages of IPv6?
Effects of IPv6 on network applications

IPv6 transition is not just a hardware issue; applications need to be able to function
in the new IPv6 environment. Here, we will discuss some of the aspects that need
to be considered in the transition process:
• IP Address data structures
IPv4 uses a 32-bit addressing scheme whereas IPv6 uses a 128-bit addressing
scheme. The size of an IPv6 address is much larger than an IPv4 address. It
is important to ensure that an application properly defines the size of data
structures that can accommodate both addressing schemes.
• Function calls
Not all function calls executed in IPv4 will execute in IPv6. Applications must
be checked and analysed to ensure they can be executed in IPv6.
UNIT 3 7
• Hard-coded IPv4 address
The longevity of IPv4 resulted in the hard-coding of many well-known IPv4

addresses, such as loopback address (127.x.x.x). The structures used to store
these addresses often use the IPv4 addressing scheme. These hard-coded
addresses cause problems when porting the applications to IPv6.
• Types of addresses
IPv4 broadcast address will be eliminated. IPv6 anycast address will be

introduced. Hierarchical addressing in IPv6 introduces issues with some
applications.
Summary
IPv4 was not designed to support a worldwide network and address

exhaustion was not a concern when it was initially developed. IPv4
uses a 32-bit addressing scheme which is able to provide nearly 4
billion possible addresses. However, the dramatic growth of the
Internet has swiftly exhausted the IPv4 address space. IPv6 was
developed to accommodate the rapid growth of the Internet and
the depletion of IPv4 address space. IPv6 uses a 128-bit addressing
scheme, which provides a much larger address space than IPv4.
Furthermore, it was designed to overcome the limitations of IPv4,
for example, IPv6 address has a more defined structure, IPv6 can
automatically configure itself, built-in security, etc.
Self-test 3.1
1. Which of the following statements are TRUE?
I IPv6 addresses are 128 bit in length.

II IPv6 addresses are binary numbers represented in decimals.
III IPv6 has inbuilt IPSec support.
IV IPv6 network provides autoconfiguration capabilities.
A. I, II and III
B. I, III and IV
C. II, III and IV
D. I, II, III and IV
2. Which of the following are the limitations of IPv4?
I IPv4 address space has been exhausted.

II IPv4 implementation must either be manually configured
or use a stateful address configuration protocol.
III IPSec in IPv4 is optional.
IV IPv4 Type of Service (TOS) field has limited functionality.
A. I, II and III
B. I, III and IV
C. II, III and IV
D. I, II III and IV
3. Describe the differences between IPv4 and IPv6 in terms of:
a. address space
b. security
c. transmission mode
Suggested answers to activities
Feedback
Activity 3.1
1. Inevitability
2. Efficiency
3. Security
Activity 3.2
It will be much harder to remember an IPv6 address compared to

an IPv4 address.
UNIT 3 9
3.2 IPv6 Address and Subnet

Objectives
1. Distinguish the roles of the various types of IPv6 addresses.
2. Apply the principles of IPv6 subnet design.
Introduction
IPv6 addresses are 128 bits in length and are represented in hexadecimal format.
IPv6 introduces three types of IPv6 addresses: unicast, multicast and anycast. A
unicast address is used to identify a single interface on a network. A packet sent to
a unicast address is delivered to the interface specified by the address. A multicast
address is used to identify a group of interfaces. A packet sent to a multicast address
is delivered to all interfaces identified by the address. An anycast address is used
for one-to-one-of-many delivery. A packet sent to an anycast address is delivered to
the nearest interface identified by the address. Subnetting is the process of dividing
a single network into multiple smaller networks. Subnetting is used to optimise
performance and security as well as to make network management easier.
IPv6 address type

Before discussing the IPv6 address, we need to know the hexadecimal number system.
Hexadecimal or hex is a positional numeral system with a radix or base of 16. It
uses 0 – 9 to represent values zero to nine and A – F (or a – f ) to represent values ten
to fifteen. Every digit in hexadecimal can represent values from 0 – 15. Table 3.1
shows the hexadecimal conversion table.
Decimal Binary Hexadecimal
0 0000 0
1 0001 1
2 0010 2
3 0011 3
4 0100 4
5 0101 5
6 0110 6
7 0111 7
8 1000 8
9 1001 9
Decimal Binary Hexadecimal
10 1010 A
11 1011 B
12 1100 C
13 1101 D
14 1110 E
15 1111 F
Table 3.1 Hexadecimal conversion table
An IPv6 address consists of 128 bits which is divided into eight 16-bit blocks. Every
block is converted into 4-digit hexadecimal numbers separated by the colon symbol.
For example, an IPv6 address in binary format is divided into eight blocks:
0010000000000001 0000000000000000 0011001000110100

1101111111100001 0000000001100011 0000000000000000
0000000000000000 1111111011111011
Each block is converted into hexadecimal number and the address is represented as:
2001:0000:3238:DFE1:0063:0000:0000:FEFB
There are two rules provided by IPv6 to shorten the address. The rules are:
1. Discard leading zero
The leading zeroes in block 5, “0063” can be removed:
2001:0000:3238:DFE1:63:0000:0000:FEFB
2. Use double colon :: to represent consecutive zeroes
Double colon symbol (::) can be used to replace consecutive blocks of zeroes
in block 6 and 7:
2001:0:3238:DFE1:63::FEFB
IPv6 addresses are classified by the primary addressing and routing methodologies
common in networking: unicast addressing, anycast addressing, and multicast
addressing. (Wikipedia: IPv6 Address 2014)
UNIT 3 11
Unicast address
The most common concept of an IP address is unicast addressing. It is available in

both IPv4 and IPv6. Unicast address refers to a single sender or a single receiver and
it can be used for sending as well as receiving. A unicast address identifies a single
network interface. The Internet Protocol delivers packets sent to a unicast address
to that specific interface.
A unicast address is composed of two logical parts: a 64-bit network prefix used for
routing, and a 64-bit interface identifier used to identify a host’s network interface.
The format of a unicast address is illustrated in Figure 3.1:
Routing prefix Subnet Id Interface identifier

(m-bit) (n-bit) (64-bit)
Figure 3.1 Unicast address
The network prefix (which consists of the routing prefix and the subnet id) consists
of 64 bits of the address. The size of the routing prefix may vary. If the routing
prefix size is larger, then the subnet id size is smaller. This means that m + n = 64.
The interface identifier (64-bit) is either automatically generated from the interface’s
MAC address or obtained from a server.
There are several types of unicast addresses in IPv6:
1. Global unicast address
IPv6 global unicast address is similar to an IPv4 public address. It is globally

unique, routable and reachable on the IPv6 Internet. A global unicast address
has a 48-bit global routing prefix. As the name implies, global routing prefix
indicates the prefix for a specific organisation’s site. In the global routing
prefix, the first 3 bits are set to 001 to indicate a unicast address.
The subnet id has 16 bits and is used to identify a subnet within a site. The
16 bits allow an organisation to create up to 65,536 individual subnets. The
interface identifier has 64 bits and it is a unique identifier of a particular
interface. It is unique within the specific prefix and subnet. The format of
a global unicast address is illustrated in Figure 3.2:
Global routing prefix Subnet Id Interface identifier

(48-bit) (16-bit) (64-bit)
Figure 3.2 Global unicast address

2. Link-local address
A link-local address is required on every IPv6-enabled interface and it is

always automatically configured. The link-local address can be used only
on the local network link. It is used to communicate between hosts on a
same network link. Link-local address is not routable and a router will not
forward it outside the link.
A link-local address is identified by the prefix FE80::/64, where FE80 is the

hexadecimal representation of the first 10 bits with binary value of 1111
1110 10. The next 54 bits are set to 0. A link-local address is illustrated in
Figure 3.3:
00 0000 0000 0000 0000 0000 0000 Interface

1111 1110 10
0000 0000 0000 0000 0000 0000 0000 identifier
(10-bit)
(54-bit) (64-bit)
Figure 3.3 Link-local address
Web Reference
The website below gives an overview of link-local address and

provides links to other useful resources.
http://en.wikipedia.org/wiki/Link-local–address
3. Unique local address
Unique local address is equivalent to IPv4 private address. Unique local

address is available for use in private networks, such as inside a single site
or organisation or spanning a limited number of sites or organisations. It is
not routable in the global IPv6 Internet.
A unique local address is identified by the first 7 bits with binary value of
1111 110 in the prefix. The Local (L) flag has value 1 to indicate that the
prefix is locally assigned. Therefore, a unique-local address has the prefix
FD00::/8. The 40-bit Global ID is generated randomly and it is used to
identify a specific site within an organisation. A unique local address is
illustrated in Figure 3.4:
L
1111 110 Global Id Subnet Id Interface identifier
1
(7-bit) (40-bit) (16-bit) (64-bit)
(1-bit)
Figure 3.4 Unique-local address

UNIT 3 13
Web References
1. The website below gives an overview of unique-local address

and provides links to other useful resources.
http://en.wikipedia.org/wiki/Unique_local_address
2. Please read Hagen, S (2006) ‘IPv6 addressing’, IPv6 Essentials:

Integrating Ipv6 into Your Ipv4 Network, 2nd edn, O'Reilly Media,
Inc.
http://www.certs4u.info/ccna/IPv6%20Essentials%20-%20
Silvia%20Hagen.pdf
Activity 3.3
Give 5 types of IPv6 unicast addresses.
Activity 3.4
What is a loopback address?
Multicast address
A multicast address is a logical identifier for a group of interfaces on a computer

network. A packet sent to a multicast address is delivered to all interfaces identified
by that address. A multicast address is used to distribute identical information to a
group of interfaces, called the multicast group (Wikipedia: Multicast Address 2014).
A multicast address has a prefix FF00::/8. The 8-bit prefix is set to 1111 1111 to
indicate a multicast address. A multicast address has 4-bit Flags, 4-bit Scope and 112-
bit Group ID. The structure of an IPv6 multicast address is illustrated in Figure 3.5:
Flags
1111 1111 Scope Group Id
0RPT
(8-bit) (4-bit) (112-bit)
(4-bit)
Figure 3.5 Multicast address
1. Flags
The size of the Flags field is 4 bits. The first bit is zero and it is reserved
for future use. The second bit is the Rendezvous Point Address (R) flag. It
indicates whether the multicast address contains an embedded rendezvous
point. The third bit is the Prefix (P) flag, which indicates whether the
multicast address is based on a unicast address prefix. The last bit of the
Flags field is the Transient (T) flag which indicates whether the multicast
address is permanently allocated by the Internet Assigned Number Authority
(IANA). Table 3.2 gives a summary of the multicast address Flags field.
Flag 0 1
(Reserved) (Reserved) (Reserved)

R (Rendezvous) Rendezvous point not Rendezvous point
embedded embedded
P (Prefix) Without prefix information Address based on network
prefix
T (Transient) Well-known multicast Dynamically assigned
address multicast address
Table 3.2 Multicast address flags field
2. Scope
The size of Scope field is 4 bits and it indicates the scope of the IPv6 network
for which the multicast traffic is intended. In addition to the information
provided by multicast routing protocols, the multicast scope is used to
determine if multicast traffic can be forwarded. Table 3.3 gives the defined
values for the Scope field.
Scope field
Scope Description
value
0 Reserved –
1 Interface-local Packets with this destination address
scope may not be sent over any network link,
but must remain within the current
node; this is the multicast equivalent
of the unicast loopback address.
2 Link-local scope Packets with this destination address
may not be routed anywhere.
UNIT 3 15
Scope field
Scope Description
value
3 Reserved –
4 Admin-local scope The smallest scope that must be
administratively configured.
5 Site-local scope Restricted to the local physical net-
work.
6,7 Unassigned –
8 Organisation-local Restricted to networks used by the
scope organisation administering the local
network.
9, A, B, C, D Unassigned –
E Global scope Eligible to be routed over the public
internet.
F Reserved –
Table 3.3 Multicast address scope
3. Group ID
The Group ID field is used to identify the multicast group, either permanent
or transient, and is unique within the scope. The size of Group ID field is
112 bits. Permanently assigned Group IDs are independent of the scope.
They can use the Group ID with any scope value whereas transient Group
IDs are dependent on a specific scope. Multicast addresses from FF01::
through FF0F:: are reserved, well-known addresses.
Anycast address
An anycast address identifies a group of interfaces in the IPv6 network called anycast
group. A packet sent to an anycast address is received by the nearest interface in
the anycast group. The nearest interface is defined in terms of routing distance. In
contrast to a multicast address, which is used for one-to-many delivery, an anycast
address is used for one-to-one-of-many delivery. An anycast address has the same
format as unicast address and differs only by their presence in the network at
multiple points.
Web References
Please read the following chapters:
1. Hagen, S (2006) ‘IPv6 addressing’, IPv6 Essentials: Integrating

Ipv6 into Your Ipv4 Network, 2nd edn, O'Reilly Media, Inc.
Silvia%20Hagen.pdf
2. Kozierok, C M (2005) ‘IPv6 addressing’, The TCP/IP Guide:

A Comprehensive, Illustrated Internet Protocol Reference, 1st edn,
San Francisco: No Starch Press.
http://www.tcpipguide.com/free/index.htm
Web References
The websites below give an overview of IPv6 address types and

formats in general.
1. http://www.tutorialspoint.com/ipv6/ipv6_address_types.htm
2. http://en.wikipedia.org/wiki/IPv6_address
Fundamentals of IPv6 subnets

IPv6 uses a 128-bit address which includes a field to be used for subnetting. The
16 bits from the 49th to the 64th (as illustrated in Figure 3.2) are used for defining
subnets. A 16-bit subnet field allows an organisation to have more than 65,536
subnets with 8,446,744,073,709,551,616 hosts per subnet.
Subnetting increases flexibility in designing networks and improves the management

of network. How to break down a network into subnets depends on your business
needs. To allow proper route aggregation and summarisation, Site ID and possibly
sub-Site ID can be defined to indicate different locations, such as offices, buildings
or geographic regions.
Assume an IPv6 address 2001:db8:1234:0000:/48 is assigned by the service provider

with the “0000” manipulated for site, subsite and subnet IDs. The easiest way is
to break down along the nibble boundary. Here, we define 16 sites, 16 subsites (at
each site) and 256 subnets (at each sub-site). The first nibble is used for the site, the
second for the subsite and the last two for the subnet (Figure 3.6).
UNIT 3 17
2001:db8:1234:XYZZ:/64
0000 0000 0000 0000
site
sub-site
subnets
Figure 3.6 Subnet addressing
Assuming a company has two buildings with the site prefixes:
Site 1 (north building) — 2001:db8:1234:1000:/64

Site 2 (south building) — 2001:db8:1234:2000:/64
For each site, sub-sites can be used to determine the types of devices such as
workstations, printers, etc.
Site 1, printer — 2001:db8:1234:1100:/64

Site 1, mail server — 2001:db8:1234:1200:/64
...
Site 2, printer — 2001:db8:1234:2100:/64
...
Within each sub-site, we can assign the specific subnets, such as
Site 1, printer 1 – 2001:db8:1234:1101:/64

Site 1, printer 2 – 2001:db8:1234:1102:/64
...
Activity 3.5
Based on the previous example, what could 2001:db8:1234:2201::/64

mean?
Activity 3.6
Given an IPv6 address in binary form:
00110001110110100000000011010011000000000000000000
10111100111111
00000010101010100000000011111111111111100010100010
01110001011010
1. Convert into hexadecimal number.
2. Simplify the IPv6 address.
Summary
IPv6 address is 128 bits long and is logically divided into a network
prefix and an interface identifier. The default prefix length is 64 bits
(/64) and the remaining 64 bits are used for the interface identifier.
IPv6 supports three main types of addresses: unicast, multicast and
anycast. Each address type has a scope that specifies in which part
of the network it is valid and unique. Some addresses are unique
only on the local network, whereas some are globally unique. In
the 64-bit network prefix, we can allocate 16 bits for subnetting.
Subnetting is a method for splitting a network into smaller networks.
By separating a large network into distinct but interconnected
subnets, it is easier to isolate the performance issues and enhance
the maintenance process.
Self-test 3.2
1. Which of the following are the characteristics of the IPv6

multicast address?
I An IPv6 multicast address always begins with FF.

II The size of Flags field is 4 bits.
III The first bit of the Flags field is set to 0.
IV An IPv6 multicast address can be used as source address.
A. I, II and III
B. I, II, III and IV
C. I and II
D. III and IV
UNIT 3 19
2. Which of the following are IPv6 unicast addresses?
I Global unicast address

II Link-local address
III Loopback address
IV 6to4 address
A. I, II, III and IV

B. I, II and III
C. I, II and IV
D. I and II
3. The Flags field is set to _______________ for a permanently

allocated multicast address and ___________________ for a
non-permanently allocated multicast address.
Feedback
Activity 3.3
1. Global unicast address
2. Link-local address
3. Unique-local address
4. Special address
5. Compatibility address
Activity 3.4
A loopback address is 0:0:0:0:0:0:0:1. It is a special IPv6 address

and is used to identify a loopback interface. A loopback address
enables a node to send packets to itself.
Activity 3.5
Mail server 1 at south building.
Activity 3.6
1. The address is divided into 16-bit boundaries:
0011000111011010 0000000011010011 0000000000000000

0010111100111111
0000001010101010 0000000011111111 1111111000101000
1001110001011010
Each 16-bit block is converted to hexadecimal:
31DA:00D3:0000:2F3F:02AA:00FF:FE28:9C5A
2. The Ipv6 address is simplified by removing the leading zeroes:
31DA:D3:0:2F3F:2AA:FF:FE28:9C5A
UNIT 3 21
3.3 IPv6 Routing and Configuration

Objectives
1. Describe the routing process and the various types of routing protocols.
2. Explain the routing protocol configuration.
3. Set up the basic IPv6 networks.
4. Plan IPv6 routers in IPv6 networks.
Introduction
Routing is the process of forwarding a packet from a source host to a destination
host on a network. Typically, when there are multiple routes to a destination, one
route needs to be selected. A routing table is used to keep track of the routes together
with their metrics. A router will select a best route based on the information in the
routing table. Manually populating the routing table is expensive. Therefore, routing
protocols are used to automatically populate the routing table. Routing protocols
provide a way for routers to exchange information from their routing tables in order
to determine the best route to a destination.
Basic IPv6 routing

Routing is the process of forwarding IPv6 packets between two hosts on an IPv6
network. An IPv6 packet contains the address of the sending host (source address)
and the address of the receiving host (destination address). The transport layer passes
the packets in the form of TCP segments to the IPv6 layer. The IPv6 layer creates
IPv6 packets including the source address and destination address, which are used
to route the packets through the network.
IPv6 router
A router is needed to forward IPv6 packets between different subnets. Each router
maintains a local routing table for each protocol it is configured to route. An entry
in the routing table represents an IPv6 route, which includes an IPv6 address prefix
and its length, the next-hop and the metric of the IPv6 route. When a router receives
a packet, it looks at the packet’s destination address and searches for a matching
entry in its local routing table. If a match is found, the packet is forwarded to the
next router or the final destination based on the next-hop information in the entry
in the routing table.
Routing table
A routing table is a data table maintained in a router that contains the routes to
particular network destinations and the metrics associated with those routes. The
routing table contains information about the topology of the network immediately
around it. The routing table consists of at least three information fields:
1. Network ID: The destination subnet.
2. Cost/metric: The cost of metric of the path through which the packet is to
be sent.
3. Next hop: The next-hop is the address of the next location to which the
packet is to be sent on the way to its final destination.
The construction of the routing table is a primary issue. Routing table can be
populated manually, which is called static routing. However, static routing is more
expensive. An efficient automatic approach is by deploying routing protocols
(dynamic routing).
IPv6 routing protocol
A routing protocol defines how routers communicate among themselves and

determines the rules to select the best route between two locations on a network.
Each router has prior knowledge only of networks attached to it directly. A routing
protocol first shares the information with immediate neighbours, then with the
whole network. Hence, routers can gain knowledge of the topology of the network
(Wikipedia: Routing Protocol 2014).
Routing protocols can be classified into two main types:
1. Interior Routing Protocol (IRP)
Interior Routing Protocol is used to exchange routing information between

routers within an autonomous system, such as an organisation local area
network. IRP keeps track of paths used to traverse packets from one location
to another location inside a network or a set of networks that is controlled
by a common network administrator (autonomous system).
IRP can be divided into two categories:
a. Distance-vector routing protocol
Distance-vector routing protocol uses the Bellman-Ford algorithm. In this

protocol, each router advertises its routes to its neighbours. Neighbours
will add the routes received to their own routing tables and forward the
updated information to other neighbours. Therefore, routers fully rely
on neighbours for route information. Distance-vector routing protocol
UNIT 3 23
uses distance or hop-count as the metric to determine the best path as

the cost of reaching a destination. Examples of distance-vector protocol
are Routing Information Protocol (RIP), Routing Information Protocol
Next Generation (RIPng), etc.
b. Link-state routing protocol
In link-state routing protocol, each router advertises the state of its

links to other routers. Each router will calculate its own best path to a
destination. Link-state protocol calculates the metric of each path based
on the status (whether a link is up or down) and connection type (how
fast it is). Link-state protocol will select a path with more hops but using
a faster medium over a path with fewer hops but using a slower medium.
Examples of link-state routing protocol are Open Shortest Path First
(OSPF) and Intermediate System to Intermediate System (IS-IS).
Activity 3.7
Discuss the differences between distance-vector and link-state

routing protocol.
2. Exterior Routing Protocol (ERP)
Exterior Routing Protocol is used to handle routing outside an autonomous

system. ERP is used to exchange routing information between autonomous
systems which is important for communication on the Internet. Border
Gateway Protocol (BGP) is an example of ERP.
Web References
Please read the following:
1. Hagen, S (2006) ‘Networking’, IPv6 Essentials: Integrating Ipv6

into Your Ipv4 Network, 2nd edn, O'Reilly Media, Inc.
Silvia%20Hagen.pdf
2. Joseph Davies, J (2003) ‘IPv6 routing’, Understanding IPv6,

Microsoft Press.
http://www.mums.ac.ir/shares/hit/eduhit/book/IPv6.pdf
Web References
1. The website below gives an overview of routing in network and

provides links to other useful resources.
http://en.wikipedia.org/wiki/Routing
2. The website below gives an introduction to IPv6 routing in

general.
http://www.tutorialspoint.com/ipv6/ipv6_routing.htm
Activity 3.8
In the network below, find the shortest paths and their costs and
the next-hop entries from A to every other node.
10 B 1
C
A 6 7 2
1
E 1 D
Destination Next-Hop Weight

B
C
D
E
UNIT 3 25
IPv6 routing with RIPng

Routing Information Protocol (RIP) is a distance-vector routing protocol used by
routers to exchange routing information. RIP uses hop count to identify the best
route between two locations. Hop count is the number of routers a packet has to
traverse to reach its destination. For example, if a packet must traverse two routers
to reach its destination, then the hop count is 2. The best route is the route that has
the lowest hop count. RIP selects the route with the minimum hop count. If multiple
routes have the same hop count, RIP selects route alternately. The maximum hop
count defined by RIP is 15.
Routing Information Protocol Next Generation (RIPng) is the extension of RIP

version 2 and is applied in IPv6 networks. RIPng functions the same as RIP in IPv4.
RIPng maintains a local routing table, called Routing Information Database (RIB).
The RIB contains the lowest cost IPv6 routes learned from other routers. In turn,
RIPng attempts to add routes from its local RIB into the main IPv6 routing table.
RIPng configuration
To use RIPng, we must configure RIPng on all of the interfaces in the IPv6 network.
The configuration process includes creating the routing process, enabling the routing
process on interfaces and customising the routing protocol for a particular network.
The first step is to create an IPv6 routing process with a specific name. The syntax
of the command is:
router(config)# ipv6 router rip name
The second step is to enable the routing process.
router(config-if )# ipv6 rip name enable
Table 3.4 describes some of the basic RIPng configuration commands.
Enter global configuration mode router# configure terminal

Enable forwarding IPv6 packets router(config)# ipv6 unicast-routing
Enter interface configuration mode router(config)# interface interface
Enable RIPng on the interface router(config-if )# ipv6 rip process-name
enable
Table 3.4 Basic RIPng configuration commands

RIPng configuration example
In this section, we will give an example of RIPng configuration. Figure 3.7 illustrates
an example of network topology used for RIPng configuration. There are two routers
that need to be configured with RIPng.
2050::1/64 2050::2/64
Name: Austin Name: Houston
F0/0 F0/0
R1 R2
Figure 3.7 Network topology for IPv6 RIPng configuration
The configuration steps are illustrated in Table 3.5:
R1
Step 1 R1# configure terminal Enter global configuration mode
Step 2 R1(config)# ipv6 unicast-routing Enable forwarding IPv6 packets
Step 3 R1(config)# interface f0/0 Enter interface configuration mode
Step 4 R1(config-if )# ipv6 address 2050::1/64 Configure the IPv6 interface
Step 5 R1(config-if )# ipv6 rip Austin enable Enable RIPng on the interface
R2
Step 6 R2# configure terminal Enter global configuration mode
Step 7 R2(config)# ipv6 unicast-routing Enable forwarding IPv6 packets
Step 8 R2(config)# interface f0/0 Enter interface configuration mode
Step 9 R2(config-if )# ipv6 address 2050::2/64 Configure the IPv6 interface
Step 10 R2(config-if )# ipv6 rip Austin enable Enable RIPng on the interface
Table 3.5 An example of RIPng configuration steps
Web Reference
Please read Dunmore, M (2005) ‘Routing’, 6NET: An Ipv6

Deployment Guide, Lancaster University.
http://www.6net.org/book/deployment-guide.pdf
UNIT 3 27
Activity 3.9
Give two limitations of RIPng.
Summary
Routing protocols are designed to allow the exchange of information

in routing tables. There are many different routing protocols and
each has its own advantages and disadvantages. In this section, we
described the Routing Information Protocol (RIP) and Routing
Information Protocol next generation (RIPng). RIPng is an
extension of RIP version 2. RIPng uses hop count to measure the
distance to a destination. We also provided an example of how to
configure RIPng.
Self-test 3.3
1. What are the main advantages and disadvantages of static

routing and dynamic routing?
2. Which of the following are the characteristics of a distance-

vector routing protocol?
I The Bellman-Ford algorithm is used to determine the

shortest path.
II Periodic updates of the routing table are sent to neighbours.
III Does not rely fully on its neighbour for route information.
IV Utilise some form of distance to calculate a route’s metric.
A. I, II and III
B. I, II and IV
C. I, III and IV
3. RIPng uses a distance-vector algorithm to determine the best

route to a destination.
A. True
B. False
Feedback
Activity 3.7
Distance-vector routing
Link-state routing protocol
protocol
1 Uses Bellman-Ford algorithm Uses Dijkstra algorithm
2 Uses distance or hopcount Uses current congestion,
as metric to define the best cost and speed to determine
path to a destination the best path
3 Sends routing updates Sends triggered change
periodically based on updates when
there is a topology change
4 Relies fully on the information Does not rely solely on the
from its neighbours information from its
neighbours
Activity 3.8
1
10 B
C
6 7
A 2
1
E D
1
Destination Shortest path Next Weight

from A to hop
destination
B A→E→D→ E 1 (A → E) + 1 (E → D) + 2
C→B (D → C ) + 1 (C → B) = 5
C A→E→D E 1 (A → E) + 1 (E → D) + 2
→C (D → C ) = 4
D A→E→D E 1 (A → E) + 1 (E → D) = 2
E A→E E 1
UNIT 3 29
Example:
There are 4 possible paths from A to B
1. A → B (weight: 10)
2. A → E → B (weight: 1+6=7)
3. A → E → C → B (weight: 1+7+1=9)
4. A → E → D → C → B (weight: 1+1+2+1=5)
Path 4 has the lowest cost.
Activity 3.9
1. The longest network path cannot exceed 15 hops. Routers with

a metric of 16 or greater are unreachable.
2. RIPng uses only a fixed metric, which is the hop count to select
a route. Other parameters such as measured delay, reliability
and load are ignored.
UNIT 3 31
3.4 IPv6 Tunneling and Other

Transition Mechanisms
Objectives
1. Compare the various techniques of IPv4-IPv6 transition.
2. Design the basic IPv6 tunnels.
3. Describe the security protocol.
4. Set up secure channels with IPv6 via IPv4.
5. Examine the effects on network applications in the IPv4 to IPv6 transition.
Introduction
It is important to understand that IPv4 to IPv6 transition would not happen
overnight. IPv6 and IPv4 will coexist for many years. A wide range of techniques have
been developed to make the coexistence possible and to provide an easy transition.
It is important to find a best migration method that suits the requirement of each
organisation and network.
Tunnelling is one of the transition mechanisms. In this technique, IPv6 packets

are encapsulated with IPv4 headers so that the packets can be transmitted over an
IPv4 network. Tunnels can be configured manually or automatically. In manual
configuration, the IPv4-to-IPv6 address mappings at the tunnel endpoints are defined
manually by a network administrator. On the other hand, automatic configuration
uses an IPv4-compatible address. A 32-bit IPv4 address is padded out with zeroes
to reach 128 bits. The tunnel at entry point will remove the extra zeroes to reveal
the original IPv4 address.
To protect packets during transmission, Internet Protocol Security (IPSec) provides

a framework that allows two devices to communicate securely. IPSec uses different
types of security protocols to ensure the authentication, integrity and confidentiality
of the communication.
Transition from IPv4 to Ipv6

Transition from IPv4 to IPv6 is not simply a matter of replacing a 32-bit address
with a 128-bit address. IPv4 and IPv6 are different protocols and they are not
directly interoperable. Many applications developed for IPv4 cannot run in IPv6
environment, whereas IPv6 applications cannot run in IPv4 environment. A number
of transition mechanisms are developed to ensure smooth transition from IPv4 to
IPv6. Transition mechanisms can be classified into two main categories.
Dual-stack technique
Dual-stack technique allows IPv4 and IPv6 to coexist in the same device and network.
It refers to the side-by-side implementation of IPv4 and IPv6 where both IPv4 and
IPv6 protocols run on the same network infrastructure. A dual-stack architecture
contains both IPv4 and IPv6 internet layers with separate protocol stacks. Each
protocol stack has separate implementation of transport layer protocols. Figure 3.8
illustrates a dual-stack architecture.
Application layer
TCP/UDP TCP/UDP Transport layer
IPv4 IPv6 Internet layer
Network Interface layer
Figure 3.8 Dual-stack architecture
All network devices such as routers are both IPv4 and IPv6 enabled. If both end
hosts support IPv6, they can communicate using IPv6. Otherwise, they will
communicate using IPv4. The advantage of dual-stack technique is that both IPv4
and IPv6 protocols are in native mode. Applications can migrate from IPv4 to IPv6
when they are available. Therefore, traffic shifts smoothly from IPv4 to IPv6 and
no temporary transition mechanisms are needed.
Activity 3.10
What is the main disadvantage of the dual-stack technique?

UNIT 3 33
Tunnelling technique
Many current internet users do not have IPv6 dual-stack support and thus cannot
reach IPv6 sites directly. Instead, they must use IPv4 infrastructure to carry IPv6
packets. This is done using a technique known as tunnelling, which encapsulates
IPv6 packets in IPv4 packets. The packets are transmitted across the IPv4 network.
The packets are decapsulated to their original IPv6 format when they exit the IPv4
network. More details on tunnelling technique are described in the next subsection.
Web Reference
Please read Hagen, S (2006) ‘Transition technologies’, IPv6

Essentials: Integrating Ipv6 into Your Ipv4 Network, 2nd edn, O’Reilly
Media, Inc.
Silvia%20Hagen.pdf
IPv6 tunnelling
Tunnelling is also called encapsulation and this technique is used when two IPv6
devices want to communicate with each other via an IPv4 network. Tunnelling
allows isolated IPv6 hosts to communicate without the need to upgrade the IPv4
network between them. In this technique, an IPv6 packet is encapsulated inside an
IPv4 packet and forwarded over the IPv4 network. An IPv4 header (as illustrated
in Figure 3.9) is added to an IPv6 packet when it enters the IPv4 region. In the
IPv4 header, the IPv4 protocol field is set to 41 to indicate an encapsulated IPv6
packet. The source and destination fields are set to IPv4 addresses of the tunnel
endpoints. When the IPv6 packet exits the IPv4 region, the IPv4 header is removed
(decapsulation).
IPv6 Packet
Upper-Layer
IPv6 Header Extension Headers
Protocol Data Unit
Upper-Layer
IPv4 Header IPv6 Header Extension Headers
Protocol Data Unit
IPv4 Packet
Figure 3.9 IPv6-over-IPv4 tunnelling

Figure 3.10 shows two IPv6 networks connected via an IPv4 network. The network
between router R1 and router R2 is an IPv4-only network. Host A on an IPv6
network wants to send an IPv6 packet to host B on another IPv6 network. Host A
sends the IPv6 packet to router R1, which is the tunnel entry point. When router R1
receives the packet, it encapsulates the packet with an IPv4 header and forwards it
to router R2. In this case, router R2 is the tunnel exit point. Router R2 decapsulates
the packet and forwards it to host B, which is the final destination. It is possible to
have any number of IPv4 routers between R1 and R2.
IPv4 network
IPv6 IPv6
IPv6-over-IPv4 Tunnel network
network
A R1 R2 B
IPv6 IPv6 IPv4 IPv6 IPv6 IPv6 IPv6

header data header header data header data
IPv6 packet IPv6 in IPv4 packet IPv6 packet
Figure 3.10 How tunnelling works
Tunnelling configurations
There are three types of tunneling configurations to tunnel IPv6 traffic over an
IPv4 network.
1. Router-to-router
The most common configuration is the router-to-router tunnel. In this

approach, two IPv6/IPv4 routers connect two IPv6-enabled networks over
an IPv4-only network. In Figure 3.11, an IPv6 host that has an IPv6 address
W wants to communicate with another IPv6 host with an IPv6 address Z.
A packet (source address W and destination address Z) is sent to a router
that has IPv6 address X and IPv4 address B. The router encapsulates the
IPv6 packet with an IPv4 header. The router uses its IPv4 address B as
source address and the IPv4 address of the tunnel endpoint C as destination
address. The packet is routed to the endpoint router. The endpoint router
decapsulates the packet and strips off the IPv4 header. The packet is then
forwarded to its intended destination Z.
UNIT 3 35
IPv6 network IPv4 network IPv6 network
IPv6-over-IPv4 Tunnel
IPv6/IPv4 Router IPv6/IPv4 Router
IPv6 Host IPv6 Host
v6 add=X v6 add=Y
v6 add=W v6 add=Z
v4 add=B v4 add=C
v6 source=W v4 source=B v6 source=W v6 source=W

v6 dest=Z v4 dest=C v6 dest=Z v6 dest=Z
IPv6 packet IPv6 in IPv4 packet IPv6 packet
Figure 3.11 Router-to-router tunnelling configuration
2. Host-to-router or router-to-host
In host-to-router tunnelling configuration, an IPv6/IPv4 host residing within

an IPv4-only network communicates with an IPv6 host residing within an
IPv6 network. The communication is done via an IPv6-over-IPv4 tunnel to
reach an IPv6/IPv4 router. The IPv6/IPv4 host encapsulates the IPv6 packet
with an IPv4 header, using its IPv4 address A as source address and the IPv4
address of the IPv6/IPv4 router B as destination address. When the IPv6/
IPv4 router receives the packet, it strips off the IPv4 header and forwards
the packet to its destination Z. The scenario is illustrated in Figure 3.12.
IPv4 network IPv6 network
IPv6/IPv4 Host IPv6/IPv4 Router IPv6 Host

v6 add=W v6 add=X v6 add=Z
v4 add=A v4 add=B
v4 source=A v6 source=W v6 source=W

v4 dest=B v6 dest=Z v6 dest=Z
IPv6 in IPv4 packet IPv6 packet
Figure 3.12 Host-to-router tunnelling configuration

3. Host-to-host
In host-to-host tunnelling configuration, an IPv6/IPv4 host residing within

an IPv4-only network uses an IPv6-over-IPv4 tunnel to communicate with
another IPv6/IPv4 host that resides within the same IPv4-only network.
The scenario is illustrated in Figure 3.13.
IPv4 network
IPv6/IPv4 Host IPv6/IPv4 Host

v6 add=W v6 add=Z
v4 add=A v4 add=D
v4 source=A v6 source=W
v4 dest=D v6 dest=Z
IPv6 in IPv4 packet
Figure 3.13 Host-to-host tunnelling configuration
Types of tunnels
There are two types of tunnels, configured tunnel and automatic tunnel. In a
configured tunnel, the tunnel endpoint address is predefined. For each tunnel,
the encapsulating node keeps the tunnel endpoint address. When an IPv6 packet
is transmitted over the tunnel, the tunnel endpoint address is used as destination
address for the encapsulating IPv4 header. Typically, manually configured tunnels
are used for router-to-router tunnelling.
On the other hand, an automatic tunnel does not require manual configuration.
The tunnel endpoints are determined automatically using an IPv4-compatible IPv6
address. For example, 6to4 is an automatic tunneling technique that uses protocol
41 encapsulation. Tunnel endpoints are determined using a well-known IPv4 anycast
address on the remote side and by embedding IPv4 address information within IPv6
addresses on the local site.
Web Reference
The website below gives an overview of IPv6 and provides links to

other useful resources.
http://en.wikipedia.org/wiki/IPv6
UNIT 3 37
Web References
To understand more about IPv6 transition technologies, please read

the following chapters:
1. Davies, J (2003) ‘IPv6 transition technologies’, Understanding

IPv6, Microsoft Press.
http://www.mums.ac.ir/shares/hit/eduhit/book/IPv6.pdf
2. Hagen, S (2006) ‘Transition technologies’, IPv6 Essentials:

Integrating Ipv6 into Your Ipv4 Network, 2nd edn, O’Reilly Media,
Inc.
Silvia%20Hagen.pdf
Web Reference
Please read Albkerat & Issac paper “Analysis of IPv6 Transition

Technologies”. You may get this article from:
http://arxiv.org/pdf/1410.2013.pdf
Encryption and security protocol

IPv6-over-IPv4 tunnelling is the encapsulation of IPv6 packets with IPv4 headers,
so that the packets can be transmitted across an IPv4 network. Before encapsulation
takes place, packets are encrypted so that the data is protected from being accessed
or modified by unauthorised parties.
Internet Protocol Security (IPSec) is a protocol suite for protecting packets in a

network. IPSec provides a framework that allows two devices to communicate
securely. When two devices want to set up a secure path between themselves, they
must perform the following tasks:
1. Agree on the set of security protocols used, so that the packets are sent in a
format where both parties can understand.
2. Select a specific encryption algorithm to encode the data.
3. Exchange keys that are used to unlock the data that has been cryptographically
encoded.
After both parties agree on the settings, they have to use the protocols, encryption
algorithm and keys to encode the data when the packets are sent across the network.
The IPSec protocol suite uses two core security protocols: Authentication Header
(AH) and Encapsulating Security Payload (ESP).
1. Authentication Header (AH) provides data authentication, data integrity

and replay protection for the entire packet. However, it does not encrypt
the data, which means that the data is readable, but cannot be modified.
AH is placed between the IP header and the transport layer protocol header.
AH is identified by an IP protocol ID of 51 in the IP header. AH header
contains the fields:
a. Next header–identifies the type of header that follows the AH.
b. Payload length indicates the length of the AH.
c. Reserved
d. Security Parameter Index (SPI) identifies the security association of the

receiving party.
e. Sequence number provides anti-replay protection.
f. Integrity check value contains the checksum for the packet that is used
to verify the integrity of the message.
2. Encapsulating Security Payload (ESP) provides data authentication, data

integrity, anti-replay and data confidentiality. ESP is identified by an IP
protocol ID of 50. ESP encapsulates the data with an ESP header and an
ESP trailer. ESP header contains the fields:
a. Security Parameter Index (SPI) — identifies the security association of

the receiving party.
b. Sequence number provides anti-replay protection.
The ESP trailer contains the field:
a. Padding — padding for encryption, to extend the payload data to a size

that fits the encryption’s cipher block size, and to align the next field.
b. Padding length the size of the padding.
c. Next header identifies the type of the next header.

UNIT 3 39
IPSec can work in two modes: tunnel mode and transport mode. In tunnel mode,
IPSec encrypts the IP header and the payload, whereas in transport mode, only the
IP payload is encrypted for example, when computer A sends a packet to computer
B. A typical TCP/IP packet is illustrated in Figure 3.14.
IP header IP payload
Figure 3.14 A typical TCP/IP packet
Figure 3.15 and Figure 3.16 illustrate the packet structure in ESP tunnel mode
and transport mode respectively. ESP tunnel mode protects the whole IP packet
(Figure 3.15). The IP packet is encapsulated with an ESP header and a new IP
header. The IP addresses of the new IP header are the tunnel endpoints, whereas
the IP addresses of the original IP header are the ultimate source and destination
addresses.
ESP in transport mode does not protect the IP header. As shown in Figure 3.16,
the ESP header is placed before the IP payload and an ESP trailer and an ESP
authentication field are placed after the IP payload.
Original Original
IP payload
packet IP header
Encapsulated New IP ESP Original IP ESP ESP

packet header header IP header payload trailer authentication
Encrypted
Authenticated
Figure 3.15 ESP tunnel mode packet structure
Original Original
IP payload
packet IP header
Encapsulated New IP ESP ESP ESP

IP payload
packet header header trailer authentication
Encrypted
Authenticated
Figure 3.16 ESP transport mode packet structure

Web Reference
Please read Kozierok, C M (2005) ‘IP Security (IPSec) protocols’, The

TCP/IP Guide: A Comprehensive, Illustrated Internet Protocol Reference,
1st edn, San Francisco: No Starch Press.
http://www.tcpipguide.com/free/index.htm
Web References
For an overview of IPSec, refer to the links below:
1. http://en.wikipedia.org/wiki/IPsec
2. http://technet.microsoft.com/en-us/library/cc959500.aspx
Summary
The transition from IPv4 to IPv6 cannot be done in one day. It

involves a lot of changes in network structures with the use of new
IP addresses. Transition mechanisms facilitate the transition by
enabling IPv4 and IPv6 to coexist so that IPv4 and IPv6 networks
can communicate with each other. Tunnelling encapsulates one
version of IP packet in another so that the packet can be sent over
a backbone that does not support the encapsulated IP version.
UNIT 3 41
Self-test 3.4
1. In IPv6-over-IPv4 tunnelling, which of the following settings

are correct?
I IPv4 protocol field is set to 41.

II The local tunnel endpoint is an IPv4 address of the sender.
III The remote tunnel endpoint is an IPv4 address of the
destination.
IV The remote tunnel endpoint is an IPv4 address of an
intermediate router.
A. I, II and III
B. I, II and IV
C. I, III and IV
2. Which of the following tunnelling configuration is used

when an IPv6/IPv4 host that resides within an IPv4-only
infrastructure wants to reach the IPv6 Internet?
A. Router-to-router
B. Host-to-router
C. Router-to-host
D. Host-to-host
3. Which of the following are features of IPSec?
I IPSec is a set of standardised security protocols for

encrypting and authenticating IP packets.
II IPSec can encrypt data between router and router.
III IPSec has only one mode.
IV IPSec is a layer-3 tunnelling protocol.
A. I and II
B. I, II and III
C. I, II and IV
4. Which of the security features are guaranteed by Authentication

Header (AH)?
I Authentication
II Integrity
III Confidentiality
IV Replay protection
A. I, II and III
B. I, II and IV
C. I, III and IV
5. What are the three main security needs?
Suggested answers to activity
Feedback
Activity 3.10
Devices configured using only one stack must forward their traffic
to a dual-stack device, which is an inefficient use of bandwidth.
UNIT 3 43
Summary of Unit 3
Summary
This unit provided a brief introduction to IPv6 migration. The

following are important points from this unit:
• IPv4 address exhaustion is the main reason for the development

of IPv6.
• The key characteristics of IPv6 are: increased address space,

higher performance, enhanced security, enhanced mobility,
built-in multicasting and better support for QoS.
• IPv6 uses a 128-bit addressing scheme and the addresses are

represented in hexadecimal format. The three main types of
IPv6 addresses are unicast address, multicast address and
anycast address.
• IPv6 routing protocols define how routers communicate among

themselves and determine the rules to select the best route to
a destination. The two main types of routing protocols are
Interior Routing Protocol and Exterior Routing Protocol.
• Transition of IPv4 to IPv6 will not happen overnight. Transition

mechanisms are developed to allow IPv4 and IPv6 to co exist.
• Tunneling is a transition mechanism that encapsulates one

version of IP packet in another. Tunneling allows two isolated
IPv6 networks to communicate over an IPv4 network.
UNIT 3 45
Suggested Answers to Self-tests
Feedback
Self-test 3.1
1. B
2. D
3. a. Address space
IPv4 uses a 32-bit addressing scheme and IPv6 uses a 128-bit

addressing scheme.
b. Security
The use of IPSec in IPv4 is optional, whereas the use of IPSec

in IPv6 is mandatory.
c. Transmission mode
IPv4 supports unicast (one-to-one), multicast (one-to-many),

and broadcast (one-to all) transmission modes. IPv6 supports
unicast (one-to-one), multicast (one-to-many) and anycast
(one-to-one-of-many) transmission modes. There is no
broadcast mode in IPv6.
Self-test 3.2
1. A
2. A
3. 0000, 0001
Self-test 3.3
1. Static routing
Advantage — Routers do not share routing information with

other routers, thus reducing CPU/RAM overhead and saving
bandwidth.
Disadvantage — Cannot scale well.
Dynamic routing
Advantage — Able to scale better.
Disadvantage — Routers share routing information with other

routers, thus increase CPU, RAM and bandwidth usage, less
control over selected traffic paths.
2. B
3. A
Self-test 3.4
1. D
2. B
3. A
4. B
5. Authentication, confidentiality and integrity

UNIT 3 47
References
Ali, A and Issac, B (2014) ‘Analysis of Ipv6 transition technologies’, International
Journal of Computer Networks & Communications (IJCNC), 6(5).
Davies, J (2012) Understanding IPv6, edn, Microsoft Press.
Dunmore, M (2005) 6NET: An IPv6 Deployment Guide, Lancaster University.
Graziani, R (2013) IPv6 Fundamentals: A Straightforward Approach to Understanding

IPv6, Cisco Press.
Hagen, S (2014) IPv6 Essentials: Integrating IPv6 into Your IPv4 Network, 3rd edn,
O'Reilly Media, Inc.
Additional references
http://en.wikipedia.org/wiki/IPv6
http://en.wikipedia.org/wiki/IPv4_address_exhaustion
http://en.wikipedia.org/wiki/IPv6_address
http://en.wikipedia.org/wiki/Multicast_address
http://en.wikipedia.org/wiki/Routing_table
http://en.wikipedia.org/wiki/Routing_protocol
UNIT 3 49
Glossary
Anycast address An address assigned from the unicast address
space. It identifies a group of interfaces and is
used for one-to-one-of-many delivery.
Authentication header (AH) An IPv6 extension header that provides data

authentication, data integrity and anti-replay
protection for the IPv6 packet.
Automatic tunnel An IPv6-over-IPv4 tunnel where the tunnel

endpoints are determined from logical tunnel
interfaces, routers and destination IPv6
addresses.
Configured tunnel An IPv6-over-IPv4 tunnel where the tunnel

endpoints are determined by manual
configuration.
Dual-stack mechanism A transition mechanism that uses two separate

protocol stacks, one for IPv4 and one for IPv6.
Each stack has separate implementation of the
transport layer protocols.
Encapsulating Security Payload An IPv6 extension header and trailer that

(ESP) provides data authentication, data integrity,
data confidentiality and anti-replay protection.
Host-to-host tunnelling IPv6-over-IPv4 tunnelling in which the tunnel

entry point and exit point are hosts.
Host-to-router tunnelling IPv6-over-IPv4 tunnelling in which the tunnel

entry point is a host and the tunnel exit point
is a router.
Internet Protocol Security (IPSec) A framework of open standards to ensure secure

communication at the internet layer.
IPv6-over-IPv4 tunnelling The encapsulation of IPv6 packets within IPv4

headers so that the packets can be sent across
an IPv4 network.
IPv6 routing table A data table stored in a router that keeps track of
the routes along with their metrics to particular
destinations.
Link-local address A local-use address identified by the prefix

FE80::/64.
Multicast address An address that identifies a group of interfaces

and is used for one-to-many delivery.
Router-to-host tunnelling IPv6-over-IPv4 tunnelling in which the tunnel

entry point is a router and tunnel exit point is
a host.
Router-to-router tunnelling IPv6-over-IPv4 tunnelling in which the tunnel

entry and exit points are routers.
Routing protocols A routing protocol specifies how routers

communicate with each other, disseminating
information that enables them to select the best
route to a destination.
Transition mechanism Facilitates the transitioning of the Internet from

IPv4 network to IPv6 network.
Tunnelling A transition mechanism that encapsulates one

version of IP packet in another.
Unicast address An address that identifies a specific interface

and is used for one-to-one delivery.

Network Applications U3

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Network Applications U3

Uploaded by

Copyright:

Available Formats

UNIT 3 i

IPv6 migration and network applications

EXTERNAL COURSE ASSESSOR

© 2015 Wawasan Open University

Wawasan Open University

3.1 Migration to IPv6 3

IPv4 address exhaustion 3

Effects of IPv6 on network applications 6

Suggested answers to activities 8

3.2 IPv6 address and subnet 9

IPv6 address type 9

Fundamentals of IPv6 subnets 16

Suggested answers to activities 19

3.3 IPv6 routing and configuration 21

Basic IPv6 routing 21

IPv6 routing with RIPng 25

Suggested answers to activities 28

3.4 IPv6 tunnelling and other transition 31

Transition from IPv4 to IPv6 32

Encryption and security protocol 37

Suggested answers to activity 42

Suggested answers to self-tests 45

T he current version of Internet Protocol (IP), known as version 4 or IPv4,

1. Describe the IPv4-IPv6 migration.

2. Explain IPv6 addressing schemes and routing protocols.

3. Describe various IPv4 – IPv6 transition mechanisms.

4. Apply the principles of IPv6 subnet design.

5. Set up IPv6 networks during migration.

3.1 Migration to IPv6

1. Describe the motivation for IPv6 migration.

2. Explain the benefits of IPv6.

3. Examine the effects of IPv6 on network applications.

IPv4 address exhaustion

Every node of an Internet Protocol (IP) network, such as a computer, router, or

The reasons for IPv4 address exhaustion include:

The increasing numbers of mobile devices such as smartphones and tablets

Throughout the 1990s, the predominant mode of Internet access was

There are hundreds of millions of households in the developed world. In

4. Inefficient address use

Organisations that obtained IP addresses in the 1980s were often allocated

Source: Wikipedia (2014) IPv4 Address Exhaustion

Larger address space

Multicasting, the transmission of a packet to multiple destinations in a single send

Stateless address autoconfiguration (SLAAC)

IPv6 hosts can configure themselves automatically when connected to an IPv6

If IPv6 stateless address autoconfiguration is unsuitable for an application, a network

Routers present a special case of requirements for address configuration, as they

Simplified processing by routers

2. IPv6 routers do not perform fragmentation. IPv6 hosts are required to

3. The IPv6 header is not protected by a checksum; integrity protection is

What are the three main reasons to switch to IPv6?

What are the disadvantages of IPv6?

Effects of IPv6 on network applications

• IP Address data structures

• Hard-coded IPv4 address

The longevity of IPv4 resulted in the hard-coding of many well-known IPv4

IPv4 broadcast address will be eliminated. IPv6 anycast address will be

IPv4 was not designed to support a worldwide network and address

1. Which of the following statements are TRUE?

I IPv6 addresses are 128 bit in length.

2. Which of the following are the limitations of IPv4?

I IPv4 address space has been exhausted.

3. Describe the differences between IPv4 and IPv6 in terms of:

Suggested answers to activities