Internet Protocol (IP)

 Features:
 Layer 3 (Network layer)
 Unreliable, Connectionless, Datagram
 Best-effort delivery
 Popular version: IPv4
 Major functions
 Global addressing
 Datagram lifetime
 Fragmentation & Reassembly
IPv4 Header
 IPv4 companion protocols (1)
 ARP: Address Resolution Protocol
 Mapping from IP address to MAC address
 ICMP: Internet Control Message Protocol
 Error reporting & Query
 IGMP: Internet Group Management Protocol
 Multicast member join/leave

 Unicast Routing Protocols (Intra-AS)

 Maintaining Unicast Routing Table
 E.g. RIP, OSPF (Open Shortest Path First)
 IPv4 companion protocols (2)
 Multicast Routing Protocols
 Maintaining Multicast Routing Table
 E.g. DVMRP, MOSPF, CBT, PIM
 Exterior Routing Protocols (Inter-AS)
 E.g. BGP (Border Gateway Protocol)
 Quality-of-Service Frameworks
 Integrated Service (ISA, IntServ)
 Differentiated Service (DiffServ)
Why IPv6?
 Deficiency of IPv4
 Address space exhaustion
 New types of service  Integration
 Multicast
 Quality of Service
 Security
 Mobility (MIPv6)
 Header and format limitations
Advantages of IPv6 over IPv4
 Larger address space
 Better header format
 New options
 Allowance for extension
 Support for resource allocation
 Support for more security
 Support for mobility
Header: from IPv4 to IPv6
Changed Removed
IPv6 Header Format
IPv6 Packet (PDU) Structure
Traffic Class
 The 8-bit field in the IPv6 header is available for use by
originating nodes and/or forwarding routers to identify
and distinguish between different classes or priorities of
IPv6 packets.
 E.g., used as the codepoint in DiffServ
 General requirements
 Service interface must provide means for upper-layer protocol to
supply the value of traffic class
 Value of traffic class can be changed by source, forwarder,
receiver
 An upper-layer protocol should not assume the value of traffic
class in a packet has not been changed.
IPv6 Flow Label
 Related sequence of packets
 Needing special handling
 Identified by src & dest addr + flow label
 Router treats flow as sharing attributes
 E.g. path, resource allocation, discard requirements,
accounting, security
 May treat flows differently
 Buffer sizes, different forwarding precedence, different quality
of service
 Alternative to including all info. in every header
Payload Length
 16-bit unsigned integer.
 Length of the IPv6 payload, i.e., the rest of the
packet following this IPv6 header, in octets.
 Note that any extension headers present are
considered part of the payload, i.e., included in
the length count.
Extension Header Order
Order Header Type Next Header Code

1 Basic IPv6 Header

2 Hop-by-Hop Options 0
4 Routing header 43
5 Fragment header 44
6 Authentication header 51
7 Encapsulation Security Payload header 50
8 Destination Options 60
9 Mobility header 135
No Next header (Null) 59
Upper layer: TCP, UDP, ICMP 6, 17, 58
 Hop-by-Hop Options
 Must be examined by every router
 Specifies discard/forward handling
 Options
 Pad1
 PadN
 Jumbo payload
 Router alert (can be used for RSVP)
 Routing Header
 List of one or more intermediate nodes to visit
 Header includes
 Next Header
 Header extension length
 Routing type (e.g. type 0 = Source Routing)
 Segments left
Source Routing Example
Fragment Header (1)
 Fragment Offset: 8-bit unsigned integer
 The offset, in 8-octet units, of the data
following this header, relative to the start of
the Fragmentable Part of the original packet
 Unfragmentable part: IPv6 header + any
extension headers that must be processed by
nodes en route
Fragment Header (2)
 M flag: 1=more fragments, 0=last fragment
 Identification: combined with the src & dest addr
uniquely identifies the original packet
Reassembly (1)
 The Unfragmentable Part of the reassembled packet
consists of all headers up to, but not including, the
Fragment header of the first fragment packet
 The Next Header field of the last header of the
Unfragmentable Part is obtained from the Next Header
field of the first fragment’s Fragment header
 The Payload Length of the reassembled packet is
computed from the length of the Unfragmentable Part and
the length and offset of the last fragment.
 Reassembly (2)
 PL.orig = PL.first - FL.first - 8 + (8 * FO.last) + FL.last

 PL.orig = Payload Length field of reassembled packet.

 PL.first = Payload Length field of first fragment packet.
 FL.first = length of fragment following Fragment header of first fragment
packet.
 FO.last = Fragment Offset field of Fragment header of last fragment
packet.
 FL.last = length of fragment following Fragment header of last fragment
packet.
Reassembly (3)
PL.first

IPv6 Header Extension Header Fragment Header First Fragment

.
8 FL.first
.
.
. 8*FO.last

IPv6 Header Extension Header Fragment Header Last Fragment

FL.last
IPsec Scenario
 IPSec Benefits
 Provides strong security for external traffic
 Resistant to bypass
 Below transport layer hence transparent to applications
 Can be transparent to end users
 Can provide security for individual users if needed
IPSec Functions
 Authentication Header
 for authentication/integrity only
 Encapsulating Security Payload (ESP)
 for authentication/integrity/encryption (privacy)
 A key exchange function
 Manual or automated
 VPNs usually need combined function
Authentication Header

VC ID for all packets sent during

a Security Association connection

Prevent playback
Encapsulating Security Payload
 Advantages of IPv6 over IPv4
(1)
Feature IPv4 IPv6
Source and 32 bits 128 bits
destination address
IPSec Optional required

Payload ID for QoS in No identification Using Flow label field

the header
Fragmentation Both router and the Only supported at the
sending hosts sending hosts
Header checksum included Not included

Resolve IP address to broadcast ARP Multicast Neighbor

a link layer address request Solicitation message
 Advantages of IPv6 over IPv4
(2)
Feature IPv4 IPv6
Determine the ICMP Router ICMPv6 Router
address of the best Discovery(optional) Solicitation and
default gateway Router Advertisement
(required)
Send traffic to all Broadcast Link-local scope all-
nodes on a subnet nodes multicast
address
Configure address Manually or DHCP Autoconfiguration
Manage local subnet (IGMP) Multicast Listener
group membership Discovery (MLD)
 IPv6 PROTOCOL

Changes from IPv4 to IPv6 (Advantages ofIPv6)

Header Format
 IPv6 uses a new header format.
 Options are
 separated from the base-header
 inserted between the base-header and the data.
 This speeds up the routing process (because most of the options do not need to be checked by routers).
 New Options

 IPv6 has new options to allow for additional functionalities.

 Extension
 IPv6 is designed to allow the extension of the protocol if required by new technologies or
applications.
 IPv6 PROTOCOL

Resource Allocation
In IPv6,
 type-of-service (TOS) field has been removed
 two new fields are added to enable the source to request special handling of the packet.
1) traffic class and
2) flow label
 This mechanism can be used to support real-time audio and video.
Security
 The encryption option provides confidentiality of the packet.
 The authentication option provides integrity of the packet.
 IPv6 PROTOCOL

Packet Format
Version field is set to 6 for IPv6.
The Traffic Class and Flow Label fields both relate to quality of service issues.
The PayloadLen field gives the length of the packet, excluding the IPv6 header, measured in
bytes.
The NextHeader field cleverly replaces both the IP options and the Protocol field of IPv4.
Ifoptions are required, then they are carried in one or more special headers following the IP
header, and this is indicated by the value of the NextHeader field.
Ifthere are no special headers, the NextHeader field is the demux key identifying the higher-level
protocol running over IP (e.g., TCP or UDP).
 IPv6 PROTOCOL

Packet Format

Fragmentation is handled as an optional header, which means that the fragmentation related fields of IPv4

are not included in the IPv6 header.

The HopLimit field is simply the TTL of IPv4.
The source and destination addresses, each of which is 16 bytes (128 bits) long.
IPv6 PROTOCOL
 IPv6 PROTOCOL

Concept of Flow & Priority inIPv6

To a router, a flow is a sequence of packets that share the same characteristics such as
traveling the same path
using the same resources or
having the same kind of security

A router that supports the handling of flow labels has a flow label table.
The table has an entry for each active flow label.
Each
 entry defines the services required by the corresponding flow label.
When a router receives a packet, the router consults its flow label table.
Then, the router provides the packet with the services mentioned in the entry.
A flow label can be used to support the transmission of real-time audio/video.
 IPv6 PROTOCOL

Concept of Flow & Priority inIPv6

 Real-time audio/video requires resources such as
 high bandwidth
 large buffers or long processing time
 Resource reservation guarantees that real-time data will not be delayed due to a lack of resources.

Fragmentation &Reassembly
 Fragmentation of the packet is done only by the source, but not by the routers. The reassembling is done
by the destination.
 At routers, the fragmentation is not allowed to speed up the processing in the router.
 Normally, the fragmentation of a packet in a router needs a lot of processing. This is because the packets
need to be fragmented.
 All fields related to the fragmentation need to be recalculated.
 IPv6 PROTOCOL

Fragmentation &Reassembly
 The source will
 check the size of the packet and
 make the decision to fragment the packet or not.
 If packet-size is greater than the MTU of the network, the router will drop the packet.
 Then, the router sends an error message to inform the source.
Extension Header
 An IP packet is made of
 base-header & some extension headers.
 Length of base header = 40bytes.
 To support extra functionalities, extension headers can be placed b/w base header and payload.
Extension headers act like options inIPv4.
 IPv6 PROTOCOL

Six types of extension headers:

1) Hop-by-hop option
2) Source routing
3) Fragmentation
4) Authentication
5) Encrypted security payload
6) Destination option.
Hop-by-Hop Option
 This option is used when the source needs to pass information to all routers visited by the datagram.
 Three options are defined: i) Pad1, ii) Pad N, and iii) Jumbo payload.
 IPv6 PROTOCOL

Pad1
 This option is designed for alignment purposes.
 Some options need to start at a specific bit of the 32-bitword.
 Pad1 is added, if one byte is needed for alignment.
PadN
PadN is similar in concept toPad1.
 The difference is that PadN is used when 2 or more bytes are needed for alignment.

Jumbo Payload
 This option is used when larger packet has to be sent. (> 65,535bytes)
 Large packets are referred to as jumbopackets.
 Maximum length of payload = 65,535bytes.
 IPv6 PROTOCOL

Destination Option
 This option is used when the source needs to pass information to the destination only.

 Intermediate routers are not allowed to access this information.

 Two options are defined: i) Pad1 & ii)PadN

Source Routing
 This option combines the concepts of

 strict source routing and

 loose source routing.
 IPv6 PROTOCOL

Fragmentation
In IPv6, only the original source can fragment.
A source must use a “Path MTU Discovery technique” to find the smallest MTU along
the path from the source to the destination.
Minimum size of MTU=1280bytes.This value is required for each network connected to
the Internet.
If a source does not use a Path MTU Discovery technique, the source fragments the
datagram to a size of 1280 bytes.
 IPv6 PROTOCOL

Authentication
 This option has a dual purpose:
 Validates the message sender: This is needed so the receiver can be sure that a message is
from the genuine sender and not from an attacker.
 Ensures the integrity of data: This is needed to check that the data is not altered in transition by
some attacker.
Encrypted Security Payload (ESP)
 This option provides confidentiality and guards against attacker.