The good news is that IPv6 principles are very similar to those of IPv4.
Moreover, networks and client applications can make the transition to IPv6 easily.
One stumbling block is that we humans struggle to see patterns within
these new large hexadecimal numbers. It is my objective to give meaning to IP addresses such as: 2001:0618:71A3:0801:1319:0211:FEC2:82DC,
and thus explain the difference between IPv4 and IPv6 addresses.
Before we get to know the new IPv6 hexadecimal numbers, I would like to say a
few words about why you need a working knowledge of IPv6 address schemes. What made me
suddenly sit up and take notice was when I read that the USA government has decreed that all federal agencies must be IPv6 compliant by June 2008.
Previously, I pigeon-holed IPv6 in the category of having more false dawns than
teams like the Arizona Cardinals (NFL), or Newcastle United (Soccer).
China and India will want a lot more IP addresses to become a presence on the
internet. Moreover, developed countries need additional IP addresses for
cell phones and other mobile devices. Cisco have analysed the data, and
conclude that IANA's allocation pool of IPv4 addresses will probably run out in
between 3 and 10 years.
This assessment of the available IPv4 pool takes into account Stanford who have handed over their Class A
addresses so that the rest of the world can benefit. Although techniques such as NAT and Supernetting (CIDR)
have extended the useful life of IPv4 on the internet; in 2008 they are seen as limited, and
are now only helping to choke internet communication.
At their heart, both IPv4 and IPv6 are level 3 routing protocols.
However IPv6 is just that bit quicker, smarter and lot more scaleable.
Nevertheless, it
is the realization that the 32bit IPv4 just cannot deliver sufficient unique
addresses, which has been the driving force to upgrade to a 128bit IPng (new
generation), or IPv6 as it's better known.
Here are five keywords that will aid your understanding should you read IPv6
RFC (Request for comments) articles: Stateful and Stateless; Link-Local and
Site-Local addresses, also ND (Neighbor Discovery)
A stateful IP address is one given by a DHCP server. Usually DHCP gives more information than just the IP address, for example
the IP address of the DNS server and also the default gateway.
A stateless IP address is one that is automatically configured by router
discovery. The host assigns itself an IPv6 address automatically rather like the
IPv4 APIPA.
Link-Local IPv6 addresses only allow connections with neighbors on that
subnet (link), these addresses beginning with FE80 are not forwarded by routers. End of story.
Site-Local addresses are routable, but not to the internet, thus hosts with
Site-Local IPv6 addresses can use private (not ICANN) IP addresses, AND can connect to
any other Site-Local address within the organization. All Site-local
addresses begin with FEC0.
ND (Neighbor Discovery) Replaces IPv4's ARP and ICMP
Router Discovery. The idea is for machines to discover information
about their nearest router. In addition, if an IPv6 stack can obtain
information about other hosts, then it won't duplicate their IP addresses
should it need to use Autoconfiguration.
It is well-known that there are lies,
damn lies and statistics. In the case of IP numbers, your three best
friends are estimation, approximation and the big picture. My point is
mathematicians told us that IPv4, with its 32bit
number, would generate 4,294,967,296 possible IP addresses, in practice it turned out
there were only about 17 million useful addresses. What springs to mind is Oscar Wilde's adage 'A
cynic (mathematician) is a man who knows the
price of everything but the value of nothing'.
With the 128bit IPv6
addresses, the
same mathematicians say there should be
340,300,000,000,000,000,000,000,000,000,000,000,000,000 IP addresses. Guy
guestimates that there may be as few as: 18,000,000,000,000 useful IPv6 addresses.
This shortfall is partly due to reserved and unassigned bits in the 128bit address. The other reason for this reduced number of usable IP addresses is a design feature
whereby 64bits are taken up with the Interface ID (Mac Number), I will explain
more of this later.
Even with my
extremely low estimate, no worries, it means that everybody on the planet could be given 3,000 IP addresses.
In my mind's eye I see: one for
their computer, one for their phone, car, fridge, cooker and every other appliance - then some.
Guy Recommends: SolarWinds Network Topology Mapper (NTM)
NTM will produce a neat diagram of your network topology. But that's
just the start;
Network Topology Mapper can
create an inventory of the hardware and software
of your machines and network devices. Other neat features include dynamic
update for when you add new devices to your network. I also love the ability to export
the diagrams
to Microsoft Visio.
Finally, Guy bets that if you test drive the Network Topology
Mapper then you will
find a device on your network that you had forgotten about, or someone else
installed without you realizing!
IPv6 Address - Making Sense of the Actual Hex Numbers
Do these four numbers mean anything to you: 192.168.0.1? If you see an IP address of
10.0.0.1 do you think hmm... private network? Could 169.254.x.y indicate no
DHCP server available? If any of the foregoing numbers ring a bell then
clearly you
have a working knowledge of IP4. What I would like to do is give you a
similar basic understanding of IPv6.
IPv6 numbers are in
hexadecimal (base 16 instead of base 10). Therefore you will see IP addresses containing not only numbers, but
also the letters ABCDEF, for example: 2001:0618:71A3:08D3:1319:8A2E:0370:7017. As you can see, 128bit numbers are split into 8 groups
of 16bit. Observe how each group is separated by a colon rather than a dot.
It is readily apparent that this scheme dramatically expands on IPv4s 4 groups of 8bit numbers.
Surprisingly, the hex letters are not case sensitive.
Private networks won't need to
assign the full range of IPv6 numbers; hence many of the address values will be zero. In
this circumstance, thanks to compressing the zeros, you will see simpler notation, for example, instead of
FD01:0000:0000:0000:0000:0000:0000:0002, you will see FD01::2. Note the double colon :: indicating
compression of the intervening zeros. Thus the term 'compression' in IPv6 refers to the notation
and not to the protocol packets themselves. Incidentally, you can only use
the double colon once in each IP address.
The biggest reason that there will be fewer IPv6 addresses than the theoretical
maximum is that each 64bit number will include the MAC address of the host.
While incorporating the hardware address cuts down the available numbers, it
makes this protocol more efficient, secure and useful than IPv4.
Here are 3 or 4 different ways of describing the IPv6 address format.
Global Routing Prefix | Subnet ID | Interface ID
Subscriber ID
|
(Top Level Routing ID) | (Organise Sites) | (MAC Address)
Slightly more information about the first 4 bytes:
3 | 13 |
32 | 16
| (64-bit Interface ID)
001 | Top Level Aggregate Identifier | Next-level Aggregate
ID | Site-level Aggregate Identifier
001 | TLA ID | NLA ID | SLA ID
Each IP address can be divided into sections. The first part contains
routing information, while in the middle holds the site identifier and
subnetting information. The last part of the hex address has the interface
ID which is the 48-bit link-layer (MAC) address plus a 16-bit global identifier.
When it comes to describing IPv6 ranges, subnets or even routing prefixes
there is are new conventions.
FD01::/8 is an address range
2001:0618:71A3:08D3::/64 is a subnet prefix
2001:0618::/32 is a route prefix
N.B. There is no hexadecimal equivalent of an IPv4 subnet mask.
If you want to know the bit-by-bit significance of each number in IPv6, the
ultimate fountain of knowledge is held in 'Refer For Comments' documents such as
RFC 3587 and RFC 2374, also 3315 for DHCP. These articles are freely
available on the internet.
Guy Recommends: A Free Trial of the Network Performance Monitor
(NPM)
SolarWinds'
Network Performance Monitor
will help you discover what's happening on your network. This
utility will also guide you through troubleshooting; the dashboard will
indicate whether the root cause is a broken link, faulty equipment or
resource overload.
Perhaps the NPM's best feature is the way it suggests solutions to network
problems. Its second best feature is the ability to monitor the health of individual VMware
virtual machines. If you are interested in troubleshooting, and creating network maps, then I recommend that you
give this Network Performance Monitor a try.
To have a working knowledge of IPv6 you need to make sense of the first four numbers of
the address. As with IPv4, it's the
first section of the address that has the most meaning, 192.x.y.z, 10.x.y.z, or even 169. I would like to focus in IPv6 addresses beginning with FE, for example, FE80,
FECO. Again, as with IPv4, studying the binary numbers helps to explain why
we get particular hexadecimal number.
Link-local address FE80 = 1111 1110 1000
Site-local address FEC0 = 1111 1110 11
Examples of an IPv6 Address
0:0:0:0:0:0:0:1 The classic loopback address. Compressed format ::1
FF01:0:0:0:0:0:0:42 A multicast address. Compressed to FF01::42
0:0:0:0:0:0:10.0.0.20 An IPv4 address. Note triple colon in the
compressed form :::10.0.0.20
FE80::23A1:B131 A Local-link address. An address for use in the
internal organisation, but not on the internet.
FEC0::F282:204:76FF:FE36:8163 Site-link address.
0:0:0:0:0:0:10.0.0.20 An IPv4 to IPv6 address. Note triple colon in the compressed form
:::10.0.0.20
Thus if you see a number beginning with 2001 or 3001 then it's a number
that ICANN/IANA have allocated, probably to an ISP.
Let us now decipher the very last part of the following Link-local IP address, fe80::211:5bff:fec2:82dc%4.
The %4 caused me some head-scratching until I made a few vital
deductions. Embarrassingly, until I understood the significance of the % number, I could not
get ping to work. This percentage number has the following names: the Zone ID (most common), %
Scope ID, NIC adapter number, Interface ID, or if you 'ask'
Netsh, the Idx number.
Thank goodness that this command still works: Ipconfig /all. Moreover, it
helps us by displaying the elusive
number after the % sign. Here are the results for two machines where I
wanted to ping.
Preliminary step, use IPCONFIG /all to get the IPv6 addresses of two machines. Then
substitute your hex numbers for mine.
Experiment 1: At Machine A, launch a cmd prompt
1) Type PING
2) Type Machine B's IPv6 address
3) Append YOUR (Machine A) % number, for example:
Ping fe80::ec84:1634:d659:2aba%4
- Correct you should get a reply.
Experiment 2: At Machine A type Machine B's IPv6 address
omitting the % number
Ping fe80::ec84:1634:d659:2aba
- Wrong no Zone ID number. Also, we assume that interface number we
need (%4) is not the default Zone ID.
Experiment 3: At Machine A type Machine B's IPv6 address with
the wrong % number
Ping fe80::ec84:1634:d659:2aba%10
- Wrong we need the Zone ID number of the sending machine = %4; the Zone ID
of the target machine %10, is irrelevant. My rational is that we always
learn more when things go wrong, it's just that most text books leave out the
mistakes! If you get stuck, do remember the following Netsh commands.
Guy Recommends : SolarWinds'
Free VM Monitor
The best feature of this new this new version of SolarWinds VM Monitor is that it
checks Windows Hyper-V. Naturally, it still works with virtual machines on VMware ESX Servers. VM Monitor is a
clever
desktop tool that not only tests that your server is online, but also
displays the CPU and memory utilization for each node.
It's easy to install and to configure this virtual machine monitor, all
you need the host server's IP address or hostname and the logon info. Give
this virtual machine monitor a try - it's free.
Troubleshooting IPv6 Addresses - Netsh is your friend
I assume that you are at the cmd prompt, now type these five words:
netsh interface ipv6 show interface
Note: Be careful, the command really does need two words called 'interface'.
Additionally you need to specify ipv6 - as shown above. Incidentally, as an ex-biologist I was amazed to see the word 'Teredo' in the
netsh print-out. Previously I associated Teredo with the dreaded
ship-boring mollusc. This animal probably destroyed more of Drake's ships than the
entire Spanish Armada. Back to IPv6, I soon made the connection, Teredo is
tunnelling interface so that IPv4 packets can move smoothly through IPv6
networks.
Incidentally, Netsh is well worth learning, not only will it help you
troubleshoot IPv6, but also it will be handy for configuring Core (GUI-Less)
Windows Server 2008 machines.
̃
Configuring IPv6 addresses with Netsh
Firstly an assumption, if you have XP you have installed IPv6 (Network
connection, properties, Install). The key to configuring a manual IPv6 address is preparation,
it also helps if you
tuning-in to the terminology. As XP and Windows Server 2003 don't have a
box to type the IPv6 address, you need to employ the built-in command line tool
Netsh.
With Vista and Server 2008, you can also configure IPv6, in much the same way
as you did with
IPv4, namely type numbers in a dialog box. Again you go to the Network
Connections, but this time, IPv6 has a live properties button, (greyed out in XP).
The first question is, 'What is the name of your Adapter Interface?' To
check your answer type ipconfig /all and read what comes after 'Ethernet
Adapter'. This usually begins with 'Default..' For more information,
check your Network Connections, you could even take the opportunity of renaming
the connection, e.g 'lab', and see the new name appear when you re-type ipconfig
/all.
What IPv6 address could you add? Use an existing IP address as your
starting point; it should begin with FE80. Also note the double colon
meaning
'compression'.
Suppose IPv6 reveals a Link-local address = fe80::211:5bff:fec2:82dc. You could
add a new unique number by changing the last four digits thus:
fe80::211:5bff:fec2:111a. Here is the syntax of Netsh.
The pattern is this: Add address interface = name address =hex number
If you get an 'Element not found' error message, then it's because your
interface = NAME is wrong. The solution is to check the NAME in the Network Connections.
Finally, if you want get rid of your IPv6 command substitute delete for add,
hence:
DELETE address interface = lab address =fe80::211:5bff:fec2:111a
It is going to take for ever for the world to migrate from IPv4 to IPv6.
Fortunately the IPv6 committees took this into account when they designed
IPv6. Specifically they included Teredo for tunnelling IPv4 inside IPv6. Here are the main tasks you can undertake to prepare for IPv6.
Whereas you should not attempt to upgrade an old XP machine to Vista*; upgrading
an XP client from IPv4 to IPv6 will be the proverbial piece of cake. Vista
machines don't need to be upgraded because they have the IPv6 protocol
pre-installed. Thus all the IPv6 migration falls to the servers and the
routers.
Upgrade your applications to work with both IPv6 and IPv4. In the
case of the operating systems, they have a built-in IPv6 stack.
Question: is IPv6 a killer reason to migrate to Vista. No. XP
SP2 has a perfectly good IPv6 stack. Network connection, properties,
Install. Alternatively, call for help about Install IPv6.
Focus on DNS and make sure it supports IPv6 address and PTR records.
In truth, if you have a true DNS expert, it will be straightforward for them
to configure the AAAA records and the appropriate in-arpa reverse lookup
zone.
Before we consider IPv6 and DHCP, a few words about other simple
auto-configuration methods. The IPv6 host can use Router Discovery to
obtain vital
information such as router IP address. What happens is that routers
send multicast Router Advertisement (RA) messages periodically. From
such RA messages a host can assign itself a Link-local address.
As far as I can see, you will need Windows Server 2008 (Longhorn) for
IPv6 DHCP. There may be plans to add IPv6 scopes in Windows Server 2003,
but I cannot find any reference to them. What did find was this
statement from Microsoft, 'The IPv6 protocol for the Windows Server 2003
family does not currently support DHCPv6.'
See more on Windows 2012
DHCP server.
IPv6 will be faster in several ways. Physically, because IPv6 does not
fragment the packets as IPv4 does. Logically, because IPv6 will be
hierarchical, thus internet routers won't need such large routing tables.
In addition, IPv6 headers have been redesigned to speed their path through a
router and to create true 'end to end' capability, the result is more efficient
network traffic on the internet backbone
Another difference between IPv4 and IPv6 is in the smarter allocation of IPv6 addresses.
Rather than first come first served basis as seen with IPv4, IPv6 addresses will
be leased on geographic region. Take Europe for example,
RIPE (Réseaux IP Européens) has allocated the UK-BT IPv6 addresses beginning with 2001:0618
IPv6 has better scalability and an improved ability to prioritise packets. As with many of
the benefits of IPv6, Quality of Service builds on features that IPv4 only partially delivers.
I don't want to get bogged down with technical details,
but I do want to emphasis is that
IPv6's support for mobile devices illustrates the thought that has gone into designing the new protocol,
for example, the 'Mobile Node' (MN) is identified by its home address (HoA) and its care of address (CoA), which
is the mobile's current location.
IPv6 Public Root
ICANN/IANA distribute network blocks to Regional Internet Registries (RIR)
One option is to temporarily disable IPv6. Perhaps you are
finding that IPv6 is more of a hindrance than a help. Naturally,
you can reverse this registry hack should you need to enable IPv6.
How to disable IPv6 in the Registry
Launch Regedit and navigate to the HKEY_LOCAL_MACHINE hive.
The full path is:
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\ Note: Tcpip6 (not plain Tcpip)
Create a DWORD called DisabledComponents (Check the
spelling e.g. plural)
Set the Hex Value Data to ffffffff This displays as
0xffffffff (4294967295)
Migration from IPv4 to IPv6 requires very little work on the XP client, and
none at all for Vista. On the server side, you need a DNS expert to look
at the AAAA records and the Reverse Lookup zone.
For the network manager, perhaps the biggest practical difference between
IPv4 and IPv6 addresses is the need for a new DHCPv6 server such as Windows
Server 2008. However you could start by seeing if your clients can manage
with just the automatic Link-local address.
If you like this page then please share it with your friends
Guy Recommends:
SolarWinds' NPM - Network Performance Monitor
SolarWinds' performance monitor is designed for detecting network outages,
making it easy to see what's working, and what needs your attention.
This utility guides you through creating network maps; it also helps
identifying whether the
root cause is faulty equipment, or resource overload. Give NPM a try.
