IPv6 has a number of differences from traditional IPv4. In this video, you’ll learn about dual-stack routing, IPv6 tunneling protocols, and the many uses of the IPv6 Neighbor Discovery Protocol.
<< Previous Video: IPv4 and IPv6 Addressing Next: Prioritizing Traffic >>
We’ve been using IPv4 on our networks for a very long time, and now many network administrators are faced with also including IPv6 on their networks, as well. One of the easiest ways to include both IPv4 and IPv6 on a network is to configure a dual stack configuration. This means on a particular workstation router or other layer three device, you would be able to configure both an IPv4 address and an IPv6 address simultaneously.
Obviously, those two protocols don’t talk to each other, but this will allow the workstation or layer three device to be able to use either one of those protocols to be able to communicate.
You would configure your normal IP version 4 address, subnet mask, DNS, and all of the other settings that you need for your IPv4 configuration. This device would maintain a routing table that was specific to IPv4, and if you were configuring this on a router, you may be using dynamic routing protocols, and those dynamic routing protocols would be specific to IPv4.
On that same device, we’d have a separate configuration area for IP version 6. That would allow us to configure the IP version 6 addresses and subnet masks, configure all the IPv6 DNS information and other details. We’d have a separate routing table that was specific to IPv6, and if this was configured on a router, you would configure dynamic routing protocols that specifically knew how to transfer IPv6 network information. On most of our modern networks, our infrastructure devices understand both IPv4 and IPv6. So it’s very common to configure this dual stack implementation.
But not all networks have upgraded to the latest and greatest technologies. There may be part of your infrastructure that doesn’t have support for IPv6 and then other parts of your network that do. You may have a need to tunnel IP version 4 within IP version 6 or vice versa.
One of these transition technologies is 6to4 addressing. This allows you to send IPv6 between different devices even if the connection between those devices happens to be an IPv4 network. This is one that requires relay routers on both ends of the conversation, and it uses IP protocol 41 to identify these special packets that contain IPv6 information. Unfortunately, 6to4 addressing doesn’t support network address translation. So as a transition technology, it might only apply to very specific network configurations.
Another type of tunneling is a 4in6 tunneling, where we might have an existing IPv6 network, and we would tunnel V4 inside of it to be able to bridge the gap between different IPv4 networks.
One way that many people are starting to use IPv6 is through a Teredo tunnel. They’re able to tunnel IPv6 through a network address translated IPv4. It’s a very common configuration on most people’s networks. This allows you to use IPv6 end-to-end and you wouldn’t have to do any special configurations on your IPv4 routers. This is designed to be a temporary workaround until IPv6 can be used natively on your network.
Teredo is commonly used with Microsoft operating systems, but everyone else can also use this same type of functionality using Miredo. This is an open-source version of Teredo that you can run on Linux, Mac OS, and other operating systems.
We learned in an earlier video that one of the big advantages to IP version 6 is we didn’t have to worry about broadcasts anymore. But we still have the requirement of having devices find other devices on the network. To be able to do that, we use NDP or the Neighbor Discovery Protocol, with IP version 6, and it uses multicast instead of broadcast.
For example, in IP version 4, we have the Address Resolution Protocol, which uses broadcast to find other device’s MAC addresses. We have a similar functionality in IP version 6 using NDP, and it’s called the Neighbor MAC Discovery, which effectively performs the same function as the arc that you would use in IPv4.
Another function of IPv6 that uses NDP is SLAAC. This is the Stateless Address Autoconfiguration, which allows all of your devices to automatically configure themselves with IP addresses without having to access a DHCP server.
NDP is also used for DAD, or Duplicate Address Detection, in IPv6 that allows these IPv6 devices to make sure that duplicate IPs are not being used on the network.
And another function of NDP has the ability to find routers that might be on your network. We do that by using router solicitation and router advertisement features of the Neighbor Discovery Protocol. Here’s how the Neighbor Discovery Protocol uses this router solicitation to find routers on the network. On this network, we have a workstation, and we have a local router. But at this point, the workstation doesn’t know where that router happens to be.
So it sends an IPv6 multicast, which is ff02::2, which is a router solicitation to all IP version 6 routers. All of the routers on this network will be listening for those multicasts. And if they receive a router solicitation, they’ll send back a unicast frame that is a router advertisement that is advertising the MAC address of that local router.
IPv6 routers will also occasionally send unsolicited router advertisements, and they send those to the multicast destination of ff02::1 These router advertisements are often used to transfer IPv6 information. For example, the local router may inform the workstation of what the local IPv6 network is, that’s the IPv6 prefix value, and what the local subnet mask might be, and we refer to that as the IPv6 prefix length.
We mentioned earlier that there’s no Address Resolution Protocol in IPv6 like we have in IPv4. So in order to perform that same function, we have a Neighbor Solicitation and a Neighbor Advertisement. You’ll often see these referred to as an NS and an NA. The Neighbor Solicitation is for one workstation to be able to find the MAC address of another workstation.
So the workstation that’s looking for the MAC address of another device will send a multicast that says, I’m sending this Neighbor Solicitation to try to find the MAC address of this specific IPv6 address. The device that owns that particular IPv6 address will then send back a directed frame that includes the MAC address. And now these two devices have all of the information they need to be able to communicate back and forth to each other.
You might also see this Neighbor Solicitation used to test for duplicate IPv6 addresses. A workstation may send out a Neighbor Solicitation for a specific IPv6 address, and if it doesn’t receive a response, it may conclude that that particular address is available to use on this network.