A lightning fast introduction to IPv6. A JavaZone 2023 10 minutes lightning talk

1. A lightning fast intro to IPv6
Steinar Bang
Sopra Steria
Certified IPv6 newbie

2. Overview of the talk
●
What is IPv6? And why does it exist? Do I need to know what it is?
●
A brief history and timeline
– Why adoption of IPv6 has been so slow?
●
How to read and understand IPv6 addresses
●
Some special IPv6 addresses (localhost, link local etc)
●
Getting an IPv6 address (NDP, SLAAC, DHCPv6)
●
IPv6 mobility
●
Programming for IPv6, what’s needed?
●
Downsides to IPv6
●
IPv6 pitfalls
Neighbor
Discovery
Protocol
StateLess Address
AutoConfiguration
Dynamic Host
Configuration
Protocol

3. What?
Next generation internet
NG

4. When?

5. Why?

6. Why does IPv6 exist?
●
The internet was running out of addresses
●
Fix: 128 bit addresses, instead of 32 bit addresses
●
Other improvements:
– Reorganization of the IP header for more efficient routing
– Auto-configuration (can work without DHCP)
– Mobility
– End-to-end encryption
– Extensibility

7. A brief history and timeline
●
1993 work group created
●
1995 draft spec RFC 1752 released
●
1996 first linux kernel code for IPv6, 6bone created
●
1998 draft IPv6 standard RFC 2460
●
2000 production level IPv6 in linux and BSD
●
2001 Cisco adds support in IOS routers and L3 switches
●
2002 Windows XP SP1 and Windows 2003 Server gets full IPv6 support
●
2003 Apple Mac OS X v10.3 "Panther" supports IPv6 enabled by default
●
2008 DNS can resolve globally using IPv6 only
●
2011 AWS limited support for IPv6
●
2017 AWS IPv6 support for EC2 instances
●
2017 IPv6 official standard RFC 8200

8. Why the slow IPv6 adoption?
●
In one word: NAT appeared (Network Address
Translation)
●
Costly: all routers and switches, and
applications must implement IPv6
NAT: one public address maps to many
private addresses

9. Google IPv6 statistics
●
https://www.google.com/intl/en/ipv6/statistics.html
●
Percentage of users accessing google over IPv6 (43.5% on august 20 2023)

10. How to read IPv6 addresses
●
Some sample IPv4 addresses:
– 84.208.4.193
– 195.88.54.16
●
Some sample IPv6 addresses
– fe80::588c:d541:a9f0:299c
– 2a01:4f9:c011:82fd::1
– 2001:67c:21e0::16
– 2a01:5b40:0:248::52

11. Example: simplifying IPv6 address
●
Full IPv6 address (8 groups of 16 bit hex numbers):
– 2a01:04f9:c011:82fd:0000:0000:0000:0001
●
Collapsing leading zeros (but keep at least one in each
group):
– 2a01:4f9:c011:82fd:0:0:0:1
●
Replace consecutive groups of zeros with “::”
– 2a01:4f9:c011:82fd::1

12. IPv6 address structure
●
The 128 bit number of an IPv6 address is
divided in two parts
– Leftmost 64 bits determine the network
– Rightmost 64 bits determine the host (i.e not used
for routing)
Network identifier Host identifier
0 63 64 127

13. Enough addresses anyway
1018
here
1018
here also
1036
in total
1036
in total
1024
grains of sand in Sahara
1011
stars in the Milky Way
1011
galaxies in the Universe
1022
stars in the Universe
1014
/48 subnets
1010
people on the Earth 106
camels in Sahara

14. What does /48, /64 etc. mean?
●
It’s a way of describing a subnet
●
Some examples
– 2001:67c:21e0:1/64 – a single subnet that can contain up to ~1018
hosts
– 2001:67c:21e0/48 – can be split into 65536 subnets, each able to
contain up to ~1018
hosts
●
An ISP or cloud hoster will typically give you a /64 subnet for
yourself even if you have just a single host (if not: complain)

15. Extra IPv6 addresses
●
Link local
– fe80::/10: Can talk IPv6 with other hosts on the same WLAN or
Ethernet segment
– Bits 10-63 can be anything (but typically 0)
– Host part comes from MAC address
●
Anycast
– Address with host part in the range ffff:ffff:ffff:ff80-ffff:ffff:ffff:ffff
– “inverted multicast”

16. Getting an IPv6 address with SLAAC
●
SLAAC: StateLess Address AutoConfiguration
●
Uses the network address found in an ICMPv6 RA (router advertisement) and adds its MAC
address (NIC hardware address) as the host part
●
No DHCP needed
●
Downside: no DNS configuration
●
Note: RA packages is part of the Neighbor Discovery Protocol (NDP)
Router
The internet
Host
2001:67c:21e0:2::1
2001:67c:21e0:2:fa32:e4ff:fe9b:ba4b
2001:67c:21e0:1::1
Internet Control
Message Protocol

17. Getting DNS
●
Stateless DHCPv6
– Use SLAAC to get the IP address
– Use DHCPv6 to get DNS, NTP, etc.
– Common IPv6 setup
●
Stateful DHCPv6
– Like DHCP for IPv4, get IP address, DNS etc from DHCP
server
Dynamic Host
Configuration
Protocol
Domain
Name
Service
Network
Time
Protocol

18. IPv6 mobility
●
Keep your IPv6 address when moving about the
internet
●
Requires a home agent (HA) in home network and
foreign agent (FA) in visiting network
●
FA assigns care-of address in the visited network
●
Either tunneling via home agent (HA) to care-of or
route directly to care-of

19. Programming for IPv6
●
If you’re using Java, you’re in luck! Java already handles
this transparently (exception: if your program actually
works with IPv4 addresses)
●
C and C++ on POSIX systems: you need to change library
from AF_INET to AF_INET6 (but AF_INET6 also supports
IPv4)
●
Python, PHP, perl etc. need to change wrapper library from
the AF_INET wrapper to the AF_INET6 wrapper

20. Downsides to IPv6
●
All IPv6 hosts are globally visible, no longer
“hidden” behind a NAT router
●
Always keeping the same address makes you
easier to track

21. Some IPv6 pitfalls
●
If your ISP/cloud hoster assign the same /64 address to more
than one customer, you can be blamed for someone else’s sin
●
When adding IPv6 connectivity, make sure your firewall
handles IPv6
●
My computer has an IPv6 address starting with fe80, why
can’t I reach resources on the internet?
●
“can’t ping foo.com!”, try “ping -4 foo.com”

22. Questions?
●
That’s all folks!
●
Questions? No time here, but look me up after
●
Slides at
– https://www.slideshare.net/SteinarBang/javazone-2023-lyntalepdf
●
Mastodon: @steinarb@mastodon.social
●
Pixelfed: @steinarb@pixelfed.social
●
Email: steinar.bang@soprasteria.com
●
TwitteX: @steinarba