What Does IPv6 Change?
Actually, from the users’ and routers’ perspectives, little things change amid IPv4 and
IPv6. As Figure 7-1 shows, IPv4 and IPv6 can coexist in the aforementioned host or router. Both can run
on Ethernet (different packet types circuitous them on the aforementioned abstracts link), and both support
the accepted Band 4 protocols, such as TCP or User Datagram Protocol (UDP). It is additionally easy
for applications to abutment both protocols at the aforementioned time, such as Firefox or Microsoft
Internet Explorer. Both browsers can accompanying browse to IPv4 and IPv6 websites.
Figure 7-1 IPv4 and IPv6 Dual Stacks
Data Link
(Ethernet)
TCP UDP
IPv4 IPv6
0x0800 0x86dd Ethernet
Packet Type
IPv6 Enabled
Application
IPv4 and IPv6 Dual Stack
Introduction to IPv6 123
Many differences abide amid IPv4 and IPv6, however. One capital aberration is that the
IPv6 attack architecture is 40 bytes; IPv4’s attack architecture is alone 20 bytes. Beyond IPv6
addresses account this admeasurement increase. IPv6 addresses are 128 $.25 instead of 32 bits, so there
are added addresses in IPv6 than in IPv4. Figure 7-2 shows the IPv6 header.
Figure 7-2 IPv6 Packet Header
The differences amid the IPv4 and IPv6 headers are as follows:
• Destination Abode and Antecedent Address. IPv6 addresses are now 128 bits, so a
huge bulk of IPv6 addresses abide (2128). With this cardinal of IPv6 addresses, IPv6
will not face an abode curtailment any time soon.
• Cartage Class. New name for the Type of Service (ToS) acreage (also accepted as
Differentiated Services Code Point [DSCP]), it conveys cartage antecedence for affection of
service (QoS).
• Breeze Label. Back accumulated with the antecedent address, the breeze characterization identifies all
packets in a distinct appliance flow. RFC 3697 specifies how the aggregate of
source abode and breeze characterization can be acclimated for QoS instead of relying on the Band 4
ports; therefore, QoS can be activated alike if the Band 4 ports are bare (for
example, they are encrypted or abide in a altered fragment).
• Payload Length. New name for Total Length.
• Abutting Header. New name for Protocol; that is, it identifies the abutting attack or the upper
protocol, such as 6 for TCP. Addition above change in IPv6 is the abstraction of header
chaining, which is declared next.
Version Breeze label
Traffic
class
Payload length
Source Address
(128 bits)
Destination Address
(128 bits)
Next
Header
Hop limit
32 bits
124 Chapter 7: Exploiting IPv6 Neighbor Analysis and Router Advertisement
• Hop Limit. New name for Time to Live (TTL); that is, it’s decremented by 1 for each
router until it alcove 0, and again the packet is discarded. It prevents packets from
forever looping in a network.
• Breach Fields. No added breach fields (identification, flags, and
fragment offset) abide because breach abstracts is confused to a specific attack after
the IPv6 header. Moreover, breach can be done alone by the transmitting host—
never by an average router.
Ever admiration why there are no added options aural the IPv6 header? The acumen is simple:
To accomplish IPv6 attack parsing easier for routers, options headers alter all IPv4 options.
Because there can be several headers (one per IPv4 option, such as antecedent routing,
fragmentation, and so on), a specific apparatus alleged attack chaining allows for multiple
headers in a distinct IPv6 datagram. Figure 7-3 shows an archetype of IPv6 attack chaining.
Figure 7-3 IPv6 Packet Attack Chaining
In Figure 7-3, the IPv6 packet consists of (from larboard to right):
• IPv6 Header. The 40 bytes attack ahead described, the Abutting Attack field
contains 43, which is the identifier of the Acquisition Header.
• Acquisition Header. Agnate of antecedent acquisition in IPv4; that is, the artist uses it
to specify the avenue that the datagram charge follow. It additionally has a Abutting Attack acreage with
a amount of 44, which is the identifier of the Breach Header.
• Breach Header. Allows for packet breach by the antecedent and
reassembly by the destination.
Besides the above-mentioned differences, acquisition protocols, such as Acquisition Information Protocol
(RIP) or Open Shortest Path First (OSPF), abide in IPv6 with accessory differences.
Upper band protocols, such as TCP or UDP, are banausic except for Internet Control
Message Protocol (ICMP), which is relied on for added functions than in IPv4:
• Answer appeal and answer reply. Aforementioned debugging functions as in IPv4.
• No avenue to destination. Similar to IPv4; a router uses it to announce that a packet
cannot be baffled because the destination arrangement is unreachable.
• Packet too big. Identical to IPv4; it is generated by a router to acquaint the antecedent that its
packet cannot be baffled because it is beyond than the best manual unit
(MTU) of the abutting link. Path MTU analysis relies on this ICMPv6 message.
IPv6 Header
Next Header
= 43 (Routing)
Next Header
= 44 (Fragmentation)
Next Header
= 6 (TCP)
Fragment of
TCP Header
+ Data
Routing Attack Breach Header
Introduction to IPv6 125
• Time exceeded. Comes from the IPv4 world; back a router receives a packet whose
Hop Limit alcove 0, the packet is dropped, and this ICMP bulletin is beatific to the
source.
• Multicast listener. Acclimated for multicast accumulation membership; it is the agnate of
Internet Accumulation Management Protocol (IGMP).
• Neighbor abode and advertisement. ICMPv6 letters are a above change;
they are the agnate of ARP. They ascertain the Ethernet abode of an IPv6 address.
Because the IPv6 addresses are large, they are accounting in hexadecimal architecture by fields of
16 bits—that is, by blocks of four hexadecimal numbers afar by colons, as shown
here:
2001:0DB8:130F:0000:0000:09C0:876A:130B
Because IPv6 addresses generally accommodate abounding 0s, you can abolish arch 0s:
2001:DB8:130F:0:0:9C0:876A:130B
Moreover, alternating fields of 0 are represented as :: (but alone already per abode to avoid
ambiguity):
2001:DB8:130F::9C0:876A:130B
To accept all the aegis issues accompanying to IPv6’s use of Ethernet, you charge understand
an IPv6 address’ format. In IPv6, all nodes can accept assorted IPv6 addresses at the same
time. One is alleged the articulation bounded address, which can be acclimated alone to acquaint with
nodes on the aforementioned concrete articulation (physical network, such as actuality on the aforementioned Ethernet
segment). This is a new abstraction in IPv6. Other addresses accept a armpit or a all-around ambit and
are routable.
The best cogent 64 $.25 of a routable abode is the arrangement prefix or subnet, while the
least cogent 64 $.25 are the host portion, which is alleged the interface identification
(interface ID). Figure 7-4 shows the two genitalia of an IPv6 address.
Figure 7-4 IPv6 Interface ID
The interface ID charge be different aural a subnet. It can be
• Statically defined. Arrangement administrator decides the amount of the interface ID (for
example, 1 for a router).
Subnet Interface ID
64 bits
128 bits
126 Chapter 7: Exploiting IPv6 Neighbor Analysis and Router Advertisement
• Acquired from the Ethernet address. This is the continued different identifier on 64 bits
(EUI-64) architecture area the 64 $.25 of the interface ID are acquired from the 48 bits
Ethernet abode by abacus a able-bodied accepted 16 $.25 amount to the Ethernet address. The
EUI-64 abode can advance to a aloofness affair because websites ability clue their users’
habits by tracking the interface ID, which will never change, alike if the mobile
computer changes from one arrangement to addition one.
• Aloofness addendum address. To assure privacy, the interface ID can be randomly
generated periodically, such as every hour or alike on anniversary new connection.
An interface’s articulation bounded abode is consistently formed by application FE80:0000:0000:0000 as the
most cogent 64 $.25 and the EUI-64 host identifier acquired from the interface’s MAC
address. Here is an archetype of a articulation bounded abode (using the abbreviated anatomy of
collapsing assorted adjoining 0000s):
fe80::215:58ff:fe27:83dc