IPv6 Protocol
IPv6 address segments of China
IPv6 | Carriers |
---|---|
240e::/20 | China Telecom |
2409:8000::/20 | China Mobile |
2408:8000::/20 | China Unicom |
IPv6 Protocol
IPv6 Header Format
Field | Description |
---|---|
Version | 4-bit Internet Protocol version number = 6. |
Traffic Class | 8-bit traffic class field. |
Flow Label | 20-bit flow label. |
Payload Length | 16-bit unsigned integer. Length of the IPv6 payload, i.e., the rest of the packet following this IPv6 header, in octets. (Note that any extension headers present are considered part of the payload, i.e., included in the length count.) |
Next Header | 8-bit selector. Identifies the type of header immediately following the IPv6 header. Uses the same values as the IPv4 Protocol field. |
Hop Limit | 8-bit unsigned integer. Decremented by 1 by each node that forwards the packet. The packet is discarded if Hop Limit is decremented to zero. |
Source Address | 128-bit address of the originator of the packet. |
Destination Address | 128-bit address of the intended recipient of the packet (possibly not the ultimate recipient, if a Routing header is present). |
IPv6 Extension Header: Routing Header
The following diagram provides the format of the IPv6 extension header Routing header. The field descriptions from RFC 2460 are below it.
Field | Description |
---|---|
Next Header | 8-bit selector. Identifies the type of header immediately following the Routing header. Uses the same values as the IPv4 Protocol field. |
Hdr Ext Len | 8-bit unsigned integer. Length of the Routing header in 8-octet units, not including the first 8 octets. |
Routing Type | 8-bit unsigned integer. identifier of a particular Routing header variant. |
Segments Left | 8 bits |
type-specific data | Variable-length field, of format determined by the Routing Type, and of length such that the complete Routing header is an integer multiple of 8 octets long. |
IPv6 Type 0 Routing Header
The following diagram provides the format of the IPv6 Type 0 Routing header
. The field descriptions from RFC 2460 are below it.
Field | Description |
---|---|
Next Header | 8-bit selector. Identifies the type of header immediately following the Routing header. Uses the same values as the IPv4 Protocol field. |
Hdr Ext Len | 8-bit unsigned integer. Length of the Routing header in 8-octet units, not including the first 8 octets. |
Routing Type | 0. |
Segments Left | 8-bit unsigned integer. Number of route segments remaining, i.e., number of explicitly listed intermediate nodes still to be visited before reaching the final destination. |
Reserved | 32-bit reserved field. Initialized to zero for transmission; ignored on reception. |
Address[1..n] | Vector of 128-bit addresses, numbered 1 to n. |
Malicious Use of Type 0 Routing Headers
Attackers can maliciously use IPv6 Type 0 Routing headers
to bypass packet filters (IPv6 access-list policies) or anycast addressing and routing. These headers can also be used to perform reflected denial of service (DoS) attacks, spoofing, double spoofing, and amplification attacks (ping-pong attacks that can cause link saturation and potential performance issues through added CPU processing).
This memo includes article to the threats on the use of routing headers, and specifies that IPv6 type 0 routing header
processing should be disabled by default
.
Disabling Processing of Type 0 Routing Header Packets
1 | # In the chains of INPUT/OUTPUT/FORWARD, this rule must be at the top |
IPv6 Vs IPv4
IPv6 address | IPv4 address | Meaning |
---|---|---|
FE80::/10 | 169.254.0.0/16 | Link-local address(链路本地地址),The IP address is automatically generated when the network card does not obtain an IP address (it can communicate with other local hosts through this IP), and this address cannot be routed |
::1/128 | 127.0.0.1/8 | Loopback Address(本机回环地址) |
::/128 | 0.0.0.0/0 | default route(默认路由) |
FD00::/8 | 192.168.0.0/16 | Site-Local address (私网地址) |
FD00::/8 | 172.0.0.1/8 | Site-Local address (私网地址) |
FEC0:/10 | 192.168.0.0/16 | Site-Local address (私网地址),已废弃 |
FEC0:/10 | 172.0.0.1/8 | Site-Local address (私网地址),已废弃 |
FF00::/8 | 224.0.0.0/8 | Multicast address(组播地址) |
FF01::1 | 224.0.0.1 | All Nodes in interface-local (所有-节点地址) |
FF01::2 | 224.0.0.2 | All Routers in interface-local (所有-路由器地址) |
FF02::1 | 224.0.0.1 | All Nodes in link-local (所有节点地址) |
FF02::2 | All Routers in link-local (链路中所有路由器组播地址) | |
FF05::1 | All Routers in site-local (私网中所有路由器组播地址) | |
FF02::5 | 224.0.0.5 | OSPFv3 链路状态(内部)路由协议的组播 |
FF02::6 | 224.0.0.6 | OSPFv3 designated Routers 链路状态(内部)路由协议的保留组播地址 |
FF02::9 | 224.0.0.9 | RIPng 距离向量(内部)路由协议的保留组播地址 |
FF02::A | 224.0.0.10 | Reserved Multicast Addresses for EIGRP Routing Protocol |
FF0X::101 | 224.0.1.1 | Network Time Protocol NTP |
Common Protocols
- ICMPv6: Internet Control Message Protocol version 6 is an upgraded implementation of ICMP to accommodate IPv6 requirements. The protocol is used for diagnostic functions, error and information messages, and statistical purposes. ICMPv6’s Neighbor Discovery Protocol replaces ARP and helps discover neighbors and routers on a link.
- DHCPv6: Dynamic Host Configuration Protocol version 6 is an implementation of DHCP. IPv6-enabled hosts do not need any DHCPv6 servers to obtain IP addresses because they can be configured automatically. They also do not need DHCPv6 to locate DNS servers because DNS can be discovered and configured through the ICMPv6 Neighbor Discovery Protocol; however, DHCPv6 servers can also be used to provide this information.
- DNS: There is no new version of DNS, but it is now equipped with an extension to support querying IPv6 addresses. Added a new AAAA (quad-A) record to reply to IPv6 query messages. DNS can now reply with two IP versions (4 and 6) without any change in the query format.
ICMPv6 Protocol
Bit offset | 0-7 | 8-15 | 16–31 |
---|---|---|---|
0 | Type | Code | Checksum |
32 | Message body |
Type | Code | ||||
---|---|---|---|---|---|
Value | name | Meaning | Value | name | Meaning |
ICMPv6 Error Messages | |||||
1 | destination-unreachable | Destination unreachable | 0 | no-route | no route to destination |
1 | communication-prohibited | communication with destination administratively prohibited | |||
2 | beyond-scope | beyond scope of source address | |||
3 | address-unreachable | address unreachable | |||
4 | port-unreachable | port unreachable | |||
5 | failed-policy | source address failed ingress/egress policy | |||
6 | reject-route | reject route to destination | |||
7 | Error in Source Routing Header | ||||
2 | packet-too-big | Packet too big | 0 | ||
3 | time-exceeded | Time exceeded | 0 | ttl-zero-during-transit | hop limit exceeded in transit |
1 | ttl-zero-during-reassembly | ragment reassembly time exceeded | |||
4 | parameter-problem | Parameter problem | 0 | bad-header | erroneous header field encountered |
1 | unknown-header-type | unrecognized Next Header type encountered | |||
2 | unknown-option | unrecognized IPv6 option encountered | |||
100 | Private experimentation | ||||
101 | Private experimentation | ||||
127 | Reserved for expansion of ICMPv6 error messages | ||||
ICMPv6 Informational Messages | |||||
128 | echo-request | Echo Request | 0 | ||
129 | echo-reply | Echo Reply | 0 | ||
130 | Multicast Listener Query (MLD) | 0 | There are two subtypes of Multicast Listener Query messages:
|
||
131 | Multicast Listener Report (MLD) | 0 | |||
132 | Multicast Listener Done (MLD) | 0 | |||
133 | router-solicitation | Router Solicitation (NDP) | 0 | ||
134 | router-advertisement | Router Advertisement (NDP) | 0 | ||
135 | neighbour-solicitation | Neighbor Solicitation (NDP) | 0 | ||
136 | neighbour-advertisement | Neighbor Advertisement (NDP) | 0 | ||
137 | redirect | Redirect Message (NDP) | 0 | ||
138 | Router Renumbering | 0 | Router Renumbering Command | ||
1 | Router Renumbering Result | ||||
255 | Sequence Number Reset | ||||
139 | ICMP Node Information Query | 0 | The Data field contains an IPv6 address which is the Subject of this Query. | ||
1 | The Data field contains a name which is the Subject of this Query, or is empty, as in the case of a NOOP. | ||||
2 | The Data field contains an IPv4 address which is the Subject of this Query. | ||||
140 | ICMP Node Information Response | 0 | A successful reply. The Reply Data field may or may not be empty. | ||
1 | The Responder refuses to supply the answer. The Reply Data field will be empty. | ||||
2 | The Qtype of the Query is unknown to the Responder. The Reply Data field will be empty. | ||||
141 | Inverse Neighbor Discovery Solicitation Message | 0 | |||
142 | Inverse Neighbor Discovery Advertisement Message | 0 | |||
143 | Multicast Listener Discovery (MLDv2) reports | ||||
144 | Home Agent Address Discovery Request Message | 0 | |||
145 | Home Agent Address Discovery Reply Message | 0 | |||
146 | Mobile Prefix Solicitation | 0 | |||
147 | Mobile Prefix Advertisement | 0 | |||
148 | Certification Path Solicitation (SEND) | ||||
149 | Certification Path Advertisement (SEND) | ||||
151 | Multicast Router Advertisement (MRD) | ||||
152 | Multicast Router Solicitation (MRD) | ||||
153 | Multicast Router Termination (MRD) | ||||
155 | RPL Control Message | ||||
200 | Private experimentation | ||||
201 | Private experimentation | ||||
255 | Reserved for expansion of ICMPv6 informational messages |
References:
- wikipedia-icmpv6
- wikipedia-ipv6
- rfc2460
- IPv6 Type 0 Routing Header Processing
- IPv6 Type 0 Routing Headers