This video will look at how an IPv6 node can automatically configure itself. There have been some improvements in IPv6 since IPv4 to allow configuration to occur with less infrastructure on the network.
IPv6 Autoconfiguration00:17 There are two different methods that can be used for an IPv6 node to be autoconfigured on the network. These are stateful and stateless. Stateful is when DHCP is used. It is called stateful because the DHCP server records the IP Address that was allocated to the node. The administrator can have a look at the DHCP server and see all the IP Addresses that have been allocated on the network. Stateless is different in that the nodes IP Address is not recorded on a system like DHCP. This means the node can configure itself with a valid IP Address on the network, however, the administrator does not know what the IP Address is. Thus the difference in name. With stateful the IP Address is recorded and with stateless the IP Address is not recorded. Stateless does not require services like DHCP to configure a node, and because of this, there are less options with stateless. Stateless will only provide very basic configuration. For example, additional options like DNS and booting from the network cannot be configured using stateless.
Link-local Address
02:05 In IPv6, a network interface is always assigned a Link-local address. When the network interface first starts up the Link-local address will be assigned to that network interface. The Link-local address can only access the local network and is used for some basic functions of IPv6. If the network interface is later on configured with an IPv6 address, the Link-local address is still used. The idea behind it is that the network interface will always have a valid IP Address that can be used for basic functions of IPv6 like network discovery. In IPv4, since there was no Link-local address, broadcast had to be used for the basic functions. In IPv6, broadcasts are not used since the Link-local address can be used to communicate on the network. The Link-local address will always start with fe80. After this, there are 54 bits of zeros. At the end of the address is the interface ID which after Windows XP is random. On Linux the interface ID will be the MAC address of the network interface. When the network interface first starts up and a Link-local address is assigned to it, the network interface will test the Link-local address on the network to ensure that it is unique. If there is another node on the network using the same Link-local address, a different Link-local address will be used.
Autoconfigured Address States
04:27 An IPv6 address has a number of different states that it goes through. When the network interface is first assigned an IP Address, the IP Address is placed in the ’Tentative’ state. In this state, a check is done on the network to see if the IP Address is in use. If the IP Address is not in use, the IP Address will change to the ’Preferred’ state. The preferred state means that the IP Address can be used to open new connections and accept connections. In some cases the IP Address many no longer be required. It is possible when configuring an IP Address to configure a valid life for it. In most cases this will be set to infinite. If a time period is set, the IP Address will change to ‘Deprecated’ when the time period expires. In some cases the IP Address may no longer be needed. For example, if the administrator changes the IP Address. When this occurs the IP Address will become deprecated. In the deprecated state, current connections can still be used but new connections should not be made to the IP Address. The idea behind this is, that if the network interface changes its IP Address, large transfers using the old IP Address should not be disrupted and given time to finish. This prevents network outages or connections being broken when the IP Address of the network interface is changed. If the state of the IP Address becomes invalid, the IP Address is no longer able to be used. To see the current states the command “NetSH Interface IPv6 show address” can be run.
Duplicate Address Detection (DAD)
07:00 Before a Link-local address can be used, a check is done to check the address is not already in use. This is called Duplicate Address Detection (DAD). The node will first decide which Link-local address it wants to use. To determine if this Link-local address is in use, it will attempt to send a message to that address. Since the node does not have an address yet, the source address will be set to the unspecified address of 0:0:0:0:0:0:0:0. If a node on the network is using that address, it will receive the message. It will then respond back saying that the address is in use. Since the sending node does not have a valid address as yet, the node will use the multicast address for all nodes to respond back. This may seem wasteful as all nodes on the network will receive the message, include the node trying to configure itself, however, it should be very rare that on a network there is a node with a duplicate address.
Router Advertisement (RA)
08:18 In order for a node on the network to configure a fully routable IP Address, it needs some information about the network that it is currently on. A router on the network will periodically send out this information in what is referred to as Router Advertisement (RA). If the node does not want to wait for the next RA to be sent, it can send a Route Solicitation (RS) on the network. This is sent to the multicast group for all routers. When a router receives this message, it will send an RA to the node. This RA contains network information the node can use to configure a routable IP Address.
Configuring an IPv6 Address
09:54 The Router Advertisement (RA) contains two important pieces of information. It contains the network prefix and IP Address of the gateway of the network. The network prefix is the first 64 bits of the IPv6 address. The node will use this for the first half of its IP Address. The second half of the IP Address will be random in Windows or based on MAC address in Linux. The node now has a fully routable IP Address and knows the gateway of the network.
Stateless Summary
10:40 For a node to configure itself on the network using stateless the following is done:
1) A Link-local address is configured. A test is done on the network to ensure it is not already in use.
2) If the node has not received a Router Advertisement, it will request one using a Route Solicitation. This will be sent to the multicast address for all routers.
3) The routers on the network will respond back with a Router Advertisement (RA). This contains the network prefix and gateway address on the network.
4) The node configures itself an IP Address using the RA. This is a complete IP Address that is routable on the internet. The first 64 bit is configured using the routing prefix and the second half is random in the case of Windows and on Linux is based on the MAC address.
Stateless does not configure options like DNS. In order to configure these, Stateful needs to be used.
References
“Neighbor Discovery for IP version 6 (IPv6)” https://tools.ietf.org/html/rfc4861
“Single subnet with link-local addresses” https://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/sag_ip_v6_imp_conf1.mspx?mfr=true
“IPv6 Autoconfiguration in Windows Vista” https://technet.microsoft.com/en-us/magazine/2007.08.cableguy.aspx
“IPv6” https://en.wikipedia.org/wiki/IPv6
“IPv6 Stateless Address Autoconfiguration” https://tools.ietf.org/html/rfc4862
“Installing and Configuring Windows Server 2012 R2 Exam Ref 70-410” pages 207-209
Credits
Trainer: Austin Mason http://ITFreeTraining.com
Voice Talent: HP Lewis http://hplewis.com
Video Production: Kevin Luttman http://www.KevinLuttman.com
Quality Assurance: Brett Batson http://www.pbb-proofreading.uk