The IPv6 Protocol &

IPv6 Standards
ITU/APNIC/MICT IPv6 Security
Workshop
23rd – 27th May 2016
Bangkok

Last updated 3rd May 2015 1

So what has really changed?
p  IPv6 does not interoperate with IPv4
n  Separate protocol working independently of
IPv4
n  Deliberate design intention
n  Simplify IP headers to remove unused or
unnecessary fields
n  Fixed length headers to “make it easier for chip
designers and software engineers”

2
What else has changed?
p  Expanded address space
n  Address length quadrupled to 16 bytes
p  Header Format Simplification
n  Fixed length, optional headers are daisy-chained
n  IPv6 header is twice as long (40 bytes) as IPv4 header
without options (20 bytes)
p  No checksum at the IP network layer
p  No hop-by-hop fragmentation
n  Path MTU discovery
p  64 bits aligned
p  Authentication and Privacy Capabilities
n  IPsec is integrated
p  No more broadcast 3
 IPv4 and IPv6 Header Comparison
IPv4 Header IPv6 Header
Type of Traffic
Version IHL Total Length Version Flow Label
Service Class
Fragment Next Hop
Identification Flags Payload Length
Offset Header Limit
Time to Live Protocol Header Checksum

Source Address
Source Address
Destination Address

Options Padding

Name retained from IPv4 to IPv6

Legend

Field not kept in IPv6 Destination Address

Name and position changed in IPv6
New field in IPv6

4
IPv6 Header
p  Version = 4-bit value set to 6
p  Traffic Class = 8-bit value
n  Replaces IPv4 TOS field
p  Flow Label = 20-bit value
p  Payload Length = 16-bit value
n  The size of the rest of the IPv6 packet following the
header – replaces IPv4 Total Length
p  Next Header = 8-bit value
n  Replaces IPv4 Protocol, and indicates type of next header
p  Hop Limit = 8-bit value
n  Decreased by one every IPv6 hop (IPv4 TTL counter)
p  Source address = 128-bit value
p  Destination address = 128-bit value 5
Header Format Simplification
p  Fixed length
n  Optional headers are daisy-chained
p  64 bits aligned
p  IPv6 header is twice as long (40 bytes) as
IPv4 header without options (20 bytes)
p  IPv4 contains 10 basic header fields
p  IPv6 contains 6 basic header fields
n  No checksum at the IP network layer
n  No hop-by-hop fragmentation

6
Header Format – Extension Headers
IPv6 Header
Next Header TCP Header
= TCP + Data

IPv6 Header Routing Header

Next Header TCP Header
Next Header =
= Routing + Data
TCP

IPv6 Header Routing Header Fragment of

Destination Header
Next Header Next Header = TCP Header
Next Header = TCP
= Routing Destination + Data

p  All optional fields go into extension headers

p  These are daisy chained behind the main header
n  The last 'extension' header is usually the ICMP, TCP or UDP header
p  Makes it simple to add new features in IPv6 protocol without
major re-engineering of devices 7

p  Number of extension headers is not fixed / limited

Header Format – Common Headers
p  Common values of Next Header field:
0 Hop-by-hop option (extension)
2 ICMP (payload)
6 TCP (payload)
17 UDP (payload)
43 Source routing (extension)
44 Fragmentation (extension)
50 Encrypted security payload (extension, IPSec)
51 Authentication (extension, IPSec)
59 Null (No next header)
60 Destination option (extension) 8
Header Format – Ordering of Headers
p  Order is important because:
n  Hop-by-hop header has to be processed by
every intermediate node
n  Routing header needs to be processed by
intermediate routers
n  At the destination fragmentation has to be
processed before other headers
p  This
makes header processing easier to
implement in hardware

9
Larger Address Space
IPv4 = 32 bits

IPv6 = 128 bits

p  IPv4
32 bits
= 4,294,967,296 possible addressable devices
p  IPv6
128 bits: 4 times the size in bits
= 3.4 x 1038 possible addressable devices
= 340,282,366,920,938,463,463,374,607,431,768,211,456
= 4.6 x 1028 addresses per person on the planet
10
How was the IPv6 Address Size
Chosen?
p  Some wanted fixed-length, 64-bit addresses
n  Easily good for 1012 sites, 1015 nodes, at .0001
allocation efficiency
p  (3 orders of magnitude more than IPv6 requirement)
n  Minimizes growth of per-packet header overhead
n  Efficient for software processing
p  Some wanted variable-length, up to 160 bits
n  Compatible with OSI NSAP addressing plans
n  Big enough for auto-configuration using IEEE 802
addresses
n  Could start with addresses shorter than 64 bits & grow
later
p  Settled on fixed-length, 128-bit addresses
11
IPv6 Address Representation (1)
p  16 bit fields in case insensitive colon hexadecimal
representation
n  2031:0000:130F:0000:0000:09C0:876A:130B
p  Leading zeros in a field are optional:
n  2031:0:130F:0:0:9C0:876A:130B
p  Successive fields of 0 represented as ::, but only
once in an address:
n  2031:0:130F::9C0:876A:130B is ok
n  2031::130F::9C0:876A:130B is NOT ok

n  0:0:0:0:0:0:0:1 → ::1 (loopback address)

n  0:0:0:0:0:0:0:0 → :: (unspecified address)
12
IPv6 Address Representation (2)
p  :: representation
n  RFC5952 recommends that the rightmost set of :0: be
replaced with :: for consistency
p  2001:db8:0:2f::5 rather than 2001:db8::2f:0:0:0:5

p  IPv4-compatible (not used any more)

n  0:0:0:0:0:0:192.168.30.1
n  = ::192.168.30.1
n  = ::C0A8:1E01
p  In a URL, it is enclosed in brackets (RFC3986)
n  http://[2001:db8:4f3a::206:ae14]:8080/index.html
n  Cumbersome for users, mostly for diagnostic purposes
n  Use fully qualified domain names (FQDN)
n  ⇒ The DNS has to work!! 13
IPv6 Address Representation (3)
p  Prefix Representation
n  Representation of prefix is just like IPv4 CIDR
n  In this representation you attach the prefix
length
n  Like IPv4 address:
p  198.10.0.0/16
n  IPv6 address is represented in the same way:
p  2001:db8:12::/40

14
IPv6 Addressing
p  IPv6 Addressing rules are covered by multiple
RFCs
n  Architecture defined by RFC 4291
p  Address Types are :
n  Unicast : One to One (Global, Unique Local, Link local)
n  Anycast : One to Nearest (Allocated from Unicast)
n  Multicast : One to Many
p  A single interface may be assigned multiple IPv6
addresses of any type (unicast, anycast,
multicast)
n  No Broadcast Address → Use Multicast

15
IPv6 Addressing
Type Binary Hex

Unspecified 000…0 ::/128

Loopback 000…1 ::1/128

Global Unicast
0010 2000::/3
Address
Unique Local 1111 1100
FC00::/7
Unicast Address 1111 1101
Link Local
1111 1110 10 FE80::/10
Unicast Address

Multicast Address 1111 1111 FF00::/8

16
Global Unicast Addresses
128 Bits
Providers 29 bits Interface ID

001
Site
2000::/3
16 Bits
3 Bits

p  Address block delegated by IETF to IANA

p  For distribution to the RIRs and on to the users of
the public Internet
p  Global Unicast Address block is 2000::/3
n  This is 1/8th of the entire available IPv6 address space
17
Unique-Local Addresses
128 Bits
Global ID 40 Bits Interface ID

1111 110 Subnet ID

L-bit
FC00::/7
16 Bits
7 Bits

p  Unique-Local Addresses (ULAs) are NOT routable on the

Internet
n  L-bit set to 1 – which means the address is locally assigned
p  ULAs are used for:
n  Isolated networks
n  Local communications & inter-site VPNs
n  (see now expired https://datatracker.ietf.org/doc/draft-ietf- 18
v6ops-ula-usage-recommendations/)
Unique-Local – Typical Scenarios
p  Isolated IPv6 networks:
n  Never need public Internet connectivity
n  Don’t need assignment from RIR or ISP
p  Local devices such as printers, telephones, etc
n  Connected to networks using Public Internet
n  But the devices themselves do not communicate outside
the local network
p  Site Network Management systems connectivity
p  Infrastructure addressing
n  Using dual Global and Unique-Local addressing
p  Public networks experimenting with NPTv6
(RFC6296)
19
n  One to one IPv6 to IPv6 address mapping
Link-Local Addresses
128 Bits

Remaining 54 Bits Interface ID

1111 1110 10

FE80::/10

10 Bits
p  Link-Local Addresses Used For:
n  Communication between two IPv6 device (like ARP but at Layer 3)
n  Next-Hop calculation in Routing Protocols
p  Automatically assigned by Router as soon as IPv6 is enabled
n  Mandatory Address
p  Only Link Specific scope
p  Remaining 54 bits could be Zero or any manual configured 20
value
Multicast Addresses
128 Bits
8 bit Lifetime/Scope 112 bit Group ID

1111 1111

FF00::/8

8 Bits
p  Multicast Addresses Used For:
n  One to many communication
p  2nd octet reserved for Lifetime and Scope
p  Remainder of address represents the Group ID
p  (Substantially larger range than for IPv4 which only had
224.0.0.0/4 for Multicast)
21
Global Unicast
IPv6 Address Allocation
/12 /32 /48 /64

2000 db8 Interface ID

Registry
ISP prefix
Site prefix
LAN prefix

p  The allocation process is:

n  The IANA is allocating out of 2000::/3 for initial IPv6
unicast use
n  Each registry gets a /12 prefix from the IANA
n  Registry allocates a /32 prefix (or larger) to an IPv6 ISP
n  Policy is that an ISP allocates a /48 prefix to each end
22
customer
IPv6 Addressing Scope
p  64 bits reserved for the interface ID
n  Possibility of 264 hosts on one network LAN
n  In theory 18,446,744,073,709,551,616 hosts
n  Arrangement to accommodate MAC addresses
within the IPv6 address
p  16 bits reserved for the end site
n  Possibility of 216 networks at each end-site
n  65536 subnets equivalent to a /12 in IPv4
(assuming a /28 or 16 hosts per IPv4 subnet)

23
IPv6 Addressing Scope
p  16 bits reserved for each service provider
n  Possibility of 216 end-sites per service provider
n  65536 possible customers: equivalent to each
service provider receiving a /8 in IPv4
(assuming a /24 address block per customer)
p  29 bits reserved for all service providers
n  Possibility of 229 service providers
n  i.e. 536,870,912 discrete service provider
networks
p  Although some service providers already are
justifying more than a /32
24
How to get an IPv6 Address?
p  IPv6 address space is allocated by the 5 RIRs:
n  AfriNIC, APNIC, ARIN, LACNIC, RIPE NCC
n  Network Operators get address space from the RIRs
n  End Users get IPv6 address space from their ISP

p  In the past, there were also:

n  6to4 tunnels 2002::/16
p  Intended to give isolated IPv6 nodes access to the IPv6
Internet
p  Now mostly useless (very unreliable, totally insecure) and
considered obsolete
n  6Bone
p  The experimental IPv6 network launched in the mid 1990s
25
p  Was retired on 6th June 2006 (RFC3701)
Aggregation hopes
Only
Customer announces
2001:db8:1::/48
the /32
prefix
ISP
2001:db8::/32

Customer IPv6 Internet

2001:db8:2::/48

p  Larger address space enables aggregation of

prefixes announced in the global routing table
p  Idea was to allow efficient and scalable routing
p  But current Internet multihoming solution breaks
this model 26
Interface IDs
p  Lowestorder 64-bit field of unicast
address may be assigned in several
different ways:
n  Auto-configured from a 64-bit EUI-64, or
expanded from a 48-bit MAC address (e.g.,
Ethernet address)
n  Auto-generated pseudo-random number (to
address privacy concerns)
n  Assigned via DHCP
n  Manually configured

27
EUI-64
Ethernet MAC address
00 90 27 17 FC 0F
(48 bits)

00 90 27 17 FC 0F
FF FE

64 bits version 00 90 27 FF FE 17 FC 0F

1 = universal
Scope of the EUI-64 id 000000X0 where X=
0 = local
X=1
EUI-64 address 02 90 27 FF FE 17 FC 0F

p  EUI-64 address is formed by inserting FFFE between the

company-id and the manufacturer extension, and setting
the “u” bit to indicate scope
n  Global scope: for IEEE 48-bit MAC 28
n  Local scope: when no IEEE 48-bit MAC is available (eg serials, tunnels)
EUI-64
p  Device MAC address is used to create:
n  Final 64 bits of global unicast address e.g.
p  2001:db8:0:1:290:27ff:fe17:fc0f
n  Final 64 bits of link local address e.g.
p  fe80::290:27ff:fe17:fc0f
n  Final 24 bits of solicited node multicast address e.g.
p  ff02::1:ff17:fc0f
p  Note that both global unicast and link local
addresses can also be configured manually

29
IPv6 Addressing Examples
LAN: 2001:db8:213:1::/64

Ethernet0

interface Ethernet0
ipv6 address 2001:db8:213:1::/64 eui-64
MAC address: 0060.3e47.1530

router# show ipv6 interface Ethernet0

Ethernet0 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::260:3EFF:FE47:1530
Global unicast address(es):
2001:db8:213:1:260:3EFF:FE47:1530, subnet is 2001:db8:213:1::/64
Joined group address(es):
FF02::1:FF47:1530
FF02::1
FF02::2
MTU is 1500 bytes

30
IPv6 Address Privacy (RFC 4941)
/12 /32 /48 /64

2001 0db8 Interface ID

p  Temporary addresses for IPv6 host client application, e.g.

Web browser
p  Intended to inhibit device/user tracking but is also a
potential issue
n  More difficult to scan all IP addresses on a subnet
n  But port scan is identical when an address is known
p  Random 64 bit interface ID, run DAD before using it
p  Rate of change based on local policy
p  Implemented on Microsoft Windows XP/Vista/7 and Apple
MacOS 10.7 onwards
n  Can be activated on FreeBSD/Linux with a system call
31
Host IPv6 Addressing Options
p  Stateless (RFC4862)
n  SLAAC – Stateless Address AutoConfiguration
n  Booting node sends a “router solicitation” to
request “router advertisement” to get
information to configure its interface
n  Booting node configures its own Link-Local
address
p  Stateful
n  DHCPv6 – required by most enterprises
n  Manual – like IPv4 pre-DHCP
p  Useful for servers and router infrastructure
p  Doesn’t scale for typical end user devices
32
IPv6 Renumbering
p  Renumbering Hosts
n  Stateless:
p  Hosts renumbering is done by modifying the RA to
announce the old prefix with a short lifetime and the
new prefix
n  Stateful:
p  DHCPv6 uses same process as DHCPv4
p  Renumbering Routers
n  Router renumbering protocol was developed
(RFC 2894) to allow domain-interior routers to
learn of prefix introduction / withdrawal
n  No known implementation! 33
 Auto-configuration

Mac address:
00:2c:04:00:FE:56

Host autoconfigured Sends network-type

address is: information (prefix, default
prefix received + route, …)
link-layer address

p  PC sends router solicitation (RS) message

p  Router responds with router advertisement (RA)
n  This includes prefix and default route
n  RFC6106 adds DNS server option
p  PC configures its IPv6 address by concatenating
prefix received with its EUI-64 address 34
Renumbering

Mac address:
00:2c:04:00:FE:56

Host auto-configured
address is: Sends NEW network-type
information (prefix, default
NEW prefix received +
route, …)
SAME link-layer address
p  Router sends router advertisement (RA)
n  This includes the new prefix and default route (and
remaining lifetime of the old address)
p  PC configures a new IPv6 address by
concatenating prefix received with its EUI-64
address 35
n  Attaches lifetime to old address
Multicast use
p  Broadcasts in IPv4
n  Interrupts all devices on the LAN even if the
intent of the request was for a subset
n  Can completely swamp the network
(“broadcast storm”)
p  Broadcasts in IPv6
n  Are not used and replaced by multicast
p  Multicast
n  Enables the efficient use of the network
n  Multicast address range is much larger

36
IPv6 Multicast Address
p  IP multicast address has a prefix FF00::/8
p  The second octet defines the lifetime and
scope of the multicast address.

8-bit 4-bit 4-bit 112-bit

1111 1111 Lifetime Scope Group-ID

Scope
Lifetime
1 Node
0 If Permanent
2 Link
1 If Temporary
5 Site
8 Organisation
37
E Global
IPv6 Multicast Address Examples
p  RIPng
n  The multicast address AllRIPRouters is FF02::9
p  Note that 02 means that this is a permanent address
and has link scope
p  OSPFv3
n  The multicast address AllSPFRouters is FF02::5
n  The multicast address AllDRouters is FF02::6

p  EIGRP
n  The multicast address AllEIGRPRouters is
FF02::A
38
Solicited-Node Multicast
p  Solicited-Node
Multicast is used for
Duplicate Address Detection
n  Part of the Neighbour Discovery process
n  Replaces ARP
n  Duplicate IPv6 Addresses are rare, but still
have to be tested for
p  For each unicast and anycast address
configured there is a corresponding
solicited-node multicast address
n  This address is only significant for the local link
39
Solicited-Node Multicast Address

p  Solicited-nodemulticast address consists

of FF02:0:0:0:0:1:FF::/104 prefix joined
with the lower 24 bits from the unicast or
anycast IPv6 address

40
 Solicited-Node Multicast
R1#sh ipv6 int e0
Ethernet0 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::200:CFF:FE3A:8B18
No global unicast address is configured
Joined group address(es):
FF02::1
FF02::2 Solicited-Node Multicast Address
FF02::1:FF3A:8B18
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds
ND advertised reachable time is 0 milliseconds
ND advertised retransmit interval is 0 milliseconds
ND router advertisements are sent every 200 seconds
ND router advertisements live for 1800 seconds
Hosts use stateless autoconfig for addresses.
R1#
41
IPv6 Anycast
p  An IPv6 anycast address is an identifier for a set
of interfaces (typically belonging to different
nodes)
n  A packet sent to an anycast address is delivered to one
of the interfaces identified by that address (the “nearest”
one, according to the routing protocol’s measure of
distance).
n  RFC4291 describes IPv6 Anycast in more detail
p  In reality there is no known implementation of
IPv6 Anycast as per the RFC
n  Most operators have chosen to use IPv4 style anycast
instead

42
Anycast on the Internet
p  A global unicast address is assigned to all nodes
which need to respond to a service being offered
n  This address is routed as part of its parent address block
p  The responding node is the one which is closest
to the requesting node according to the routing
protocol
n  Each anycast node looks identical to the other
p  Applicable within an ASN, or globally across the
Internet
p  Typical (IPv4) examples today include:
n  Root DNS and ccTLD/gTLD nameservers
n  SMTP relays and DNS resolvers within ISP autonomous
systems
43
MTU Issues
p  Minimum link MTU for IPv6 is 1280 octets
(versus 68 octets for IPv4)
⇒ on links with MTU < 1280, link-specific
fragmentation and reassembly must be used
p  Implementations are expected to perform path
MTU discovery to send packets bigger than 1280
p  Minimal implementation can omit PMTU discovery
as long as all packets kept ≤ 1280 octets
p  A Hop-by-Hop Option supports transmission of
“jumbograms” with up to 232 octets of payload

44
IPv6 Neighbour Discovery
p  Protocol defines mechanisms for the following
problems:
n  Router discovery
n  Prefix discovery
n  Parameter discovery
n  Address autoconfiguration
n  Address resolution
n  Next-hop determination
n  Neighbour unreachability detection
n  Duplicate address detection
n  Redirects

45
IPv6 Neighbour Discovery
p  Defined in RFC 4861
p  Protocol built on top of ICMPv6 (RFC 4443)
n  Combination of IPv4 protocols (ARP, ICMP, IGMP,…)
p  Fully dynamic, interactive between Hosts &
Routers
p  Defines 5 ICMPv6 packet types:
n  Router Solicitation
n  Router Advertisement
n  Neighbour Solicitation
n  Neighbour Advertisement
n  Redirect

46
IPv6 and DNS
p  Hostname to IP address:

IPv4 www.abc.test. A 192.168.30.1

IPv6 www.abc.test. AAAA 2001:db8:c18:1::2

47
IPv6 and DNS
p  IP address to Hostname:

IPv4 1.30.168.192.in-addr.arpa. PTR www.abc.test.

IPv6 2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.8.1.c.0.8.b.d.
0.1.0.0.2.ip6.arpa PTR www.abc.test.

48
 IPv6 Technology Scope
IP Service IPv4 Solution IPv6 Solution
32-bit, Network Address
Addressing Range 128-bit, Multiple Scopes
Translation
DHCP, Serverless,
Autoconfiguration DHCP
Reconfiguration
Security IPsec IPsec works End-to-End
Mobile IP with Direct
Mobility Mobile IP
Routing
Differentiated Service, Differentiated Service,
Quality of Service
Integrated Service Integrated Service
MLD, PIM, Multicast BGP,
Multicast IGMP, PIM, Multicast BGP
Scope Identifier

49
What does IPv6 do for:
p  Security
n  Nothing IPv4 doesn’t already support – IPSec
runs in both
p  QoS
n  Nothing IPv4 doesn’t already support –
Differentiated and Integrated Services run in
both
n  So far, Flow label has no real use

50
IPv6 Security
p  IPsec standards apply to both IPv4 and IPv6
p  All implementations required to support
authentication and encryption headers (“IPsec”)
p  Authentication separate from encryption for use
in situations where encryption is prohibited or
prohibitively expensive
p  Key distribution protocols are not yet defined
(independent of IP v4/v6)
p  Support for manual key configuration required

51
IP Quality of Service Reminder
p  Two basic approaches developed by IETF:
n  “Integrated Service” (int-serv)
p  Fine-grain (per-flow), quantitative promises (e.g., x
bits per second), uses RSVP signalling
n  “Differentiated Service” (diff-serv)
p  Coarse-grain (per-class), qualitative promises (e.g.,
higher priority), no explicit signalling
n  Signalled diff-serv (RFC 2998)
p  Uses RSVP for signalling with course-grained
qualitative aggregate markings
p  Allows for policy control without requiring per-router
state overhead

52
IPv6 Support for Int-Serv
p  20-bitFlow Label field to identify specific
flows needing special QoS
n  Each source chooses its own Flow Label
values; routers use Source Addr + Flow Label
to identify distinct flows
n  Flow Label value of 0 used when no special
QoS requested (the common case today)
p  Originally standardised as RFC3697

53
IPv6 Flow Label
p  Flowlabel has not been used since IPv6
standardised
n  Suggestions for use in recent years were
incompatible with original specification
(discussed in RFC6436)
p  Specification updated in RFC6437
n  RFC6438 describes the use of the Flow Label
for equal cost multi-path and link aggregation
in Tunnels

54
IPv6 Support for Diff-Serv
p  8-bit
Traffic Class field to identify specific
classes of packets needing special QoS
n  Same as new definition of IPv4 Type-of-
Service byte
n  May be initialized by source or by router
enroute; may be rewritten by routers enroute
n  Traffic Class value of 0 used when no special
QoS requested (the common case today)

55
IPv6 Standards
p  CoreIPv6 specifications are IETF Draft
Standards → well-tested & stable
n  IPv6 base spec, ICMPv6, Neighbor Discovery,
PMTU Discovery,...
p  Otherimportant specs are further behind
on the standards track, but in good shape
n  Mobile IPv6, header compression,...
n  For up-to-date status: www.ipv6tf.org

p  3GPP UMTS Rel. 5 cellular wireless

standards (2002) mandate IPv6; also
being considered by 3GPP2 56
IPv6 Status – Standardisation
p  Several key components on standards track…
Specification (RFC2460) Neighbour Discovery (RFC4861)
ICMPv6 (RFC4443) IPv6 Addresses (RFC4291 & 3587)
RIP (RFC2080) BGP (RFC2545)
IGMPv6 (RFC2710) OSPF (RFC5340)
Router Alert (RFC2711) Jumbograms (RFC2675)
Autoconfiguration (RFC4862) Radius (RFC3162)
DHCPv6 (RFC3315 & 4361) Flow Label (RFC6436/7/8)
IPv6 Mobility (RFC3775) Mobile IPv6 MIB (RFC4295)
GRE Tunnelling (RFC2473) Unique Local IPv6 Addresses (RFC4193)
DAD for IPv6 (RFC4429) Teredo (RFC4380)
ISIS for IPv6 (RFC5308) VRRP (RFC5798)
p  IPv6 available over:
PPP (RFC5072) Ethernet (RFC2464)
FDDI (RFC2467) Token Ring (RFC2470)
NBMA (RFC2491) ATM (RFC2492)
Frame Relay (RFC2590) ARCnet (RFC2497)
IEEE1394 (RFC3146) FibreChannel (RFC4338) 57

Facebook (RFC5514)
Recent IPv6 Hot Topics
p  IPv4 depletion debate
n  IANA IPv4 pool ran out on 3rd February 2011
p  http://www.potaroo.net/tools/ipv4/
p  IPv6 Transition “assistance”
n  CGN, 6rd, NAT64, IVI, DS-Lite, 6to4, A+P…
p  Mobile IPv6
p  Multihoming
n  SHIM6 “dead”, Multihoming in IPv6 same as in IPv4
p  IPv6 Security
n  Security industry & experts taking much closer look

58
Conclusion
p  Protocol is “ready to go”
p  The core components have already seen
several years field experience

59
The IPv6 Protocol &
IPv6 Standards
ITU/APNIC/MICT IPv6 Security
Workshop
23rd – 27th May 2016
Bangkok

Last updated 3rd May 2015 60