Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Study notes-IP

2025-04-06 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

Key summary

IP Protocol Notes IP (Internet Protocol)

IP address (IP address)

Subnet Mask (subnet mask)

IP routing (IP router)

IP Category 5 range

Class A 1-26

Class B 128-191

Class C 192-223

Class D 224-239 Multicast (Multicast)

Category E 240-254 scientific research

Subnet mask ABC type IP default subnet mask

Class A 255.0.0.0

Class B 255.255.0.0

C tired 255.255.255.0

IP address network segment

Class A 10.0.0.1-10.255.255.254

Category B 172.16.0.1-172.16.31.254

Class C 192.168.0.1-192.168.255.254

Name, address range, number of addresses, category description, largest CIDR address block

24-bit block 10.0.0.0-10.255.255.255 16777216 a Class A 10.0.0.0 Universe 8

20-bit block 172.16.0.0-172.31.255.255 1048576 16 consecutive Class B 172.16.0.0Univer 12

16-bit block 192.168.0.0-192.168.255.255 65536 consecutive 256C class 192.168.0.0and16

7 Application layer

Application layer such as HTTP, SMTP, SNMP, FTP, Telnet, SIP, SSH, NFS, RTSP, XMPP, Whois, ENRP

6 presentation layer

Presentation layer such as XDR, ASN.1, SMB, AFP, NCP

5 session layer

Session layer such as ASAP, SSH, ISO 8327 / CCITT X.225, RPC, NetBIOS, ASP, Winsock, BSD sockets

4 transport layer

Transport layer such as TCP, UDP, TLS, RTP, SCTP, SPX, ATP, IL

3 Network layer

Network layer such as IP, ICMP, IGMP, IPX, BGP, OSPF, RIP, IGRP, EIGRP, ARP, RARP, X.25

2 data link layer

Data link layer such as Ethernet, token Ring, HDLC, frame Relay, ISDN, ATM, IEEE 802.11, FDDI, PPP

1 physical layer

Physical layer such as line, radio, optical fiber

IPv6 addressing

IPv6 has a much larger encoded address space than IPv4. This is because IPv6 uses a 128bit address, while IPv4 uses 32 bits. Therefore, the new address space supports 2128 addresses, the specific number of which is 3402823669209384663374607431768211456, because each 32-bit address can take 16 different values.

Network address translation is currently the most effective way to slow down IPv4 address exhaustion, while the address of IPv6 eliminates its dependence on him and is considered sufficient for use in the foreseeable future. Based on the earth's population of 7 billion, each person can be assigned an average of about 4.86 × 1028 (486117667 / 1020) IPv6 addresses.

The most significant change in IPv6 from IPv4 to IPv6 is the length of the network address. IPv6 addresses defined by RFC 2373 and RFC 2374 are 128 bits long; IPv6 addresses are generally expressed in 32 hexadecimal digits.

In many cases, an IPv6 address consists of two logical parts: a 64-bit network prefix and a 64-bit host address, which is usually automatically generated from the physical address, called EUI-64 (or 64-bit extension unique identifier)

IPv6 format

IPv6 binary system is 128 bits long, 16 bits as a group, each group separated by a colon ":" can be divided into 8 groups, each group is represented in 4-bit hexadecimal form. For example, 2001:0db8:85a3:08d3:1319:8a2e:0370:7344 is a legal IPv6 address.

At the same time, IPv6 can omit under certain conditions:

The leading 0 of each number can be omitted, and the omitted leading number is still 0 to continue, for example, the following group of IPv6 is equal.

2001:0DB8:02de:0000:0000:0000:0000:0e13

2001:DB8:2de:0000:0000:0000:0000:e13

2001:DB8:2de:000:000:000:000:e13

2001:DB8:2de:00:00:00:00:e13

2001:DB8:2de:0:0:0:0:e13

You can use the double colon "::" to indicate a set of zeros or sets of consecutive zeros, but only once:

If all four sets of numbers are zero, they can be omitted. Following the above omission rule, the following two sets of IPv6 are equal.

2001:DB8:2de:0:0:0:0:e13

2001:DB8:2de::e13

2001:0DB8:0000:0000:0000:0000:1428:57ab

2001:0DB8:0000:0000:0000::1428:57ab

2001:0DB8:0:0:0:0:1428:57ab

2001:0DB8:0::0:1428:57ab

2001:0DB8::1428:57ab

2001::25de::cade is illegal because the double colon appears twice. It may be one of the following situations, making it impossible to infer.

2001:0000:0000:0000:0000:25de:0000:cade

2001:0000:0000:0000:25de:0000:0000:cade

2001:0000:0000:25de:0000:0000:0000:cade

2001:0000:25de:0000:0000:0000:0000:cade

If this address is actually the address of IPv4, the last 32 bits can be represented by a decimal number; so:: ffff:192.168.89.9 equals:: ffff:c0a8:5909, but not:: 192.168.89.9 and:: c0a8:5909.

In addition, the:: ffff:1.2.3.4 format is called an IPv4 mapped address. The:: 1.2.3.4 format is called IPv4 consistent address, which has been cancelled.

IPv4 addresses can be easily converted to IPv6 format. For example, if an address of IPv4 is 135.75.43.52 (hexadecimal is 0x874B2B34), it can be converted to 0000:0000:0000:0000:0000:ffff:874B:2B34 or:: ffff:874B:2B34. At the same time, you can also use mixed symbols (IPv4-compatible address), so the address can be:: ffff:135.75.43.52.

Classification of IPv6 addresses

There are three types of IPv6 addresses: [8]

Unicast (unicast) address

The unicast address identifies a network interface. The protocol sends packets destined for the address to its interface. The unicast address of an IPv6 can have a category that represents a special address name, such as an link-local address and a unique area address (ULA,unique local address). Unicast addresses include clustered global unicast addresses, link-local addresses, and so on.

Anycast (anycast) address

Anycast is a unique data transmission method of IPv6, which is like the combination of Unicast (single point of propagation) and Broadcast (multicast) of IPv4. IPv4 supports unicast and multicasting, which communicates directly between source and destination; multicasting communicates between single source and multiple destinations.

While Anycast is between the above two, like Broadcast, it will have a set of address bar tables of receiving nodes, but the packets designated as Anycast will only be sent to one of the receiving addresses nearest to or with the lowest sending cost (judged by the routing table). When the receiving address receives the packet and responds, it adds subsequent transmissions. The other nodes that receive the list will know that a node address has responded, and they will no longer join the subsequent transmission job.

Take the current application as an example, the Anycast address can only be assigned to the router, not to the computer, and cannot be used as the address of the sender.

Multicast (multicast) address

A multicast address is also called a multicast address. Multicast addresses are also assigned to a different group of interfaces, and packets sent to multicast addresses are sent to all addresses. Multicast addresses start with bytes that are all one, that is, they are preceded by FF00::/8. The last four bits of its second byte are used to mark "category".

Generally there are node-local (0x1), link-local (0x2), site-local (0x5), organization-local (0x8) and global (0xE). The lowest 112 bits of the multicast address form the multicast group identification code, but because the traditional method is generated from the MAC address, only the lowest 32 bits of the group identification code are used. The defined group identification codes are the multicast address 0x1 for all nodes and the 0x2 for all routers.

The address of the other multicast group is "solicited-node Multicast address", which is composed of the pre-FF02::1:FF00:0/104 and the remaining group identification code (at least 24 bits). These addresses allow link layer addresses to be interpreted via neighbor Discovery Protocol (NDP,Neighbor Discovery Protocol) so that they do not have to interfere with all nodes in the area network.

Special address

IANA maintains an official list of IPv6 address spaces [9]. Global unicast address allocation can be found in each regional Internet registry or GRH DFP pages.

Some addresses in IPv6 have a special meaning:

No address specified

:: / 128-an address where all bits are zero is called an unspecified address. This address cannot be assigned to a network interface and will be used in the software only if the host does not know its source IP. Routers cannot forward packets that contain unspecified addresses.

Link-local address

:: 1Accord 128-is a unicast wrap-back address. If an application sends packets to this address, the IPv6 stack forwards the packets back to the same virtual interface (the equivalent of 127.0.0.1 hand 8 in IPv4).

Fe80::/10- these link-local addresses indicate that these addresses are legal only in area connections, which is somewhat similar to 169.254.0.0 and 16 in IPv4.

Unique region location domain

Fc00::/7- unique area address (ULA,unique local address) can only be sent in a group of websites. This is defined in RFC 4193 to replace the site local bit domain. This address contains a pseudorandom number of 40 bits to reduce the risk of collisions when websites merge or packets are mistakenly transmitted to the network. In addition to being used only for regions, these addresses also have a global scope, which violates the definition of the site-local address replaced by the unique area location domain.

Multicast address

The prefix ff00::/8- indicates the multicast address defined in "IP Version 6 Addressing Architecture" (RFC 4291) [10]. Some of these addresses have been used to specify special protocols, such as NTP servers for all zones where ff0X::101 corresponds (RFC 2375).

Request node multicast address (Solicited-node multicast address)

Ff02::1:FFXX:XXXX-XX:XXXX is the three lowest bytes of the corresponding unicast or anycast address.

IPv4 translation address

:: ffff:x.x.x.x/96- is used for IPv4 mapping addresses. (see the conversion mechanism below).

2001PluGRAD32-used for Teredo tunnels.

2002GRV 6to4 16-for use with VIP.

ORCHID

2001:10::/28-ORCHID (Overlay Routable Cryptographic Hash Identifiers) (RFC 4843). These are undeliverable IPv6 addresses that are used for encrypted hash identification.

File

2001 RFC Db8 / 12 / 32-this prefix is used for files (Db8). These addresses are applied to examples of IPV6 addresses, or describe the network architecture.

The use of being abandoned or deleted.

:: / 96-this front was used for IPv4 compatible addresses and has been deleted.

The local prefix of the fec0::/10- site indicates that this address is legal only within the organization. It was abandoned in RFC3879 in September 2004, and the new system should not support this type of address.

IPv6 packet

Description of the architecture of the IPv6 packet.

The IPv6 packet consists of two main parts: header and payload.

The packet header is the first 64 bits of the packet and contains the source and destination address, protocol version, traffic class (8 bits, packet priority), stream flag (20 bits, QoS quality of service control), packet length (16 bits), the next header (for stack decoding, similar to the protocol number in IPv4), and a hop limit (8 bits, lifetime, equivalent to TTL in IPv4). Behind it is the load. MTU is at least 1280 bytes long and 1500 bytes in common Ethernet environments. The load can be up to 65535 bytes in standard mode, and the length value is set to 0 if the extension header is set to the "jumbo payload" option.

There were two slightly different versions of IPv6: the original version (now obsolete) defined in RFC 1883 and the now proposed standard version described in RFC 2460. The two are mainly different in the option of communication category, which has changed from 4 bits to 8 bits. The other differences are negligible.

Fragmentation is processed only in the host of the IPv6. In IPv6, options are removed from the standard header and specified in the protocol field, similar to the protocol field function of IPv4.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Network Security

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report