Shulou(Shulou.com)06/03 Report--

This article mainly introduces the introductory course of IPv6 from three aspects: the basic concepts, the relevant network tools of IPv6, and the research on the automatic degradation mechanism of mobile applications in IPv6 and IPv4 network environment.

Preface

As we all know, the 32-bit IPv4 address has been basically exhausted (the exhaustion here is just to say that it has been allocated, but in fact, a considerable part of it has not been put into use). The new generation of network protocol, IPv6, uses 128bit address length to have more address space, which is so large that it can assign an IPv6 address to every grain of sand on the earth. The voice of the popularity of the IPv6 network has been called for many years, but it has not been promoted in China due to various factors. Since November 2017, the General Office of the CPC Central Committee and the General Office of the State Council have issued the "recommended Internet Protocol sixth Edition (IPv6) scale deployment Action Plan" http://www.xinhuanet.com/politics/2017-11/26/c_1122012631.htm, and issued a circular requiring all localities and departments to conscientiously implement it in the light of reality. This news conveys a very important message: this is a strategic mobilization order to promote the development of China's IPv6. In June 2018, the Internet Information Office issued red-headed documents to the three major operators and 50 domestic Internet companies, requiring the major operators and head Internet companies to give their own implementation plans and schedules, and set a target: an increase in the number of domestic IPv6 active users by the end of 2018. Therefore, since June 2018, the IPv6 transformation of major companies has been intensified, and considerable results have been achieved at the end of 2018.

As the IPv6 network protocol is still a relatively new protocol, in the process of promotion, many people lack the necessary knowledge of this network protocol, so write a simple article here for a brief introduction and application of the protocol.

Basic concept

Software support

At present, most operating systems and hardware support IPv6 well, briefly listed as follows:

Windows:windows 7, windows 8.x, windows 10. IPv6 is enabled by default.

Linux: kernel 2.6.x, kernel 3.x, and kernel 4.x already support IPv6 (need to be turned on manually)

IOS:IOS9 has started to support IPv6 Only, and Apple has mandated that app must support IPv6 in 2016.

Android already supports IPv6 (but not DHCPv6).

How to check whether the network of your phone or computer supports IPv6, open it in the browser on your phone or computer: Ipv6-test.com, which shows that your mobile network already supports IPv6 and has been assigned an IPv6 address.

Figure 1: check whether the current network supports IPv6

From the screenshot above, we can see that most of the current network environments that support IPv6 are dual-stack environments, that is, they support both IPv4 and IPv6, that is, when we connect to the operator LTE network, it usually assigns an IPv4 address (usually 10. 5. The initial private network address), and an IPv6 address (the global unicast address, which is equivalent to the public network address in ipv4). In a dual-stack environment, users automatically choose which IPv6 or IPv4 protocol to use to connect to remote services. If the server domain name supports IPv6 (there is an AAAA record in domain name resolution), the client will first use IPv6 protocol to connect to the server (except in special cases). When the server domain name only supports IPv4 (only A record in DNS resolution), the client will use IPv4 protocol to connect to the server to complete the request.

Brief introduction of IPv6 Protocol

First, take a look at a simple IPv6 packet capture diagram:

Figure 2: ipv6 data message

From the message information of WireShark, there is a big difference between the message type field, header field and IPv4 message of IPv6 message. RFC2460 defines the IPv6 Datagram format. In the overall structure, the IPv6 Datagram format is the same as the IPv4 Datagram format, and it is also composed of IP headers and data (called payloads in IPv6), but the IPv6 Datagram data section can also include 0 or more IPv6 extension headers (Extension header), as shown in the following figure. The IP header is fixed at 40 bytes, while the payload is limited to 65535 bytes.

Figure 3: IPv6 header field

Briefly introduce the header fields in the IPv6 message:

Version (version): this field represents the IP version and has a value of 6.

Traffic class (Traffic Class): this field and its function are similar to the business type field of IPv4. This field marks an IPv6 packet with a differentiated service coding point (DSCP) to indicate how the packet should be handled.

Flow label (flow label): this field is used to mark a stream of IP packets. The current standard does not define the details of how to manage and handle flow labels.

Payload length (payload length): this field indicates the length of the payload, which refers to the packet immediately following the IPv6 base header and contains the IPv6 extension header.

Next header (next header): this field indicates the type of information that follows the extension header after the IPv6 base header.

For more detailed comparisons, please refer to this article:

IPV6 header format: (http://support.huawei.com/hedex/pages/EDOC10000256133118G231/08/EDOC10000256133118G231/08/resources/fea_des/topics/fea_ipv6_00014.html)

>

IPv6 address representation

The IPv6 address consists of eight groups of four-digit hexadecimal digits, each separated by a ":". Take a simple example:

2001:cdba:0000:0000:0000:0000:3257:9652, each: 4-digit hexadecimal numbers, separated into 8 groups)

According to the rules of abbreviation, the above address can be abbreviated as follows:

1. Omitting leading zeros, the above ip address can be expressed as:

2001:cdba:0:0:0:0:3257:9652 (4 zeros abbreviated to 1 zeros)

two。 By specifying an Ipv6 address by using a double colon (::) instead of a series of zeros, the above address can be expressed as:

2001:cdba::3257:9652 (: 0 IP address can only use double colons once)

>

IPv6 address classification

An IPv6 address is a 128bit identifier for a single interface or group of interfaces. In IPv4, ip addresses are divided into five categories A, B, C, D and E, while IPv6 breaks through the classification of IPv4 and is mainly divided into three address types: unicast address, multicast address and Anycast address.

Unicast (Unicast) address: a unicast address serves as a single interface identifier. The IPv6 packet is sent to a unicast address and passed to the interface identified by that address. Public and private network addresses corresponding to IPv4

MultiCast addresses: as a set of identifiers, the behaviors / interfaces of multicast addresses may belong to different sets of nodes. IPv6 packets are sent to multicast addresses and passed to multiple interfaces

AnyCast address: an identifier for a set of interfaces (usually belonging to different nodes). A packet destined for an anycast address is sent to one of the interfaces identified by that address (the nearest distance measured by the routing protocol).

Unicast addresses are the most widely used class of addresses. Unicast addresses contain a variety of address types, including:

1-1. Unicast address

1-1-1 global unicast address

The prefix 2000 IPv6 3, which refers to the pre-IPv6, must be binary 001. Converting binary to hexadecimal requires the binary number of 4bit, so the first field of IPv6 global unicast address from left to right ranges from "0010" to "0011" and from 2 to 3 when converted to hexadecimal. Then the range of IPv6 global unicast addresses is shown in figure 4 below. It is equivalent to the public network address of IPv4 (the birth of IPv6 is basically to solve the problem of IPv4 public network address exhaustion). Such addresses can be routed between routers around the world.

Figure 4. The range of IPv6 global unicast addresses

1-1-2 link-local address

The prefix FE80::/10, as the name implies, is used for communication between nodes on the same link, mainly for automatic configuration of addresses and neighbor node discovery processes. When Windows and Linux enable IPv6, a link-local address is automatically configured for the Nic interface by default. That is, an interface must have a link-local address. As shown below:

Figure V. IPv6 link-local address

Each interface must have at least one link-local address; each interface can be configured with more than one unicast address, for example, an interface can be configured with a link-local address and a global unicast address.

Note: it is easy to match the link-local address with the private / private network address of IPv4. In fact, the link-local address corresponds to the APIPA address of IPv4, that is, the address that begins with 169.254. (in a typical scenario, windows automatically assigns an address of 169.254 when it fails to obtain the address automatically). The IPv4 private network corresponds to the unique local address of IPv6.

1-1-3 unique local address

The prefix FC00::/7, which is equivalent to the private network address of IPv4 (10.0.0.0, 172.16.0.0, 192.168.0.0), is a new unicast address type defined in RFC4193 to solve the needs of private network.

In IPv4, using NAT technology, network nodes in private networks can use a unified public network exit to access Internet resources, which greatly saves the consumption of IPv4 public network addresses (one of the reasons for the slow progress of IPv6). On the other hand, because the initiation of communication between nodes in the private network and the outside world is one-way by default, network access can only be initiated from within the private network, and external requests will be blocked by unified gateways or firewalls. this network architecture well protects the security and privacy of nodes in the private network. Therefore, under the requirements of security and privacy, IPv6 also needs to support private network, and also needs to support NAT. IPv6 NAT support has been added in the Linux kernel version 3.7, and the implementation is not different from that in IPv4 (variables and functions in Linux kernel code are almost named by ctrl+c and ctrl+v). The configuration of the IPv6 unique local address is as follows:

Figure 6. IPv6 unique local address

1-1-4 special address

In addition to the common unicast addresses mentioned above, there are some special addresses in IPv6, which are briefly listed as follows:

All-zero address:: / 128 is an undefined address, so don't use it.

Except that the last bit is 1, all the other addresses are 0:: 1ax 128 is the local loopback address, which is the same as 127.0.0.1 in IPv4

The addresses of this network segment of FF00::/8 are all multicast addresses.

IPv6 related network tools >

Dig

Dns resolution to see if a domain name has an AAAA record

Figure 7. Dig gets the AAAA record of the domain name

>

Curl

Request response through IPv6 network protocol to obtain server data

Figure 8. Curl acquires interface data through IPv6

>

Ping6

Check the connectivity of IPv6 network and the correctness of domain name resolution

Figure 9. Ping6 testing IPv6 network connectivity

>

Telnet

Check whether the corresponding IPv6 address port is open

Figure 10. Telnet to view port availability

>

Mtr

IPv6 Network Connectivity judgment tool

Figure 11. MTR view IPv6 network connectivity

>

Traceroute6

IPv6 network testing, evaluation and management tools

Figure 12. Traceroute6 to view IPv6 routing nodes

>

Ip&route

View the native IPv6 routing table

Figure 13. View the native IPv6 routing table

Research on automatic downgrade Mechanism of Mobile applications in IPv6 and IPv4 Network Environment

Recently, I have been helping the business launch IPv6, so I simply use the Android phone (Xiaomi 5SystMIUI10 + browser) to verify how the phone automatically selects the appropriate protocol to request data from the server in the dual-stack environment. The specific process is as follows:

The first step requires DNS resolution of the domain name on the server side. When the client obtains the DNS resolution of the domain name, it will first request the AAAA record of the domain name, and then request the A record of the domain name after the DNS server returns the AAAA record resolution of the domain name. The specific process is as follows:

Figure XIV. DNS resolution packet capture

The second step is to perform different operations based on the AAAA record and A record of the obtained domain name:

1. If there is a valid IPv6 address in the AAAA record and the local network supports IPv6, it will first use the corresponding IPv6 address in the AAAA record to connect to the server through the IPv6 network protocol. When the server cannot be connected through the AAAA record of the domain name, the client will generally retry 4 times (the retry process will probably cost about 300ms, depending on the specific network environment). If the server cannot be connected through the IPV6 address for four times, The client will automatically downgrade to connect to the server using IPV4 protocol, as shown in the following figure.

Figure XV. IPv6 and IPv4 automatic downgrade mechanism

two。 If there is a valid IPv6 address in the AAAA record of the domain name, but the local network does not support IPv6, the IPv4 address in the A record will be directly used to connect to the server through the IPv4 network protocol.

3. If the AAAA record resolution returned by the DNS server does not contain a valid IPv6 address, but only a valid A record, the IPv4 address in the A record will be directly used to connect to the server through the IPV4 network protocol.

Summary

This article only gives a brief introduction to the IPv6 protocol and involves less knowledge. It is more about some knowledge and tools that have been learned or used in the process of business launch IPv6. Many basic concepts of IPv6 have not been introduced, such as neighbor Discovery Protocol, DHCPv6, ICMPv6, PMTU, EUI-64 computing link-local address, and so on. There are many good articles or authoritative protocols on the network to introduce these knowledge points, you might as well Google more hands-on.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.