1.asc

Introduction to IPv6

IPv6 stands for Internet Protocol version 6, so the importance of IPv6 is implicit in its name, it’s as important as the Internet! The Internet Protocol (IP from now on) was intended as a solution to the need to interconnect different data networks, and has become the “de facto” standard for all kinds of digital communications. Nowadays IP is present in most devices that are able to send and receive digital information, not only the Internet.

IP is standardized by the IETF (Internet Engineering Task Force), the organization in charge of all the Internet standards, guaranteeing the interoperability among software from different vendors. The fact that IP is a standard is of vital importance, because today everything is getting connected to the Internet using IP. All common Operating Systems and networking libraries support IP to send and receive data. As part of this "everything-connected-to-Internet" is the IoT, so now you know why you are reading this chapter about IPv6, the last version of the Internet Protocol. In other words, today, the easiest way to send and receive data is by means of the standards used in the Internet, including IP.

The objectives of this chapter are:

• Briefly describe the history of the Internet Protocol.

• Find out what IPv6 is used for.

• Get the IPv6 related concepts needed to understand the rest of the book.

• Provide a practical overview of IPv6, including addresses and a glimpse of how an IPv6 network looks like.

A little bit of History

ARPAnet was the first attempt of the US Department of Defense (DoD) to devise a decentralized network more resilient to an attack, while able to interconnect completely different systems. ARPAnet was created in the seventies, but it was in 1983 when a brand new protocol stack was introduced, TCP/IP. The first widely used network protocol version was IPv4 (Internet Protocol version 4) which paved the way to the civilian Internet. Initially only research centers and universities were connected, supported by the NSF (National Science Foundation), and commercial applications where not allowed, but when the network started growing exponentially the NSF decided to transfer its operation and funding to private operators, lifting the restrictions to commercial traffic. While the main applications were email and file transfer, it was with the development of the World Wide Web based on the HTML protocol and specifically with the MOSAIC graphic interface browser and its successors that the traffic really exploded and the Internet began to be used by the masses. As a consequence there was a rapid depletion in the number of IP addresses available under IPv4, which was not designed to scale to these levels.

In order to allow for more addresses, you need a longer IP address space (greater number of bits to specify the address), which means a new architecture, which means changes to most of the routing and network software. After examining a number of proposals, the IETF settled on IPv6, described in the January 1995 RFC (Request for Comment, the official IETF documentation naming) 1752, sometimes also referred to as the Next Generation Internet Protocol, or IPng. The IETF updated the IPv6 standard in 1998 with the current definition covered in RFC 2460. By 2004, IPv6 was widely available from industry and supported by most new network equipment. Today IPv6 coexists with IPv4 in the Internet and the amount of IPv6 traffic is quickly growing as more and more ISPs and content providers have started supporting IPv6.

As you can see, the history of IP and Internet are almost the same, and because of this the growth of Internet is been hampered by the limitations of IPv4, and has led to the development of a new version of IP, IPv6, as the protocol to be used to interconnect all sorts of devices to send and/or receive information. There are even some technologies that are being developed only with IPv6 in mind, a good example in the context of the IoT is 6LowPAN.

From now on we will only center on IPv6. If you know something about IPv4, then you have half the way done, if not, don’t worry we will cover the main concepts briefly and gently.

IPv6 Concepts

We will cover the the minimum you need to know about the last version of the Internet Protocol to understand why it’s so useful for the IoT and how it’s related with other protocols like 6LowPAN discussed later. We will assume that you are familiar with bits, bytes, networking stack, network layer, packets, IP header, etc. You should understand that IPv6 is a different protocol, non-compatible with IPv4.

In the following figure we represent the layered model used in the Internet.

Figure 1. Internet Protocol stack

IPv6 sits in layer 3, called network layer. The pieces of data handled by layer 3 are called packets. Devices connected to the Internet can be hosts or routers. A host can be a PC, a laptop or a sensor board, sending and/or receiving data packets. Hosts will be the source or destination of the packets. Routers instead are in charge of packet forwarding, and are responsible of choosing the next router that will forward them towards the final destination. Internet is composed of a lot of interconnected routers, which receive data packets in one interface and send then as quick as possible using another interface towards another forwarding router.

IPv6 packet

The first thing you should know is what an IPv6 packet looks like. In the layered model we saw before, each layer introduces its own information in the packet, and this information is intended for, and can only be processed by the same layer in another IP device. This "conversation" between layers at the same level on different devices must follow a protocol.

The Internet layers are:

• Application: Here resides the software developed by programmers, that will use network services offered by the network stack. An example is the web browser that opens a network connection towards a web server. Another example is the web server software that runs in a server somewhere in the Internet waiting to answer request from client’s browsers. Examples of application protocols are HTTP and DNS.

• Transport: Is a layer above the network layer that offers additional to it, for example, retransmission of lost packets or guaranteeing that the packets are received in the same order they were sent. This layer will be the one that shows a "network service" to the application layer, a service they can use to send or receive data. TCP and UDP are the most common transport protocols used in Internet.

• Network: This is the layer in charge of the correct delivery of the data received from the transport layer to its destination, as well as the reception of the received data from the link layer at the data destination. Internet uses only one protocol in this layer, namely IP. Source and destination are identified by means of the IP addresses.

• Link: Link layer is in charge of sending and receiving frames, a collection of bytes sent from the network layer, in the realm of a local area network or LAN. It specifies the mecanism used to share the medium among diffrent nodes. This layer has its own addresses, which depend on the technology deployed.

• Physical: This layer is in charge of the details of the electromagnetic signal, codifications, etc. needed for the digital information to go from one node to another. All physical media are included, both wired and wireless.

The following figure illustrates the idea that each of the layers described receive some bytes from the layer above and adds some specific information pertaining that layer to be processed in the receiving host. In the figure data originating at the application layer is sent to the physical layer of another node.

Figure 2. Data flow in the protocol stack

The bytes sent and received in the IP packet follow a standard format. The following figure shows the basic IPv6 header:

Figure 3. IPv6 Header

First you have the basic IPv6 header with a fixed size of 40 bytes, followed by upper layer data and optionally by some extension headers, which will be described later. As you can see there are several fields in the packet header, providing some improvements as compared with IPv4 header:

• The number of fields has been reduced from 12 to 8.

• The basic IPv6 header has a fixed size of 40 bytes and is aligned with 64 bits, allowing a faster hardware-based packet forwarding on routers.

• The size of addresses increased from 32 to 128 bits.

The most important fields are the source and destination addresses. As you already know, every IP device has a unique IP address that identifies it in the Internet. This IP address is used by routers to take their forwarding decisions.

IPv6 header has 128 bits for each IPv6 address, this allows for 2¹²⁸ addresses (approximately 3.4×10³⁸,i.e., 3.4 followed by 38 zeroes), whereas IPv4 uses 32 bits to encode each of the 2³² addresses (4,294,967,296) allowed.

We have seen the basic IPv6 header, and mentioned the extension headers. To keep the basic header simple and of a fixed size, additional features are added to IPv6 by means of extension headers.

Figure 4. IPv6 Extension headers

Several extension headers have been defined, as you can see in the previous figure, and they have to follow the order shown. Extensions headers:

• Provide flexibility, for example, to enable security by ciphering the data in the packet.

• Optimize the processing of the packet, because with the exception of the hop by hop header, extensions are processed only by end nodes, (source and final destination of the packet), not by every router in the path.

• They are located as a "chain of headers" starting always in the basic IPv6 header, that use the field next header to point to the following extension header.

IPv6 addressing

1. The use of 128 bits for addresses brings some benefits:

   • Provides many more addresses, to satisfy current and future needs, with ample space for innovation.

   • Simplifies address auto-configuration mechanisms.

   • Easier address management/delegation.

   • Room for more levels of hierarchy and for route aggregation.

   • Ability to do end-to-end IPsec.

IPv6 addresses are classified into the following categories (which also exist in IPv4):

• Unicast (one-to-one): used to send a packet from the source to a single destination. They are the commonest ones and we will talk more about them and their sub-classes.

• Multicast (one-to-many): used to send a packet from the source to several destinations. This is possible by means of multicast routing that enable packets to replicate in some places.

• Anycast (one-to-nearest): used to send a packet from the source to the nearest destination from a set of them.

• Reserved: Addresses or groups of them for special uses, for example addresses to be used on documentation and examples.

Before entering into more detail about IPv6 addresses and the types of unicast addresses, let’s see how do they look like and what are the notation rules. You need to have them clear because probably the first problem you will find in practice when using IPv6 is how to write an address.

Figure 5. IPv6 address

IPv6 addresses notation rules are:

• 8 Groups of 16 bits separated by “:”.

• Hexadecimal notation of each nibble (4 bits).

• Non case sensitive.

• Network Prefixes (group of addresses) are written Prefix / Prefix Length, i.e., prefix length indicate the number of bits of the address that are common for the group.

• Leftmost zeroes within each group can be eliminated.

• One or more all-zero-groups can be substituted by “::”. This can be done only once.

The first three rules tell you the basis of IPv6 address notation. They use hexadecimal notation, i.e., numbers are represented by sixteen symbols between 0 and F. You will have eight groups of four hexadecimal symbols, each group separated by a colon ":". The last two rules are for address notation compression, we will see how this works in the following.

Let’s see some examples:

1) If we represent all the address bits we have the preferred form, for example: 2001:0db8:4004:0010:0000:0000:6543:0ffd

2) If we use squared brackets around the address we have the literal form of the address: [2001:0db8:4004:0010:0000:0000:6543:0ffd]

3) If we apply the fourth rule, allowing compression within each group by eliminating leftmost zeroes, we have: 2001:db8:4004:10:0:0:6543:ffd

4) If we apply the fifth rule, allowing compression of one or more consecutive groups of zeroes using "::", we have: 2001:db8:4004:10::6543:ffd

Care should be taken when compressing and decompressing IPv6 addresses. The process should be reversible. It’s very common to have some mistakes. For example, the following address 2001:db8:A:0:0:12:0:80 could be compressed even more using "::". we have two options:

a) 2001:db8:A::12:0:80 b) 2001:db8:A:0:0:12::80

Both are correct IPv6 addresses. But the address 2001:db8:A::12::80 is wrong, since it does not follow the last compression rule we saw above. The problem with this badly compressed address is that we can’t be sure how to expand it, its ambiguous. We can’t know if it expands to 2001:db8:A:0:12:0:0:80 or to 2001:db8:A:0:0:12:0:80.

IPv6 network prefix

Last but not least you have to understand the concept of a network prefix, that indicates some fixed bits and some non-defined bits that could be used to create new sub-prefixes or to define complete IPv6 addresses assigned to hosts.

Let’s see some examples:

1) The network prefix 2001:db8:1::/48 (the compressed form of 2001:0db8:0001:0000:0000:0000:0000:0000) indicates that the first 48 bits will always be the same (2001:0db8:0001) but that we can play with the other 80 bits, for example, to obtain two smaller prefixes: 2001:db8:1:a::/64 and 2001:db8:1:b::/64.

2) If we take one of the smaller prefixes defined above, 2001:db8:1:b::/64, where the first 64 bits are fixed we have the rightmost 64 bits to assign, for example, to an IPv6 interface in a host: 2001:db8:1:b:1:2:3:4. This last example allow us to introduce a basic concept in IPv6: * A /64 prefix is always used in a LAN (Local Area Network) . *The rightmost 64 bits, are called the interface identifier (IID) because they uniquely identify a host’s interface in the local network defined by the /64 prefix. The following figure illustrates this statement:

Figure 6. Network and Interface ID

Now that you have seen your first IPv6 addresses we can enter into more detail about two types of addresses you will find when you start working with IPv6: reserved and unicast.

• The unspecified address, used as a placeholder when no address is available: 0:0:0:0:0:0:0:0 (::/128)

• The loopback address, is used by a node to send an IPv6 packet to itself: 0:0:0:0:0:0:0:1 (::1/128)

• Documentation Prefix: 2001:db8::/32. This prefix is reserved to be used in examples and documentation, you have already seen it in this chapter.

As specified in [RFC6890] IANA maintains a registry of special purpose IPv6 addresses [IANA-IPV6-SPEC].

The following are some other types of unicast addresses [RFC4291]:

• Link-local: Link-local addresses are always present in an IPv6 interface that is connected to a network. They all start with the prefix FE80::/10 and can be used to communicate with other hosts on the same local network, i.e., all hosts connected to the same switch. They cannot be used to communicate with other networks, i.e., to send or receive packets through a router.

• ULA (Unique Local Address) [RFC4193]: All ULA addresses start with the prefix FC00::/7, which in practice means that you could see FC00::/8 or FD00::/8. Intended for local communications, usually inside a single site, they are not expected to be routable on the global Internet but used only inside a more limited environment.

• Global Unicast: Equivalent to the IPv4 public addresses, they are unique in the whole Internet and can be used to send a packet from one site to any destination in Internet.

What is IPv6 used for?

As we have seen IPv6 has some features that facilitates things like global addressing and host’s address autoconfiguration. Because IPv6 provides as many addresses as we may need for some hundreds of years, we can put a global unicast IPv6 address on almost anything we may think of. This brings back the initial Internet paradigm that every IP device could communicate with every IP device. This end-to-end communication allows bidirectional communication all over the Internet and between any IP device, which could result in collaborative applications and new ways of storing, sending and accessing the information.

In the context of this book we can, for example, contemplate IPv6 sensors all around the world collecting, sending and being accessed from different places to create a world-wide mesh of physical values measured, stored and processed.

The availability of a huge amount of addresses has allowed a new mechanism called stateless address autoconfiguration (SLAAC) that didn’t exist with IPv4. Here is a brief summary of different ways to configure an address on an IPv6 interface:

• Statically: You can decide which address you will give to your IP device and then manually configure it into the device using any kind of interface: web, command line, etc. Normally you also have to configure other network parameters like the gateway to use to send packets out of your network.

• DHCPv6 (Dynamic Host Configuration Protocol for IPv6) [RFC3315]: A porting of the similar mechanism already available in IPv4. You need to configure a dedicated server that after a brief negotiation with the device assigns an IP address to it. DHCPv6 allows IP devices to be configured automatically, this is why it is named stateful address autoconfiguration, because the DHCPv6 server maintains a state of assigned addresses.

• SLAAC: Stateless address autoconfiguration [RFC4862] is a new mechanism introduced with IPv6 that allows to configure automatically all network parameters on an IP device using the router that gives connectivity to a network.

The advantage of SLAAC is that it simplifies the configuration of "dumb" devices, like sensors, cameras or any other device with low processing power. You don’t need to use any interface in the IP device to configure anything, just "plug and net". It also simplifies the network infrastructure needed to build a basic IPv6 network, because you don’t need additional device/server, you use the same router you need to send packets outside your network to configure the IP devices. We are not going to enter into details, but you just need to know that in a LAN (Local Area Network), connected to Internet by means of a router, this router is in charge of sending all the configuration information needed to its hosts using an RA (Router Advertisement) message. The router will send RAs periodically, but in order to expedite the process a host can send an RS (Router Solicitation) message when its interface gets connected to the network. The router will send an RA immediately in response to the RS.

The following figure show the packet exchange between a host that has just connected to a local network and some IPv6 destination in the Internet:

Figure 7. Packet exchange in IPv6

1) R1 is the router that gives connectivity to the host in the LAN and is periodically sending RAs.

2) Both R1 and Host have a link-local address in their interfaces connected to the host’s LAN, this address is configured automatically when the interface is ready. Our host creates it’s link-local address by combining the 64 leftmost bits of the link-local’s prefix (fe80::/64) and the 64 rightmost bits of a locally generated IID (:3432:7ff1:c001:c2a1). These link-local addresses can be used in the LAN to exchange packets, but not to send packets outside the LAN.

3) The hosts needs two basic things to be able to send packets to other networks: a global IPv6 address and the address of a gateway, i.e., a router to which send the packets it wants to get routed outside its network.

4) Although R1 is sending RAs periodically (usually every several seconds) when the host get connected and has configured its link-local address, it sends an RS to which R1 responds immediately with an RA containing two things:

1. A global prefix of length 64 bits that is intended for SLAAC. The host takes the received prefix and adds to it a locally generated IID, usually the same one used for link-local address. This way a global IPv6 address is configured in the host and now can communicate with the IPv6 Internet

2. Implicitly included is the link-local address of R1, because it is the source address of the RA. Our host can use this address to configure the default gateway, the place to which send the packets by default, to reach an IPv6 host somewhere in Internet.

5) Once both the gateway and global IPv6 address are configured, the host can receive or send information. In the figure it has something to send (Tx Data) to a host in Internet, so it creates an IPv6 packet with the destination address of the recipient host and as source address the just autoconfigured global address, which is sent to its gateway, R1’s link-local address. The destination host can answer with some data (Rx Data).

Network Example

Following we show how a simple IPv6 network looks like, displaying IPv6 addresses for all the networking devices.

Figure 8. Simple IPv6 network

We have four hosts, (sensors, or other devices), and we want to put a pair of them in two different places, for example two floors in a building. We are dealing with four IP devices but you can have up to 2⁶⁴ (18,446,744,073,709,551,616) devices connected on the same LAN.

We create two LANs with a router on each one, both routers connected to a central router (R1) that provides connectivity to Internet. LAN1 is served by R2 (with link-local address fe80::2c:f3f4:1214:a on that LAN) and uses the prefix 2001:db8:1:2::/64 announced by SLAAC. LAN2 is served by R3 (with link-local address fe80::1b:fff4:3344:b on that LAN) and uses the prefix 2001:db8:1:3::/64 announced by SLAAC.

All hosts have both a link-local IPv6 address and a global IPv6 address autoconfigured using the prefix provided by the corresponding router by means of RAs. In addition, remember that each host also configures the gateway using the link-local address used by the router for the RA. Link-local address can be used for communication among hosts inside a LAN, but for communicating with hosts in other LANs or any other network outside its own LAN a global IPv6 address is needed.

Short intro to Wireshark

What is Wireshark?

Figure 9. Wireshark logo

Wireshark is a free and open-source packet analyzer, which allows packet traces to be sniffed, captured, and analyzed.

A packet trace is a record of traffic at some location on the network, as if a snapshot was taken of all the bits that passed across a particular wire. The packet trace records a timestamp for each packet, along with the bits that make up the packet, from the low-layer headers to the higher-layer contents.

Wireshark runs on most operating systems, including Windows, MAC and Linux. It provides a graphical user interface that shows the sequence of packets and the meaning of the bits when interpreted as protocol headers and data. The packets are color-coded to convey their meaning, and Wireshark includes various ways to filter and analyze them to let you investigate different aspects of behavior. It is widely used to troubleshoot networks.

A common usage scenario is when a person wants to troubleshoot network problems or look at the internal workings of a network protocol. A user could, for example, see exactly what happens when he or she opens up a website or sets up a wireless sensor network. It is also possible to filter and search for given packet attributes, which facilitates the debugging process.

More information and installation instructions are available at Wireshark site.

Figure 10. Wireshark Screenshot

When you open Wireshark, there are four main areas, from top to bottom: menus and filters, list of captured packets, detailed information about the selected packet, including its full content in hexadecimal and ASCII. Online directly links you to the Wiresharks site, where you can find a handy user guide and information on the security of Wireshark. Under Files, you’ll find Open, which lets you open previously captured files,, and Sample Captures. You can download any of the sample captures through this website, and study the data. This will help you understand what kind of packets Wireshark can capture.

The Capture section let you choose your Interface from the available ones. It’ll also show you which ones are active. Clicking details will show you some pretty generic information about that interface.

Under Start, you can choose one or more interfaces to check out. Capture Options allows you to customize what information you see during a capture. Here you can choose a filter, a capture file, and more. Under Capture Help, you can read up on how to capture, and you can check info on Network Media about which interfaces work on which platforms.

Let’s select an interface and click Start. To stop a capture, press the red square in the top toolbar. If you want to start a new capture, hit the green triangle which looks like a shark fin next to it. Now that you have got a finished capture, you can click File, and save, open, or merge the capture. You can print it, you can quit the program, and you can export your packet capture in a variety of ways.

You can find a certain packet, copy packets, mark (highlight) any specific packet or all the packets. Another interesting thing you can do under Edit, is resetting the time value. You’ll notice that the time is in seconds incrementing. You can reset it from the packet you’ve clicked on. You can add a comment to a packet, configure profiles and preferences.

When we select a packet from the list of captured ones, Wireshark shows detailed information of the different protocols used by that packet, for example Ethernet:

Figure 11. Ethernet packet

Or IPv6, where we can see the fields we mentioned before: Version, Traffic class, flowlabel, payload length, next header, etc.:

Figure 12. IPv6 packet

There are two methods to apply filters to the list of captured packets:

• Write a filter expression on the specific box and then apply it. Protocols can be specified (ip,ipv6, icmp, icmpv6), fields of a protocol (ipv6.dst, ipv6.src) and even complex expressions can be created using operators like AND (&&), OR (||) or the negation (|).

Figure 13. Wireshark Filter

• Another option to create filters is to right click in one filed of a captured packet, in the list of captured packets. There will appear a menu option "Apply as filter", with several options on how to use that field.

Figure 14. Wireshark Captured packets

Another useful and interesting option of Wireshark is the possibility to see statistics about the captured traffic. If we have applied filters, the statistics will be about the filtered traffic. Just go to the Statistics menu and select, for example, Protocol Hierarchy:

Figure 15. Wireshark statistics

Other interesting options are:

• Conversation List → IPv6

• Statistics → Endpoint List → IPv6

• Statistics → IO Graph

This last option allow to create graphs with different lines for different types of traffic and save the image:

Figure 16. Wireshark charts

Note	If you are using Ubuntu probably you would not be able to run wireshark as non-root user (if you miss this installation option). Type the following to enable non-root: sudo dpkg-reconfigure wireshark-common $ sudo usermod -a -G wireshark $USER $ gnome-session-quit --logout --no-prompt

IPv6 Exercises

Let’s test your IPv6 knowledge with the following exercises:

1) What is the size of IPv4 and IPv6 addresses?

1. 32-bits, 128-bits

2. 32-bits, 64-bits

3. 32-bits, 112-bits

4. 32-bits, 96-bits

5. none of these

2) Which of the following is a valid IPv6 address notation rule?

1. Zeroes on the right inside a group of 16 bits can be eliminated

2. The address is divided in 5 groups of 16 bits separated by ":"

3. The address is divided in 8 groups of 16 bits separated by "."

4. One or more groups of all zeroes could be substituted by "::"

5. Decimal notation is used grouping bits in 4 (nibbles)

3) Interface Identifiers (IID) or the rightmost bits of an IPv6 address used on a LAN will be 64 bits long.

1. True

2. False

4) Which of the following is a correct IPv6 address?

1. 2001:db8:A:B:C:D::1

2. 2001:db8:000A:B00::1:3:2:F

3. 2001:db8:G1A:A:FF3E::D

4. 2001:0db8::F:A::B

5) Which ones of the following sub-prefixes belong to the prefix 2001:db8:0A00::/48? (Choose all that apply)

1. 2001:db9:0A00:0200::/56

2. 2001:db8:0A00:A10::/64

3. 2001:db8:0A:F:E::/64

4. 2001:db8:0A00::/64

6) IPv6 has a basic header with more fields than IPv4 header

1. True

2. False

7) Extension headers can be added in any order

1. True

2. False

8) Autoconfiguration of IP devices is the same in IPv4 and IPv6

1. True

2. False

9) Which one is not an option for configuring an IPv6 address in an interface?

1. DHCPv6

2. Fixed address configured by vendor

3. Manually

4. SLAAC (Stateless Address Autoconfiguration)

10) Which packets are used by SLAAC to autoconfigure an IPv6 host?

1. NS/NA (Neighbor Solicitation / Neighbor Advertisement)

2. RS/RA (Router Solicitation / Router Advertisement)

3. Redirect messages

4. NS / RA (Neighbor Solicitation / Router Advertisement)

Addressing Exercises

A) Use the two compression rules for the utmost compression of the following addresses:

1. 2001:0db8:00A0:7200:0fe0:000B:0000:0005

2. 2001:0db8::DEFE:0000:C000

3. 2001:db8:DAC0:0FED:0000:0000:0B00:12

B) Apply maximum decompression (representing all the 32 nibbles in hexadecimal) to the following addresses:

1. 2001:db8:0:50::A:123

2. 2001:db8:5::1

3. 2001:db8:C00::222:0CC0

C) You receive the following IPv6 prefix for your network: 2001:db8:A:0100::/56, shown in the following figure:

Figure 17. LAN Example

Please determine:

1. IPv6 prefix for LAN1, a /64 prefix taken from the /56 you have.

2. IPv6 prefix for LAN2, a /64 prefix taken from the /56 you have.

3. IPv6 prefix for LAN3, a /64 prefix taken from the /56 you have.

4. A global IPv6 address using the LAN1 prefix for H1 host (added to the link-local address already used).

5. A global IPv6 address using the LAN2 prefix for H2 host (added to the link-local address already used).

6. A global IPv6 address using the LAN3 prefix for H3 host (added to the link-local address already used).

Tip	Hint: To divide the /56 prefix into /64 prefixes, you have to change the value of the bits 57 to 64, i.e., the XY values in 2001:db8:A:01XY::/64.

Connecting our IPv6 Network to the Internet

As said in the introduction of this book, network communications is one of the four basic elements of an IoT system. We already have seen that IPv6 brings the possibility of giving an IP address to almost anything we can think of, and can do this making it easy to autoconfoigure network parameters on our devices.

Once we have all our "things" connected using IPv6, they can use it to communicate among them locally or with any other "thing" on the IPv6 Internet. In this chapter we will focus on the Internet side of the communication of the "things" composing the Internet of Things.

As we will see in this book, the capability of connecting our devices to the Internet allows new possibilities and services. For example, we can connect our wireless sensors networks to a centralized repository, where all the sensed information can be processed and stored for historical records, which will uncover underlying patterns and maybe predict future events. This basic idea is what nowadays is called "Big Data" and has a whole set of its own concepts and techniques.

Figure 18. IPv6 Connectivity

Getting back to the network connectivity domain, our objective is to connect IoT devices to the Internet using IPv6, allowing communication with other IoT devices, collecting servers or even with people.

Related with the IPv6 connectivity to Internet is an important idea: communication between IoT devices and the IPv6 Internet could be bidirectional. This is important to remark because with IPv4, connectivity is oftentimes designed as a one direction channel between a client and a server. This changes with IPv6.

Having a bidirectional communication with the IoT devices allows useful possibilities, because its not just that the device can send information to somewhere in the Internet, but that anybody in the Internet could be able to send information, requests or commands to the IoT device. This can be used in different scenarios:

• Management: To manage the IoT device performing some status tests, updating some parameters/configuration/firmware remotely allowing for a better and efficient use of the hardware platform and improving the infrastructure security.

• Control: Send commands or control actuators to make the IoT device perform an action.

• Communication: Send information to the IoT device, that can be displayed using some kind of interface.

IIPv6 is still being deployed all over the different networks that compose the Internet, which means that different scenarios can be found when deciding how to connect our network to the IPv6 Internet. Following are the three most common scenarios, in preferred order, being Native IPv6 connectivity the best choice.

• Native IPv6 Connectivity: This scenario applies when both the ISP providing connectivity to the Internet and the router(s) and networks devices used in our network support of IPv6. Native IPv6 means that the IPv6 packets will flow without being changed or tunnelled anywhere in its path from origin to destination. It is common to find what is called dual-stack networks, where both native IPv6 and native IPv4 are being used at the same time in the same interfaces and devices. This native IPv6 scenario covers both cases: IPv6-only and dual-stack.

Figure 19. Native IPv6

As seen in the figure, our IoT devices cloud is connected to a router (R2) that provides them a prefix creating a LAN (LAN2). The router that provides connectivity to the IPv6 Internet (R1) will also be in charge of autoconfiguring IPv6 devices in LAN1 (including R2), by sending RAs (Router Advertisements) as detailed when SLAAC was explained.

• No IPv6 connectivity: In this scenario we face a common problem nowadays, the lack of IPv6 connectivity from an ISP. Although we have IPv6 support on the router that connects our network to Internet, the ISP supports only IPv4. The solution is to use one of the so called IPv6 Transition Mechanism. The most simple and useful in this case would be the 6in4 tunnel, based on creating a point-to-point static tunnel that encapsulates IPv6 packets into IPv4.

Figure 20. IPv4 tunneled IPv6

The figure shows this solution created by making a tunnel from R1 to a "remote tunnel end point" where the IPv4 meets the IPv6 Internet. This will be a router having connectivity to both the IPv4 and IPv6 Internet. The native IPv6 traffic from our networks (LAN1 and LAN2) will reach R1, which will take the whole IPv6 packet with its data, and put it inside a new IPv4 packet with the IPv4 destination address corresponding to the tunnel end router. The tunnel end router will grab the IPv6 packet and convey it as native IPv6 traffic into the IPv6 Internet. Similar encapsulation is applied with the IPv6 traffic sent over Ipv4 from the IPv6 Internet to our networks

• No IPv6 connectivity and no IPv6 capable router: This scenario covers the case where there is no IPv6 connectivity from the ISP, nor IPv6 support on the router connecting our network to the Internet. As seen before, to solve the lack of IPv6 connectivity from the ISP we can use a 6in4 tunnel, but in this scenario we also have to face the lack of IPv6 support on the router which prevents the creation of the tunnel. The solution is to add a new router that supports both IPv6 and IPv4, and create a 6in4 tunnel from this router to a tunnel end router somewhere on the IPv4 Internet.

Figure 21. Local router does not support IPv6

In this scenario a new router (R3) is added to create a 6in4 tunnel towards the tunnel end router, which also serves as an IPv6 gateway to our networks, sending RAs to autoconfigure IPv6 devices in LAN1. The encapsulation/decapsulation process will work exactly the same as in the previous scenario. The main difference here is that the 6in4 tunnel needs a public IPv4 address, so R3 will need to have a public IPv4 besides the IPv6 address. This is easy to get in routers connected to ISPs, but not so common inside our network where we might have only private addresses using NAT.

The scenarios showed above are based on a good infrastructure, where we have at least two routers and a couple of LANs. All three scenarios could be simplified into a just one router scenario shown in the following figure:

Figure 22. Simplified Scenario

Considerations about lack of IPv6 connectivity from the ISP and IPv6 support on the router are the same as in the previous case, although for the latter the solution is to change the R1 router by one that supports also IPv6.

The last case is common because IoT or WSN could be deployed anywhere, including in remote networks connected using some sort of wireless technology. In this scenario there are severe restrictions on the number of devices, power consumption, etc. For example, a cloud of sensors could be deployed in the country to sense temperature and moisture, all of them getting connectivity through just one router connected using an IPv6 mobile phone network (GPRS, 3G or LTE).