Chapter 11 IPv6 Transition Technologies |
263 |
Tcpip.sys, contains implementations of both IPv4 and IPv6. A node running Windows Server 2008 or Windows Vista can create the following types of packets:
■IPv4 packets
■IPv6 packets
■IPv6-over-IPv4 packets
These are IPv6 packets that are encapsulated with an IPv4 header. For more information, see the “IPv6-over-IPv4 Tunneling” section in this chapter.
Figure 11-2 shows the types of packets with a dual IP layer architecture.
Application
Layer
Transport Layer (TCP/UDP)
|
IPv6 |
|
|
IPv4 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Network |
|
||
|
Interface Layer |
|
|||
|
|
|
|
|
|
|
|
|
|
|
|
IPv6 |
|
|
IPv6 over IPv4 |
||
|
|
|
|
IPv4 |
|
Figure 11-2 Types of packets with a dual IP layer architecture
In Windows Server 2008 and Windows Vista, the dual IP layer architecture also simplifies application programming by allowing a dual-stack socket, which can handle both IPv6 and IPv4 traffic. For Windows Server 2003 and Windows XP, an IPv6-capable application must open two separate sockets, one for IPv4 and one for IPv6.
Dual-Stack Architecture
A dual-stack architecture contains both IPv4 and IPv6 Internet layers, but they are within different protocol stacks that contain separate implementations of Transport layer protocols such as TCP and UDP. Figure 11-3 shows a dual-stack architecture.
Windows Server 2003 and Windows XP have a dual-stack architecture. The IPv4 protocol driver, Tcpip.sys, contains IPv4, TCP, and UDP (among other protocols). The IPv6 protocol driver, Tcpip6.sys, contains IPv6 and a separate implementation of TCP and UDP. With both IPv4 and IPv6 protocol stacks installed, a host running Windows Server 2003 or Windows XP can create the following types of packets:
■ IPv4 packets
264Understanding IPv6, Second Edition
■IPv6 packets
■IPv6-over-IPv4 packets
Application
Layer
TCP/UDP TCP/UDP
IPv6 |
|
IPv4 |
|
|
|
Network
Interface Layer
Figure 11-3 The dual-stack architecture
Figure 11-4 shows the types of packets with a dual-stack architecture.
Application
Layer
TCP/UDP TCP/UDP
IPv6 |
|
|
|
IPv4 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Network |
|
|||
Interface Layer |
|
||||
|
|
|
|
|
|
|
|
|
|
|
|
IPv6 |
|
|
|
IPv6 over IPv4 |
|
|
|
|
|
IPv4 |
|
Figure 11-4 Types of packets with a dual-stack architecture
Although the IPv6 protocol for Windows Server 2003 and Windows XP is not a dual IP layer, it functions in the same way as a dual IP layer to provide functionality for IPv6 transition.
IPv6-over-IPv4 Tunneling
IPv6-over-IPv4 tunneling is the encapsulation of IPv6 packets with an IPv4 header so that IPv6 packets can be sent over an IPv4-only infrastructure. Within the IPv4 header
■The IPv4 Protocol field is set to 41 to indicate an encapsulated IPv6 packet.
■The Source and Destination fields are set to IPv4 addresses of the IPv6-over-IPv4 tunnel endpoints. The local tunnel endpoint is an IPv4 address assigned to the sender. The remote tunnel endpoint is an IPv4 address assigned to either the destination or an
Chapter 11 IPv6 Transition Technologies |
265 |
intermediate router. The tunnel endpoints are either manually configured as part of the tunnel interface or are automatically derived based on the next-hop address for the destination IPv6 address and the tunnel interface.
Figure 11-5 shows IPv6-over-IPv4 tunneling.
|
|
|
IPv6 Packet |
|
|
|
|
|
|
||
|
|
|
|
|
|
|
IPv6 Header |
Extension |
|
Upper-Layer Protocol |
|
|
Headers |
|
Data Unit |
||
|
|
|
|||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
IPv4 Header |
IPv6 Header |
Extension |
|
Upper-Layer Protocol |
|
Headers |
|
Data Unit |
|||
|
|
|
|||
|
|
|
|
|
|
IPv4 Packet
Figure 11-5 IPv6-over-IPv4 tunneling
Tunneled IPv6 traffic has the following issues:
■Firewalls and routers using packet filtering must be configured to allow IPv4 Protocol 41 traffic to be received and forwarded. Otherwise, the traffic will be silently discarded. Discarding IPv4 Protocol 41 traffic might be desired at an IPv4 Intranet edge router to prevent tunneled IPv6 traffic from leaving the intranet.
■Most NATs only translate TCP or UDP traffic or must have an installed NAT editor to handle the translation of other IPv4 protocols. Because IPv4 Protocol 41 translation is not a common feature of NATs, IPv4-encapsulated IPv6 traffic will not flow through typical NATs.
To IPv6, an IPv6-over-IPv4 tunnel is just another link-layer encapsulation, which treats an IPv4-only infrastructure as a link layer in much the same way as an Ethernet segment. Therefore, an entire IPv4-only infrastructure can be treated as a single logical IPv6 subnet and the IPv6-over-IPv4 tunnel acts as a single hop in a path between a source and destination.
For IPv6-over-IPv4 tunneling, the IPv6 path maximum transmission unit (PMTU) for the destination is typically 20 less than the IPv4 PMTU for the destination. However, if the IPv4 PMTU is not stored for each tunnel, there are instances in which the IPv4 packet will need to be fragmented at an intermediate IPv4 router. In this case, an IPv6-over-IPv4 tunneled packet must be sent with the Don’t Fragment flag in the IPv4 header set to 0.
Note IPv6-over-IPv4 tunneling describes only an encapsulation of IPv6 packets with an IPv4 header so that the resulting packet can traverse an IPv4-only infrastructure. Unlike tunneling for the Point-to-Point Tunneling Protocol (PPTP) and the Layer Two Tunneling Protocol (L2TP) virtual private network (VPN) protocols, there is no tunnel maintenance protocol that is used for tunnel setup, maintenance, or termination.