CHAPTER 1

INTRODUCTION
1.1 GENERAL INTRODUCTION:
Internet protocol was designed and came in 1981,objective was to interconnect
heterogeneous network technologies[1].The current networking protocol will be
unable to support additional requirements of new applications.IPV6 is a new
networking protocol that provides improved security,routing,scalability and higher
performance when compare to IPV4.[1]
Internet protocol version4 is the fourth version of the internet protocol and route
traffic on the internet.IPV4 is a connectionless protocol and it is used in packet
switched network.It works on a best effort delivery model,in that delivery is not
guaranted.IPV4 contain 32 bit addresses,in which total address possible is 2^32
which are approximately 4294967296.when addresses will be assigned to users then
number of unassigned addresses will decrease.The drawback of IPV4 stimulted the
development of IPV6 in the 1990s.IPV4 reserves special address block for private
network and multicast addresses.
An IPV4 address can be 172.16.254.1(dotted-decimal notation),in this address 172
can be written as 10101100, 16 can be written as 00010000,254 can be written as
111111101 can be written as 00000001.IPV4 contains 32 bits which is equal to 4
byte each byte contain 8 bit.
Originally IP address was divided in two parts which was network identifier and host
identifier in which network identifier was the high order octet of the address and the
host identifier was the rest of the address.This was found to be not adequate then to
overcome this drawback classful networking and classless inter-domain routing
came.[2]
IPV6 is also called IPng(internet protocol-next generation) and it is the newest
version of the internet protocol reviewed by the IETF committees to replace the
current version.IPV6 is the successor to the IPV4.IPV6 is designed to make the

internet grow in terms of the no off hosts connected and the amount of data
transmitted.IPV6 is called as next generation.This protocol is still under
development.
IPV6 addresses are 128 bit IP address written in hexadecimal and separated by
colons.example: 3ffe;1900;4545;3;200;f8ff;fe21;67cf.In case of IPV4 data packages
have a limit of 64 KB while IPV6 may be extended up to 4GB.[2]
BENEFITS OF IPV6
1.MORE EFFICIENT ROUTING: IPV6 reduces the size of routing tables and makes routing

more efficient and hierarchical.

2.MORE EFFICIENT PACKET PROCESSING: IPV6 make simple the packet header makes

processing more efficient.IPV6 does not contain checksum so there is no need to recalculate
checksum at each hop level.
3.SECURITY: IPsec is inbuilt in IPV6 by which confidentiality,authentication and data

integrity is maintained.
4.DIRECTED DATA FLOWS: IPV6 does not support broadcast ,it support multicast which

means it saves network bandwidth.[3]

TRANSLATOR FOR AN IPV6 SITE

Figure 1. Translator for an IPV6 site

TRANSLATOR FOR AN IPV4 SITE

Figure 2. Translator for an IPV4 site

1.2 IPV4 AND IPV6 HEADER FORMAT

Figure 3. IPV4 and IPV6 header format

Though, there exist several analyses on IPv4 and IPv6 protocol stacks under different
implementation environments like Windows NT, Windows 2000.
IPv6 protocol stack was not that much mature that time, but in recent version under
Microsoft Windows 2007, Macintosh & Red Hat Linux Enterprise Version 4 are
quite mature and can be used in the industry. It is difficult to test IPv6 functionalities
under Cisco router in real time Internet use. Some experiments used software router
and PC (Personal Computer) environment which actually do not give the real results.
It is often impossible to arrange such latest equipment in a laboratory because of its
high cost.

Moreover, we tested three different platforms, namely Microsoft Windows

2007,Macintoshand Red Hat Linux Enterprise version 4, side by side, throughout all
of our experiments;we covered both TCP and UDP transport protocols. Our metrics
included bandwidth utilization (throughput), round trip time (latency) parameters.
The following paragraphs cover some of the related work that we are going to do.
Layered approach [3] is a network architecture has been so successful is one of the
important reasons. A great success story is the Internet, which shows how powerful
and scalable it has not foresee exponential growth, it is used despite the initial design
goals.Layered help break complex problems into smaller, more manageable chunks.
1.2.1 IPV4 HEADER:

Figure 4. IPV4 header

1.Version - indicates the version of IP, and is set to 4. The size of this field is 4 bits.

2. Internet Header Length - represents an IPv4 header 4-byte blocks. The size of this
field is 4 bits. Since the size of the IPv4 header is a minimum 20 bytes, Internet
Header Length (IHL) "field is the smallest value 5. IPv4 option to set the minimum
size of the IPv4 header 4 byte increments, if a IPv4 option does not use all 4-byte
IPv4 option field, the remaining bytes padded with zeros, making the IPv4 header
32-bit (4-byte) integer multiple. 0xF of the maximum, including the selection of the
IPv4 header max the size is 60 bytes (15 4).

3. Type of service - said it expects to deliver the required service package across the
IPv4 network through a router. This field size is 8, which contains the priority bits,
delay, throughput, and reliability characteristics
4. Total Length - indicates an IPv4 packet (IPv4 header + IPv4 payload) of the total
length, not including the link layer frame. This field size is 16, it can be shown to be
65535 bytes long IPv4 packets.
5. Identification - identify a specific IPv4 packets. The field size is 16. Select the ID
field of the IPv4 packet's source. If the IPv4 packet fragmentation, all of the
fragments retained identification field value to the target node can be grouped
fragment reassembly.
6. Sign - a sign of identity fragmentation processes. The size of this field is 3,
however, only two are defined as currently used. There are two flags to indicate
whether the IPv4 packets may be segmented and another indicating whether there are
more fragments in accordance with the current clip.
7. Fragment Offset - means relative to the original IPv4 payload snippet. The size of
this field is 13 bits.
8. Survival time - Specifies the maximum number of links to IPv4 packets before
being discarded. The field size is 8. Survival time (TTL) field was originally used as
a time count the length of the IPv4 router determines the time required (in seconds)
of the IP v4 packet forwarding, the corresponding decrement TTL.Modern router
performance is almost always less than the second time an IPv4 packet, and is
required by the RFC 791, by at least one of the TTL decrement.Thus, TTL becomes a
maximum value set by the sending node's link count.
9. Agreement - identify the upper layer protocol. The field size is 8. For
example,TCP protocol using 6, UDP 17 using a protocol, and ICMP Use Agreement
1.Protocol field for demultiplexing of upper layer protocols IPv4 packets.
10. Header Checksum - provides an only IPv4 header checksum. The field size is
16.Does not include an IPv4 IPv4 payload payload checksum calculation, and

usually contains its own checksum. Each IPv4 node receives the IPv4 packet validate
IPv4 header checksum IPv4 packets discarded if the checksum verification fails.
When a router IPv4 packet forwarding, it must decrement the TTL. Therefore the
source and target each hop, the checksum is recalculated head.
11. Source Address - IPv4 address stored in the original host. The field size is 32.
12. Destination Address - storage destination host IPv4 address. The field size is 32.
13. Options - options for storing one or more IPv4. This field size is a multiple of 32.
If the IPv4 option or option does not use all of the 32.
1.2.2 IPV6 HEADER
1. Version - 4 bits are used to indicate the version of IP is set to 6.
2. Traffic class - which means the class or IPv6 packet priority. The field size is
8.Traffic Class field in the IPv4 Type of Service field provides similar functionality.
As defined in RFC 3697 Traffic Class field use.
3. Flow Label (Flow Label) - said that the data packets between the source and
destination of data packets belonging to a specific sequence, require special handling
intermediate IPv6 routers. The size of this field is 20 bits. Flow label for non-default
quality of service connections, such as real-time data needed (voice and video). As
the default router processing, flow label is set to 0. There can be multiple streams in
the source and destination to distinguish the separate non-zero flow label.
4. Payload Length - indicates an IPv6 payload length. The field size is 16. Payload
Length field includes the extension headers and the upper layer PDU. With 16, IPv6
payload of up to 65,535 bytes. For longer than 65535 bytes of payload, the payload
length field is set to 0, Hop-by-Hop Options extension header and large payload
option is used.
5. Next head - a first extension header (if present) or the upper layer protocol
PDU(such as TCP, UDP, or ICMPv6). The field size is 8. When instructs Internet

layer above the upper layer protocol, IPv4 Protocol field used the same value used
here.
6. "Hop limit - means that IPv6 packets can be discarded before the maximum
number of links of the field size is 8. Hop limit is similar to the IPv4 TTL field, but
there is no historical data in the router packet queue are time required (in seconds).'s
Hop Limit is equal to 0, send an ICMPv6 time Exceeded message source address, the
packet will be discarded.
7. Source Address - store the original host's IPv6 address. The size of this field is 128
bits.
8. Destination Address - Stores the current IPv6 address of the target host. The size
of this field is 128 bits. In most cases, the destination address set to the final
destination.
1.2.3 The IPv6 Address Space
IPv6 is the most obvious distinguishing feature is its use of the larger address. The
size of IPv6 address is 128 bits, which is four times larger than an IPv4 address. A
32-bit address space allows 232 or 4,294,967,296 possible addresses.
A 128-bit address space allows for 2128 or 40, 282, 366, 920, 938, 463, 463, 374 ,
607 ,431 ,768 ,21 1,456 (3.4 1038) possible addresses.
For IPv6, it is difficult to even conceive of IPv6 address space will be exhausted. To
help put this figure in perspective, a 128-bit address space per square meter of the
Earth's surface to provide (6.5 1023) addresses.
It is important to remember that the decision to make the IPv6 address length is 128,
is not the case, per square meter of the Earth could have 6.5 1023 addresses. In
contrast, the relatively large size of the IPv6 address design can be broken down to
reflect the modern Internet topology hierarchical routing domains. Use 128 to allow
multiple levels of hierarchy and flexibility in designing hierarchical addressing and
routing is currently lacking IPv4-based Internet.

The following is an IPv6 address in binary form:

0010000111011010000000001101001100000000000000000010111100111011
0000001010101010000000001111111111111110001010001001110001011010
128-bit address is divided along 16-bit boundaries:
0010000111011010000000001101001100000000000000000010111100111011
0000001010101010000000001111111111111110001010001001110001011010
Each 16-bit block is converted to hexadecimal, separated by colons. The result is:
21DA: 00D3: 0000:2 F3B: 02AA: 00FF: FE28: 9C5A
IPv6 representation can be further simplified by removing each 16-bit block in the
leading zero.However, each block must have at least a single digit. With leading
zeros address representation becomes 21DA: D3: 0:2 F3B: 2AA: FF: FE28: 9C5A
1.3 Types of IPv6 Addresses
There are three types of IPv6 addresses:
1. Unicast: a unicast address identifies the type of unicast address within the scope of
a single 24 interface. With the appropriate unicast routing topology to a unicast
address of the packet is delivered to a single interface.
2. Multicast: Multicast address identifies multiple interfaces. With the appropriate
multicast routing topology to a multicast address of the packet is sent by the all
interfaces identified by that address. One to many communication, the multicast
address is used for delivery to multiple interfaces.
3. Anycast address: an anycast address identifies multiple interfaces. With the
appropriate routing topology, packets anycast address is delivered to a single
interface identified by that address is the most recent of the interface. "Nearest"
interface is defined as the closest distance it is routed. Anycast addresses, one for the
pair number of the communication is transmitted to a single interface.In all cases,

IPv6 address identifies the interface, not the node. A node determines unicast address
assigned to any one of its interfaces
1.3.1 Links and Subnets
Similar to IPv4, an IPv6 subnet prefix is assigned to a single link. Multiple subnet
prefixes can be assigned to the same link. This technique is called multinetting.
1.3.2 Unicast IPv6 Addresses
The following types of addresses are unicast IPv6 addresses:
1. Global unicast addresses
2. Link-local addresses
3. Site-local addresses
4. Unique local IPv6 unicast addresses
5. Special addresses
1.3.3 Global Unicast Addresses
25 Global unicast address is equivalent to public IPv4 addresses. They are global
routing and IPv6 portion of the Internet access the current structure of the global
unicast address assigned by the IANA, as defined in RFC 3587. Figure 2.4 The
global unicast address as defined in RFC 3587
The fields in the global unicast address are the following:
1. Fixed part set to 001 - three high-order bit is set to 001. Global address currently
assigned address prefix of 2000 :: / 3.
2. Global routing prefix - global routing prefix indicates a specific organization's site.
Three fixed bits and 45 generic routing prefix combinations are used to create a 48,
and is assigned to a single organization website site prefix. Once allocated, IPv6
Internet routers forward on the 48 prefix matching IPv6 traffic router the
organization's website.

3. Subnet ID - Subnet ID is used to identify subnets within the organization's

website. The field size is 16. The organization's website can use these 16 on its Web
site created 65,536 subnets or multiple levels of addressing hierarchy and an efficient
routing infrastructure.
4. Interface ID - represents a particular site within a subnet interface. The field size is
64.In the field of global unicast address create a three structure .The three-level
structure of the global unicast address Public topology collection larger and smaller
Internet service providers, to provide access to the IPv6 Internet. Site topology is an
organization's website subnet collections. Interface identifier identifies a subnet on
the organization's website specific interface. Global unicast address for more
information, see RFC 3587.
1.3.4 Local-Use Unicast Addresses
There are two types of local-use unicast addresses:
1. Link-local addresses are used between on-link neighbors and for Neighbor
Discovery processes.
2. Site-local addresses are used between nodes communicating with other nodes in
the same site.
1.3.5 Link-Local Addresses
Link-local addresses are used by nodes when communicating with neighboring nodes
on the same link-local address link.Figure2.6 shows the structure. The link-local
address Link-local addresses always begin with FE80. With the 64-bit interface
identifier, the prefix is the link-local address FE80 :: / 64. IPv6 routers do not
forward link-local traffic beyond the link.
1.3.6 Site-Local Addresses
Site-local

addresses

are

equivalent

to

the

IPv4

private

address

space(10.0.0.0/8,172.16.0.0/12, and 192.168.0.0/16). Unlike link-local addresses,

site-local addresses are not automatically configured and must be assigned either

through stateless or stateful address configuration processes. The site-local address

The first 10-bits are always fixed for site-local addresses (FEC0::/10). After the 10
fixed bits is a Subnet ID field that provides 54 bits with which you can create a
hierarchical and summarizable routing infrastructure within the site. After the Subnet
ID field is a 64-bit Interface ID field that identifies a specific interface on a subnet.
1.3.7 Unique Local IPv6 Unicast Addresses
To replace site-local addresses with a new type of address that is private to an
organization, yet unique across all of the sites of the organization, RFC 4193 defines
Unique Local IPv6 Unicast Addresses, also known as local addresses.
1.4 IPv4 TO IPv6 TRANSITION MECHANISMS AND SCENARIO
For IPv6 designers recognize that the transition from IPv4 to IPv6 will take years,
there may be institutions or organizations, will continue indefinitely using IPv4 host.
Thus, while the migration is considered equal long-term goal must take into account
the coexistence of IPv4 and IPv6 mid nodes. There are different types of nodes in the
network, such as [14] IPv4-only, IPv6 only IPv6/IPv4 nodes, IPv4 nodes and IPv6
nodes exist. There are many different types of compatibility address, such as IPv4compatible addresses, IPv4 mapped address, 6over4 address, 6to4 addresses,
ISATAP address, Teredo address. To coexistence of IPv4 infrastructure and provide
the final transition to IPv6-only infrastructure, using the following mechanisms.
1.4.1 Dual IP layer
Dual IP layer [15] is an implementation of the TCP / IP protocol suite includes an
IPv4 and an IPv6 network layer of the Internet layer. This mechanism IPv6/IPv4
nodes with IPv4 and IPv6 nodes can make communication occurs. Dual IP layer
contains a host-to-host layer protocol implementation (such as TCP and UDP). Dual
IP layer in the upper-layer protocols can all IPv4, IPv6 communication in IPv4 or
IPv6 tunnels.
1.4.2 IPv6 Over IPv4 Tunneling

IPv6 over IPv4 tunneling is the encapsulation of IPv6 packets with an IPv4 header so
that IPv6 packets can be sent over an IPv4 infrastructure. Within the IPv4 header:
The IPv4 Protocol field is set to 41 to indicate an encapsulated IPv6 packet.
The Source and Destination fields are set to IPv4 addresses of the tunnel endpoints.
The tunnel endpoints are either manually configured as part of the tunnel interface or
are automatically derived from the sending interface, the next-hop address of
thematching route, or the source and destination IPv6 addresses in the IPv6 header.
IPv6 over IPv4 tunnel IPv6 path maximum transmission unit (MTU) for the target is
usually less than 20 IPv4 path MTU as the goal. However, if the path is not stored for
each of the tunnel MTU, IPv4, IPv4 packet case will need to be distributed in the
middle of IPv4 routers.
In this case, the IPv6 over IPv4 tunnel packet must be sent to the Do not Fragment
flag in theIPv4 header is set to 0 [10], define the following tunnel configuration
tunnel IPv6 traffic over IPv4 infrastructure between IPv6/IPv4 nodes:
router to router
host router or router to the host
Host-to-Host
Router to router
The router-to-router tunneling configuration, three IPv6/IPv4 router to connect three
IPv4 or IPv6 in IPv4 infrastructure infrastructure. Tunnel endpoints over a logical
link between thesource and destination paths. For the IPv6 over IPv4 tunnel between
the three routers as a single hop. Course in each of the IPv4 or IPv6 infrastructure
superiority in IPv6/IPv4 router. For each IPv6/IPv4 router, there is a tunnel interface
IPv6 over IPv4 tunnels and tunnel interfaces using the internet.

Figure 5. IPv6 over IPv4 Tunneling

1.4.3 Values of the Header Fields
Value (in decimal) Header:
0

Hop-by-Hop Options Header

TCP

17

UDP

41

Encapsulated IPv6 Header

43

Routing Header

44

Fragment Header

46

Resource ReSerVation Protocol

50

Encapsulating Security Payload

51

Authentication Header

58

ICMPv6

59

No next header

60

Destination Options Header

1.5 IPv6 compared to IPv4

This chapter will discuss some differences between the two protocols and what is
new in IPv6.
Address space
The most obvious difference between IPv4 and IPv6 is the size of the addresses. In
the IPv4 protocol addresses are 32 bits long. This leads to a theoretical limit of 232 =
4,294,967,296 addresses. In the IPv6 protocol the addresses is 128 bit long. This
makes the total number of possible addresses to 2128 ~3.4 * 1038 addresses.As the
set of available IPv4 addresses were being rapidly depleted there was a clear need to
migrate to another Internet protocol. The very large number of addresses that would
be available with IPv6 would hopefully last for quite a while. Additionally,these
addresses were to be allocated in a hierarchic manner to minimize the size of the
global routing tables[7]. However, there are exceptions where this hierarchical
structure is not followed. An organization can be assigned Provider Independent (PI)
addresses if they intend to use multihoming. These PI addresses are smaller blocks
assigned separately directly from Regional Internet Registry (RIR)[8]. To be
assigned PI addresses from the Rseaux IP Europens Network Coordination Center
(RIPE NCC) the organization must demonstrate that it will be multihomed[9].
Another advantage is that the organization does not need to change all its IP
addresses when changing Internet Service Provider (ISP).
Address notation
There are some differences in the notation between IPv4 and IPv6 addresses. IPv4 is
represented in a dot-decimal notation where every byte in the address is represented
by a decimal number. These numbers are demarcated with dots. In IPv6 two bytes are
represented as a four digit hexadecimal number separated with colons. As the
addresses are 128 bit, or 16 byte, long there can be up to seven colons. Leading zeros

can be omitted in both IPv4 and IPv6. In IPv6 one or several fields of zeroes can be
compressed and represented with two colons. However, this can only be done once.
Example:
IPv4 address: 192.168.10.5
IPv6 address: 2001:db8:0000:0102:0033:0000:0000:00ab
2001:db8:0:102:33:0:0:ab
2001:db8::102:33:0:0:ab
2001:db8:0:102:33::ab
Prefix length is represented by a slash and the length in number of bits in both IPv4
and IPv6.
IPv4 prefix: 192.168.10.0/24
IPv6 prefix: 2001:db8:0:102::/64
Payload length
A 16 bit payload length field specifies the length of the data carried, including any
extension headers, in numbers of bytes[11]. This mean that up to 65,535 bytes of
payload can be carried. However, there is a Jumbogram extension header that allows
for even larger packets, for details see RFC 2675.
Next header
An 8 bit next header field identifies the type of the header directly after the IPv6
header. It replaces the protocol field in the IPv4 header[11]. The values
corresponding to different protocols are specified in RFCs (the latest being RFC
1700), but have been replaced with an online database.
Hop limit
An 8 bit hop limit field indicates how many hops are left before the packet should be
dropped[11].

Multicast, unicast, and anycast

Multicast, unicast, and anycast addresses are types of addresses that are used for
different purposes.Each will be described below. Broadcast, multicast, and unicast
addresses are used with IPv4. Anycast is a new type, and the functionality that
broadcast addresses served in IPv4 has been replaced by multicast addresses in IPv6.
Multicast
One way of transferring, and replicating, a packet to multiple destination addresses is
to multicast the packet. Duplicates of the packet will be created as the packet
traverses the network, thus distributing the load over the nodes (and as a byproduct
of distributing the load over the physical network itself).
Unicast
A unicast address identifies a single IPv6 interface. A packet destined to such an
address is delivered to the interface that is identified by this address.
Anycast
One of the new concepts introduced in IPv6 is anycast addresses. The definition of
multicast is to send to all the interfaces in a group and unicast sends to a specific
interface, while anycast packets are routed to any interface in the group. This routing
of an anycast packet should be done as efficiently as possible, thus the packet will be
routed to the nearest interface (the distance is calculated according to the routing
protocol that is being used). The key concept is that the anycast group consists of any
interface that can respond to a request sent to a single anycast IP address.
ICMPv6
Just as in IPv4, the Internet Control Message Protocol (ICMP) in IPv6 provides very
useful information about the network. For example, Traceroute makes use of control
messages. ICMP error messages for destination network/host/port unreachable are
well known. Probably one of the most fundamental diagnostic functions is to test the
connectivity between nodes in a network via ping using ICMP Echo Request/Reply.

ICMPv6 is a requirement for every node that is to run IPv6[3]. ICMPv6 has a set of
new features not in ICMPv4. An important new feature is Neighbor Discovery (ND).
ND handles a variety of operations such as address autoconfiguration, determining
the link layer address of nodes on the local network, and detecting routers and any
alteration of link-layer addresses. ND provides resolution of network layer addresses
into link layer addresses, similar to the Address Resolution Protocol (ARP) of
IPv4[4]. Further details of ND are given in the following subsection.
Neighbor Discovery
Neighbor Discovery (ND) comes with modifications, improvements, and new
features when compared to the related IPv4 protocols. The ND protocol performs
functions similar to ARP, ICMP Router Discovery, and Router Redirect, but with
improvements. The function of Neighbor Unreachability Detection (NUD) has been
implemented which serves the purpose its name suggests: it is a mechanism for
detecting if a neighbor is reachable or not.
Router discovery
The router discovery process discovers active routers on the local link[8]. A router
sends out Router Advertisement (RA) messages periodically to inform nodes that it is
active. The waiting time between the advertisements can be skipped by the host by
sending a Router Solicitation (RS).
Autoconfiguration
Hosts (that are not manually configured) need a Dynamic Host Configuration
Protocol (DHCP) server in IPv4 to provide an automated mean to assign an IP
address to the host and for the host to get the other information needed to
communicate via the network. The IP address, subnet mask, and default gateway are
the most fundamental information that is usually provided by DHCP. The address of
a Domain Name Service (DNS) sever is another example of information that the host
may need. It is up to the network administrator to decide what is the best (and maybe
the most convenient) solution to implement. Autoconfiguration in IPv6 was defined
so that there is no need for a DHCP server and the hosts will still be automatically

configured[5]. This simplifies administration, therefore hosts will be less time

consuming to configure and hosts can communicate via a link local IPv6 address
even in the absence of any infrastructure. ISPs use DHCP servers in order to
dynamically allocate addresses. Eliminating the need for DHCP servers improves
reliability, as only the router infrastructure is necessary and it is located nearer the
host and has better fault tolerance[8]. However, autoconfiguration in IPv6 does not
provide DNS information. This is a severe drawback since a lot of commonly used
applications rely on DNS. Fortunately they are multiple ways to bootstrap DNS
operations (for example, using public DNS server, anycast discovery of authoritative
DNS servers see RFC3258 [7], Multicast DNS (mDNS),).
IPv6 and DNS
The Domain Name System (DNS) maps domain names to IP addresses. These
mappings are stored in resource records. A new record was needed for storing IPv6
addresses mapped to domain names.The type of record mapping IPv4 addresses is
called an A record so, naturally IPv6 addresses being four times as long as an IPv4
address, the records for IPv6 are called AAAA or quad-A records. The type value for
AAAA records is 28. An example AAAA record is:example.com. IN AAAA
2001:db8:0:1:2:3:45:6789 An AAAA query has also been defined for fetching AAAA
records from DNS servers. When making a query such as MX type queries, this
means that you want the canonical name of a mail server with a certain alias, then the
DNS server sends in the additional section of the answer an A record providing the IP
address for the mail server[6]. These types of queries are redefined to add both
relevant A and AAAA records. Returning both answers when possible is done for
efficiency reasons.For reverse lookups the special domain in-addr.arpa is defined for
IPv4. The domain name is suffixed to the IPv4 address represented in dotted-decimal
form in reversed order in a PTR record type. For example the domain example.com
with the IPv4 address 10.15.20.25 would have the following PTR record:
25.20.15.10.in-addr.arpa. IN PTR example.com
Avoiding NATs

Network Address Translation (NAT) provides the ability to hide a realm of private IP
addresses behind a single public IP address[6].Given a private network behind a
NAT-enabled router, the IP address within the private network serves only a local
purpose and cannot be used outside of it. The router appears as single device with its
public IP address. The packets leaving the network all have the routers IP address as
their source address, and all packets destined towards the network will have the
routers IP address as their destination address. Since all traffic has the same
destination address arriving at the router, the router must use a NAT translation table
to be able to forward the data to the correct host within the private network. The NAT
translation table consists of a pair of internal and external IP addresses and port
numbers. It is the port number that is used as the key to translation. As a result if
there are a large number of hosts behind the NAT there can be problems due to the
limited port number address space (216) for a given protocol.

Figure 6. Avoiding NATs

If a host with private IP address 192.168.0.2 sends a request to a web server with the
public IP address 173.194.32.31 and port number 80. The host sets the source port
number of the datagram to some local TCP port number, such as 3333 and sends it.
When the router receives the datagram, it replaces theoriginal source IP address with
its own public IP address 85.255.31.209 and allocates a new entry in its NAT
translation table, perhaps with a new source port number 5555, in which case it

replaces the source TCP port number with 5555, recomputes the checksums, and
sends the resulting packets towards the web server. When the web server responds it
sends a packet towards the router (IP address 85.255.31.209, port 5555). When the
router receives this packet it looks in the translation table to find the corresponding
IP address and port number of the host using the destination IP address and port
number in the packet that the web server sent. In this case the router will find a
matching entry, thus it will replace the destination IP address with 192.168.0.2 and it
will replace the port number 5555 with port number 3333, recomputes the
checksums, and forwards the resulting packet towards the host.
People within the IETF argued against the use of NAT for several reasons (see pages
387-388 of [6]).One of them being that IPv6 should be used instead of this short
term, and patchy, solution to the shortage of IPv4 addresses. More importantly, NAT
breaks the end to end property of IP communication, hence NAT causes problems for
services such as peer-to-peer (P2P) file-sharing applications and voice over IP (VoIP)
applications when both endpoints are behind different NATs.
IPv6 Security
There was only limited consideration of security when IPv4 was designed. IPv4 was
meant for use by a closed community and it was not thought that IPv4 would be as
widely deployed as it is today.However, security became a very important part of the
specification of IPv6. This meant that security mechanisms, that were not part of the
original IPv4 protocol, had to be applied in order to provide the desired
security.Figure 2.15.1 Example NAT translation table for a simple network
configuration With this in mind when designing IPv6, built-in security was
considered a requirement. This is achieved with IPsec. However, IPv4 is also able to
us IPsec,but unlike the case for IPv4 Ipv6 requires that every implementation of
IPv6 include support for IPsec.There are an extremely large number of attacks that
can be performed on networks today. Some of the most common are[6]: denial of
service; fabrication, modification, or deletion; and eavesdropping.Each of these types
of attacks is described in the paragraphs below.
Denial of Service

A denial of service (DoS) attack is used to prevent the targeted service from being
available. A DoS attack is easy to detect when the service becomes unavailable.
Unfortunately, it is difficult to prevent a DoS attack and it is even difficult to detect
the onset of such an attack. Common DoS attacks include overloading the target, i.e.,
to subject it to a load that is greater than it is capable of handling (thus slowing down
valid service requests or perhaps even blocking them being handled at all), or
disrupting vital network information (such as routing information) which can cause
unexpected behavior of the network if nodes do not receive information that is
current and operates based upon obsolete information.
Fabrication, modification, or deletion of information
These attacks be can used to forge information in order to fool someone/something to
behave the way the attacker wants or just delete certain (or all) information. These
attacks are hard to detect unless there is some form of sequence number and
authentication.
Eavesdropping
Eavesdropping is often impossible to detect. An attacker can simply intercept packets
and hence gain information without the knowledge of the victims, just as a person
would eavesdrop on a conversation between two unsuspecting individuals. The manin-the-middle attack is performed by a person identifying himself as person B in
the conversation between person A and B in the eyes of person A and vice versa. A
and B (who each think that they are talking directly to each other) sends their
information to the man in the middle who relays the information flowing to and from
them to the other party, the real person B. The two parties (A and B) will not discover
that there is something wrong since they are getting all the information (as is the
intruder). The intruder is now able to learn information that can be used against the
victims, such as passwords. While IPv6 provides new security features, it is still not
flawless. Its new mechanisms also introduce new security issues. A host that has
been able to gain access to a network could still cause a lot of damage by exploiting
messages sent within a network.

IPsec
[3]. IPsec is a framework that provides secure communication in networks at the
network layer. IPsec is a mandatory component for all implementations of IPv6[6].
However, IPsec can be used with both IPv4 and IPv6; as it was designed for both
protocols, but it needs to be retrofitted to IPv4 stacks already in existence AH
authenticates parts of the header and the payload[8]. AH can only protect the fields
that are not intended to be changed, so called immutable fields. The AH header is in
the same format as the otherextension headers. It has a field indicating what type of
the immediately following header is and the length of the AH header. However, the
payload length field indicates the length in 4 octet units instead of 8 as with the other
extension headers. The AH header is inserted between the payload and the IPv4 or
IPv6 header[10].
Implementation
IPsec can be implemented in three different ways: Of these alternatives, the
integrated structure is considered to be the best way, while BITS and BITW require
software and hardware solutions[11].
Integrated structure
The preferred way of implementing IPsec is integrated into the IP stack, as the IPsec
protocols are integrated with IP which will result in an easy implementation. As
mentioned, IPsec a mandatory part of IPv6 thus making it an integrated part of any
IPv6 implementation.
Bump-in-the-stack
Bump-in-the-stack (BITS) is a technique that is usually applied by IPv4 hosts. This
approach implements IPsec as a separate layer between IP and the data link layer.
IPsec perform its security transformation on the datagrams as they pass from the IP
layer to the data link layer and the reverse at the destination.The benefit of using
BITS is that any IP device can adopt IPsec with the addition of suitable software.The
downside is that using software to intercept the datagrams requires extra computing

compared to the integrated structure. For example, in Windows one can implement
an NDIS Device Driver that provide IPsec functionality (see the Windows OS file
ipsec.sys).
Bump-in-the-wire
Bump-in-the-wire

(BITW)

relies

on

hardware

to

implements

IPsec

functionality.Consider .In this scenario the routers do not implement IPsec (Network
1 and 2). Therefore we introduce an IPsec device (IPsec device 1 and 2) between the
router and the Internet to provide IPsec functionalities. As datagrams passes out
though the IPsec device, IPsec is applied; as datagrams passes in through the IPsec
device, IPsec is removed. The existence of an IPsec tunnel between the two IPsec
devices is invisible to the routers.The benefits of BITW are the same as for BITS.
The downside is complexity and cost: new hardware needs to be bought, integrated
into the existing network and configured. However, an advantage is that no other
changes need to be made in the network. This assumes that R1 and R2 only want to
communicate with each other. If they also way to send packets to and from the rest of
the internet, then there needs to be a way to tell the IPsec devices which packets to
not tunnel.Both BITS and BITW provides the same functional outcome in the end,
but one has to decide which alternative is best suited to a given application scenario.
As mentioned earlier, the integrated structure (IPv6) is the preferred way of
implementing IPsec. However, when IPsec has not been integrated BITW and BITS
provide a way of adding IPsec after the fact.

Figure 7. Bump in the wire

in through the IPsec device, IPsec is removed. The existence of an IPsec tunnel
between the two IPsec devices is invisible to the routers.The benefits of BITW are
the same as for BITS. The downside is complexity and cost: new hardware needs to
be bought, integrated into the existing network and configured. However, an
advantage is that no other changes need to be made in the network.

CHAPTER 2
LITERATURE REVIEW
The Internet today relies on the Internet Protocol version 4 (IPv4) protocol. When
originally developed in the late 1960s, the need for an enormous number of addresses
that we see now was not anticipated. At that time computers had just started to
appear but, just like now, they were much more useful if they were able to
communicate with each other. A demand for a network that would interconnect and
make computer resources available grew. The United States Department of Defense
(DoD) needed to make a distributed set of computer recourses available to
researchers that were working on contracts for them. A packet switching network was
developed by the Advanced Research Project Agency (ARPA) of DoD in 1969, and it
was called ARPAnet[1]. After further developments and trials this eventually grew
into the modern Internet utilizing IPv4. Initially only universities, large companies
with military contracts, and the military could utilize this network, hence only a
small number of computers needed an IP address. The approximately 4.3 billion
addresses that IPv4 provides seemed like an endless amount when IPv4 was
introduced on January 1 1983[2], and even if only 3.7 billion addresses can be
allocated to ordinary devices (27*224 + 214*216 + 221*28 = 3,758,096,384), it was
considered enough to cover all future needs. But in the early 1990s, with the
increasing number of IP addresses being requested, it was clear that they would
eventually run out. As of 31 January 2011, the pool of unallocated IPv4 addresses
officially ran out[3]. The last two blocks of addresses were assigned by the Internet
Assigned Numbers.
Authority (IANA) to the Asia Pacific Network Information Centre (APNIC)[4]. This
does not mean that there are no more IPv4 addresses whatsoever, but it does mean
that each regional Internet registry(the registry is responsible for allocating Internet
number resources in its own region) cannot request a new block of addresses to
allocate. This means that when a registry runs out of addresses that it cannot allocate
any additional addresses within its region.As a result of the realization that the
addresses would eventually be depleted, the Internet Engineering Task Force (IETF)

was assigned the task to develop a successor to IPv4. The 32-bit IP address space
was simply not going to be sufficient as large numbers of devices each needed one or
more unique IP address assigned to it. The decision on this successor took some time,
but it was decided that a 128-bit address scheme would be adopted. Improvements, in
addition to extending the address space, were made based upon the long experience
with IPv4. These improvements include autoconfiguration of devices for easier
administration and built-in security with IPsec. As a result the specifications of IP
version 6 (IPv6) were established in RFC 1883[5] in December 1995 What happened
to IPv5 then? The original thought was that the Internet Stream Protocol version 2
(ST-II) protocol was to become IPv5. These packets were identified with Internet
Protocol version number 5; however, the Resource Reservation Protocol (RSVP) was
favored over ST-II[6]. BITW and BITS provide a way of adding IPsec after the fact.
Routing protocols and IPv6
To be able to send IP packets to other subnets the router needs to know where to
forward the packets so they get to the correct destination. Routing protocols solves
this problem. In this section we are going to go through the routing protocols
available to distribute connectivity information for IPv6.
RIPng
The Routing Information Protocol (RIP) is a commonly used intra domain routing
protocol in small to moderate size networks (the maximum diameter of a network is
15 hops). RIP uses a Bellman Ford or other type of distance vector algorithm to
calculate the best path in a network. RIP has its limitations,such as the low maximum
number of hops for a path, the path cost is based only on the number of hops, and it
has slow convergence[6]. Despite these limitations RIP is used because it is generally
available and easy to configure.RIPng is based on RIP, and thereby suffers from the
same limitations, but is intended for IPv6 networks. RIPng is not intended to be used
in networks with both IP protocols. RIPng send its messages over UDP to port 521.
Unsolicited response messages are sent every 30 seconds containing the whole
routing table. Messages are also sent when triggered by route changes. There are two
timers per route in the routing table, a timeout and a garbage-collector time. When

the timeout expires the route is invalid, but it is kept in the routing table for a short
amount of time so neighbors can be notified. When the garbage-collector time
expires, the route is removed from the table. When a route is established the timeout
timer is set and every time an update message received the timeout timer is reset. If
the timeout is not reset after 180 seconds, then the route is expired and deleted.
OSPFv3
OSPF (Open Shortest Path First) is a widely used intra domain routing protocol
based on Dijkstra's least-cost path algorithm for calculating the best paths to
subnets[6]. Every router running OSPF makes its own complete map of the network
before calculating the best path with itself as the root node. When routing
information changes, or upon initialization, the router generates a link-state
advertisement representing all link-states of the router. Link-states are exchanged by
flooding. Every router that receives a link-state update saves it in its database and
sends a copy to its neighboring routers. Then the best path is recalculated. With
OSPF an Autonomous System (AS) can be divided into areas. Subsets of the routers
are assigned to different areas. One, or more, of the border routers are set to be part
of a backbone area that all communication between the areas goes through.With
OSPFv3, also known as OSPF for IPv6, much of the fundamental mechanism of
OSPFv2 (OSPF for IPv4) remains unchanged. In OSPFv3 protocol packets and in the
main link-state advertisement types addresses are removed, making the core
independent of the network-layer protocol. However, OSPFv3 is carried directly over
IPv6, so IPv6 must be enabled on the interface.

CHAPTER 3
PAST WORK
Bandwidth Utilization for Point-to-Point Architecture
Under Windows, bandwidth utilization results for IPv4 and IPv6 with data size
ranging from 128 KB to 1.408 MB as shown earlier shows that the performance
indicators are quite close. In comparison to IPv4, the IPv6 incurs 1 to 2% more
overhead in this type of data sizes.As the header size of IPv6 is bigger than that of
IPv4, probably IPv6 incurs more overhead than IPv4. More overhead results for
bigger message of bigger data size happens due to bigger number of data packets and
its corresponding acknowledgement time used up by the protocol in comparison to
smaller message of smaller data sizes. Under Macintosh, bandwidth utilization
results for IPv4 and IPv6 with data size ranging from 128 KB to 1.408 MB as shown
earlier shows that the performance indicators are quite close but better than windows.
In comparison to IPv4, the IPv6 incurs 2 to 3% more overhead in this type of data
sizes. Under Linux, bandwidth utilization results of IPv6 incurs around 2% more
overhead in the smaller data sizes ranging from 128 KB to 1.408 MB as shown
earlier. As IPv6 has bigger header than IPv4 header, in Linux also, IPv6 incurs more
overhead than IPv4.
We see that IPv6 under Linux performs better than under, Macintosh, which in turn
performs better than Windows for all kinds of data sizes, but at smaller data size
level, 1111111111111performance of Windows is poorer. As the data size grows
bigger and bigger, the difference becomes lesser and lesser. The reason may be
perhaps due to the use of different algorithms and time acknowledgement differences
in Windows, Macintosh and Linux platforms 111111.
Round Trip Time Computation for Point-to-Point Architecture
As seen earlier, both IPv4 and IPv6 protocols perform at the same level of efficiency
under Windows. Actually, Windows permits millisecond level time resolution only.
So, it isdifficult to capture time in microsecond level directly for smaller sizes
data.We see that IPv4 and IPv6 perform quite closely under Windows. IPv6 incurs

1.8 to 2.9% more overhead for all ranges of data sizes, which matches with
theoretical speculations also. IPv6 header is 20 bytes bigger than that of IPv4 and the
difference happens to be bigger for bigger overhead.
Bandwidth Utilization for Router-to-Router Architecture
Under Windows, bandwidth utilization results for data size ranges from 1.28 to 1.408
MB (Chapter 4). It appears that IPv6 incurs a 14% more overhead in this type of data
size, which is 1 to 2% only for point-to-point Chapter 4). (IPv4 performs better than
IPv6 for data sizes ranging from 5.12 to 61.44 MB. For all ranges of data size used in
our experiment router-to-router case, IPv6 incurs around 19% overhead, which is
only 3% for point-to-point architecture as shown in Fig. 4.3 (Chapter 4). Perhaps
more routers contribute to additional overhead which incurs more overhead than
point-to-point architecture. It is seen that IPv4 performs better than IPv6 and it incurs
around 9% overhead for all data sizes used in our experiments. shows that IPv4
performs better than IPv6. IPv6 incurs 12% overhead for larger data sizes. Perhaps
more routers contribute to additional overhead which incurs more overhead than
point-to-point architecture.
Round Trip Time Computation for Router-to-Router Architecture
Under Windows, for data sizes between 5.12 to 61.44 MB both IPv4 and IPv6
perform quite closely. IPv6 incurs around 7% more overhead than IPv4. Here,
perhaps router adds extra overhead with data transmission in IPv6 which results to
bigger values than IPv4 in total overhead count.
Under Linux, for data sizes between 5.120 to 61.440 MB IPv4 and IPv6 perform
quite closely. At the starting end of the data size in router-to router architecture, IPv6
incurs around 13% more overhead, which falls to 4% around the finishing end of the
data size. This overhead is 1.8 to 2.9% only for point-to-point architecture as shown
in Fig. 4.13 (Chapter 4). Here also, the reason is the same for the increase of
overhead incurred by IPv6 as in the previous case. Here only platform is different.

CHAPTER 4
CONCLUSION AND FUTURE WORK
In the present work, we carried out a series of experiments to compare the
performance analysis of IPv4 and IPv6 stack protocols under Windows 2007,
Macintosh and Red Hat Linux Enterprise Version 4 platforms. We measured the
performance parameters for the protocols in terms of bandwidth utilization and RTT
(latency) computation for host-to-host and router-to-router architectures.
Performance analysis for point-to-point architecture was carried out to see only the
normal operational characteristics of both the protocols. But our experiments are
mostly focused on the router-to-router bandwidth utilization and RTT (latency)
performance measurements only.
Another observation is that under Linux platform, bandwidth utilization is better
than, Macintosh, which is better that under Windows. Interestingly, we find from our
experimental results that the bandwidth utilization and RTT (latency) parameters of
IPv4 are superior to those of IPv6 protocols. For thiscase, we infer that IPv6 results
are poorer in comparison to IPv4 due to the bigger overhead constraints of IPv6.
It is an overall observation that router-to-router RTT (latency) performance figures
are always less than those of the host-to-host values.Our experiment was confined
within a prototype kind of experimental setup comprising of three PCs and three
IPv6 enabled routers connected through UTP Ethernet cross cables. We found more
or less acceptable results in all the experiments carried out so far. But to be more
realistic, more experiments are to be carried out in a bigger network domain to get
the actual values for the performance parameters.
One can also carry out experiments on tunneling of IPv6 packets through IPv4
environment to find out tunneling under router-to-router architecture is better or
poorer to that in host-tohost architecture in all the experiments.Also, we were
confined within bandwidth utilization and RTT (latency) parameters measurements
in our experiments only.

More research on the following aspects will be useful for further study in this area:
1. Study can be extended to comparative evaluation with IPv6 implementation on
other platforms, such as Sun Solaris 10 operating platform;
2. Study can be extended to different router platforms, such as Nortel, Juniper etc.
3. Study can also be extended to using IPSec in IPv6 implementation to observe the
overhead enhancement due to encryption and decryption processes;

CAHPTER 5
REFERENCES
[1]
[2]
[3]

http://www.engr.iupui.edu/~dskim/ipv4/
Charles E. Perkins, , Pearson, First edition, 2008
http://www.engr.iupui.edu/~dskim/ipv6/

[4]

Forauzen,

Plymouth, ,

Networking,

Network

Research

Group,

University

of

Devon PL4 8AA

[5]

William Stallings,Networking, Dept. of Computer Science,University of

Massachusetts, MA 01060, 20057

[6]

Christopher, Security of IPV6, MASSACHUSETTS INSTITUTE OF

TECHNOLOGY, June 2008

[7]

http://www.cse.wustl.edu/~jain/cis788-99/ftp/ipv6/

[8]
[9]

Ronald L. Rivest. The MD6 Hash Function. To be released Fall 2008.

http://www.cse.wustl.edu/~jain/cis788-99/ftp/ipv4/

[10]

Radhika. Trust Based Solution for Networking,

International Journal

of . . .

Advanced Research in Computer Science and Software Engineering 4(5),

May - .

2014, pp. 73-82

[11]
A . .

Claude Crepeau, Carlton R. Davis and Muthucumaru Maheswaran,

.

secure networking, Computer Science, McGill University, H3A2A7