Part 01  Background 

In 2021, the Ministry of Industry and Information Technology and the Central Network Information Office jointly issued the "Three-Year Special Action Plan for Improving IPv6 Traffic (2021-2023)", emphasizing that "new home broadband, enterprise broadband and leased line services should support IPv6", for operators, with the development and evolution of IPv6, there are some adjustments in business, content, and terminals. Among them, whether terminal equipment can have IPv6 capabilities is one of the key factors to complete the action plan.

Part 02  Current Situation of Networking in Home Scenarios 

For newly opened home broadband users, the operator will send staff to install the smart gateway (optical modem) to complete the home installation and commissioning work. The smart gateway is used as the broadband entrance, and its LAN side supports routers or terminal devices .  From the perspective of relevant specifications, China Mobile's current home gateways in the warehouse support the acquisition and distribution of IPv6 addresses. However, due to individualized differences in the networking of home scenarios, the actual terminal side cannot 100% cover IPv6 capabilities.

Figure 1 "Technical Specifications for China Mobile Smart Home Gateway" - IPv6 Address Management Requirements

In the home network, there are mainly five potential network scenarios in home broadband: 

(1) The device is directly connected to the optical modem, and the optical modem is in routing mode. In this scenario, the device obtains an IPv4/IPv6 address from the optical modem;

(2) The device is connected to the router, and the optical modem is in routing mode. In this scenario, the router obtains the IPv6 prefix from the optical modem, and the router assigns an IPv6 address to the device connected to it; 

(3) The device is connected to the router, and the optical modem is in bridging mode. In this scenario, the router dials through PPPoE, applies for an IPv6 prefix, and the router assigns an IPv6 address to the connected device; 

(4) The device is connected to the router, the optical modem is in routing mode, and the router does not support IPv6. In this scenario, the router obtains an IPv4 address from the optical modem, and the connected device cannot obtain an IPv6 address; 

(5) The device is connected to the router, the optical modem is in bridge mode, and the router does not support IPv6. In this scenario, the router obtains an IP address through PPPoE dial-up, and the connected device cannot obtain an IPv6 address.

Scenario 2 is the most typical home broadband network environment. In scenarios 4 and 5, because the router does not support IPv6, the connected smart home devices cannot be assigned IPv6 addresses. Therefore, the IPv6 capabilities of routers have a great impact on the advancement of IPv6 in home scenarios.

Then, how to assign IPv6 addresses to routers and terminals through intelligent gateways? The concept of IPv6 will be described in detail here.

Part 03 IPv6 concept description 

3.1 DHCP-PD

DHCP-PD (Prefix Delegation, prefix assignment) is an extension of DHCPv6. Traditional DHCPv6 transfers network configuration parameters such as addresses from the server to IPv6 client hosts, while DHCPv6-PD implements prefix assignment, that is, the PD server assigns a subnet range The prefix address segment and other network configuration information such as DNS are delivered to the PD client, which means that the PD server issues a "subnet address segment" instead of an IPv6 address that can be directly used by the host.

3.2 SLAAC (IETF RFC4862)

SLAAC (Stateless Address Autoconfiguration, stateless address autoconfiguration). SLAAC technology is a technology to automatically obtain an IP address. In IPv6, in addition to configuring DHCPv6, it also supports the use of SLAAC technology to obtain an IPv6 address, so as to achieve the effect of plug-and-play equipment.

The implementation of SLAAC relies on the RS message and RA message in the NDP protocol. In the NDP protocol of IPv6, there are five kinds of messages in total, and the RS message, namely Router Solicitation, router request message, RA message, namely Router Advertisement, router advertisement message.

Part 04 Home Broadband IPv6 Address Allocation 

Combined with the networking environment in the home, the BRAS is the allocator of IPv6 addresses, and can set the size of the address pool according to device capabilities and actual configuration scale.

Figure 2 Home Broadband IPv6 Address Allocation Process

For home broadband equipment, BRAS assigns /64 IPv6 addresses to PC terminals through SLAAC, assigns WAN port /64 addresses and LAN port /60 addresses to home gateways. In actual configuration, provincial companies can configure address pool capacity according to business development and equipment configuration.

For devices attached to the home gateway, its WAN port is configured with an IPv6 address through the SLAAC or DHCPv6 protocol, and the specific method depends on the manufacturer's implementation. There are some differences between the 64th position of the LAN port prefix and the LAN port prefix of the home gateway, which means that the router is subdivided again based on the /64 prefix, which is convenient for assigning the prefix address downwards. The allocation method supports manual configuration, SLAAC and DHCPv.

After the terminal device is connected to the router, it obtains an IPv6 address through manual configuration, SLAAC or DHCPv6.

Part 05 packet capture analysis  

As mentioned above, when a terminal accesses a home broadband network, knowledge of several important IPv6 addresses is involved, and the IPv6 address allocation steps can be clearly understood through packet capture analysis.

Step 1: The terminal device has just connected to the home network, and the device has not been assigned an ipv6 address. Therefore, a local link address is generated by combining the terminal mac address. This address is tentative, that is, it is initiated through ::/128 after no address conflict detection. In multicast, all nodes on the link will receive NS packets to implement the address conflict detection process. If you receive NA from other sites, it proves that the address is unavailable. The packet capture found that there is indeed no such response packet.

Figure 3 Generate a link-local address

Step 2: Combining the local prefix and the local link address fe80::818:5ed6:27bc:59bd generated by the host, send an RS message to the router to apply for RA, and notify all routers in the link that the local IPv6 router needs RA;

Figure 4 RS request

Step 3: Feedback RA information from the router including prefix, MTU, DNS server information;

Carrier prefix: 2409:8a28:ec1:a080::/64, Valid Lifetime: 7200s, Preferred Lifetime: 3600s

Figure 5 RA response

The host generates a global unicast IPv6 address (GUA) based on the RA information that will be fed back. In addition to the 64-bit network prefix, a 64-bit interface ID is also required to create a global unicast address.

Step 4: After configuration, the host needs to verify that the IPv6 address is unique. Here, the host will use a specially constructed multicast address to send ICMPv6 neighbor solicitation messages. This address is called the solicited node multicast address. Copy the last 24 bits of the host to come To determine that the address is unique, the process described above is called DAD (Duplicate Address Detection).

Figure 6 IPv6 address duplication detection

So far, the terminal device completes the acquisition of the IPv6 address.

Part 06 Summary  

Starting from the actual home network environment, this article explores and analyzes the IPv6 allocation and principles of equipment in the actual home broadband network. The next article will discuss the actual availability and security analysis of IPv6, so stay tuned.