DISTRIBUCIÓN ESPACIAL DE LAS COMPRAS CENTRO COMERCIAL

Extension headers, placed between the IPv6 header and the upper-layer protocol header, are used to carry optional Internet-layer information in a packet. An IPv6 packet may carry zero, one, or more extension headers.The Next Header field in the IPv6 header and extension headers is used to indicate which extension header or upper-layer protocol header follows the current header.

N

Table 3.1 provides the Next Header value and the corresponding headers. Except for the Hop-by-Hop Options header, the Next Header value

appears in the immediately preceding header. When the Hop-by-Hop

Options header is used, it must follow immediately after the IPv6 header.

Therefore, the Next Header value of zero can appear only in IPv6 header.

Table 3.1 Next Value Headers

Next Header Value Next Header

0 Hop-by-Hop Options header

4 Internet Protocol

6 Transmission Control Protocol

17 User Datagram Protocol

43 Routing header

44 Fragment header

45 Inter Domain Routing Protocol

46 Resource Reservation Protocol

50 Encapsulating Security Payload

51 Authentication header

58 Internet Control Message Protocol

59 No next header

60 Destination Options header

88 Chapter 3 • The IPv6 Headers

When a TCP header immediately follows an IPv6 header without an exten- sion header, the value of the Next Header field in the IPv6 header indicates that the following header is a TCP header.When a packet using TCP as its upper- layer protocol carries one extension header, the Routing header, this extension header is placed between the IPv6 header and the TCP header.The Next Header field in the IPv6 header indicates that the Routing header follows the IPv6 header and the Next Header field in the Routing header indicates that the TCP header immediately follows the Routing header.The Next Header value of 59 indicates that there is no extension or upper-layer protocol header following the current header.

A full implementation of IPv6 includes the following extension headers: Hop-by-Hop Options, Routing (Type 0), Fragment, Destination Options, Authentication, and Encapsulating Security Payload.The recommended ordering of extension headers when multiple extension headers are present in a packet is as follows:

■ _{IPv6 header}

■ _{Hop-by-Hop Options header}

■ _{Destination Options header (to be processed by all destination nodes}

appearing in the routing header)

■ _{Routing header}

■ _{Fragment header}

■ _{Authentication header}

■ Encapsulating Security Payload header

■ _{Destination Options header (to be processed only by the final destina-}

tion of the packet)

■ _{Upper-layer header}

Except for the Destination Options header, each extension header should appear no more than once in a packet.The Destination Options header contains information to be processed by the final destination node.When the Routing header is present, an additional Destination Options header may be used for

options to be processed by all nodes listed in the Routing header; in this case, there will be at most two occurrences of Destination Options headers in an IPv6 packet. When an IPv4 packet carries an option that is applicable only to its destina- tion node, all intermediate nodes must examine and process the packet before forwarding, thus impacting the performance of the forwarding nodes.

The IPv6 Headers • Chapter 3 89

W

Most often, routers are implemented such that packets containing options are handled after packets without options. For this reason, the use of options is discouraged in IPv4 networks.

Except for the Hop-by-Hop Options header, extension headers are examined or processed only by the destination node (or nodes, in the case of multicast) of the packet.Thus, an IPv6 packet may carry optional information applicable only to its destination node without impacting the performance of the intermediate nodes.The Hop-by-Hop Options header can be used to carry optional informa- tion that needs to be examined or processed at all intermediate nodes.

The value of the Next Header field in the current header determines the next action to be taken, and the semantics of the current extension header determine whether to continue processing the next header.Thus extension headers must be examined in the order they appear in a packet.When a node receives an unrec- ognized Next Header value in a packet, it discards the packet and sends an ICMP Parameter Problem message to the source of the packet, with an ICMP Code value of 1—unrecognized Next Header type encountered. Because the Hop-by-Hop Options header must immediately follow the IPv6 header, a Next Header value of zero in any header other than IPv6 header will be treated as a packet with an unrecognized Next Header value.

Currently, the Hop-by-Hop Options header and the Destination Options header carry a variable number of options encoded in Type-Length-Value (TLV) format, as seen in Figure 3.3.

The Option Type identifiers are encoded in such a way that the highest-order two bits specify the action to be taken when the processing node does not recog- nize the Option Type, and the third highest bit specifies whether or not the

www.syngress.com

Figure 3.3 TLV-Encoded Option Format

Option Type 8 bits

Opt Data Len 8 bits

Option Data variable length Option Type 8-bit identifier of the type of option Opt Data Len 8-bit unsigned integer. Length of the Option Data

field of this option, in octets.

90 Chapter 3 • The IPv6 Headers

Option Data of that option can change en route to the packet’s final destination. For instance, when a node encounters an unknown Option Type value of 130 (1000 0010), the highest-order two bits indicate that the node must discard the packet and send an ICMP Parameter Problem, Code 2, message to the source of the packet.Table 3.2 describes the encoding of Option Type.

Table 3.2 Option Type Encoding Highest-order

two bits Action to be taken

00 Skip over this option and continue processing the header.

01 Discard the packet.

10 Discard the packet and, regardless of whether or not the packet’s Destination Address was a multicast address, send an ICMP Parameter Problem, Code 2, message to the packet’s Source Address, pointing to the unrecognized Option Type.

11 Discard the packet and, only if the packet’s Destination Address was not a multicast address, send an ICMP

Parameter Problem, Code 2, message to the packet’s Source Address, pointing to the unrecognized Option Type.

Some Option Type values may change as the packet progresses through the route to its destination.The third highest-order bit of the Option Type is used to indicate whether its data value can be changed en-route or not.The third

highest-order bit is zero when Option Data does not change en-route, and one when it may change.This can create problems for an authentication service, since its purpose it to assure the contents of the packet do not change.When the Authentication header is used, the source of the packet computes the authenti- cating value over the packet and places the result in the Authentication header. For an Option Type whose Option Data may change en route, the Option Data is treated as a set of zero-valued octets when computing the packet’s authenti- cating value.

As stated before, extension headers are designed to be multiples of eight octets in length.To ensure that the end of the option data field is aligned with the 8-octet boundary, specific Option Types may be associated with alignment requirements in the form xn+y, indicating that the Option Type must appear at an integer multiple (n) of x octets from the start of the header, plus y octets. For instance, a 4n+2 alignment requirement indicates that the Option Type must start

The IPv6 Headers • Chapter 3 91 at any 4-octet offset from the start of the header, plus two octets, such as 2, 6, 10,

14, and so on.

Two padding options, the Pad1 option and the PadN option, may be used to force headers containing options to be multiples of eight octets in length.The Pad1 option is used to insert one zero-valued octet of padding, and the PadN option is used to insert more than one octet of padding.The format of the PadN option is shown in Figure 3.4.To insert two octets of padding (Pad2), one octet with the value of one and one octet (option data length field) with the value of zero can be used.The Pad2 option is a special case in that there is no Option Data, or Option Data of zero length is used.