RFC 1933 defines the following transition mechanisms:
When you upgrade your hosts and routers to IPv6, they retain their IPv4 functionality to provide compatibility for all IPv4 protocols and applications. These hosts and routers are known as dual stack.
They use the name service (for example, DNS) to carry information about which nodes are IPv6 capable.
IPv6 address formats can contain IPv4 addresses.
You can tunnel IPv6 packets in IPv4 packets as a means of crossing routers that have not been upgraded to IPv6.
The dual stack term normally refers to a complete duplication of all levels in the protocol stack from applications to the network layer. An example of this would be OSI and TCP/IP protocols running on the same machine. However, in the context of IPv6 transition, it means a protocol stack contains both IPv4 and IPv6, with the rest of the stack being identical. Consequently, the same transport protocols (TCP, UDP, and so on) and the same applications will run over both IPv4 and IPv6.
The following figure illustrates dual stack protocols through the OSI layers.
In the dual stack approach, subsets of both hosts and routers are upgraded to support IPv6, in addition to IPv4. This ensures that the upgraded nodes can always interoperate with IPv4-only nodes by using IPv4. Thus, upgrading from IPv4 to dual stack does not break anything.
A dual node must determine if the peer can support IPv6 or IPv4 in order to know which IP version to use when transmitting. Controlling what information goes in the name service accomplishes this. You define an IPv4 node's IP address and the IPv6 node's IP address in the name service. Thus, a dual node has both addresses in the name service.
However, the presence of an IPv6 address in the name service also signifies that the node is reachable, using IPv6 from all nodes that get information from that name service. For example, placing an IPv6 address in NIS implies that the IPv6 host is reachable using IPv6 from all IPv6 and dual nodes that belong to that NIS domain. Placing an IPv6 address in global DNS requires that the node is reachable from the Internet IPv6 backbone. This is no different than in IPv4 where, for example, mail delivery and HTTP proxy operation depend on there being only IPv4 addresses for nodes that can be reached using IPv4. When no reachability exists in IPv4, for instance, due to firewalls, the name service must be partitioned into an inside firewall and outside firewall database so that IPv4 addresses are visible only where they are reachable.
The protocol used to access the name service (DNS, NIS, NIS+, or something else) is independent of the type of address that can be retrieved from the name service. This name service support, coupled with dual stacks, allows a dual node to use IPv4 when communicating with IPv4-only nodes and use IPv6 when communicating with IPv6 nodes, provided that there is an IPv6 route to the destination.
In many cases you can represent a 32-bit IPv4 address as an 128-bit IPv6 address. The transition mechanism defines the following two formats.
IPv4 compatible address
000 ... 000 |
IPv4 Address |
IPv4 mapped address
000 ... 000 |
0xffff |
IPv4 Address |
The compatible format is used to represent an IPv6 node. This format enables you to configure an IPv6 node to use IPv6 without having a real IPv6 address. This address format lets you experiment with different IPv6 deployments because you can use automatic tunneling to cross IPv4-only routers. However, you cannot configure these addresses using the IPv6 stateless address autoconfiguration mechanism. This mechanism requires existing IPv4 mechanisms such as DHCPv4 or static configuration files.
The mapped address format is used to represent an IPv4 node. The only currently defined use of this address format is part of the socket API. It is convenient for an application to have a common address format for both IPv6 addresses and IPv4 addresses by representing an IPv4 address as a 128-bit mapped address. However, these addresses can also be used when there are IPv4 to IPv6 protocol translators.
To minimize any dependencies during the transition, all the routers in the path between two IPv6 nodes do not need to support IPv6. This mechanism is called tunneling. Basically, IPv6 packets are placed inside IPv4 packets, which are routed through the IPv4 routers. The following figure illustrates the tunneling mechanism through routers (R) using IPv4.
Different uses of tunneling in the transition are:
Configured tunnels between two routers (as in the figure above)
Automatic tunnels that terminate at the dual hosts
A configured tunnel is currently used in the Internet for other purposes, for example, the MBONE (the IPv4 multicast backbone). Operationally, it consists of configuring two routers to have a virtual point-to-point link between them over the IPv4 network. This kind of tunnel is likely to be used on some parts of the Internet for the foreseeable future.
The automatic tunnels have a more limited use during early experimental deployment. They require IPv4 compatible addresses and can be used to connect IPv6 nodes when there are no IPv6 routers available. These tunnels can originate either on a dual host or on a dual router (by configuring an automatic tunneling network interface), and they always terminate on the dual host. These tunnels work by dynamically determining the destination IPv4 address (the endpoint of the tunnel) by extracting it from the IPv4 compatible destination address.
Even on a node that has been upgraded to IPv6, the use of IPv6 is dependent on the applications. An application might not use a networking API that asks the name service for IPv6 addresses, either because the application uses an API (such as sockets) that requires changes in the application, or the provider of the API (such as an implementation of the java.net class) has no support for IPv6 addresses. In either case the node only sends and receives IPv4 packets like an IPv4 node.
The following names have become standard terminology within the Internet community:
IPv6-unaware--This application cannot handle IPv6 addresses; that is, it cannot communicate with nodes that do not have an IPv4 address.
IPv6-aware--This application can communicate with nodes that do not have an IPv4 address, that is, the application can handle the larger IPv6 addresses. In some cases this might be transparent to the application, for instance, when the API hides the content and format of the actual address.
IPv6-enabled--This application can, in addition to being IPv6-aware, take advantage of some IPv6 specific feature such as flow labels. The enabled applications can still operate over IPv4, though in a degraded mode.
IPv6-required--This application requires some IPv6 specific feature and cannot operate over IPv4.