IPv6 Foundation Part 2: IPv6 Addressing and Subnetting

IPv6 Foundation Part 2 - IPv6 Addressing and Subnetting
Want to learn IPv6 Address­ing & IPv6 Sub­net­ting? Types of Com­mu­ni­ca­tion, IPv6 Address Scopes? Find the answers and more right here!

Table of Con­tents

About this course

So you are inter­est­ed in IPv6, which is absolute­ly great!

IPv6 is not only the future of net­work­ing, it is already here today! All the big play­ers on the Inter­net are already IPv6 enabled and it is now time for you to join the par­ty!

This course cov­ers all major aspects of the new Inter­net Pro­to­col and what changed, com­pared to IPv4. You will under­stand the fun­da­men­tals and be ahead of your peers that are still on the sink­ing ship of IPv4! As of today, there are no IPv4 address­es left and we have no oth­er option but to go ahead and deploy IPv6.

IPv6 Act Now

IPv6 Foun­da­tion Part 2: IPv6 Address­ing and Sub­net­ting

About IPv6 Address­ing

IPv4 address­es are 32 bits in length (that’s 0s and 1s) and IPv6 address­es have 128 bits (of 0s and 1s). The news is also, that we use hexa­dec­i­mal nota­tion and colons : to dis­play the new address­es!

Have a look:

IPv4 vs IPv6 Addressing

How an IPv6 address is dis­played

You get used to the new nota­tion quick­ly, I promise!

There are a cou­ple of rules to fol­low:

1. there are 8 groups with 4 hexa­dec­i­mal dig­its each


2. invi­did­ual dig­its are called nib­ble

3. each group rep­re­sents 16 bits, sep­a­rat­ed by colon (:)

Exam­ple:
 2001:0db8:85a3:0000:0000:0000:0070:7334

This is a real and com­plete IPv6 address! But it is a bit long, so it can be short­ened and still be valid and com­plete:

1. lead­ing zeros can be omit­ted:

2001:0db8:85a3:0000:0000:0000:0070:7334

can be short­ened to ->

2001:db8:85a3:0:0:0:70:7334

2. groups of zeros can be replaced by dou­ble colon :: (only once per address, to be unique!):

2001:db8:85a3:0:0:0:70:7334

can be short­ened to ->

2001:db8:85a3::70:7334

Types of Com­mu­ni­ca­tion in IP

In net­work com­mu­ni­ca­tion and inde­pen­dent from the pro­to­col ver­sion (v4 or v6) there are dif­fer­ent types and scopes that we will review now. If you already know about these types, you can skip ahead if you like or use it as a recap.

Uni­cast IP Com­mu­ni­ca­tion

Send­ing a mes­sage to a sin­gle, unique address (des­ti­na­tion)

Unicast Communication

Broad­cast IP Com­mu­ni­ca­tion

Send­ing a mes­sage to mul­ti­ple des­ti­na­tions simul­ta­ne­ous­ly. Eth­er­net and IPv4 use broad­cast address­es to reach all clients on the local net­work!

Broadcast Communication

Mul­ti­cast IP Com­mu­ni­ca­tion

Send­ing a mes­sage to a group (des­ti­na­tion) simul­ta­ne­ous­ly, tar­get­ing only group mem­bers. This is used reg­u­lar­ly in IPTV, where you can sub­scribe to the cor­re­spond­ing mul­ti­cast group and then received the cor­re­spond­ing TV chan­nel stream over the Inter­net, instead of receiv­ing all chan­nels all the time.

Multicast Communication

Any­cast IP Com­mu­ni­ca­tion

Send­ing a mes­sage to a sin­gle, unique address (des­ti­na­tion), that is used by mul­ti­ple hosts. The near­est host is auto­mat­i­cal­ly select­ed. In most imple­men­ta­tions BGP is used and the low­est hop count (low­est dis­tance) to the tar­get address is used. Any­cast is reg­u­lar­ly used for glob­al DNS deploy­ments, like with Google’s 8.8.8.8 DNS ser­vice or Cloud­flare’s 1.1.1.1 DNS ser­vice

Anycast Communication

Com­mu­ni­ca­tion Types for IPv4 and IPv6

Broad­cast was used with IPv4 but is not used with IPv6 any­more, because the amount of address­es in a sin­gle IPv4 net­work was lim­it­ed or at least much less, so reach­ing every­body on the net­work could be han­dled. Broad­cast in IPv4 was also used to make sure the address, received by DHCP, was unique. The same does not scale at all for the very large IPv6 net­works, so the use of broad­cast trans­mis­sion was removed from the new pro­to­col spec­i­fi­ca­tions.

Types of Communication IPv4 vs IPv6

IPv6 Address Scopes

Dif­fer­ent address scopes are used to define which kind of reach­a­bil­i­ty an assigned address has. This helps scale the net­work and could also be used as a secu­ri­ty mea­sure. In best prac­tice I would still high­ly rec­om­mend only using address­es from Glob­al Scope (Uni­ver­sal Scope) and secur­ing your net­work with a fire­wall.

The dif­fer­ent address scopes for uni­cast are:

The IPv6 Link-Local Scope


An address from a link-local scope is only valid on the direct­ly attached link (link-local, loop­back)
. It can­not be rout­ed or reached from out­side of this scope.

The IPv6 Unique Local Scope (ULA)


Address­es from the Unique Local Scope (Unique Local Address­es, also known as ULA) are sim­i­lar to IPv4 pri­vate address ranges from RFC1918, such as 10.0.0.0/8 and so on. They are routable with­in a pri­vate orga­ni­za­tion and not sup­posed to be rout­ed pub­licly on the Inter­net. Thus, the reach­a­bil­i­ty (scope) of this IPv6 address type is lim­it­ed to the orga­ni­za­tion. The same net­work range can be used by dif­fer­ent com­pa­nies and pri­vate enti­ties at the same time, so they are not unique.

The IPv6 Glob­al Scope (Uni­ver­sal Scope)

Address­es from the Glob­al Scope, also known as Uni­ver­sal Scope, are pub­lic IPv6 address­es with glob­al reach­a­bil­i­ty. This scope has no lim­i­ta­tions, is ful­ly unique and reg­is­tered via the cor­re­spond­ing Region­al Inter­net Reg­istry (RIR) to a provider (Local Inter­net Reg­istry, LIR) and then assigned to an end user or par­ty.

The IPv6 Site Local Scope (now dep­re­cat­ed)

The Site Local Scope has been dep­re­cat­ed, which means it is not used any­more, as per RFC3879 from 2004. It was cre­at­ed to address sites local­ly, inde­pen­dent from orga­ni­za­tion, sim­i­lar to a part of RFC1918 pri­vate IPv4 address­es.

IPv6 Mul­ti­cast Address Scopes

IPv6 Mul­ti­cast address scopes are very sim­i­lar to the uni­cast scopes.

In Mul­ti­cast, the 4th nib­ble (4th dig­it of the address) defines the scope of reach­a­bil­i­ty (ff0S::)

Val­ue Scope name Usage

0x1

inter­face-local
Inter­face-local scope spans only a sin­gle inter­face on a node, and is use­ful only for loop­back trans­mis­sion of mul­ti­cast.

0x2

link-local
Link-local and site-local mul­ti­cast scopes span the same topo­log­i­cal regions as the cor­re­spond­ing uni­cast scopes.

0x4

admin-local
Admin-local scope is the small­est scope that must be admin­is­tra­tive­ly con­fig­ured, i.e., not auto­mat­i­cal­ly derived from phys­i­cal con­nec­tiv­i­ty or oth­er, non- mul­ti­cast-relat­ed con­fig­u­ra­tion.

0x5

site-local
Link-local and site-local mul­ti­cast scopes span the same topo­log­i­cal regions as the cor­re­spond­ing uni­cast scopes.

0x8

orga­ni­za­tion-local
Orga­ni­za­tion-local scope is intend­ed to span mul­ti­ple sites belong­ing to a sin­gle orga­ni­za­tion.

0xe

glob­al
Glob­al­ly reach­able scope

Sub­net­ting IPv6 and IPv4

Sub­net­ting can be fun if you have under­stood the basics. We will do a quick review of IPv4 sub­net­ting here and then move on to the dif­fer­ences with IPv6 sub­net­ting.

How to Sub­net IPv4 Address­es and Net­works

IPv4 defines a net­work address and a broad­cast address. Since the late 1990s, only Class­less Inter Domain Rout­ing is used, also known as CIDR, so the nota­tion is always as fol­lows:

exam­ple net­work: 172.23.5.0/24

net­work mask (/24): 255.255.255.0

net­work address: 172.23.5.0

broad­cast address: 172.23.5.255

Sub­net­ting IPv4 Exam­ple #1
IPv4 Sub­net­ting Help­ing Table
Dig­it 8 7 6 5 4 3 2 1
Val­ue
128
64
32
16
8
4
2
1

172.23.5.1 (IP address, 32 bits, dec­i­mal)

10101100 . 00010111 . 00000101. 00000001 (bina­ry)

 

255.255.255.0 (sub­net mask, 24 bits, “/24”, dec­i­mal)

11111111 . 11111111 . 11111111 . 00000000 (bina­ry)

 

172.23.5.0 (net­work address, dec­i­mal)

10101100 . 00010111 . 00000101 . 00000000 (bina­ry)

 

172.23.5.255 (broad­cast address, dec­i­mal)

10101100 . 00010111 . 00000101 . 11111111 (bina­ry)

 

amount of address­es: 00000000 to 11111111 = 256 (.0 — .255)

 

172.23.6.0 (next net­work — net­work address, dec­i­mal)

10101100 . 00010111 . 00000110 . 00000000 (bina­ry)

Sub­net­ting IPv4 Exam­ple #2
IPv4 Sub­net­ting Help­ing Table
Dig­it 8 7 6 5 4 3 2 1
Val­ue
128
64
32
16
8
4
2
1

10.1.2.52 (IP address, 32 bits, dec­i­mal)

00001010. 00000001. 00000010. 00110100 (bina­ry)

 

255.255.255.224 (sub­net mask, 27 bits, “/27”, dec­i­mal)

11111111.11111111.11111111.11100000 (bina­ry)

 

10.1.2.32 (net­work address, dec­i­mal)

00001010 . 00000001 . 00000010 . 00100000 (bina­ry)

 

10.1.2.63 (broad­cast address, dec­i­mal)

00001010. 00000001. 00000010. 00111111 (bina­ry)

 

num­ber of address­es: 00100000 bis 00111111 = 32 (.32.63)

 

10.1.2.64 (next net­work — net­work address, dec­i­mal)

00001010. 00000001. 00000010. 01000000 (bina­ry)

IPv4 Sub­net­ting Cheat Sheet for Quick Ref­er­ence

The Inter­net has many IPv4 Sub­net­ting cheat sheets and cal­cu­la­tors. My favorite quick ref­er­ence is the one from Europe’s RIR, RIPE NCC:

Classless Inter-Domain Routing CIDR Chart

How to Sub­net IPv6 Address­es and Net­works

Well, now that you remem­ber how sub­net­ting with IPv4 works, and you know we had 32 bits of address with IPv4 — how does that work with IPv6? Will it be 4 times more com­pli­cat­ed? 2^96 times? No!

every­thing is eas­i­er!

2001:0db8:0003:0004:0005:0006:0007:000f
 (long form)

can be short­ened to ->

2001:db8:3:4:5:6:7:f

bina­ry: 2001 = 0010 0000 0000 0001

In IPv6 we have no (reserved) net­work address

We also have no broad­cast address (remem­ber, there is no broad­cast!)


Our pre­fix length is always spec­i­fied in slash nota­tion,
e.g. /64

Sub­net­ting IPv6 Exam­ple #1
IPv6 Sub­net­ting Help­ing Table
Dig­it 4 3 2 1
Val­ue
8
4
2
1

Exam­ple address:

2001:0db8:0003:0004:0005:0006:0007:000f (long form)

2001:db8:3:4:5:6:7:f (short­ened)

 

pre­fix length (net­work): /64

 

net­work start: 2001:0db8:0003:0004:0000:0000:0000:0000

net­work end: 2001:0db8:0003:0004:ffff:ffff:ffff:ffff

Sub­net­ting IPv6 Exam­ple #2
IPv6 Sub­net­ting Help­ing Table
Dig­it 4 3 2 1
Val­ue
8
4
2
1

Your allo­cat­ed net­work by this exam­ple is: 2001:0db8:0003::/48


you want to sub­net your /48 net­work into mul­ti­ple small­er net­works with a tar­get net­work size of /64


1st net­work: 2001:0db8:0003::/64

(2001:0db8:0003:0000::/64)


2nd net­work: 2001:0db8:0003:1::/64 (2001:0db8:0003:0001::/64)


last net­work: 2001:0db8:0003:ffff::/64


IPv6 Sub­net­ting Cheat Sheet for Quick Ref­er­ence

There are many IPv6 Sub­net­ting cheat sheets out there, my favorite is the IPv6 Sub­net­ting Card from RIPE NCC. The major net­work bound­aries are these:

IPv6 Subnetting Reference Chart Cheat Sheet

Spe­cial IPv6 Address­es you should remem­ber

There are some spe­cial and reserved address­es, which are:

::/128 unspec­i­fied address

  • all bits=0
  • can­not be used as des­ti­na­tion
  • can only be used tem­porar­i­ly and inter­nal­ly, until appli­ca­tion knows tar­get
  • equals IPv4 0.0.0.0/32)

 

::/0 default route

  • equals 0.0.0.0/0 in IPv4

 

::1/128 loop­back

  • uni­cast local­host address
  • equals 127.0.0.1/8 in IPv4

 

fe80::/10 link local (scope)

  • only unique and valid on the local­ly con­nect­ed link

 

fc00::/7 unique local (scope), also known as ULA

  • routable with­in an orga­ni­za­tion
  • sim­i­lar to RFC1918 pri­vate IP ranges

 

fec0::/10 site local (scope) — dep­re­cat­ed

  • not used any­more as per RFC3879
  • routable with­in an orga­ni­za­tion
  • suc­ces­sor: Unique Local Address­es (ULA) / Unique Local Scope

 

::ffff:0:0/96 IPv4-mapped IPv6

  • allows trans­par­ent IPv4 con­nec­tions of an IPv6-only appli­ca­tion over the IPv6 API (only one sock­et need­ed

 

2002::/16 6to4 Tun­nel­ing

  • addi­tion­al­ly an address out of 192.88.99.0/24 is used

 

2001::/32 Tere­do Tun­nel­ing

 

2001:db8::/32 Doc­u­men­ta­tion Pre­fix

  • for doc­u­men­ta­tion pur­pos­es, to be used in exam­ples, sim­i­lar to
 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24 in IPv4

Spe­cial IPv6 Mul­ti­cast Address­es

We have some spe­cial and reserved address­es for Mul­ti­cast use:

Address Pur­pose Avail­able Scopes

ff0X::1

All nodes address, iden­ti­fy the group of all IPv6 nodes
Avail­able in scope 1 (inter­face-local) and 2 (link-local):
• ff01::1 → All nodes in the inter­face-local
• ff02::1 → All nodes in the link-local

ff0X::2

All routers

Avail­able in scope 1 (inter­face-local), 2 (link-local) and 5 (site-local):

  ff01::2 → All routers in the inter­face-local

• ff02::2 → All routers in the link-local

• ff05::2 → All routers in the site-local

ff02::5

OSPF

2 (link-local)

ff02::6

OSPF Des­ig­nat­ed Routers

2 (link-local)

ff02::9

RIP Routers

2 (link-local)

ff02::a

EIGRP Routers

2 (link-local)

ff02::d

All PIM Routers

2 (link-local)

ff02::1a

All RPL Routers

2 (link-local)

ff0X::fb

mDNSv6

Avail­able in all scopes

ff0X::101

All Net­work Time Pro­to­col (NTP) servers

Avail­able in all scopes

ff02::1:1

Link Name

2 (link-local)

ff02::1:2

All-dhcp-agents

2 (link-local)

ff02::1:3

Link-local Mul­ti­cast Name Res­o­lu­tion

2 (link-local)

ff05::1:3

All-dhcp-servers

5 (site-local)

ff02::1:ff00:0/104

Solicit­ed-node mul­ti­cast address

2 (link-local)

ff02::2:ff00:0/104

Node Infor­ma­tion Queries
2 (link-local)

Thank You

Thank you for attend­ing the Orig­i­nal IPv6 Foun­da­tion Mas­ter Class! You can book­mark this site to use it as a quick ref­er­ence in case you need to re-read some­thing and you can share this page to social media and your friends and col­leagues. Stay tuned to this blog for more in-depth sto­ries like this one.

Rec­om­mend­ed Resources for addi­tion­al read­ing

Apart from the links through­out this course I rec­om­mend the fol­low­ing resources for addi­tion­al infor­ma­tion:

  1. The Inter­net Soci­ety (ISOC) IPv6 Por­tal
  2. Test your IPv6 con­nec­tiv­i­ty on test-ipv6.com
  3. The offi­cial IANA list of assigned IPv6 address space is very inter­est­ing
  4. The Google IPv6 deploy­ment sta­tis­tics
  5. The RIPE NCC IPv6 work­ing group and mail­ing list

Book rec­om­men­da­tions on IPv6

I can rec­om­mend the fol­low­ing 3 books (Ama­zon refer­ral links) which I enjoyed read­ing:

This con­cludes IPv6 Foun­da­tion Part 2: IPv6 Address­ing and Sub­net­ting of the orig­i­nal IPv6 Foun­da­tion Mas­ter Class.

Pre­vi­ous Part: IPv6 Foun­da­tion Part 1: What is IPv6

Next Part: IPv6 Foun­da­tion Part 3: IPv6 Head­ers & Exten­sion Head­ers

Share this post

Share on pocket
Share on reddit
Share on facebook
Share on twitter
Share on linkedin
Share on xing