Course Index |
---|
Part 1 – Introduction: What is IPv6 |
Part 2 – IPv6 Addressing & Subnetting |
Part 3 – IPv6 Headers & Header Extensions |
Part 4 – ICMPv6 & IPv6 Neighborships |
Part 5 – IPv6 Configuration, EUI-64, SLAAC & Dual Stack |
Part 6 – IPv6 DHCP (DHCPv6) |
Part 7 – IPv6 on Windows |
Part 8 – IPv6 on Linux |
Part 9 – IPv6 on Mac |
Part 10 – IPv6 DNS, Monitoring & Address Management |
Part 11 – IPv6 Routing |
Part 12 – IPv6 Security & Tunneling |
Part 13 – IPv6 Internet Connection & Address Planning |
IPv6 Addressing and Subnetting
About IPv6 Addressing
IPv4 addresses are 32 bits in length (that’s 0s and 1s) and IPv6 addresses have 128 bits (of 0s and 1s). The news is also, that we use hexadecimal notation and colons : to display the new addresses!
Have a look:
How an IPv6 address is displayed
You get used to the new notation quickly, I promise!
There are a couple of rules to follow:
1. there are 8 groups with 4 hexadecimal digits each
2. invididual digits are called nibble
3. each group represents 16 bits, separated by colon (:)
Example: 2001:0db8:85a3:0000:0000:0000:0070:7334
This is a real and complete IPv6 address! But it is a bit long, so it can be shortened and still be valid and complete:
1. leading zeros can be omitted:
2001:0db8:85a3:0000:0000:0000:0070:7334
can be shortened to ->
2001:db8:85a3:0:0:0:70:7334
2. groups of zeros can be replaced by double colon :: (only once per address, to be unique!):
2001:db8:85a3:0:0:0:70:7334
can be shortened to ->
2001:db8:85a3::70:7334
Types of Communication in IP
In network communication and independent from the protocol version (v4 or v6) there are different types and scopes that we will review now. If you already know about these types, you can skip ahead if you like or use it as a recap.
Unicast IP Communication
Sending a message to a single, unique address (destination)
Broadcast IP Communication
Sending a message to multiple destinations simultaneously. Ethernet and IPv4 use broadcast addresses to reach all clients on the local network!
Multicast IP Communication
Sending a message to a group (destination) simultaneously, targeting only group members. This is used regularly in IPTV, where you can subscribe to the corresponding multicast group and then received the corresponding TV channel stream over the Internet, instead of receiving all channels all the time.
Anycast IP Communication
Sending a message to a single, unique address (destination), that is used by multiple hosts. The nearest host is automatically selected. In most implementations BGP is used and the lowest hop count (lowest distance) to the target address is used. Anycast is regularly used for global DNS deployments, like with Google’s 8.8.8.8 DNS service or Cloudflare’s 1.1.1.1 DNS service
Communication Types for IPv4 and IPv6
Broadcast was used with IPv4 but is not used with IPv6 anymore, because the amount of addresses in a single IPv4 network was limited or at least much less, so reaching everybody on the network could be handled. Broadcast in IPv4 was also used to make sure the address, received by DHCP, was unique. The same does not scale at all for the very large IPv6 networks, so the use of broadcast transmission was removed from the new protocol specifications.
IPv6 Address Scopes
Different address scopes are used to define which kind of reachability an assigned address has. This helps scale the network and could also be used as a security measure. In best practice I would still highly recommend only using addresses from Global Scope (Universal Scope) and securing your network with a firewall.
The different address scopes for unicast are:
The IPv6 Link-Local Scope
An address from a link-local scope is only valid on the directly attached link (link-local, loopback). It cannot be routed or reached from outside of this scope.
The IPv6 Unique Local Scope (ULA)
Addresses from the Unique Local Scope (Unique Local Addresses, also known as ULA) are similar to IPv4 private address ranges from RFC1918, such as 10.0.0.0/8 and so on. They are routable within a private organization and not supposed to be routed publicly on the Internet. Thus, the reachability (scope) of this IPv6 address type is limited to the organization. The same network range can be used by different companies and private entities at the same time, so they are not unique.
The IPv6 Global Scope (Universal Scope)
Addresses from the Global Scope, also known as Universal Scope, are public IPv6 addresses with global reachability. This scope has no limitations, is fully unique and registered via the corresponding Regional Internet Registry (RIR) to a provider (Local Internet Registry, LIR) and then assigned to an end user or party.
The IPv6 Site Local Scope (now deprecated)
The Site Local Scope has been deprecated, which means it is not used anymore, as per RFC3879 from 2004. It was created to address sites locally, independent from organization, similar to a part of RFC1918 private IPv4 addresses.
IPv6 Multicast Address Scopes
IPv6 Multicast address scopes are very similar to the unicast scopes.
In Multicast, the 4th nibble (4th digit of the address) defines the scope of reachability (ff0S::)
Value | Scope name | Usage |
---|---|---|
0x1 | interface-local | Interface-local scope spans only a single interface on a node, and is useful only for loopback transmission of multicast. |
0x2 | link-local | Link-local and site-local multicast scopes span the same topological regions as the corresponding unicast scopes. |
0x4 | admin-local | Admin-local scope is the smallest scope that must be administratively configured, i.e., not automatically derived from physical connectivity or other, non- multicast-related configuration. |
0x5 | site-local | Link-local and site-local multicast scopes span the same topological regions as the corresponding unicast scopes. |
0x8 | organization-local | Organization-local scope is intended to span multiple sites belonging to a single organization. |
0xe | global | Globally reachable scope |
Subnetting IPv6 and IPv4
Subnetting can be fun if you have understood the basics. We will do a quick review of IPv4 subnetting here and then move on to the differences with IPv6 subnetting.
How to Subnet IPv4 Addresses and Networks
IPv4 defines a network address and a broadcast address. Since the late 1990s, only Classless Inter Domain Routing is used, also known as CIDR, so the notation is always as follows:
example network: 172.23.5.0/24
network mask (/24): 255.255.255.0
network address: 172.23.5.0
broadcast address: 172.23.5.255
Subnetting IPv4 Example #1
IPv4 Subnetting Helping Table
Digit | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 |
---|---|---|---|---|---|---|---|---|
Value | 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
172.23.5.1 (IP address, 32 bits, decimal)
10101100 . 00010111 . 00000101. 00000001 (binary)
255.255.255.0 (subnet mask, 24 bits, “/24”, decimal)
11111111 . 11111111 . 11111111 . 00000000 (binary)
172.23.5.0 (network address, decimal)
10101100 . 00010111 . 00000101 . 00000000 (binary)
172.23.5.255 (broadcast address, decimal)
10101100 . 00010111 . 00000101 . 11111111 (binary)
amount of addresses: 00000000 to 11111111 = 256 (.0 – .255)
172.23.6.0 (next network – network address, decimal)
10101100 . 00010111 . 00000110 . 00000000 (binary)
Subnetting IPv4 Example #2
IPv4 Subnetting Helping Table
Digit | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 |
---|---|---|---|---|---|---|---|---|
Value | 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
10.1.2.52 (IP address, 32 bits, decimal)
00001010. 00000001. 00000010. 00110100 (binary)
255.255.255.224 (subnet mask, 27 bits, “/27”, decimal)
11111111.11111111.11111111.11100000 (binary)
10.1.2.32 (network address, decimal)
00001010 . 00000001 . 00000010 . 00100000 (binary)
10.1.2.63 (broadcast address, decimal)
00001010. 00000001. 00000010. 00111111 (binary)
number of addresses: 00100000 bis 00111111 = 32 (.32 – .63)
10.1.2.64 (next network – network address, decimal)
00001010. 00000001. 00000010. 01000000 (binary)
IPv4 Subnetting Cheat Sheet for Quick Reference
The Internet has many IPv4 Subnetting cheat sheets and calculators. My favorite quick reference is the one from Europe’s RIR, RIPE NCC:
How to Subnet IPv6 Addresses and Networks
Well, now that you remember how subnetting with IPv4 works, and you know we had 32 bits of address with IPv4 – how does that work with IPv6? Will it be 4 times more complicated? 2^96 times? No!
everything is easier!
2001:0db8:0003:0004:0005:0006:0007:000f (long form)
can be shortened to ->
2001:db8:3:4:5:6:7:f
binary: 2001 = 0010 0000 0000 0001
In IPv6 we have no (reserved) network address
We also have no broadcast address (remember, there is no broadcast!)
Our prefix length is always specified in slash notation, e.g. /64
In IPv6, 1 nibble (1 hex digit) equals 4 bits
Subnetting IPv6 Example #1
IPv6 Subnetting Helping Table
Digit | 4 | 3 | 2 | 1 |
---|---|---|---|---|
Value | 8 | 4 | 2 | 1 |
Example address:
2001:0db8:0003:0004:0005:0006:0007:000f (long form)
2001:db8:3:4:5:6:7:f (shortened)
prefix length (network): /64
network start: 2001:0db8:0003:0004:0000:0000:0000:0000
network end: 2001:0db8:0003:0004:ffff:ffff:ffff:ffff
In total 18,446,744,073,709,551,616 IPv6 client addresses are available in a single /64 network (16^16 or 2^64)
Subnetting IPv6 Example #2
IPv6 Subnetting Helping Table
Digit | 4 | 3 | 2 | 1 |
---|---|---|---|---|
Value | 8 | 4 | 2 | 1 |
Your allocated network by this example is: 2001:0db8:0003::/48
you want to subnet your /48 network into multiple smaller networks with a target network size of /64
1st network: 2001:0db8:0003::/64
(2001:0db8:0003:0000::/64)
2nd network: 2001:0db8:0003:1::/64 (2001:0db8:0003:0001::/64)
last network: 2001:0db8:0003:ffff::/64
in total (2^4)^4 = 65.536 /64 networks can be created our of a single /48 IPv6 network!
IPv6 Subnetting Cheat Sheet for Quick Reference
There are many IPv6 Subnetting cheat sheets out there, my favorite is the IPv6 Subnetting Card from RIPE NCC. The major network boundaries are these:
Special IPv6 Addresses you should remember
There are some special and reserved addresses, which are:
::/128 unspecified address
- all bits=0
- cannot be used as destination
- can only be used temporarily and internally, until application knows target
- equals IPv4 0.0.0.0/32)
::/0 default route
- equals 0.0.0.0/0 in IPv4
::1/128 loopback
- unicast localhost address
- equals 127.0.0.1/8 in IPv4
fe80::/10 link local (scope)
- only unique and valid on the locally connected link
fc00::/7 unique local (scope), also known as ULA
- routable within an organization
- similar to RFC1918 private IP ranges
fec0::/10 site local (scope) – deprecated
- not used anymore as per RFC3879
- routable within an organization
- successor: Unique Local Addresses (ULA) / Unique Local Scope
::ffff:0:0/96 IPv4-mapped IPv6
- allows transparent IPv4 connections of an IPv6-only application over the IPv6 API (only one socket needed
2002::/16 6to4 Tunneling
- additionally an address out of 192.88.99.0/24 is used
2001::/32 Teredo Tunneling
2001:db8::/32 Documentation Prefix
- for documentation purposes, to be used in examples, similar to 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24 in IPv4
Special IPv6 Multicast Addresses
We have some special and reserved addresses for Multicast use:
Address | Purpose | Available Scopes |
---|---|---|
ff0X::1 | All nodes address, identify the group of all IPv6 nodes | Available in scope 1 (interface-local) and 2 (link-local): • ff01::1 → All nodes in the interface-local • ff02::1 → All nodes in the link-local |
ff0X::2 | All routers |
Available in scope 1 (interface-local), 2 (link-local) and 5 (site-local): • ff01::2 → All routers in the interface-local • ff02::2 → All routers in the link-local • ff05::2 → All routers in the site-local |
ff02::5 | OSPF |
2 (link-local) |
ff02::6 | OSPF Designated Routers |
2 (link-local) |
ff02::9 | RIP Routers |
2 (link-local) |
ff02::a | EIGRP Routers |
2 (link-local) |
ff02::d | All PIM Routers |
2 (link-local) |
ff02::1a | All RPL Routers |
2 (link-local) |
ff0X::fb | mDNSv6 |
Available in all scopes |
ff0X::101 | All Network Time Protocol (NTP) servers |
Available in all scopes |
ff02::1:1 | Link Name |
2 (link-local) |
ff02::1:2 | All-dhcp-agents |
2 (link-local) |
ff02::1:3 | Link-local Multicast Name Resolution |
2 (link-local) |
ff05::1:3 | All-dhcp-servers |
5 (site-local) |
ff02::1:ff00:0/104 | Solicited-node multicast address |
2 (link-local) |
ff02::2:ff00:0/104 | Node Information Queries | 2 (link-local) |
Recommended Resources for additional reading
Apart from the links throughout this course I recommend the following resources for additional information:
- The Internet Society (ISOC) IPv6 Portal
- Test your IPv6 connectivity on test-ipv6.com
- The official IANA list of assigned IPv6 address space is very interesting
- The Google IPv6 deployment statistics
- The RIPE NCC IPv6 working group and mailing list
Book recommendations on IPv6
I can recommend the following 3 books which I enjoyed reading:
This concludes IPv6 Foundation Part 2: IPv6 Addressing and Subnetting of the original IPv6 Foundation Master Class.
Previous Part: IPv6 Foundation Part 1: What is IPv6
Next Part: IPv6 Foundation Part 3: IPv6 Headers & Extension Headers