Quick Summary for IPv6 Theory
This is a dynamically expanded article where I will collect basic theory information about IPv6 for quick reference to myself. This article will expand as I encounter new information about IPv6 that is interesting to be added here. So the quality of this summary I hope to expand over time.
Contents
IPv6 Address Representation
Address space of IPv6 is 128 bits long. This mean that there is 2^128 of possible combinations that is roughly 3.4 * 10^38 logical unique addresses.
Typical representation is by using hexadecimal notation of X:X:X:X:X:X:X:X where X is case-insensitive 16bit field (mostly represented by 4x hexadecimal characters).
Example:
2031:0000:130f:0000:0000:09c0:876a:130b
There are ways to make this a bit shorter if there are sequences of “0000” in the address.
1) Leading zeroes in 16bit field are optional, so you can shorten “:09c0:” to “:9c0:”.
2) Group of 0 zeroes can be shorten to one zero like: “:0000:” -> “:0:”.
3) Continuos group or even whole fields of zeroes can be shorten like : “:0000:0000:” -> “::”. But only once inside an address!
Using this way of shortening address, the previous example can be shorten as this:
2031:0000:130f:0000:0000:09c0:876a:130b
is identical to
2031:0:130f::9c0:876a:130b
IPv6 Address Structure
Unicast addresses are divided to two major field, first 64bits identify network, the second 64bits identify interface in IPv6 network. Note there will be no more “bits” borrowing and classical subnetting from IPv4 will change significantly.
NOTE: Interface ID can be also created dynamically in Ethernet network using MAC address (more info below).
Multicast address identify a set of interfaces, to identify a multicast address, first 8 bits are all ones or “FF”. All multicast IPv6 addresses start as “FF……”. Followed by 4bit “flag field” and 4 bit “scope field” and a 112bit “group ID”.
4bit Flag field:
“0” -> reserved and must be 0
R -> Indicates randezvous point and is almost always set to 0
P -> Indicates prefix dependency and is almost always set to 0
T -> Temporary bit. For a temporary unicast address set to 1.
NOTE: if R is 1, then P and T is also set to 1.
4bit Scope field:
Depending on the value of the 4 bits
1 = Interface Local
2 = Link Local
3 = Subnet Local
4 = Admin Local
5 = Site Local
8 = Organization
E = Global
NOTE: There is no TTL field in IPv6 multicast. So scoping is defined inside the address
Example: FF02::/16 is Multicast permanent address with Link-Local scope.
Types of IPv6 Unicast Addresses
Link-Local IPv6 Unicast Address is basic type of IPv6 and every IPv6 enabled interface must generate itself automatically this address. To generate link local address, interface takes link-local reserved prefix fe80::/10 and a 64bit interface ID.
When communicating with Link-Local IPv6 addresses, you have to specify outgoing interface as the same subnet is essentially on all these interfaces.
Global IPv6 Unicast Address is for principal use of IP addressing. The structure is as follows:
- Global routing prefix, typically /48 that is assigned by ISP
- A subnet ID, typically 16 bits that identify links inside a site
- Interface ID that is 64 bits
Local IPv6 Unicast Addresses are designed as a replacement for a site-local addresses, specifically to resolve scoping issues. These addresses use reserved FD00::/8 prefix, followed by 40 bits of random identifier (generated by SHA-1 with input of 64bit time + universal EUI-64 identifier), then administrator is free to do local subnetting in 16 bits and last 64bit is typical Interface ID.
Anycast IPv6 Addresses are used in “one-to-many” or better “one-to-nearest” needs. When a packet is sent to this
address, it is routed to the nearest interface that has this address. The nearest is found by using metrics in routing protocols.
The Anycast addresses are allocated from global IPv6 pool and are undistinguished from normal unicast addresses. Node using anycast address must be explicitly configured to know this is an anycast address.
NOTE: In today IPv4 Internet, this function is currently done by DNS servers that resolved hostnames with the nearest IPv4 unicast address as a form one-to-nearest system for hosting wold-wide services. So IPv6 anycast is underused today.
Special purpose IPv6 Unicast Addresses
Unspecified address:
0:0:0:0:0:0:0:0 – used until DHCP or until IPv6 is generated automatically
Loopback IPv6 Address:
0:0:0:0:0:0:0:1 – same as 127:0:0:1
IPv4 mapped addresses:
Used to represent IPv4 address nodes as IPv6 addresses
Used for next-hop representation in Cisco 6PE and 6VPE
Used in network stack when both address families are processed internally as IPv6
To generate IPv4 to IPv6 mapped address, simply add 0:0:0:0:0:FFFF:<IPv4> in front of the IPv4 32 bits as follows:
IPv6 Header
IPv6 header is 40 Bytes (octets) long. This is its structure:
Version – 4 bit that contains the number 6 instead of 4 in IPv4.
Traffic Class – This 8 bit field is like Type of Service field in IPv4. So preferential treatment can be mapped to a packed by marking in this field.
Flow label – this 20bit field can be used to mark each flow (for example one TCP session or UDP stream) to give per-flow non-default treatment to it if needed.
Payload Length – This 16 bit field is like “Total Length” in IPv4, but in IPv6 this describes the length of payload only (IPv4 Total Length counted IPv4 header length to the number).
Next Header – Determines the header/information following the IPv6 header. It can be either another encapsulated protocol like TCP/UDP, or IPv6 extension header.
Hop Limit – 8 bit field that acts similarrly like TTL in IPv4.
Source Address – 128 bits of source IPv6 address
Destination Address – 128 bits of destination IPv6 address
IPv6 Address Asssigment
Static Interface ID can be assigned manually or automatically generated from MAC address using EUI-64.
Dynamic Interface ID can be assigned by DHCPv6 (statefully) or stateless* be negotiating with the nearest IPv6 router.
* In stateless configuration the host sends “Router Solicitation” message on Link-Local subnet requesting prefix information from nearby router on that segment. The router responds sending the host prefix/default gateway/DNS information. Host combines received prefix with his autogenerated Interface ID to create his global unicast IPv6 address.
ICMPv6
The ICMPv6 has a few changes that needs to be mentioned in comparison to the ICMPv4 (in IPv4).
First, the codes used to identify type of message have changed. Quick overview table:
ICMP types:
- Destination Unreachable – IPv4: 3 – IPv6: 1
- Packet Too Big – IPv4: NONE – IPv6: 2
- Fragmentation Needed – IPv4: 3 – IPv6: NONE
- Time Exceeded – IPv4: 11 – IPv6: 3
- Parameter Problem – IPv4: 12 – IPv6: 4
- Echo Request – IPv4: 8 – IPv6: 128
- Echo Reply – IPv4: 0 – IPv6: 129
An ICMP type 2 (in IPv6 only) error message is an integral piece of discovering the maximum MTU of the path to the destination. Unlike the IPv4 version that only reported the reason of packet drop is MTU, in ICMPv6 the can carry exactly the next-link MTU so that the source can quickly adjust.
ICMP and IPv6 Neighbor Discovery
ICMP in IPv6 also takes several additional functions using IPv6 link-local multicast
- Determines the layer 2 address of a neighbor on the same link (just like ARP does in IPv4).
- Dynamically finds neighbor routers
- Keeps track of neighbors
ICMPv6 type 133 – Router Solicitation
A node sends its address in the early stage of the boot process. Instead of waiting for the next router advertisement to get the information. This message essentially asks all routers on the link to reply immediately with Router Advertisement (instead of waiting for their periodic Router Advertisements).
ICMPv6 type 134 – Router Advertisement
Router Advertisements are send periodically or as a reply to Router Solicitation messages.
ICMPv6 type 135 – Neighbor Solicitation
Neighbor solicitation is a process of determining the data link layer address of a neighbor. This is the same function as ARP does, but uses link-local multicast ICMPv6.
ICMPv6 type 136 – Neighbor Advertisement
neighbor advertisement works with neighbor solicitation to do layer 2 address resolution function (instead of ARP in IPv4). Neighbor Advertisement is either sent graciously after self configuration or as a reply to Neighbor Solicitation message and holds layer 2 data link address of the source node.
ICMPv6 type 137 – Redirect Message
A router gives Redirect Message to signal the rerouting of a packet to a better on-link router. The receiving node reroutes all subsequent packets to the target router.