IPV6 is fun. Part 1

I had an idea to acquaint the Habr public with IPv6 and protocol configuration based on this wonderful and still poorly studied protocol by network experts. For these purposes, I will focus on two main vendors, these are Juniper and Cisco. My article will consist of three parts. In the first part I will collect all the most boring, but very necessary theory. Consider the fields of the ipv6 protocol, principles of operation, subnetting and set myself the task of focusing as much as possible on the difference between it and your favorite IPv4.

Well, let's begin, and we will begin with the plan.


• IPv6 header versus IPv4
• Representation of IPv6 addresses
• IPv4 and IPv6 sharing
• Address types • Subnetting


The depletion of IPv4 address space has been motivating factors for moving to IPv6. Since Africa, Asia and other parts of the world are gaining more and more connections to the global Internet, which leads to a lack of IPv4 addresses. On Monday January 31, 2011, IANA highlighted the latter, 8 IPv4 address blocks for RIRs. According to experts, these addresses will be occupied from 2015-2020. But besides the lack of address space, IPv6 has some advantages over IPv4, which we will discuss in this article. IPv6 is designed as a successor to IPv4. IPv6 has more than 128-bit address space, which is enough for 340 undecillion addresses. (This is 340 followed by 36 zeros.) However, IPv6 is not just big addresses. When IETF experts began the development of an IPv4 successor,
Programmers are constantly competing with the universe: they are trying to create more and more idiotic-resistant programs, and the universe is creating more and more perfect idiots. So far, the Universe is winning. (Rich Cook)

IPv6 header versus IPv4

One of the major design improvements over IPv6 over IPv4 is the simplified IPv6 header. An IPv4 header consists of 20 octets (up to 60 bytes if the "Parameters" field is used) and 12 main fields of the header, not taking into account the "Parameters" and "Placeholder" fields. An IPv6 header consists of 40 octets (mainly due to the length of the source and destination IPv6 addresses) and 8 header fields (3 main IPv4 header fields and 5 additional fields). In addition, a new field has been added to IPv6 that is not used in IPv4. The simplified IPv6 header offers several advantages over IPv4: increased routing efficiency for scalable performance and forwarding speed; no checksum processing required; simplified and more efficient extension header mechanisms (as opposed to the Parameters field in IPv4); the “Stream Label” field is intended for processing by streams without the need to open the transport internal package to identify various traffic flows. The following fields are used in the IPv6 packet header:

Version : A field containing a 4-bit binary value that defines the version of the IP packet. For IPv6 packets, this field is always set to 0110.

Traffic class : 8-bit field corresponding to the "Differentiated Services (DS)" field in the IPv4 header. It also contains the 6-bit differential service code point (DSCP) value used to classify packets, as well as the 2-bit explicit congestion notification (ECN) value used to control traffic congestion.

Stream Label : A 20-bit field that provides a dedicated service for real-time applications. Using this field, information is transmitted to routers and switches about the need to maintain the same path for the packet flow, which will help to avoid reordering them.

Payload Length : A 16-bit field corresponding to the Total Length field in the IPv4 header. It determines the size of the entire package (fragment), including the header and additional extensions.

Next heading: The 8-bit field corresponding to the Protocol field in the IPv4 header. It indicates the type of data payload that the packet carries, which allows the network layer to forward data to the corresponding higher-level protocol. This field is also used when additional extension headers are added to the IPv6 packet.

Transition limit: An 8-bit field that replaces the Time To Live (TTL) field in IPv4. This value is reduced by one by each router forwarding the packet. When the counter reaches 0, the packet is discarded, and an ICMPv6 message is sent to the sending host, which means that the packet has not reached its destination.

Source Address - A 128-bit field that identifies the IPv6 address of the receiving node.

Destination Address : A 128-bit field that identifies the IPv6 address of the receiving node.

The main problem of programmers is that their mistakes cannot be predicted. (Seymour Cray)

Representation of IPv6 Addresses

The length of IPv6 addresses is 128 bits, written as a string of hexadecimal values. The bits are represented by one hexadecimal digit, and the total number of hexadecimal values ​​is 32. There will be no examples of translation from the hexadecimal system to binary and decimal. Any self-respecting network specialist should be able to translate from different number systems in his mind, because network specialists do not get money for beautiful eyes - and not small ones.

We will describe two important rules for the correct presentation of IPv6 addresses.

1) Rule number 1:
The first rule to reduce the recording of IPv6 addresses is to skip all leading 0s in hexadecimal notation. For example:
01AB can be represented as 1AB
09F0 can be represented as 9F0
0A00 can be represented as A00
00AB can be represented as AB

This rule applies only to leading zeros, NOT to subsequent ones, otherwise the address will be written unclear. For example, the hexadecimal number “ABC” can be represented as “0ABC” or “ABC0”.

2) Rule number 2:
The second rule for shortening the IPv6 address entry is that a double colon (: :) can replace any single, adjacent line of one or more 16-bit segments (hextets) consisting of zeros. The double colon (: :) can be used in an address only once.

Invalid address:
2001: 0DB8 :: ABCD :: 1234

Possible extensions of ambiguously written compressed addresses:
2001: 0DB8 :: ABCD: 0000: 0000: 1234
2001: 0DB8 :: ABCD: 0000: 0000: 0000: 1234
2001: 0DB8: 0000: ABCD :: 1234
2001: 0DB8: 0000: 0000: ABCD :: 1234

Learn theory first. Then get your own programming style. And finally, forget about this nonsense and just write the code. (George Carrette)

IPv4 and IPv6 sharing types

Dual Stack : The dual stack allows IPv4 and IPv6 to coexist on the same network. Dual stack devices work simultaneously with the IPv4 and IPv6 protocol stacks (figure attached):

Tunneling is a way of transporting IPv6 packets over an IPv4 network. The IPv6 packet is encapsulated inside the IPv4 packet, like other data types.

Translation - Network Address Translation 64 (NAT64) allows IPv6-enabled devices to communicate with IPv4-enabled devices using a translation method similar to the NAT-to-IPv4 translation method. An IPv6 packet is converted to a IPv4 packet and vice versa.

Learn theory first. Then get your own programming style. And finally, forget about this nonsense and just write the code. (George Carrette)

Types of IPv6 Addresses

There are three types of IPv6 addresses:

Unicast (individual) - Used to determine the interface on a device running IPv6

Multicast protocol (Group) - Used to send packets to several destination addresses (Replaced Broadcast address, there is an IPv6 address for all nodes, which gives a similar result.)

Anycast - Any individual address that can be assigned to multiple devices. A packet sent to an arbitrary mailing address is sent to the nearest device with this address.

To familiarize yourself with the types of addresses, we need the following information: the prefix, or the network part of the IPv4 address, can be indicated by a subnet mask in decimal format with dividing dots or the prefix length (slash entry). For example, an IP address of with a subnet mask in decimal format with dividing dots is equivalent to the entry

IPv6 uses the prefix length to indicate part of the address prefix. IPv6 does not use a dotted decimal notation for the subnet mask. The prefix length indicates the network portion of the IPv6 address using the address or IPv6 prefix length. The prefix length range is from 0 to 128. The traditional IPv6 prefix length for local and other types of networks is / 64. This means that the prefix or network part of the address is 64 bits long and the remaining 64 bits remain for the interface identifier (node ​​part) of the address.

Education in the field of computer technology just will not make you an excellent programmer, just as studying brushes and paints will not make you an excellent artist. (Eric Raymond)

Unicast IPv6 Addresses

Unicast address is used to determine the interface of a device running IPv6 protocol. A packet that is sent to a unicast address will be received by the interface assigned to this address. As with IPv4, the IPv6 address must be unique.

There are six types of Unicast addresses:

Global unicast address The
global unicast address is not much different from a public IPv4 address. These Internet route destinations are unique throughout the world. Global individual addresses can be configured statically or assigned dynamically.

Local IPv6 address of the channel allows the device to exchange data with other devices running IPv6 on the same channel and only on this channel (subnet). Packets with a local source or destination channel address cannot be routed outside the channel in which the packet is created. Unlike local IPv4 channel addresses, local IPv6 channel addresses play an important role in various aspects of a network. A global individual address is optional. However, to maintain the local channel address, a network interface under the control of IPv6 is required. If the local channel address is not manually configured on the interface, the device automatically creates its own address without accessing the DHCP server. Hosts running IPv6 create a local IPv6 link address even if if the device has not been assigned a global IPv6 address. This allows devices running IPv6 to communicate with other devices running IPv6 on the same subnet, including the default gateway (router). The local IPv6 addresses of the channel are in the range of FE80 :: / 10. /10

Loopback The
loopback address is used by the node to send the packet to itself and cannot be assigned to the physical interface. As with the loopback IPv4 address, to check the TCP / IP settings on the local host, you can send an echo request to the loopback IPv6 address. The IPv6 loopback address consists of zeros, with the exception of the last bit, which looks like :: 1/128 or just :: 1 in compressed format.

Unspecified address
An undefined address consists of zeros and is represented in compressed format as :: / 128 or simply :: It cannot be assigned to an interface and is used only as a source address in an IPv6 packet. An undefined address is used as the source address when the device has not yet been assigned a fixed IPv6 address or when the source of the packet does not belong to the destination.

Unique local
Unique local - IPv6 addresses have some common features with private RFC 1918 addresses for IPv4, but there are significant differences between them. Unique local addresses are used for local addressing within a node or between a limited number of nodes. These addresses should not be routed in the global IPv6 protocol. Unique local addresses range from FC00 :: / 7 to FDFF :: / 7. In the case of IPv4, private addresses are combined with network port and address translation (NAT / PAT) to enable conversion of addresses from private to public. This is due to a lack of IPv4 address space. Many sites also use the private nature of RFC 1918 addresses to provide security or to protect the network from potential threats. However, such a measure has never been the goal of using these technologies, and the IETF has always recommended taking the right precautions when using a router on the Internet. Although IPv6 provides specific addressing for sites, it is not intended to hide internal IPv6 devices from the IPv6 Internet. IETF recommends restricting access to devices with the best security measures

IPv4 embedded
The last of the considered types of individual addresses are embedded IPv4 addresses. Using these addresses facilitates the transition from IPv4 to IPv6.

Global unicast address
Global unicast IPv6 addresses are unique worldwide and are available for routing over IPv6 Internet. These addresses are equivalent to public IPv4 addresses. Currently, only global individual addresses are assigned with the first three bits 001 or 2000 :: / 3. This is only 1/8 of the total IPv6 address space available. Address 2001: 0DB8 :: / 32 was reserved for documentation, including for use in the examples.

The global individual address consists of three parts:
Global Routing Prefix - The global routing prefix is ​​the prefix or network part of the address assigned by the Internet service provider to the customer or host. Currently, / 48 is the prefix of global routing that Internet registrars currently assign to their customers - corporate networks and individual users. This address space is more than enough for most customers.
Subnet ID - The subnet ID is used by organizations to designate the subnets in each node.
Interface Identifier - The IPv6 interface identifier is equivalent to the host portion of the IPv4 address. The term “interface identifier” is used when one node can have several interfaces, each of which has one or more IPv6 addresses.

EUI-64 process- The IEEE has developed an Extended Unique Identifier (EUI) or a modified EUI-64 process. This process uses the 48-bit MAC address of the Ethernet client and inserts another 16 bits into the middle of this address to create a 64-bit interface identifier. The advantage of the EUI-64 Ethernet MAC address is that it can be used to determine the interface identifier. In addition, network administrators can easily track IPv6 addresses to endpoint devices using a unique MAC address. However, this worries other users due to a threat to their privacy. They are worried that their packages can be tracked to a physical computer. To avoid such complications, you can use a randomly generated interface identifier. Depending on the operating system, the device may use a randomly generated interface identifier instead of MAC addresses and EUI-64. All this operation is needed when configuring DHCPv6

In the world there is no programming language in which developers could not write a bad program. (Larry Flon)

Multicast IPv6

Not much different from multicast IPv4 addresses. As you remember, multicast address is used to send one packet to one or several destinations (multicast group). Multicast IPv6 addresses are prefixed with FF00 :: / 8. Multicast addresses can only be destination addresses, not source addresses. There are two types:

1) IPv6 multicast addresses:
2) assigned multicast address;

1) The multicast address of the requested host. Assigned multicast addresses are reserved for specific device groups. An assigned multicast address is one address used to communicate with a group of devices running on the same protocol or service. Assigned multicast addresses are used with specific protocols, such as DHCPv6.

Consider two common groups of assigned IPv6 multicast addresses.

Multicast group for all nodes FF02 :: 1 - This is a multicast group to which all devices running IPv6 are connected. A packet sent to this group is received and processed by all IPv6 interfaces in a channel or network. This group of addresses works just like a broadcast address in IPv4.
Multicast Group for All Routers FF02 :: 2 - This is a multicast group to which all IPv6 routers are connected. A packet sent to this group is received and processed by all IPv6 routers in a channel or network.

The multicast address of the requested host is an address that matches only 24 bits of the device’s global individual IPv6 address. Only those devices that have the same 24 bits in the least significant, right-most part of the interface identifier should process these packets.

2) The IPv6 multicast address of the requested node is automatically created when a global individual address or a local channel address is assigned. The IPv6 group address of the requested node is created by combining the special prefix FF02: 0: 0: 0: 0: 1: FF00 :: / 104 with the rightmost 24 bits of its individual address.

The multicast address of the requested node consists of 2 parts.

Group prefix FF02: 0: 0: 0: 0: 1: FF00 :: / 104: first 104 bits of the group address of the requested node.
Least significant 24 bits: The last or rightmost 24 bits of the multicast address of the requested node. These bits are copied from the rightmost 24 bits of the global individual address or the local channel address of the device.
It is possible that multiple devices will have the same multicast address of the requested node. Quite rarely, in the identifiers of the device interface, the same rightmost 24 bits are found. This does not entail any problems, because the device will still process the encapsulated message, which contains the full IPv6 address of the requested device.

If debugging is the process of removing errors, then programming should be the process of introducing them. (Edsger W. Dijkstra)


Subnetting an IPv6 network implies a different approach than subnetting an IPv4 network. The space of IPv6 addresses is not split up to save addresses, but to provide a hierarchical logical network structure. IPv6 subnetting is possible in two ways, which I will outline below and add pictures for better understanding.

Subnetting Using Subnet ID: As you recall, the IPv6 address block with the / 48 prefix contains 16 bits of the subnet ID, as shown in the figure. Subnetting using 16 bits of a subnet identifier gives 65,536 possible / 64 subnets. Therefore, there is no need to borrow bits from the interface identifier or the host part of the address. Each IPv6 / 64 subnet contains approximately 18 quintillion addresses, which is obviously much more than ever needed on a single IP network segment. Subnets created from a subnet ID are easy to imagine, since you don't need to convert to binary . To determine the next available subnet, it is enough to calculate the next hexadecimal number. You need to apply the calculation of part of the subnet identifier in the hexadecimal notation. The global routing prefix is ​​the same for all subnets. For each subnet, only a four-bit byte of the subnet identifier is incremented.

Subnetting using an interface identifier- In IPv6 networks, by analogy with borrowing bits from the host part of an IPv4 address, you can borrow bits from an interface identifier to create additional IPv6 subnets. This is usually done for security reasons, in order to reduce the number of nodes in the subnet and create additional subnets. When extending a subnet identifier by borrowing bits from an interface identifier, it is recommended that you create a subnet at the nibble boundary. A nibble is 4 bits or one hexadecimal digit. The / 64 subnet prefix expands by four bits or one nibble to the / 68 subnet. This reduces the identifier size by 4 bits (from 64 to 60). Subnetting along a nibble boundary is only relevant for subnet masks aligned to a nibble. Beginning with / 64, subnet-aligned masks will be masks / 68, / 72, / 76, / 80, etc. Subnetting along the nibble border allows you to create subnets using an optional hex value. You can create a subnet within a nibble using a hexadecimal digit, but this is not recommended and, in addition, this is not necessary. Subnetting within a nibble negates the benefits of quickly identifying a prefix from an interface identifier. For example, if the / 66 prefix length is used, the first two bits would be part of the subnet identifier, and the second two bits would be part of the interface identifier. it is not necessary. Subnetting within a nibble negates the benefits of quickly identifying a prefix from an interface identifier. For example, if the / 66 prefix length is used, the first two bits would be part of the subnet identifier, and the second two bits would be part of the interface identifier. it is not necessary. Subnetting within a nibble negates the benefits of quickly identifying a prefix from an interface identifier. For example, if the / 66 prefix length is used, the first two bits would be part of the subnet identifier, and the second two bits would be part of the interface identifier.

always write the code as if it would be accompanied by a psychopath who knows where you live. (Martin Golding)


1) Cisco CCNA RS
2) Cisco CCNP RS
3) IP Version 6 in Junos (EDU-JUN-IPV6)

Above I described the main points of IPv6 that are different from IPv4. In the following parts there will be more practical work. Let me remind you that the second part will describe how to configure the main protocols on CIsco equipment, I will also describe the principle of DHCPV6. The third part will describe how to configure IPv6 already on Juniper hardware.

Networks are cool, network specialist sounds proud. second part here

Also popular now: