| IPv4 | IPv6 | |
| Addressing Range | 32-bit, NAT | 128-bit, Multiple Scopes |
| Address Representation | 4 groups of decimal numbers | 8 groups of four HEX characters, separated by a colon (:); CIDR masking |
| IP Provisioning | Manual, DHCP | Manual, SLAAC, Stateless DHCP, Full DHCP |
| Multicast | IGMP/PIM/MBGP | MLD/PIM/MBGP, Scope Identifier |
IPv6 introduces new protocol level behaviors
– Neighbor Discovery instead of ARP
– Stateless Addressing
– No more Broadcast, only Multicast
IPv6 address representation
Let’s take a look at full IPv6 address:
2001:0132:0000:a3bf:0000:0000:01c9:abcdSince it is really long, there are few rules that can be applied in order to simplify the address representation.
Leading zeros can be omitted:
2001:132:0:a3bf:0:0:1c9:abcdZeros in contiguous blocks can be represented by :: (Double colon can only appear once in the address):
2001:132:0:a3bf::1c9:abcdIPv6 uses CIDR representation, i.e. no subnet mask:
2001:132:0:a3bf::1c9:abcd/128Loopback address representation – Same as 127.0.0.1 in IPv4:
0:0:0:0:0:0:0:1 == ::1Unspecified address representation:
0:0:0:0:0:0:0:0 == ::Default Route representation:
::/0IPv6 address types
Three types of unicast addresses:
– Link-Local unicast – Non routable exists on single layer 2 domain (FE80::/10)
– Unique-Local unicast – Routable within administrative domain (fc00::/7) – was deprecated in RFC3879
– Global unicast – Routable across the Internet (2000::/3)
Multicast addresses – ff00::/8
If you do not know how unicast differs from multicast, please refer to my post – Broadcast/Ethernet networks.
Link-local address (LLA)
Link-Local address is a mandatory IPv6 address for IPv6 enabled interface. It is used for Neighbor Discovery and routing protocols exchange. LLA can be assigned manually or generated using random values or using its MAC address.
Link-local addresses are used to communicate with the neighboring devices on the same link. IPv6 routers must not forward packets that have link-local source or destination addresses to other links.
Address Scope FE80::/10 contains any addresses which start from:
+------+--------------------+
| HEX | Binary |
+------+--------------------+
| FE80 | 1111 1110 1000 0000|
| .... | |
| FEBF | 1111 1110 1011 1111|
+------+--------------------+So it is basically any address like this:
– FE8x
– FE9x
– FEAx
– FEBx
LLA generation
In most cases an IPv6 device will use FE80:0:0:0:0:0 as leading 64 bits in LLA. Trailing 64 bits are whether random value or EUI-64 interface ID. Windows OS use random values. RHEL and Cisco devices use EUI-64 interface ID. EUI-64 interface ID is made of MAC address. Here is the algorithm:
– invert the universal/local (U/L) flag (bit 7) of the first octet of the MAC address
– insert “FFFE” (16 bit) in the middle of address from previous step (48 bit). Resulting address will be 64-bits long.
An example of CentOS:
[root@centos7 ~]# ip addr show dev eth0 scope link
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:f4:2a:af brd ff:ff:ff:ff:ff:ff
inet6 fe80::20c:29ff:fef4:2aaf/64 scope link In this example: MAC is 00:0c:29:f4:2a:af. Inverting 7th bit of first octet:
Binary HEX
Original: 0000 0000 00
Inverted: 0000 0010 02After inverting we will get the address: 02:0c:29:f4:2a:af. Then we inserting “fffe” in the middle:
-------------------------------------------------------------
| Leading 64 bits | First 24 bits | 16 bits | Last 24 bits |
| in LLA | of MAC with | of "FFFE" | of MAC |
| | 7th bit inv. | | |
|-----------------+---------------+-----------+---------------|
| fe80:0:0:0:0:0: | 02:0c:29: | fffe: | f4:2a:af |
-------------------------------------------------------------Cisco devices do the same:
Here is an example:
HOME-881#sh int vlan 135 | i bia
Hardware is EtherSVI, address is 1cdf.0fbc.eb9a (bia 1cdf.0fbc.eb9a)
!omitted!
HOME-881#sh ipv6 int vlan 135
Vlan135 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::1EDF:FFF:FEBC:EB9A Windows OS uses random numbers:
PS C:\> Get-NetIPConfiguration -InterfaceAlias ethernet -Detailed
ComputerName : VVO-PC
InterfaceAlias : Ethernet
NetAdapter.LinkLayerAddress : 00-00-11-11-22-22
NetAdapter.Status : Up
IPv6LinkLocalAddress : fe80::bd63:405f:af8b:5fe%12Global Unicast Address (GUA)
These addresses are globally routable. Addressing is used – 2000::/3
The general format for IPv6 Global addresses:
| n bits | m bits | 128-n-m bits |
+------------------------+-----------+----------------------------+
| global routing prefix | subnet ID | interface ID |
+------------------------+-----------+----------------------------+The implication is that interface ID field is 64-bit long (i.e., n + m = 64)
Interface ID of unicast address may be assigned in different ways:
– Auto-configured from a 64-bit EUI-64 or expanded from a 48-bit MAC
– Auto-generated pseudo-random number (to address privacy concerns)
– Manually configured
– Assigned via DHCP
Multicast addresses
An IPv6 multicast address has the prefix FF00::/8 (1111 1111). Second octet defines lifetime and scope
-------------------------------------------------------------------
| 8 bits | 4 bits | 4 bits | 112 bits |
+-----------+---------+--------+------------------------------------+
| 1111 1111 | 0 R P T | Scope | group ID |
-------------------------------------------------------------------Scope values:
1 – Interface Node
2 – Link
Actually there are more defined scope values, but at this point I suggest to avoid its meanings as well as meaning of flag bits (R,P,T). But if you really curious – here is a link to RFC4291
Well known multicast addresses:
| Address | Scope | Description |
| FF02::1 | Link-Local | All Nodes |
| FF02::2 | Link-Local | All Routers |
| FF02::1:FFXX:XXXX | Link-Local | Solicited-Node |
Did you get it? They say that there is no broadcast, but there is a multicast address for all nodes on a segment 😉
IPv6. Part 2. Neighbor Discovery Protocol and link-local addresses
Cisco networking 