Table of Contents
IPv6
IPv6 Notation
IPv6 addresses are 128 bits long (32 hexadecimal numbers) and consist of eight colon-delimited sections. Each section contains 2 bytes, and each byte is expressed as a hexadecimal number from 0 through FF. An IPv6 address looks like this: 2001:0db8:0000:0000:0000:0800:200c:7334. By omitting the leading zeroes from each section or substituting contiguous sections that contain zeroes with a double colon, you can write the example address as:2001:db8::800:200c:7334.
Subnetting
An IPv6 address can be broken into a network address space and the nodes address space. The prefix length is a decimal value that specifies the number of the leftmost bits in the address that make up the prefix. The prefix length follows a forward slash and, identifies the portion of the address owned by an organization. All remaining bits (up to the right-most bit) represent individual nodes or interfaces. For example, 2001:db8:0000:0000:250:af:34ff:fe26/64 has a prefix length of 64. The first 64 bits of this address (2001:db8:0000:0000) are the prefix. The rest (250:af:34ff:fe26) identify the interface.
IETF defined /64 to be the standard IPv6 subnet size. It is smallest subnet that can used locally if auto configuration is desired. Typically, an ISP assigns a /64 or smaller subnet to establish service on the WAN. An additional network is routed for LAN use.
| bits (MSB) | Purpose |
|---|---|
| First 48 bits: | Network address |
| Next 16 bits: | Subnet address |
| Last 64 bits: | Device address |
Prefix
The default IPV6 prefix is 64-bit and consists on the network an subnet parts.
Network+Subnet = Prefix
The following address 2003:1000:1000:1600:1234::1 would have the network 2003:1000:1000, the subnet 1600, so together the prefix 2003:1000:1000:1600. If the ISP provider delegated a part of the prefix to me (e.g. 2003:1000:1000:1600/56) then I could use the subnets from 2003:1000:1000:1600 to 2003:1000:1000:16FF for my own purposes (i.e. define 256 subnets in this example)
Ziggo provides a Prefix Delegated of 56-bits: 2001:1c00:2e16:7200::/56.This means that Ziggo provides you /56 IPv6 address range. This allows you to create 256 subnets each being /64 large.
Scopes
- GLOBAL - everything (i.e. the whole internet)
- UNIQUE LOCAL - everything in our LAN (behind the internet gateway)
- LINK LOCAL - (will never be routed, valid in one collision domain, i.e. on the same switch)
| range | Purpose |
|---|---|
| ::1/128 | Loopback address (localhost) |
| ::/128 | unspecified address |
| 2000::/3 | GLOBAL unicast (Internet) |
| fc00::/7 | Unique-local (LAN) |
| fe80::/10 | Link-Local Unicast (same switch) |
Always use the smallest possible scope for communication A host can have multiple addresses in different scopes
IPv6 Address Types
Unicast
| Prefix | Type | Explanation | IPv4 equivalent |
|---|---|---|---|
| fc00::/7 | Unique Local Addresses (ULAs) | Example: fdf8:f53b:82e4::53 These addresses are reserved for local use in home and enterprise environments and are not public address space. Packets with these addresses in the source or destination fields are not intended to be routed on public Internet. | Private, or RFC 1918 address space: 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 |
| fe80::/10 | Link-Local Addresses | Example: fe80::200:5aee:feaa:20a2 These addresses are used on a single link or a non-routed common access network, such as an Ethernet LAN. They do not need to be unique outside of that link. Link-local addresses may appear as the source or destination of an IPv6 packet. Routers must not forward IPv6 packets if the source or destination contains a link-local address. | 169.254.0.0/16 |
| 2000::/3 | Global Unicast | the operators of networks using these addresses can be found using the Whois servers of the RIRs listed in the registry at: http://www.iana.org/assignments/ipv6-unicast-address-assignments | No equivalent single block |
| ::/128 | Unspecified | This address may only be used as a source address by an initialising host before it has learned its own address. | 0.0.0.0 |
| ::1/128 | Loopback | This address is used when a host talks to itself over IPv6. This often happens when one program sends data to another. | 127.0.0.1 |
| ::ffff/96 | IPv4-Mapped | Example: ::ffff:192.0.2.47 These addresses are used to embed IPv4 addresses in an IPv6 address. One use for this is in a dual stack transition scenario where IPv4 addresses can be mapped into an IPv6 address. See RFC 4038 for more details. | There is no equivalent. However, the mapped IPv4 address can be looked up in the relevant RIR’s Whois database. |
Multicast
Multicast addresses support 16 different types of address scope, including node, link, site, organization, and global scope. A 4-bit field in the prefix identifies the address scope. The following types of multicast addresses can be used in an IPv6 subscriber access network:
- Solicited-node multicast address—Neighbor Solicitation (NS) messages are sent to this address.
- All-nodes multicast address—Router Advertisement (RA) messages are sent to this address.
- All-routers multicast address—Router Solicitation (RS) messages are sent to this address.
| Prefix | Explanation |
|---|---|
| ff02::1 | All nodes on the local network segment |
| ff02::2 | All routers on the local network segment |
| ff02::f | UPNP (Universal Plug and Play) devices |
| ff02::fb | multicast DNS IPv6 |
| ff02::101 | network time (NTP) |
| ff02::1:2 | All DHCPv6 servers and relay agents on the local network segment |
| ff05::1:3 | All DHCPv6 servers on the local network site |
| ff05::101 | all NTP server (site) |
Special
| Prefix | Type | Explanation | IPv4 equivalent |
|---|---|---|---|
| 2001:0000::/32 | Teredo IPv6 tunneling | Example: 2001:0000:4136:e378:8000:63bf:3fff:fdd2 This is a mapped address allowing IPv6 tunneling through IPv4 NATs. The address is formed using the Teredo prefix, the server’s unique IPv4 address, flags describing the type of NAT, the obfuscated client port and the client IPv4 address, which is probably a private address. It is possible to reverse the process and identify the IPv4 address of the relay server, which can then be looked up in the relevant RIR’s Whois database. | No equivalent |
| 2002::/16 | 6to4 | Example: 2002:cb0a:3cdd:1::1 A 6to4 gateway adds its IPv4 address to this 2002::/16, creating a unique /48 prefix. As the IPv4 address of the gateway router is used to compose the IPv6 prefix, it is possible to reverse the process and identify the IPv4 address, which can then be looked up in the relevant RIR’s Whois database. There is no equivalent but 192.88.99.0/24 has been reserved as the 6to4 relay anycast address prefix by the IETF. You can do this on the following webpage: http://www.potaroo.net/cgi-bin/ipv6addr | No equivalent |
Assign IPv6 address
Ways to assign IPv6 addresses:
- Static - fixed address
- SLAAC - Stateless Address Autoconfiguration (host generates itself)
- DHCPv6 - Dynamic host configuration protocol (assigned by central server)
SLAAC
Stateless Auto Address Configuration (SLAAC) enables hosts to create their own unique IPv6 global unicast address without the services of a DHCPv6 server that maintains network address information to know which IPv6 addresses are being used and which ones are available.
- SLAAC router sends periodic ICMPv6 RA Router Advertisement messages (i.e., every 200 seconds) providing addressing and other configuration information for hosts to auto configure their IPv6 address based on the information in the RA.
- SLAAC host configures it address using the Router Advertisement (RA) messages send by the router
- A host can also send a Router Solicitation (RS) message requesting an RA.
- SLAAC can be deployed as SLAAC only, or SLAAC with DHCPv6
DHCPv6
Stateful DHCPv6 does not require SLAAC while stateless DHCPv6 does. Regardless, when an RA indicates to use DHCPv6 or stateful DHCPv6:
- The host sends an RS message.
- The router responds with an RA message.
- The host sends a DHCPv6 SOLICIT message.
- The DHCPv6 server responds with an ADVERTISE message.
- The host responds to the DHCPv6 server.
- The DHCPv6 server sends a REPLY message.
Stateless DHCPv6 Operation
If an RA indicates the stateless DHCPv6 method:
- the host uses the information in the RA message for addressing and contacts a DHCPv6 server for additional information.
- Note: The DHCPv6 server only provides configuration parameters for clients and does not maintain a list of IPv6 address bindings (i.e. stateless).
Statefull DHCPv6 Operation
If an RA indicates the statefull DHCPv6 method:
- the host contacts a DHCPv6 server for all configuration information.
- Note: The DHCPv6 server is statefull and maintains a list of IPv6 address bindings
Troubleshooting
Show address
ip -6 address show
Default Route
ip -6 route show | grep default
Ping the host
ping6 fe80::ee08:6bff:fe84:2043
Network Discovery
ip -6 neigh show fda1:a50c:1f31:a:291f:4bfe:8a4f:7cd8 dev enp1s0 STALE fe80::ba27:ebff:fe1c:7fc0 dev enp1s0 STALE 2001:1c00:2e39:4ac::1 dev enp1s0 router STALE * * * * * * 2001:1c00:2c19:4ac:ba27:ebff:feff:7faa dev enp1s0 STALE fda1:a50c:ca30:c::1 dev enp1s0 router STALE 2001:1c00:2e18:4ac:230:59ff:fe19:135d dev enp1s0 STALE
FAILED indicates that the system could not be reached. STALE indicates that the connection hasn't been recently verified.
Or use ping6:
ping6 -c3 -n -I enp1s0 ff02::1 --> lists all link local addresses ping6 -c3 -n -I <your network interface 2001 ip> ff02::1 --> lists all global addresses ping6 -c3 -n -I <your network interface fda1 ip> ff02::1 --> lists all local network addresses
IPv6 addresses in URIs/URLs
Because IPv6 address notation uses colons to separate hextets, it is necessary to encase the address in square brackets in URIs. For example http://[2a00:1450:4001:82a::2004]. If you want to specify a port, you can do so as normal using a colon: http://[2a00:1450:4001:82a::2004]:80.