COMPUTER NETWORKING

IT 8117

Unit VI

Internet Protocol version 6

(IPv6)
 Introduction
 Internet Protocol (IPv6 ) is the next generation
of IP and it is the successor of IP version 4
which is widely used nowadays
 IPv4, with its 32-bit addressing scheme, offered
a comfortable 4.3 billion unique addresses
 However, this seemingly endless pool began to
shrink rapidly as:
 Personal computers: became
 Introduction
 The mobile revolution: ushered in a wave of
smartphones and tablets, each requiring its
own IP address
 The Internet of Things (IoT): emerged,
connecting everything from refrigerators to
thermostats to the internet, further straining
the limited pool
 The Internet Engineering Task Force (IETF)
recognized the looming crisis in the early 1990s
 Introduction
 Ipv6 was officially used in 2004 when ICANN
added IPv6 addresses to its DNS server
 The address space in IPv6 is much larger than
the address space of IPv4, and it went from 32
bits to 128 bits
 In other words, it went from 4 billion
addresses to 340 trillion of unique address
 IPv6 is designed to provide unique addresses
for everyone on earth
 Introducing IPv6
 IPv6 addresses use a notation called colon hexadecimal
format
 Eight 16 bit hexadecimal numbers, separated by colons:

XX:XX:XX:XX:XX:XX:XX:XX
 Each X represents eight bits (or 1 byte), which in
hexadecimal notation is represented by two characters,
as in:

2031:0000:130F:0000:0000:09C0:876A:130
B
 Contracting IPv6 Addresses
Rule 1- Omitting Leading 0s
The first rule to help reduce the notation of IPv6
addresses is any leading 0s (zeros) in any 16-bit
section or hextet can be omitted
Preferred 2001:0DB8:000A:1000:0000:0000:0000:0100
No Leading 0s 2001: DB8: A:1000: 0: 0: 0: 100
Compressed 2001:DB8:A:1000:0:0:0:100
 01AB can be represented as 1AB
 09F0 can be represented as 9F0
 0A00 can be represented as A00
 00AB can be represented as AB
 Contracting IPv6 Addresses
Rule 2 -Omitting All 0 Segments
A double colon (::) can replace any single,
contiguous string of one or more 16-bit segments
(hextets) consisting of all 0’s
Double colon (::) can only be used once within
an address otherwise the address will be
Preferred 2001:0000:0000:0012:0000:0000:1234:56AB
ambiguous
No Leading 0s 2001: 0: 0: 12: 0: 0:1234:56AB
Compressed 2001::12:0:0:1234:56AB
 More examples
Compress the following IPv6 address

1.2001:0DB8:0000:0000:0000:0000:0000:0C50

2.2001:0DB8:0000:0000:B450:0000:0000:00B4

3.2001:0DB8:0F3C:00D7:7DAB:03D0:0000:00FF

4.2001:0db8:0000:130F:0000:0000:087C:140B

5.FE80:0000:0000:0000:0123:4567:89AB:CDEF
 AddressesIPv6 Prefix Length
 IPv6 does not use the dotted-decimal subnet
mask notation

• No subnet masks in IPv6

 Network addresses use the same slash notation
as CIDR
 Prefix length can range from 0 to 128

 Example

21CD:0053:0000:0000/64
 IPv6 Address Types
 IPv6 supports three address types

• Unicast: Provides one to one transmission

service to individual interfaces
• Packets addressed to a unicast address are
delivered to a single interface
• IPv6 supports several types of unicast addresses,
including global, link local, and unique local

• Multicast: Provides one to many transmission

service to groups of interfaces identified by a
 IPv6 Address Types
 Anycast: Provides one to one of many
transmission service to groups of interfaces,
only the nearest of which (measured by the
number of intermediate routers) receives the
transmission

• Traffic destined to an anycast address is

forwarded to the nearest node in the group
 Note: With IPv6, broadcast addresses are no
longer used
 IPv6 Unicast Addresses
Global Unicast Addresses
They are routable across the entire internet,
allowing your device to connect and exchange data
with any other device globally

• Think of them as public IP addresses that

enable unrestricted communication on the
worldwide internet

• Similar to a public IPv4 address

• Can be configured statically or assigned
 Global Unicast Addresses
 The current official format for global unicast
addresses consists of the following elements
• The global routing prefix is the initial portion
(typically the first 48 bits) of an IPv6 global
unicast address

• It acts as a network identifier, specifying the

network to which a device belongs

• Think of it as the first part of a complex address

that identifies a specific building (network) on a
 Global Unicast Addresses
How it's Assigned
IANA (Internet Assigned Numbers Authority)
allocates large blocks of IPv6 addresses to RIRs
(Regional Internet Registries) like AFRINIC
(Regional Internet Registry for Africa)
RIRs further subdivide these blocks and assign
prefixes to ISPs or large organizations
ISPs then allocate subnets within their assigned
prefix to individual customers
 Global Unicast Addresses
Subnet ID
Formerly known as the (site level aggregator)
SLA, a 16 bit field that organizations can use to
create an internal hierarchy of sites or subnets
The subnet ID acts like a further identifier within
a network assigned with a specific global routing
prefix
It allows administrators to subdivide the network
 Global Unicast Addresses
Interface ID
A 64 bit field identifying a specific interface on
the network
It's the final 64 bits of an IPv6 address and
functions similarly to a MAC address in an IPv4
network
 Subnet IDs

 Organizations have a16 bit subnet ID with

which to create an internal subnet hierarchy, if
desired
 Here are some of the possible subnetting
options:
 One level subnet: By setting all subnet ID bits to
0, all computers in the organization are part of
a single subnet
 Subnet IDs
 This is the functional equivalent of IPv4
subnetting, but with a much larger subnet
address space
 Multi level subnet: By allocating specific
numbers of subnet ID bits, you can create
multiple levels of subnets, sub subnets, and sub
sub subnets; suitable for an enterprise of
almost any size
 Subnet ID Example
 To support a large international enterprise, you
could split the subnet ID as follows:
 Country (4 bits): Creates up to 16 subnets
representing countries in which the organization
has offices
 State (6 bits): Creates up to 64 sub subnets
within each country, representing states,
provinces, or other geographical divisions
 Office (2 bits): Creates up to 4 sub sub subnets
 Subnet ID Example
 Department (4 bits): Creates up to 16 sub-sub-
sub-subnets within each office, representing the
various departments or divisions
 To create a subnet ID for a particular office, it is
up to the enterprise administrators to assign
values for each field
 Interface IDs
 The interface ID contains a unique identifier for a specific
interface on the network
 The Institute for Electrical and Electronic Engineers (IEEE)
defines the format for the 48 bit MAC address assigned to
each network adapter by the manufacturer, as well as the
EUI 64 identifier format derived from it
 A privacy problem with this method of deriving interface
IDs from the computer’s hardware the location of a mobile
computer might be tracked based on its IPv6 address
 Instead of using MAC addresses, Windows operating
systems generate random interface IDs by default
 Link Local Unicast Addresses
 In IPv6, systems that assign themselves an
address automatically create a link local unicast
address , which is the equivalent of an APIPA
address in IPv4
 A link-local address is a unicast network address
that is valid only for communications within the
subnetwork that the host is connected to
 Link-local addresses are most often assigned
automatically with a process known as stateless
 Link Local Unicast Addresses
 All link local addresses have the same network
identifier: a 10 bit Floating Point binary of
11111110 10 followed by 54 zeroes, resulting
in:

FE80:0000:0000:0000/64
 In its more compact form, the link local network
address is:

FE80::/64

 Unique Local Unicast Addresses
 Unique local addresses work like the IPv4
private addresses
 You can use these addresses on your own
network if you don’t intend to connect to the
Internet or if you plan to use IPv6 NAT
 The advantage of unique local addresses is that
you don’t need to register at an authority to get
some address space

 Unique Local Unicast Addresses
 Here’s an example

 The first 7 bits indicate that we have a unique

local address
 1111 110 in binary is FC in hexadecimal
 However, the L bit (8th bit) has to be set to 1 so
we end up with 1111 1101 which is FD in
 Special IPv6 Addresses
Unspecified IPv6 address
Represented by eight colons (::), signifying all
zero bits
Essentially means "no address assigned" and is
often used during device initialization or when no
specific address is needed
The IPv6 unspecified address should not be used
as destination addresses in IPv6 packets or the
 Special IPv6 Addresses
IPv6 loopback address
Represented by a single colon followed by a one (::1)
Allows a device to send data to itself for internal testing
purposes, similar to looping a cable back onto itself
This address is similar to 127.0.0.1 in IPv4
The IPv6 loopback address cannot be used as the source
address
The packets using the IPv6 loopback address as the
destination address cannot be sent to the source node
and cannot be forwarded by IPv6 routers
 Special IPv6 Addresses
Unique Local Unicast Addresses (ULAs)
(FD00::/7)
Start with the prefix FD00:: and are designed for
internal network use within a specific
organization or LAN
Similar to private IPv4 addresses (192.168.x.x),
they are not routable on the public internet

Link-local Unicast Addresses (FE80::/64)

Start with the prefix fe80:: and are used for
 Multicast Addresses
 The IPv6 multicast address provides a method
for distributing identical information or services
to a defined group of interfaces, called the
multicast group
 Typically, the interfaces of the multicast group
are on different nodes
 An interface can belong to any number of
multicast groups
 Packets sent to the multicast address go to all
 Multicast Addresses
Multicast address format
The entire multicast address format is as follows:

FP: An 8 bit field that Identifies the address as a

multicast address
Flags: A 4 bit field that specifies whether the
multicast address contains the address of a
 Multicast Addresses
 The flag field is defined as follows:
0 0 0 T

 The three high-order bits are reserved and must be

set to 0
 T = 0 indicates a permanently-assigned ("well-
known") multicast address, assigned by the global
internet numbering authority

permanent (0000)
 T = 1 indicates a non-permanently-assigned
 Multicast Addresses
 Scope: A 4 bit field that specifies how widely
routers can forward the address
• Values include interface local (0001), link
local (0010), site local (0101), organization
local (1000), and global (1110)
 Group ID: A 112 bit field uniquely identifying a
multicast group
• The multicast group may be permanent or
transient
All-nodes multicast All-routers multicast
address address
FF01:0:0:0:0:0:0:1 (node FF01:0:0:0:0:0:0:2 (node
local) local)
 Anycast Address
 Used to identify the routers within a given
address scope and send traffic to the nearest
router, as determined by the local routing
protocols
 One of the purposes of IPv6 anycast addresses
is to identify a group of routers that belong to
the same Internet service provider
 Another purpose is to identify a group of
routers in a specific subnet
 Assigning IPv6 Addresses
 As with IPv4, a Windows computer can obtain
an IPv6 address by three possible methods:
 Manual allocation: A user or administrator
manually supplies an address and other
information for each network interface
 Self allocation: The computer creates its own
address using a process called stateless
address autoconfiguration
 Dynamic allocation: The computer solicits and
 Stateless Address Autoconfiguration
(SLAAC)
 It is a mechanism that enables each host on the
network to auto-configure a unique IPv6 address
without any device keeping track of which
address is assigned to which node
 Stateless address assignment means that no
server keeps track of what addresses have been
assigned and what addresses are still available
for an assignment
 How does SLAAC work?
 The steps an IPv6 node takes from the moment
it gets connect to the network to the moment it
has a unique global unicast address
 Step 1: Configuring link-local address

• device gives itself its own link-local address

• the link-local address can be acquired by
combining the link-local prefix FE80::/64 and
the EUI-64 interface identifiers generated
from the interface’s MAC address
 Extended Unique Identifier-64 (EUI-64)
 Extended Unique Identifier-64 (EUI-64) is a
method used to create a unique 64-bit
interface identifier for IPv6 devices
 This process involves taking the 48-bit MAC
address of a device and manipulating it to
create a unique identifier
 In IPv6 addressing, the interface ID is the final
64 bits of a unicast address
 EUI-64 provides a way to leverage a device's
Extended Unique Identifier-64 (EUI-64)
 There are three main steps involved in EUI-64:
 split MAC address into two pieces

• for example, I have a MAC address of

AA40:1134:5531
AA 40 11 34 55 31
MAC address
AA 40 11 34 55 31

 insertAA 40 11
“FFFE” F F 34the
in between 55two
31pieces
F E
 Extended Unique Identifier-64 (EUI-64)
 Invert the 7th bit of the original MAC
address
 To invert the 7th bit you have to convert the
first two hexadecimal characters of the first
byte to binary, lookup the 7th bit and invert it

• This means that if it’s a 0 you need to make it

AA 40
a 1, and if it’s11
a 1FF FEto34
it has 55 31
become a0

After inverting the 7th bit

1010101 becomes 10101000=A8
Extended Unique Identifier-64 (EUI-64)
 Combine the local-link prefix with the EUI-
64 Identifier

• Therefore, the resulting IPv6 EUI-64 link-local

address is this
FE80 A8 4 1 F FE 34 55 31
:: 0 1 F
FE80::A840:11FF:FE34:5531/64
 Once the above steps are completed, the node
has a fully functional EUI-64 format link-local
 More examples (EUI-64)
 By using EUI-64 Identifier generate a link local
address
1.234.5678.ABCD

2.7007.1234.5678

3.3BA7.9407.CBD0

4.5254.001C.E726

5.0015.2BE4.9B60

This IPv6 link local address

FE80::0201:04FF:FE76:2A5C is generated using Eui-
 How does SLAAC work
 Step 2: Duplicate Address Detection (DAD)

• DAD involves verifying that a unicast IPv6

address is unique to prevent address conflicts

• When the client device has obtained the IPv6

link-local address on its interface the second
step will be to send Duplicate Address Detection
ICMPv6 message to its link

• This checks if the target address matches

existing addresses, ensuring it is a unique link-
 How does SLAAC work
 DAD uses mechanisms like Neighbor Solicitation
and Neighbor Advertisement messages to check if
an address is already in use by another device,
regardless of how it was assigned
 Every node joins a multicast group identified by the
address FF02::1:FFxx:xxxx where xx:xxxx are the
last 6 hexadecimal values in the IPv6 unicast
address
 In our example, the last 6 hexadecimal values of the
 How does SLAAC work
 The source sends an ICMPv6 message with a
destination address set to this group, and the
source address set to the IPv6 unspecified
address
 Only nodes that are listening to this exact
auto-generated multicast group will open the
packet, all other nodes will discard it
 If any node has an IPv6 address that has the
same last 6 hex digits, will look in the ICMPv6
 How does SLAAC work

PC1 performs IPv6 DAD for its link-local

address
 How does SLAAC work
 Step 3: Router Solicitation
 After a device has a link-local address, it can
now start the process of auto-configuring a
global unicast address using SLAAC
 The first step of this process is to send an
ICMPv6 message called Router Solicitation (RS)
 The purpose of this message is to 'ask' all IPv6
routers attached to this segment about the
 How does SLAAC work
 The destination address in the router solicitation
messages is the all-routers multicast address
(FF02::2) with the link-local scope and for
source, PC1 uses its link-local address
A router solicitation message has a value of 133
in the Type field of the ICMP packet header
 Router advertisements are sent out in response
to router solicitation messages from IPv6 nodes
on the local link
 How does SLAAC work
 Router advertisements are sent to the all-nodes
link-local multicast address (FF02 ::1) of a node
that sent the router solicitation messages
 Router advertisement has a value of 134 in the
Type field of the ICMP packet header
 How does SLAAC work

IPv6 Header
Dst: FF02 ::1
Src:
FE80::2D0:97FF:FE49:C501
ICMPv6 Header
Type: 0x86(RA)
Prefix: 2001:1234:A:B::
Prefix length: 64

IPv6:2001:1234:A:B:7207:12FF:FE3
4:5678/64
IPv6 Gateway:
FE80::2D0:97FF:FE49:C501
 How does SLAAC work
 Step 4: The node configures its global unicast
address
 Once device gets back the RA from neighbor
Router, it combines the prefix 2001:1234:A:B::/64
with its EUI-64 interface identifier
(7207:12FF:FE34:5678) resulting in the global
unicast address
2001:1234:A:B:7207:12FF:FE34:5678/64
 Step 5: The node performs Duplicate Address
Detection
 IPv6 Migration Issues and Techniques
 The migration from IPv4 to IPv6 has already started,
but there are some issues should be taken care of
before migrating from IPv4 to IPv6, and these issues
are:
 Compatibility: Existing network devices and
software(DHCP, OSPF and RIP, BGP, ARP, TCP/IP and
others) might not be compatible with IPv6, requiring
upgrades or replacements, which can be costly
 Dual Stack Complexity: Running both IPv4 and IPv6
concurrently (dual stack) can increase network
 IPv6 Migration Issues and Techniques
 Financial Issues: Migrating from IPv4 to IPv6
requires purchase of new network devices that
support IPv6 like switches, routers, and others
devices, which will make enterprises and companies
invest more money on the migration process

• Also, users and network administrators might

require training and education on the benefits
and functionalities of IPv6
 Security Issues: IPv6 have not been used widely and
has not been tested properly. So, the security level
 Migration Techniques:
 Dual Stack: IPv6 is an upgrade for IPv4, so IPv6
inherits some features from IPv4, therefore it is
relatively easy to runs both IPv4 and IPv6
concurrently on the same network

• This allows devices incompatible with IPv6 to

continue using IPv4 while enabling IPv6 for
capable devices
 Tunneling: involves tunnelling protocols like 6to4,
Teredo, and ISATAP, which encapsulate IPv6 traffic
within IPv4 packets for transmission over an IPv4
 Tunneling

A B Ethernet connects two E F

Ethernet connecting IPv6 routers
two IPv6 routers: IPv6 IPv6 IPv6 IPv6

IPv6 datagram
Link-layer frame The usual: datagram as payload in link-layer frame

IPv4 network A B E F
connecting two
IPv6 routers IPv6 IPv6/v4 IPv6/v4 IPv6

IPv4 network
 Tunneling

A B Ethernet connects two E F

Ethernet connecting IPv6 routers
two IPv6 routers: IPv6 IPv6 IPv6 IPv6

IPv6 datagram
Link-layer frame The usual: datagram as payload in link-layer frame

IPv4 tunnel A B IPv4 tunnel E F

connecting IPv6 routers
connecting two
IPv6 routers IPv6 IPv6/v4 IPv6/v4 IPv6

IPv6 datagram
IPv4 datagram
 Tunneling
A B IPv4 tunnel E F
connecting IPv6 routers
logical view:
IPv6 IPv6/v4 IPv6/v4 IPv6

A B C D E F
physical view:
IPv6 IPv6/v4 IPv4 IPv4 IPv6/v4 IPv6

flow: X src:B src:B src:B flow: X

src: A dest: E dest: E src: A
dest: F
dest: E
dest: F
Flow: X Flow: X Flow: X
Src: A Src: A Src: A
Note source and data Dest: F Dest: F Dest: F data
destination
addresses! data data data

A-to-B: E-to-F:
B-to-C: B-to-C: B-to-C:
IPv6 IPv6
IPv6 inside IPv6 inside IPv6 inside
IPv4 IPv4 IPv4
 Migration Techniques:
• Teredo Tunneling: Teredo is an IPv6 transition
technology that allows IPv6 connectivity
through NAT devices

• It encapsulates IPv6 packets within IPv4 UDP

datagrams, enabling communication between
IPv6 nodes over an IPv4 network
 NAT64, or Network Address Translation IPv6 to IPv4,
is a mechanism that facilitates communication
between IPv6-only and IPv4-only hosts
 Migration Techniques:
• NAT64 operates by translating IPv6 packets into
IPv4 packets and vice versa, enabling
interoperability between IPv6 and IPv4 networks
 Proxying: This technique is used when an IPv6
device tries to access an IPv4 service like a web
server, so there should be some kind of translation
between these two end-points in order to connect to
each other
That’s all for today