Semester 4 / Computer Networks /Ipv6

IPv6

10 min read Updated Sun May 03 2026 07:59:30 GMT+0000 (Coordinated Universal Time)
Open in ChatGPT Open in Claude

Uses 128-bit addresses. Consists of 8 groups of 4 hexadecimal digits separated by colons.

Introduced in 1994. Still not fully adopted.

Design Goals

  • More address space
    IPv4 could only support 4.3 billion addresses
  • Simpler header
  • Better QoS
  • Built-in encryption, authentication and multicast
  • Auto-configuration
  • Remove unused IPv4 features

Shorthand Rules

  1. Leading zeros in any group can be dropped
  2. One contiguous run of all-zero groups can be replaced with ::

Types of IPv6 Addresses

IPv6 assumes that each interface has multiple IPv6 addresses (different types for different use cases). Source address selection algorithm is defined in IPv6.

Unicast

Used to identify a single interface.

Unspecified

The address :: is used for unspecified addresses. Used when the address is not known.

Loopback

The address ::1 is used for loopback, similar to 127.0.0.1 in IPv4. Used to send packets to the same host.

Used to identify devices on the same link. Of the form fe80::/10. Next 54 bits are zeros. Last 64 bits are calculated by EUI-64. Routers does not forward packets with link-local addresses.

Site-local

Intended to be used within an organization. Of the form fec0::/10. Used when the network is isolated. But IPv6 spec did not clearly define a site. Hence deprecated in 2004. Replaced by Unique Local Addresses.

Unique Local Address

Aka. ULA. Used for private networks. Not routable on the public internet. Usually starts with fd00::/8. Not allowed on the internet.

Global Unicast

Public. Routable. Internet-facing. Starts with 2000::/3. Hence there are 2^61 networks available worldwide on the Internet.

IPv4-compatible

IPv4-compatible verion of a.b.c.d is ::ab:cd in IPv6. Used by IPv6 hosts to Deprecated.

IPv4-mapped

Exists to enable inter-operability with IPv4. a.b.c.d in IPv4 maps to ::FFFF:ab:cd in IPv6. Used in dual-stack systems (i.e. systems that support both IPv4 and IPv6).

Multicast

Used to identify a group of interfaces. Of the form FF00::/8. The multicast address FF02::1 refers to all hosts in the local network. The multicast address FF02::2 refers to all routers in the local network.

Replaced broadcast from IPv4. As there are no broadcast in IPv6, the network address (all 0s) and broadcast address (all 1s) are not wasted.

Anycast

Any address that is not unicast or multicast is considered anycast.

Network and Host Parts

Usually in IPv6, the network part is 64 bits and the host part is 64 bits.

IPv6 uses the /prefix-length notation similar to IPv4.

For example: 2001:db8:85a3::/48.

SLAAC

Short for Stateless Address AutoConfiguration. In IPv6, devices can configure their own address without DHCP:

  1. The router broadcasts its 64-bit network prefix via Router Advertisement (RA).
  2. The device generates its own 64-bit Interface ID, either from its MAC address (EUI-64) or randomly (privacy extensions).
  3. It combines them to configure a unique global address.

SLAAC is intentionally minimal. It does not provide:

What’s missingWhy it matters
DNS name serversHosts won’t know where to resolve domain names
Time servers (NTP)No clock synchronization
WINS serversNo NetBIOS name resolution

EUI-64

An algorithm to convert 48-bit MAC address to 64-bit interface ID. Default in SLAAC.

  1. Take MAC address (48 bits): a4:c3:f0:12:34:56
  2. Split it in the middle and insert ff:fe: a4:c3:f0:ff:fe:12:34:56
  3. Flip the 7th bit (the “universal/local” bit): a6:c3:f0:ff:fe:12:34:56
  4. That gives you exactly 64 bits for the Interface ID.

EUI-64 is hardcoded to produce 64-bit length parts for simplicity and reduce collision risk. It is not possible to use a longer prefix with SLAAC and EUI-64.

Privacy Address

As EUI-64 allowed tracking a device across different connections and networks, privacy addresses were added. Instead of calculating a 64-bit interface ID using EUI-64, a random number is used instead. And different interface IDs are used for different networks.

If a LAN network is configured manually, then SLAAC is not required, and network prefix can go beyond 64 bits.

SLAAC Steps

  1. Host creates a link-local address.
    Uses the fixed prefix FE80::/10 and EUI-64.
  2. The host joins the FF02::1 multicast group.
  3. The host sends a Router Solicitation message (ICMPv6 Type 133) to FF02::2.
    The solicitation includes the host’s own link-layer (MAC) address so routers know who’s asking.
  4. If a router exists, it replies with a Router Advertisement (ICMPv6 Type 134) containing the network prefix.
    The host combines that prefix with its EUI-64 address to form a full global unicast address.
  5. The host keeps using its link-local address for local communication.

DHCPv6

Alternative to DHCP in IPv6. Not required in IPv6. Allows stateful configuration. Requires a server for configuration. Supports DNS. Best for servers and fixed devices.

Most DHCPv6 implementations assume /64 network prefix, which might cause issues if a higher length network prefix is used.

A direct connection between exactly 2 devices. In that case, the network part is not needed and the entire address can be used as the host part. SLAAC or EUI-64 are not required here. Usually the addresses are configured manually with /127 or /126 prefix length.

/127 is the modern recommendation by RFC 6164. /126 mimics IPv4’s /30 (which reserved network and broadcast addresses).

Address Hierarchy

IPv6 addresses are structured as a strict hierarchy from global internet authorities down to individual devices. The hierarchical structure enables aggregation and reduces the size of routing tables.

  • Global Prefix: first 48 bits
  • Subnet ID: 16 bits
  • Interface ID: 64 bits

Internet Assigned Numbers Authority (IANA) controls the entire IPv6 address space. Large blocks of addresses (/12 to /23 ) are assigned to the 5 Regional Internet Registries.

RIRRegion
ARINNorth America
RIPE NCCEurope, Middle East, Central Asia
APNICAsia-Pacific
LACNICLatin America & Caribbean
AFRINICAfrica

RIRs typically assign a /32 prefix to ISPs which means each ISP has 2322^{32} number of /64 subnets to distribute.

ISPs delegate a /48 prefix to each customer organization (like businesses and universities). Each organization gets 2162^{16} subnets. Residential customers typically get a /56 or /64 instead.

Special Address Ranges

PrefixPurpose
::1/128Loopback (like 127.0.0.1)
fe80::/10Link-local (auto-assigned, not routable)
fc00::/7Unique-local (like private RFC1918 space)
ff00::/8Multicast (replaces IPv4 broadcast)
2000::/3Global unicast (public internet addresses)
2001:db8::/32Documentation/examples only

IPv6 header is always 40 bytes long.

  • Version (4 bits)
    Same as IPv4.
  • Class (8 bits)
    Similar to IPv4’s “Type of Service” field. Used for QoS. Marks packets for priority handling.
  • Flow Label (20 bits)
    A new addition in IPv6. Allows routers to identify and handle packets belonging to the same flow (e.g., a video stream) without inspecting inner layers. Set by the source.
  • Payload Length (16 bits)
    The size of the data following the header, in bytes. Unlike IPv4, this does not include the header itself.
  • Next Header (8 bits)
    Identifies what comes after the IPv6 header. Either an upper-layer protocol (like TCP = 6, UDP = 17) or an extension header. Replaces IPv4’s Protocol and Options fields. Enables IPv6’s flexible extension header chaining.
  • Hop Limit (8 bits)
    Equivalent to IPv4’s TTL (Time to Live). Decremented by 1 at each router. Packet is discarded when it reaches 0. Prevents infinite routing loops.
  • Source address (128 bits)
  • Destination address (128 bits)

Header checksums from IPv4 are removed, preferring checksums in other layers.

Extension Header

Inserted between the base header and the payload. Optional. Each extension header starts with its length measured in 8-bytes units.

Types:

  • Hop-by-Hop Options Header
    Must be the first one if present. Processed by every routers.
  • Routing Header
    Defines the intermediate nodes that the packet must go through. Set by the source host. A maximum of 88 intermediate addresses are supported. Deprecated because of security issues.
  • Fragmentation Header
    Used to fragment the packet.
  • Destination Options Header
    Optional information meant only for the destination.
  • Authentication Header
    A hashed value of all immutable fields of the packet. Does not work with NAT.
  • Encrypted Security Payload Header
    Provides encryption, integrity and authentication of the payload.

Packet Fragmentation

In IPv6, only the source host handles fragmentation of the packets. Fragmentation is handled via Fragmentation extension header.

If a router receives a packet too large to forward, it simply drops it and sends back an ICMPv6 Packet Too Big message to the source.

Path MTU Discovery

As routers cannot fragment the packets, maximum transmission unit size of the path (of the packet) must be initially calculated. The host repeatedly tries different sizes of ICMPv6 packets until the transmission succeeds.

IPv6 mandates that all links and routers must support a minimum MTU of 1280 bytes.

Tunnel

A transition mechanism that allows IPv6 packets to be transmitted over IPv4 networks (and vice versa) by encapsulating one protocol’s packets inside another’s. The encapsulation is done at the entry and exit points of a tunnel.

Might cause issues because:

  • IPv4 does not honor IPv6 options
  • Tunneling adds an overhead which might hit maximum MTU.

Application Layer Gateway (ALG) is required if application code contains IP addresses.

ICMPv6

Alternative to ICMP in IPv4. Required for packet fragmentation and path MTU discovery. As ICMPv6 cannot be blocked (as opposed to ICMP), rate limiting must be defined in the IPv6 spec to prevent it from becoming an actor vector.

Transitions Issues

IPv4 and IPv6 are not natively interoperable. The solution was to dual-stack everything (i.e. make them support both) or use Application Layer Gateways.

Root Servers

Servers at the root of DNS resolving. Had to be upgraded to serve both versions.

Nameservers

Nameservers introduced new record types to support IPv6.

  • A records
    Maps hostnames to IPv4 addresses
  • AAAA records
    Map hostnames to IPv6 addresses

MX records

MX records in DNS points to a hostname. If the host has only A type or AAAA type record, the IPv4-only or IPv6-only sender cannot send their email.

Software upgrade to all L3 devices

Layer 3 devices (routers, multilayer switches) handle IP routing. Since IPv6 is hugely different from IPv4, every L3 device needs a software/firmware update to understand and forward IPv6 packets.

Even the OS or routing software must explicitly support IPv6 routing, neighbor discovery, and related protocols.

Hardware accelerator changes

Many L2 and L3 devices use dedicated hardware to do certain tasks. These are often programmed for IPv4’s packet structure. As IPv6 is different, certain hardware may require reprogramming or even physical replacement.

L2 switches can also be affected if they do any IP-aware processing.

Firewalls

Firewalls need to be updated in two ways.

  1. The software must be able to inspect IPv6 traffic.
  2. Rulesets must be rewritten or mirrored for IPv6.