IPv6 and IPv4 addressing compared
In IPv6, the expression of an address as a "dotted-quad," or dotted decimal has been replaced by a different representation. As you may recall, IPv4 addresses are typically represented as a sequence of four 8-bit values (bytes), each byte separated by a period. Thus, the following IPv4 address (in binary):
would be divided into four bytes:
which in turn would be translated into decimal equivalents as:
- 11111110 11000000 00000000 00000000 00000000 00000000 00000000 00000000 00000010 00100000 11101101 11111111 11111110 01101010 00001111 01110110
would be divided into eight 2-byte pieces (note that we insert extra spaces for readability, but they are not required in the notation):
- 1111111011000000: 0000000000000000: 0000000000000000: 0000000000000000: 0000001000100000: 1110110111111111: 1111111001101010: 0000111101110110
which in turn would be translated into hexadecimal equivalents as:
- fec0:0000:0000:0000: 0220:edff:fe6a:0f76
With IPv6 addresses, some shorthand can be taken. For instance, leading "0"s within each 2-byte piece can be dropped:
Also, a single series of "0"s can be dropped and replaced with two adjacent colons to signify that "0"s can be added to make the address fit into 128 bits:
However, this reduction can only be used once in any address in order to not violate uniqueness. Imagine the trouble we would get into trying to represent the following addresses with more than one double colon:
- 8d:0:0:2d69:0:0:0:1234 can safely be represented as 8d:0:0:2d69::1234
- 8d:0:2d69:0:0:0:0:1234 can safely be represented as 8d:0:2d69::1234
- 8d:0:0:0:2d69:0:0:1234 can safely be represented as 8d::2d69:0:0:1234
This reduction can be used for the localhost interface in IPv6 (the equivalent of IPv4's 127.0.0.1). This localhost address is 0:0:0:0:0:0:0:1 or ::1. The reduction can also be applied to the default network (the equivalent of IPv4's 0.0.0.0) as simply ::.
Subnetting in IPv6 follows similar rules as in IPv4. The general idea is that a subnet mask can be applied to any address. Using this subnet mask, a router can determine which bits represent the network membership of an address and which bits represent the host's address. In the IPv4 world, the network address 192.168.1.4/24 (or alternative notation of subnet mask 255.255.255.0) means that the network address is represented by the first 24 bits of the address and that the host address is represented by the remaining 8 bits (32 bit address space minus 24 bit network address = 8 bits for host address). The notation 192.168.1.4/24 is usually referred to as a CIDR (Classless Interdomain Routing) address. We give an example of subnet masking in binary, which is easier to visualize:
- The IPv4 address 192.168.1.4 would be represented in binary as:
- The subnet mask 255.255.255.0 would be represented in binary as:
- which shows that the first 24 bits of the subnet mask are "1". Then "bitwise AND" the 2 values together to get the network address:
- which indicates that the network portion of the address is 192.168.1.0 (24 bits of network address, plus a trailing zero byte). Then subtract the network address from the original address to get the host's address:
- which indicates that the host is 0.0.0.4, or, more simply, just 4.
In IPv6, the idea of subnet masks is similar, but the network addresses are much larger (explained later in this section). We illustrate with our previous IPv6 address example, assuming a network of /64 (meaning that the network address is the left-hand 64 bits of the total 128 bits). We will use hexadecimal arithmetic rather than binary arithmetic, because binary is just too cumbersome for IPv6 addresses.
- The IPv6 address fec0::220:edff:fe6a:f76 would be expanded to:
- The subnet mask for a /64 network would be:
- Then "bitwise AND" the 2 values together to get the network address:
- (64 bits of network address, plus a 64 trailing zero bits). Then subtract the network address from the original address to get the host's address:
In IPv4, there is a traditional classification of network, based on the first octet (leftmost byte) of the address. However, this classification is no longer formally part of the IP addressing architecture, and has been replaced by CIDR (Classless Interdomain Routing). In summary:
Allocation 1st Octet ----------- -------- Class "A" 0 - 126 Reserved 127 Class "B" 128 - 191 Class "C" 192 - 223
Class "D" 224 - 239 Class "E" 240 - 254 Reserved 255
Or, by using the "First Octet" Rule:
Bit Pattern Class of Address ------------ ---------------- 0 A 10 B 110 C 1110 D 1111 E
However, in IPv6 we have 2 octets of information with which to divide our networks (also see RFC 3513).
Allocation Prefix Fraction of (binary) Address Space ------------------------------ -------- ------------- Reserved 0000 0000 1/256 Unassigned 0000 0001 1/256
Reserved for NSAP Allocation 0000 001 1/128 Reserved for IPX Allocation 0000 010 1/128
Unassigned 0000 011 1/128 Unassigned 0000 1 1/32 Unassigned 0001 1/16 Unassigned 001 1/8
Provider-Based Unicast Address 010 1/8
Unassigned 011 1/8
Reserved for Geographic- Based Unicast Addresses 100 1/8
Unassigned 101 1/8 Unassigned 110 1/8 Unassigned 1110 1/16 Unassigned 1111 0 1/32 Unassigned 1111 10 1/64 Unassigned 1111 110 1/128
Unassigned 1111 1110 0 1/512
Link-Local Use Addresses 1111 1110 10 1/1024 Site-Local Use Addresses 1111 1110 11 1/1024
Multicast Addresses 1111 1111 1/256
For the scope of our paper, we are interested in four types of addresses. These are link-local addresses, site-local addresses, global unicast addresses (basically anything marked "unassigned" above) and multicast addresses. The term "global unicast address" supersedes the IPv4 term "IP address." We will not discuss anycast addresses which are used by routers specifically for failover, redundancy, and broadcast in IPv6. In IPv6, link-local and site-local addresses represent private address space just as reserved addresses represent them in IPv4, (RFC 1918):
10.0.0.0 - 10.255.255.255 (10/8 prefix) 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
In IPv6, any network address fe80::/10 is a "link-local" address. The concept of link-local means that machines are physically located in the same data link layer broadcast domain. This would include machines attached via hubs, bridges, and layer 2 switches as well as any machines directly connected. The addresses in network address fec0::/10 are "site-local" addresses and should not be routed outside of your locally-controlled infrastructure (because of the possibility of address collisions with addresses defined at other sites). All other legal addresses are considered to be "global unicast addresses" and are validly used on any node whether connected to the Internet or not. Global unicast addresses must be globally unique, of course.
As with IPv4, IPv6 addresses can be either statically or dynamically assigned. However, the definition of dynamically assigned has changed somewhat with IPv6. There are two dynamic address mechanisms in IPv6. The first (and primary) mechanism for dynamic IP address assignment is called "stateless autoconfiguration"; and uses the hardware address of the machine's interface to negotiate the IP address. For stateless autoconfiguration on a link-local network, an example is:
1. If the node (host or router) has a 48-bit MAC interface identifier of:
then the resulting 64-bit IPv6 interface ID will be:
or, in shorthand notation:
- * Note: A 48-bit MAC address must be expanded to a 64-bit address for stateless autoconfiguration. To do so, the value fffe is inserted between the third and fourth bytes of the MAC address. Next, the second low-order bit of the first byte of the MAC address is complemented. In binary, our original MAC address looks like this, after expansion:
- 00000000: 00000001: 00000011: <fffe goes here>: 00110001: 10101010: 11011101
- The binary string in italics represents the first byte. The "0" in boldface represents the second low order bit. More colloquially, we could call this the "next to last bit in the first byte". [Stateless Autoconfiguration: RFC 2462]
2. The node prepends this 64-bit interface identifier with the 64-bit link-local interface identifier fe80::0. This address becomes the "tentative address."
3. The node joins the "all-nodes" multicast group (ff02::1) and the solicited node multicast group (ff02:0:0:0:0:1:ffxx:xxxx, where xx:xxxx is the low-order 24 bits of the MAC address of the node's interface). (Multicast groups are explained later in this section.)
4. The node broadcasts a "neighbor solicitation" message to the "all-nodes" multicast group asking if the selected address is taken. If the address is taken, the node stops and manual configuration is required. Otherwise, the state of the address is set to "preferred."
5. The node then sends a "router solicitation request" to the "all routers" multicast group (ff02::2) to determine default routes. The drawback with stateless autoconfiguration is that wherever this mechanism is employed, the size of the host portion of the IP address must be no smaller than 64 bits. This causes quite a few wasted unicast addresses in a typical network address architecture.
The second form of autoconfiguration occurs through the use of the dynamic host configuration protocol (DHCP) and is called "stateful autoconfiguration". DHCP can also be used in conjunction with stateful autoconfiguration to broadcast information other than IP addresses, such as DNS servers, network names, and proxy-servers. This mechanism can subnet a network into much smaller segments than stateless autoconfiguration (creating less wasted network address space) but requires additional management of the DHCP server and the addition of a DHCP client on all machines that require stateful autoconfiguration. Both stateless and stateful autoconfiguration protocols can be used for networks other than site-local through various control protocol mechanisms.
Finally, in IPv6, multicast addresses are used quite frequently for control of network hosts and services. There are two types of multicast addresses; well known and temporary.
The second field, 000x, represents the flags field. The first 3 bits are reserved and must be set to "0". The last bit, x, represents the permanence of the address. 1 represents a temporary multicast address, while 0 represents a permanent (or termed "well-known") address.
The third field, yyyy, represents the "scope" field. The scope of the multicast address can be determined by looking at this table:
Value Description ----- ----------- 0 Reserved 1 Interface-local (network interface card) 2 Link-local scope (same as link-local addr) 3,4 Unassigned 5 Site-Local scope (same as site-local addr) 6,7 Unassigned 8 Organizational scope 9,a,b,c,d Unassigned e Global scope f Reserved
And finally, the group identifier is used to determine the subscriber (or function) of the multicast listening nodes. For instance, a multicast address of ff01::1 represents the "all nodes" multicast address of scope "interface local," while ff02::1 and ff05::1 represent the "all nodes" multicast address of link-local and site-local scope, respectively. The group identifier of the addresses is the same, only the scope address is different.
Some well-known group identifiers are:
Group Identifier Description ---------------- ----------- ::1 All nodes ::2 All routers ::9 RIP routers ::1:3 DHCP servers
For more information on multicast addresses, please see RFC 2375.
Next section: Maintenance protocols
Main article: IPv6 deployment