IPv6 Addressing

128-bit length

The length of network addresses emphasize a most important change when moving from IPv4 to IPv6. IPv6 addresses are 128 bits long (as defined by RFC 4291), whereas IPv4 addresses are 32 bits; where the IPv4 address space contains roughly 4 billion addresses, IPv6 has enough room for 3.4×10³⁸ unique addresses.

IPv6 addresses are typically composed of two logical parts: a 64-bit (sub-) network prefix, and a 64-bit host part, which is either automatically generated from the interface's MAC address or assigned sequentially. Because the globally unique MAC addresses offer an opportunity to track user equipment, and so users, across time and IPv6 address changes, RFC 3041 was developed to reduce the prospect of user identity being permanently tied to an IPv6 address, thus restoring some of the possibilities of anonymity existing at IPv4. RFC 3041 specifies a mechanism by which time-varying random bit strings can be used as interface circuit identifiers, replacing unchanging and traceable MAC addresses.

Notation

IPv6 addresses are normally written as eight groups of four hexadecimal digits, where each group is separated by a colon (:). For example,

2001:0db8:85a3:0000:0000:8a2e:0370:7334

is a valid IPv6 address. To shorten the writing and presentation of addresses, several simplifications to the notation are permitted.

Any leading zeros in a group may be omitted; thus, the given example becomes

2001:db8:85a3:0:0:8a2e:370:7334

One or any number of consecutive groups of 0 value may be replaced with two colons (::):

2001:db8:85a3::8a2e:370:7334

This substitution with double-colon may be performed only once in an address, because multiple occurrences would lead to ambiguity. For example, the illegal address notation 2001::FFD3::57ab, could represent 2001:0:0:0:0:FFD3:0:57ab, 2001:0:0:0:FFD3:0:0:57ab, 2001:0:0:FFD3:0:0:0:57ab, and 2001:0:FFD3:0:0:0:0:57ab.

Accordingly, the localhost (loopback) address, fully written as 0000:0000:0000:0000:0000:0000:0000:0001, may be reduced to ::1 and the undetermined IPv6 address (zero value), i.e., all bits are zero, is simply ::.

For example, the addresses below are all valid and equivalent:

2001:0db8:0000:0000:0000:0000:1428:57ab

2001:0db8:0000:0000:0000::1428:57ab

2001:0db8:0:0:0:0:1428:57ab

2001:0db8:0:0::1428:57ab

2001:0db8::1428:57ab

2001:db8::1428:57ab

The sequence of the last 4 bytes of the IPv6 address may optionally be written in dot-decimal notation, in the style of IPv4 addresses. This notation is convenient when working in a mixed (dual-stack) environment of IPv4 and IPv6 addresses, and IPv6 addresses are derived from IPv4 ones. The general form of the notation is x:x:x:x:x:x:d.d.d.d, where the x's are the 6 high-order groups of hexadecimal digits and the d's represent the decimal digit groups of the four low-order octets of the address. For example, ::ffff:12.34.56.78 is the same address as ::ffff:0c22:384e. Usage of this notation may not be widely supported.

RFC 4291 (IP Version 6 Addressing Architecture) provides additional information.

Prefix and network notation

An IPv6 network is a contiguous group of IPv6 addresses. The size of this block must be a power of 2, and the beginning of a block must be aligned on a bit boundary of the address space. The leading set of bits of the addresses, which are identical for all hosts in a given network, are called the network's address prefix.

Networks are written in CIDR notation: a network is denoted by the first address in the network and the size in bits of the prefix, separated by a slash "/". For example, the network written 2001:0db8:1234::/48 starts at address 2001:0db8:1234:0000:0000:0000:0000:0000 and ends at 2001:0db8:1234:ffff:ffff:ffff:ffff:ffff.

Network addresses should not be confused with the notation used for interface addresses under some operating systems. Under such systems, an interface address is written by combining the address of the interface with the prefix length of the network it is connected to. For example, an interface with address 2001:db8:a::123 connected to a /64 subnet is written 2001:db8:a::123/64.

IPv6 address types

IPv6 addresses are classified into three types:

· Unicast addresses. A unicast address identifies a single network interface. The protocol delivers packets sent to a unicast address to that specific interface. Unicast IPv6 addresses can have a scope which is reflected in more specific address names: global unicast address, link-local address, and unique local unicast address.

· Anycast addresses. An anycast address is assigned to a group of interfaces, usually belonging to different nodes. A packet sent to an anycast address is delivered to just one of the member interfaces, typically the “nearest” according to the routing protocol’s choice of distance. Anycast addresses cannot be identified easily: they have the structure of normal unicast addresses, and differ only by being injected into the routing protocol at multiple points in the network.

· Multicast addresses. A multicast address is also assigned to a set of interfaces that typically belong to different nodes. A packet that is sent to a multicast address is delivered to all interfaces identified by that address. Multicast addresses begin with an octet of one (1) bits, i.e., they have prefix FF00::/8. The four least-significant bits of the second address octet identify the address scope, i.e. the span over which the multicast address is propagated.

Commonly implemented scopes are node-local (0x1), link-local (0x2), site-local (0x5), organization-local (0x8), and global (0xE). The least-significant 112 bits of a multicast address form the multicast group identifier. Only the low-order 32 bits of the group ID are commonly used, because of traditional methods of forming 32 bit identifiers from Ethernet addresses. Defined group IDs are 0x1 for all-nodes multicast addressing and 0x2 for all-routers multicast addressing.

Another group of multicast addresses are solicited-node multicast addresses which are formed with the prefix FF02::1:FF00:0/104, and where the rest of the group ID (least significant 24 bits) is filled from the interface's unicast or anycast address. These addresses allow link-layer address resolution via Neighbor Discovery Protocol (NDP) on the link without disturbing all nodes on the local network.

Special Address

IANA maintains the official list of the IPv6 address space. Global unicast assignments can be found at the various RIR's or at the GRH DFP pages.

There are a number of addresses with special meaning in IPv6:

Unspecified address

::/128 — the address with all zero bits is called the unspecified address. This address must never be assigned to an interface and is to be used only in software before the application has learned its host's source address appropriate for a pending connection. Routers must not forward packets with the unspecified address.

Link local addresses

::1/128 — the loopback address is a unicast localhost address. If an application in a host sends packets to this address, the IPv6 stack will loop these packets back on the same virtual interface (corresponding to 127.0.0.1 in IPv4).

fe80::/10 — The link-local prefix specifies that the address is only valid in the scope of a given local link. This is analogous to the Autoconfiguration IP addresses 169.254.0.0/16 in IPv4.

Unique local addresses

fc00::/7 — unique local addresses (ULA) are routable only within a set of cooperating sites. They were defined in RFC 4193 as a replacement for site-local addresses (see below). The addresses include a 40-bit pseudorandom number in the routing prefix that intends to minimize the risk of conflicts if sites merge or packets are misrouted into the Internet. Despite the restricted, local usage of these addresses, they have a global address scope. This is a departure from the site-local address definition that unique local addresses replaced.

Multicast addresses

ff00::/8 — The multicast prefix designates multicast addresses[14] as defined in "IP Version 6 Addressing Architecture" (RFC 4291). Some of these have been assigned to specific protocols, for example ff0X::101 will reach all local NTP servers (RFC 2375).

Solicited-node multicast addresses

ff02::1:FFXX:XXXX — XX:XXXX are the 3 low order octets of the corresponding unicast or anycast address.

IPv4 transition

::ffff:0:0/96 — this prefix is used for IPv4 mapped addresses (see Transition mechanisms below).

2001::/32 — Used for Teredo tunneling.

2002::/16 — this prefix is used for 6to4 addressing.

ORCHID

2001:10::/28 — ORCHID (Overlay Routable Cryptographic Hash Identifiers) as per (RFC 4843). These are non-routed IPv6 addresses used for Cryptographic Hash Identifiers.

Documentation

2001:db8::/32 — this prefix is used in documentation (RFC 3849). The addresses should be used anywhere an example IPv6 address is given, or model networking scenarios are described.

deprecated, or obsolete designations

::/96 — the zero prefix was used for IPv4-compatible addresses; it is now obsolete.

fec0::/10 — The site-local prefix specifies that the address is valid only inside the local organization. Its use has been deprecated in September 2004 by RFC 3879 and new systems must not support this special type of address.

Link-local addresses and zone indices

All interfaces have an associated link-local address, that is only guaranteed to be unique on the attached link. Link local addresses are created in the fe80::/10 address space.

Because link-local addresses have a common prefix, normal routing procedures cannot be used to choose the outgoing interface when sending packets to a link-local destination. A special identifier, known as a zone index, is needed to provide the additional information; in the case of link-local addresses, zone indices correspond to interface identifiers.

When an address is written textually, the zone index is appended to the address, separated by a percent sign "%". The actual syntax of zone indices depends on the operating system:

· the Microsoft Windows IPv6 stack uses numeric zone indexes, e.g., fe80::3%1. The index is determined by the interface number.

· Some Unix-like systems (e.g., BSD and Linux) use the interface name as a zone index: fe80::3%eth0.

Zone index notations cause syntax conflicts when used in Uniform Resource Identifiers (URI), as the '%' character also designates percent-encoding.

Relatively few IPv6-capable applications understand address scope syntax at the user level, thus rendering link-local addressing inappropriate for many user applications. However, link-local addresses are not intended for most of such application usage and their primary benefit is in low-level network management functions, for example for logging into a router that for some reason has become unreachable.

Literal IPv6 addresses in network resource identifiers

Since an IPv6 address contains colon (":") characters, network administrators must take care to avoid conflicts with other syntactic meanings of the colon in network resource labels. In IPv4 the colon is used to separate an IP address from a transport protocol port number. This usage has been extended to IPv6, however, when a port is specified in an address string, the proper IPv6 address must be enclosed in square brackets ("[", "]"). This convention is used in other more complex identifiers.

Example: In a URL the IPv6-Address is enclosed in brackets, e.g.,

http://[2001:0db8:85a3:08d3:1319:8a2e:0370:7348]/.

If the URL also contains a port number the notation is:

https://[2001:0db8:85a3:08d3:1319:8a2e:0370:7344]:443/

This is not only useful but mandated when using shortform:

https://[2001:db8::1428:57ab]:443/

Additional information can be found in "RFC 2732 - Format for Literal IPv6 Addresses in URL's" and "RFC 3986 - Uniform Resource Identifier (URI): Generic Syntax."

In Microsoft Windows operating systems, IP addresses were also allowed in Uniform Naming Convention (UNC) path names. Since the colon is an illegal character in a UNC path name, the use of IPv6 addresses is also illegal in UNC names. For this reason, Microsoft has registered a second-level Internet domain, ipv6-literal.net, as a means to facilitate symbolic substitution. IPv6 addresses may be transcribed in the following fashion:

2001:0db8:85a3:08d3:1319:8a2e:0370:7348

is written as

2001-db8-85a3-8d3-1319-8a2e-370-7348.ipv6-literal.net

This notation is automatically resolved by Microsoft software without DNS queries to any name servers. If the IPv6 address contains a zone index, it is appended to the address portion after an 's' character:

fe80--1s4.ipv6-literal.net.

Source:
http://en.wikipedia.org/wiki/IPv6

IPv6 Packet Format

The IPv6 packet is composed of two main parts: the header and the payload.

Header

The header is in the first 40 octets (320 bits) of the packet and contains:

· Version - version 6 (4-bit IP version).

· Traffic class - packet priority (8-bits). Priority values subdivide into ranges: traffic where the source provides congestion control and non-congestion control traffic.

· Flow label - QoS management (20 bits). Originally created for giving real-time applications special service, but currently unused.

· Payload length - payload length in bytes (16 bits). When cleared to zero, the option is a "Jumbo payload" (hop-by-hop).

· Next header - Specifies the next encapsulated protocol. The values are compatible with those specified for the IPv4 protocol field (8 bits).

· Hop limit - replaces the time to live field of IPv4 (8 bits).

· Source and destination addresses - 128 bits each.

The payload can have a size of up to 64KiB in standard mode, or larger with a "jumbo payload" option.

Fragmentation is handled only in the sending host in IPv6: routers never fragment a packet, and hosts are expected to use PMTU discovery.

The protocol field of IPv4 is replaced with a Next Header field. This field usually specifies the transport layer protocol used by a packet's payload.

In the presence of options, however, the Next Header field specifies the presence of an extra options header, which then follows the IPv6 header; the payload's protocol itself is specified in a field of the options header. This insertion of an extra header to carry options is analogous to the handling of AH and ESP in IPsec for both IPv4 and IPv6.

Source:
http://en.wikipedia.org/wiki/IPv6

Features and Differences From IPv4

To a great extent, IPv6 is a conservative extension of IPv4. Most transport- and application-layer protocols need little or no change to work over IPv6; exceptions are applications protocols that embed network-layer addresses (such as FTP or NTPv3).

IPv6 specifies a new packet format, designed to minimize packet-header processing. Since the headers of IPv4 and IPv6 are significantly different, the two protocols are not interoperable.

Larger address space

IPv6 features a larger address space than that of IPv4: addresses in IPv6 are 128 bits long versus 32 bits in IPv4.

The very large IPv6 address space supports 2128 (about 3.4×1038) addresses, or approximately 5×1028 (roughly 295) addresses for each of the roughly 6.5 billion (6.5×109) people alive today. In a different perspective, this is 252 addresses for every observable star in the known universe.

While these numbers are impressive, it was not the intent of the designers of the IPv6 address space to assure geographical saturation with usable addresses. Rather, the longer addresses allow a better, systematic, hierarchical allocation of addresses and efficient route aggregation. With IPv4, complex Classless Inter-Domain Routing (CIDR) techniques were developed to make the best use of the small address space. Renumbering an existing network for a new connectivity provider with different routing prefixes is a major effort with IPv4, as discussed in RFC 2071 and RFC 2072. With IPv6, however, changing the prefix in a few routers can renumber an entire network ad hoc, because the host identifiers (the least-significant 64 bits of an address) are decoupled from the subnet identifiers and the network provider's routing prefix.

The size of a subnet in IPv6 is 264 addresses (64-bit subnet mask); the square of the size of the entire IPv4 Internet. Thus, actual address space utilization rates will likely be small in IPv6, but network management and routing will be more efficient.

Stateless address autoconfiguration

IPv6 hosts can configure themselves automatically when connected to a routed IPv6 network using ICMPv6 router discovery messages. When first connected to a network, a host sends a link-local multicast router solicitation request for its configuration parameters; if configured suitably, routers respond to such a request with a router advertisement packet that contains network-layer configuration parameters.

If IPv6 stateless address autoconfiguration (SLAAC) proves unsuitable, a host can use stateful configuration (DHCPv6) or be configured manually. In particular, stateless autoconfiguration is not used by routers, these must be configured manually or by other means.

Multicast

Multicast, the ability to send a single packet to multiple destinations, is part of the base specification in IPv6. This is unlike IPv4, where it is optional (although usually implemented).

IPv6 does not implement broadcast, the ability to send a packet to all hosts on the attached link. The same effect can be achieved by sending a packet to the link-local all hosts multicast group.

Most environments, however, do not currently have their network infrastructures configured to route multicast packets; multicasting on single subnet will work, but global multicasting might not.

Mandatory network layer security

Internet Protocol Security (IPsec), the protocol for IP encryption and authentication, forms an integral part of the base protocol suite in IPv6. IPSec support is mandatory in IPv6; this is unlike IPv4, where it is optional (but usually implemented). IPsec, however, is not widely used at present except for securing traffic between IPv6 Border Gateway Protocol routers.

Simplified processing by routers

A number of simplifications have been made to the packet header, and the process of packet forwarding has been simplified, in order to make packet processing by routers simpler and hence more efficient. Concretely,

• The packet header in IPv6 is simpler than that used in IPv4, with many rarely-used fields moved to separate options; in effect, although the addresses in IPv6 are four times larger, the (option-less) IPv6 header is only twice the size of the (option-less) IPv4 header.
• IPv6 routers do not perform fragmentation. IPv6 hosts are required to either perform PMTU discovery, perform end-to-end fragmentation, or to send packets smaller than the IPv6 minimum maximum packet size.
• The IPv6 header is not protected by a checksum, integrity protection is expected to be assured by a transport-layer checksum. In effect, IPv6 routers do not need to recompute a checksum when header fields (such as the TTL or Hop Count) change. This improvement may have been made obsolete by the development of routers that perform checksum computation at line speed using dedicated hardware.
• The Time-to-Live field of IPv4 has been renamed to Hop Limit, reflecting the fact that routers are no longer expected to compute the time a packet has spent in a queue.

Mobility

Unlike mobile IPv4, Mobile IPv6 (MIPv6) avoids triangular routing and is therefore as efficient as normal IPv6. However, since neither MIPv6 nor MIPv4 are widely deployed today, this advantage is mostly theoretical.

Options Extensibility

IPv4 has a fixed size (40 bytes) of option parameters. In IPv6, options are implemented as additional extension headers after the IPv6 header, which limits their size only by the size of an entire packet.

Jumbograms

IPv4 limits packets to 64 KiB of payload. IPv6 has optional support for packets over this limit, referred to as jumbograms, which can be as large as 4 GiB. The use of jumbograms may improve performance over high-MTU networks. The presence of jumbograms is indicated by the Jumbo Payload Option header.

Source:
http://en.wikipedia.org/wiki/IPv6

What is IPv6

According to Wikipedia, IPv6 is the next-generation Internet Layer protocol for packet-switched internetworks and the Internet. IPv4 is currently the dominant Internet Protocol version, and was the first to receive widespread use. In December 1998, the Internet Engineering Task Force (IETF) designated IPv6 as the successor to version 4 by the publication of a Standards Track specification, RFC 2460.

In December 2008, despite celebrating its 10-year anniversary as a Standards Track protocol, IPv6 was only in its infancy in terms of general world-wide deployment. Recent studies indicate that penetration is still less than one percent of Internet traffic in any country. The leaders are Russia (0.76%), France (0.65%), Ukraine (0.64%), Norway (0.49%), and the United States (0.45%). Although Asia leads in terms of absolute deployment numbers, the relative penetration is smaller (e.g., China: 0.24%). IPv6 is implemented on all major operating systems in use in commercial, business, and home consumer environments. According to the Google study, Mac OS leads in IPv6 penetration of 2.44%, followed by Linux (0.93%) and Windows Vista (0.32%).

IPv6 has a much larger address space than IPv4. This is based on the definition of a 128-bit address, whereas IPv4 used only 32 bits. The new address space thus supports 2128 (about 3.4×1038) addresses. This expansion provides flexibility in allocating addresses and routing traffic and eliminates the need for network address translation (NAT). NAT gained wide-spread deployment as an effort to alleviate IPv4 address exhaustion.

IPv6 also implements new features that simplify aspects of address assignment (stateless address autoconfiguration) and network renumbering (prefix and router announcements) when changing Internet connectivity providers. The IPv6 subnet size has been standardized by fixing the size of the host identifier portion of an address to 64 bits to facilitate automatic mechanism for forming the host identifier from Link Layer media addressing information (MAC address).

Network security is integrated by design in the IPv6 architecture. Internet Protocol Security (IPsec) was originally developed for IPv6, but found wide-spread optional deployment first in IPv4 into which it was re-engineered. The IPv6 specifications mandate IPsec implementation as a fundamental interoperability requirement.

The general requirements for implementing IPv6 on a network host are specified in RFC 4294.

MOTIVATION OF IPV6

The first publicly-used version of the Internet Protocol, Version 4 (IPv4), provides an addressing capability of about 4 billion addresses (2³²). This was deemed sufficient in the design stages of the early Internet when the explosive growth and worldwide distribution of networks were not anticipated.

During the first decade of operation of the TCP/IP-based Internet, by the late 1980s, it became apparent that methods had to be developed to conserve address space. In the early 1990s, even after the introduction of classless network redesign, it was clear that this was not enough to prevent IPv4 address exhaustion and that further changes to the Internet infrastructure were needed. By the beginning of 1992, several proposed systems were being circulated, and by the end of 1992, the IETF announced a call for white papers (RFC 1550) and the creation of the "IP Next Generation" (IPng) area of working groups.

The Internet Engineering Task Force adopted IPng on July 25, 1994, with the formation of several IPng working groups. By 1996, a series of RFCs were released defining Internet Protocol Version 6 (IPv6), starting with RFC 2460.

Incidentally, the IPng architects could not use version number 5 as a successor to IPv4, because it had been assigned to an experimental flow-oriented streaming protocol (Internet Stream Protocol), similar to IPv4, intended to support video and audio.

It is widely expected that IPv4 will be supported alongside IPv6 for the foreseeable future. IPv4-only nodes are not able to communicate directly with IPv6 nodes, and will need assistance from an intermediary.

Reference(s):
http://en.wikipedia.org/wiki/IPv6