IPv6 Theory and Practice: An Introduction to IPv6

With this article, I want to start the IPv6 cycle. I am an instructor at Cisco Academy, so if you know perfectly well the material of the new CCNA Routing & Switching, then most likely you will not find anything new in the cycle. It will focus on the structure and features of the IPv6 protocol, as well as its application on Cisco routers (RIP routing, OSPF, EIGRP, access control lists, etc. - how it goes). In the first article we will talk about the structure of the IPv6 packet, the address entry, the prefix. The second article of the cycle is available here . The information is suitable for beginners who, nevertheless, have some knowledge of IPv4 and OSI models.
The series of articles is based on the materials of my blog , which, in turn, are based on the experience of teaching, working with equipment and free translation and thinking about the official course of CCNA Routing & Switching.
So, let's begin. I will not dwell on the standard reasoning that IPv4 addresses are few, that NAT and proxies are crutches, that crutches are still working, and no one wants to switch to IPv6, instead, to the point.

IPv6 addresses

An IPv6 address consists of 128 bits, that is, it is 4 times longer than a 32-bit IPv4 address. Like IPv4, there are two parts to this address: the network and the host. That is, not all bits in the address have the same value. Part of the bits on the left (how much it depends on the prefix) denotes the network, the remaining bits on the right identify the device inside the network. The part responsible for storing host information is called an interface id. Unlike the previous version of the protocol, IPv6 does not use subnet masks, since they would be very long, using the prefix instead. which is also written through the slash after the address. For example, the prefix / 64 means that of 128 bits, the first 64 are the network, and the rest (in this case, the second 64) is the host. The prefix describes how many bits in the address are used to store network information.
The address itself is not written in decimal, but in hexadecimal - so much shorter. The address is divided into groups of 16 bits (hextets) and each group is represented by four hexadecimal digits. Hextets are separated from each other by a colon sign. Thus, an address consists of 8 hextets ([8 hextets] * [16 bits in a hextet] = [128 bits] - the total length of the address).

IPv6 shrinking

Example address: 2001: 0DB8: AA10: 0001: 0000: 0000: 0000: 00FB. It is rather inconvenient to work with such a long address, therefore, an abbreviated entry is used.
In order to shorten this address, two rules must be applied successively.

Rule 1

In each hextet (group of 4 digits), leading zeros are removed. For example, in the second hextet, 0DB0 is replaced with DB0. That is, the zero on the left is deleted, the zero on the right is not touched. If the hextet consists of only zeros, then it is replaced by one zero. Thus, the address 2001: 0DB0: 0000: 123A: 0000: 0000: 0000: 0030 is converted to 2001: DB0: 0: 123A: 0: 0: 0: 30. And, for example, the loopback address 0000: 0000: 0000: 0000: 0000: 0000: 0000: 0001 is replaced by 0: 0: 0: 0: 0: 0: 0: 1.

Rule 2

This rule applies only after the first one. One longest group consisting of completely zero hextets is selected for the address, that is, the longest sequence “: 0: 0: 0:” and is replaced with two colons “::”. This replacement can be made only once and only with the longest sequence, since if we, for example, made such a replacement in two places of the address, then it would be impossible to recover how many hextets we replaced in the first and second cases. Important point: you cannot replace one group from: 0: with ::, rule two is applicable only if there is more than one zero group.
For example, take the address from the previous replacement 2001: DB0: 0: 123A: 0: 0: 0: 30. The longest sequence of completely empty hextexts is “: 0: 0: 0:”, it begins immediately after the “123A” hextet. There is also a sequence of one empty hextet (between “DB0” and “123A”), but this one is longer, so we will replace it. The address will be quite small: 2001: DB0: 0: 123A :: 30, of course, longer than IPv4 addresses, but much shorter than the original one.

Getting the original address by abbreviated entry

This procedure is rather trivial if we are already able to reduce addresses.
First you need to calculate how many hextets in the address remain. In our case, in the address 2001: DB0: 0: 123A :: 30, 5 hextets remained. We know that the address must consist of eight haxtets - then instead of "::" we return three missing zeroes, we get 2001: DB0: 0: 123A: 0: 0: 0: 30. Now in each group, where less than four digits, we add such a number of zeros to the left so that there are four digits in the group. As a result, we obtain the original address 2001: 0DB0: 0000: 123A: 0000: 0000: 0000: 0030.

Examples

Now, to consolidate understanding, we give some examples of the abbreviation of addresses. We will shorten according to the rules in two stages.

• FF80: 0000: 0000: 0000: 0123: 1234: ABCD: EF12 → FF80: 0: 0: 0: 123: 1234: ABCD: EF12 → FF80 :: 123: 1234: ABCD: EF12
• FF02: 0000: 0000: 0000: 0000: 0001: FF00: 0300 → FF02: 0: 0: 0: 0: 1: FF00: 300 → FF02 :: 1: FF00: 300
• 2001: 0DB8: 0000: 1111: 0000: 0000: 0000: 0200 → 2001: DB8: 0: 1111: 0: 0: 0: 200 → 2001: DB8: 0: 1111 :: 200
• 0000: 0000: 0000: 0000: 0000: 0000: 0000: 0001 → 0: 0: 0: 0: 0: 0: 0: 1 → :: 1
• 0000: 0000: 0000: 0000: 0000: 0000: 0000: 0000 → 0: 0: 0: 0: 0: 0: 0: 0 → ::

The loopback address looks abbreviated as particularly elegant :: 1. Even if you are not using IPv6, but you are working on one of the modern operating systems, you probably have this protocol installed. This is easily verified by pinging a loopback.

ping ::1 Pinging ::1 with 32 bytes of data: Reply from ::1: time<1ms Reply from ::1: time<1ms Reply from ::1: time<1ms Reply from ::1: time<1ms Ping statistics for ::1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms 

When using an IPv6 address as a URL, it must be enclosed in square brackets, and if you need to specify a port in the URL, you should write it outside the brackets - http: // [2001: 0db8: 11a3: 09d7: 1f34: 8a2e: 07a0: 765d]: 8080 /.

Types of IPv6 addresses

There are several types of addresses:

• Global unicast ( Global unicast ) is an analogue of public addresses in IPv4. Most of all addresses belong to this class. These addresses must be unique throughout the Internet, they are issued by IANA to regional registrars, they are issued to providers, and providers are issued to customers. The range of these addresses is all addresses whose first three bits are equal to “001”, which means all addresses whose first hextet lies in the range from 2000 to 3FFF. From this group, the network 2001: 0DB8 :: / 32 is singled out, which, according to the specification, is used for examples and documentation.
• Local addresses ( Link-local ) - addresses used to interact with other devices on the same local network. A distinctive feature of these addresses is that traffic "from" or "to" these addresses are not routed and, in principle, cannot go beyond the network in which it was created. Uniqueness from these addresses is not required - on each network they may be the same. Addresses are used for various special purposes, for example, for the procedure of finding neighbors (similar to ARP in IPv6). The range of such addresses FE80 :: / 10 - which means all addresses whose first hexet is in the range from FE80 to FEBF.
• Multicast addresses ( Multicast ) - addresses used for multicast distribution. All these addresses are in the FF00 :: / 8 range, which in Russian means “Everything that begins with FF”. It must be said that multicast in IPv6 plays an important role, since there are no broadcast packets in it and all mailings are made multicast. This is a very big topic, so we'll talk about multicast in IPv6 in one of the following articles.
• Loopback is a special address :: 1. All packets going to it do not go beyond the device, but fall back to the IP level. Thus, this address is similar to 127.0.0.1 in IPv4. Using the ping :: 1 command, you can check whether the TCP / IP and IPv6 protocols stack in particular is installed on the computer.
• Unspecified address - an address consisting of all zeros. It is written in abbreviated form as "::". Such an address cannot be assigned to an interface, but can be used in some packets as the sender's address. For example, when the device has not yet received an IP address using the automatic configuration, about it is also in one of the following articles.
• Unique local addresses ( Unique local ) are analogous to private IPv4 addresses, that is, they can be routed within our internal network, but cannot be announced on the Internet. In general, IPv6 implies the rejection of private addresses in the sense in which they were used before. In IPv4, private addresses are used mainly due to the lack of public and only sometimes for security reasons. In IPv6, local addresses should be used only if, for security reasons, traffic from this network and into it should not go beyond our area of ​​responsibility. In all other cases, global unicast addresses should be used.
• IPv4 addresses mapped to IPv6 ( IPv4 embedded ) are addresses of the form :: ffff: xxxx: xxxx, where xxxx: xxxx is some IPv4 address translated into hexadecimal. These addresses are used for non-IPv6 devices and provide a way to map the address space of the old protocol version to the new address space.

Above it was said that the client is usually given a huge network (64 bits prefix), and the first 64 bits is the network identifier. It is clear, however, that this network itself also has a hierarchical structure. As a rule, the regional registrar gives the provider a network with the / 48 prefix, and the provider adds another 16 bits from itself and receives 65536 networks with the / 64 prefix, which they then give to their customers.
UPD1: Comments suggest “Regional registrars have long given / 32 default networks or more addresses if you can justify why.”
UPD2: Important note in the comments regarding IPv4 embedded addresses: “Mapped-addresses are used primarily in dual-stack. When you create one IPv6 socket for both protocols (IPv4 and IPv6), and IPv6 addresses are used everywhere. That is, if data through IPv4 came through this socket, the address will still be shown as the above described IPv6 mapped address. At the link level there will be no difference at all. There will be good old IPv4, the only difference is in the unification of the display for the user. "
UPD3: The second article of the cycle is ready.
UPD4: Attentive user informed me about the abbreviation of addresses interesting information, which I did not know. Rule 2 , RFC5952, is applicable only when we have more than one group consisting of zeros. That is ...: 0: ... can not be replaced by ... :: ..., and ...: 0: 0: ... - is already possible.