IPv6 address
An IPv6 address is 128 bit value, with a logical structure, which can be assigned on a network interface, making the host reachable over IPv6 on that interface on that address. An IPv6 address can be assigned on an interface that has an IPv4 address assigned also. IPv6 Addresses are part of the IPv6 header where they indicate origin and destination of the IPv6 datagram.
Source IPv6 addresses are always unicast addresses, uniquely indentifying the originating interface. Destination IPv6 addresses are unicast, anycast, or multicast addresses.
Structure
Addresses are 128 bits long[1] and are typically composed of two logical parts: a 64-bit (sub-)network prefix used for routing, and a 64-bit host part used to identify a host within the network.
A network prefix consists of an ISP assigned value in the most significant 48 bits of the address. The next 16 bits are available to the network administrator to define subnets within the given network.
The lower 64 bits of an address are either automatically generated from the interface's MAC address (using modified EUI-64 format), obtained from a DHCPv6 server, or assigned manually.
Notation
Single Addresses
Any IPv6 address can be written as eight groups of four hexadecimal digits (each group representing 16 bits, or two octets), where each group is separated by a colon (:
). This, for example, is a valid IPv6 address:
2001:0db8:85a3:0000:0000:8a2e:0370:7334
To shorten the writing and presentation of addresses, two simplifications and one alternative notation are permitted.
- Leading zeroes
Leading zeroes in a group may be omitted (but at least one digit per group must be left). The address above could be written as:
2001:db8:85a3:0:0:8a2e:370:7334
- Groups of zeroes
A string of consecutive all-zero groups may be replaced by two colons. In order to avoid ambiguity, this simplification may only be applied once. The address above would typically be written as:
2001:db8:85a3::8a2e:370:7334
The localhost (loopback) address (0:0:0:0:0:0:0:1
) and the IPv6 undetermined address (0:0:0:0:0:0:0:0
) can thus be reduced to ::1
and ::
respectively.
- Dotted-quad notation
Alternatively, the final 32 bits of an address can be written using the familiar IPv4 dotted-quad notation. This notation is normally only used with IPv4-mapped and IPv4-compatible addresses (see below).
For example, the IPv4 mapped address ::ffff:c000:280
would usually be written as ::ffff:192.0.2.128
, thus revealing more clearly the original IPv4 address that was mapped to IPv6.
Networks
An IPv6 network is a contiguous group of IPv6 addresses of a size that is a power of two. The leading set of bits of the addresses, which are identical for all hosts in a given network, are called the network's address prefix.
Networks are written in CIDR notation: a network is denoted by the first address in the network (ending in all zeroes, compressed to ::
), a slash (/), and the size in bits of the address prefix. For example, the network written 2001:0db8:1234::/48
starts at address 2001:0db8:1234:0000:0000:0000:0000:0000
and ends at 2001:0db8:1234:ffff:ffff:ffff:ffff:ffff
.
As a further notational shorthand, when writing both a node's address and its subnet prefix, they may be combined.
For example, the configuration of an interface with address 2001:db8:a::123
connected to subnet 2001:db8:a::/64
may be written as 2001:db8:a::123/64
.
Address block sizes
To indicate just the size of a block of addresses, without specifying which specific addresses are in the block, a slash (/) and the size of the network prefix is used. For instance, an address block with 48 bits in the prefix is indicated by /48
. Such a block contains 2128 − 48 = 280 addresses. The smaller the size of the network prefix, the larger the block: a /21
block is 8 times larger than a /24
block.
Literal IPv6 addresses in Network Resource Identifiers
Colon (:
) characters in IPv6 addresses may conflict with other syntactic meanings of the colon in network resource identifiers.[2]
There, a colon is used to separate an IP address from a transport protocol port number. To distinguish a port number from an IPv6 address the proper IPv6 address must be enclosed in square brackets: [
and ]
.
In a URL the IPv6 address is enclosed in brackets, e.g.:
http://[2001:0db8:85a3:08d3:1319:8a2e:0370:7348]/.
If the URL also contains a port number the notation is:
https://[2001:0db8:85a3:08d3:1319:8a2e:0370:7348]:443/
Literal IPv6 addresses in UNC path names
In Microsoft Windows operating systems, IP addresses were also allowed in Uniform Naming Convention (UNC) path names. Since the colon is an illegal character in a UNC path name, the use of IPv6 addresses is also illegal in UNC names. For this reason, Microsoft has registered a second-level Internet domain, ipv6-literal.net, as a means to facilitate symbolic substitution. IPv6 addresses may be transcribed in the following fashion:
2001:0db8:85a3:08d3:1319:8a2e:0370:7348
is written as
2001-db8-85a3-8d3-1319-8a2e-370-7348.ipv6-literal.net
This notation is automatically resolved by Microsoft software without DNS queries to any name servers. If the IPv6 address contains a zone index, it is appended to the address portion after an 's' character:
fe80--1s4.ipv6-literal.net
IPv6 address types
IPv6 addresses are classified into three types:[1]
- Unicast addresses
- A unicast address identifies a single network interface. The protocol delivers packets sent to a unicast address to that specific interface.
- Anycast addresses
- An anycast address is assigned to a group of interfaces, usually belonging to different nodes. A packet sent to an anycast address is delivered to just one of the member interfaces, typically the “nearest” according to the routing protocol’s choice of distance. Anycast addresses cannot be identified easily: they have the structure of normal unicast addresses, and differ only by being injected into the routing protocol at multiple points in the network.
- Multicast addresses[3]
- A multicast address is also assigned to a set of interfaces that typically belong to different nodes. A packet that is sent to a multicast address is delivered to all interfaces identified by that address. Multicast addresses begin with an octet of one (1) bits, i.e., they have prefix
ff00::/8
.
There are no broadcast addresses in IPv6, since its role is subsumed by multicast to the "all-nodes" link-local multicast group ff02::1
. However, the use of the all-nodes group is not recommended, and most IPv6 protocols use a dedicated link-local multicast group instead.
IPv6 address scopes
Every IPv6 address has a "scope", which specifies in which part of the network it is valid and unique.
- Unicast Addresses
- The loopback address has node-local scope, since it is only valid on the local node.
- Link-local addresses have link-local scope, which means that are to be used in the directly attached network (or 'link').
- All other addresses (including unique local addresses) have global (or universal) scope, which means they are globally unique, and can be used to connect to addresses with global scope anywhere, or addresses with link-local scope on the directly attached network.
- Anycast addresses
- The scope of an anycast address is defined identically to that of a unicast address.
- Multicast Addresses
- The four least-significant bits of the second address octet of a multicast address (
ff0s::
) identify the address scope, i.e. the span over which the multicast address is propagated. - Currently defined scopes are node-local (0x1), link-local (0x2), site-local (0x5), organization-local (0x8), and global (0xE).
IPv6 Address Space
The IPv6 address allocation management was delegated to IANA in December 1995[4] by the Internet Architecture Board and the Internet Engineering Steering Group. Its main function is the assignment of (large) address blocks to regional registries, which have the delegated task of allocating specific addresses to network service providers and subregional registries. The IANA maintains the official list of the IPv6 address space since December 1995 and is still doing so today.
Only one eighth of the total address space is currently assigned for use in the Internet; the bulk of the IPv6 address space is reserved for future use. Since IPv6 is fully classless and to facilitate the use of route aggregation (to reduce the size of Internet routing tables) the 2000::/3
address space is assigned to the five RIRs—on a basis of global regions—in (very) large chunks (/23
up to /12
). RIRs assign smaller blocks to ISPs, which then distribute this in /48
sized parts to their clients. Global unicast assignments can be found at the various RIRs or at the GRH DFP pages.
IPv6 addresses are assigned to organisations at an incredible rate compared to IPv4 addresses—a typical /48
block contains a number of addresses that is 248 or 7.9×1027 times bigger than the entire IPv4 address space. The available addresses will not run out in the foreseeable future, however, because there are 2128 or about 3.4×1038 (340 trillion trillion trillion) unique IPv6 addresses.
Each RIR can divide each of its multiple /23
blocks into 512 /32
blocks, typically one for each ISP; an ISP can divide its /32
block into 65536
/48
blocks, typically one for each customer; customers can create 65536 /64
networks from their assigned
/48
block, each having a number of addresses that is the square of the number of addresses of the entire IPv4 address space, which only has 232 or 4.1×109 addresses.
By design, only a very small fraction of the address space will actually be used. The large address space ensures that addresses are always available, which makes the use of Network Address Translation (NAT) unnecessary. NAT is increasingly used in IPv4 to alleviate the current IPv4 address exhaustion.
Special addresses
There are a number of addresses with special meaning in IPv6:[5][6]
- Unspecified address
::/128
— the address with all zero bits is called the unspecified address (corresponding to 0.0.0.0
in IPv4).
This address must never be assigned to an interface and is to be used only in software before the application has learned its host's source address appropriate for a pending connection. Routers must not forward packets with the unspecified address.
Applications may be listening on one or more specific interfaces for incoming connections, which are shown in listings of active internet connections by a specific IP address (and a port number, separated by a colon). When the unspecified address is shown it means that an application is listening for incoming connections on all available interfaces.
- Default Route
::/0
is the default unicast route address (corresponding to 0.0.0.0
with netmask 0.0.0.0
in IPv4).
- Local addresses
::1/128
— the loopback address is a unicast localhost address. If an application in a host sends packets to this address, the IPv6 stack will loop these packets back on the same virtual interface (corresponding to 127.0.0.1
in IPv4).
fe80::/10
— Addresses in the link-local prefix are only valid on a single link. A link-local address is required on every IPv6-enabled interface -- in other words, applications may rely on the existence of a link-local address even when there is no IPv6 routing. These addresses are comparable to the auto-configuration addresses 169.254.0.0/16
of IPv4.
- Unique local addresses
fc00::/7
— Unique local addresses (ULA's) are intended for local communication. They are routable only within a set of cooperating sites (analogous to the private address ranges 10/8
, 172.16/12
, and 192.168/16
of IPv4[7]). The addresses include a 40-bit pseudorandom number in the routing prefix that intends to minimize the risk of conflicts if sites merge or packets are misrouted into the Internet. Despite the restricted, local usage of these addresses, their address scope is global, i.e. they are expected to be globally unique.
- Solicited-Node multicast addresses
ff02::1:ff00:0/104
— the least significant 24 bits of the group ID are filled with the least significant 24 bits of the interface's unicast or anycast address. These addresses allow link-layer address resolution via Neighbor Discovery Protocol (NDP) on the link without disturbing all nodes on the local network. A host is required to join a Solicited-Node multicast group for each of its configured unicast or anycast addresses.
- IPv4 transition
::ffff:0:0/96
— this prefix is used for IPv4-mapped addresses. This address type allows the transparent use of the Transport Layer protocols over IPv4 through the IPv6 networking API. Server applications only need to open a single listening socket to handle connections from clients using IPv6 or IPv4 protocols. IPv6 clients will be handled natively by default, and IPv4 clients appear as IPv6 clients with an appropriately mapped address. It can also be used to establish IPv4 connections specifically with an IPv6 socket. While the network protocol on the transmission medium is IPv4, the connection is presented as an IPv6 interface to the application. (See also Transition mechanisms.)
::ffff:0:0:0/96
— a prefix used for IPv4-translated addresses which are used by the Stateless IP/ICMP Translation (SIIT) protocol.
2002::/16
— this prefix is used for 6to4 addressing. Here, an address from the IPv4 network 192.88.99.0/24
is also used.
- Special Purpose Addresses[8]
The IANA has been allocated a so-called 'Sub-TLA ID' address block[9] which consists of the address range 2001:0000::/29 - 2001:01F8::/29
. Three assignments from this block have been made:
2001:0000::/32
— used for Teredo tunneling (which also falls into the category of IPv6 transition mechanisms).
2001:0002::/48
— Assigned to the Benchmarking Methodology Working Group (BMWG)[10] for benchmarking IPv6 (corresponding to 198.18.0.0/15
for benchmarking IPv4).
2001:10::/28
— ORCHID (Overlay Routable Cryptographic Hash Identifiers)[11]. These are non-routed IPv6 addresses used for Cryptographic Hash Identifiers.
- Documentation
2001:db8::/32
— this prefix is used in documentation[12]. The addresses should be used anywhere an example IPv6 address is given or model networking scenarios are described (corresponding to 192.0.2.0/24
in IPv4).
- Deprecated and obsolete addresses
Temporary addresses
Because the globally unique MAC addresses offer an opportunity to track user equipment, and so users—across time and IPv6 network prefix changes—RFC 4941 was developed to reduce the prospect of user identity being permanently tied to an IPv6 address, thus restoring some of the possibilities of anonymity existing at IPv4. RFC 4941 specifies a mechanism by which time-varying random bit strings can be used as interface circuit identifiers, replacing unchanging and traceable MAC addresses. These addresses can be used as source address for outgoing connections, while incoming connections use a public address that was registered in the DNS.
Link-local addresses and zone indices
All interfaces have an associated link-local address, that is only guaranteed to be unique on the attached link. Link local addresses are defined by the address prefix fe80::/10, with the only allocated subnet (54 bits) being zero, such that a standards-based link-local address has an effective format fe80::/64. The least significant 64 bits are usually chosen as the interface hardware address constructed in modified EUI-64 format.
Because all link-local addresses in a host have a common prefix, normal routing procedures cannot be used to choose the outgoing interface when sending packets to a link-local destination. A special identifier, known as a zone index, is needed to provide the additional routing information; in the case of link-local addresses, zone indices correspond to interface identifiers.
When an address is written textually, the zone index is appended to the address, separated by a percent sign "%". The actual syntax of zone indices depends on the operating system:
- the Microsoft Windows IPv6 stack uses numeric zone indexes, e.g., fe80::3%1. The index is determined by the interface number;
- most Unix-like systems (e.g., BSD, Linux, Mac OS X) use the interface name as a zone index: fe80::3%eth0.
Zone index notations cause syntax conflicts when used in Uniform Resource Identifiers (URI), as the '%' character also designates percent-encoding.[13]
IPv6 addresses in the Domain Name System
IPv6 addresses are represented in the Domain Name System by AAAA resource records (so-called quad-A records) for forward lookups. Reverse lookup takes place under ip6.arpa
(previously ip6.int
), where name space is allocated by the ASCII representation of nibble units (digits) of the hexadecimal IP address. This scheme, which is an adaptation of the IPv4 method under in-addr.arpa, is defined in RFC 3596.
Consider a host named derrick with Unique Local Address fdda:5cc1:23:4::1f
. To represent this address in the DNS two records are needed:
derrick.example.com. IN AAAA fdda:5cc1:23:4::1f
in the forward mapping zone.
For the reverse mapping zone the (rather awkward) record
f.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.0.0.0.3.2.0.0.1.c.c.5.a.d.d.f IN PTR derrick.example.com.
takes care of the mapping of the IPv6 address back to the name derrick.
The DNS protocol is independent of its transport layer. Queries and replies may be transmitted over IPv6 or IPv4 transports regardless of the address family of the data requested.
RFC 3484 specifies how applications should select an IPv6 or IPv4 address for use, including addresses retrieved from DNS. If both IPv4 and IPv6 addresses are available and equally suitable for communication the IPv6 address is preferred, unless this policy is explicitly changed by an administrator.
AAAA record fields
NAME
Domain name
TYPE
AAAA (28)
CLASS
Internet (1)
TTL
Time to live in seconds
RDLENGTH
Length of RDATA field
RDATA
String form of the IPV6 address[1]
Transition challenges
As of 2009, many DNS resolvers in home-networking NAT devices and routers still handle AAAA records improperly.[14] Some of these simply drop DNS requests for such records, instead of properly returning the appropriate negative DNS response. Because the request is dropped, the host sending the request has to wait for a timeout to trigger. This often causes a perceived slow down when connecting to IPv6 hosts.
Historical notes
- The site-local prefix
fec0::/10
specifies that the address is valid only within the site network of an organization. It was part of the original addressing architecture[15] in 1995, but its use has been deprecated in September 2004[16] due to an insufficiently clear definition of site, which led to confusing routing rules. New systems must not support this special type of address. In 2005, a new specification[17] replaced this address type with unique local addresses.
- The 96-bit zero-value prefix
::/96
, originally known as IPv4-compatible addresses, was mentioned in 1995[15] but first described in 1998[21]. This class of addresses were used to represent IPv4 addresses within an IPv6 transition technology. Such an IPv6 address has its first (most significant) 96 bits set to zero, while its last 32 bits are the IPv4 address that is represented. In February 2006 the Internet Engineering Task Force (IETF) has deprecated the use of IPv4-compatible addresses.[1] The only remaining use of this address format is to represent an IPv4 address in a table or database with fixed size members that must also be able to store an IPv6 address.
References
- ^ a b c d Hinden, R.; Deering, S. (Februari 2006).IP Version 6 Addressing Architecture. IETF. RFC 4291.
- ^ Berners-Lee, T.; Fielding, R.; Masinter, L. (January 2005). Uniform Resource Identifier (URI): Generic Syntax IETF. STD 66, RFC 3986.
- ^ IP Version 6 multicast addresses
- ^ IAB; IESG (December 1995). IPv6 Address Allocation Management IETF. RFC 1881.
- ^ RFC 5156 Special-Use IPv6 Addresses, M. Blanchet, April 2008.
- ^ RFC 3330 Special-Use IPv4 Addresses, IANA, September 2002
- ^ RFC 1918 Address Allocation for Private Internets, Y. Rekhter, B. Moskowitz, D. Karrenberg, G.J. de Groot, E. Lear, February 1996.
- ^ RFC 4773 Administration of the IANA Special Purpose IPv6 Address Block, G. Huston, December 2006.
- ^ RFC 2928 Initial IPv6 Sub-TLA ID Assignments, R. Hinden, S. Deering, R. Fink, T. Hain, September 2000.
- ^ RFC 5180 IPv6 Benchmarking Methodology for Network Interconnect Devices, C. Popoviciu, A. Hamza, G. Van de Velde, D. Dugatkin, May 2008.
- ^ RFC 4843 An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers (ORCHID), P. Nikander, J. Laganier, F. Dupont, April 2007. Status of this RFC is Experimental.
- ^ RFC 3849 IPv6 Address Prefix Reserved for Documentation, G. Huston, A. Lord, P. Smith, July 2004.
- ^ Formats for IPv6 Scope Zone Identifiers in Literal Address Formats
- ^ RFC 4697 Observed DNS Resolution Misbehavior, M. Larson, P. Barber. October 2006.
- ^ a b R. Hinden, S. Deering, RFC 1884 IP Version 6 Addressing Architecture, December 1995.
- ^ C. Huitema, B. Carpenter, RFC 3879 Deprecating Site Local Addresses, September 2004.
- ^ R. Hinden, B. Haberman, RFC 4193 Unique Local IPv6 Unicast Addresses, October 2005.
- ^ RFC 4147 Proposed Changes to the Format of the IANA IPv6 Registry, G. Houston, August 2005.
- ^ RFC 1888 OSI NSAPs and IPv6, J. Bound, B. Carpenter, D. Harrington, J. Houldsworth, A. Lloyd, August 1996.
- ^ RFC 4048 RFC 1888 Is Obsolete, B. Carpenter, April 2005.
- ^ a b RFC 2471 IPv6 Testing Address Allocation, R. Hinden, R. Fink, J. Postel, December 1998.
- ^ RFC 3701 6bone (IPv6 Testing Address Allocation) Phaseout, R. Fink, R. Hinden, March 2004.
External links