IPv6 – Overview
The good news is that IPv6 principles are very similar to those of IPv4. Moreover, networks and client applications can make the transition to IPv6 easily. One stumbling block is that we humans struggle to see patterns within these new large hexadecimal numbers. It is my objective to give meaning to IP addresses such as: 2001:0618:71A3:0801:1319:0211:FEC2:82DC, and thus explain the difference between IPv4 and IPv6 addresses.
Topics for Getting to Know an IPv6 Address
- US Government decrees
- Five Key IPv6 Concepts
- IPv6 – The Maths Behind the Numbers
- IPv6 Address Format (RFC 3587 and 2374)
- Practical Tasks to Understand the IPv6 Address
- Migrating from IPv4 to IPv6
- Free IP Address Tracker
Before we get to know the new IPv6 hexadecimal numbers, I would like to say a few words about why you need a working knowledge of IPv6 address schemes. What made me suddenly sit up and take notice was when I read that the USA government has decreed that all federal agencies must be IPv6 compliant by June 2008. Previously, I pigeon-holed IPv6 in the category of having more false dawns than teams like the Arizona Cardinals (NFL), or Newcastle United (Soccer).
China and India will want a lot more IP addresses to become a presence on the internet. Moreover, developed countries need additional IP addresses for cell phones and other mobile devices. Cisco have analysed the data, and conclude that IANA’s allocation pool of IPv4 addresses will probably run out in between 3 and 10 years.
This assessment of the available IPv4 pool takes into account Stanford who have handed over their Class A addresses so that the rest of the world can benefit. Although techniques such as NAT and Supernetting (CIDR) have extended the useful life of IPv4 on the internet; in 2008 they are seen as limited, and are now only helping to choke internet communication.
At their heart, both IPv4 and IPv6 are level 3 routing protocols. However IPv6 is just that bit quicker, smarter and lot more scaleable. Nevertheless, it is the realization that the 32bit IPv4 just cannot deliver sufficient unique addresses, which has been the driving force to upgrade to a 128bit IPng (new generation), or IPv6 as it’s better known.
Here are five keywords that will aid your understanding should you read IPv6 RFC (Request for comments) articles: Stateful and Stateless; Link-Local and Site-Local addresses, also ND (Neighbor Discovery)
- A stateful IP address is one given by a DHCP server. Usually DHCP gives more information than just the IP address, for example the IP address of the DNS server and also the default gateway.
- A stateless IP address is one that is automatically configured by router discovery. The host assigns itself an IPv6 address automatically rather like the IPv4 APIPA.
- Link-Local IPv6 addresses only allow connections with neighbors on that subnet (link), these addresses beginning with FE80 are not forwarded by routers. End of story.
- Site-Local addresses are routable, but not to the internet, thus hosts with Site-Local IPv6 addresses can use private (not ICANN) IP addresses, AND can connect to any other Site-Local address within the organization. All Site-local addresses begin with FEC0.
- ND (Neighbor Discovery) Replaces IPv4’s ARP and ICMP Router Discovery. The idea is for machines to discover information about their nearest router. In addition, if an IPv6 stack can obtain information about other hosts, then it won’t duplicate their IP addresses should it need to use Autoconfiguration.
It is well-known that there are lies, damn lies and statistics. In the case of IP numbers, your three best friends are estimation, approximation and the big picture. My point is mathematicians told us that IPv4, with its 32bit number, would generate 4,294,967,296 possible IP addresses, in practice it turned out there were only about 17 million useful addresses. What springs to mind is Oscar Wilde’s adage ‘A cynic (mathematician) is a man who knows the price of everything but the value of nothing’.
With the 128bit IPv6 addresses, the same mathematicians say there should be 340,300,000,000,000,000,000,000,000,000,000,000,000,000 IP addresses. Guy guestimates that there may be as few as: 18,000,000,000,000 useful IPv6 addresses. This shortfall is partly due to reserved and unassigned bits in the 128bit address. The other reason for this reduced number of usable IP addresses is a design feature whereby 64bits are taken up with the Interface ID (Mac Number), I will explain more of this later.
Even with my extremely low estimate, no worries, it means that everybody on the planet could be given 3,000 IP addresses. In my mind’s eye I see: one for their computer, one for their phone, car, fridge, cooker and every other appliance – then some.
NTM will produce a neat diagram of your network topology. But that’s just the start;Network Topology Mapper can create an inventory of the hardware and software of your machines and network devices. Other neat features include dynamic update for when you add new devices to your network. I also love the ability to export the diagrams to Microsoft Visio.
Finally, Guy bets that if you test drive the Network Topology Mapper then you will find a device on your network that you had forgotten about, or someone else installed without you realizing!
Download your 14 day free trial ofSolarWinds Network Topology Mapper
IPv6 Address – Making Sense of the Actual Hex Numbers
Do these four numbers mean anything to you: 192.168.0.1? If you see an IP address of 10.0.0.1 do you think hmm… private network? Could 169.254.x.y indicate no DHCP server available? If any of the foregoing numbers ring a bell then clearly you have a working knowledge of IP4. What I would like to do is give you a similar basic understanding of IPv6.
IPv6 numbers are in hexadecimal (base 16 instead of base 10). Therefore you will see IP addresses containing not only numbers, but also the letters ABCDEF, for example: 2001:0618:71A3:08D3:1319:8A2E:0370:7017. As you can see, 128bit numbers are split into 8 groups of 16bit. Observe how each group is separated by a colon rather than a dot. It is readily apparent that this scheme dramatically expands on IPv4s 4 groups of 8bit numbers. Surprisingly, the hex letters are not case sensitive.
Private networks won’t need to assign the full range of IPv6 numbers; hence many of the address values will be zero. In this circumstance, thanks to compressing the zeros, you will see simpler notation, for example, instead of FD01:0000:0000:0000:0000:0000:0000:0002, you will see FD01::2. Note the double colon :: indicating compression of the intervening zeros. Thus the term ‘compression’ in IPv6 refers to the notation and not to the protocol packets themselves. Incidentally, you can only use the double colon once in each IP address.
The biggest reason that there will be fewer IPv6 addresses than the theoretical maximum is that each 64bit number will include the MAC address of the host. While incorporating the hardware address cuts down the available numbers, it makes this protocol more efficient, secure and useful than IPv4.
Here are 3 or 4 different ways of describing the IPv6 address format.
Global Routing Prefix | Subnet ID | Interface ID
Subscriber ID |
(Top Level Routing ID) | (Organise Sites) | (MAC Address)
Slightly more information about the first 4 bytes:
3 | 13 | 32 | 16 | (64-bit Interface ID)
001 | Top Level Aggregate Identifier | Next-level Aggregate ID | Site-level Aggregate Identifier
001 | TLA ID | NLA ID | SLA ID
Each IP address can be divided into sections. The first part contains routing information, while in the middle holds the site identifier and subnetting information. The last part of the hex address has the interface ID which is the 48-bit link-layer (MAC) address plus a 16-bit global identifier.
When it comes to describing IPv6 ranges, subnets or even routing prefixes there is are new conventions.
FD01::/8 is an address range
2001:0618:71A3:08D3::/64 is a subnet prefix
2001:0618::/32 is a route prefix
N.B. There is no hexadecimal equivalent of an IPv4 subnet mask.
If you want to know the bit-by-bit significance of each number in IPv6, the ultimate fountain of knowledge is held in ‘Refer For Comments’ documents such as RFC 3587 and RFC 2374, also 3315 for DHCP. These articles are freely available on the internet.
SolarWinds’ Network Performance Monitor will help you discover what’s happening on your network. This utility will also guide you through troubleshooting; the dashboard will indicate whether the root cause is a broken link, faulty equipment or resource overload.
Perhaps the NPM’s best feature is the way it suggests solutions to network problems. Its second best feature is the ability to monitor the health of individual VMware virtual machines. If you are interested in troubleshooting, and creating network maps, then I recommend that you give this Network Performance Monitor a try.
To have a working knowledge of IPv6 you need to make sense of the first four numbers of the address. As with IPv4, it’s the first section of the address that has the most meaning, 192.x.y.z, 10.x.y.z, or even 169. I would like to focus in IPv6 addresses beginning with FE, for example, FE80, FECO. Again, as with IPv4, studying the binary numbers helps to explain why we get particular hexadecimal number.
Link-local address FE80 = 1111 1110 1000
Site-local address FEC0 = 1111 1110 11
Examples of an IPv6 Address
0:0:0:0:0:0:0:1 The classic loopback address. Compressed format ::1
FF01:0:0:0:0:0:0:42 A multicast address. Compressed to FF01::42
0:0:0:0:0:0:10.0.0.20 An IPv4 address. Note triple colon in the compressed form :::10.0.0.20
FE80::23A1:B131 A Local-link address. An address for use in the internal organisation, but not on the internet.
FEC0::F282:204:76FF:FE36:8163 Site-link address.
0:0:0:0:0:0:10.0.0.20 An IPv4 to IPv6 address. Note triple colon in the compressed form :::10.0.0.20
Thus if you see a number beginning with 2001 or 3001 then it’s a number that ICANN/IANA have allocated, probably to an ISP.
Zone ID (Appendage %)
Let us now decipher the very last part of the following Link-local IP address, fe80::211:5bff:fec2:82dc%4. The %4 caused me some head-scratching until I made a few vital deductions. Embarrassingly, until I understood the significance of the % number, I could not get ping to work. This percentage number has the following names: the Zone ID (most common), % Scope ID, NIC adapter number, Interface ID, or if you ‘ask’ Netsh, the Idx number.
Thank goodness that this command still works: Ipconfig /all. Moreover, it helps us by displaying the elusive number after the % sign. Here are the results for two machines where I wanted to ping.
Machine A: IPv6 address fe80::211:5bff:fec2:82dc%4
Machine B: IPv6 address fe80::ec84:1634:d659:2aba%10
Preliminary step, use IPCONFIG /all to get the IPv6 addresses of two machines. Then substitute your hex numbers for mine.
Experiment 1: At Machine A, launch a cmd prompt
1) Type PING
2) Type Machine B’s IPv6 address
3) Append YOUR (Machine A) % number, for example:
– Correct you should get a reply.
Experiment 2: At Machine A type Machine B’s IPv6 address omitting the % number
– Wrong no Zone ID number. Also, we assume that interface number we need (%4) is not the default Zone ID.
Experiment 3: At Machine A type Machine B’s IPv6 address with the wrong % number
– Wrong we need the Zone ID number of the sending machine = %4; the Zone ID of the target machine %10, is irrelevant. My rational is that we always learn more when things go wrong, it’s just that most text books leave out the mistakes! If you get stuck, do remember the following Netsh commands.
The best feature of this new this new version of SolarWinds VM Monitor is that it checks Windows Hyper-V. Naturally, it still works with virtual machines on VMware ESX Servers. VM Monitor is a clever desktop tool that not only tests that your server is online, but also displays the CPU and memory utilization for each node.
It’s easy to install and to configure this virtual machine monitor, all you need the host server’s IP address or hostname and the logon info. Give this virtual machine monitor a try – it’s free.
Troubleshooting IPv6 Addresses – Netsh is your friend
I assume that you are at the cmd prompt, now type these five words:
netsh interface ipv6 show interface
Note: Be careful, the command really does need two words called ‘interface’. Additionally you need to specify ipv6 – as shown above. Incidentally, as an ex-biologist I was amazed to see the word ‘Teredo’ in the netsh print-out. Previously I associated Teredo with the dreaded ship-boring mollusc. This animal probably destroyed more of Drake’s ships than the entire Spanish Armada. Back to IPv6, I soon made the connection, Teredo is tunnelling interface so that IPv4 packets can move smoothly through IPv6 networks.
Incidentally, Netsh is well worth learning, not only will it help you troubleshoot IPv6, but also it will be handy for configuring Core (GUI-Less) Windows Server 2008 machines.
Configuring IPv6 addresses with Netsh
Firstly an assumption, if you have XP you have installed IPv6 (Network connection, properties, Install). The key to configuring a manual IPv6 address is preparation, it also helps if you tuning-in to the terminology. As XP and Windows Server 2003 don’t have a box to type the IPv6 address, you need to employ the built-in command line tool Netsh.
With Vista and Server 2008, you can also configure IPv6, in much the same way as you did with IPv4, namely type numbers in a dialog box. Again you go to the Network Connections, but this time, IPv6 has a live properties button, (greyed out in XP).
The first question is, ‘What is the name of your Adapter Interface?’ To check your answer type ipconfig /all and read what comes after ‘Ethernet Adapter’. This usually begins with ‘Default..’ For more information, check your Network Connections, you could even take the opportunity of renaming the connection, e.g ‘lab’, and see the new name appear when you re-type ipconfig /all.
What IPv6 address could you add? Use an existing IP address as your starting point; it should begin with FE80. Also note the double colon meaning ‘compression’.
Suppose IPv6 reveals a Link-local address = fe80::211:5bff:fec2:82dc. You could add a new unique number by changing the last four digits thus: fe80::211:5bff:fec2:111a. Here is the syntax of Netsh.
The pattern is this: Add address interface = name address =hex number
Add address interface = lab address =fe80::211:5bff:fec2:111a
If you get an ‘Element not found’ error message, then it’s because your interface = NAME is wrong. The solution is to check the NAME in the Network Connections.
Finally, if you want get rid of your IPv6 command substitute delete for add, hence:
DELETE address interface = lab address =fe80::211:5bff:fec2:111a
It is going to take for ever for the world to migrate from IPv4 to IPv6. Fortunately the IPv6 committees took this into account when they designed IPv6. Specifically they included Teredo for tunnelling IPv4 inside IPv6. Here are the main tasks you can undertake to prepare for IPv6.
Whereas you should not attempt to upgrade an old XP machine to Vista*; upgrading an XP client from IPv4 to IPv6 will be the proverbial piece of cake. Vista machines don’t need to be upgraded because they have the IPv6 protocol pre-installed. Thus all the IPv6 migration falls to the servers and the routers.
- Upgrade your applications to work with both IPv6 and IPv4. In the case of the operating systems, they have a built-in IPv6 stack. Question: is IPv6 a killer reason to migrate to Vista. No. XP SP2 has a perfectly good IPv6 stack. Network connection, properties, Install. Alternatively, call for help about Install IPv6.
- Focus on DNS and make sure it supports IPv6 address and PTR records. In truth, if you have a true DNS expert, it will be straightforward for them to configure the AAAA records and the appropriate in-arpa reverse lookup zone.
- Before we consider IPv6 and DHCP, a few words about other simple auto-configuration methods. The IPv6 host can use Router Discovery to obtain vital information such as router IP address. What happens is that routers send multicast Router Advertisement (RA) messages periodically. From such RA messages a host can assign itself a Link-local address.
- As far as I can see, you will need Windows Server 2008 (Longhorn) for IPv6 DHCP. There may be plans to add IPv6 scopes in Windows Server 2003, but I cannot find any reference to them. What did find was this statement from Microsoft, ‘The IPv6 protocol for the Windows Server 2003 family does not currently support DHCPv6.’ See more on Windows 2012 DHCP server.
Security – Built in to IPv6; whereas IPSec is an add-on to IPv4.
IPv6 will be faster in several ways. Physically, because IPv6 does not fragment the packets as IPv4 does. Logically, because IPv6 will be hierarchical, thus internet routers won’t need such large routing tables. In addition, IPv6 headers have been redesigned to speed their path through a router and to create true ‘end to end’ capability, the result is more efficient network traffic on the internet backbone
Another difference between IPv4 and IPv6 is in the smarter allocation of IPv6 addresses. Rather than first come first served basis as seen with IPv4, IPv6 addresses will be leased on geographic region. Take Europe for example, RIPE (Réseaux IP Européens) has allocated the UK-BT IPv6 addresses beginning with 2001:0618
IPv6 has better scalability and an improved ability to prioritise packets. As with many of the benefits of IPv6, Quality of Service builds on features that IPv4 only partially delivers.
I don’t want to get bogged down with technical details, but I do want to emphasis is that IPv6’s support for mobile devices illustrates the thought that has gone into designing the new protocol, for example, the ‘Mobile Node’ (MN) is identified by its home address (HoA) and its care of address (CoA), which is the mobile’s current location.
IPv6 Public Root
ICANN/IANA distribute network blocks to Regional Internet Registries (RIR)
RIPE (Europe, Middle-east)
ARIN (North America)
LACNIC (Latin America)
APNIC (Asia Pacific)
In turn, these RIR hand out blocks Local Internet Registries (LIR) who are mainly Internet Providers (ISP)
LIR hand out IP blocks to End Users
For the short and mid-term, only IPv6 address beginning with 2000: and 3000: will be made available.
One option is to temporarily disable IPv6. Perhaps you are finding that IPv6 is more of a hindrance than a help. Naturally, you can reverse this registry hack should you need to enable IPv6.
How to disable IPv6 in the Registry
- Launch Regedit and navigate to the HKEY_LOCAL_MACHINE hive. The full path is:
Note: Tcpip6 (not plain Tcpip)
- Create a DWORD called DisabledComponents (Check the spelling e.g. plural)
- Set the Hex Value Data to ffffffff This displays as 0xffffffff (4294967295)
- Reboot and IPv6 will be disabled.
Summary of the Differences Between IPv4 and IPv6
Migration from IPv4 to IPv6 requires very little work on the XP client, and none at all for Vista. On the server side, you need a DNS expert to look at the AAAA records and the Reverse Lookup zone.
For the network manager, perhaps the biggest practical difference between IPv4 and IPv6 addresses is the need for a new DHCPv6 server such as Windows Server 2008. However you could start by seeing if your clients can manage with just the automatic Link-local address.
If you like this page then please share it with your friends