30 IPv6 Addressing – Introduction

A standard IPv4 address is comprised of 32 bits of information, resulting in 4,294,967,296 possible permutations. That’s a lot of unique identifiers!… until you realize that a significant number of these IP’s are reserved for special purposes and the estimated number of connected internet devices today ranges in the magnitude of tens of billions. If it were not for technologies such as NAT, our available address pool would have been depleted many years ago. However, the increasing number of internet devices has yet to show signs of slowing down any time soon, and we may reach a point where IP supply cannot keep up with demand. Fortunately, researchers from the Internet Engineering Task Force developed IPv6, the sixth version of the Internet Protocol.

Estimated time for completion: 25 minutes

Learning Objectives

• Understand the properties of an IPv6 address
• How to create an IPv6 Host ID from a MAC address
• How to create IPv6 address from IPv4 addresses

Prerequisites

• IPv4 Addressing – a Vary Brief Review
• A Ubuntu Desktop VM
• Introduction to Routers

Deliverables

• Worksheet

resources

• IPv6 Compression Tool – https://findipv6.com/ipv6-compress
• IPv6 Calculator – https://www.calculator.net/ip-subnet-calculator.html
• IPv6 Address Generator – https://www.ipvoid.com/random-ipv6/

Contributors and testers

• Berkley Rocca, 11th-Grader, Grand Rapids Christian High School
• Jacob M. Christensen, Cybersecurity Student, ERAU-Prescott

Generally, when you ask someone what a device’s IP address is, they provide you with an IPv4 address. That’s fine and dandy, but there’s more to that picture. Devices also have an IPv6 address. Like IPv4 addresses, these addresses represent the routing prefix and the host identifier. However, IPv6 addresses are structured differently than IPv4 addresses.

Learning IPv4 required knowledge of binary and decimal. IPv6 requires knowledge of hexadecimal.  IPv6 addresses use hexadecimal values, or base-16 values, meaning there are 16 possible values in each digit, 0-9, a-f.

Here’s a translation table:

As you can see, using the hexadecimal term ‘f’ is a much more abbreviated representative symbol of the decimal number ’15’.  At least much easier on us humans than the binary term ‘1111’.  This is helpful as the binary digits grow in size.  Look at the difference between an IPv4 address in decimal vs binary.

You can count the 1s and 0s if you want, but trust us when we say there are 32 bits there.  To prevent us from running out of IP space again, IPv6 uses 128 bits!  To put it in perspective, there are 100 times more usable  IPv6 addresses than the number of atoms on the surface of the Earth.  If we look at the different representations of an IPv6 address, we get the following:

As you can see, hexadecimal notation is MUCH easier for us humans to handle than binary.  However, IPv6 addresses can still be pretty long.  The average person can only recall lists of 7 items.  Thankfully, there are conventions to shorten them such as omitting any redundant zeros.

Let’s look at a sample IPv6 address such as 2001:ef48:64a3:0000:0000:0000:32ad:0792

1. Let’s look at the leading zeros. Look at the last octet (last 4 characters) in our example address. Like how we don’t write the number 8 as 008, we don’t want to write 792 as 0792, so we remove the leading zero.
   

   Original	2001:ef48:64a3:0000:0000:0000:32ad:0792
   Removed the leading zeros	2001:ef48:64a3:0000:0000:0000:32ad:792

2. Next, we remove octets with 0000 as a value. We will refer to them as “gaps”. The convention for removing strings of gaps is to replace them with two colons (::).
   

   Removed the leading Zeros	2001:ef48:64a3:0000:0000:0000:32ad:792
   Removed ‘gaps”	2001:ef48:64a3::32ad:792

3. Much better, right? Keep in mind that you can only remove one string of gaps. In other words, you cannot have two instances of double colons in your address. If there are multiple gaps not in a string, the left-most gap is reduced to double colons, and the remainder is reduced to a single zero. Except for in the case of double colons, there must always be at least one character per octet. For example:

4. You can still remove the leading zeros if there are any.  We only have 1 octet with a leading 0 now.  The octet 0792.  So seeing the process in its entirety would look like this:

IPv6 is very similar to IPv4 in its use.  Recall that IPv4 addresses are broken up into a street and a house number.  The street (routing prefix) is dictated by the subnet mask. If you have a mask of 255.255.255.0, or x.x.x.x/24 in CIDR, the first 24 bits of your address determine your routing prefix. In IPv6, it works similarly. Like IPv4, the routing prefix is determined by the mask. In IPv6, your subnet mask can be upwards of 64 bits. For instance, if our IPv6 address is 2001:ef48:64a3:0000:0000:0000:32ad:0792, then it would be broken into two parts:

Returning to the street address analogy, think of the routing prefix as a street name, and the host identifiers are the house numbers on that street. Just like how you would visit house 1234 on Elm Street, you would visit host 0000:0000:32ad:0792 at prefix 2001:ef48:64a3:0000

Now, with IPv6 we can be even more specific.  Say you have a netmask of /48. Now only the first 48 bits represent the routing prefix. However, the 16 bits that were previously in the prefix are not allocated to the host identifier. These bits now identify the subnet your device is on.

Using the street address analogy, imagine the same road again. However, now imagine Elm Street has several alleys where people built houses after the neighborhood was constructed.  If you want to find a house, in one of the alleys, you must first go down Elm Street and then the correct alley to get to the house. In order to get to house 1234, I must take Elm Street to Roadrunner Alley, then continue until I find house 1234. Returning to IPv6 land, if I want to find host 0000:0000:32ad:0792, I must first look on subnet 0000 on prefix 2001:ef48:64a3.

Now that we have covered routing prefixes and subnets, let’s look at the Host ID portion of the IPv6 address called the Extended Unique Identifier (EUI).  The EUI consists of the MAC address of the interface.  Recall from IPv4 that a MAC address is 48-bits long and consists of two parts, the manufacturer’s ID and the serial number.  However, the IPv6 Host ID (EIU) is 64-bits long, so some conversion is necessary.

1.  We split the MAC address into its constituent parts.
   

   Given a MAC Address: 3c:27:be:56:1d:d0
   3c:27:be	56:1d:d0
   Manufacture’s ID (OUI – Organizationally Unique ID)	Serial Number

2.  Then we insert the MAC into the mold of an IPv6 host ID and add the reserved bits of FFFE to indicate an EUI-64 generated IPv6 address.
   

   Given a MAC Address: 3c:27:be:56:1d:d0
   3c	27	be	add FF FE		56	1d	d0
   3c	27	be	ff	fe	56	1d	d0

3. Now we have to look at the first octet and change the universal/local bit.  The bit is 7th from the left.  The bit should be a 1, which indicates local, not a 0 which means universal.
   

   Given a MAC Address: 3c:27:be:56:1d:d0
   OUI			IPv6 Reserve		Serial Number
   3c	27	be	ff	fe	56	1d	d0
   0011  1100	Convert to binary
   0011  1100	Locate the universal/local (U/L) bit and check its setting.  This is set to universal (0)
   0011  1110	We flip this bit to local (1)
   3e	Convert the binary back to Hexidecmal which has now changed from 3c to 3e
   3e	27	be	ff	fe	56	1d	d0
   Resulting IPv6 Host ID		3e27:beff:fe56:1dd0

4. Practice your IPv6 knowledge with these questions:

Now we look at how an IPv4 address is converted to an IPv6 address.  This occurs when a network is using IPv4, but the packets need to tunnel through an IPv6 network to another IPv4 network.  This is called 6to4 notation. The 6to4 tunnel concatenates the IPv4 address to the IPv6 address 2002::/16

Let’s use the following IPv4 address as our example: 192.168.50.14

1. Open GNS3 and create a new project. Title the project appropriately
2. Add a switch and two VPCs to the network
3. Connect the VPCs to the switch
4. Select a routing prefix through random generation. In our example we’ll be using 2001:db8::/32
5. Select a host ID for each VPC. In our example the host IDs are ::2 and ::3
6. Open the console for the first VPC and assign it the IPv6 address. Note that you can use the abbreviated address in the VPC

   ip 2001:db8::2/32

7. Now open a Wireshark capture on either of the connections. Then, use the ping command to ping the other host on the network

   ping 2001:db8::3/32

8. On Wireshark you should see that this operates exactly like an IPv4 address in practice. The only difference is the elimination of Network Address Translation and DHCP since we have enough IP addresses for every device to have one

1. On the same GNS3 project add a MikroTik router to the workspace and connect it to the switch
2. Start the MikroTik router and open the console
3. Use the following command to assign the router an IPv6 address

   ipv6 address add address=2001:db8::1/32 interface=ether1

4. Attach a Ubuntu Desktop machine to the switch but do not start it yet
5. Open a Wireshark capture on the link between the router and the switch
6. Start the Ubuntu Desktop machine and open a terminal. Utilize the command

   ip add

7. In Wireshark you should see a router solicitation and a router reply. In the terminal the machine should now have an IPv6 address assigned with the prefix 2001:db8

End of Lab