Introduction to IP version 6 (IPv6)

Before you start

Objectives: Learn the basic facts about the new IPv6 standard, and its address format.

Prerequisites: you should have a very good understanding of IPv4.

Key terms: IPv6, address, network, tunneling, host, interface, ID, IP, prefix, configuration, packet

Shortage of IPv4 Addresses

As more devices are connecting to the Internet we are quickly running out of free IPv4 addresses. As a matter of fact, IANA assigned last remaining blocks of IPv4 addresses in year 2011. Few years after that, ISPs will give out their last available IP addresses.

One solution to this problem is private addressing and NAT. With NAT, we actually connect our private network to the Internet by using only one public IPv4 address. All hosts on the private network use private addresses and share the single public registered IP address when accessing Internet. By using NAT and private addressing we conserve public registered IP addresses.

Experts were well aware of this problem a long time ago. Several IP protocols were in the design phase by the beginning of 1992. By 1996, a series of RFCs were released defining Internet Protocol version 6 (IPv6), starting with RFC 1883.


The main goal of IPv6 is to overcome the depletion of the 32 bit addresses. The biggest difference between IPv4 and IPv6 is the size of the IP address. IPv4 addresses are 32 bit addresses while IPV6 addresses are 128 bit addresses. As we said, there are slightly less than 4.3 billion IPv4 addresses, while IPv6 provides 3.4×10 to the 38th power (3.4×1038). As we see, IPv6 provides an exponentially larger address space.

IPv6 also has some features implemented right into the protocol. Those include auto configuration, Quality of Service (QoS), security, and Source Intelligent Routing. This means that we can make bandwidth reservations, use security protocols such as IPSec, etc.

Address Format

IPv6 addresses are written by using eight separated quartets. Each quartet consists of four hexadecimal numbers (total of 32 hexadecimal numbers). Each quartet is separated by a colon. Each quartet represents 16-bits of data. An example IPv6 address is:


Each hexadecimal number within the IPv6 address can range from 0 to 9, and letters A to F. We can also simplify the IPv6 address. For example, we can omit any leading zeros within a quartet. So, we can also write our example IPv6 address like this:


Notice that trailing zeros must be left as they are. Another way to shorten the IPv6 address is to take blocks of quartets that are all zeros and replace them with double colon (::). By using this rule our example IPv6 address now looks like this:


When omitting quartets of zeros we have to keep in mind that we can only do this once. We can only omit one block within the address. Only one double colon is permitted in an IPv6 address.If we omit more than one block it would be difficult to know how many quartets of zeros we have within each omitted block. But we could rewrite our IP address like this:


Either way is a valid form of representing the address, since we have only one double colon.

An IP Version 6 address is divided into two parts. Each part consists of four quartets (64 bits). The left part, the first 64 bits is called the prefix. The next 64 bits is called the interface ID.

Address Format

IPv6 Address Format

The prefix in IPv6 is similar to the network address (subnet) in IPv4, and the interface ID in IPv6 is like the host address in IPv4. The prefix can be divided into several parts that have significance. For example it can identify geographic region, ISPs, networks, and subnets. For example, Regional Internet Registries (RIRs) can be assigned with blocks of IPv6 addresses based on the first three digits within the prefix. That means that different parts of the world will be assigned different numbers within first three hexadecimal numbers in the IPv6 address.

Slash Notation

In IPv6 it is common to use a slash notation with an IP address to identify the relevant portion of the prefix. Let’s take a look at few examples. The entire prefix is designated with a /64 notation. We have mentioned three hexadecimal numbers which are used for RIRs, so RIRs will use the first 12 bits of information within the address. As you should know, hexadecimal number is represented with 4 bits, so RIRs will use the /12 notation. Numbers up to the second quartet are typically allocated to individual Internet service providers (ISPs). The portion of the address which contains two quartets is designated by using /32. The ISP is free to allocate addresses within the remaining portion of the prefix. Organizations can also use remaining portion of the prefix for subnetting. The 64 bit prefix is often referred to as the global routing prefix.

Example Slash Notation

Slash Notation Examples

1. Every interface has a /64 notation.

2. For example, RIRs are assigned a block of IPv6 addresses by using /12 notation.

3. ISPs can use addresses in the second quartet, which is a /32 notation.

4. Organizations can get a block of IPv6 address from the third quartet, and then can create additional private subnets by using the fourth quartet.

Interface ID

Interface ID is the unique address assigned to an interface (not to the host, since one host can have multiple interfaces). All interfaces must have some address, but they can also have more than one address. The interface ID can be dynamically generated on individual host or managed by administrators. This is done by using a special algorithm that guarantees uniqueness of IP addresses on particular site. On Ethernet networks the interface ID can be derived from the MAC address. As you know, a MAC address is a 48 bit number and the interface ID in IPv6 is a 64 bit number. To fill the missing 16 bits we add the values FFFE in the middle of the MAC address. For example, let’s say that we have the following MAC address:


To use this MAC address as an interface ID, we put FFFE in the middle of it. This is known as the EUI-64 format. Now our interface ID looks like this (without prefix):

prefix : ‎0810:74FF:FE40:8450

So, if we see the values FFFE in the middle of the interface ID, we can assume that the MAC address is used to generate the interface ID. When the EUI-64 format is used to create the IPv6 address, one more thing needs to be done. The seventh bit of the EUI-64 form address needs to be changed from 0 to 1. When we do that with our example MAC address in the EUI-64 format, we get the following IPv6 address (without prefix):

prefix : ‎0A10:74FF:FE40:8450

If you don’t know how to convert from binary to hexadecimal, we strongly suggest that you learn it. So, the main thing to remember is that the interface ID can be based on the MAC address or dynamically generated.

In addition to providing more addresses, IPv6 also includes built in security, quality of service, and auto configuration features.

Types of IPv6 Addresses

In IPv4 we basically had 3 types of IP addresses: unicast addresses, multicast addresses and broadcast addresses. In IPv6 we also have three types of IP addresses: unicast addresses, multicast addresses and anycast addresses. Notice that we don’t have broadcast addresses in IPv6.

Unicast addresses allow a single interface to send and receive data on IPv6 network. Packets sent to a unicast address are delivered to the interface which has that unicast address. We actually have 5 types of IPv6 unicast addresses. Those are:

  • Global unicast – this type is the equivalent of unique address in IPv4. In IPv6 those addresses are assigned to individual interfaces and are unique on the entire Internet (globally unique). In IPv6 this type of address starts with “2” (first three bits are “001”), or it starts with “3” (first three bits are “0011”. This helps us to identify the type of IPv6 address being used, but in the future global addresses might start with other combination of bits as well.
  • LinkLocal unicast – this type is similar to APIPA range in IPv4. LinkLocal unicast addresses are used for automatic address configuration, neighbour discovery and on subnets that don’t use routers. Routers don’t forward packets destined to LinkLocal addresses on other networks. They always start with “FE8”, or “FE9”, or “FEA”, or “FEB”.
  • UniqueLocal unicast – these addresses are similar to private addresses in IPv4. Private addresses are used on private networks within a site or between a limited number of sites. UniqueLocal addresses will always start with “FC” or “FD”. Unique local addresses are not globally routable. In earlier IPv6 specification we had a SiteLocal address that was not globally unique, and it always started with “FEC”, or “FED”, or “Fee”, or “FEF”. SiteLocal addresses were replaced by UniqueLocal addresses.
  • Special unicasts – there are two types of special unicast addresses. We have the Unspecifiedaddress which is all zeros (:::). This indicates the absence of an address similar to zero address in IPv4. We also have the the Loopback address (::1). This is similar to the address in IPv4.

The second type of IPv6 address that we mentioned is multicast address. Multicast address will always start with “FF”. It is used to send packets to multiple hosts which have the same multicast address (group of hosts). By using different multicast addresses for different purposes, only devices that need to get the messages will actually respond to the multicast. Devices that don’t have to participate will simply ignore the multicast message. Multicast addresses can be restricted to local link. In that case they start with “FF02”, and they are not forwareded by routers. Multicast can be restricted to a single node, and in that case the address starts with “FF01”. The most common multicast addresses are:

  • FF01::1 all interfaces on a single node.
  • FF02::1 – all nodes on the local link. This is similar to the broadcast address in IPv4.
  • FF02::2 – all routers on the local link. .
  • FF02::1:2 – all DHCP servers or DHCP relay agents on the local link.

The third type of IPv6 address is anycast. As you noticed, in IPv6 we don’t have broadcast addresses. The anycast address is actually a unicast address with is assigned to more than one interface which can be on different hosts. Anycast packet is routed to the nearest interface that has that address. The proximity of the device is determined by the hops. Routers manage this data transfer.

Some IPv6 addresses are reserved for use by the Internet Engineering Task Force (IETF) organization. Those addresses begin with “00”.

IPv6 and Name Resolution

DNS is also used for name resolutions in IPv6. To map an IPv6 host name to an IPv6 address we use the AAAA record. The PTR record can be used with IPv6 together with IPv4. When there is no DNS available, the LinkLocal Multicast Name Resolution (LLMNR) protocol is used to provide name resolution when DNS is unavailable. As it name implies, LLMNR uses multicast messages to resolve local host names. LLMNR is enabled by default. It is used on peer-to-peer networks and ad-hoc networks. LLMNR replaces NetBIOS broadcast feature which helps us to find hosts on the local subnet. Also, if name resolution to the DNS fails, the client will use LLMNR to try and resolve the host name.

IPv6 Integration

If we currently use IPv4 in our environment, the biggest problem now is to migrate to IPv6 addressing. The first solution to this problem is dual stack configuration. In a dual stack configuration, both the IPv4 and IPv6 protocols run concurrently on a host. This way we actually enable hosts to communicate both with devices which are configured with IPv4 and with devices which use IPv6 address. So, the host can be configured to use both IPv4 and IPv6. When it needs to communicate with some host that uses IPv4. it will simply use IPv4 stack. When it needs to communicate with the IPv6 host, it will use IPv6 stack. If there are routers in the middle of this configuration, they also have to run both IPv4 and IPv6. Switches which connect those two hosts also has to have dual stack configuration.

If we have some host which only has IPv4 implemented, and that host needs to communicate with some host which only has IPv6 protocol implemented, we have to use a special router. That special router is called a Network Address Translation-Protocol Translation (NAT-PT). This routers runs a dual stack (both IPv4 and IPv6), so that it can translate IPv4 packets into IPv6. It converts IPv6 packet header into an IPv4 packet header and vice versa. So, NAT PT is used to enable IPv4 only hosts to communicate with IPv6 only hosts.

Another type of IPv6 address that can be used in situations when a device is not compatible with IPv6 is called the “IPv4 Mapped Address“. Devices which are not compatible with IPv6 are assigned an IPv4 mapped address. This address is used to represent an IPv4 only node to an IPv6 node. This type of address will have 5 zero quartets, then “FFFF” in the middle, and then the IPv4 address in dotted decimal representation. For example, the mapped address could look like this: 0:0:0:0:0:FFFF: The shorter way to write this is: ::FFFF:


We also have a problem if the network that separates two IPv6 hosts does not support IPv6. The solution to this problem is tunneling. Tunneling wraps an IPv6 packet within an IPv4 packet. There are several forms of tunneling which can be configured manually or automatically. Tunneling can be configured between two routers, between a host and a router, and between two hosts. The first form we will mention is used between two hosts, and it is called Teredo tunneling.

When we use tunneling between two IPv6 hosts when they need to communicate over IPv4 network, hosts are again configured with both IPv4 and IPv6 stack (Dual stack configuration). In this case, hosts will actually communicate using IPv4 network, but there is additional step taking place. With tunneling we take the the IPv6 packet and wrap it in a new IPv4 packet. This process is called tunneling. That new IPv4 packet can then be sent through the network which only supports IPv4 protocol. The destination device will receive the IPv4 packet and convert it back into the original IPv6 packet. This type of tunneling is called Teredo Tunneling. It is used in communication from a single host to another host through an IPv4 network which does not understand IPv6. Teredo is a host to host tunneling protocol and it works trough NAT. This tunnel is often referred to as a channel between two hosts. Teredo tunneling is sometimes referred to as NAT traversal or NAT-T. Teredo tunneling should only be used when there is no native IPv6, ISATAP or 6-to-4 implementations present. We will talk more about those other implementations next.

Another form of tunneling is called Intra Site Automatic Tunnel Addressing Protocol (ISATAP). ISATAP can be used on private networks (within a site) to connect an IPv6 network to an IPv4 network. In this case, there is a router between an IPv4 network and IPv6 network. Router in that configuration has to have dual stack configuration (run both IPv4 and IPv6). Hosts on IPv4 network understand only IPv4, so they send IPv4 packets to the ISATAP router. The ISATAP router takes IPv4 packets and converts them into IPv6 packets to be sent on the IPv6 network. Remember that ISATAP is used with private networks, within a site. It can’t be used to connect to public networks such as Internet. Addresses for each host are automatically generated link-local addresses. The prefix is the general link-local prefix FE80:: /16, and the remaining values of prefix are 0.  The first two quartets of the interface ID are: 0000:5EFE, and the remaining two quartets is the IPv4 address. For example, if we have a host with an IP address of in an ISATAP environment, the IPv6 address would be:FE80::5EFE: The IPv4 address in the end can also be written in hexadecimal notation. So, ISATAP is great when we want to start the transition to IPv6 within our site. First we add an ISATAP router, and then we configure our hosts as an ISATAP clients. If we have Windows 7 clients (or newer) on our networks, they will use ISATAP configuration automatically if they can find the ISATAP router (router should be named ISATAP, or have an A or CNAME record in DNS pointing to the ISATAP router). ISATAP does not work trough NAT.

Another form of tunneling is called 6-to-4 tunneling. In contrast to ISATAP, a 6-to-4 tunneling can be used between sites, between routers at different sites. For example, if we have multiple geographic locations which run IPv6, and we have to connect them over Internet, we can use 6-to-4 tunneling protocol. This way we have whole networks connected to each other. Routers which connect each network with the Internet have to be dual stack routers (run both IPv4 and IPv6). The tunnel is established between the two routers. Devices on the private network do not need to establish the tunnel in order to communicate. Hosts send IPv6 packets to the router and the router encapsulates that IPv6 packets within an IPv4 packet, which is then sent over Internet. The form of 6-to-4 address is:2002:first2bytes:second2bytes:: /48. The “first2bytes” are the first 2 bytes of the IPv4 address, and the “second2bytes” are the second 2 bytes of the IPv4 address. The IPv4 part of the 6-to-4 address is often written in hexadecimal. The mask of the address is /48. Remember that 6-to-4 tunneling is used to dynamically connect multiple sites trough the IPv4 Internet, and it works trough NAT.

Another type of tunneling is accomplished by using an IPv4-compatible IPv6 address. It is used by hosts with dual stack configurations, but which communicate using IPv6 over IPv4 infrastructure. When an IPv4-compatible address is used as an IPv6 destination, the IPv6 packet is automatically encapsulated within an IPv4 packet and sent to the destination using the IPv4 network. The IPv4-compatible IPv6 address is represented by 6 zeros and then the IPv4 address. For example, and IPv4 compatible IPv6 address could be: 0:0:0:0:0:0: Notice that the last four octets represent the IPv4 address of the device. We could also write this address in short form like this: ::

Example Configuraiton

We have a separate article in which we show how to configure IPv6 in Windows 7.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Giveaway: EaseUS Data Recovery Pro licence ($89.95 worth). Read more
%d bloggers like this: