IPv6 has been ‘coming’ for a long time
now, a decade at least. Everyone’s been worried about running out of IPv4
addresses, but then we found that we’re so good at doing NAT that there’s just
not much of a need for migrating to IPv6 and the amount of administrative
effort to migrate is so great that management usually doesn’t go for it.
Outside of the united states though IPv6 has much more popularity, so if you’re
working there you’ll likely have a much better chance of running into this. A
lot of network admins are pretty intimidated by IPv6, but really it’s about the
same as IPv4 from a practical aspect of a network admin, it’s just a bigger
woolier address to deal with and can be more difficult to understand where
summarization can occur and how to plan an addressing scheme.
In this lesson we’ll be covering some basics about the IPv6 address and migration techniques and go over good practice to help prepare you to design a solid addressing plan that is ready for growth.
Okay, so a super brief flyby of IPv6
addresses. First, an IPv6 address is a 128 bits, as opposed to the 32bit
address of IPv4. The address is divided up into 8 sections of 4 characters
separated by colons, these are being called hextets because each character in the address
represents 4bits, allowing for 16 combinations per character. This is why
they’re written in hexadecimal which goes from 0-9 to A-F. Each hextet is
16bits in length.
The concept of a prefix length or subnet mask works exactly the same in IPv6 as it does in IPv4. You still have a network portion of the address and a host identifier. The 2 portions are identified in the same fashion with a mask as before.
Now since IPv6 addresses are so long, there’s some rules for how to shorten them to remove unneeded 0s. First, you can simply omit any preceding 0s in a hextet. Next, any contiguous set of 0s can be abbreviated with a double colon. This can only be done once in an address though. You can understand why pretty easily, the computer needs to be able to know how many 0s there are represented by that double colon; and if there’s 2 different double colons then we don’t know how many 0s are represented by each. What you can do though if you have already used a double colon and you have any other hextets that are just 0s, you can omit all but 1 of the 0s in each hextet.
There does exist private address spaces
in IPv6, like site-local addresses, but it’s coming to be unlikely they’re be
used. Since there’s just so many addresses available, all devices will have
publicly routable addresses.
Now the most common and most recommended
prefix length to use is a /64. This is mostly due to it’s
compatibility with an automatic addressing method called EUI-64. This is where
the device learns about the /64 prefix then takes its 48bit MAC address and
jams FFFE into the middle of it to make up the second 64 bits of its IPv6
address thereby allowing automatic address creation. This can be done with
publicly routable addresses by learning the prefix from the router in the
router advertisement, with he prefix being one that was assigned to your
company and is publicly routable. There’s no need to use DHCP or static
addressing, you can use EUI-64 which is stateless automatic addressing. The
sheer fact that it’s recommended to use /64 prefixes on a point to point link,
throwing away an insane number of addresses, really shows just how many
addresses there are available in IPv6.
In this diagram at the bottom I wanted to show how obtaining an IPv6 prefix usually works. So here in the united states we have ARIN, the American registry for internet numbers. Now there’s a lot of registries out there; and it’s possible for a company to go to the registry themselves and purchase a block of addresses, or a prefix directly from ARIN. What most people will do though is get a block assigned to them from their ISP. So ARIN will give a /16 or /32 to an ISP and that ISP will then go ahead and subnet that out and commonly assign their customers /48 prefixes. Now just think, that allows you as the enterprise to then subnet that /48 prefix into 65000 /64 prefixes. These are just common prefix lengths you’ll see but there’s certainly a lot in between that is assigned as well.
Just like in IPv4, private address spaces
in IPv6 are not routable. In fact, your link-local address is not routable
outside your subnet at all. This address is the one that starts with FE80 and
uses a modified EUI-64 method to generate itself. Like I mentioned earlier,
other private addressing spaces exist with IPv6 but they’re not likely to be
used except in perhaps special circumstances.
The global prefix, so what the engineers
behind IPv6 decided would be enough addresses to satisfy our usage on Earth, is
2000::/3. Now the global unicast IPv6 prefix is 2001::/16. Commonly in
documentation you’ll see the prefix of 2001:DB8::/32 used; this is because this
prefix was actually
specifically for use in documentation. This prefix is not publicly routable for