IPv6 is the successor to IPv4, designed to address two issues of the design as the system has scaled:
- The network size limit. IPv6 has an address space several orders of magnitude larger than that of IPv4.
- Binary subnetting calculations are a thing of the past as IPv6 moves to FLSM.
IPv6 packets are comprised of a series of a fixed-length header structure followed by a payload. The payload can contain additional headers in the form of extension headers at its start.
The header comprises:
- Version specifies the protocol version (always 6).
- Traffic Class is broken into two parts:
- The most significant 6 bits hold the DS field, used to classify packets for QoS.
- The least significant 2 bits are used for ECN.
- The Flow Label is a high-entropy identifier of a flow of packets, e.g. a TCP session or media stream.
- Payload Length specifies the payload size, in octets, including extension headers.
- Next Header specifies either the transport layer protocol used by the packet's payload or the type of the extension header at the beginning of the payload.
- Hop Limit replaces the IPv4 TTL value. It's decremented at each forwarding node, and the packet is discarded if it becomes zero. Destination nodes should process the packet even if it's received with a Hop Limit value of 0.
- Source IP Address defines the IP address of the source.
- Destination IP Address defines the IP address of the destination.
ICMPv6 is the successor to IPv4's ICMP, and is essential for IPv6 error reporting and diagnostics. It's designed to be extensible, providing a framework for future expansion.
The Neighbour Discovery Protocol operates at the link level of the OSI model. It's analogous to the ARP protocol used in IPv4.
It defines the following five ICMPv6 packet types:
- Router Solicitation (type 133) is used by hosts to locate routers on an attached link. Routers which forward packets not addressed to them generate Router Advertisements immediately upon receipt of this message rather than at their next scheduled time.
- Router Advertisement (type 134) is used by routers to advertise their presence and various link and Internet parameters either periodically or in response to a Router Solicitation message.
- Neighbour Solicitation (type 135) messages are used by nodes to determine the link layer address of a neighbour, or to verify that a neighbour is still reachable via a cached link layer address.
- Neighbour Advertisement (type 136) messages are used by hosts to respond to Neighbour Solicitation messages.
- Redirect (type 137) messages may be used by routers to inform hosts of a better first hop router for a destination.
IPv6 addresses are 128-bit Binary values written as 8 colon-delimited hextets. Like IPv4 addresses, they're broken into two parts: the Network Portion and the Interface Identifier, typically divided into two 64-bit sections; VLSM is not common.
To save time when writing addresses out:
- Leading zeroes can be eliminated from all hextets, since they're not significant in place value.
- A single block of consecutive zeroes can be reduced to a double colon. This is usually done between the Network Portion and Interface Identifier to serve as a visual indication of the network configuration.
Any interface communicating on a routed IPv6 network requires two addresses:
- Unicast addresses are global; there are no private IP address ranges in IPv6.
- Link-local addresses are similar to MAC addresses in previous IP networks, used only within layer 2 and don't leave the local network. They look like unicast addresses assigned in the link-local
Assuming a machine's NIC is attached to a layer 3 router with a valid network address, automatic address configuration takes place via SLAAC:
- The host generates link-local address.
- The host sends an ICMPv6 Router Solicitation seeking routers.
- Routers send ICMPv6 Router Advertisements with the prefixes available on their links.
- The host generates an address within this network prefix: a. Linux and macOS respond with Modified EUI derived from the MAC address. b. Windows responds with a randomly-generated network address within the range (for privacy reasons!).
- The address becomes tentative while the host performs DAD.
- Neighbour Advertisement.
- Address becomes active.