Chapter 3 – IP Addressing

Published: November 02, 2004 | Updated: April 18, 2006

Writer: Joe Davies

Abstract

This chapter describes the details of addressing for both IPv4 and IPv6. Network administrators need a thorough understanding of both types of addressing to administer Transmission Control Protocol/Internet Protocol (TCP/IP) networks and troubleshoot TCP/IP-based communication. This chapter discusses in detail the types of Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6) addresses, how they are expressed, and the types of unicast addresses assigned to network node interfaces.

For a download of the entire "TCP/IP Fundamentals for Microsoft Windows" online book, which contains a version of this chapter that has been updated for Windows Vista and Windows Server 2008, click here.

On This Page

Chapter Objectives
IPv4 Addressing
IPv6 Addressing
Comparing IPv4 and IPv6 Addressing
Chapter Summary
Chapter Glossary

Chapter Objectives

After completing this chapter, you will be able to:

  • Describe the syntax for IPv4 addresses and address prefixes, and convert between binary and decimal numbers.

  • List the three types of IPv4 addresses, and give examples of each type.

  • Describe the differences between public, private, and illegal IPv4 addresses.

  • Describe the syntax for IPv6 addresses and address prefixes, and convert between binary and hexadecimal numbers.

  • List the three types of IPv6 addresses, and give examples of each type.

  • Describe the differences between global, site-local, and link-local unicast IPv6 addresses.

  • Convert an Institute of Electrical and Electronics Engineers (IEEE) 802 address to an IPv6 interface identifier.

  • Compare addresses and addressing concepts between IPv4 and IPv6.

IPv4 Addressing

An IP address is an identifier that is assigned at the Internet layer to an interface or a set of interfaces. Each IP address can identify the source or destination of IP packets. For IPv4, every node on a network has one or more interfaces, and you can enable TCP/IP on each of those interfaces. When you enable TCP/IP on an interface, you assign it one or more logical IPv4 addresses, either automatically or manually. The IPv4 address is a logical address because it is assigned at the Internet layer and has no relation to the addresses that are used at the Network Interface layer. IPv4 addresses are 32 bits long.

IPv4 Address Syntax

If network administrators expressed IPv4 addresses using binary notation, each address would appear as a 32-digit string of 1s and 0s. Because such strings are cumbersome to express and remember, administrators use dotted decimal notation, in which periods (or dots) separate four decimal numbers (from 0 to 255). Each decimal number, known as an octet, represents 8 bits (1 byte) of the 32-bit address.

For example, the IPv4 address 11000000101010000000001100011000 is expressed as 192.168.3.24 in dotted decimal notation. To convert an IPv4 address from binary notation to dotted decimal notation, you:

  • Segment it into 8-bit blocks: 11000000 10101000 00000011 00011000

  • Convert each block to decimal: 192 168 3 24

  • Separate the blocks with periods: 192.168.3.24

When referring to an IPv4 address, use the notation w.x.y.z. Figure 3-1 shows the IPv4 address structure.

Bb726995.tcch0301(en-us,TechNet.10).gif

Figure 3-1  The IPv4 address in dotted decimal notation

To become adept at moving between binary and decimal formats, you can review the binary (Base2) and decimal (Base10) numbering systems and how to convert between them. Although you can use the calculator in the Microsoft® Windows Server™ 2003 or Windows® XP operating systems to convert between decimal and binary, you will better understand the conversions if you can do them manually.

Converting from Binary to Decimal

The decimal numbering system uses the digits 0 through 9 and the exponential powers of 10 to express a number. For example, the decimal number 207 is the sum of 2x102 + 0x101 + 7x100. The binary numbering system uses the digits 1 and 0 and the exponential powers of 2 to express a number. The binary number 11001 is the sum of 1x24 + 1x23 + 0x22 + 0x21 + 1x20. Dotted decimal notation never includes numbers that are larger than 255 because each decimal number represents 8 bits of a 32-bit address. The largest number that 8 bits can express is 11111111 in binary, which is 255 in decimal.

Figure 3-2 shows an 8-bit binary number, the bit positions, and their decimal values.

Bb726995.tcch0302(en-us,TechNet.10).gif

Figure 3-2  An 8-bit binary number

To manually convert an 8-bit number from binary to decimal (starting at the top of Figure 3-2), do the following:

  1. If the eighth bit position equals 1, add 128 to the total.

  2. If the seventh bit position equals 1, add 64 to the total.

  3. If the sixth bit position equals 1, add 32 to the total.

  4. If the fifth bit position equals 1, add 16 to the total.

  5. If the fourth bit position equals 1, add 8 to the total.

  6. If the third bit position equals to 1, add 4 to the total.

  7. If the second bit position equals 1, add 2 to the total.

  8. If the first bit position equals to 1, add 1 to the total.

For example, for the 8-bit binary number 10111001:

  1. The eighth bit position equals 1. Add 128 to the total. The total is now 128.

  2. The seventh bit position equals 0.

  3. The sixth bit position equals 1. Add 32 to the total. The total is now 160.

  4. The fifth bit position equals 1. Add 16 to the total. The total is now 176.

  5. The fourth bit position equals 1. Add 8 to the total. The total is now 184.

  6. The third bit position equals 0.

  7. The second bit position equals 0.

  8. The first bit position equals 1. Add 1 to the total. The total is now 185.

Therefore, 10111001 in binary is 185 in decimal.

In summary, to convert a binary number to its decimal equivalent, total the decimal equivalents for the bit positions that are set to 1. If all 8 bits are set to 1, add 128 + 64 + 32 + 16 + 8 + 4 + 2 + 1 to get 255.

Converting from Decimal to Binary

To manually convert a number up to 255 from decimal notation to binary format (starting at the decimal column of Figure 3-2), do the following:

  1. If the number is larger than 127, place a 1 in the eighth bit position, and subtract 128 from the number. Otherwise, place a 0 in the eighth bit position.

  2. If the remaining number is larger than 63, place a 1 in the seventh bit position, and subtract 64 from the number. Otherwise, place a 0 in the seventh bit position.

  3. If the remaining number is larger than 31, place a 1 in the sixth bit position, and subtract 32 from the number. Otherwise, place a 0 in the sixth bit position.

  4. If the remaining number is larger than 15, place a 1 in the fifth bit position, and subtract 16 from the number. Otherwise, place a 0 in the fifth bit position.

  5. If the remaining number is larger than 7, place a 1 in the fourth bit position, and subtract 8 from the number. Otherwise, place a 0 in the fourth bit position.

  6. If the remaining number is larger than 3, place a 1 in the third bit position, and subtract 4 from the number. Otherwise, place a 0 in the third bit position.

  7. If the remaining number is larger than 1, place a 1 in the second bit position, and subtract 2 from the number. Otherwise, place a 0 in the second bit position.

  8. If the remaining number equals 1, place a 1 in the first bit position. Otherwise, place a 0 in the first bit position.

Here is an example of converting the number 197 from decimal to binary:

  1. Because 197 is larger than 127, place a 1 in the eighth bit position, and subtract 128 from 197, leaving 69. The binary number so far is 1xxxxxxx.

  2. Because 69 is larger than 63, place a 1 in the seventh bit position, and subtract 64 from 69, leaving 5. The binary number so far is 11xxxxxx.

  3. Because 5 is not larger than 31, place a 0 in the sixth bit position. The binary number so far is 110xxxxx.

  4. Because 5 is not larger than 15, place a 0 in the fifth bit position. The binary number so far is 1100xxxx.

  5. Because 5 is not larger than 7, place a 0 in the fourth bit position. The binary number so far is 11000xxx.

  6. Because 5 is larger than 3, place a 1 in the third bit position, and subtract 4 from 5, leaving 1. The binary number so far is 110001xx.

  7. Because 1 is not larger than 1, place a 0 in the second bit position. The binary number so far is 1100010x.

  8. Because 1 equals 1, place a 1 in the first bit position. The final binary number is 11000101. The decimal number 197 is equal to the binary number 11000101.

In summary, to convert from decimal to binary, verify whether the decimal number contains the quantities represented by the bit positions from the eighth bit to the first bit. Starting from the eighth bit quantity (128), if each quantity is present, set the bit in that bit position to 1. For example, the decimal number 211 contains 128, 64, 16, 2, and 1. Therefore, 211 is 11010011 in binary notation.

IPv4 Address Prefixes

Each bit of a unique IPv4 address has a defined value. However, IPv4 address prefixes express ranges of IPv4 addresses in which zero or more of the high-order bits are fixed at specific values and the rest of the low-order variable bits are set to zero. Address prefixes are routinely used to express a range of allowable addresses, subnet prefixes assigned to subnets, and routes.

To express an IPv4 address prefix, you must identify the number of high-order bits that are fixed and their value. Then you can use prefix length notation or dotted decimal notation.

Prefix Length Notation

If you use prefix length notation, you express address prefixes as StartingAddress/PrefixLength, in which:

  • StartingAddress is the dotted decimal expression of the first mathematically possible address in the range. To form the starting address, set the fixed bits at their defined values, and set the remaining bits to 0.

  • PrefixLength is the number of high-order bits in the address that are fixed.

For example, the IPv4 address prefix 131.107.0.0/16 specifies a range of 65,536 addresses. The prefix length, 16, specifies that all addresses in the range begin with the same 16 bits as the starting address. Because the first 16 bits of the starting address are fixed at 10000011 01101011 (131 107 in decimal), all addresses in the range have 131 as the first octet and 107 as the second octet. With 16 variable bits in the last two octets, there is a total of 216 or 65,536 possible addresses.

To specify an address prefix using prefix length notation, you create the starting address by setting all variable bits to 0, you convert the address to dotted decimal notation, and then you add a slash and the number of fixed bits (the prefix length) after the starting address.

The IPv4 address prefix 131.107.0.0/16 has 16 fixed bits (10000011 01101011). The starting address is the first 16 bits that are fixed and then the last 16 bits that are set to 0, which is 10000011 01101011 00000000 00000000 or 131.107.0.0. Next, you would add a slash and specify the number of fixed bits (/16) to express the address prefix as 131.107.0.0/16.

Prefix length notation is also known as Classless Inter-Domain Routing (CIDR) notation.

Dotted Decimal Notation

You can also express an IPv4 address prefix length as a 32-bit number in dotted decimal notation. To use this method, set all fixed bits to 1, set all variable bits to 0, and convert the result to dotted decimal notation. Continuing our previous example, set the 16 fixed bits to 1 and the 16 variable bits to 0. The result is 11111111 11111111 00000000 00000000, or 255.255.0.0. The address prefix is expressed as 131.107.0.0, 255.255.0.0. Expressing the prefix length as a dotted decimal number in this way is also known as network mask or subnet mask notation.

Table 3-1 lists the decimal value of an octet when you set the successive high-order bits of an 8-bit number to 1.

Number of Bits

Binary

Decimal

0

00000000

0

1

10000000

128

2

11000000

192

3

11100000

224

4

11110000

240

5

11111000

248

6

11111100

252

7

11111110

254

8

11111111

255

Table 3-1  Decimal Values for Prefix Lengths

When you configure IPv4 address prefixes in Windows, you will use subnet mask notation more commonly than prefix length notation. However, you must be familiar with both types of notation because some Windows configuration dialog boxes require you to use prefix length notation rather than subnet mask notation and because IPv6 supports prefix length notation only.

Types of IPv4 Addresses

Internet standards define the following types of IPv4 addresses:

  • Unicast

    Assigned to a single network interface located on a specific subnet; used for one-to-one communication.

  • Multicast

    Assigned to one or more network interfaces located on various subnets; used for one-to-many communication.

  • Broadcast

    Assigned to all network interfaces located on a subnet; used for one-to-everyone on a subnet communication.

The following sections describe these types of addresses in detail.

IPv4 Unicast Addresses

The IPv4 unicast address identifies an interface’s location on the network in the same way that a street address identifies a house on a city block. Just as a street address must identify a unique residence, an IPv4 unicast address must be globally unique and have a uniform format.

Each IPv4 unicast address includes a subnet prefix and a host ID portion.

  • The subnet prefix (also known as a network identifier or network address) portion of an IPv4 unicast address identifies the set of interfaces that are located on the same physical or logical network segment, whose boundaries are defined by IPv4 routers. A network segment on TCP/IP networks is also known as a subnet or a link. All nodes on the same physical or logical subnet must use the same subnet prefix, and the subnet prefix must be unique within the entire TCP/IP network.

  • The host ID (also known as a host address) portion of an IPv4 unicast address identifies a network node's interface on a subnet. The host ID must be unique within the network segment.

Figure 3-3 illustrates the structure of an example unicast IPv4 address.

Bb726995.tcch0303(en-us,TechNet.10).gif

Figure 3-3  Structure of an example unicast IPv4 address

If the subnet prefix is unique to the TCP/IP network and the host ID is unique on the network segment, the entire IPv4 unicast address is unique to the entire TCP/IP network.

Internet Address Classes

The Internet community originally defined address classes to systematically assign address prefixes to networks of varying sizes. The class of address defined how many bits were used for the address prefix of a single subnet and how many bits were used for the host ID. Address classes also defined the possible number of networks and the number of hosts per network. Of five address classes, class A, B, and C addresses were reserved for IPv4 unicast addresses. Class D addresses were reserved for IPv4 multicast addresses, and class E addresses were reserved for experimental uses.

Class A address prefixes were assigned to networks with very large numbers of hosts. The prefix length of Class A address prefixes is only 8 bits, allowing the remaining 24 bits to identify up to 16,777,214 host IDs. However, the short prefix length limits the number of networks that can receive class A address prefixes to 126. First, the high-order bit in class A address prefixes is always set to 0. That convention decreases the number of class A address prefixes from 256 to 128. Second, addresses in which the first eight bits are set to 00000000 cannot be assigned because they constitute a reserved address prefix. Third, addresses in which the first eight bits are set to 01111111 (127 in decimal) cannot be assigned because they are reserved for loopback addresses. Those last two conventions decrease the number of class A address prefixes from 128 to 126.

For any IPv4 subnet prefix, the two host IDs in which all the host bits are set to 0 (the all-zeros host ID) or to 1 (the all-ones host ID) are reserved and cannot be assigned to network node interfaces. This convention reduces the number of host IDs in each class A address prefix from 16,777,216 (224) to 16,777,214.

Figure 3-4 illustrates the structure of class A addresses.

Bb726995.tcch0304(en-us,TechNet.10).gif

Figure 3-4  Structure of class A addresses

Class B address prefixes were assigned to medium to large-sized networks. In addresses for these networks, the first 16 bits specify a particular network, and the last 16 bits specify a particular host. However, the two high-order bits in a class B address are always set to 10, which makes the address prefix for all class B networks and addresses 128.0.0.0/2 (or 128.0.0.0, 192.0.0.0). With 14 bits to express class B address prefixes and 16 bits to express host IDs, class B addresses can be assigned to 16,384 networks with up to 65,534 hosts per network.

Figure 3-5 illustrates the structure of class B addresses.

Bb726995.tcch0305(en-us,TechNet.10).gif

Figure 3-5  Structure of class B addresses

Class C addresses were assigned to small networks. In addresses for these networks, the first 24 bits specify a particular network, and the last 8 bits specify particular hosts. However, the three high-order bits in a class C address are always set to 110, which makes the address prefix for all class C networks and addresses 192.0.0.0/3 (or 192.0.0.0, 224.0.0.0). With 21 bits to express class C address prefixes and 8 bits to express host IDs, class C addresses can be assigned to 2,097,152 networks with up to 254 hosts per network.

Figure 3-6 illustrates the structure of class C addresses.

Bb726995.tcch0306(en-us,TechNet.10).gif

Figure 3-6  Structure of class C addresses

Class D addresses are reserved for IPv4 multicast addresses. The four high-order bits in a class D address are always set to 1110, which makes the address prefix for all class D addresses 224.0.0.0/4 (or 224.0.0.0, 240.0.0.0). For more information, see "IPv4 Multicast Addresses" in this chapter.

Class E addresses are reserved for experimental use. The high-order bits in a class E address are set to 1111, which makes the address prefix for all class E addresses 240.0.0.0/4 (or 240.0.0.0, 240.0.0.0).

Table 3-2 summarizes the Internet address classes A, B, and C that can be used for IPv4 unicast addresses.

Class

Value for w

Address Prefix Portion

Host ID Portion

Address Prefixes

Host IDs per Address Prefix

A

1-126

w

x.y.z

126

16,277,214

B

128-191

w.x

y.z

16,384

65,534

C

192-223

w.x.y

z

2,097,152

254

Table 3-2  Internet Address Class Summary

Modern Internet Addresses

The Internet address classes are an obsolete method of allocating unicast addresses because it proved inefficient. For example, a large organization with a class A address prefix can have up to 16,777,214 hosts. However, if the organization uses only 70,000 host IDs, 16,707,214 potential IPv4 unicast addresses for the Internet are wasted.

Since 1993, IPv4 address prefixes are assigned to organizations based on the organization's actual need for Internet-accessible IPv4 unicast addresses. This method is known as Classless Inter-Domain Routing (CIDR). For example, an organization determines that it needs 2,000 Internet-accessible IPv4 unicast addresses. The Internet Corporation for Assigned Names and Numbers (ICANN) or an Internet service provider (ISP) allocates an IPv4 address prefix in which 21 bits are fixed, leaving 11 bits for host IDs. From the 11 bits for host IDs, you can create 2,046 possible IPv4 unicast addresses.

CIDR-based address allocations typically start at 24 bits for the address prefix and 8 bits for the host ID. Table 3-3 lists the required number of host IDs and the corresponding prefix length for CIDR-based address allocations.

Number of Host IDs

Prefix Length

Dotted Decimal

2–254          

/24

255.255.255.0

255–510        

/23

255.255.254.0

511–1,022         

/22

255.255.252.0

1,021–2,046          

/21

255.255.248.0

2,047–4,094          

/20

255.255.240.0

4,095–8,190        

/19

255.255.224.0

8,191–16,382        

/18

255.255.192.0

16,383–32,766         

/17

255.255.128.0

32,767–65,534         

/16

255.255.0.0

Table 3-3  Host ID Requirements and CIDR-based Prefix Lengths

Public Addresses

If you want direct (routed) connectivity to the Internet, then you must use public addresses. If you want indirect (proxied or translated) connectivity to the Internet, you can use either public or private addresses. If your intranet is not connected to the Internet in any way, you can use any unicast IPv4 addresses that you want. However, you should use private addresses to avoid network renumbering if your intranet ever directly connects to the Internet.

ICANN assigns public addresses, which consist of either historically allocated classful address prefixes or, more recently, CIDR-based address prefixes that are guaranteed to be unique on the Internet. For CIDR-based address prefixes, the value of w (the first octet) ranges from 1 to 126 and from 128 to 223, with the exception of the private address prefixes described in the "Private Addresses" section of this chapter.

When ICANN assigns a public address prefix to an organization, routes are added to the routers of the Internet so that traffic matching the address prefix can reach the organization. For example, when an organization is assigned an address prefix, that address prefix also exists as a route in the routers of the Internet. IPv4 packets that are sent to an address within the assigned address prefix are routed to the proper destination.

Illegal Addresses

Private organization intranets that do not need an Internet connection can choose any address scheme they want, even using public address prefixes that ICANN has assigned to other networks. If the private organization later decides to directly connect to the Internet, these addresses could conflict with existing public addresses and become illegal addresses. Organizations with illegal addresses cannot receive traffic at those addresses because the routers of the Internet send traffic destined to ICANN-allocated address prefixes to the assigned organizations, not to the organizations using illegal addresses.

For example, a private organization chooses to use the 206.73.118.0/24 address prefix for its intranet. ICANN has assigned that prefix to the Microsoft Corporation, and routes exist on the Internet routers to send all packets for IPv4 addresses on 206.73.118.0/24 to Microsoft. As long as the private organization does not connect to the Internet, it has no problem because the two address prefixes are on separate IPv4 networks; therefore, the addresses are unique to each network. If the private organization later connects directly to the Internet and continues to use the 206.73.118.0/24 address prefix, any traffic sent through the Internet to those addresses will arrive at Microsoft, not the private organization.

Private Addresses

Each IPv4 interface requires an IPv4 address that is unique within the IPv4 network. In the case of the Internet, each IPv4 interface on a subnet connected to the Internet requires an IPv4 address that is unique within the Internet. As the Internet grew, organizations connecting to it required a public address for each interface on their intranets. This requirement placed a huge demand on the pool of available public addresses.

When analyzing the addressing needs of organizations, the designers of the Internet noted that, for many organizations, most of the hosts did not require direct connectivity to the Internet. Those hosts that did require a specific set of Internet services, such as Web access and e-mail, typically accessed the Internet services through Application layer gateways, such as proxy servers and e-mail servers. The result is that most organizations required only a few public addresses for those nodes (such as proxies, servers, routers, firewalls, and translators) that were directly connected to the Internet.

Hosts within the organization that do not require direct access to the Internet required IPv4 addresses that do not duplicate already-assigned public addresses. To solve this addressing problem, the Internet designers reserved a portion of the IPv4 address space for private addresses. IPv4 addresses in the private address space are known as private addresses and never assigned as public addresses. Because the public and private address spaces do not overlap, private addresses never duplicate public addresses.

RFC 1918 defines the following address prefixes for the private address space:

  • 10.0.0.0/8  (10.0.0.0, 255.0.0.0)

    Allows the following range of valid IPv4 unicast addresses: 10.0.0.1 to 10.255.255.254. The 10.0.0.0/8 address prefix has 24 host bits that you can use for any addressing scheme within a private organization.

  • 172.16.0.0/12 (172.16.0.0, 255.240.0.0)

    Allows the following range of valid IPv4 unicast addresses: 172.16.0.1 to 172.31.255.254. The 172.16.0.0/12 address prefix has 20 host bits that you can use for any addressing scheme within a private organization.

  • 192.168.0.0/16 (192.168.0.0, 255.255.0.0)

    Allows the following range of valid IPv4 unicast addresses: 192.168.0.1 to 192.168.255.254. The 192.168.0.0/16 address prefix has 16 host bits that you can use for any addressing scheme within a private organization.

Because ICANN will never assign the IPv4 addresses in the private address space to an organization connected to the Internet, Internet routers will never contain routes to private addresses. You cannot connect to a private address over the Internet. Therefore, a host that has a private address must send its Internet traffic requests to an Application layer gateway (such as a proxy server) that has a valid public address or through a network address translation (NAT) device that translates the private address into a valid public address.

Automatic Private IP Addressing

As described in Chapter 1, "Introduction to TCP/IP," you can configure an interface on a computer running Windows Server 2003 or Windows XP so that the interface obtains an IPv4 address configuration automatically. If the computer does not contact a Dynamic Host Configuration Protocol (DHCP) server, the computer uses its alternate configuration, as specified on the Alternate Configuration tab of the properties dialog box for the Internet Protocol (TCP/IP) component.

If the Automatic Private IP Address option is selected on the Alternate Configuration tab and a DHCP server cannot be found, the TCP/IP component of Windows uses Automatic Private IP Addressing (APIPA). The TCP/IP component randomly selects an IPv4 address from the 169.254.0.0/16 address prefix and assigns the subnet mask of 255.255.0.0. ICANN has reserved this address prefix, and it is not reachable on the Internet. APIPA allows single-subnet Small Office/Home Office (SOHO) networks to use TCP/IP without requiring an administrator to configure and update static addresses or administer a DHCP server. APIPA does not configure a default gateway. Therefore, you can exchange traffic only with other nodes on the subnet.

Special IPv4 Addresses

The following are special IPv4 addresses:

  • 0.0.0.0

    Known as the unspecified IPv4 address, it indicates the absence of an address. The unspecified address is used only as a source address when the IPv4 node is not configured with an IPv4 address configuration and is attempting to obtain an address through a configuration protocol such as DHCP.

  • 127.0.0.1

    Known as the IPv4 loopback address, it is assigned to an internal loopback interface. This interface enables a node to send packets to itself.

Unicast IPv4 Addressing Guidelines

When you assign subnet prefixes to the subnets of an organization, use the following guidelines:

  • The subnet prefix must be unique within the IPv4 network.

    If hosts can directly access the Internet from the subnet, you must use a public IPv4 address prefix assigned by ICANN or an Internet service provider. If hosts cannot directly access the Internet from the subnet, use either a legal public address prefix or a private address prefix that is unique within your private intranet.

  • The subnet prefix cannot begin with the numbers 0 or 127.

    Both of these values for the first octet are reserved, and you cannot use them for IPv4 unicast addresses.

When you assign host IDs to the interfaces of nodes on an IPv4 subnet, use the following guidelines:

  • The host ID must be unique within the subnet.

  • You cannot use the all-zeros or all-ones host IDs.

When defining the range of valid IPv4 unicast addresses for a given address prefix, use the following standard practice:

  • For the first IPv4 unicast address in the range, set all the host bits in the address to 0, except for the low-order bit, which you set to 1.

  • For the last IPv4 unicast address in the range, set all the host bits in the address to 1, except for the low-order bit, which you set to 0.

For example, to express the range of addresses for the address prefix 192.168.16.0/20:

  • The first IPv4 unicast address in the range is 11000000 10101000 00010000 00000001 (host bits are in bold), or 192.168.16.1.

  • The last IPv4 unicast address in the range is 11000000 10101000 00011111 11111110 (host bits are in bold), or 192.168.31.254.

Therefore, the range of addresses for the address prefix 192.168.16.0/20 is 192.168.16.1 to 192.168.31.254.

IPv4 Multicast Addresses

IPv4 uses multicast addresses to deliver single packets from one source to many destinations. On an IPv4 intranet that is enabled for multicast, routers forward an IPv4 packet addressed to an IPv4 multicast address to the subnets on which hosts are listening to the traffic sent to the IPv4 multicast address. IPv4 multicast efficiently delivers many types of communication from one source to many destinations.

IPv4 multicast addresses are defined by the class D Internet address class: 224.0.0.0/4. IPv4 multicast addresses range from 224.0.0.0 through 239.255.255.255. IPv4 multicast addresses for the 224.0.0.0/24 address prefix (224.0.0.0 through 224.0.0.255) are reserved for multicast traffic on a local subnet.

IPv4 Broadcast Addresses

IPv4 uses a set of broadcast addresses to deliver packets from one source to all interfaces on the subnet. All the interfaces on the subnet process packets sent to IPv4 broadcast addresses. The following are the types of IPv4 broadcast addresses:

  • Network broadcast

    Formed by setting all the host bits to 1 for a classful address prefix. For example, 131.107.255.255 is a network broadcast address for the classful address prefix 131.107.0.0/16. Network broadcasts send packets to all interfaces of a classful network. IPv4 routers do not forward network broadcast packets.

  • Subnet broadcast

    Formed by setting all the host bits to 1 for a classless address prefix. For example, 131.107.26.255 is a network broadcast address for the classless subnet prefix 131.107.26.0/24. Subnet broadcasts are used to send packets to all hosts of a classless network. IPv4 routers do not forward subnet broadcast packets.

    For a classful address prefix, there is no subnet broadcast address, only a network broadcast address. For a classless address prefix, there is no network broadcast address, only a subnet broadcast address.

  • All-subnets-directed broadcast

    Formed by setting the classful address prefix host bits to 1 for a classless subnet prefix. The all-subnets-directed broadcast address is deprecated in RFC 1812. A packet addressed to the all-subnets-directed broadcast address was defined to reach all hosts on all of the subnets of a classful address prefix that has been subnetted. For example, 131.107.255.255 is the all-subnets-directed broadcast address for the subnetted address prefix 131.107.26.0/24. The all-subnets-directed broadcast address is the network broadcast address of the original classful address prefix.

  • Limited broadcast

    Formed by setting all 32 bits of the IPv4 address to 1 (255.255.255.255). The limited broadcast address is used for one-to-everyone delivery on the local subnet when the local subnet prefix is unknown. IPv4 nodes typically use the limited broadcast address only during an automated configuration process such as Boot Protocol (BOOTP) or DHCP. For example, a DHCP client must use the limited broadcast address for all traffic sent before the DHCP server acknowledges the use of the offered IPv4 address configuration.

IPv6 Addressing

The most obvious difference between IPv6 and IPv4 is address size. An IPv6 address is 128 bits long, which is four times larger than an IPv4 address. A 32-bit address space allows for 232 or 4,294,967,296 possible addresses. A 128-bit address space allows for 2128 or 340,282,366,920,938,463,463,374,607,431,768,211,456 (or 3.4x1038) possible addresses.

The IPv4 address space was designed in the late 1970s when few people, if any, imagined that the addresses could be exhausted. However, due to the original allocation of Internet address class-based address prefixes and the recent explosion of hosts on the Internet, the IPv4 address space was consumed to the point that by 1992 it was clear a replacement would be necessary.

With IPv6, it is even harder to conceive that the IPv6 address space will be consumed. To help put this in perspective, a 128-bit address space provides 655,570,793,348,866,943,898,599 (6.5x1023) addresses for every square meter of the Earth’s surface. The decision to make the IPv6 address 128 bits long was not so that every square meter of the Earth could have 6.5x1023 addresses. Rather, the relatively large size of the IPv6 address space is designed for efficient address allocation and routing that reflects the topology of the modern-day Internet and to accommodate 64-bit media access control (MAC) addresses that newer networking technologies are using. The use of 128 bits allows for multiple levels of hierarchy and flexibility in designing hierarchical addressing and routing, which the IPv4-based Internet lacks.

RFC 3513 describes the IPv6 addressing architecture.

IPv6 Address Syntax

IPv4 addresses are represented in dotted decimal notation. For IPv6, the 128-bit address is divided along 16-bit boundaries, each 16-bit block is converted to a 4-digit hexadecimal number (the Base16 numbering system), and adjacent 16-bit blocks are separated by colons. The resulting representation is known as colon-hexadecimal.

The following is an IPv6 address in binary form:

0011111111111110001010010000000011010000000001010000000000000000

0000001010101010000000001111111111111110001010001001110001011010

The 128-bit address is divided along 16-bit boundaries:

0011111111111110   0010100100000000   1101000000000101   0000000000000000  0000001010101010   0000000011111111   1111111000101000   1001110001011010    

Each 16-bit block is converted to hexadecimal, and adjacent blocks are separated with colons. The result is:

3FFE:2900:D005:0000:02AA:00FF:FE28:9C5A

IPv6 representation can be further simplified by removing the leading zeros within each 16-bit block. However, each block must have at least a single digit. With leading zero suppression, the address becomes:

3FFE:2900:D005:0:2AA:FF:FE28:9C5A

Converting Between Binary and Hexadecimal

The hexadecimal numbering system uses the digits 0 through 9, A, B, C, D, E, and F and the exponential powers of 16 to express a number. Table 3-4 lists decimal, hexadecimal, and binary equivalents of the numbers 0-15.

Decimal

Hexadecimal

Binary

0

0

0000

1

1

0001

2

2

0010

3

3

0011

4

4

0100

5

5

0101

6

6

0110

7

7

0111

8

8

1000

9

9

1001

10

A

1010

11

B

1011

12

C

1100

13

D

1101

14

E

1110

15

F

1111

Table 3-4  Decimal, Hexadecimal, and Binary Conversions

To convert a hexadecimal number to a binary number, convert each hexadecimal digit to its 4-bit equivalent. For example, to convert the hexadecimal number 0x03D8 to binary, convert each hexadecimal digit (0, 3, D, and 8) to binary. Therefore, 0x03D8 is 0000 0011 1101 1000, or 0000001111011000.

To convert a binary number to a hexadecimal number, segment the binary number into 4-bit blocks starting from the low-order bit. Then convert each 4-bit block to its hexadecimal equivalent. For example, to convert the binary number 0110000110101110 to hexadecimal, first divide the entire number into 4-bit blocks, which are 0110 0001 1010 1110. Then, convert each block to hexadecimal digits, which are 0x61AE.

Although you can use the calculator in Windows Server 2003 or Windows XP to convert between hexadecimal and binary, it helps you to better understand the conversions if you can do them manually. To convert between decimal and hexadecimal, which you will not need often for IPv6 addresses, use the Windows calculator.

Compressing Zeros

Some types of addresses contain long sequences of zeros. To further simplify the representation of IPv6 addresses, you can compress a single contiguous sequence of 16-bit blocks set to 0 in the colon hexadecimal format to “::”, known as double-colon.

For example, you can compress the unicast IPv6 address of FE80:0:0:0:2AA:FF:FE9A:4CA2 to FE80::2AA:FF:FE9A:4CA2, and you can compress the multicast IPv6 address FF02:0:0:0:0:0:0:2 to FF02::2.

You can use zero compression to compress only a single contiguous series of 16-bit blocks expressed in colon hexadecimal notation. You cannot use zero compression to include part of a 16-bit block. For example, you cannot express FF02:30:0:0:0:0:0:5 as FF02:3::5.

To determine how many 0 bits are represented by the “::”, you can count the number of blocks in the compressed address, subtract this number from 8, and then multiply the result by 16. For example, the address FF02::2 has two blocks (the “FF02” block and the “2” block), so the other six blocks of 16 bits (96 bits total) have been compressed.

You can use zero compression only once in a given address. Otherwise, you could not determine the number of 0 bits represented by each instance of “::”. If an address contains two series of zero blocks of the same length and no series of zero blocks is longer, then by convention the left-most block is expressed as “::”.

IPv6 Address Prefixes

You express IPv6 address ranges as address prefixes in the same manner as you express IPv4 address ranges using prefix length notation. For example, FF00::/8 is an address range, 2001:DB8::/32 is a route prefix, and 2001:DB8:0:2F3B::/64 is a subnet prefix. You do not express an address prefix using a colon hexadecimal equivalent of an IPv4 subnet mask.

Types of IPv6 Addresses

IPv6 has three types of addresses:

  • Unicast

    A unicast address identifies a single interface within the scope of the type of unicast address. With the appropriate unicast routing topology, packets addressed to a unicast address are delivered to a single interface. A unicast address is used for communication from one source to a single destination.

  • Multicast

    A multicast address identifies multiple interfaces. With the appropriate multicast routing topology, packets addressed to a multicast address are delivered to all interfaces that are identified by the address. A multicast address is used for communication from one source to many destinations, with delivery to multiple interfaces.

  • Anycast

    An anycast address identifies multiple interfaces. With the appropriate routing topology, packets addressed to an anycast address are delivered to a single interface, the nearest interface that the address identifies. The “nearest” interface is defined as being closest in terms of routing distance.  An anycast address is used for communication from one source to one of multiple destinations, with delivery to a single interface.

IPv6 addresses always identify interfaces, not nodes. A node is identified by any unicast address assigned to one of its interfaces.

RFC 3513 does not define any types of broadcast addresses. Instead, IPv6 multicast addresses are used. For example, the subnet and limited broadcast addresses from IPv4 are replaced with the reserved IPv6 multicast address of FF02::1.

IPv6 Unicast Addresses

The following types of addresses are unicast IPv6 addresses:

  • Global unicast addresses

  • Link-local addresses

  • Site-local addresses

  • Unique local addresses

  • Special IPv6 addresses

  • Compatibility addresses

Global Unicast Addresses

Global unicast addresses are equivalent to public IPv4 addresses. They are globally routable and reachable on the IPv6 portion of the Internet, known as the IPv6 Internet.

Global unicast addresses can be aggregated or summarized to produce an efficient routing infrastructure. The current IPv4-based Internet is a mixture of both flat and hierarchical routing, but the IPv6-based Internet has been designed from its foundation to support efficient, hierarchical addressing and routing. Global unicast addresses are unique across their scope, which is the entire IPv6 Internet. For more information about routing infrastructure including route aggregation and summarization, see Chapter 5, "IP Routing."

Figure 3-7 shows the general structure of a global unicast address as defined in RFC 3587.

Bb726995.tcch0307(en-us,TechNet.10).gif

Figure 3-7  Structure of a global unicast address as defined in RFC 3587

Figure 3-8 shows the structure of global unicast addresses being allocated by IANA at the time of this writing, as defined in RFC 3587.

Bb726995.tcch0308(en-us,TechNet.10).gif

Figure 3-8  Global unicast addresses being currently assigned by IANA

The fields in the global unicast address are:

  • Fixed Portion (set to 001)

    The three high-order bits are set to 001. The address prefix for currently assigned global addresses is 2000::/3.

  • Global Routing Prefix

    The global routing prefix identifies a specific organization's site. The combination of the three fixed bits and the 45-bit Global Routing Prefix is used to create a 48-bit site address prefix, which is assigned to the individual sites of an organization. Once assigned, routers on the IPv6 Internet forward IPv6 traffic matching the 48-bit address prefix to the routers of the organization's site.

  • Subnet ID

    The Subnet ID identifies subnets within an organization's site. This field is 16 bits long. The organization's site can use these 16 bits within its site to create 65,536 subnets or multiple levels of addressing hierarchy and an efficient routing infrastructure.

  • Interface ID

    The Interface ID indicates an interface on a subnet within the site. This field is 64 bits long.

For example, 2001:DB8:2A3C:F282:2B0:D0FF:FEE9:4143 is a global unicast IPv6 address. Within this address:

  • 2001:DB8:2A3C indicates an organization's site

  • F282 indicates a subnet within that site

  • 2B0:D0FF:FEE9:4143 indicates an interface on that subnet within that site

The fields within the global unicast address as defined in RFC 3587 create a three-level structure, as Figure 3-9 shows.

Bb726995.tcch0309(en-us,TechNet.10).gif

Figure 3-9  The three-level structure of a global unicast address as defined in RFC 3587

The public topology is the collection of larger and smaller ISPs that provide access to the IPv6 Internet and the organizations that connect to the IPv6 Internet. The site topology is the collection of subnets within an organization’s site. The interface identifier identifies a specific interface on a subnet within an organization’s site.

Local-use unicast addresses fall into two categories:

  • Link-local addresses are used between on-link neighbors and for Neighbor Discovery processes, which define how nodes on an IPv6 subnet interact with hosts and routers.

  • Site-local addresses are used between nodes communicating with other nodes in the same site of an organization’s intranet.

Nodes use link-local addresses when communicating with neighboring nodes on the same link, also known as a subnet. For example, on a single-link IPv6 network with no router, link-local addresses are used to communicate between hosts on the link. Link-local addresses are equivalent to APIPA IPv4 addresses autoconfigured on computers that are running Windows. The scope of a link-local address (the region of the network across which the address is unique) is the local link.

A link-local address is required for Neighbor Discovery processes and is always automatically configured, even in the absence of all other unicast addresses.

For more information about IPv6 address autoconfiguration for link-local addresses, see Chapter 6, "Dynamic Host Configuration Protocol."

Figure 3-10 shows the structure of the link-local address.

Bb726995.tcch0310(en-us,TechNet.10).gif

Figure 3-10  Structure of the link-local address

Because the first 64 bits of the link-local address are fixed, the address prefix for all link-local addresses is FE80::/64.

An IPv6 router never forwards link-local traffic beyond the link.

Site-Local Addresses

Site-local addresses are equivalent to the IPv4 private address space. Private intranets that do not have a direct, routed connection to the IPv6 Internet can use site-local addresses without conflicting with global addresses. Site-local addresses are not reachable from other sites, and routers must not forward site-local traffic outside the site. Site-local addresses can be used in addition to global addresses. The scope of a site-local address is a site (a portion of an organization network that has defined geographical, topological, or network bandwidth boundaries).

Unlike link-local addresses, site-local addresses are not automatically configured and must be assigned either through stateless or stateful address configuration.

Figure 3-11 shows the structure of the site-local address.

Bb726995.tcch0311(en-us,TechNet.10).gif

Figure 3-11  Structure of the site-local address

The first 10 bits of site-local addresses are fixed at 1111 1110 11. Therefore, the address prefix for all site-local addresses is FEC0::/10. Beyond the 10 high-order fixed bits is a 54-bit Subnet ID field that you can use to create subnets within your organization. With 54 bits, you can have up to 254 subnets in a flat subnet structure, or you can subdivide the high-order bits of the Subnet ID field to create a hierarchical and summarizable routing infrastructure. After the Subnet ID field is a 64-bit Interface ID field that identifies a specific interface on a subnet.

Note  RFC 3879 formally deprecates the use of site-local addresses for future IPv6 implementations. Existing implementations of IPv6 can continue to use site-local addresses until a replacement has been standardized. An updated version of the "Internet Protocol Version 6 (IPv6) Addressing Architecture" standard is now published as an Internet draft (draft-ietf-ipv6-addr-arch-v4-0x.txt) and includes the deprecation of site-local addresses. This Internet draft of the standard for IPv6 addressing will make RFC 3513 obsolete.

Link-local and site-local addresses are not unique within an organization intranet. Link-local addresses can be duplicated per link (subnet). Site-local addresses can be duplicated per site. Therefore, when specifying a link-local destination address, you must specify the link on which the destination is located. For a site-local destination address when you are using multiple sites, you must specify the site in which the destination is located. You use a zone ID to specify the portion or zone of the network on which the destination can be reached. In the Ping, Tracert, and Pathping commands, the syntax for specifying a zone ID is IPv6Address%ZoneID.

For link-local destinations, ZoneID is typically equal to the interface index of the interface attached to the link on which the destination is located. The interface index is an internal number assigned to an IPv6 interface that is visible from the display of the netsh interface ipv6 show interface command. For site-local addresses, ZoneID is equal to the site number that is visible from the display of the netsh interface ipv6 show address level=verbose command. If multiple sites are not being used, a zone ID for site-local addresses is not required. The ZoneID parameter is not needed when the destination is a global unicast address.

Unique Local Addresses

Site-local addresses provide a private addressing alternative to using global addresses for intranet traffic. However, because the site-local address prefix can be used to address multiple sites within an organization, a site-local address prefix and address can be duplicated and require a zone ID to specify the destination site. The ambiguity of site-local addresses in an organization adds complexity and difficulty for applications, routers, and network managers. For more information, see section 2 of RFC 3879.

To replace site-local addresses with a new type of address that is private to an organization, yet unique across all of the sites of the organization, RFC 4193 defines unique local IPv6 unicast addresses.

The unique local address has the following structure:

  • The first 7 bits are set at the fixed binary value of 1111110. All unique local addresses have the address prefix FC00::/7.

  • The next bit is the Local (L) flag, which is set 1 to indicate a local address. The L flag value set to 0 has not yet been defined. Unique local addresses with the L flag set to 1 have the address prefix of FD00::/8.

  • The next 40 bits are for the Global ID, which is used to identify a specific site within an organization and is set to a randomly derived 40-bit value. By deriving a random value for the Global ID, an organization can have unique 48-bit prefixes assigned to the sites of their organizations. Additionally, two organizations that use Local addresses that merge have a low probability of duplicating a 48-bit Local address prefix, minimizing site renumbering.

  • The next 16 bits are for the Subnet ID, which is used to identify a specific subnet within a site. The global address and Local address share the same structure beyond the first 48 bits of the address. In global addresses, the Subnet ID field identifies the subnet within an organization. For Local addresses, the Subnet ID field can perform the same function. Therefore, you can create a subnetting infrastructure that is used for both Local and global unicast addresses.

  • The last 64 bits are for the interface ID.

Special IPv6 Addresses

The following are special IPv6 addresses:

  • Unspecified address

    The unspecified address (0:0:0:0:0:0:0:0 or ::) indicates the absence of an address and is equivalent to the IPv4 unspecified address of 0.0.0.0. The unspecified address is typically used as a source address for packets attempting to verify the uniqueness of a tentative address. The unspecified address is never assigned to an interface or used as a destination address.

  • Loopback address

    The loopback address (0:0:0:0:0:0:0:1 or ::1) identifies a loopback interface. This address enables a node to send packets to itself and is equivalent to the IPv4 loopback address of 127.0.0.1. Packets addressed to the loopback address are never sent on a link or forwarded by an IPv6 router.

Compatibility Addresses

To aid in the transition from IPv4 to IPv6, the following addresses are defined:

  • IPv4-compatible address

    The IPv4-compatible address, 0:0:0:0:0:0:w.x.y.z or ::w.x.y.z (where w.x.y.z is the dotted decimal representation of a public IPv4 address), is used by IPv6/IPv4 nodes that are communicating using IPv6. IPv6/IPv4 nodes are nodes with both IPv4 and IPv6 protocols. When the IPv4-compatible address is used as an IPv6 destination, the IPv6 traffic is automatically encapsulated with an IPv4 header and sent to the destination using the IPv4 infrastructure. IPv6 for Windows Server 2003 and Windows XP supports IPv4-compatible addresses, but they are disabled by default.

  • IPv4-mapped address

    The IPv4-mapped address, 0:0:0:0:0:FFFF:w.x.y.z or ::FFFF:w.x.y.z, represents an IPv4-only node to an IPv6 node. IPv4-mapped addresses are used for internal representation only. The IPv4-mapped address is never used as a source or destination address of an IPv6 packet. IPv6 for Windows Server 2003 and Windows XP does not support IPv4-mapped addresses.

  • 6to4 address

    The 6to4 address is used for communicating between two nodes running both IPv4 and IPv6 over the Internet. You form the 6to4 address by combining the global prefix 2002::/16 with the 32 bits of a public IPv4 address of the node, forming a 48-bit prefix. 6to4 is an IPv6 transition technology described in RFC 3056.

  • ISATAP address

    Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) defines ISATAP addresses used between two nodes running both IPv4 and IPv6 over a private intranet. ISATAP addresses use the locally administered interface ID ::0:5EFE:w.x.y.z in which w.x.y.z is any unicast IPv4 address, public or private. You can combine the ISATAP interface ID with any 64-bit prefix that is valid for IPv6 unicast addresses, including the link-local address prefix (FE80::/64), site-local prefixes, and global prefixes. ISATAP is an IPv6 transition technology described in RFC 4214.

  • Teredo address

    The Teredo address is used for communicating between two nodes running both IPv4 and IPv6 over the Internet when one or both of the endpoints are located behind an IPv4 network address translation (NAT) device. You form the Teredo address by combining the 2001::/32 Teredo prefix with the public IPv4 address of a Teredo server and other elements. Teredo is an IPv6 transition technology described in RFC 4380

For more information about 6to4, ISATAP, and Teredo addresses, see Chapter 15, "IPv6 Transition Technologies."

IPv6 Interface Identifiers

The last 64 bits of a unicast IPv6 address are the interface identifier that is unique to the 64-bit prefix of the IPv6 address. IPv6 interface identifiers are determined as follows:

  • A 64-bit interface identifier that is derived from the Extended Unique Identifier (EUI)-64 address.  

  • A randomly generated interface identifier that changes over time to provide a level of anonymity.

  • An interface identifier that is assigned during stateful address autoconfiguration (for example, through Dynamic Host Configuration Protocol for IP version 6 [DHCPv6]).

EUI-64 Address-based Interface Identifiers

RFC 3513 states that all unicast addresses that use the prefixes 001 through 111 must also use a 64-bit interface identifier derived from the EUI-64 address, a 64-bit address that is defined by the IEEE. EUI-64 addresses are either assigned to a network adapter or derived from IEEE 802 addresses.

A traditional interface identifier for a network adapter uses a 48-bit address called an IEEE 802 address. It consists of a 24-bit company ID (also called the manufacturer ID) and a 24-bit extension ID (also called the board ID). The combination of the company ID, which is uniquely assigned to each manufacturer of network adapters, and the board ID, which is uniquely assigned to each network adapter at the time of assembly, produces a globally unique 48-bit address. This 48-bit address is also called the physical, hardware, or MAC address.

Figure 3-12 shows the structure of the 48-bit IEEE 802 address.

Bb726995.tcch0312(en-us,TechNet.10).gif

Figure 3-12  Structure of the 48-bit IEEE 802 address

Defined bits within the IEEE 802 address are:

  • Universal/Local (U/L)

    The next-to-the-low-order bit in the first byte indicates whether the address is universally or locally administered. If the U/L bit is set to 0, the IEEE (through the designation of a unique company ID) has administered the address. If the U/L bit is set to 1, the address is locally administered. The network administrator has overridden the manufactured address and specified a different address. The U/L bit is designated by the u in Figure 3-12.

  • Individual/Group (I/G)

    The low order bit of the first byte indicates whether the address is an individual address (unicast) or a group address (multicast). When set to 0, the address is a unicast address. When set to 1, the address is a multicast address. The I/G bit is designated by the g in Figure 3-12.

For a typical 802 network adapter address, both the U/L and I/G bits are set to 0, corresponding to a universally administered, unicast MAC address.

The IEEE EUI-64 address represents a new standard for network interface addressing. The company ID is still 24 bits long, but the extension ID is 40 bits, creating a much larger address space for a network adapter manufacturer. The EUI-64 address uses the U/L and I/G bits in the same way as the IEEE 802 address.

Figure 3-13 shows the structure of the EUI-64 address.

Bb726995.tcch0313(en-us,TechNet.10).gif

Figure 3-13  Structure of the EUI-64 address

Figure 3-14 shows how to create an EUI-64 address from an IEEE 802 address. You insert the 16 bits 11111111 11111110 (0xFFFE) into the IEEE 802 address between the company ID and the extension ID.

Bb726995.tcch0314(en-us,TechNet.10).gif

Figure 3-14  Converting an IEEE 802 address to an EUI-64 address

To obtain the 64-bit interface identifier for IPv6 unicast addresses, the U/L bit in the EUI-64 address is complemented. (If it is a 1, it is set to 0; and if it is a 0, it is set to 1.) Figure 3-15 shows the conversion for a universally administered, unicast EUI-64 address.

Bb726995.tcch0315(en-us,TechNet.10).gif

Figure 3-15  Converting a universally administered, unicast EUI-64 address to an IPv6 interface identifier

To obtain an IPv6 interface identifier from an IEEE 802 address, you must first map the IEEE 802 address to an EUI-64 address, and then you complement the U/L bit. Figure 3-16 shows this conversion for a universally administered, unicast IEEE 802 address.

Bb726995.tcch0316(en-us,TechNet.10).gif

Figure 3-16  Converting a universally administered, unicast IEEE 802 address to an IPv6 interface identifier

IEEE 802 Address Conversion Example

Host A has the Ethernet MAC address of 00-AA-00-3F-2A-1C. First, you convert it to EUI-64 format by inserting FF-FE between the third and fourth bytes, yielding 00-AA-00-FF-FE-3F-2A-1C. Then you complement the U/L bit, which is the seventh bit in the first byte. The first byte in binary form is 00000000. When you complement the seventh bit, it becomes 00000010 (0x02). When you convert the final result, 02-AA-00-FF-FE-3F-2A-1C, to colon hexadecimal notation, it becomes the interface identifier 2AA:FF:FE3F:2A1C. As a result, the link-local address that corresponds to the network adapter with the MAC address of 00-AA-00-3F-2A-1C is FE80::2AA:FF:FE3F:2A1C.

When you complement the U/L bit, add 0x2 to the first byte if the address is universally administered, and subtract 0x2 from the first byte if the address is locally administered.

Temporary Address Interface Identifiers

In today’s IPv4-based Internet, a typical Internet user connects to an Internet service provider (ISP) and obtains an IPv4 address using the Point-to-Point Protocol (PPP) and the Internet Protocol Control Protocol (IPCP). Each time the user connects, a different IPv4 address might be obtained, making it difficult to track a dial-up user’s traffic on the Internet on the basis of an IPv4 address.

For IPv6-based dial-up connections, the user is assigned a 64-bit prefix after the connection is made through router discovery and stateless address autoconfiguration. If the interface identifier is always based on the EUI-64 address (as derived from the static IEEE 802 address), an attacker can identify the traffic of a specific node regardless of the prefix, making it easy to track specific users and how they use the Internet. To address this concern and provide a level of anonymity, RFC 3041 describes an alternative IPv6 interface identifier that is randomly generated and changes over time.

The initial interface identifier is generated by using random numbers. For IPv6 systems that cannot store any historical information for generating future interface identifier values, a new random interface identifier is generated each time the IPv6 protocol is initialized. For IPv6 systems that have storage capabilities, a history value is stored and, when the IPv6 protocol is initialized, a different interface identifier is created through the following process:

  1. Retrieve the history value from storage, and append the interface identifier based on the EUI-64 address of the adapter.

  2. Compute the Message Digest-5 (MD5) hash algorithm over the quantity in step 1. A hash produces a fixed size mathematical result from an input. Hashes are easy to compute, but it is computationally difficult to determine the input from the hash result.

  3. Save the last 64 bits of the MD5 hash computed in step 2 as the history value for the next interface identifier computation.

  4. Take the first 64 bits of the MD5 hash computed in Step 2, and set the seventh bit to 0. The seventh bit corresponds to the U/L bit, which, when set to 0, indicates a locally administered IPv6 interface identifier. The result is the IPv6 interface identifier.

The resulting IPv6 address, based on this random interface identifier, is known as a temporary address. Temporary addresses are generated for public address prefixes that use stateless address autoconfiguration.

IPv6 Multicast Addresses

IPv6 multicast addresses have the first eight bits fixed at 1111 1111. Therefore the address prefix for all IPv6 multicast addresses is FF00::/8. Beyond the first eight bits, multicast addresses include additional structure to identify flags, their scope, and the multicast group. Figure 3-17 shows the structure of the IPv6 multicast address.

Bb726995.tcch0317(en-us,TechNet.10).gif

Figure 3-17  The structure of the IPv6 multicast address

The fields in the multicast address are:

  • Flags

    Indicates flags set on the multicast address. The size of this field is 4 bits.The first low-order bit is the Transient (T) flag. When set to 0, the T flag indicates that the multicast address is a permanently assigned (well-known) multicast address allocated by IANA. When set to 1, the T flag indicates that the multicast address is a transient (non-permanently-assigned) multicast address. The second low-order bit is for the Prefix (P) flag, which indicates whether the multicast address is based on a unicast address prefix. RFC 3306 describes the P flag. The third low-order bit is for the Rendezvous Point Address (R) flag, which indicates whether the multicast address contains an embedded rendezvous point address. RFC 3956 describes the R flag.

  • Scope

    Indicates the scope of the IPv6 network for which the multicast traffic must be delivered. The size of this field is 4 bits. Routers use the multicast scope and information provided by multicast routing protocols to determine whether multicast traffic can be forwarded.

    RFC 3513 defines the values for the Scope field. The most prevalent values for the Scope field are 1 (interface-local scope), 2 (link-local scope), and 5 (site-local scope).

  • Group ID

    Identifies the multicast group and is unique within the scope. The size of this field is 112 bits. Permanently assigned group IDs are independent of the scope. Transient group IDs are relevant only to a specific scope.

To identify all nodes for the interface-local and link-local scopes, the following addresses are defined:

  • FF01::1 (interface-local scope, all-nodes multicast address)

  • FF02::1 (link-local scope, all-nodes multicast address)

To identify all routers for the interface-local, link-local, and site-local scopes, the following addresses are defined:

  • FF01::2 (interface-local scope, all-routers multicast address)

  • FF02::2 (link-local scope, all-routers multicast address)

  • FF05::2 (site-local scope, all-routers multicast address)

For the current list of permanently assigned IPv6 multicast addresses, see https://www.iana.org/assignments/ipv6-multicast-addresses.

IPv6 multicast addresses replace all forms of IPv4 broadcast addresses. The link-local scope, all-nodes multicast address (FF02::1) in IPv6 replaces the IPv4 network broadcast address (in which all host bits are set to 1 in a classful environment), the subnet broadcast address (in which all host bits are set to 1 in a classless environment), and the limited broadcast address (255.255.255.255).

Solicited-Node Multicast Address

The solicited-node multicast address facilitates the efficient querying of network nodes to resolve a link-layer address from a known IPv6 address, known as link-layer address resolution. In IPv4, the ARP Request frame on Ethernet and 802.11 wireless network segments is sent to the broadcast address 0xFF-FF-FF-FF-FF-FF. This frame disturbs all nodes on the network segment, including those that are not running IPv4. IPv6 uses the Neighbor Solicitation message to perform link-layer address resolution. However, using the local-link scope, all-nodes multicast address as the Neighbor Solicitation message destination would disturb all IPv6 nodes on the local link, so the solicited-node multicast address is used. The solicited-node multicast address is constructed from the prefix FF02::1:FF00:0/104 and the last 24 bits of a unicast IPv6 address. Figure 3-18 shows the mapping of a unicast IPv6 address to its corresponding solicited-node multicast address.

Bb726995.tcch0318(en-us,TechNet.10).gif

Figure 3-18  Creating the solicited-node multicast address

For example, Node A is assigned the link-local address of FE80::2AA:FF:FE28:9C5A and is also listening on the corresponding solicited-node multicast address of FF02::1:FF28:9C5A. (The bold highlights the correspondence of the last six hexadecimal digits.) Node B on the local link must resolve Node A’s link-local address FE80::2AA:FF:FE28:9C5A to its corresponding link-layer address. Node B sends a Neighbor Solicitation message to the solicited-node multicast address of FF02::1:FF28:9C5A. Because Node A is listening on this multicast address, it processes the Neighbor Solicitation message and replies with a unicast Neighbor Advertisement message, completing the address resolution process.

By using the solicited-node multicast address, link-layer address resolution, a common occurrence on a link, does not disturb all network nodes. As a result, very few nodes are disturbed during address resolution. In practice, the relationship between the link-layer address, the IPv6 interface ID, and the solicited-node address allows the solicited-node address to act as a pseudo-unicast address for very efficient address resolution.

IPv6 Anycast Addresses

An anycast address is assigned to multiple interfaces. The routing structure forwards packets addressed to an anycast address so that they reach the nearest interface to which the anycast address is assigned. To facilitate delivery, the routing infrastructure must be aware of the interfaces assigned anycast addresses and their “distance” in terms of routing metrics. At present, anycast addresses are used as destination addresses only. Anycast addresses are assigned out of the unicast address space, and their scope matches that of the type of unicast address from which the anycast address is assigned.

The Subnet-Router anycast address is created from the subnet prefix for a given interface. To construct the Subnet-Router anycast address, you fix the bits in the 64-bit subnet prefix at their appropriate values, and you set to 0 the bits in the Interface ID portion of the address. All router interfaces attached to a subnet are assigned the Subnet-Router anycast address for that subnet. The Subnet-Router anycast address can be used to communicate with one of multiple routers attached to a remote subnet, for example, to obtain network management statistics for traffic on the subnet.

IPv6 Addresses for a Host

An IPv4 host with a single network adapter typically has a single IPv4 address assigned to that adapter. An IPv6 host, however, usually has multiple IPv6 addresses—even with a single interface. An IPv6 host is assigned the following unicast addresses:

  • A link-local address for each interface.

  • Unicast addresses for each interface (which could be a site-local address and one or multiple global unicast addresses).

  • The loopback address (::1) for the loopback interface.

IPv6 hosts typically have at least two addresses with which they can receive packets—a link-local address for local link traffic and a routable site-local or global address.

Additionally, each host listens for traffic on the following multicast addresses:

  • The interface-local scope, all-nodes multicast address (FF01::1).

  • The link-local scope, all-nodes multicast address (FF02::1).

  • The solicited-node address for each unicast address on each interface.

  • The multicast addresses of joined groups on each interface.

IPv6 Addresses for a Router

An IPv6 router is assigned the following unicast and anycast addresses:

  • A link-local address for each interface.

  • Unicast addresses for each interface (which could be a site-local address and one or multiple global unicast addresses).

  • A Subnet-Router anycast address.

  • Additional anycast addresses (optional).

  • The loopback address (::1) for the loopback interface.

Additionally, each router listens for traffic on the following multicast addresses:

  • The interface-local scope, all-nodes multicast address (FF01::1).

  • The interface-local scope, all-routers multicast address (FF01::2).

  • The link-local scope, all-nodes multicast address (FF02::1).

  • The link-local scope, all-routers multicast address (FF02::2).

  • The site-local scope, all-routers multicast address (FF05::2).

  • The solicited-node address for each unicast address on each interface.

  • The multicast addresses of joined groups on each interface.

Comparing IPv4 and IPv6 Addressing

Table 3-5 lists IPv4 addresses and addressing concepts and their IPv6 equivalents.

IPv4 Address

IPv6 Address

Internet address classes

Not applicable in IPv6

IPv4 multicast addresses (224.0.0.0/4)

IPv6 multicast addresses (FF00::/8)

Broadcast addresses: network broadcast, subnet broadcast, all-subnets directed broadcast, limited broadcast

Not applicable in IPv6

Unspecified address is 0.0.0.0

Unspecified address is ::

Loopback address is 127.0.0.1

Loopback address is ::1

Public IPv4 addresses

Global unicast addresses

Private IPv4 addresses (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16)

Site-local addresses (FEC0::/10) or Local addresses (FC00::/7)

APIPA addresses (169.254.0.0/16)

Link-local addresses (FE80::/64)

Address syntax: dotted decimal notation

Address syntax: colon hexadecimal format with suppression of leading zeros and zero compression.

Address prefix syntax: prefix length or dotted decimal (subnet mask) notation

Address prefix syntax: prefix length notation only

Table 3-5  Comparing IPv4 and IPv6 Addressing

Chapter Summary

The key information in this chapter is the following:

  • You express IPv4 addresses in dotted decimal format. You express IPv4 address prefixes as a dotted decimal form of the starting address with the prefix length indicated by either an integer number or a dotted decimal number, also known as a subnet mask.

  • IPv4 uses unicast addresses to deliver a packet from one source to one destination, multicast addresses to deliver a packet from one source to many destinations, and broadcast addresses to deliver a packet from one source to every destination on the subnet.

  • For IPv4, you can use public unicast addresses (if assigned by ICANN or an ISP) or private addresses (10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16). The TCP/IP components of Windows use APIPA addresses to automatically configure hosts with addresses from the 169.254.0.0/16 address prefix on a single subnet.

  • You express IPv6 addresses in colon hexadecimal format, suppressing leading zeros and compressing a single set of contiguous blocks of zeros using double colon notation. You express IPv6 address prefixes as a colon hexadecimal form of the starting address with a prefix length.

  • IPv6 uses unicast addresses, multicast addresses, and anycast addresses to deliver a packet from one source to one of many destinations.

  • For unicast IPv6 addresses, you can use global addresses (if they are assigned by IANA or an ISP), site-local addresses (FEC0::/10), Local addresses (FC00::/7), or link-local addresses (FE80::/64). Link-local addresses require you to specify a zone ID to identify the link for a destination. Site-local addresses require you to specify a zone ID to identify the site for a destination if you are using multiple sites.

  • You typically derive IPv6 interface identifiers from IEEE 802 addresses or IEEE EUI-64 addresses.

  • The solicited-node multicast address is a special multicast address used for efficient link-layer address resolution on a subnet.

Chapter Glossary

address – An identifier that is assigned at the Internet layer to an interface or a set of interfaces and that identifies the source or destination of IP packets.

address class – A predefined grouping of IPv4 addresses used on the Internet. Addresses classes defined networks of specific sizes and determined the range of numbers that can be assigned for the first octet in the IPv4 address. Classless Inter-Domain Routing (CIDR) has made classful IPv4 addressing obsolete.

address prefix – An address range that is defined by setting high-order fixed bits to defined values and low-order variable bits to 0. Address prefixes are routinely used to express a range of allowable addresses, subnet prefixes assigned to subnets, and routes. In IPv4, you express address prefixes in prefix length or dotted decimal (subnet mask) notation. In IPv6, you express address prefixes in prefix length notation.

anycast address – An address that is assigned from the unicast address space, that identifies multiple interfaces, and that is used to deliver packets from one source to one of many destinations. With the appropriate routing topology, packets addressed to an anycast address are delivered to the nearest interface that has the address assigned.

APIPA – See Automatic Private IP Addressing (APIPA).

Automatic Private IP Addressing (APIPA) – A feature of the TCP/IP component in Windows Server 2003 and Windows XP. APIPA enables a computer to autoconfigure an IPv4 address and subnet mask from the range 169.254.0.0/16 when the TCP/IP component is configured for automatic configuration and no DHCP server is available.

CIDR – See Classless Inter-Domain Routing (CIDR).

Class A IPv4 address – A unicast IPv4 address that ranges from 1.0.0.1 through 127.255.255.254. The first octet indicates the address prefix, and the last three octets indicate the host ID. Classless Inter-Domain Routing (CIDR) made classful IPv4 addressing obsolete.

Class B IPv4 address – A unicast IPv4 address that ranges from 128.0.0.1 through 191.255.255.254. The first two octets indicate the address prefix, and the last two octets indicate the host ID. Classless Inter-Domain Routing (CIDR) made classful IPv4 addressing obsolete.

Class C IPv4 address – A unicast IPv4 address that ranges from 192.0.0.1 to 223.255.255.254. The first three octets indicate the address prefix, and the last octet indicates the host ID. Classless Inter-Domain Routing (CIDR) made classful IPv4 addressing obsolete.

Classless Inter-Domain Routing (CIDR) – A technique for aggregating routes and assigning IPv4 addresses on the modern-day Internet. CIDR expresses address prefixes in the form of an address prefix and a prefix length, rather than in terms of the address classes that CIDR replaces.

colon hexadecimal notation – The notation used to express IPv6 addresses. The 128-bit IPv6 address is divided into eight 16-bit blocks. Each block is expressed as a hexadecimal number, and adjacent blocks are separated by colons. Within each block, leading zeros are suppressed. An example of an IPv6 unicast address in colon hexadecimal notation is 2001:DB8:2A1D:48C:2AA:3CFF:FE21:81F9.

dotted decimal notation – The notation most commonly used to express IPv4 addresses. The 32-bit IPv4 address is divided into four 8-bit blocks. Each block is expressed as a decimal number, and adjacent blocks are separated by periods. An example of an IPv4 unicast address in dotted decimal notation is 131.107.199.45.

double colon – The practice of compressing a single contiguous series of zero blocks of an IPv6 address to “::”. For example, the multicast address FF02:0:0:0:0:0:0:2 is expressed as FF02::2.

EUI – See Extended Unique Identifier.

EUI-64 address – A 64-bit link-layer address that is used as a basis for an IPv6 interface identifier.

Extended Unique Identifier – A link-layer address defined by the Institute of Electrical and Electronics Engineers (IEEE).

global unicast address – An IPv6 unicast address that is globally routable and reachable on the IPv6 portion of the Internet. IPv6 global addresses are equivalent to public IPv4 addresses.

IEEE –  Institute of Electrical and Electronics Engineers.

IEEE 802 address – A 48-bit link-layer address defined by the IEEE. Ethernet and Token Ring network adapters use IEEE 802 addresses.

IEEE EUI-64 address – See EUI-64 address.

illegal address – A duplicate address that conflicts with a public IPv4 address that the ICANN has already assigned to another organization.

link-local address – A local-use address with the prefix of FE80::/64 and whose scope is the local link. Nodes use link-local addresses to communicate with neighboring nodes on the same link. Link-local addresses are equivalent to Automatic Private IP Addressing (APIPA) IPv4 addresses.

Local address – An IPv6 address identified by the prefix FC00::/7. The scope of a Local address is an organization. Local addresses are reachable from other sites in an organization, but not from the IPv6 Internet.

loopback address – For IPv4, the address 127.0.0.1. For IPv6, the address 0:0:0:0:0:0:0:1 (or ::1). Nodes use the loopback address to send packets to themselves.

multicast address – An address that identifies zero or multiple interfaces and is used to deliver packets from one source to many destinations. With the appropriate multicast routing topology, packets addressed to a multicast address are delivered to all interfaces identified by the address.

prefix length notation – The practice of expressing address prefixes as StartingAddress/PrefixLength, in which PrefixLength is the number of high-order bits in the address that are fixed.

private addresses – IPv4 addresses that organizations use for private intranet addressing within one of the following address prefixes: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16.

public addresses – IPv4 addresses that are assigned by the ICANN and that are guaranteed to be globally unique and reachable on the IPv4 Internet.

site-local address – A local-use IPv6 address identified by the prefix FEC0::/10. The scope of a site-local address is a site. Site-local addresses are equivalent to the IPv4 private address space. Site-local addresses are not reachable from other sites, and routers must not forward site-local traffic outside the site.

solicited-node multicast address – An IPv6 multicast address that nodes use to resolve addresses. The solicited-node multicast address is constructed from the prefix FF02::1:FF00:0/104 and the last 24 bits of a unicast IPv6 address. The solicited-node multicast address acts as a pseudo-unicast address to efficiently resolve addresses on IPv6 links.

subnet mask – The expression of the length of an address prefix for IPv4 address ranges in dotted decimal notation. For example, the address prefix 131.107.0.0/16 in subnet mask notation is 131.107.0.0, 255.255.0.0.

unicast address – An address that identifies a single interface and is used for delivering packets from one source to a single destination. With the appropriate unicast routing topology, packets addressed to a unicast address are delivered to a single interface.

unspecified address – For IPv4, the address 0.0.0.0. For IPv6, the address 0:0:0:0:0:0:0:0 (or ::). The unspecified address indicates the absence of an address.

zone ID – An integer that specifies the zone of the destination for IPv6 traffic. In the Ping, Tracert, and Pathping commands, the syntax for specifying a zone ID is IPv6Address%ZoneID. Typically, the ZoneID value for link-local addresses is equal to the interface index. For site-local addresses, ZoneID is equal to the site number. The ZoneID parameter is not needed when the destination is a global address or a Local address and when multiple sites are not being used.