This article covers things you need to know about IPv6 from its introduction to how it’s addressing is done. How link-local are made from MAC and its tunneling is done on how to shift to IPv6.
Introduction to IPv6
We all know the world of IP addresses has fundamentally changed. Here are an IPv4 address 126.96.36.199 four values separated by three dots. This IP address has served us great for many decades. Now the problem with IPv4 is this address space has a limit of 4 billion addresses.
So we can go from 0000.0000.0000.0000 to 255.255.255.255 but we know a lot of them are reserves for certain purposes because of that number of available IP address reduces. Now the problem with IPv4 is we can run out of IP addresses because of this reason IPv6 was made.
Now, IPv6 is now pretty much adopted to almost everybody. In IPv4 DHCP do this job for us which automatically setup IPv4 address for us and we don’t have to take care of it. That’s what is happening with IPv6 and the internet has already moved to IPv6. Because of DNS we just type www.google.com and it is automatically going to IPv6 address.
IPv6 goes up to 128 bits which is a huge amount. eg a0f0:0001:0000:0001:0000:0001:0000:1234 you must have noticed you have hexadecimal values in it a-f and these letters represents 4 ones or zeros. We have got them separated into 8 groups with 7 colons. There are so many IPv6 addresses that we can give every air molecule and IP address six times.
IPv6 doesn’t give us only more IP addresses it also gives us aggregation because of which speed increases as you will not have to remember all those routes. Another thing IPv6 has is self-configuration with IPv6 NAT is of no use ARP is dead and even DHCP is not used that’s all replaced with NDP ( Neighbor Discovery Protocol ).
In NDP all of the machines start to talk to each other and configure each other.
Let’s say we have this IPv6 address fe80:0001:0243:0000:0000:0000:2a3b:44ff So are you have noticed this is divided into 8 total groups of 4 hexadecimal values separated by 7 colons. Now, this address is too long to enter so there are some shortcuts for writing IPv6 addresses.
The first shortcut we can apply is fe80:1:243:0:0:0:2a3b:4ff we just replaced four zeros with one and if there are one or more zeros at starting of a group we removed that.
Here is another IPv6 address fe80:0000:0000:1234:0000:0000:0000:1234 first thing we do is replace all zeros with one so it would become fe80:0:0:1234:0:0:0:1234 Now one more thing we can do is replace zeros group with the colons :: so our update address will become fe80::1234:0:0:0:1234
Note this you can only do this at one place on the address you can not do this fe80::1234:0::1234 this is wrong. You can also replace the other part with colons eg fe80:0:0:1234::1234
Now from where these IPv6 addresses come from one thing to remember you cannot have one IPv6 address, you will have a minimum of two IPv6 addresses. One address is called the link-local address which is automatically generated by IPv6 capable host the moment the device starts up.
The other address is called your internet address. This is given to you by your gateway router in parts.
Now the first one is the IPv6 address you can ignore the Temporary Address for now and below you can see your link-local address. This will start from fe80:0000:0000:0000 and the next part is made through your MAC address. %14 at the end is by Microsoft which you can ignore right now.
We know the first part of link-local is fe80:: which always remains the same and the next part is converted from your MAC address using standard EUI-64. What is do is split the MAC address in half and add ff-fe in the middle.
Next things we do have at the starting we have 2a we take the starting two numbers which are the first 8 bits of our IP and flip the 7th bit. So 1 is converted to 0 and a will become 9.
Now we will make it simply link-local by removing the – and joining with colons.
The important thing is if a computer can make a link-local address automatically they can also talk to each other automatically. That’s where NDP comes into play.
Now we have 128 bit IP addresses but it doesn’t mean we don’t have subnet mask or gateway address. We have all that but longer. The smallest subnet mask you can have wack/64 everything is CIDR now.
IPv6 in Action
With IPv6 you are going to have 2^64 IP addresses. Now almost all OS support Dual Stack which means you are running both at the same time IPv4 and IPv6.
One thing you should know there are no private addresses in IPv6 are addresses are public addresses. If you will check you IPv6 you will find that the last 4 digits are not the same as your MAC and there is a reason for that. Because of Public IPv6 address, anyone can ping you IP if he knows you MAC.
So the avoid that you should have a firewall correctly configured and there is a randomizer in every computer that generates IPv6 which randomly sets the last part of your IPv6.
Let’s say we have 4 computers connected to Router and all of PC’s have generated their link-local eg A, B, C, D Now they can do neighbor advertisement. It will be sent to the router and the router will Multicast it. This process uses ICMP v6.
So in this multicast PC 4 is saying here is my link-local address is there anyone out there. Now all of the other devices will begin sending neighbor advertisements which say this is my MAC address and a link-local address. Now all the other PC resolves IPv-6 address to MAC address to send ethernet frames.
Now if PC”s want to get to internet address they need to send out an RS ( Router Solicitation ). This RS does a lot of work and reply back with RA ( Router Advertisement ). This RA provides everything To PC which it needs to talk to the internet through stateless autoconfiguration (There is no DHCP).
So Now These systems will get their IPv6 address, Default gateway, and DNS information.
One more thing you must have noticed there are a lot of IPv6 addresses when we did ipconfig written as temporary addresses. Will those were because of security reasons and its a thing in windows that randomly changes the IPv6 address after some time because of security purposes.
Now to determine our network ID ISP also does router advertisements through DHCP v6 and generates router prefixes that tell network ID. The good thing about IPv6 is you don’t have to do anything for making it work all of those things are automatically done by the routers. The only thing we have to do manually is when you have to use a local DNS instead of ISP DNS.
IPv4 and IPv6 Tunneling
Now we know that IPv6 is already here but the problem is ISP does not provide IPv6 to their customers so we can’t to native IPv6 but we can do its tunneling. What we can do is an ethernet packet we can encapsulate the IPv6 data in IPv4.
Now when it will read it’s the destination it will strip the IPv4 part and left with IPv6 only. For this purpose, we can use two tools that windows provide Teredo which is free and a bit slow and the second one is 6TO4 which is fast.
We can also use third party clients eg GoGo6 which is completely free. Just install it and run the client and you will shift from IPv4 to IPv6.