Contents

Introduction
IPv6 Expression
  Hexadecimal
  Omitted Zeros
  Replace Consecutive Zeros
Prefix and Interface ID
EUI-64
Link-Local Address
Unique Local Address
Global Aggregatable Address
Stateless Address Autoconfiguration (SLAAC)
IPv6 Tunneling
  ISATAP
  6to4 Tunnel

Introduction

The main reason of IPv6 (Internet Protocol Version 6) born is the insufficient of IPv4 Address space. Since the length of IPv4 Address is 32 Bits, the maximum available space of IP Address is 4.2 billion. As we know, the total population on earth arrives 7.5 billion. Although only 50% of them can access Internet, everyone have more than one network devices. IP Address is definitely not enough. NAT resolves the problem temporarily, but the long term solution is IPv6. The length of IPv6 is increased to 128 Bits to provide a crazy quantity of IP Address spaces. How crazy? If we use up 1 trillion of IPv6 Address every seconds, the address space is still enough to use for more than 1 trillion years. Please make sure you already have a well knowledge to IPv4 before reading this article.

IPv6 Expression

Hexadecimal

The 128 Bits long IPv6 Address is not easy to write in binary or decimal. It is translated to hexadecimal for every 4 digits and then divided to 8 groups. For example, 2001:0000:0001:00a0:0000:0000:0000:0ec3.

Omitted Zeros

The leading zeros of every groups can be omitted.

 Group 1Group 2Group 3Group 4Group 5Group 6Group 7Group 8
Before 0s are omitted 2001 0000 0001 00a2 0000 0000 0000 0ec3
After 0s are omitted 2001 0 1 a2 0 0 0 ec3

Before 0s are omitted, 2001:0000:0001:00a2:0000:0000:0000:0ec3
After 0s are omitted, 2001:0:1:a2:0:0:0:ec3

Replace Consecutive Zeros

At last, one and only one consecutive zeros can be replaced by a double colon. The longest one will be always chosen.

For example, 2001:0:1:a2:0:0:0:ec3

can be written as, 2001:0:1:a2::ec3

Prefix and Interface ID

Router use prefix to determine whether IPv6 Addresses are in the same network segment which has the same algorithm as IPv4. The 128 Bits IPv6 Address is always divided to a 64 Bits prefix and a 64 Bits Interface ID. /xx is added behind the IPv6 Address to represent the length of prefix such as, FE80::1/64 and 2001:db8::10/64. If all IPv6 Address are used as 64 Bits prefix, 2^64 networks can be used and 2^64 hosts can be assigned in each network. Both are crazy number so that we seldom further cut a network into subnets when using IPv6.

EUI-64

The IPv6 Address is too long for network administrator to configure statically one by one. EUI-64 helps to generate the Interface ID automatically. The unique MAC Address can always generated a unique IPv6 Address by EUI-64. To change a MAC Address to Interface ID, MAC Address (48 Bits) is divided into two equally parts and FFFE (16 Bits) is inserted between the two parts. Then, convert the 7th bit from 0 to 1 and finally it becomes a 64 Bits Interface ID.

For example, MAC Address 00:50:56:C1:A0:E8
Translate to EUI-64 Interface ID by inserting FFFE inbetween, 0050:56FF:FEC1:A0E8

Convert the 7th bit to 1: 2050:56FF:FEC1:A0E8

Link-Local Address

There are some predefined IPv6 Address that are used for particular usage just like the concept of IPv4 Classes.

Firstly, if the leading 10 Bits of an address is 1111111010, it is called Link-Local Address. A Link-Local Address is only used for the communication of two neighbors' Interface and is never routed. We commonly use FE80::/10 to represenet the Link-Local Address.

To set a Link-Local Address,

R1(config-if)#ipv6 address fe80::1234 link-local

Or EUI-64 can be used to generate Link-Local Address automatically.

R1(config-if)#ipv6 enable 

Please be reminded that the output interface must be entered when pinging a Link-Local Address.

R1#ping FE80::C802:AFF:FE4D:1C
Output Interface: Ethernet1/0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to FE80::C802:AFF:FE4D:1C, timeout is 2 seconds:
Packet sent with a source address of FE80::C801:AFF:FE3E:1C%Ethernet1/0
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/16/24 ms

Two connected devices will become IPv6 neighbors. ARP is not existed in IPv6, neighbor provide the MAC Addresses of connected devices.

R1#show ipv6 neighbors 
IPv6 Address                              Age Link-layer Addr State Interface
FE80::C802:AFF:FE4D:1C                      1 ca02.0a4d.001c  STALE Et1/0

Unique Local Address

Unique Local Addresses have a leading 10 Bits of 1111110000 (or FC00::/10). Unique Local Address is similar to Private Address (10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16) in IPv4 which is not able to route on Internet. We can still use and route it in our private network. Private Address is widely used in IPv4 with NAT to resolve the insufficient address space issue. For IPv6, there are huge space of address so that the Unique Local Address is always used in test environment only.

Set the Unique Local Address as below,

R1(config-if)#ipv6 address FC00::4321/64 

EUI-64 can also be used,

R1(config-if)#ipv6 address FC00::/64 eui-64 

Global Aggregatable Address

Global Aggregatable Addresses have a leading 3 Bits 002 (or 2000::/3). Global Aggregatable Address is most commonly used on the Internet just like the Public Address in IPv4. The configuration is same as Unique Local Address. 2002::/16 is specially used in 6to4 Tunnel that we will discussed later in this article.

R1(config-if)#ipv6 address 2001::ABCD/64 

Or, use EUI-64 to generate.

R1(config-if)#ipv6 address 2001::/64 eui-64 

Stateless Address Autoconfiguration (SLAAC)

DHCP is used to obtain IP Address in IPv4. For IPv6, auto-configuration is used for the same task. In the previous sessions, Interface ID is generated by EUI-64. To have a full IPv6 Address, a prefix is needed. Stateless Address Autoconfiguration is used to send RS (Router Solicitation) to IPv6 router through Link-Local Address. When the IPv6 router receives RS, it replied a RA (Router Advertisement) to provide prefix information. Now, we try to set R1 as an IPv6 router and R2 will ask for an IPv6 Address by SLAAC.

ipv6

First, enable IPv6 on the R2 Interface to get a Link-Local Address.

R2(config)#int ethernet 1/0
R2(config-if)#ipv6 enable

Set an IPv6 Address on R1.

R1(config)#int ethernet 1/0
R1(config-if)#ipv6 address 2001::/64 eui-64
R1(config-if)#exit
R1#show ipv6 interface ethernet 1/0
Ethernet1/0 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::C801:14FF:FE6F:1C 
  No Virtual link-local address(es):
  Global unicast address(es):
    2001::C801:14FF:FE6F:1C, subnet is 2001::/64 [EUI]

Activate IPv6 routing on R1 so that it will replay a RA when receiving RS.

R1(config)#ipv6 unicast-routing 

Now, use auto-configuration on R2 to obtain an IPv6 Address. Prefix 2001::/64 is replied by R1.

R2(config-if)#ipv6 address autoconfig
R2(config-if)#exit
R2#show ipv6 interface ethernet 1/0
Ethernet1/0 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::C802:14FF:FE7E:1C 
  No Virtual link-local address(es):
  Stateless address autoconfig enabled
  Global unicast address(es):
    2001::C802:14FF:FE7E:1C, subnet is 2001::/64 [EUI/CAL/PRE]

Default gateway setting is also obtained from RA.

R2#show ipv6 route
IPv6 Routing Table - default - 4 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
       B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
       I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
       EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
       NDr - Redirect, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
       OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, l - LISP
ND  ::/0 [2/0]
     via FE80::C801:14FF:FE6F:1C, Ethernet1/0
NDp 2001::/64 [2/0]
     via Ethernet1/0, directly connected
L   2001::C802:1CFF:FEE0:1C/128 [0/0]
     via Ethernet1/0, receive
L   FF00::/8 [0/0]
     via Null0, receive

IPv6 Tunneling

Upgrade an IPv4 network to IPv6 is a long journey. There must be a transit period that both IPv4 and IPv6 networks exist. Tunneling can help to interconnect IPv4 and IPv6 by encapsulating IPv6 packets in IPv4 packets. ISATAP and 6to4 Tunnel are commonly used in Tunneling technology.

ISATAP

ISATAP (Intra-Site Automatic Tunnel Addressing Protocol) involves the roles of server and client. Client request IPv6 Address from server and build IPv6 Tunnel to establish communication between client and server. We now use the following topology as an example to setup ISATAP.

ipv6

Assume R1 to be a host and have IPv4 Address only. The default route of R1 is pointing to R2 like a common PC setting. It is not able to communicate with IPv6 network at this time.

hostname R1
!
interface Ethernet1/0
 ip address 192.168.12.1 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.12.2
R1#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is 192.168.12.2 to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 192.168.12.2
      192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.12.0/24 is directly connected, Ethernet1/0
L        192.168.12.1/32 is directly connected, Ethernet1/0

R2 and R3 run EIGRP to exchange routes to ensure that Host A can connect ISATAP Server via IPv4.

hostname R2
!
interface Ethernet1/0
 ip address 192.168.23.2 255.255.255.0
!
interface Ethernet1/1
 ip address 192.168.12.2 255.255.255.0
!
router eigrp 1
 network 192.168.12.0
 network 192.168.23.0

R3 is an ISATAP server to provide interconnect between IPv4 and IPv6.

hostname R3
!
ipv6 unicast-routing
!         
interface Ethernet1/0
 ipv6 address 2001:DB8:34::3/64
 ipv6 ospf 1 area 0
!
interface Ethernet1/1
 ip address 192.168.23.3 255.255.255.0
!
router eigrp 1
 network 192.168.23.0
!
ipv6 router ospf 1
 router-id 3.3.3.3

R3 and R4 run OSPFv3.

hostname R4
!
ipv6 unicast-routing
!
interface Ethernet1/0
 ipv6 address 2001:DB8:45::4/64
 ipv6 ospf 1 area 0
!
interface Ethernet1/1
 ipv6 address 2001:DB8:34::4/64
 ipv6 ospf 1 area 0
!
ipv6 router ospf 1
 router-id 4.4.4.4

R5 has IPv6 Address only.

hostname R5
!
interface Ethernet1/1
 ipv6 address 2001:DB8:45::5/64

Due to SLACC, R5 receives default route information from R4's RA.

R5#show ipv6 route
IPv6 Routing Table - default - 4 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
       B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
       I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
       EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
       NDr - Redirect, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
       OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, l - LISP
ND  ::/0 [2/0]
     via FE80::C804:16FF:FE0B:1C, Ethernet1/1
C   2001:DB8:45::/64 [0/0]
     via Ethernet1/1, directly connected
L   2001:DB8:45::5/128 [0/0]
     via Ethernet1/1, receive
L   FF00::/8 [0/0]
     via Null0, receive

Now, Host A (R1) want to ping Host B (R5). Use the following configuration to make R3 to be an ISATAP server.

R3(config)#int tunnel 0
R3(config-if)#ipv6 address 2001:DB8:3::3/64	// IPv6 Address
R3(config-if)#ipv6 ospf 1 area 0		// Announce this network in OSPFv3
R3(config-if)#tunnel source 192.168.23.3	// Set tunnel source only, no tunnel destination is needed.
R3(config-if)#tunnel mode ipv6ip isatap		// Set Tunnel Mode as ISATAP

Use the following configuration on R1, the ISATAP client.

R1(config)#int tunnel 0
R1(config-if)#ipv6 address autoconfig		// Obtain IPv6 Address from ISATAP Server
R1(config-if)#tunnel source 192.168.12.1	// Set tunnel source
R1(config-if)#tunnel destination 192.168.23.3	// Set tunnel destinatin to be the ISATAP Server IP Address
R1(config-if)#tunnel mode ipv6ip		// The keyword ISATAP is not needed for client

So, R1 obtains IPv6 Address from R3 as well as a default route pointing to R3's tunnel interface.

R1#show ipv6 route
IPv6 Routing Table - default - 4 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
       B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
       I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
       EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
       NDr - Redirect, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
       OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, l - LISP
ND  ::/0 [2/0]
     via FE80::5EFE:C0A8:1703, Tunnel0
NDp 2001:DB8:3::/64 [2/0]
     via Tunnel0, directly connected
L   2001:DB8:3::C0A8:C01/128 [0/0]
     via Tunnel0, receive
L   FF00::/8 [0/0]
     via Null0, receive
R1#ping 2001:DB8:45::5        
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:45::5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 48/55/60 ms

It shows that client connect IPv6 network via ISATAP server by the traceroute result.

R1#traceroute 2001:db8:45::5
Type escape sequence to abort.
Tracing the route to 2001:DB8:45::5

  1 2001:DB8:3::3 36 msec 28 msec 32 msec
  2 2001:DB8:34::4 40 msec 40 msec 40 msec
  3 2001:DB8:45::5 52 msec 52 msec 48 msec

Lots of modern operating systems support ISATAP includes Cisco IOS, Windows, Linux and MacOS (ISATAP Client is needed to install).

6to4 Tunnel

ISATAP is suitable for a single host connecting the IPv6 network. In the situation of connecting two IPv6 networks throught IPv4 (a.k.a. Site to Site infrastructure), 6to4 Tunnel will be used. In the following topology, OSPF is enabled on IPv4 Network. To build a tunnel between R2 and R4, the tunnel interface IPv6 address is needed to be transformed from the IPv4 source address. For instance, the source interface or R2 is 192.168.23.2 and is transformed to C0A8:1702 by hex. Add the IPv6 Tunnel dedicated prefix 2002::/16, the whole IPv6 address will become 2002:C0A8:1702::/48.

ipv6

R2
interface Tunnel0
 ipv6 address 2002:C0A8:1702::/48
 tunnel source 192.168.23.2
 tunnel mode ipv6ip 6to4
R4
interface Tunnel0
 ipv6 address 2002:C0A8:2204::/48
 tunnel source 192.168.34.4
 tunnel mode ipv6ip 6to4

Add two IPv6 static routes to establish the tunnel, (1) a route to the Tunnel Interface IP of opposite side via Tunnel 0, (2) a route to the network of opposite side via Tunnel Interface IP.

R2(config)#ipv6 route 2002:C0A8:2204::/48 Tunnel0
R2(config)#ipv6 route 2001:DB8:45::/64 2002:C0A8:2204::
R4(config)#ipv6 route 2002:C0A8:1702::/48 Tunnel0
R4(cofnig)#ipv6 route 2001:DB8:12::/64 2002:C0A8:1702::
R1#ping 2001:db8:45::5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:45::5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 48/52/64 ms