Notation
IPv6 addresses are 128-bit numbers expressed in 8 groups of 16-bit big endian hexadecimals, with a colon separator. Leading zeros are dropped from each group, and the largest contiguous span of all zero groups are collapsed in to two colons with no other adjacent separators:
20 01 0d b8 00 00 00 fe 00 00 00 00 a7 00 37 b5↓
2001:db8:0:fe::a700:37b5 When used in a URL, the address must be wrapped in square brackets, this is so parsers can recognize whether or not a port number is following the address.
Structure
Addresses have a fixed structure of a 64-bit routing prefix followed by a 64-bit interface identifier.
When a network manages a pool of multiple routing prefixes, the prefix is logically divided in to the global routing prefix and the subnet identifier. Just as in IPv4, the subnet is arbitrarily large depending on where in the hierarchy the router is.
┌──────────────────┐┌──────────────────┐2001:0db8:7b10:00fe:0010:076b:a700:37b5 └─────────────Global Prefix
┘└───┘ Subnet
Even though IPv4 and IPv6 addresses have a different structure, they still have the same logical routing hierarchies, but IPv6’s are more deliberately designed:
2000::/4)192.168.0.0/16, etc.)fd00::/8)169.254.0.0/16)fe80::/64%if)127.0.0.0/8)::1/128)Interface Initialization
When a node is first connected to any network, it assigns itself a link local address. Unlike IPv4, where link local addresses are usually only assigned as a fallback, in IPv6 interfaces always have a link local address.
Duplicate Address Detection
Every time a node assigns itself a new address of any kind, it will append a randomly generated interface identifier to a chosen prefix, then broadcast a Neighbor Solicitation with that address. If the node receives a Neighbor Advertisement, it’ll regenerate the identifier portion of the address and try again as needed until it finds one that isn’t in use.
Stateless Address Autoconfiguration
After confirming a link local address, the node will broadcast a Router Solicitation. If the node receives a Router Advertisement, the reply will include a list of prefixes that can be routed. This list will usually include at least one unique local prefix provided by the router and at least one globally addressable prefix provided by the ISP.
The node will then assign itself an address on each prefix in the list that’s declared as autonomous.
Managed Address Configuration
The node will also broadcast a DHCPv6 Solicit. If the node receives a DHCPv6 Advertisement, the reply may include a list of addresses that the node may assign to itself.
Just as in IPv4, nodes may assign themselves statically configured addresses whether or not they also receive addresses from any other source. DNS is also handled similarly to DHCPv4.
Prefix Delegation
DHCPv6 Advertisements may also include prefix delegations, which allow the receiving node to manage those entire subnets. The node may then announce any of these prefixes to other nodes for address assignment, or send them to downstream routers for further delegation, as is usually necessary when the downstream router is on a different network segment.
NAT
When you first see the list of addresses assigned to your node, it may appear at first impression to be messy. Why should your device have so many IPv6 addresses when your network could just be behind a NAT instead?
↑↓
203.0.113.51(Public Address)
↑↓
192.168.1.100(Private Address)
↑↓
2001:db8:fed5:f647
(Global Unicast Address)
fdd7:2d5:8bee::
(Unique Local Address)
fe80::9392:2:
(Link Local Address)
NAT’s purpose has always been to work around IPv4’s limited address space; solving this problem is the very reason IPv6 was created. Contrary to popular folk wisdom, NAT is not an adequate substitute for a firewall, and so shouldn’t be relied upon as one.