In association with heise online

Address notation

Hexadecimal notation is used to display IPv6 addresses in a concise way. The 128 bits are divided into eight groups of 16 bits each and are separated by colons. The first four groups, i. e. the first 64 bits, are used for routing and to denominate the network prefix. The next batch of 64 bits leads to the host.

Consecutive zeros can be abbreviated, which displays some addresses even more concisely. "::1" can denominate the localhost address, which consists of 15 zeros and a 1 and corresponds to IPv4 localhost 127.0.0.1.

Within URLs, the colon notation collides with the port declaration. Therefore, IPv6 addresses contained in URLs are placed in square brackets, for example:

http://[2001:0db8:85a3:08d3:1319:8a2e:0370:7344]:80/

As in IPv4, a network interface may have more than one IP address - however, they are all generated automatically. When a PC equipped with IPv6 is started up, it initially allocates the Link-Local address for communicating within the LAN. The first 64 bits always have prefix fe80 followed by 48 zeros:

fe80:0000:0000:0000

The second group of 64 bits converts the network interface's MAC address according to the IEEE EUI-64 (Extended Unique Identifier) numbering system. Together with the first half we arrive at 128 bits. Examples could look like this:

fe80:0000:0000:0000:4231:65ff:fedc:1faa

or

fe80::4231:65ff:fedc:1faa

Before a host can use such an address it has to check whether the address is already in use via neighbour solicitation within the LAN. Should another host advertise this address for itself (neighbour advertisement), the soliciting host can only communicate within the local network after an IP address has been allocated manually. However, such collisions should not occur in the first place since even MAC addresses for every network interface are already globally unique - although they may be manipulated manually. Therefore, if such a problem occurs it is advisable to scrutinise the LAN for possible intruders who may have hijacked a valid MAC address and invaded the LAN via MAC spoofing.

A host can only communicate within the LAN with its Link-Local address; for outside connections it needs an additional address which it generates using router responses. When prompted by a host, an IPv6 router will return the prefix for the public address block, the lease timeout, MTU, and the hop count (called TTL in IPv4). A host can only ever generate one public IP address from prefix and suffix, the suffix being its EUI-64 address. This technique is practical because the router doesn't have to remember which IP addresses have already been allocated. The prefix may contain less than 64 bits, in which case zeros will be used to make up the remaining bits. When a different provider is used, the router simply needs to be given the new prefix, and the hosts will automatically hop along (router renumbering, RFC 2894), saving the administrator manual intervention.

However, this technique makes it easy for third parties to record user profiles because the EUI-64 is static. Therefore, an additional method was devised which generates a suffix for the IP address using the MAC address and a pseudo-random number (RFC 3041). This "random" 64-bit-block is only temporary and can, for example, be changed on a daily basis.

Of course, this method has its weaknesses and disadvantages. As soon as the host receives a DNS name which can be traced via reverse DNS lookup the method is invalidated because potential spies can associate the DNS name with changing IP addresses. For network administrators, the method could make it more difficult to trace and analyse problems, because it conceals how many hosts are involved in a networking problem.

Apart from an automatically allocated address, it is also necessary to obtain the name server automatically. Since no information about host names, domain names, DNS servers or NTP servers is generated by the auto configuration, this information has to be obtained elsewhere. A DHCPv6 server could be used for the public DNS. This server has less work because it doesn't have to keep track of address allocation within the LAN (stateless DHCPv6, RFC 3736).

Microsoft has chosen a more radical approach and suggests using the Peer Name Resolution Protocol, a serverless protocol which is already included in Windows XP and Vista.

Print Version | Permalink: http://h-online.com/-747386
  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit