'%3e%3crect%20x='109.185'%20y='253.397'%20width='350.859'%20height='857.656'%20fill='white'/%3e%3cpath%20d='M274.77%20708.572H233.194V888.205H286.632C302.651%20888.205%20314.635%20883.711%20322.461%20875.088C330.287%20866.465%20334.322%20851.404%20334.322%20830.149V779.138C334.322%20752.539%20329.797%20734.2%20320.382%20723.997C310.966%20713.795%20295.681%20708.451%20274.77%20708.451V708.572Z'%20fill='%23FF5C00'/%3e%3cpath%20d='M310.966%20610.558C320.015%20601.206%20324.539%20585.295%20324.539%20563.19V530.518C324.539%20490.559%20308.887%20470.519%20277.705%20470.033H232.949V624.768H269.512C287.977%20624.768%20302.039%20619.91%20311.088%20610.436L310.966%20610.558Z'%20fill='%23FF5C00'/%3e%3cpath%20d='M277.582%200C124.362%200%200%20123.399%200%20275.704V1069.3C0%201221.48%20124.239%201345%20277.582%201345C430.803%201345%20555.165%201221.6%20555.165%201069.3V275.704C555.165%20123.52%20430.926%200%20277.582%200ZM426.523%20833.064C426.523%20878.367%20414.539%20912.739%20390.817%20936.423C375.898%20951.241%20356.7%20961.322%20333.221%20966.909V987.677C333.221%201002.5%20320.993%201014.64%20306.075%201014.64C291.156%201014.64%20278.805%201002.5%20278.805%20987.677V971.888H232.949V987.677C232.949%201002.5%20220.721%201014.64%20205.803%201014.64C190.884%201014.64%20178.655%201002.5%20178.655%20987.677V971.888H170.218C150.53%20971.888%20140.625%20962.05%20140.625%20942.496V415.743C140.625%20396.188%20150.53%20386.35%20170.218%20386.35H178.655V357.201C178.655%20342.383%20190.884%20330.238%20205.803%20330.238C220.721%20330.238%20232.949%20342.383%20232.949%20357.201V386.35H278.805V357.201C278.805%20342.383%20291.034%20330.238%20306.075%20330.238C321.115%20330.238%20333.221%20342.383%20333.221%20357.201V388.78C333.221%20389.994%20332.977%20391.087%20332.855%20392.18C354.499%20397.524%20371.863%20406.512%20384.703%20419.386C406.469%20441.491%20417.597%20475.377%20417.597%20521.045V544.364C417.597%20604.363%20397.42%20642.743%20357.556%20659.14V660.719C403.656%20676.265%20426.646%20717.074%20426.646%20782.782V833.064H426.523Z'%20fill='%23FF5C00'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_1_174'%3e%3crect%20width='555'%20height='1345'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
- Address distribution
- PA vs PI addressing
- Subnet mask notation
- IPv6 packets and headers
Address distribution
The IPv6 address allocation scheme has been structured to meet two objectives: to guarantee global address uniqueness, and to enable a logical hierarchy that favors the aggregation and simplification of routing tables.
As with IPv4, the Internet Assigned Numbers Authority (IANA) sits at the top of this hierarchy. It manages the global unicast address space and delegates address blocks to the five regional Internet registries (RIR).
The five existing RIRs are:
- ARIN (North America),
- RIPE NCC (Europe, Middle East, Central Asia),
- APNIC (Asia-Pacific),
- AFRINIC (Africa),
- LACNIC (Latin America and the Caribbean).
IANA allocates IPv6 blocks of varying size to each RIR, generally between /23 and /12. These approach offers flexibility while ensuring long-term scalability. The RIRs, in turn, redistribute these blocks to Internet Service Providers (ISPs), large corporations, and public institutions.
Since 2006, each RIR has received an IPv6 /12 block from IANA, a fixed size designed to ensure a stable and sufficiently large reserve for future growth. RIRs usually subdivide these into /23, /26 or /29 blocks. ISPs most often receive /32 blocks, although this size can vary depending on the ISP's size and geographical area. They typically allocate /48 blocks to customers. Each /48 provides 65,536 distinct /64 subnets (an enormous capacity compared to IPv4).
Important note: a /32 block contains exactly 65,536 /48 sub-blocks. This means that every ISP can serve tens of thousands of customers without exhausting their allocation. Thanks to its /48, each customer will then have a gigantic amount of space to structure its own internal network with as many /64 segments as it wishes.
The typical allocation hierarchy looks like this:
| IANA | RIR | LIR | Customer | Subnet | Interface |
| 3 | 20 | 9 | 16 | 16 | 64 |
With this abundance of addresses, NAT (Network Address Translation), once essential in IPv4 to cope with address shortages, is no longer necessary. Every host can have a unique, globally routable public address, simplifying end-to-end connectivity and making protocols like IPSec, VoIP, or inbound connections easier to use.
To check which organization an IPv6 address belongs to, you can use the
whois command to query public RIR databases. This transparency makes it possible to identify the organization that owns a prefix, which can be useful for network, analysis or security purposes.PA vs PI addressing
Originally, the IPv6 allocation model was based solely on PA (Provider Aggregatable) blocks, which means linked to the ISP. In this model, an organization receives its prefix from its ISP, meaning that changing providers requires renumbering the entire infrastructure.
While IPv6's auto-configuration features and address lifetimes make renumbering easier, it remains inconvenient for organizations with critical infrastructure or multiple provider connections for redundancy requirements.
Since 2009, allocation policies have allowed for PI (Provider Independent) blocks. These blocks (generally /48 in size) are allocated directly to a company or institution by an RIR, independently of any ISP. This model is particularly well suited to organizations practicing multihoming, (meaning connected to several operators simultaneously). For example, in Europe, RIPE-512 outlines the policy for PI allocations.
Subnet mask notation
As in IPv4, IPv6 uses CIDR (Classless Inter-Domain Routing). This consists of indicating the number of bits making up the prefix after the address, using the
/ character.Take the following example:
2001:db8:1:1a0::/59
This means that the first 59 bits are fixed and identify the network. All remaining bits (here 69 bits) can be used to identify subnets or hosts.
Thus, this notation covers addresses from
2001:db8:1:1a0:0:0:0:0 to 2001:db8:1:1bf:ffff:ffff:ffff:ffff.This block therefore covers a set of 8 /64 subnets, each capable of hosting a massive number of devices.
CIDR notation allows for precise address space planning, from large-scale networks to home setups and virtualized environments, and encourages route aggregation, reducing router load and improving scalability.
IPv6 packets and headers
IPv6 packet format differs from IPv4 by being both simpler and more extensible. An IPv6 datagram always begins with a fixed-size header of 40 bytes containing all the essential routing information. This streamlined approach, compared to IPv4's header variable length (from 20 to 60 byte), enables faster and more efficient packet processing by routers.
However, IPv6 does not remove functionality: instead of integrating numerous optional fields in the main header, it introduces a system of extension headers, placed immediately after the basic header. These optional headers make it possible to add data or instructions specific to certain functions, without unnecessarily burdening ordinary packets.
Some extension headers follow a fixed structure, while others can hold a variable number of options. In These options are encoded as
{Type, Length, Value} triplets:- The "Type" field (1 byte) indicates the nature of the option;
- The first two bits of the "Type" specify what routers should do if the option is not recognized:
- Ignore the option and continue treatment,
- Drop the datagram,
- Drop and send an ICMP error to the source.
- Drop the datagram without notification (in the case of multicast packets).
- The "Length" field (1 byte) specifies the size of the "Value" field, from 0 to 255 bytes;
- The "Value" field contains the data associated with the option.
Here's an overview of the different types of extension headers defined by IPv6.
Hop-by-Hop header
This header, if present, is always placed immediately after the base header. It contains information that must be processed by every router along the packet's path, unlike most other headers, which are usually handled only by the destination node. Typical uses include signaling global parameters or requesting specific processing steps as the packet travels through the network.
Routing header
The routing header specifies a list of intermediate addresses the packet must pass through. There are two main routing modes:
- Strict routing: the exact path is predefined
- Loose routing: only certain mandatory steps are specified.
The first four fields of this rooting header are:
- Next Header: identifies the type of the next header;
- Routing Type: defines the routing method (usually
0); - Segments left: number of segments remaining to traverse ;
- Address[n]: list of intermediate addresses.
The "Segments Left" field starts with the total number of remaining segments and is decremented by one at each hop.
Fragmentation header
In IPv6, only the source host is allowed to fragment a datagram, unlike IPv4 where routers could also do so. All IPv6 nodes must be able to handle packets of at least 1280 bytes. If a router encounters a packet larger than the MTU of the next link, it sends an ICMPv6 Packet Too Big message back to the source, which then adjusts the size of its transmissions.
The fragmentation header contains the following fields:
- Identification: unique datagram identifier for reassembly.
- Fragment Offset: the fragment's position within the original datagram.
- M flag: indicates whether more fragments follow.
Authentication header (AH)
This header is designed to secure communications by verifying both the sender's authenticity and the integrity of the data. It is commonly used with the IPsec protocol. Using an authentication code, the recipient can confirm that the message truly comes from the expected sender and that it has not been altered in transit.
In the event of a fraudulent modification attempt, the authentication code will no longer match, and the datagram may be rejected. This mechanism also protects against replay attacks by detecting unauthorized duplications.
Destination Options Header
This header is intended only for the final recipient of the datagram. It can be used to add options or metadata specific to the application, without being taken into account by intermediate routers.
Initially, no such option was defined in the protocol. However, this header was introduced when IPv6 was designed, to allow future extensions to be added without modifying the overall packet structure. The null option, for example, is used only to pad the header to a multiple of 8 bytes for memory alignment purposes.
IPv6 packet design is built on a clear separation between a minimal base header and modular extension headers. This architecture ensures both standard processing performance and the flexibility needed to evolve the protocol and integrate security, complex routing or quality-of-service mechanisms, while maintaining compatibility with future infrastructures.
Quiz
Quiz1/5
net3024.3
What notation is used to indicate the prefix size in an IPv6 address?