IPv6

IPv6 addresses are normally written as eight groups of four hexadecimal digits, where each group
is separated by a colon :

For example 2001:0db8:85a3:08d3:1319:8a2e:0370:7334 is a valid IPv6 address.

The 128-bit address is divided along 16-bit boundaries

0010000111011010 0000000011010011 0000000000000000 0010111100111011

0000001010101010 0000000011111111 1111111000101000 1001110001011010

Each 16-bit block is converted to hexadecimal and delimited with colons. The result is

21DA:00D3:0000:2F3B:02AA:00FF:FE28:9C5A

IPv6 representation can be further simplified by removing the leading zeros within each 16-bit
block. However, each block must have at least a single digit. With leading zero suppression, the
address representation becomes

21DA:D3:0:2F3B:2AA:FF:FE28:9C5A

Compressing Zeros

Some types of addresses contain long sequences of zeros. To further simplify the representation
of IPv6 addresses, a contiguous sequence of 16-bit blocks set to 0 in the colon-hexadecimal
format can be compressed to "::," known as double-colon.

For example, the link-local address of FE80:0:0:0:2AA:FF:FE9A:4CA2 can be compressed to

FE80::2AA:FF:FE9A:4CA2. The multicast address FF02:0:0:0:0:0:0:2 can be compressed to
FF02::2.

Zero compression can be used to compress only a single contiguous series of 16-bit blocks
expressed in colon-hexadecimal notation. You cannot use zero compression to include part of a
16-bit block. For example, you cannot express FF02:30:0:0:0:0:0:5 as FF02:3::5.

0000, may be replaced with two colons:: as long as there is only one double colon used in an
address

1234:0:0:0:ABCD:0:0:123
could be represented as
1234::ABCD:0:0:123
or
1234:0:0:0:ABCD::123
but not
1234::ABCD::123
2001:0db8:0000:0000:0000:0000:1428:57ab can be shortened to

2001:0db8::1428:57ab. Leading zeros in a group can also be omitted (as in ::1 for localhost).
Thus, the addresses below are all valid and equivalent

2001:0db8:0000:0000:0000:0000:1428:57ab
2001:0db8:0000:0000:0000::1428:57ab
2001:0db8:0:0:0:0:1428:57ab
2001:0db8:0:0::1428:57ab
2001:0db8::1428:57ab
2001:db8::1428:57ab

2031:0:130F:0:0:9C0:876A:130B
2031:0:130F::9C0:876A:130B

FF01:0:0:0:0:0:1
FF01::1

In IPv4, a unicast address is simply an address used to represent a single host, where multicast
addresses represent a group of hosts and broadcasts represent all hosts.
There is no such thing as a broadcast in IPv6 because it uses multicast traffic instead.
In IPv6 there are actually different types of unicast addresses, each with its own separate
function. This allows IPv6 to get data where its supposed to go quicker than IPv4 while
conserving router resources.
IPv6 offers two kinds of local addresses, link-local and site-local. Site-local addresses allow
devices in the same organization, or site, to exchange data. The Link-Local-Use is for use on a
single link.

Local-Use Addresses

A local-use address is a unicast address that has only local routability scope (within the subnet or
within a subscriber network), and may have local or global uniqueness scope. They are intended
for use inside of a site for "plug and play" local communication

Site-local addresses are IPv6s equivalent to IPv4s private address classes, since hosts using
them are able to communicate with each other throughout the organization, but these addresses
cannot be used to reach Internet hosts.
Site-local and link-local addresses are actually derived from a hosts MAC address. Therefore, if
HostA has HostBs IPv6 address, HostA can determine HostBs MAC address from that, making
ARP unnecessary.

Link-local addresses are just that, local to a physical link. These particular addresses are not
used at all in forwarding data. One use for these addresses is Neighbor Discovery, which is IPv6s
answer to ARP.
You can identify these and other IPv6 addresses by their initial bits
1111 111010 - Link Local prefix FE80::/10
A site-local address 1111 111011 a IPv6 unicast address uses the prefix FEC0::/10

1111 1111 – Multicast has a prefix of FF00::/8

001 - Global address
(first 96 bits set to zero) - IPv4-compatible address
0000:0000:0000:0000:0000:0000:192.168.10.10 -- which can be shortened to ::192.168.10.10

A new type of address called a "anycast address" is defined, to identify sets of nodes where a
packet sent to an anycast address is delivered to one of the nodes.

An IPv6 anycast address is an address that is assigned to more than one interface (typically
belonging to different nodes), with the property that a packet sent to an anycast address is routed
to the "nearest" interface having that address, according to the routing protocols' measure of
distance.

Multicast - as in IPv4, packets addressed to a multicast address are delivered to all

interfaces identified by the multicast address. Sometimes people call them one-to-many
addresses. It’s really easy to spot a multicast address in IPv6 because they always start
with FF.
 Anycast - Like multicast addresses, an anycast address identifies multiple interfaces, but
there’s a big difference: the anycast packet is only delivered to one address—actually, to
the first one it finds defined in terms of routing distance. And again, this address is special
because you can apply a single address to more than one interface. You could call them
one-to-one-of many addresses, but just saying “anycast” is a lot easier.

When you use a web browser to make an HTTP connection to an IPv6 device, you have to
type the address into the browser with brackets around the literal address. A colon is already
being used by the browser for specifying a port number. So basically, if you don’t enclose the
address in brackets, the browser will have no way to identify the information. Here’s an
example of how this looks
http://[2001:0db8:3c4d:0015:0000:0000:5678:ef12]/index.php

Special reserved addresses.

0:0:0:0:0:0:0:0 - Equals :: This is the equivalent of IPv4’s 0.0.0.0, and is typically the source
address of a host when you’re using stateful configuration.

0:0:0:0:0:0:0:1 - Equals ::1 The equivalent of 127.0.0.1 in IPv4.

0:0:0:0:0:0:192.168.100.1 - This is how an IPv4 address would be written in a mixed

IPv6/IPv4 network environment.

2000::/3 - The global unicast address range.

FC00::/7 - The unique local unicast range.

FE80::/10 - The link-local unicast range.

FF00::/8 - The multicast range.

2002::/16 - Used with 6to4, which is the transition system—the structure that allows IPv6
packets to be transmitted over an IPv4 network without the need to configure explicit
tunnels.

Stateless IPv6

Autoconfiguration
Autoconfiguration is an incredibly useful solution because it allows devices on a network to
address themselves with a link-local unicast address. This process happens through first learning
the prefix information from the router and then appending the device’s own interface address as
the interface ID. Every device on an Ethernet network has a physical MAC address, and that’s
exactly what’s used for the interface ID. Since the interface ID in an IPv6 address is 64 bits in
length and a MAC address is only 48 bits, the MAC address is padded in the middle with the extra
bits—it’s padded with FFFE.
The EUI-64 identifier would be computed as XX-XX-XX-FF-FE-YY-YY-YY. Most systems would
then insert a binary one at bit seven (counting from the right) to indicate a global scope. The
following example illustrates this.

MAC-48: 00:01:03:69:8B:CF
EUI-64: 0201:03ff:fe69:8bcf

Example
Host Ethernet address is 00:30:48:23:58:df
Network prefix is 2001:db8:1:cafe::/64
Address is
2001:0db8:0001:cafe:0230:48ff:fe23:58df
The change in the top byte of the address from ‘00’ to ‘02’ comes from the global bit being set in
the translation from IEEE MAC-48 to EUI-64

To perform Autoconfiguration, a host goes through a basic two-step process

 1. The host needs the prefix information (similar to the network portion of an IPv4
address) to configure its interface, so it sends a router solicitation (RS) request for it.
This RS is then sent out as a multicast to each router’s multicast address. The actual
information being sent is a type of ICMP message, and like everything in networking,
this ICMP message has a number that identifies it. The RS message is ICMP type 133.
2. The router answers back with the required prefix information via a router
advertisement (RA). An RA message also happens to be a multicast packet that’s sent
to each node’s multicast address and is ICMP type 134. RA messages are sent on a
periodic basis, but the host sends the RS for an immediate response so it doesn’t have
to wait until the next scheduled RA to get what it needs.

To enable IPv6 on a router, we use the ipv6 unicast-routing global configuration command.
By default, IPv6 traffic forwarding is disabled. Also, IPv6 isn’t enabled by default on any
interfaces either, so we have to go to each interface individually and enable it. There are a
few different ways to do this, but a really easy way is to just add an address to the interface.
Adding an ipv6 address to an interface

Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#ipv6 unicast-routing (enables ipv6)

Router(config)#int fa 0/0

We can specify the entire 128-bit global ipv6 address

Router(config-if)#ipv6 address 2001:db8:3c4d:1:0260:d6FF:FE73:1987/64

Or we can use the eui-64 option.

Router(config-if)#ipv6 address 2001:db8:3c4d:1::/64 eui-64

Router(config-if)#end

Alternatively we can enable the interface to permit the automatic link-local address.

Corp(config-if)#ipv6 enable

Note if we have a link-local address we can only communicate on that local subnet.
Example
Adding IPv6 to the Corp router
Corp#config t
Corp(config)#ipv6 unicast-routing
Corp(config)#int f0/1
Corp(config-if)#ipv6 address 2001:db8:3c4d:11::/64 eui-64
Corp(config-if)#int s0/0/0
Corp(config-if)#ipv6 address 2001:db8:3c4d:12::/64 eui-64
Corp(config-if)#^Z

Stateful IPv6

DHCPv6

DHCPv6 works pretty much the same way DHCP does in v4. There are a couple of other options
that DHCP still provides for us that autoconfiguration doesn’t - DNS servers, domain names, or
many of the other options that DHCP has always provided for us via IPv4 with autoconfiguration.

Upon booting up in IPv4, a client sent out a DHCP discover message looking for a server to give
it the information it needs. In IPv6, the RS and RA process happens first. If there’s a DHCPv6
server on the network, the RA that comes back to the client will tell it if DHCP is available for use.
If a router isn’t found, the client will respond by sending out a DHCP solicit message—a solicit
message that’s actually a multicast message addressed with a source of ff02::1:2, meaning all
DHCP agents, both servers and relays.

It’s good to know that there’s some support for DHCPv6 in the Cisco IOS. But it’s limited to a
stateless DHCP server, meaning it doesn’t offer any address management of the pool, plus the
options available for configuring that address pool are limited to the DNS, domain name, and SIP
servers only. Here is the example of configuration of DHCPv6 on Cisco IOS

Router(config)#ipv6 dhcp pool ? (DHCP pool name)

Router(config)#ipv6 dhcp pool nhs
Router(config-dhcp)#? IPv6 DHCP configuration commands
default Set a command to its defaults
dns-server DNS servers
domain-name Domain name to complete unqualified host names
exit Exit from DHCPv6 configuration mode
no Negate a command or set its defaults
prefix-delegation IPv6 prefix delegation
sip SIP Servers options
Router(config-dhcp)#dns-server ? Hostname or Server name or IPv6 address

Router(config-dhcp)#domain-name ciscotests.org
Router(config-dhcp)#prefix-delegation ?
X:X:X:X::X/<0-128> IPv6 x:x::y/
aaa Acquire prefix from AAA
pool IPv6 prefix pool

Router(config-dhcp)#prefix-delegation pool test lifetime 3600 3600

Now when we have the pool, the only thing that we need is to assign that pool to the interface

Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int fa 0/0
Router(config-if)#ipv6 dhcp server nhs
Router(config-if)#

IPv6 Routing

Most of the routing protocols we’ve already discussed have been upgraded for use in IPv6
networks. Also, many of the functions and configurations that we’ve already learned will be used
in almost the same way as they’re used now.

RIPng

The primary features of RIPng (next generation) are the same as they were with RIPv2. It is still a
distance-vector protocol, has a max hop count of 15, and uses split horizon, poison reverse, and
other loop avoidance mechanisms, but it now uses UDP port 521. It still uses multicast to send its
updates too, but in IPv6, it uses FF02::9 for the transport address. In RIPv2, the multicast address
was 224.0.0.9.

Probably one of the biggest changes with all of the IPv6 routing protocols is the fact that you
configure or enable the advertisement of a network from interface configuration mode instead of
with a network command in router configuration mode.

By default RIPng is disabled. To enable RIPng, you must enable it globally and also on individual
router interfaces.
Router#config t
Router(config)#ipv6 router rip test
(test is the word the user chose to identify the process)
Router(config-rtr)#exit
Router(config)#int fa 0/0
After enabling RIPng globally, you must enable it on individual router interfaces.
Router(config-if)#ipv6 rip test enable

As you see, now we can have multiple RIPng processes running. When you confiure them, you
need to specify the identifier for the process, so when you configuring the interfaces, you must
choose the routing process in which that interface is part of.

Question
What multicast address does RIPng use?
A. FF02::A
B. FF02::9
C. FF02::5
D. FF02:6
Answer B
FF02::9

EIGRPv6

EIGRPv6 works much the same as its IPv4 predecessor does—most of the features that EIGRP
provided before EIGRPv6 will still be available. EIGRPv6 is still an advanced distance-vector
protocol that has some link-state features. The neighbor discovery process using hellos still
happens, and it still provides reliable communication with reliable transport protocol that gives us
loop-free fast convergence using the Diffusing Update Algorithm (DUAL). Hello packets and
updates are sent using multicast transmission, and as with RIPng, EIGRPv6’s multicast address
stayed almost the same. In IPv4 it was 224.0.0.10; in IPv6, it’s FF02::A (A = 10 in hexadecimal
notation).

The use of the network command is gone, and the network and interface to be advertised must
be enabled from interface configuration mode. But you still have to use the router configuration
mode to enable the routing protocol in EIGRPv6 because the routing process must be literally
turned on like an interface with the no shutdown command.

Router(config)#ipv6 router eigrp 20

Router(config-rtr)#no shutdown
Router(config-rtr)#exit
Router(config)#
Router(config)#int fa 0/0
Router(config-if)#ipv6 eigrp 20 (ipv6 is enabled on the interface)
Router(config-if)#

The number 20 in the configuration is the AS number, as in IPv4.

Question
What multicast address does EIGRPv6 use?
A. FF02::A
B. FF02::9
C. FF02::5
D. FF02:6
Answer A
FF02::A
OSPFv3
The foundation of OSPF remains the same, it is still a link-state routing protocol that divides an
entire internetwork or autonomous system into areas, making a hierarchy. In version 3, you
assign the RID, area ID, and link-state ID, which are all still 32-bit values but are not found
using the IP address anymore because an IPv6 address is 128 bits. Changes regarding how
these values are assigned, along with the removal of the IP address information from OSPF
packet headers, makes the new version of OSPF capable of being routed over almost any
Network layer protocol.
Adjacencies and next-hop attributes now use link-local addresses, and OSPFv3 still uses
multicast traffic to send its updates and acknowledgments, with the addresses FF02::5 for
OSPF routers and FF02::6 for OSPF-designated routers. These new addresses are the
replacements for 224.0.0.5 and 224.0.0.6, respectively.

Router(config)#ipv6 router ospf <1-65535> Process ID

Router(config)#ipv6 router ospf 1
Router(config-rtr)#router-id 10.10.10.10
Router(config-rtr)#exit
Router(config)#int fa 0/0
Router(config-if)#ipv6 ospf 1 area 10.10.10.10

Actually, you can use only the last command. The OSPF process will be created automatically.
You need to execute the first few commands only if you want to customize the settings of the
OSPF routing process.
Question
What two multicast addresses does OSPFv3 use?

A. FF02::A
B. FF02::9
C. FF02::5
D. FF02::6

Answer C, D

FF02::5
FF02::6

Dual Stacking
This is the most common type of migration strategy because, it allows our devices to
communicate using either IPv4 or IPv6. Dual stacking lets you upgrade your devices and
applications on the network one at a time. As more and more hosts and devices on the network
are upgraded, more of your communication will happen over IPv6, and after you’ve arrived—
everything’s running on IPv6, and you get to remove all the old IPv4 protocol stacks you no longer
need. Configuring dual stacking on a Cisco router is amazingly easy—all you have to do is enable
IPv6 forwarding and apply an address to the interfaces already configured with IPv4. It’ll look
something like this

Router(config)#
Router(config)#ipv6 unicast-routing
Router(config)#int fa 0/0
Router(config-if)#ipv6 address 2001:DB8:3C4D:15::/64 eui-64
Router(config-if)#ip address 192.168.1.1 255.255.255.0
Router(config-if)#end
Router#
6to4 Tunneling
6to4 tunneling is really useful for carrying IPv6 data over a network that’s still IPv4. It’s quite
possible that you’ll have IPv6 subnets or other portions of your network that are all IPv6, and
those networks will have to communicate with each other. Not so complicated, but when you
consider that you might find this happening over a WAN or some other network that you don’t
control, that could be a bit ugly. So we will create a tunnel that will carry the IPv6 traffic for us
across the IPv4 network. The whole idea of tunneling isn’t a difficult. All it really comes down to is
snatching the IPv6 packet that’s happily traveling across the network and sticking an IPv4 header
onto the front of it.

R1(config)#
R1(config)#int tunnel 0
R1(config-if)#ipv6 address 2001:db8:3c4d:1::1/64
R1(config-if)#tunnel source 192.168.1.1
R1(config-if)#tunnel destination 192.168.2.2
R1(config-if)#tunnel mode ipv6ip

R2(config)#
R2(config)#int tunnel 0
R2(config-if)#ipv6 address 2001:db8:3c4d:2::2/64
R2(config-if)#tunnel source 192.168.2.2
R2(config-if)#tunnel destination 192.168.1.1
R2(config-if)#tunnel mode ipv6ip
R2(config-if)#

Exam Questions

Question
A router that is running both IPv4 and IPv6 addressing on the same interface is known as what
type of router?

A. 6to4
B. 4to6
C. NAT-PT
D. 4to6 tunneling
E. Dual-stack
Answer E

Dual-stack
Question
Which of the following are valid IPv6 addresses? (Choose three.)

A. 2001:0db8:0000:0000:0000:0000:1428:57ab
B. 2001:0db8::1428:57ab
C. 2001::1685:2123::1428:57ab
D. 2001:99:ab:1:99:2:1:9
E. 2001:1428:57ab:1685:2123:1428:57ab
Answer A, B, D
Explanation

C. 2001::1685:2123::1428:57ab
incorrect as only one double colon can be used in an address

E. 2001:1428:57ab:1685:2123:1428:57ab
IPv6 addresses are normally written as eight groups of four hexadecimal digits, this is only 7

Question
Which of the following are invalid IPv6 communication types? (Choose two.)

A. Unicast
B. Multicast
C. Broadcast
D. Anycast
E. Cryptocast

Answer C, E

Broadcast, Cryptocast

Question
Which of the following commands could you use to assign an IPv6 address to your router?

A. Router(config-if)#ip address fe01:3112:abcd::0001 255.255.255.0

B. Router(config-if)#ip address fe01:3112:abcd::0001/48
C. Router(config-if)#ip address 6 fe01:3112:abcd::0001 255.255.255.0
D. Router(config-if)#ip address 6 fe01:3112:abcd::0001/48
E. Router(config-if)#ipv6 address fe01:3112:abcd::0001 255.255.255.0
F. Router(config-if)#ipv6 address fe01:3112:abcd::0001/48

Answer F

Router(config-if)#ipv6 address fe01:3112:abcd::0001/48

The prefix is ipv6 address <ipv6prefix>/<prefix-length>

Question
What is another format for the IPv6 address 1080:0000:0000:0000:0000:0000:1267:01A2?

A. 1080::1267:01A2

B. 1080:0:0:0:0:1267:01A2

C. 1080::0:1267:01A2

D. 1080:::::1267.01A2

Answer A

1080::1267:01A2

Question
Which of the following is a valid equivalent of the IPv6 address
2001:0ab9:0000:0000:0003:0000:59ff:1ac5?

A. 2001:0ab9::3::59ff:1ac5
B. 2001:ab9:0:0:3::59ff:1ac5
C. 2001:ab9::359ff:1ac5
D. 2001:0ab9:__:3:_:59ff:1ac5

Answer B

Question
Which of the following commands enables the IPv6 protocol on a router?

A. Router(config)#ipv6 unicast-routing
B. Router(config)#ipv6 enable
C. Router(config)#enable ipv6
D. Router(config)#ipv6
E. Router(config)#router ipv6

Answer A
ipv6 unicast-routing