IPv6 Basics

IPv6 is the successor to IPv4, designed to solve the internet's address exhaustion problem and improve upon the original protocol. Understanding IPv6 is essential for modern DevOps engineers.

Why IPv6?

IPv4 Limitations:

• Limited Address Space: 4.3 billion addresses (2³²)
• Address Exhaustion: IANA ran out of addresses in 2011
• NAT Requirement: Workaround needed, adds complexity
• No Built-in Security: IPsec is optional
• Poor Quality of Service (QoS): Difficult to prioritize traffic

IPv6 Address Space

IPv6 Features:

• 128-bit Addresses (3.4 × 10³⁸ addresses — essentially unlimited)
• Simplified Header — easier processing
• Built-in IPsec — encryption standardized
• Better QoS — traffic class field
• Stateless Auto-configuration — easier deployment

IPv6 Address Format

Representation:

IPv6 uses hexadecimal (0-9, a-f) instead of decimal.

Full format (128 bits = 8 groups of 16 bits):
2001:0db8:85a3:0000:0000:8a2e:0370:7334

Compressed format (zeros omitted):
2001:db8:85a3::8a2e:370:7334

Loopback:
::1 (equivalent to 127.0.0.1)

All zeros:
:: (equivalent to 0.0.0.0)

Compression Rules:

1. Remove leading zeros from each group
   • 0db8 → db8
   • 0000 → 0 (or omit)
2. Replace one consecutive sequence of zero groups with ::
   • 2001:db8:0:0:0:0:1:0 → 2001:db8::1:0
   • Only use :: once per address

IPv6 Address Types

1. Unicast

• One-to-one communication
• Single host receives message

Categories:

2. Multicast

• One-to-many communication
• Multiple hosts receive same message
• Starts with ff00::/8

Examples:

ff02::1         — All hosts on link-local
ff02::2         — All routers on link-local
ff02::1:3       — DHCP servers

3. Anycast

• Packet delivered to nearest host in group
• Uses regular unicast format
• Multiple devices share same address

IPv6 Address Structure

Global Unicast Address:

2001:db8:1234:5678:1111:2222:3333:4444
└─┬──┘ └──┬──┘ └─────┬──────┘ └────┬────┘
  Prefix  ISP   Subnet ID        Host ID
  (48b)   (16b) (16b)           (64b)

Typical: /48 or /64

Subnet Mask (CIDR):

• IPv6 uses /64 most commonly (vs IPv4's /24)
• /64 allows 2⁶⁴ hosts per subnet (essentially unlimited)

Link-Local Addresses

Automatically assigned to every IPv6 interface:

fe80::[host-id]
fe80::1
fe80::2

Used for:

• On-link communication before global addresses assigned
• Router advertisements
• Neighbor discovery
• IPsec key exchange

IPv6 Auto-Configuration

Stateless Auto-Configuration (SLAAC):

Device automatically configures IPv6 address without DHCP:

1. Generate Link-Local Address (fe80::...)
2. Listen for Router Advertisements
3. Router announces prefix (e.g., 2001:db8:1:1::/64)
4. Device generates global address from prefix + local ID
5. Device is online — no DHCP needed!

Example:

Router says: "I'm here, prefix is 2001:db8:1:1::/64"
Device thinks: "OK, my address is 2001:db8:1:1:1111:2222:3333:4444"
Result: Auto-configured without server

Stateful Configuration (DHCPv6):

Similar to IPv4 DHCP, but optional in IPv6 (SLAAC is usually preferred).

IPv6 vs IPv4 at a Glance

IPv6 Header Changes

Simplified Processing:

• Fixed header size (40 bytes vs IPv4's 20-60 bytes)
• Optional features in extension headers
• Routers don't handle fragmentation (hosts do)

IPv6 Header:
- Version (4 bits)
- Traffic Class (8 bits) — for QoS
- Flow Label (20 bits) — packet flow marking
- Payload Length (16 bits)
- Next Header (8 bits) — identifies protocol
- Hop Limit (8 bits) — like TTL in IPv4
- Source Address (128 bits)
- Destination Address (128 bits)

IPv6 Deployment Considerations

Dual-Stack:

• Run IPv4 and IPv6 simultaneously
• Hosts can use either protocol
• Most common transition method

Server:
2001:db8:1:1::web (IPv6)
192.0.2.100 (IPv4)

Client Implementation:

# IPv4 DNS query
nslookup example.com
# Returns: 192.0.2.1
 
# IPv6 DNS query
nslookup -v6 example.com
# Returns: 2001:db8:1:1::web

IPv6 Launch / Sunset:

• World IPv6 Day (June 8, 2011) — first test
• IPv4 still dominant (2026), but adoption growing
• Many cloud providers support IPv6
• Container platforms increasingly support IPv6

IPv6 in Cloud and Containers

AWS:

• All VPCs can have IPv6 CIDR blocks
• /56 assigned to VPC, /64 to each subnet
• EC2 instances get IPv6 addresses

Kubernetes:

• Dual-stack support (IPv4 + IPv6 simultaneously)
• Service IPs can be IPv6
• Pod networking supports IPv6

Docker:

• Supports IPv6 on networks
• Can assign IPv6 addresses to containers

Writing IPv6 Addresses

Do's:

✓ Compress zeros: 2001:db8::1
✓ Use lowercase: 2001:db8:1:1::1
✓ CIDR notation: 2001:db8:1:1::/64

Don'ts:

✗ Multiple :: compressions: 2001:db8::1::1
✗ Mix IPv4-mapped notation carelessly
✗ Forget the /64 netmask

Testing IPv6 Connectivity

# Ping IPv6 address
ping6 2001:db8:1:1::web
 
# Show IPv6 addresses
ip addr show | grep inet6
 
# Show IPv6 routing table
ip -6 route show
 
# Connect to IPv6 service
curl -v http://[2001:db8:1:1::web]/

DevOps Checklist for IPv6

• Understand link-local addresses
• Know how to read/write IPv6 addresses
• Understand /64 subnets (effectively infinite hosts)
• Configure dual-stack where possible
• Test IPv6 connectivity on infrastructure
• Document IPv6 addresses in your setup
• Firewall rules must allow IPv6 if needed
• Update monitoring to track IPv6 traffic

Key Takeaways

• IPv6 solves address exhaustion (128-bit addresses)
• Link-local addresses automatically assigned
• SLAAC enables auto-configuration without DHCP
• Dual-stack is the practical transition approach
• Compress consecutive zeros with ::
• ::1 is loopback, /64 is standard subnet
• Modern infrastructure increasingly supports IPv6