Chapter Description

In this thing from IPv6 Fundamentals: A Straightforward method to understanding IPv6, 2nd Edition, author Rick Graziani examines every the different types of IPv6 addresses in the unicast, multicast, and also anycast categories.

You are watching: What are two types of ipv6 unicast addresses? (choose two.)

From the Book


IPv6 Fundamentals: A Straightforward approach to expertise IPv6, 2nd Edition


Unicast Addresses

Figure 4-6 diagrams the three species of addresses: unicast, multicast, and also anycast. We start by looking in ~ unicast addresses. Don’t be intimidated by all the different species of unicast addresses. The most far-ranging types are worldwide unicast addresses, i beg your pardon are identical to IPv4 public addresses, and also link-local addresses. This address varieties are discussed in information in Chapters 5 and also 6.


Figure 4-6 IPv6 resolve Types: Unicast Addresses

A unicast attend to uniquely identify an interface on an IPv6 device. A packet sent to a unicast address is got by the user interface that is assigned to that address. Comparable to IPv4, a resource IPv6 addresses have to be a unicast address.


Notice that there is no broadcast attend to shown in figure 4-6. Remember that IPv6 walk not include a transfer address.

This ar covers the different varieties of unicast addresses, as depicted in number 4-6. The following is a rapid preview that each type of unicast address discussed in this section:

Global unicast: A routable address in the IPv6 Internet, similar to a public IPv4 attend to (covered in much more detail in thing 5).

Link-local: offered only to communicate with devices on the exact same local connect (covered in much more detail in chapter 6).

Loopback: An deal with not assigned to any kind of physical interface that can be supplied for a host to send an IPv6 packet to itself.

Unspecified address: used only as a resource address and indicates the absence of an IPv6 address.

Unique local: similar to a private deal with in IPv4 (RFC 1918) and not plan to be routable in the IPv6 Internet. However, unequal RFC 1918 addresses, these addresses room not to plan to be statefully interpreted to a an international unicast address.

IPv4 embedded: an IPv6 attend to that carries an IPv4 attend to in the low-order 32 bits that the address.

Global Unicast Address

Global unicast addresses (GUAs), also known together aggregatable an international unicast addresses, are globally routable and also reachable in the IPv6 Internet. They are tantamount to windy IPv4 addresses. Castle play a far-ranging role in the IPv6 addressing architecture. One of the main motivations because that transitioning to IPv6 is the exhaustion of its IPv4 counterpart. As you deserve to see in number 4-6, a GUA address is only one of several types of IPv6 unicast addresses.

Figure 4-7 mirrors the generic framework of a GUA, which has actually three fields:

Global Routing Prefix: The worldwide Routing Prefix is the prefix or network section of the address assigned through the provider, such together an ISP, come the customer site.

Subnet ID: The Subnet i would is a separate field for allocating subnets within the client site. Unlike v IPv4, it is not essential to lend bits from the interface ID (host portion) to produce subnets. The number of bits in the Subnet id falls in between where the an international Routing Prefix ends and also where the user interface ID begins. This renders subnetting an easy and manageable.

Interface ID: The user interface ID identifies the interface on the subnet, tantamount to the host section of an IPv4 address. The user interface ID in most situations is 64 bits.


Figure 4-7 Structure that a GUA Address

Figure 4-7 illustrates the an ext general structure, there is no the certain sizes for any of the three parts. The very first 3 bits that a GUA attend to begin with the binary value 001, which outcomes in the first hexadecimal digit coming to be a 2 or a 3. (We look at the structure of the GUA address much more closely in thing 5.)

There are several means a an equipment can be configured with a an international unicast address:

Manually configured.

Stateless attend to Autoconfiguration.

Stateful DHCPv6.

Example 4-1 demonstrates how to watch the global unicast deal with on Windows and Mac OS operating systems, using the ipconfig and also ifconfig commands, respectively. The ifconfig command is also used through the Linux operating system and also provides similar output.


You might see lot of IPv6 an international unicast addresses including one or more temporary addresses. You’ll learn more about this in chapter 9.

Example 4-1 Viewing IPv6 Addresses ~ above Windows and Mac OS

Windows-OS> ipconfigEthernet adapter neighborhood Area Connection:   Connection-specific DNS Suffix  .  :   ! IPv6 GUA   IPv6 Address. . . . . . . . . . .  : 2001:db8:cafe:1:d0f8:9ff6:4201:7086     ! IPv6 Link-Local   Link-local IPv6 deal with . . . . .  : fe80::d0f8:9ff6:4201:7086%11            IPv4 Address. . . . . . . . . . .  :   Subnet Mask . . . . . . . . . . .  :   ! IPv6 Default Gateway   Default Gateway . . . . . . . . .  : fe80::1%11                                        $ ifconfigen1: flags=8863 mtu 1500   ether 60:33:4b:15:24:6f   ! IPv6 Link-Local   inet6 fe80::6233:4bff:fe15:246f%en1 prefixlen 64 scopeid 0x5             inet netmask 0xffffff00 broadcast   ! IPv6 GUA   inet6 2001:db8:cafe:1:4bff:fe15:246f prefixlen 64 autoconf               media: autoselect   status: activeThis section has detailed just a brief advent to an international unicast addresses. Remember that IPv6 introduced a lot of changes to IP. Tools may obtain more than one GUA resolve for reasons such together privacy. Because that a network administrator needing come manage and also control accessibility within a network, having actually these added addresses that are not administered v stateful DHCPv6 may be undesirable. Chapter 11 discusses devices obtaining or producing multiple global unicast addresses and also various options to for sure that devices only acquire a GUA address from a stateful DHCPv6 server.

Link-Local Unicast Address

Link-local addresses room another type of unicast deal with as shown in figure 4-6. A link-local resolve is a unicast deal with that is confined to a single link, a single subnet. Link-local addresses only should be distinctive on the link (subnet) and also do not have to be unique past the link. Therefore, routers perform not forward packets with a link-local address. Tools can use Duplicate address Detection (DAD) to recognize whether or not the link-local address is unique.


Link-local unicast addresses are questioned in information in chapter 6. ICMPv6 DAD is examined in chapter 13, “ICMPv6 neighborhood Discovery.”

Figure 4-8 mirrors the style of a link-local unicast address, i m sorry is in the range fe80::/10. Using this prefix and prefix length results in the range of the first hextet gift from fe80 to febf.


Figure 4-8 Structure that a Link-Local Unicast Address


Using a prefix various other than fe80 for a link-local resolve can result in unforeseen behaviors. Although allowed by the RFC 4291, utilizing a prefix other than fe80 must be tested before usage.

In thing 6 us will study the structure, uses, and configuration options for link-local addresses in much an ext detail. For now, right here is a an introduction of few of the an essential points:

To be an IPv6-enabled device, a maker must have actually an IPv6 link-local address. The an equipment doesn’t need to have an IPv6 worldwide unicast address, however it must have a link-local address.

Link-local addresses space not routable off the connect (IPv6 subnet). Routers do not forward packets with a link-local address.

Link-local addresses only need to be distinct on the link. That is an extremely likely and also sometimes even preferable for a device to use the exact same link-local resolve on various interfaces that are on different links.

There can be only one link-local attend to per interface.

Configuration options for link-local addresses space (see Chapters 6 and also 9 for more details):

Devices dynamically (automatically) develop their very own link-local IPv6 deal with upon startup. This is the default on many operating systems, consisting of Cisco IOS, Windows, Mac OS, and also Linux.

Link-local addresses have the right to be manually configured.

The idea that a machine creating its own IP address upon startup is really an amazing benefit in IPv6! Think that it. A machine can produce its own IPv6 link-local address totally on its own, without any type of kind of hands-on configuration or the solutions of a DHCP server. This way that the maker can instantly communicate with any kind of other device on its connect (IPv6 subnet). A machine may only need a link-local attend to because the only needs to connect with other devices on its same network. Or it have the right to use that link-local deal with to communicate with a maker where that can acquire information for obtaining or creating a worldwide unicast address, such as an IPv6 router or a DHCPv6 server. The maker can then use this information to communicate with devices on other networks.

This solves the “Which come first, the chicken or the egg?” trouble with IPv4. The is, “How perform I asking a DHCP server for an IP resolve when I first need to have actually an IP attend to before ns can communicate with the server come ask for one?” (DHCP for IPv4 supplies a discover message with an IPv4 resource address that v IPv6, during startup the maker automatically provides itself a link-local address that is unique on the subnet. It deserve to then usage this resolve to interact with any device on the network, consisting of an IPv6 router and, if necessary, a DHCPv6 server. Mental from thing 2 the an IPv6 router sends out ICMPv6 Router advertising messages that enable the machine to obtain a worldwide unicast address, with or there is no the services of DHCPv6.

Example 4-1 demonstrates how to view the link-local attend to on Windows and also Mac OS operating solution by making use of the ipconfig and also ifconfig commands. These operating systems, and also Linux, are permitted for IPv6 by default. So, even if the tools did not have actually a worldwide unicast address, as presented in example 4-1, you would still check out the IPv6 link-local address. And as discussed in thing 2, this means client hosts space running IPv6 and, in ~ a minimum, the network need to be secured to protect against IPv6 attacks.


Notice the %11 and also %en1 following the IPv6 link-local addresses in example 4-1. This are known as zone identifiers, and also they are used to identify the user interface on the device. These are usually of small importance when referring come a link-local address, however they space highly significant for tying the address to the interface. Region identifiers are discussed in chapter 6.

The complying with are several of the methods IPv6 devices use a link-local address:

When a device starts up, before it obtains a GUA address, the an equipment uses that IPv6 link-local address as its source address to communicate with other devices on the network, including the local router.

Devices usage the router’s link-local attend to as their default gateway address.

Routers exchange IPv6 dynamic routing protocol (OSPFv3, EIGRP because that IPv6, RIPng) message from your IPv6 link-local address.

IPv6 routing table entries inhabited from dynamic routing protocols use the IPv6 link-local attend to as the next-hop address.

This section has provided just an advent to the link-local address. We will explore all this topics in much more detail in chapter 6.

Loopback Addresses

A loopback address is another type of unicast address (refer to figure 4-6). One IPv6 loopback resolve is ::1, an all-0s deal with except for the critical bit, i beg your pardon is collection to 1. The is equivalent to the IPv4 address block, most frequently the loopback address.

Table 4-6 reflects the various formats for representing an IPv6 loopback address.

Table 4-6 IPv6 Loopback resolve Representations
RepresentationIPv6 Loopback Address
Leading 0s omitted0:0:0:0:0:0:0:1

The loopback address can be provided by a node to send an IPv6 packet come itself, typically when experimentation the TCP/IP stack. Loopback addresses have actually the following characteristics:

A loopback attend to cannot be assigned to a physics interface.

A packet v a loopback address, resource address, or destination deal with should never ever be sent beyond the device.

A router have the right to never front a packet through a destination resolve that is a loopback address.

The maker must autumn a packet got on an interface if the destination attend to is a loopback address.

Unspecified Addresses

An unspecified unicast deal with is an all-0s address (refer to figure 4-6). An unspecified unicast resolve is provided as a resource address to show the lack of one address. It cannot be assigned come an interface.

One example where an unspecified attend to can be used is as a source address in ICMPv6 Duplicate deal with Detection (DAD). DAD is a procedure that a machine uses to ensure the its unicast resolve is distinct on the local connect (network). DAD is questioned in chapter 14.

Table 4-7 shows the various formats because that representing an IPv6 unspecified address.

Table 4-7 IPv6 Unspecified address Representations
RepresentationIPv6 Unspecified Address
Leading 0s omitted0:0:0:0:0:0:0:0

Unspecified addresses have the following characteristics:

An unspecified source address indicates the lack of one address.

An unspecified address cannot be assigned to a physics interface.

An unspecified address cannot be offered as a destination address.

A router will never ever forward a packet that has actually an unspecified resource address.

Unique local Addresses

Figure 4-6 mirrors another kind of IPv6 unicast address, the distinctive local deal with (ULA), i m sorry is the counterpart of IPv4 exclusive addresses. Unique local addresses are also known together private IPv6 addresses or local IPv6 addresses (not to be perplexed with link-local addresses).

ULA addresses have the right to be used an in similar way to global unicast addresses but are for exclusive use and should no be routed in the worldwide Internet. ULA addresses are just to be supplied in a more restricted area, such together within a website or routed in between a limited number of governmental domains. ULA addresses are for tools that never ever need accessibility to the Internet and also never must be obtainable from the Internet.

ULA addresses are identified in RFC 4193, Unique local IPv6 Unicast Addresses. Number 4-9 illustrates the style of a distinct local unicast address.


Figure 4-9 Structure of a distinct Local Unicast Address

Unique neighborhood addresses have the prefix fc00::/7, which results in the variety of addresses from fc00::/7 to fdff::/7, as presented in Table 4-8.

Table 4-8 Range of distinctive Local Unicast Addresses
Unique local Unicast deal with (Hexadecimal)Range of very first HextetRange of an initial Hextet in Binary
fc00::/7fc00 come fdff1111 1100 0000 0000 to 1111 1101 1111 1111

Unique local addresses have the complying with characteristics:

They can be used simply like worldwide unicast addresses.

They can be provided for devices that never ever need access to or native the an international Internet.

They permit sites come be linked or privately interconnected without attend to conflicts and without request addressing renumbering. (Address disputes are extremely unlikely as result of the big address space.)

They space independent of any ISP and also can be provided within a site even without having actually Internet connectivity.

ULA and also NAT

ULA and NAT is a little bit of a tricky topic. The ide of translating a unique local address to a global unicast resolve is the subject of ongoing debate within the IPv6 community, and it fosters emotional opinions top top both sides of the argument. The IAB published an informational RFC highlighting its thoughts on NAT and also IPv6 in RFC 5902, IAB think on IPv6 Network address Translation. In this RFC, the IAB summarizes the use of NAT together follows:

Network resolve translation is regarded as a systems to achieve a number of desired properties for individual networks: preventing renumbering, facilitating multihoming, do configurations homogenous, hiding inner network details, and also providing straightforward security.

So, walk this method NAT provides security, and ULA addresses have the right to be analyzed to GUA addresses because that this purpose? The straightforward answer is no. RFC 5902 goes on to state, “However, one need to not confuse NAT boxes with firewalls. As debated in section 2.2, the action of translation go not carry out security in itself.”

Remember the the driving pressure for using NAT with IPv4 is no security however IPv4 address depletion. Although the IAB and also the IETF did no intend for NAT to be offered with IPv6 as it is with IPv4, NAT does carry out mechanisms for translation whereby translation is necessary. These translation techniques include Network Prefix Translation variation 6 (NPTv6), described in RFC 6296, IPv6-to-IPv6 Network Prefix Translation, and NAT66, defined in an internet draft RFC, IPv6-to-IPv6 Network attend to Translation (long expired). Both of these RFCs emphasis on translation for resolve independence—and just where necessary. In RFC 6296, the IETF go as far as stating, “For reasons disputed in and also Section 5, the IETF does no recommend the use of Network address Translation modern technology for IPv6.”

Both NPTv6 and NAT66 room designed for resolve independence and not security. Address independence means that a website does not need to renumber its interior addresses if the ISP alters the site’s external prefix or if the site alters ISPs and receives a different prefix.

NPTv6 and NAT66 room both stateless technologies, whereas NAT for IPv4 is stateful. That is the statefulness, no NAT itself, that offers the security. This method that internal gadgets are open up to certain types of assaults that would certainly not be feasible in a NAT because that IPv4 network. Without obtaining into the NAT-versus-security controversy covered in chapter 1, NAT because that IPv4 is not security and introduces countless problems and challenges.

If every this seems vague, complicated, and also perhaps also contradictory, welcome to the conversation on NAT and also IPv6.


For more information on ULA addresses through NAT66 or NPTv6, watch Ed Horley’s excellent articles on the topic, at Horley has likewise written an excellent book, Practical IPv6 for home windows Administrators.

L Flag and an international ID

ULA addresses have the prefix fc00::/7, or the very first 7 bits as 1111 110x. As presented in figure 4-10, the eighth little bit (x) is known as the together flag, or the neighborhood flag, and also it deserve to be either 0 or 1. This way that the ULA address selection is split into two parts:

fc00::/8 (1111 1100): as soon as the together flag is collection to 0, may be characterized in the future.

fd00::/8 (1111 1101): when the l flag is set to 1, the address is in your ar assigned.

Because the just legitimate value for the together flag is 1, the only valid ULA addresses today are in the fd00::/8 prefix.

Another difference in between ULA addresses and also private IPv4 addresses is the ULA addresses can additionally be internationally unique. This is beneficial for ensuring that there won’t be any conflicts as soon as combining 2 sites utilizing ULA addresses or simply in instance they gain leaked out right into the Internet.

The cheat is that the an international IDs must somehow be distinctive without being administered by a central authority. RFC 4193, Sample password for Pseudo-Random an international ID Algorithm, specifies a process whereby in your ar assigned an international IDs have the right to be created using a pseudorandom algorithm that gives them a very high probability of being unique. The is vital that every sites generating worldwide IDs usage the very same algorithm to ensure that there is this high probability that uniqueness.


This section includes some info on the random worldwide ID algorithm for her reference. This details is not vital to your basic understanding that IPv6, and also you deserve to skip it if friend prefer.

The algorithm characterized in RFC 4193 is past the scope of this book, but these space the six measures from section 3.2.2 the RFC 4193:

3.2.2. Sample code for Pseudo-Random global ID Algorithm

The algorithm described listed below is intended to be provided for in your ar assigned global IDs. In each situation the resulting global ID will be provided in the proper prefix as characterized in section 3.2.

Obtain the present time of day in 64-bit NTP format .

Obtain an EUI-64 identifier from the mechanism running this algorithm. If an EUI-64 does not exist, one have the right to be developed from a 48-bit MAC attend to as specified in . If an EUI-64 cannot be derived or created, a suitably unique identifier, local to the node, need to be offered (e.g., mechanism serial number).

Concatenate the time of day v the system-specific i would in stimulate to create a key.

Compute an SHA-1 digest top top the crucial as specified in ; the resulting worth is 160 bits.

Use the least far-reaching 40 bits together the global ID.

Concatenate fc00::/7, the together bit set to 1, and also the 40-bit global ID to produce a regional IPv6 resolve prefix.


The algorithm in RFC 4193 needs a /48 prefix. That does not occupational well if a larger prefix or contiguous prefixes space needed.

This algorithm will result in a global ID that is fairly unique and also can be offered to produce a locally assigned local IPv6 attend to prefix. You deserve to use the following website come generate and also register her ULA attend to space:

Site-Local Addresses (Deprecated)

The initial IPv6 specification allocated deal with space, comparable to RFC 1918, Private Address room in IPv4, for site-local addresses. Site-local addresses have due to the fact that been deprecated (that is, do obsolete).

Site-local addresses, characterized in RFC 3513, were provided the prefix range fec0::/10. (You will most likely come across this prefix in enlarge documentation.) The trouble was that the term site to be ambiguous. No one could really agree on what a website really meant. The other problem was that there was no insurance that 2 sites within the same company wouldn’t end up using the very same or overlapping site-local addresses, which kind of defeats the function of IPv6 and all this extra deal with space. Therefore, site-local addresses have been deprecated and replaced with unique local addresses.

IPv4 installed Address

The last unicast address species are IPv4 installed addresses, as presented in number 4-6. IPv4 installed addresses space IPv6 addresses provided to aid the change from IPv4 come IPv6. IPv4 embedded addresses carry an IPv4 resolve in the low-order 32 bits. This addresses are provided to represent an IPv4 deal with inside one IPv6 address. RFC 4291 specifies two types of IPv4 embedded addresses:

IPv4-mapped IPv6 addresses

IPv4-compatible IPv6 addresses (deprecated)

Special approaches such together tunnels are used to administer communications between islands of IPv6 devices over an IPv4-only network. To assistance this compatibility, IPv4 addresses deserve to be installed within one IPv6 address. This is straightforward to do because a 128-bit IPv6 attend to has many of room for the 32-bit IPv4 address. Basically, IPv6 just puts it at the end of the address and pads the former end. IPv4 and IPv6 packets space not compatible. Features such as NAT64 are required to translate in between the two resolve families. See Chapter 17, “Deploying IPv6 in the Network,” for an ext information.

IPv4-Mapped IPv6 Addresses

IPv4-mapped IPv6 addresses can be supplied by a dual-stack device that requirements to send an IPv6 packet to an IPv4-only device. As displayed in number 4-10, the first 80 bits are collection to all 0s, and the 16-bit segment preceding the 32-bit IPv4 address is every 1s. The last 32 bits in the IPv4 address are stood for in dotted-decimal notation. So, the an initial 96 bits are represented in hexadecimal, and also the critical 32 bits save the IPv4 deal with in dotted-decimal notation.


Figure 4-10 IPv4-Mapped IPv6 Address

With an IPv4-mapped IPv6 address, the IPv4 attend to does not have to be worldwide unique.

Table 4-9 mirrors the various formats for representing an IPv4-mapped IPv6 address using the IPv4 deal with

Table 4-9 IPv4-Mapped IPv6 resolve Representations
RepresentationIPv4-Mapped IPv6 Address
Leading 0s omitted0:0:0:0:0:0:ffff:

Although there space many change techniques available, the score should always be aboriginal end-to-end IPv6 connectivity.

See more: I Told My Boyfriend To Stop But He Kept Going, What Happened After She Said No

IPv4-Compatible IPv6 Addresses (Deprecated)

The deprecated IPv4-compatible IPv6 address is virtually identical come an IPv4-mapped IPv6 address, other than all 96 bits—including the 16-bit segment coming before the 32-bit IPv4 address—are every 0s. One more difference is the the IPv4 attend to used in the IPv4-compatible IPv6 resolve must it is in a globally distinct IPv4 unicast address. The IPv4-compatible IPv6 resolve was hardly ever used and also is currently deprecated. Existing IPv6 shift mechanisms no longer use this attend to type.