How to Read IPv6 Addresses

IPv6 (Internet Protocol version 6) addressing has been around about 20 years now. It was implemented when it became apparent that we would run out of IPv4 addresses. The move to IPv6 has been slow but now AWS will start charging for the use of IPv4. At AWS that will amount to approximately $45/year. For small startups and medium use cases this may not be worth your attention but enterprise size environments can use a few hundred public IPv4 addresses - adds up. So in preparation for the change to IPv6 I soon discovered I didn’t know how to interpret IPv6. Here is what I learned and what you need to know before we move onto the challenge of migrating your AWS services to dual stack IPv4/IPv6 or just IPv6.

‍

Here's the general format:

IPv6 addresses are expressed as a series of eight groups of four hexadecimal digits (base 16 encoded 0,2,3,…….,9,A,B,C,D,E,F - where F = decimal 15), separated by colons. IPv6 addresses are 128 bits long solving the limited IPv4 address space.

xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx

Each "xxxx" represents a four hexadecimal numbers and each number can be represented in 4 bits so “xxxx” uses 16 bits or two bytes and we have 8 groups of two bytes or 16 bytes total and 16 X 8 =128 bits in the IPv6 address.

Now, the groups are separated by colons. For example:

2001:0db8:85a3:0000:0000:8a2e:0370:7334 Now remember these are Base 16 “Hex” numbers “d” in Hex is Decimal “13” . The biggest single digit Hex number is F or Decimal 15. Quick quiz - add 1 to F and what is the Hex result? Hint two Hex digits.

‍

IPv6 Address Format Conventions:

1. Leading Zeros:

• Leading zeros within a group can be omitted. For example, 0000 can be written as 0.

1. Double Colons (::):

• Double colons (::) can be used once in an address to represent multiple groups of zeros. However, it can only be used once in an address, and to avoid ambiguity it can't be at the beginning or the end. For example, 2001:0db8:85a3::8a2e:0370:7334.

Here's are a few examples of conventions applied to the following IPv6 example address:

• 2001: 0db8: 85a3: 0000: 0000: 8a2e: 0370: 7334 spaces added for readability
• 2001: db8: 85a3: 0: 0: 8a2e: 370: 7334 here the second group & seventh group have the leading zero removed and the fourth and fifth group just shown as zero to represent 0000
• 2001:db8:85a3::8a2e:370:7334 collapsed Form (Using Double Colon). Here the fourth and fifth group are suppressed since they are all zeros and the double colons replace them. Note: group two and group seven (in the original uncompressed) have their leading zeros suppressed.

While there are several well-known IPv6 addresses used for specific purposes, they are not standardized in the same way that IPv4 addresses are for certain functions (e.g., 127.0.0.1 for the loopback address). IPv6 addresses for specific purposes often follow conventions or recommendations, but they may vary based on the networking equipment or software being used. That said here are just a couple to be aware of when transitioning your AWS environment from IPv4 to IPv6.

1. Unique Local Addresses (ULA): similar to private IPv4 addresses.

• Used for local communication within an organization and are not routable over the Internet.
• Example: fd00::/8

1. IPv4-Mapped IPv6 Addresses: are used to represent IPv4 addresses within an IPv6 address.

• They start with the prefix ::ffff:0:0/96.
• Example: ::ffff:192.0.2.1 (Represents the IPv4 address 192.0.2.1)

1. Global Unicast Addresses: similar to public IPv4 addresses and are used for communication over the Internet.

• They are globally routable.
• Example: 2001:0db8:85a3:0000:0000:8a2e:0370:7334

1. Link-Local Addresses: used for communication on a single network link (subnet)

• They start with the prefix fe80::.
• Example: fe80::1

1. Unspecified Address:

• :: represents the unspecified address, similar to 0.0.0.0 in IPv4.

Note: There are a number of other accepted conventions e.g. Multicast and Anycast addresses, LoopBack Address, Default Router Address, All Host Address, All Router Address and these can be looked up should you need them. Here we are trying to focus on that which will help you implementing IPv6 in your AWS VPC.

‍

Understanding IPv4-mapped IPv6 addresses

This is a way to represent IPv4 addresses within the IPv6 address space. The format is ::ffff:IPv4Address, where IPv4Address is the IPv4 address being represented. The prefix ::ffff:0:0/96 indicates the range of IPv6 addresses that can be used for this purpose.

Here's an example IPv4-mapped IPv6 address:

• ::ffff:192.0.2.1
• The ::ffff: prefix indicates that this is an IPv4-mapped IPv6 address.
• The 192.0.2.1 is the IPv4 address being represented.
• In binary, the ::ffff: prefix is 0000:0000:0000:0000:0000:ffff:. When combined with an IPv4 address, you get a 128-bit IPv6 address.
• So, the complete IPv6 address ::ffff:192.0.2.1 in Hex would look like: 0000:0000:0000:0000:0000:ffff:c000:0201 To understand this conversion recall that each group of 4 hex digits represent 2 bytes and each byte can represent 2 Hex digits(4 bits per Hex digit). Therefore 192.0 can be represented by Hex C0 where C is the high 4 bits of the byte ( Hex C is Decimal 12 and in Binary can be represented by 4 bits or 1100). So 192.0 is the first byte C0 and 2.1 is the next byte in binary 0010 = 2 and 0001 = 1)
• Note: that IPv4-mapped IPv6 addresses are generally used for transitional purposes and not for regular communication in pure IPv6 environments. We’ll see this when we begin to transition our AWS environment from IPv4 to IPv6 in Parts 2 and 3 of this blog.

‍

One Last Explanation - How do We Interpret the Digit Following the / in e.g. The ULA Mentioned Above fd00::/8

• The /8 in the example fd00::/8 represents the prefix length or the size of the network segment. In IPv6, the prefix length is specified using CIDR (Classless Inter-Domain Routing) notation. It indicates the number of bits that are fixed in the network portion of the IPv6 address.

In the context of the example:

• fd00::/8 means that the first 8 bits are fixed as the network portion, leaving 128 - 8 = 120 bits for addressing within that network.

Breaking it down further:

• The first 8 bits of the fd00:: address are fd00 in hexadecimal, which is 1111110100000000 in binary. Remember 4 bits per Hex digit.
• The remaining 120 bits can be used for individual addresses within that network.
• So, any IPv6 address that starts with fd00 is part of the Unique Local Address (ULA) range specified for private, local use. The /8 notation means that this range covers a large block of IPv6 addresses, allowing for significant flexibility in creating local networks.

In CIDR notation:

• /8 refers to the first 8 bits being fixed for the network, leaving 120 bits for addressing within that network.
• /16 would mean the first 16 bits are fixed for the network, leaving 112 bits for addressing.
• /32 would mean the first 32 bits are fixed for the network, leaving 96 bits for addressing, and so on.

It's a way of expressing the size of the network block and providing flexibility in allocating addresses within that block.

Watch for Part 2 where we learn how to interrogate our AWS environment to discover how many IPv4 IPs are attached to our environment and therefore we are paying for them totaling approximately $45/year