Introduction to IPv6 Addresses: How to Use and How to Explore the Network (Part 1)
Can routers and computers work simultaneously with IP and IPv6?
IPv6 is the new version of IP. IPv6 networks, IPv6-enabled hardware and software are already fairly widespread – at least in some countries.
Now that IP and IPv6 protocols work together, this leads to the existence of virtually two parallel networks. For example, my ISP's router supports IPv6 and IP. If I go to a site that has an IPv6 address (most sites), then my request and response go through networks (nodes) with IPv6 support. If I go to a site that has only an IP address, then my request and the answer to it can go on a different route.
When analyzing the network, for example, using Wireshark or tcpdump, you can skip half or even more traffic if you forget about IPv6! That is, as a filter for displaying packets in Wireshark, you will enter (a regular filter to display IP protocol traffic):
Then you will see something like this:
But if you enter such a filter
That picture will change dramatically (I pay attention that this is the same traffic), it turns out that the computer is also connected to completely different hosts:
When analyzing the network, when configuring IP display filters, when performing attacks (for example, ARP and DNS spoofing on the local network), you need to remember about IPv6!
Once again: IP and IPv6 are two parallel networks that are not particularly connected to each other (although the same equipment can support both protocols). As a result, when setting up a network, for example, a firewall, you need to make settings for the IP protocol separately, and then do the same IPv6 settings. Since these are different networks, there is a chance that the system administrator has configured them differently, which provides loopholes for attack or bypass of restrictions using IPv6.
IPv6 addresses can be useful when researching the local networks of Internet service providers, it is worth trying to use IPv6 to bypass the Captive Portal and other network restrictions, you should remember about IPv6 when analyzing traffic on your computer and in local networks, or vice versa to increase the secrecy of your presence (in the hope that IPv6 is not mentioned in the traffic logging settings or that IPv6 geolocation is still in its infancy (at least in public databases)).
This article will help you take the first steps in using IPv6 addresses with popular programs.
IPv6 Address Structure
The following are examples of valid IPv6 addresses:
::1 2a02:6b8:a::a 2a02:f680:1:1100::3d60 2604:a880:800:c1::2ae:d001 2001:db8:11a3:9d7:1f34:8a2e:7a0:765d
They are, to put it mildly, different. Let's see how this is possible.
IPv6 addresses are displayed in full form as eight four-digit hexadecimal numbers (that is, eight groups of four characters), separated by a colon. Example address:
Hexadecimal numbers are written using numbers from 0 to 9 and with letters from a to f.
A complete record can be shortened using several notation methods, for example, the address 2001:0db8:0000:0000:0000:8a2e:0370:7334 is equivalent to the address 2001:db8::8a2e:370:7334.
By the way, because IP addresses also support shorthand, for example, the following command will work just fine:
As a result, address ping 127.0.0.1 will be executed, which in abbreviated form is 127.1.
For IP addresses, groups of numbers are called octets (which means “eight” in some language) since each digit in the address contains eight bits of information, there are four octets in total for IP, that is, 32 bits are used for the address. By the way, that is why the number in each octet is limited to 255 – this corresponds to the amount of information that 8 bits can store, this is 28, that is, numbers from 0 to 255.
IPv6 addresses in each segment have 16 bits of information, in English these segments are called hextet or hexadectet. A total of 8 segments of 16 bits of information, it turns out that 8 * 16 = 128 bits are used to store IPv6 addresses.
As mentioned above, in IPv6 addresses, numbers in groups are written as hexadecimal numbers, and not as decimal numbers, as in IP. By the way, if the record were in the form of decimal numbers, then in each segment there would be numbers from 0 to 65535 (this is 216). As for hexadecimal numbers, to record 16 bits of information you need a number up to four characters long, so it turns out that the section size is 4 characters, but it can be less, since zeros at the beginning of the number are optional. That is, if the number 00a1 should be there, then you can simply write a1 – this is the first way to reduce the notation of IPv6 addresses.
If the number in the group is 0 (that is, four zeros), then one zero is written.
If there are several consecutive groups with zeros, then regardless of the number of zeros, this entire group is written as two colons (::). The last abbreviation can be used in one IPv6 address only once, even if there are several groups with zeros. If there are several groups with zeros, then only the longest of them is replaced. If there are two groups with zeros of the same length, then the one that comes first, that is, the left one, is replaced.
An example of using these rules:
Starting address: 2001:0db8:0000:0000:0000:ff00:0042:8329
After removing all leading zeros in each group: 2001:db8:0:0:0:ff00:42:8329
After skipping consecutive segments with zeros: 2001:db8::ff00:42:8329
The loopback address 0000:0000:0000:0000:0000:0000:0000:0001 using the reduction rules can be reduced to ::1
Let's go back to the addresses from the examples above:
As we already found out, this is the loopback address 0000:0000:0000:0000:0000:0000:0000:0001.
Several sections with consecutive zeros are missing here. How much exactly? This can be found on the basis of the following rule: there should be 8 sections in total, and there are only 4 sections, which means that 4 sections are missing, that is, in full form the number should look like this:
Or even like this:
The following example:
There are 5 segments in this address, and it should be 8, so 3 is missing, the address record is in full:
Or along with all zeros:
There are 6 segments in this address, and there should be 8, therefore, a complete record of this address:
This address has 8 segments and there are no two colons in a row – therefore, this is a complete record of the address, except that the leading zeros are omitted:
Hopefully these simple exercises have helped you keep an eye on and learn how to recognize IPv6 addresses.
How do I know if I have an IPv6 address or not? How to find out your IPv6 address
It is sometimes impossible to find out your external IP address without third-party services, since quite often clients of Internet service providers access the global network via several NATs. Therefore, you have to go to the ‘Show my IP’ services and web sites – these services look at which IP address the request came from and show it to you. But most likely, this is not exactly “your” IP address, since computers and phones in your local network have only local IP addresses, your router also has some local IP belonging to the network of the Internet service provider, and the IP that shows you on web sites, in fact, assigned to some kind of network device from the ISP through which you access the external network simultaneously with many other users.
With IPv6 addresses, in this sense it is simpler - there are so many of them that there is no need for NAT – it is possible to give each client a personal IPv6 address.
But here another difficulty arises. Let's take a look together. On Windows, to display your IP and IPv6 addresses on the command line, run the command:
Адаптер Ethernet Ethernet: DNS-суффикс подключения . . . . . : home IPv6-адрес. . . . . . . . . . . . : 2403:6200:8862:2cb4::2 IPv6-адрес. . . . . . . . . . . . : 2403:6200:8862:2cb4:bc07:bcb4:b7d0:24eb IPv6-адрес. . . . . . . . . . . . : fd14:9d09:d004:7e00:bc07:bcb4:b7d0:24eb Временный IPv6-адрес. . . . . . . : 2403:6200:8862:2cb4:7462:9648:7bcd:20a8 Временный IPv6-адрес. . . . . . . : fd14:9d09:d004:7e00:7462:9648:7bcd:20a8 Локальный IPv6-адрес канала . . . : fe80::bc07:bcb4:b7d0:24eb%16 IPv4-адрес. . . . . . . . . . . . : 192.168.1.20 Маска подсети . . . . . . . . . . : 255.255.255.0 Основной шлюз. . . . . . . . . : fe80::1%16 192.168.1.1
In Linux, to view your IP and IPv6 addresses, use the command:
Here IPv6 addresses along with subnet masks are listed in the lines:
inet6 2403:6200:8862:2cb4::5/128 scope global dynamic noprefixroute valid_lft 6125sec preferred_lft 2525sec inet6 fd14:9d09:d004:7e00:9965:7843:6899:ec5f/64 scope global dynamic noprefixroute valid_lft 6948sec preferred_lft 3348sec inet6 2403:6200:8862:2cb4:3541:b9e5:61ac:69d3/64 scope global dynamic noprefixroute valid_lft 6948sec preferred_lft 3348sec inet6 fe80::74a0:94fb:fc04:a1d8/64 scope link noprefixroute valid_lft forever preferred_lft forever
We will look at the reserved ranges of IPv6 addresses a little later, looking ahead, I can say that global addresses can currently start only at 2 or 3 (others just haven’t been distributed yet). But even with this criterion, in the examples above, each operating system has two addresses that start with twos – which one is your external IPv6?
The easiest option is to check again using an external service, but you need to understand that if the site you are visiting to find out your IP address is not configured to work with IPv6, then it will only show your IP, but it will not be able to show your IPv6. The service on SuIP.biz and w-e-b.site have IPv6 support and will show your IPv6 address if your Internet service provider and your equipment (computer and router) support IPv6.
To find out if you have support and your IPv6 address, go to the page: https://w-e-b.site/?act=myip
If you have IPv6, then it will be shown. If IPv6 is not supported, only your IP will be displayed.
Reserved IPv6 Addresses
In this section, we will consider ranges of IPv6 addresses for the intended purpose, so that we can immediately filter them out of the many IPv6 addresses of network interfaces.
IP also has reserved address ranges: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 127.0.0.0/8, 100.64.0.0/10 and a few more, a full list can be found here.
Special IPv6 address ranges are also available. Consider the table “Special IPv6 Address Blocks”:
|Address block (CIDR)||First address||Last address||Number of addresses||Usage||Purpose|
|::1/128||::1||1||Host||Loopback address to the local host.|
|::ffff:0:0/96||::ffff:0.0.0.0||::ffff:255.255.255.255||2128−96 = 232 = 4294967296||Software||IPv4 mapped addresses.|
|::ffff:0:0:0/96||::ffff:0:0.0.0.0||::ffff:0:255.255.255.255||232||Software||IPv4 translated addresses.|
|64:ff9b::/96||64:ff9b::0.0.0.0||64:ff9b::255.255.255.255||232||Global Internet||IPv4/IPv6 translation.|
|2001::/32||2001::||2001::ffff:ffff:ffff:ffff:ffff:ffff||296||Global Internet||Teredo tunneling.|
|2001:db8::/32||2001:db8::||2001:db8:ffff:ffff:ffff:ffff:ffff:ffff||296||Documentation||Addresses used in documentation and example source code.|
|2002::/16||2002::||2002:ffff:ffff:ffff:ffff:ffff:ffff:ffff||2112||Global Internet||The 6to4 addressing scheme (now deprecated).|
|fec0:/10||feff::||fec0:ffff:ffff:ffff:ffff:ffff:ffff:ffff||2118||Site-local||Marked deprecated in RFC 3879 (Analog of internal networks 10.0.0.0/8; 172.16.0.0/12; 192.168.0.0/16)|
|fc00::/7||fc00::||fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff||2121||Private network||Unique local address. Range replaced Site-Local|
|fe80::/10||fe80::||febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff||2118||Link||Link-local address. Analog 169.254.0.0/16 in IPv4|
|ff00::/8||ff00::||ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff||2120||Global Internet||Multicast address.|
As can be seen from the table, addresses that begin with zeros or with f are local or are intended for specific purposes.
Corresponds to public IPv4 addresses. May be in any unoccupied range. Currently, regional Internet registrars are distributing a block of addresses 2000::/3 (from 2000:: to 3FFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF).
This means that only IPv6 addresses that start with “2” or “3” are global now.
As you can see in the screenshots above, more than one IPv6 address is assigned to network interfaces. For IPv6, this is the norm, although, for example, I have only one IPv6 address on the VPS servers on the network interface and this is enough for the web sites to connect and function.
A single network interface can have many IPv6 addresses, by default, on Linux I have a maximum of 16:
cat /proc/sys/net/ipv6/conf/default/max_addresses 16
Why is there so much IPv6 for one interface? Each IPv6 interface has a local IP address. If the interface can also exchange data with a larger network (for example, via the Internet), it also has a global address. These are at least two addresses. And if the host is behind a multihomed Internet connection, it probably has even more addresses.
In general, one computer can have many IPv6s – and that's the norm. Global addresses are those that start in two or three.
How to find out IPv6 site address
The IP address of the site is stored in A records, and the IPv6 address of the site is stored in AAAA records.
In Windows IPv6, the site address can be found with the nslookup command:
╤хЁтхЁ: UnKnown Address: 192.168.1.1 Не заслуживающий доверия ответ: ╚ь : yandex.ru Addresses: 2a02:6b8:a::a 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11
If the site has an IPv6 address, then it will be displayed along with the IP addresses.
On Linux, you can also use the nslookup command:
You can use the host command:
The dig command can also show IPv6 addresses, but by default it displays data only for an A record, so you need to specify the type of record explicitly:
dig +short yandex.ru AAAA
Or configure the output of all DNS records for this domain:
dig yandex.ru ANY
If you don’t feel like messing with command line utilities, you can use online services that will show you all the IP and IPv6 addresses of any site: https://w-e-b.site/?act=dig
Now that we have learned how to look and recognize IPv6 addresses, let's learn how to use them in various applications and utilities.
Continuation of “Introduction to IPv6 Addresses: How to Use and How to Explore the Network (Part 2)”
Last Updated on
- Introduction to IPv6 Addresses: How to Use and How to Explore the Network (Part 2) (100%)
- Setting up network routes: the choice of connection used for the Internet; simultaneous use of multiple connections for different purposes (59.5%)
- How to switch between Internet connections in Windows (59.5%)
- How to install web server on Windows 10 (Apache 2.4, PHP 7, MySQL 8.0 and phpMyAdmin) (50%)
- Kali Linux Rolling post install tips (50%)
- How to search subdomains and build graphs of network structure with Amass (RANDOM - 11.9%)