By James Hanback
As a sensible person, you probably wouldn’t run a 5K, even for charitable purposes, without first performing some type of physical conditioning to ensure that you’ll actually cross that finish line. Whether you’re a professional who just needs to warm up and appropriately hydrate before the race or a newbie who gets out of breath just walking to your car, you’ll most likely prepare yourself with the right equipment and an adequate amount of training before you take on that public run.
So it goes with the deployment of IPv6 (or any unfamiliar technology, really). You don’t want to try your hand at deploying and administering an IPv6 network until you are absolutely certain you know what you’re doing. In my previous two posts on the topic, we’ve explored what an IPv6 address is, how IPv6 addresses differ from IPv4 addresses, how to notate IPv6 addresses, and the uses of the different types of IPv6 addresses. In other words, we’ve obtained the proper equipment to begin training for IPv6 deployment.
Training for a race teaches your body to use its muscles and circulatory system as efficiently as possible to get you across the finish line. Training for IPv6 deployment means teaching yourself about IPv6 prefixes and how they are used to appropriately subnet IPv6 for your organization.
Ready?
Although subnetting an IPv6 network is different from subnetting an IPv4 network, there are some concepts in IPv4 subnetting that you can use to warm up for your IPv6 subnetting training. For example, both IPv4 and IPv6 use slash notation to represent the number of subnetwork bits in an address. Also the number of bits in the subnetwork portion of the address are always counted from the leftmost bit in the address to the right. Therefore, the subnetwork address is also known as the address prefix because of its location in the bit order. The use of slash notation in both IPv4 and IPv6 also means that you can subnet each of them by simply appropriating host bits for subnetwork bits, which is also known as moving the subnetwork bit boundary to the right.
You might recall that each decimal value in a dotted-decimal IPv4 address represents an octet of bits. The leftmost bit in each octet represents a decimal value of 128. Each subsequent bit in the octet represents half the value of the preceding bit. You can therefore calculate the decimal value of an octet by using a left-to-right place system wherein each bit that is set to 1 represents the decimal value that is assigned to that bit’s place. For example, the binary value of the first octet in the IPv4 address 192.168.51.50 is 11000000 because the 1 in the 128-bit place plus the 1 in the 64-bit place equals 192. Based on this conversion method, the entire binary equivalent of the IPv4 address 192.168.51.50 becomes 11000000.10101000.00110011.00110010.
An IPv4 address that uses a slash notation such as 192.168.51.50/30 indicates that the first 30 bits of the IPv4 address in question are the network bits, or prefix. Therefore, the subnetwork bits in the IPv4 address of 192.168.51.50/30 are 11000000.10101000.00110011.001100. The final 2 bits of the IPv4 address, which are 1 and 0, respectively, are the host bits. If you convert only the subnetwork bits to dotted-decimal format, you can determine that the prefix, or subnetwork address, of 192.168.51.50/30 is 192.168.51.48.
Because only two bits remain in the 192.168.51.48/30 subnet, you can surmise that there are only four possible host bit combinations for the 192.168.51.48/30 subnet: 00, 01, 10, and 11. You no doubt brilliantly recall that the first address in an IPv4 subnetwork is always the subnetwork address and the final address in an IPv4 subnet is always the broadcast address. Because you know this, you can deduce that the only host bit combinations that matter insofar as calculating an assignable IPv4 address range from this /30 subnetwork are the 01 host bit combination and the 10 host bit combination. Adding the decimal values of the 01 host bits to the value of the final octet in the subnetwork address creates an assignable IPv4 address of 192.168.51.49. Adding the decimal value of the 10 host bits to the value of the final octet in the subnetwork creates an assignable IPv4 address of 192.168.51.50.
Naturally, you can adjust the number of hosts in an assignable range in a prefix by moving the subnetwork bit boundary. The farther to the right you move the boundary, the more you increase the slash notation value, the more subnets you create, and the smaller the number of assignable host addresses on each subnet. The farther to the left you move the boundary, the more you decrease the slash notation value, and the larger the number of assignable host addresses on each subnet. Below is a helpful visual representation of this process:
The green bit in the chart above is being converted from a host bit in the 192.168.51.48/28 subnetwork to a /29 subnetwork bit. The green bit can have a binary value of either 0 or 1. Therefore, the green bit can represent one of two possible /29 subnetworks of the original /28 subnetwork. As noted previously, every binary octet in an IPv4 address can be converted to a decimal equivalent. Converting the octet that has the green bit set to 0 results in a decimal value of 48. Converting the octet that has the green bit set to 1 results in a decimal value of 56. That means that the network address for the first /29 subnet in the chart above is 192.168.51.48. The network address for the second /29 subnet in the chart above is 192.168.51.56.
That should be all the IPv4 subnetting warm-up we need to move on to our IPv6 subnetting training. However, if you feel like you need more IPv4 subnetting warm-up, hop on over to this Subnetting Demystified post for a more in-depth, video-enhanced refresher.
Now that you’ve been refreshed on how subnetwork prefixes work in IPv4, you’re ready to apply them to your IPv6 studies. Similar to IPv4, IPv6 addresses can be separated into a network segment, or prefix, and a host segment, or interface ID. Often, you might see IPv6 addresses discussed within the context of something called the /64 prefix, which is an impossible prefix in IPv4 because IPv4 addresses are only 32 bits long. However, the /64 prefix is the standard prefix for an IPv6 network. That standard prefix is actually composed of four smaller prefixes: a 23-bit registry prefix, a 9-bit Internet service provider (ISP) prefix, a 16-bit site prefix, and a 16-bit subnet prefix, all of which add up to a total of 64 bits.
The 23-bit registry prefix represents the regional Internet registry (RIR) to which the block of IPv6 addresses belongs. For example, the 2620:0000::/23 block of global unicast IPv6 addresses is assigned to the American Registry for Internet Numbers (ARIN). The 9-bit ISP prefix represents the ISP to which a specific /32 subnetwork of the /23 network has been assigned. Further, the 16-bit site prefix represents the site to which the ISP has assigned a specific /48 subnetwork of the /32 subnetwork of the /23 network. Finally, the 16-bit subnet prefix represents a specific /64 subnetwork of the /48 subnetwork of the /32 subnetwork of the /23 network with which you can further subnet and from which you can assign IPv6 addresses to hosts.
Visually, an IPv6 address such as FC01::1/64 could be broken into its prefix and interface ID components as shown in the following diagram:
Note that because hexadecimal values in an IPv6 address actually represent 4 bits of an address, 1 bit of the final hexadecimal value in the registry prefix actually bleeds over into the ISP prefix, making that prefix 9 bits long instead of 8.
A /64 block of IPv6 addresses is often allocated from an ISP to a customer. The /64 prefix means the bit boundary between the network segment and interface ID for a standard IPv6 subnet is smack in the middle of the 128-bit IPv6 address. A total of 64 bits, or 16 hexadecimal characters, represent the prefix and a total of 64 bits, or 16 hexadecimal characters, represent the interface ID.
This half-way mark separation makes calculating a network from a /64 prefix relatively simple because each new /64 network will be represented by a different hexadecimal value that stretches from the ISP prefix all the way through the subnet prefix in the hexadecimal notation of the address. For example, the FC01:00::/23 network in the diagram above can be divided into the following /64 subnets:
…and so on all the way through FC01:01FF:FFFF:FFFF::/64, which is the last possible /64 subnet in the FC01:00::/23 range. You might have noticed that sixth hexadecimal value in that last subnet is a 1, not the 0 that supposedly marks the edge of the registry prefix. As mentioned earlier, each hexadecimal value represents 4 bits. Therefore, the 24th bit in the address, which is part of the 9-bit ISP prefix, changes the value of the sixth hexadecimal character in the final /64 subnet of the range.
Each /64 subnet contains a total of 18,446,744,073,709,551,616 unique IPv6 addresses. Because it’s unlikely that you need that many, you can further subnet a standard /64 IPv6 address block into much smaller blocks of unique IPv6 addresses by simply moving the bit boundary to the right, or adding 1 to the slash notation prefix, just as you would when subnetting a block of IPv4 addresses. Every time you add 1 to the slash notation prefix, you double the number of new subnetworks created from the original /64 IPv6 network and halve the number of available hosts within each subnet.
For example, if you wanted to subnet the IPv6 address block of FC01::/64 into two separate networks of 9,223,372,036,854,775,808 unique IPv6 addresses each, you could use the /65 prefix to create the FC01:0000:0000:0000:0000:0000:0000:0000/65 (or FC01::/65) subnet and the FC01:0000:0000:0000:8000:0000:0000:0000/65 (or FC01::8000:0:0:0/65) subnet. Adding another 1 to the slash notation prefix would create four new networks that use a /66 prefix: FC01::/66, FC01::4000:0:0:0/66, FC01::8000:0:0:0/66, and FC01::C000:0:0:0/66.
Below is a chart that visually represents the process of converting the FC01::/64 into four /66 subnets:
The green bits in the chart above are being converted from interface ID bits into subnetwork bits. The orange bits are the new first bits of the interface ID. Therefore, the green bits represent four possible /66 subnetwork bit boundaries of 00, 01, 10, and 11. Every hexadecimal value in an IPv6 address is comprised of 4 bits, so the orange host bits are still used in combination with the green subnetwork bits to calculate the hexadecimal value of the quartet to which they belong. Converting the green and orange bits to their collective hexadecimal value results in the boundary hexadecimal address of each new /66 subnetwork, because a binary value of 0000 is equivalent to a hexadecimal value of 0, a binary value of 0100 is equivalent to a hexadecimal value of 4, a binary value of 1000 is equivalent to a hexadecimal value of 8, and a binary value of 1100 is equivalent to a hexadecimal value of C.
If you move the bit boundary all the way down to the last bit, which is equivalent to a /128 prefix, you’d end up with 18,446,744,073,709,551,616 subnets created from the original /64 network. Each of those subnets would also be a single unique IPv6 address, similar to what happens when you subnet an IPv4 network by using a /32 prefix.
If you’re just feeling nostalgic for some old-school classful IPv4 address space limitations, you can subnet your /64 block with a /120 prefix to limit each of the 18,014,398,509,481,984 subnetworks it creates to 256 hosts each.
With solid warm-ups and training behind you, that run wasn’t so bad after all was it? You’ve crossed the finish line and you now know how to subnet a standard IPv6 /64 network. You can dab the sweat from your brow, knock back a Gatorade or two, and catch your breath.
All in all, subnetting IPv6 is probably the simplest task to learn once you have a handle on the basic differences between IPv4 and IPv6, especially if you already have experience creating classless subnets from IPv4 networks. It’s the same principle, only with a vastly larger address space.
In the next, and final, part of this series, we’ll explore how you can ease the transition of a network from IPv4 to IPv6 by deploying IPv6 alongside an existing IPv4 network.