Network Working Group R. Hinden
Internet-Draft Check Point Software
Obsoletes: 4291 (if approved) S. Deering
Intended status: Standards Track Retired
Expires: March 17, 2017 September 13, 2016
IP Version 6 Addressing Architecture
draft-ietf-6man-rfc4291bis-04
Abstract
This specification defines the addressing architecture of the IP
Version 6 (IPv6) protocol. The document includes the IPv6 addressing
model, text representations of IPv6 addresses, definition of IPv6
unicast addresses, anycast addresses, and multicast addresses, and an
IPv6 node's required addresses.
This document obsoletes RFC 4291, "IP Version 6 Addressing
Architecture".
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 17, 2017.
Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
Hinden & Deering Expires March 17, 2017 [Page 1]
Internet-Draft IPv6 Addressing Architecture September 2016
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
This document may contain material from IETF Documents or IETF
Contributions published or made publicly available before November
10, 2008. The person(s) controlling the copyright in some of this
material may not have granted the IETF Trust the right to allow
modifications of such material outside the IETF Standards Process.
Without obtaining an adequate license from the person(s) controlling
the copyright in such materials, this document may not be modified
outside the IETF Standards Process, and derivative works of it may
not be created outside the IETF Standards Process, except to format
it for publication as an RFC or to translate it into languages other
than English.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. IPv6 Addressing . . . . . . . . . . . . . . . . . . . . . . . 3
2.1. Addressing Model . . . . . . . . . . . . . . . . . . . . 4
2.2. Text Representation of IPv6 Addresses . . . . . . . . . . 4
2.2.1. Text Representation of Addresses . . . . . . . . . . 4
2.2.2. Text Representation of Address Prefixes . . . . . . . 5
2.2.3. Recommendation for outputting IPv6 addresses . . . . 7
2.3. Address Type Identification . . . . . . . . . . . . . . . 9
2.4. Unicast Addresses . . . . . . . . . . . . . . . . . . . . 10
2.4.1. Interface Identifiers . . . . . . . . . . . . . . . . 11
2.4.2. The Unspecified Address . . . . . . . . . . . . . . . 12
2.4.3. The Loopback Address . . . . . . . . . . . . . . . . 12
2.4.4. Global Unicast Addresses . . . . . . . . . . . . . . 12
2.4.5. IPv6 Addresses with Embedded IPv4 Addresses . . . . . 13
2.4.5.1. IPv4-Compatible IPv6 Address . . . . . . . . . . 13
2.4.5.2. IPv4-Mapped IPv6 Address . . . . . . . . . . . . 13
2.4.6. Link-Local IPv6 Unicast Addresses . . . . . . . . . . 14
2.4.7. Site-Local IPv6 Unicast Addresses . . . . . . . . . . 14
2.5. Anycast Addresses . . . . . . . . . . . . . . . . . . . . 14
2.5.1. Required Anycast Address . . . . . . . . . . . . . . 15
2.6. Multicast Addresses . . . . . . . . . . . . . . . . . . . 16
2.6.1. Pre-Defined Multicast Addresses . . . . . . . . . . . 19
2.7. A Node's Required Addresses . . . . . . . . . . . . . . . 20
3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 21
4. Security Considerations . . . . . . . . . . . . . . . . . . . 21
5. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 21
6. References . . . . . . . . . . . . . . . . . . . . . . . . . 22
6.1. Normative References . . . . . . . . . . . . . . . . . . 22
6.2. Informative References . . . . . . . . . . . . . . . . . 22
Hinden & Deering Expires March 17, 2017 [Page 2]
Internet-Draft IPv6 Addressing Architecture September 2016
Appendix A. Modified EUI-64 Format Interface Identifiers . . . . 24
A.1. Creating Modified EUI-64 Format Interface Identifiers . . 24
Appendix B. CHANGES SINCE RFC 4291 . . . . . . . . . . . . . . . 27
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 30
1. Introduction
This specification defines the addressing architecture of the IP
Version 6 protocol. It includes the basic formats for the various
types of IPv6 addresses (unicast, anycast, and multicast).
2. IPv6 Addressing
IPv6 addresses are 128-bit identifiers for interfaces and sets of
interfaces (where "interface" is as defined in Section 2 of
[I-D.ietf-6man-rfc2460bis]). There are three types of addresses:
Unicast: An identifier for a single interface. A packet sent
to a unicast address is delivered to the interface
identified by that address.
Anycast: An identifier for a set of interfaces (typically
belonging to different nodes). A packet sent to an
anycast address is delivered to one of the interfaces
identified by that address (the "nearest" one,
according to the routing protocols' measure of
distance).
Multicast: An identifier for a set of interfaces (typically
belonging to different nodes). A packet sent to a
multicast address is delivered to all interfaces
identified by that address.
There are no broadcast addresses in IPv6, their function being
superseded by multicast addresses.
In this document, fields in addresses are given a specific name, for
example, "subnet". When this name is used with the term "ID" for
identifier after the name (e.g., "subnet ID"), it refers to the
contents of the named field. When it is used with the term "prefix"
(e.g., "subnet prefix"), it refers to all of the address from the
left up to and including this field.
In IPv6, all zeros and all ones are legal values for any field,
unless specifically excluded. Specifically, prefixes may contain, or
end with, zero-valued fields.
Hinden & Deering Expires March 17, 2017 [Page 3]
Internet-Draft IPv6 Addressing Architecture September 2016
2.1. Addressing Model
IPv6 addresses of all types are assigned to interfaces, not nodes.
An IPv6 unicast address refers to a single interface. Since each
interface belongs to a single node, any of that node's interfaces'
unicast addresses may be used as an identifier for the node.
All interfaces are required to have at least one Link-Local unicast
address (see Section 2.8 for additional required addresses). A
single interface may also have multiple IPv6 addresses of any type
(unicast, anycast, and multicast) or scope. Unicast addresses with a
scope greater than link-scope are not needed for interfaces that are
not used as the origin or destination of any IPv6 packets to or from
non-neighbors. This is sometimes convenient for point-to-point
interfaces. There is one exception to this addressing model:
A unicast address or a set of unicast addresses may be assigned to
multiple physical interfaces if the implementation treats the
multiple physical interfaces as one interface when presenting it
to the internet layer. This is useful for load-sharing over
multiple physical interfaces.
Currently, IPv6 continues the IPv4 model in that a subnet prefix is
associated with one link. Multiple subnet prefixes may be assigned
to the same link.
2.2. Text Representation of IPv6 Addresses
2.2.1. Text Representation of Addresses
There are three conventional forms for representing IPv6 addresses as
text strings:
1. The preferred form is x:x:x:x:x:x:x:x, where the 'x's are one to
four hexadecimal digits of the eight 16-bit pieces of the address.
Examples:
abcd:ef01:2345:6789:abcd:ef01:2345:6789
2001:db8:0:0:8:800:200c:417a
Note that it is not necessary to write the leading zeros in an
individual field, but there must be at least one numeral in every
field (except for the case described in 2.).
2. Due to some methods of allocating certain styles of IPv6
addresses, it will be common for addresses to contain long strings
of zero bits. In order to make writing addresses containing zero
Hinden & Deering Expires March 17, 2017 [Page 4]
Internet-Draft IPv6 Addressing Architecture September 2016
bits easier, a special syntax is available to compress the zeros.
The use of "::" indicates one or more groups of 16 bits of zeros.
The "::" can only appear once in an address. The "::" can also be
used to compress leading or trailing zeros in an address.
For example, the following addresses
2001:db8:0:0:8:800:200c:417a a unicast address
ff01:0:0:0:0:0:0:101 a multicast address
0:0:0:0:0:0:0:1 the loopback address
0:0:0:0:0:0:0:0 the unspecified address
may be represented as
2001:db8::8:800:200c:417a a unicast address
ff01::101 a multicast address
::1 the loopback address
:: the unspecified address
3. An alternative form that is sometimes more convenient when dealing
with a mixed environment of IPv4 and IPv6 nodes is
x:x:x:x:x:x:d.d.d.d, where the 'x's are the hexadecimal values of
the six high-order 16-bit pieces of the address, and the 'd's are
the decimal values of the four low-order 8-bit pieces of the
address (standard IPv4 representation). Examples:
0:0:0:0:0:0:13.1.68.3
0:0:0:0:0:ffff:129.144.52.38
or in compressed form:
::13.1.68.3
::ffff:129.144.52.38
2.2.2. Text Representation of Address Prefixes
The text representation of IPv6 address prefixes is similar to the
way IPv4 address prefixes are written in Classless Inter-Domain
Hinden & Deering Expires March 17, 2017 [Page 5]
Internet-Draft IPv6 Addressing Architecture September 2016
Routing (CIDR) notation [RFC4632]. An IPv6 address prefix is
represented by the notation:
ipv6-address/prefix-length
where
ipv6-address is an IPv6 address in any of the notations listed in
Section 2.2.
prefix-length is a decimal value specifying how many of the leftmost
contiguous bits of the address comprise the prefix.
For example, the following are legal representations of the 60-bit
prefix 20010db80000cd3 (hexadecimal):
2001:0db8:0000:cd30:0000:0000:0000:0000/60
2001:0db8::cd30:0:0:0:0/60
2001:0db8:0:cd30::/60
The following are NOT legal representations of the above prefix:
2001:0db8:0:cd3/60 may drop leading zeros, but not trailing
zeros, within any 16-bit chunk of the address
2001:0db8::cd30/60 address to left of "/" expands to
2001:0db8:0000:0000:0000:0000:0000:cd30
2001:0db8::cd3/60 address to left of "/" expands to
2001:0db8:0000:0000:0000:0000:0000:0cd3
When writing both a node address and a prefix of that node address
(e.g., the node's subnet prefix), the two can be combined as follows:
the node address 2001:0db8:0:cd30:123:4567:89ab:cdef
and its subnet number 2001:0db8:0:cd30::/60
can be abbreviated as 2001:0db8:0:cd30:123:4567:89ab:cdef/60
Hinden & Deering Expires March 17, 2017 [Page 6]
Internet-Draft IPv6 Addressing Architecture September 2016
2.2.3. Recommendation for outputting IPv6 addresses
This section provides a recommendation for systems generating and
outputting IPv6 addresses as text. Note, all implementations must
accept and process all addresses in the formats defined in the
previous two sections of this document. The recommendations are as
follows:
1. The hexadecimal digits "a", "b", "c", "d", "e", and "f" in an IPv6
address must be represented in lowercase.
2. Leading zeros in a 16-Bit Field must be suppressed. For example,
2001:0db8::0001
is not correct and must be represented as
2001:db8::1
3. A single 16-bit 0000 field must be represented as 0.
The use of the symbol "::" must be used to its maximum capability.
For example:
2001:db8:0:0:0:0:2:1
must be shortened to
2001:db8::2:1
Likewise,
2001:db8::0:1
is not correct, because the symbol "::" could have been used to
produce a shorter representation
Hinden & Deering Expires March 17, 2017 [Page 7]
Internet-Draft IPv6 Addressing Architecture September 2016
2001:db8::1.
4. When there is an alternative choice in the placement of a "::",
the longest run of consecutive 16-bit 0 fields must be shortened,
that is, in
2001:0:0:1:0:0:0:1
the sequence with three consecutive zero fields is shortened to
2001:0:0:1::1
5. When the length of the consecutive 16-bit 0 fields are equal, for
example
2001:db8:0:0:1:0:0:1
the first sequence of zero bits must be shortened. For example
2001:db8::1:0:0:1
is the correct representation.
6. The symbol "::" must not be used to shorten just one 16-bit 0
field. For example, the representation
2001:db8:0:1:1:1:1:1
is correct, but
2001:db8::1:1:1:1:1
is not correct.
Hinden & Deering Expires March 17, 2017 [Page 8]
Internet-Draft IPv6 Addressing Architecture September 2016
7. The text representation method describe in this section should
also be use for text Representation of IPv6 Address Prefixes. For
example
0:0:0:0:0:ffff:192.0.2.1
should be shown as
::ffff:192.0.2.1
8. The text representation method describe in this section should be
applied for IPv6 addresses with embedded IPv4 address. For
example
2001:0db8:0000:cd30:0000:0000:0000:0000/60
should be shown as
2001:0db8:0:cd30::/60
2.3. Address Type Identification
The type of an IPv6 address is identified by the high-order bits of
the address, as follows:
Address type Binary prefix IPv6 notation Section
------------ ------------- ------------- -------
Unspecified 00...0 (128 bits) ::/128 2.5.2
Loopback 00...1 (128 bits) ::1/128 2.5.3
Multicast 11111111 ff00::/8 2.7
Link-Local unicast 1111111010 fe80::/10 2.5.6
Global Unicast (everything else)
Anycast addresses are taken from the unicast address spaces (of any
scope) and are not syntactically distinguishable from unicast
addresses.
The general format of Global Unicast addresses is described in
Section 2.5.4. Some special-purpose subtypes of Global Unicast
Hinden & Deering Expires March 17, 2017 [Page 9]
Internet-Draft IPv6 Addressing Architecture September 2016
addresses that contain embedded IPv4 addresses (for the purposes of
IPv4-IPv6 interoperation) are described in Section 2.5.5.
Future specifications may redefine one or more sub-ranges of the
Global Unicast space for other purposes, but unless and until that
happens, implementations must treat all addresses that do not start
with any of the above-listed prefixes as Global Unicast addresses.
The current assigned IPv6 prefixes and references to their usage can
be found in the IANA Internet Protocol Version 6 Address Space
registry [IANA-AD] and the IANA IPv6 Special-Purpose Address Registry
[IANA-SP].
2.4. Unicast Addresses
IPv6 unicast addresses are aggregatable with prefixes of arbitrary
bit-length, similar to IPv4 addresses under Classless Inter-Domain
Routing.
There are several types of unicast addresses in IPv6, in particular,
Global Unicast, site-local unicast (deprecated, see Section 2.5.7),
and Link-Local unicast. There are also some special-purpose subtypes
of Global Unicast, such as IPv6 addresses with embedded IPv4
addresses. Additional address types or subtypes can be defined in
the future.
IPv6 nodes may have considerable or little knowledge of the internal
structure of the IPv6 address, depending on the role the node plays
(for instance, host versus router). At a minimum, a node may
consider that unicast addresses (including its own) have no internal
structure:
| 128 bits |
+-----------------------------------------------------------------+
| node address |
+-----------------------------------------------------------------+
A slightly sophisticated host (but still rather simple) may
additionally be aware of subnet prefix(es) for the link(s) it is
attached to, where different addresses may have different values for
n:
| n bits | 128-n bits |
+-------------------------------+---------------------------------+
| subnet prefix | interface ID |
+-------------------------------+---------------------------------+
Hinden & Deering Expires March 17, 2017 [Page 10]
Internet-Draft IPv6 Addressing Architecture September 2016
Though a very simple router may have no knowledge of the internal
structure of IPv6 unicast addresses, routers will more generally have
knowledge of one or more of the hierarchical boundaries for the
operation of routing protocols. The known boundaries will differ
from router to router, depending on what positions the router holds
in the routing hierarchy.
Except for the knowledge of the subnet boundary discussed in the
previous paragraphs, nodes should not make any assumptions about the
structure of an IPv6 address.
2.4.1. Interface Identifiers
Interface identifiers in IPv6 unicast addresses are used to identify
interfaces on a link. They are required to be unique within a subnet
prefix. It is recommended that the same interface identifier not be
assigned to different nodes on a link. They may also be unique over
a broader scope. The same interface identifier may be used on
multiple interfaces on a single node, as long as they are attached to
different subnets.
Interface IDs must be viewed outside of the node that created
Interface ID as an opaque bit string without any internal structure.
Note that the uniqueness of interface identifiers is independent of
the uniqueness of IPv6 addresses. For example, a Global Unicast
address may be created with an interface identifier that is only
unique on a single subnet, and a Link-Local address may be created
with interface identifier that is unique over multiple subnets.
For all unicast addresses, except those that start with the binary
value 000, Interface IDs are required to be 64 bits long.
The details of forming interface identifiers are defined in other
specifications, such as "Privacy Extensions for Stateless Address
Autoconfiguration in IPv6" [RFC4941] or "A Method for Generating
Semantically Opaque Interface Identifiers with IPv6 Stateless Address
Autoconfiguration (SLAAC)"[RFC7217]. Specific cases are described in
appropriate "IPv6 over " specifications, such as "IPv6 over
Ethernet" [RFC2464] and "Transmission of IPv6 Packets over ITU-T
G.9959 Networks" [RFC7428]. The security and privacy considerations
for IPv6 address generation is described in [RFC7721].
Earlier versions of this document described a method of forming
interface identifiers derived from IEEE MAC-layer addresses call
Modified EUI-64 format. These are described in Appendix A and are no
longer recommended.
Hinden & Deering Expires March 17, 2017 [Page 11]
Internet-Draft IPv6 Addressing Architecture September 2016
2.4.2. The Unspecified Address
The address 0:0:0:0:0:0:0:0 is called the unspecified address. It
must never be assigned to any node. It indicates the absence of an
address. One example of its use is in the Source Address field of
any IPv6 packets sent by an initializing host before it has learned
its own address.
The unspecified address must not be used as the destination address
of IPv6 packets or in IPv6 Routing headers. An IPv6 packet with a
source address of unspecified must never be forwarded by an IPv6
router.
2.4.3. The Loopback Address
The unicast address 0:0:0:0:0:0:0:1 is called the loopback address.
It may be used by a node to send an IPv6 packet to itself. It must
not be assigned to any physical interface. It is treated as having
Link-Local scope, and may be thought of as the Link-Local unicast
address of a virtual interface (typically called the "loopback
interface") to an imaginary link that goes nowhere.
The loopback address must not be used as the source address in IPv6
packets that are sent outside of a single node. An IPv6 packet with
a destination address of loopback must never be sent outside of a
single node and must never be forwarded by an IPv6 router. A packet
received on an interface with a destination address of loopback must
be dropped.
2.4.4. Global Unicast Addresses
The general format for IPv6 Global Unicast addresses is as follows:
| n bits | m bits | 128-n-m bits |
+------------------------+-----------+----------------------------+
| global routing prefix | subnet ID | interface ID |
+------------------------+-----------+----------------------------+
where the global routing prefix is a (typically hierarchically-
structured) value assigned to a site (a cluster of subnets/links),
the subnet ID is an identifier of a link within the site, and the
interface ID is as defined in Section 2.5.1.
All Global Unicast addresses other than those that start with binary
000 have a 64-bit interface ID field (i.e., n + m = 64), formatted as
described in Section 2.5.1. Global Unicast addresses that start with
binary 000 have no such constraint on the size or structure of the
interface ID field.
Hinden & Deering Expires March 17, 2017 [Page 12]
Internet-Draft IPv6 Addressing Architecture September 2016
Examples of Global Unicast addresses that start with binary 000 are
the IPv6 address with embedded IPv4 addresses described in
Section 2.5.5. An example of global addresses starting with a binary
value other than 000 (and therefore having a 64-bit interface ID
field) can be found in [RFC3587].
2.4.5. IPv6 Addresses with Embedded IPv4 Addresses
Two types of IPv6 addresses are defined that carry an IPv4 address in
the low-order 32 bits of the address. These are the "IPv4-Compatible
IPv6 address" and the "IPv4-mapped IPv6 address".
2.4.5.1. IPv4-Compatible IPv6 Address
The "IPv4-Compatible IPv6 address" was defined to assist in the IPv6
transition. The format of the "IPv4-Compatible IPv6 address" is as
follows:
| 80 bits | 16 | 32 bits |
+--------------------------------------+--------------------------+
|0000..............................0000|0000| IPv4 address |
+--------------------------------------+----+---------------------+
Note: The IPv4 address used in the "IPv4-Compatible IPv6 address"
must be a globally-unique IPv4 unicast address.
The "IPv4-Compatible IPv6 address" is now deprecated because the
current IPv6 transition mechanisms no longer use these addresses.
New or updated implementations are not required to support this
address type.
2.4.5.2. IPv4-Mapped IPv6 Address
A second type of IPv6 address that holds an embedded IPv4 address is
defined. This address type is used to represent the addresses of
IPv4 nodes as IPv6 addresses. The format of the "IPv4-mapped IPv6
address" is as follows:
| 80 bits | 16 | 32 bits |
+--------------------------------------+--------------------------+
|0000..............................0000|ffff| IPv4 address |
+--------------------------------------+----+---------------------+
See [RFC4038] for background on the usage of the "IPv4-mapped IPv6
address".
Hinden & Deering Expires March 17, 2017 [Page 13]
Internet-Draft IPv6 Addressing Architecture September 2016
2.4.6. Link-Local IPv6 Unicast Addresses
Link-Local addresses are for use on a single link. Link-Local
addresses have the following format:
| 10 |
| bits | 54 bits | 64 bits |
+----------+-------------------------+----------------------------+
|1111111010| 0 | interface ID |
+----------+-------------------------+----------------------------+
Link-Local addresses are designed to be used for addressing on a
single link for purposes such as automatic address configuration,
neighbor discovery, or when no routers are present.
Routers must not forward any packets with Link-Local source or
destination addresses to other links.
2.4.7. Site-Local IPv6 Unicast Addresses
Site-Local addresses were originally designed to be used for
addressing inside of a site without the need for a global prefix.
Site-local addresses are now deprecated as defined in [RFC3879].
Site-Local addresses have the following format:
| 10 |
| bits | 54 bits | 64 bits |
+----------+-------------------------+----------------------------+
|1111111011| subnet ID | interface ID |
+----------+-------------------------+----------------------------+
The special behavior of this prefix defined in [RFC3513] must no
longer be supported in new implementations (i.e., new implementations
must treat this prefix as Global Unicast).
Existing implementations and deployments may continue to use this
prefix.
A new type of address has been defined that can be generated locally
and is intended to be used as an alternative to Site-Local addresses.
These are called Unique Local Addresses (ULA) [RFC4193].
2.5. Anycast Addresses
An IPv6 anycast address is an address that is assigned to more than
one interface (typically belonging to different nodes), with the
property that a packet sent to an anycast address is routed to the
Hinden & Deering Expires March 17, 2017 [Page 14]
Internet-Draft IPv6 Addressing Architecture September 2016
"nearest" interface having that address, according to the routing
protocols' measure of distance.
Anycast addresses are allocated from the unicast address space, using
any of the defined unicast address formats. Thus, anycast addresses
are syntactically indistinguishable from unicast addresses. When a
unicast address is assigned to more than one interface, thus turning
it into an anycast address, the nodes to which the address is
assigned must be explicitly configured to know that it is an anycast
address.
For any assigned anycast address, there is a longest prefix P of that
address that identifies the topological region in which all
interfaces belonging to that anycast address reside. Within the
region identified by P, the anycast address must be maintained as a
separate entry in the routing system (commonly referred to as a "host
route"); outside the region identified by P, the anycast address may
be aggregated into the routing entry for prefix P.
Note that in the worst case, the prefix P of an anycast set may be
the null prefix, i.e., the members of the set may have no topological
locality. In that case, the anycast address must be maintained as a
separate routing entry throughout the entire Internet, which presents
a severe scaling limit on how many such "global" anycast sets may be
supported. Therefore, it is expected that support for global anycast
sets may be unavailable or very restricted.
One expected use of anycast addresses is to identify the set of
routers belonging to an organization providing Internet service.
Such addresses could be used as intermediate addresses in an IPv6
Routing header, to cause a packet to be delivered via a particular
service provider or sequence of service providers.
Some other possible uses are to identify the set of routers attached
to a particular subnet, or the set of routers providing entry into a
particular routing domain.
2.5.1. Required Anycast Address
The Subnet-Router anycast address is predefined. Its format is as
follows:
| n bits | 128-n bits |
+------------------------------------------------+----------------+
| subnet prefix | 00000000000000 |
+------------------------------------------------+----------------+
Hinden & Deering Expires March 17, 2017 [Page 15]
Internet-Draft IPv6 Addressing Architecture September 2016
The "subnet prefix" in an anycast address is the prefix that
identifies a specific link. This anycast address is syntactically
the same as a unicast address for an interface on the link with the
interface identifier set to zero.
Packets sent to the Subnet-Router anycast address will be delivered
to one router on the subnet. All routers are required to support the
Subnet-Router anycast addresses for the subnets to which they have
interfaces.
The Subnet-Router anycast address is intended to be used for
applications where a node needs to communicate with any one of the
set of routers.
2.6. Multicast Addresses
An IPv6 multicast address is an identifier for a group of interfaces
(typically on different nodes). An interface may belong to any
number of multicast groups. Multicast addresses have the following
format:
| 8 | 4 | 4 | 112 bits |
+------ -+----+----+---------------------------------------------+
|11111111|flgs|scop| group ID |
+--------+----+----+---------------------------------------------+
binary 11111111 at the start of the address identifies the address
as being a multicast address.
+-+-+-+-+
flgs is a set of 4 flags: |0|R|P|T|
+-+-+-+-+
The high-order flag is reserved, and must be initialized to 0.
T = 0 indicates a permanently-assigned ("well-known") multicast
address, assigned by the Internet Assigned Numbers Authority
(IANA).
T = 1 indicates a non-permanently-assigned ("transient" or
"dynamically" assigned) multicast address.
The P flag's definition and usage can be found in [RFC3306].
The R flag's definition and usage can be found in [RFC3956].
Hinden & Deering Expires March 17, 2017 [Page 16]
Internet-Draft IPv6 Addressing Architecture September 2016
scop is a 4-bit multicast scope value used to limit the scope of
the multicast group. The values are as follows:
0 reserved
1 Interface-Local scope
2 Link-Local scope
3 Realm-Local scope
4 Admin-Local scope
5 Site-Local scope
6 (unassigned)
7 (unassigned)
8 Organization-Local scope
9 (unassigned)
A (unassigned)
B (unassigned)
C (unassigned)
D (unassigned)
E Global scope
F reserved
Interface-Local scope spans only a single interface on a node
and is useful only for loopback transmission of multicast.
Packets with interface-local scope received from another node
must be discarded.
Link-Local multicast scope spans the same topological region as
the corresponding unicast scope.
Interface-Local, Link-Local, and Realm-Local scope boundaries
are automatically derived from physical connectivity or other
non-multicast-related configurations. Global scope has no
boundary. The boundaries of all other non-reserved scopes of
Admin-Local or larger are administratively configured. For
reserved scopes, the way of configuring their boundaries will
be defined when the semantics of the scope are defined.
According to [RFC4007], the zone of a Realm-Local scope must
fall within zones of larger scope. Because the zone of a
Realm-Local scope is configured automatically while the zones
of larger scopes are configured manually, care must be taken in
the definition of those larger scopes to ensure that the
inclusion constraint is met.
Realm-Local scopes created by different network technologies
are considered to be independent and will have different zone
indices (see Section 6 of [RFC4007]). A router with interfaces
on links using different network technologies does not forward
Hinden & Deering Expires March 17, 2017 [Page 17]
Internet-Draft IPv6 Addressing Architecture September 2016
traffic between the Realm-Local multicast scopes defined by
those technologies.
Site-Local scope is intended to span a single site.
Organization-Local scope is intended to span multiple sites
belonging to a single organization.
scopes labeled "(unassigned)" are available for administrators
to define additional multicast regions.
group ID identifies the multicast group, either permanent or
transient, within the given scope. Additional definitions of the
multicast group ID field structure are provided in [RFC3306].
The "meaning" of a permanently-assigned multicast address is
independent of the scope value. For example, if the "NTP servers
group" is assigned a permanent multicast address with a group ID of
101 (hex), then
ff01:0:0:0:0:0:0:101 means all NTP servers on the same interface
(i.e., the same node) as the sender.
ff02:0:0:0:0:0:0:101 means all NTP servers on the same link as the
sender.
ff05:0:0:0:0:0:0:101 means all NTP servers in the same site as the
sender.
ff0e:0:0:0:0:0:0:101 means all NTP servers in the Internet.
Non-permanently-assigned multicast addresses are meaningful only
within a given scope. For example, a group identified by the non-
permanent, site-local multicast address ff15:0:0:0:0:0:0:101 at one
site bears no relationship to a group using the same address at a
different site, nor to a non-permanent group using the same group ID
with a different scope, nor to a permanent group with the same group
ID.
Multicast addresses must not be used as source addresses in IPv6
packets or appear in any Routing header.
Routers must not forward any multicast packets beyond the scope
indicated by the scop field in the destination multicast address.
Nodes must not originate a packet to a multicast address whose scop
field contains the reserved value 0; if such a packet is received, it
must be silently dropped. Nodes should not originate a packet to a
Hinden & Deering Expires March 17, 2017 [Page 18]
Internet-Draft IPv6 Addressing Architecture September 2016
multicast address whose scop field contains the reserved value F; if
such a packet is sent or received, it must be treated the same as
packets destined to a global (scop E) multicast address.
2.6.1. Pre-Defined Multicast Addresses
The following well-known multicast addresses are pre-defined. The
group IDs defined in this section are defined for explicit scope
values.
Use of these group IDs for any other scope values, with the T flag
equal to 0, is not allowed.
reserved multicast addresses: ff00:0:0:0:0:0:0:0
ff01:0:0:0:0:0:0:0
ff02:0:0:0:0:0:0:0
ff03:0:0:0:0:0:0:0
ff04:0:0:0:0:0:0:0
ff05:0:0:0:0:0:0:0
ff06:0:0:0:0:0:0:0
ff07:0:0:0:0:0:0:0
ff08:0:0:0:0:0:0:0
ff09:0:0:0:0:0:0:0
ff0a:0:0:0:0:0:0:0
ff0b:0:0:0:0:0:0:0
ff0c:0:0:0:0:0:0:0
ff0d:0:0:0:0:0:0:0
ff0e:0:0:0:0:0:0:0
ff0f:0:0:0:0:0:0:0
The above multicast addresses are reserved and shall never be
assigned to any multicast group.
all nodes addresses: ff01:0:0:0:0:0:0:1
ff02:0:0:0:0:0:0:1
The above multicast addresses identify the group of all IPv6 nodes,
within scope 1 (interface-local) or 2 (link-local).
all routers addresses: ff01:0:0:0:0:0:0:2
ff02:0:0:0:0:0:0:2
ff05:0:0:0:0:0:0:2
Hinden & Deering Expires March 17, 2017 [Page 19]
Internet-Draft IPv6 Addressing Architecture September 2016
The above multicast addresses identify the group of all IPv6 routers,
within scope 1 (interface-local), 2 (link-local), or 5 (site-local).
Solicited-Node Address: ff02:0:0:0:0:1:ffxx:xxxx
Solicited-Node multicast address are computed as a function of a
node's unicast and anycast addresses. A Solicited-Node multicast
address is formed by taking the low-order 24 bits of an address
(unicast or anycast) and appending those bits to the prefix
FF02:0:0:0:0:1:FF00::/104 resulting in a multicast address in the
range
ff02:0:0:0:0:1:ff00:0000
to
ff02:0:0:0:0:1:ffff:ffff
For example, the Solicited-Node multicast address corresponding to
the IPv6 address 4037::01:800:200e:8c6c is ff02::1:ff0e:8c6c. IPv6
addresses that differ only in the high-order bits (e.g., due to
multiple high-order prefixes associated with different aggregations)
will map to the same Solicited-Node address, thereby reducing the
number of multicast addresses a node must join.
A node is required to compute and join (on the appropriate interface)
the associated Solicited-Node multicast addresses for all unicast and
anycast addresses that have been configured for the node's interfaces
(manually or automatically).
2.7. A Node's Required Addresses
A host is required to recognize the following addresses as
identifying itself:
o Its required Link-Local address for each interface.
o Any additional Unicast and Anycast addresses that have been
configured for the node's interfaces (manually or
automatically).
o The loopback address.
o The All-Nodes multicast addresses defined in Section 2.7.1.
Hinden & Deering Expires March 17, 2017 [Page 20]
Internet-Draft IPv6 Addressing Architecture September 2016
o The Solicited-Node multicast address for each of its unicast
and anycast addresses.
o Multicast addresses of all other groups to which the node
belongs.
A router is required to recognize all addresses that a host is
required to recognize, plus the following addresses as identifying
itself:
o The Subnet-Router Anycast addresses for all interfaces for
which it is configured to act as a router.
o All other Anycast addresses with which the router has been
configured.
o The All-Routers multicast addresses defined in Section 2.7.1.
3. IANA Considerations
This document does not contain any IANA Considerations.
4. Security Considerations
IPv6 addressing documents do not have any direct impact on Internet
infrastructure security. Authentication of IPv6 packets is defined
in [RFC4302].
5. Acknowledgments
The authors would like to acknowledge the contributions of Paul
Francis, Scott Bradner, Jim Bound, Brian Carpenter, Matt Crawford,
Deborah Estrin, Roger Fajman, Bob Fink, Peter Ford, Bob Gilligan,
Dimitry Haskin, Tom Harsch, Christian Huitema, Tony Li, Greg
Minshall, Thomas Narten, Erik Nordmark, Yakov Rekhter, Bill Simpson,
Sue Thomson, Markku Savela, Larry Masinter, Jun-ichiro Itojun Hagino,
Tatuya Jinmei, Suresh Krishnan, and Mahmood Ali.
The authors would also like to acknowledge the authors of the
updating RFCs that were incorporated in this version of the document
to move IPv6 to Internet Standard. This includes Marcelo Bagnulo,
Congxiao Bao, Mohamed Boucadair, Brian Carpenter, Ralph Droms,
Christian Huitema, Sheng Jiang, Seiichi Kawamura, Masanobu Kawashima,
Xing Li, and Stig Venaas.
Hinden & Deering Expires March 17, 2017 [Page 21]
Internet-Draft IPv6 Addressing Architecture September 2016
6. References
6.1. Normative References
[I-D.ietf-6man-rfc2460bis]
Deering, D. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", draft-ietf-6man-rfc2460bis-05 (work
in progress), June 2016.
6.2. Informative References
[EUI64] "IEEE, "Guidelines for 64-bit Global Identifier (EUI-64)
Registration Authority"", March 1997,
.
[IANA-AD] "Internet Protocol Version 6 Address Space",
.
[IANA-SP] "IANA IPv6 Special-Purpose Address Registry",
.
[RFC2464] Crawford, M., "Transmission of IPv6 Packets over Ethernet
Networks", RFC 2464, DOI 10.17487/RFC2464, December 1998,
.
[RFC3306] Haberman, B. and D. Thaler, "Unicast-Prefix-based IPv6
Multicast Addresses", RFC 3306, DOI 10.17487/RFC3306,
August 2002, .
[RFC3513] Hinden, R. and S. Deering, "Internet Protocol Version 6
(IPv6) Addressing Architecture", RFC 3513, DOI 10.17487/
RFC3513, April 2003,
.
[RFC3587] Hinden, R., Deering, S., and E. Nordmark, "IPv6 Global
Unicast Address Format", RFC 3587, DOI 10.17487/RFC3587,
August 2003, .
[RFC3879] Huitema, C. and B. Carpenter, "Deprecating Site Local
Addresses", RFC 3879, DOI 10.17487/RFC3879, September
2004, .
Hinden & Deering Expires March 17, 2017 [Page 22]
Internet-Draft IPv6 Addressing Architecture September 2016
[RFC3956] Savola, P. and B. Haberman, "Embedding the Rendezvous
Point (RP) Address in an IPv6 Multicast Address", RFC
3956, DOI 10.17487/RFC3956, November 2004,
.
[RFC4007] Deering, S., Haberman, B., Jinmei, T., Nordmark, E., and
B. Zill, "IPv6 Scoped Address Architecture", RFC 4007, DOI
10.17487/RFC4007, March 2005,
.
[RFC4038] Shin, M-K., Ed., Hong, Y-G., Hagino, J., Savola, P., and
E. Castro, "Application Aspects of IPv6 Transition", RFC
4038, DOI 10.17487/RFC4038, March 2005,
.
[RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast
Addresses", RFC 4193, DOI 10.17487/RFC4193, October 2005,
.
[RFC4302] Kent, S., "IP Authentication Header", RFC 4302, DOI
10.17487/RFC4302, December 2005,
.
[RFC4632] Fuller, V. and T. Li, "Classless Inter-domain Routing
(CIDR): The Internet Address Assignment and Aggregation
Plan", BCP 122, RFC 4632, DOI 10.17487/RFC4632, August
2006, .
[RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy
Extensions for Stateless Address Autoconfiguration in
IPv6", RFC 4941, DOI 10.17487/RFC4941, September 2007,
.
[RFC7217] Gont, F., "A Method for Generating Semantically Opaque
Interface Identifiers with IPv6 Stateless Address
Autoconfiguration (SLAAC)", RFC 7217, DOI 10.17487/
RFC7217, April 2014,
.
[RFC7428] Brandt, A. and J. Buron, "Transmission of IPv6 Packets
over ITU-T G.9959 Networks", RFC 7428, DOI 10.17487/
RFC7428, February 2015,
.
[RFC7721] Cooper, A., Gont, F., and D. Thaler, "Security and Privacy
Considerations for IPv6 Address Generation Mechanisms",
RFC 7721, DOI 10.17487/RFC7721, March 2016,
.
Hinden & Deering Expires March 17, 2017 [Page 23]
Internet-Draft IPv6 Addressing Architecture September 2016
Appendix A. Modified EUI-64 Format Interface Identifiers
Modified EUI-64 format-based interface identifiers may have universal
scope when derived from a universal token (e.g., IEEE 802 48-bit MAC
or IEEE EUI-64 identifiers [EUI64]) or may have local scope where a
global token is not being used (e.g., serial links, tunnel end-
points) or where global tokens are undesirable (e.g., temporary
tokens for privacy [RFC4941].
Modified EUI-64 format interface identifiers are formed by inverting
the "u" bit (universal/local bit in IEEE EUI-64 terminology) when
forming the interface identifier from IEEE EUI-64 identifiers. In
the resulting Modified EUI-64 format, the "u" bit is set to one (1)
to indicate universal scope, and it is set to zero (0) to indicate
local scope. The first three octets in binary of an IEEE EUI-64
identifier are as follows:
0 0 0 1 1 2
|0 7 8 5 6 3|
+----+----+----+----+----+----+
|cccc|ccug|cccc|cccc|cccc|cccc|
+----+----+----+----+----+----+
written in Internet standard bit-order, where "u" is the universal/
local bit, "g" is the individual/group bit, and "c" is the bits of
the company_id. Appendix A, "Creating Modified EUI-64 Format
Interface Identifiers", provides examples on the creation of Modified
EUI-64 format-based interface identifiers.
The motivation for inverting the "u" bit when forming an interface
identifier is to make it easy for system administrators to hand
configure non-global identifiers when hardware tokens are not
available. This is expected to be the case for serial links and
tunnel end-points, for example. The alternative would have been for
these to be of the form 0200:0:0:1, 0200:0:0:2, etc., instead of the
much simpler 0:0:0:1, 0:0:0:2, etc.
IPv6 nodes are not required to validate that interface identifiers
created with modified EUI-64 tokens with the "u" bit set to universal
are unique.
A.1. Creating Modified EUI-64 Format Interface Identifiers
Depending on the characteristics of a specific link or node, there
are a number of approaches for creating Modified EUI-64 format
interface identifiers. This appendix describes some of these
approaches.
Hinden & Deering Expires March 17, 2017 [Page 24]
Internet-Draft IPv6 Addressing Architecture September 2016
Links or Nodes with IEEE EUI-64 Identifiers
The only change needed to transform an IEEE EUI-64 identifier to an
interface identifier is to invert the "u" (universal/local) bit. An
example is a globally unique IEEE EUI-64 identifier of the form:
|0 1|1 3|3 4|4 6|
|0 5|6 1|2 7|8 3|
+----------------+----------------+----------------+----------------+
|cccccc0gcccccccc|ccccccccmmmmmmmm|mmmmmmmmmmmmmmmm|mmmmmmmmmmmmmmmm|
+----------------+----------------+----------------+----------------+
where "c" is the bits of the assigned company_id, "0" is the value of
the universal/local bit to indicate universal scope, "g" is
individual/group bit, and "m" is the bits of the manufacturer-
selected extension identifier. The IPv6 interface identifier would
be of the form:
|0 1|1 3|3 4|4 6|
|0 5|6 1|2 7|8 3|
+----------------+----------------+----------------+----------------+
|cccccc1gcccccccc|ccccccccmmmmmmmm|mmmmmmmmmmmmmmmm|mmmmmmmmmmmmmmmm|
+----------------+----------------+----------------+----------------+
The only change is inverting the value of the universal/local bit.
Links or Nodes with IEEE 802 48-bit MACs
[EUI64] defines a method to create an IEEE EUI-64 identifier from an
IEEE 48-bit MAC identifier. This is to insert two octets, with
hexadecimal values of 0xFF and 0xFE (see the Note at the end of
appendix), in the middle of the 48-bit MAC (between the company_id
and vendor-supplied id). An example is the 48-bit IEEE MAC with
Global scope:
|0 1|1 3|3 4|
|0 5|6 1|2 7|
+----------------+----------------+----------------+
|cccccc0gcccccccc|ccccccccmmmmmmmm|mmmmmmmmmmmmmmmm|
+----------------+----------------+----------------+
where "c" is the bits of the assigned company_id, "0" is the value of
the universal/local bit to indicate Global scope, "g" is individual/
group bit, and "m" is the bits of the manufacturer- selected
extension identifier. The interface identifier would be of the form:
Hinden & Deering Expires March 17, 2017 [Page 25]
Internet-Draft IPv6 Addressing Architecture September 2016
|0 1|1 3|3 4|4 6|
|0 5|6 1|2 7|8 3|
+----------------+----------------+----------------+----------------+
|cccccc1gcccccccc|cccccccc11111111|11111110mmmmmmmm|mmmmmmmmmmmmmmmm|
+----------------+----------------+----------------+----------------+
When IEEE 802 48-bit MAC addresses are available (on an interface or
a node), an implementation may use them to create interface
identifiers due to their availability and uniqueness properties.
Links with Other Kinds of Identifiers
There are a number of types of links that have link-layer interface
identifiers other than IEEE EUI-64 or IEEE 802 48-bit MACs. Examples
include LocalTalk and Arcnet. The method to create a Modified EUI-64
format identifier is to take the link identifier (e.g., the LocalTalk
8-bit node identifier) and zero fill it to the left. For example, a
LocalTalk 8-bit node identifier of hexadecimal value 0x4F results in
the following interface identifier:
|0 1|1 3|3 4|4 6|
|0 5|6 1|2 7|8 3|
+----------------+----------------+----------------+----------------+
|0000000000000000|0000000000000000|0000000000000000|0000000001001111|
+----------------+----------------+----------------+----------------+
Note that this results in the universal/local bit set to "0" to
indicate local scope.
Links without Identifiers
There are a number of links that do not have any type of built-in
identifier. The most common of these are serial links and configured
tunnels. Interface identifiers that are unique within a subnet
prefix must be chosen.
When no built-in identifier is available on a link, the preferred
approach is to use a universal interface identifier from another
interface or one that is assigned to the node itself. When using
this approach, no other interface connecting the same node to the
same subnet prefix may use the same identifier.
If there is no universal interface identifier available for use on
the link, the implementation needs to create a local-scope interface
identifier. The only requirement is that it be unique within a
subnet prefix. There are many possible approaches to select a
subnet-prefix-unique interface identifier. These include the
following:
Hinden & Deering Expires March 17, 2017 [Page 26]
Internet-Draft IPv6 Addressing Architecture September 2016
Manual Configuration
Node Serial Number
Other Node-Specific Token
The subnet-prefix-unique interface identifier should be generated in
a manner such that it does not change after a reboot of a node or if
interfaces are added or deleted from the node.
The selection of the appropriate algorithm is link and implementation
dependent. The details on forming interface identifiers are defined
in the appropriate "IPv6 over " specification. It is strongly
recommended that a collision detection algorithm be implemented as
part of any automatic algorithm.
Note: [EUI64] actually defines 0xFF and 0xFF as the bits to be
inserted to create an IEEE EUI-64 identifier from an IEEE MAC-
48 identifier. The 0xFF and 0xFE values are used when
starting with an IEEE EUI-48 identifier. The incorrect value
was used in earlier versions of the specification due to a
misunderstanding about the differences between IEEE MAC-48 and
EUI-48 identifiers.
This document purposely continues the use of 0xFF and 0xFE
because it meets the requirements for IPv6 interface
identifiers (i.e., that they must be unique on the link), IEEE
EUI-48 and MAC-48 identifiers are syntactically equivalent,
and that it doesn't cause any problems in practice.
Appendix B. CHANGES SINCE RFC 4291
This document has the following changes from RFC4291, "IP Version 6
Addressing Architecture". Numbers identify the Internet-Draft
version that the change was made.:
Working Group Internet Drafts
04) Added text and a pointer to the ULA specification in
Section 2.4.7
04) Removed old IANA Considerations text, this was left from the
baseline text from RFC4291 and should have been removed
earlier.
04) Editorial changes.
Hinden & Deering Expires March 17, 2017 [Page 27]
Internet-Draft IPv6 Addressing Architecture September 2016
03) Changes references in Section 2.4.1 that describes the
details of forming IIDs to RFC7271 and RFC7721.
02) Remove changes made by RFC7371 because there isn't any known
implementation experience.
01) Revised Section 2.4.1 on Interface Identifiers to reflect
current approach, this included saying Modified EUI-64
identifiers not recommended and moved the text describing the
format to Appendix A.
01) Editorial changes.
00) Working Group Draft.
00) Editorial changes.
Individual Internet Drafts
06) Incorporate the updates made by RFC7371. The changes were to
the flag bits and their definitions in Section 2.6.
05) Incorporate the updates made by RFC7346. The change was to
add Realm-Local scope to the multicast scope table in
Section 2.6, and add the updating text to the same section.
04) Incorporate the updates made by RFC6052. The change was to
add a text in Section 2.3 that points to the IANA registries
that records the prefix defined in RFC6052 and a number of
other special use prefixes.
03) Incorporate the updates made by RFC7136 to deprecate the U
and G bits in Modified EUI-64 format Internet IDs.
03) Add note to the reference section acknowledging the authors
of the updating documents.
03) Editorial changes.
02) Updates to resolve the open Errata on RFC4291. These are:
Errata ID: 3480: Corrects the definition of Interface-
Local multicast scope to also state that packets with
Hinden & Deering Expires March 17, 2017 [Page 28]
Internet-Draft IPv6 Addressing Architecture September 2016
interface-local scope received from another node must be
discarded.
Errata ID: 1627: Remove extraneous "of" in Section 2.7.
Errata ID: 2702: This errata is marked rejected. No
change is required.
Errata ID: 2735: This errata is marked rejected. No
change is required.
Errata ID: 4406: This errata is marked rejected. No
change is required.
Errata ID: 2406: This errata is marked rejected. No
change is required.
Errata ID: 863: This errata is marked rejected. No change
is required.
Errata ID: 864: This errata is marked rejected. No change
is required.
Errata ID: 866: This errata is marked rejected. No change
is required.
02) Update references to current versions.
02) Editorial changes.
01) Incorporate the updates made by RFC5952 regarding the text
format when outputting IPv6 addresses. A new section was
added for this and addresses shown in this document were
changed to lower case.
01) Revise this Section to document to show the changes from
RFC4291.
01) Editorial changes.
00) Establish a baseline from RFC4291. The only intended changes
are formatting (XML is slightly different from .nroff),
differences between an RFC and Internet Draft, fixing a few
ID Nits, and updates to the authors information. There
should not be any content changes to the specification.
Hinden & Deering Expires March 17, 2017 [Page 29]
Internet-Draft IPv6 Addressing Architecture September 2016
Authors' Addresses
Robert M. Hinden
Check Point Software
959 Skyway Road
San Carlos, CA 94070
USA
Email: bob.hinden@gmail.com
Stephen E. Deering
Retired
Vancouver, British Columbia
Canada
Hinden & Deering Expires March 17, 2017 [Page 30]