Menu
Introduction to Designing an IPv6 Address Plan

IPv4 addresses have almost run out, and more and more businesses and institutions see the necessity to migrate to IPv6. As a result, they need an IPv6 address plan.

An IPv6 address is 128 bits long, which means that, in theory, there are 2128 addresses available, a great deal more than the 232 (= 4.3 billion) addresses available with IPv4. To give you an idea of the volume: 2128 or 340 282 366 920 938 463 463 374 607 431 768 211 456 or 340 billion billion billion billion represents approximately the number of grains of sand on our planet. This means that an IPv6 address plan will look very different from an IPv4 address plan.

An address plan using the IPv4 system limits the options available to an organisation because there are relatively few IPv4 addresses still available. This is why the IPv4 addressing system is based on efficient address assignment.

If you apply for an IPv6 address range at many Internet Service Providers, you will be assigned 280 addresses (a /48 prefix). This is such a huge amount that efficiency virtually ceases to be an issue. This is why it is worthwhile adopting an IPv6 address plan: a system in which you assign the IPv6 addresses to locations and/or use types.

In an efficient IPv6 address plan, the IPv6 addressing ranges are grouped effectively and logically. This has several advantages, including:

Security policies are easier to implement, such as the configuration of access lists and firewalls
Addresses are easier to trace: the address contains information about the use type or location where the address is in use
An efficient address plan is scalable: it can be expanded, for example, to include new locations or use types
An efficient IPv6 address plan also enables more efficient network management However, an efficient IPv6 address plan may "waste" large numbers of IPv6 addresses. In almost all cases, this is a good trade-off: seemingly wasteful practices lead to more efficiency elsewhere, for instance, by avoiding unnecessary inflation of routing tables in routers. The addresses are there; you may as well use them.

IPv6 Address Notation

An IPv6 address consists of 128 bits that can each have a value of 0 or 1. Because an address made up of 128 ones and zeroes is illegible, a more convenient format has been devised. This format is based on the hexadecimal system1, which is much easier to understand for humans while being closely related to the binary format.

Each digit in the hexadecimal system is equivalent to 4 bits; an IPv6 address of 128 bits therefore consists of 128 / 4 = 32 hexadecimal digits. The notation is as follows:

2001:0db8:0000:0000:0000:0000:0000:0001

Since it is impractical to record all these zeroes, some may be skipped in accordance with certain conventions. Leading zeroes can be dropped for each group of digits. The result would then be:

2001:db8:0:0:0:0:0:1

One (and only one) series of zeroes and colons may also be abbreviated as two colons. The result is now:

2001:db8::1

The precise rules for IPv6 address notation are specified in RFC 5952

Prefixes: Grouping Addresses

Pv6 addresses are grouped using the binary value of the address. This grouping is carried out using a "prefix". Prefixes are all addresses that start with the same series of bits, similar to an area code for phone numbers. The length of the identical series is noted after the address, separated by a forward slash. The prefix

2001:db8::/32

thus contains all the addresses from

2001:0db8:0000:0000:0000:0000:0000:0000

through

2001:0db8:ffff:ffff:ffff:ffff:ffff:fff

As can be seen above, the first 32 bits, i.e. the first eight hexadecimal digits, are identical.

The prefix

2001:db8:1234::/64

contains all the addresses from

2001:0db8:1234:0000:0000:0000:0000:0000

through

2001:0db8:1234:0000:ffff:ffff:ffff:fff

(Don't be fooled by the missing zeroes in 2001:db8:1234::/64 rather than 2001:db8:1234:0000::/64.)

Prefixes that are multiples of four bits are easiest to work with, so those are common. Examples are /32, /48, /52, /56, /60 and /64. If a prefix falls on a different boundary, this means it "slices" through a a hexadecimal digit, rendering the address range more difficult to decipher.

Prefix not a multiple of four

If the prefix length is not a round multiple of four, the binary separation will take place in the middle of a hexadecimal number. This means that all hexadecimal numbers that start with the same series of bits will belong to this prefix. The prefix

2001:db8::/61

thus contains all the addresses from

2001:0db8:0000:0000:0000:0000:0000:0000

through

2001:0db8:0000:0007:ffff:ffff:ffff:fff

because the hexadecimal numbers 0 through 7 all start with the binary value 0.

For example, the prefix

2001:db8:0:8::/61

contains all the addresses from

2001:0db8:0000:0008:0000:0000:0000:0000

through

2001:0db8:0000:000f:ffff:ffff:ffff:fff

because the hexadecimal numbers 8 to f all start with the binary value 1.

With IPv4, it's at least theoretically possible to have a non-contiguous subnet mask. For instance, with subnet mask 255.255.252.255 the addresses 192.0.2.3 and 192.0.3.3 are in the same subnet, but 192.0.2.3 and 192.0.2.4 aren't. However, non-contiguous subnet masks have no corresponding prefix length. As IPv6 subnets are defined using prefix lengths, non-contiguous subnets are not possible with IPv6.

/64 Subnets

IPv6 addresses don't have a fixed structure, like the class A/B/C system originally used with IPv4. However, IPv6 subnets should be /64 prefixes. Other subnet sizes are possible, but may get in the way of mechanisms such as stateless address autoconfiguration (see section 5.1). So very small subnets, such as a point-to-point link, use the same size IPv6 address block as very large subnets, such as a large Ethernet containing a number of Ethernet switches.

Assigning Address Blocks

The original recommendation for assigning IPv6 address space to end users was as follows:

/48 (65 536 subnets) in the general case, except for very large subscribers

/64 (a single subnet) when it is known that one and only one subnet is needed by design

/128 (a single address) when it is absolutely known that one and only one device is connecting

However, RFC 61771 (also known as Best Current Practice 157) changes this, and recommends using an address block / prefix size tailored to the end user's needs. It also recommends against giving out single addresses. For instance, a /48 is much more than a home user needs, but a /64 only allows for a single subnet, which may be limiting, if not immediately, then in the future. So a /56 or /60 may be more appropriate for consumers.

That said, it is important to err on the side of assigning more rather than less, as adding a second address block or moving to a bigger one is costly. This is especially true when the original assignment to a medium-sized or larger organisation was a /56. With a /56 assignment, the network will already be fairly large before more address space is needed, so the impact of changes will be significant. If the original assignment was a /60, the network would have outgrown the assignment when it was much smaller and changes were still much easier to make.

So a /48 should be used when there is any doubt whether a /56 is sufficient in the long run. ISPs get much leeway in determining the prefix size they give to their customers up to /48–even in the case of home users.

ISPs which are LIRs (Local Internet Registries, sometimes called a "RIPE member" in Europe) get at least a /32, but large ISPs can get much larger address blocks / shorter prefixes, so they can use a dedicated sub-prefix per region/country where they're active.

In the rest of this document, it is assumed that your organisation has been assigned a /48 address block, and that 16 bits (64 - 48) are therefore available for assigning the addresses to subnets. If your situation is different, you will need to adapt the calculations in this manual accordingly.

Based on the above information, the first 48 bits of your IPv6 plan are fixed. In this document, we use 2001:db8:1234::/48 as an example. This means you can use the /64 prefixes.

2001:db8:1234:0000::/64

through

2001:db8:1234:ffff::/64

for your network–16 bits in total.

For your own address plan, you will need to replace the numbers in the examples with the prefix allocated to you.

Representation of Subdivisions

As the first 48 bits are assigned by a service provider and the last 64 bits are used within each subnet, an IPv6 address plan is about bits 48 to 63, the 16 bits available to number subnets. In this article, we will subdivide the 16 available bits into groups. We distinguish the following types of groups:

B: bit is assignable
L: bit is assigned to a location
T: bit is assigned to a use type

The following notation is used for the assigned bits. The order of the letters here is meaningless and is only used as an example:

Each box represents 1 bit. Four boxes together represent a nibble (four bits) and thus one hexadecimal digit in the IPv6 address. For the above example, this produces the following address structure.

2001:db8:1234:LTBB::/64

Bits 1-4 are in this example assigned to a location, bits 5-8 are assigned to a use type and bits 9-16 remain available to be assigned to another purpose.

Preparing an Address Plan

When preparing your address plan you have to decide which system to use to assign the available addresses to the networks in the organisation. There are a number of convenient methods for assigning addresses.

This section will describe the possible address plans, using the following example network:

Basic Structure of the Address Plan

With the IPv6 protocol, there are so many available addresses that we can create one or more primary subnets. We can, for example, assign the addresses per use type or per location, or use combinations. For example, we may assign the addresses first by use type and then by location. Once these subnets have been defined, there will still be bits remaining that can be assigned to another purpose.

In this example, 4 bits are assigned to a location (L) and 4 bits are assigned to a use type (T). As a result, there are 8 bits remaining (B). Following this address plan, with 4 location bits, a maximum of 16 locations can be addressed, with each location having 16 (also 4 bits) allocatable use types. 8 bits are left to number a maximum of 256 different subnets for each location and use type combination.

Example 1: Location-based subnet

In this example, we define the locations as the primary subnets. The number of groups required is then as follows:

Number of locations: Three groups
Backbone and other infrastructure: One group
Non-location-based networks: One group
Future locations: Two groups
Total: Seven groups

This example network would then appear as follows:

If we round this up to the first power of 2, this results in eight subnets. Incorporating these primary subnets into the IPv6 address requires 3 bits (L). This results in the following bit distribution:

This leaves 13 available bits (B).

Example 2: Use type-based subnet

In this example we define the use types as the primary subnets. The number of groups required is then as follows:

Number of use types (staff,students, guests, servers and VPNs): Five groups
Backbone and other infrastructure: One group
Future use types: Four groups
Total: Ten groups

This example network would then appear as follows:

If we round this up to the first power of 2, this results in 16 subnets. Incorporating these subnets into the IPv6 address requires 4 bits (T) (24 = 16). This leaves 12 available bits (B).

The remaining bits can be used for numbering secondary subnetworks within the selected address plan. If the primary subnets are location-based, multiple networks can be addressed by location, whereas if the primary subnets are use type-based, multiple student networks or server networks can be addressed.

The remaining bits can also be used to combine subnets by location and use type. If the subnet is location-based, as in example 1, and we create a use type-based secondary subnet, as in example 2.

In this article you learned how to prepare an effective IPv6 address plan. In making that plan, you will need to make a number of important choices. Please think carefully about these choices to ensure that the address plan will meet the requirements of your organisation. This manual will provide suggestions to help you to make the right choices.


This article is an excerpt from Preparing an IPv6 Address Plan by URFnet provided under CC 3.0 licence. creativecommons.org/licenses/by/3.0/nl.

More Network Troubleshooting and Support Articles:
• Small Business Server Migration Guide
• Network Notepad Free Network Diagraming Tool
• SME Network Internet IP Addressing Strategies
• Network Schematic Symbols
• Letting Your SME Users Access the Internet
• Questions to Ask Before Beginning Network Design
• Five Free Tools Every Network Administrator Should Have
• What is Network Automation?
• Network Address Translation (NAT) Protocol
• Simple Checks to Diagnose Windows Network Problems