Tag: eui-64

The New Way of Generating IPv6 – SLAAC EUI-64 Address Format

There was an old way of generating Interface IPv6 address using SLAAC process (Stateless autoconfiguration). You simply configured that you want SLAAC autoconfiguration and the interface IPv6 was generated by squeezing “FFFE” in hex (11111111 11111110 bits) between two parts of physical MAC address of that interface.

Then, after a while, several comments came to IETF about the use of predictable Interface Identifiers in IPv6 addresses. They were pointing to the ease of correlation of host activities within the same network and across multiple networks. If Interface Identifiers are constant across networks this is negatively affecting the privacy and security of users on that network.

| Continue Reading.. |

IPv6 Generated with EUI-64 Has a Strange Bit Inside

UPDATE on 22 Mar 2018:
Although the article is correctly explaining the IPv6 address generated in the example at the bottom, it seems that the process of generating the IPv6 address with EUI-64 has been changed from what is described in RFC2373 to something like RFC4291 and then to something like RFC7217. Thanks to @FernandoGont for pointing to this issue. A new article is here which describes newly suggested technique on how SLAAC implementation should work in new network device/NIC implementations.

What is universal/local bit in IPv6 EUI-64 address?

One of my readers contacted me with an interesting question in comments of “IPv6 – SLAAC EUI-64 Address Format” article. The question was:

“How come that the ipv6 address after the prefix is 21C:C4FF:FECF:4ED0 if the mac address is 00-1C-C4-CF-4E-D0?”

Of course, we all know from the previous article that EUI-64 process is taking the interface MAC address (if that is an Ethernet interface) and it creates 64 bits Interface ID with it by shimming additional FFFE (16bits in hex) in between the MAC address bits.

The reader was confused with an additional change that I did not cover in that article which is called universal/local bit of the IPv6 address Interface ID part.

Let’s go.

IPv6 address is 128 bit. First ‘n’ bits (first 64 bits of EUI-64 created IPv6 address) are called “subnet prefix” and the other half of bits are called “Interface ID”.

If we use EUI-64 process to generate a unique IPv6 address of the interface, then we are generating Interface ID from MAC address (or some other kind of L2 address if this is not about Ethernet).

|                     n bits                     |   128-n bits   |
+------------------------------------------------+----------------+
|                  subnet prefix                 |  interface ID  |
+------------------------------------------------+----------------+

On RFC 2373 page 18 chapter: “APPENDIX A : Creating EUI-64 based Interface Identifiers”, you can find that 7th bit on Interface ID part of an IPv6 address (the last 64 bits) is called “universal/local bit”.

If this bit is set to “0” it indicates local scope IPv6 address and if it is “1” then the generated IPv6 address has global scope (it is globally unique).

| Continue Reading.. |

IPv6 – SLAAC EUI-64 Address Format

UPDATE on 22 Mar 2018:
Article is correctly describing what is SLAAC and why is needed and describes how SLAAC uses RFC 2373 to generate interface IPv6 address. The thing is that today RFC 7217 describes an enhanced new way of SLAAC algorithm to improve user security and protect hosts from attacks. Details are available here in my new article about SLAAC.

Stateless autoconfiguration or SLAAC

SLAAC is a method in which the host or router interface is assigned a 64-bit prefix, and then the last 64 bits of its address are derived by the host or router with help of EUI-64 process which is described in next few lines. SLAAC uses NDP protocol to work.ipv6

As the format of the EUI-64 format is seen quite frequently, covering its details seems important too.

| Continue Reading.. |