IPv6 Addresses: Scopes and Zones

This article describes the use of scopes and zones defined for IPv6 addresses.

IPv6 Address Scopes

IPv6 introduced the „scope“ of  IPv6 addresses. The scope specifies which part of the network the address (unicast or multicast address) is valid. It defines the “size” of a topological region. This helps to send a particular multicast packet to a certain system of the same link, the same network or globally.

Unicast Address

Unicast IPv6 addresses have either interface-local scope, link-local scope, Realm-local or global scope. Unicast IPv6 addresses don´t use specific indication of the scope of an address. Scope boundaries are automatically derived from physical connectivity or other configuration.

Multicast Address

Multicast IPv6 addresses use specific bits in the address field to indicate the scope of an address.

Interface-local scope: IPv6 addresses of interface-local scope are mainly used for loopback tests.

Link-local scope: IPv6 addresses of link-local scope have the same scope as link-lokal unicast addresses (limited to one link, one physical network and one layer 2 broadcast domain).

Realm-local scope: the zone of Realm-local scope must fall within zones of larger scope.

Admin-local scope: the scope of IPv6 addresses of admin-local scope must be configured by the address administrator; it is not automatically derived from any configuration data.

Site-local scope: an IPv6 address of site-local scope span the same topological region as its communicating partners.

Organization-local scope: an IPv6 address of organization-local scope is valid at all locations of the same organization or corporation.

Global scope: these IPv6 addresses are valid globally and are globally routable.

Note: address scopes may cause problems in reality due to different and complex network designs (e.g. firewalls may separate logical networks within the same organization) and borders of “links” and “sites” may not be obvious.

IPv6 Address Zones

A zone defines a topological instance (e.g. the site of corporation A or user X). Within the topological region the address is used as unique identifier of an interface. It is not indicated in an address, but defined by context.

Example: the interface used to send the IPv6 address

IPv6 addresses (in not-global scope) in different zones may be identical.

Example: 2 physical links use fe80::1

Context of zones and scopes:

  • Each interface of a node comprises a zone of „interface-local scope“ (only for multicast).
  • Each link and the attached interfaces comprise a zone of „link-local scope“ (for unicast and multicast).
  • There is one zone of „global scope“ (for unicast and multicast), it comprises all links and interfaces in the Internet.
  • Boundaries between zones of a scope have to be defined by the administrator (exception: interface-local, link-local and global)

Examples:

A node may have interfaces in different zones of the same scope. A router most often has more than one interface in different zones. Each interface may have assigned different links.

Zonen Indices

Zones indices are used for system internal means to identify a certain (not global) IPv6 address to a zone.

Example:
Scope definition of links and interfaces in a node (identified by the operating system):

IPv6 Addresses Link Interface

Explanation of the graph above (example):

The node is attached to 5 interface-local zones.
2 of the interfaces use the same physical Ethernet link.
The node is attached to 4 link zones.

Source: RFC 4007: IPv6 Scoped Address Architecture, page 7

All link-local IPv6 addresses of a station use the same prefix. No regular routing mechanisms may be used to select a particular interface to send IPv6 packets to link-local destinations.

For link-local IPv6 addresses of a station the zone index is identical to the interface identifier of the operating system (don´t mix up the term “interface identifier” with a particular section of the IPv6 address called „Interface Identifier“).

In a textual representation the value of the zone index follows the IPv6 address separated by a percentage sign („%“).

Example: fe80::1%7

Example for use of the interface identifier within an IPv6 node using the „ping“ command:

IPv6 Addresses ping syntax

The ping command requests the use of the IPv6 address „fe80::210:c6ff:fed0:f4c7“ as the source address in ICMP echo requests. The requests should be sent from logical interface “%4”. Destination station is a computer interface with assigned logical name „nb77“. The logical name of the destination is stored in the local “hosts” file mapping host names to IP addresses.

Resources:

RFC 2460
RFC 4291
RFC 7346

IPv4 and IPv6 Addresses

IPv4 and IPv6 Addresses

Book “IPv4 and IPv6 Addresses – An Introduction

About the Author:

Ronald Schlager is independent trainer, consultant and book author focusing on communications technologies and their application.

Ronald Schlager´s profiles:

Ronald Schlager´s Bio
Amazon
LinkedIn
Smashwords
Xing