- If an EC2 Reserved Instance is not applied or used - Thu, Jan 20 2022
- Midnight Commander remote connect via Shell link (copy files over SSH) and SFTP link using FISH and public key authentication - Mon, Jan 17 2022
- Root login via SSH and SFTP on EC2 instances running Linux - Wed, Jan 12 2022
In the last post of this IPv6 tutorial, you learned about the different address types and the new public IP addresses, the global unicast addresses. Today I will introduce the so-called local-use, unicast addresses, which are those IPv6 addresses that are not routed across the public Internet. There are two types of local-use, unicast addresses: site-local addresses and link-local addresses.
Site-local addresses ^
Site-local addresses are equivalent to private IP addresses in IPv4. The address space reserved for these addresses, which are only routed within an organization and not on the public Internet, is 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. In IPv6, the first 10 bits of a site-local address are set to 1111111011, which is why these addresses always begin with FEC0. The following 54 bits are the subnet ID, which you can use in your organization for hierarchical routing, and the last 64 bits are the interface ID, which is the part that has to be unique on a link (local network on which hosts communicate without intervening routers). Thus, the prefix of a site-local address is FEC0::/10.
Note: Site-local addresses have been deprecated, but existing implementations can still continue use them. Thus, they will probably stay around for a while. The proper way to work with private addresses in IPv6 is the use of unique local addresses which I will discuss in my next post.
Link-local addresses ^
From IPv4, you might know APIPA (Automatic Private IP Addressing) or AutoNet. Whenever automatic IP configuration through DHCP fails, Windows automatically assigns an autoconfiguration address in the range 169.254.0.1 to 169.254.255.254, which allows the computer to communicate with other machines on the link. In IPv6, link-local addresses always begin with 1111111010 (FE80).
Unlike site-local addresses, link-local addresses are never forwarded by routers and therefore can only be reached on the link. This is the reason why the next 54 bits are set to 0. The last 64 bits are set randomly by the operating system.
There is an important difference between IPv6 link-local addresses and IPv4 APIPA addresses. Once a PC receives an IPv4 address from a DHCP server, the APIPA address is no longer reachable. However, with IPv6, a network interface always has a link-local address even if you assign another IPv6 address manually or if the NIC receives an IPv6 address from a DHCP server. This means that computers on a link can always communicate through IPv6 using link-local addresses, which is not the case in IPv4 because APIPA addresses are not in the same subnet as private or public IPv4 addresses. Thus, if the local DHCP is unavailable, the computers can still access local services through IPv6 but won't be able to reach the Internet or services in other links.
Subscribe to 4sysops newsletter!
In the next post of this IPv6 tutorial, I will talk a little about the zone ID and unique local IPv6 unicast addresses.