Silmor . de
Site Links:
Impressum / Publisher

IPv6 Auto-Configuration

One of the great features of IPv6 is its automatic configuration. It is no longer necessary to configure each host separately or to create a static entry in the DHCP-server - simply plug the machine in and it will configure itself to function properly in the local network.

Stage 1 - Link Local

In order to configure itself towards the network, the system first needs to be able to communicate on the local link - i.e. the physical connection, for ethernet all the cables and cards connected to the same switch as the card that is just starting up.

One of the nice things about IPv6-addresses is that there is plenty of bit space for a host to make a unique ID for itself. Most network device types will have some type of low-level identification code that is unique at least on the link level - for example the MAC address of an ethernet card.

The 128 bits of the configured address for a starting network device are split into two blocks of 64 bit - the first being the network ID and the second being the host ID. For Link Local the network ID is easy: fe80::/64, the host ID is calculated from the Low-Level-ID of the device.

MAC to EUI64

A MAC address is 48 bit wide, but we need a 64bit host ID in EUI64 format. The transformation is actually quite easy:

  1. take the MAC of the network device (eg. 00:e0:81:2e:b6:d1)
  2. flip bit 2 of the first byte (02:e0:81:2e:b6:d1)
  3. insert FFFE in the middle (02:e0:81:FF:FE:2e:b6:d1)
  4. combine with the network prefix into an IPv6 address (fe80::2e0:81FF:FE2e:b6d1)

The flip in step 2 has a reason. Ethernet devices usually come with a pre-configured MAC address, which is globally unique - this bit happens to be 0 if the MAC is globally assigned. This flip ensures that autoconfigured host IDs always use a large number as host ID, so that the administrator can use small numbers for manually configured hosts without risking a random collision with a MAC address.

Neighbor Discovery

Now that the network device has a link local address, it needs to check that the address is actually unique. This is done by sending a neighbor solicitation packet (IPv6's equivalent of ARP) into the link - if no response is received within a short timeout the address is unique and hence safe to use. If a neighbor with the same address is found the system stops here and manual intervention is needed (the network is broken anyway, ethernet does not allow two nodes to have the same MAC).

Stage 2 - Network Discovery

The new link local address is then used to find out more about the network. A router solicitation packet is sent into the link - any router present will answer with a router advertisement packet. These router advertisements contain the network prefixes that the router assigned to the link and its own address for forwarding. Now the system simply combines the new network prefixes with the alrady calculated EUI64, sets the appropriate routes to the newly found routers and voila - the system is configured.

Random Addresses

There is a standard for enhancing privacy by generating and changing addresses randomly. You will see that Windows boxes per default generate two IPv6 addresses - one using the EUI64 and one that looks random. The RFC describing this extension is RFC 4941.

Linux: Configuration

For Linux there are three pseudo files per device that control autoconfiguration:

I used "eth0" as an example device name above - there is one directory for each device and two special directories:


Webmaster: webmaster AT silmor DOT de