IP addresses serve for general host identification purposes in IP networks (RFC 791). Typical (IPv4) address consists of four octets. For proper addressing the router also needs the network mask value, id est which bits of the complete IP address refer to the address of the host, and which - to the address of the network. The network address value is calculated by binary AND operation from a network mask and IP address values. It's also possible to specify an IP address followed by a slash "/" and the number of bits that form the network address.
In most cases, it is enough to specify the address, the netmask, and the interface arguments. The network prefix and the broadcast address are calculated automatically.
It is possible to add multiple IP addresses to an interface or to leave the interface without any addresses assigned to it. In the case of bridging or PPPoE connection, the physical interface may not have any address assigned, yet be perfectly usable. Configuring an IP address to a physical interface included in a bridge would mean actually setting it on the bridge interface itself.
You can use /ip address print detail to see which interface the address belongs to.
IPv4 uses 4-byte addresses which are segmented in four 8-bit fields called octets. Each octet is converted to a decimal format and separated by a dot. For example:
IPv4 network consists of three addresses:
- network address - a standard way to refer to an IPv4 address assigned to a network. For example, we could refer to the network 192.168.1.0 or 172.16.0.0 as a “Network Address.”
- broadcast address - a special address for each network that allows communication to all the hosts in that network. The broadcast address uses the highest address in the network range. for example, broadcast address if 192.168.1.0/24 network will be 192.168.1.255
- host address - any other address that is not network address and broadcast address can be used as a host address. For example, 192.168.1.2 - 254 host addresses can be used from 192.168.1.0/24 address range
There are several types of IP addressing
- unicast - normally refers to a single sender or a single receiver, and can be used for both sending and receiving. Usually, a unicast address is associated with a single device or host, but it is not a one-to-one correspondence.
- broadcast - address to send data to all possible destinations ("all-hosts broadcast"), which permits the sender to send the data only once, and all receivers receive a copy of it. In the IPv4 protocol, the address 255.255.255.255 is used for local broadcast. In addition, a directed (limited) broadcast can be made by combining the network prefix with a host suffix composed entirely of binary 1s. For example, the destination address used for directed broadcast to devices on the 192.0.2.0/24 network is 192.0.2.255
- multicast - address associated with a group of interested receivers. In IPv4, addresses 220.127.116.11 through 18.104.22.168 are designated as multicast addresses. The sender sends a single datagram from its unicast address to the multicast group address and the intermediary routers take care of making copies and sending them to all receivers that have joined the corresponding multicast group.
Private Address Range
The following IP address ranges are reserved (RFC 6890) for private addressing. 203.0.113.0/24These addresses are not routed in the global routing table and should be translated to global address with network address translation (NAT):
- 10.0.0.0/8 - start: 10.0.0.0; end: 10.255.255.255
- 172.16.0.0/12 - start: 172.16.0.0; end:172.31.255.255
- 192.168.0.0/16 - start: 192.168.0.0; end: 192.168.255.255
Other Reserved Address Ranges
- 198.18.0.0/15 - benchmarking
- 22.214.171.124/24 - 6to4 relay anycast address range
- 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24 - documentation
- 169.254.0.0/16 - auto-configuration address range
Adding IP Address
Consider setup where two routers are directly connected with the cable and we do not want to waste address space:
Internet Protocol version 6 (IPv6) is the newer version of the Internet Protocol (IP). It was initially expected to replace IPv4 in short enough time, but for now, it seems that these two versions will coexist on the Internet in foreseeable future. Nevertheless, IPv6 becomes more important, as the date of unallocated IPv4 address pool's exhaustion approaches.
The two main benefits of IPv6 over IPv4 are:
- much larger address space;
- support of stateless and stateful address auto-configuration;
- built-in security;
- new header format (faster forwarding).
IPv6 uses 16 bytes addresses compared to 4-byte addresses in IPv4. IPv6 address syntax and types are described in RFC 4291.
There are multiple IPv6 address types, that can be recognized by their prefix. RouterOS distinguishes the following:
- multicast (with prefix ff00::/8)
- link-local (with prefix fe80::/10)
- unique local addresses (with prefix fc00::/7)
- loopback (the address::1/128)
- unspecified (the address::/128)
- other (all other addresses, including the obsoleted site-local addresses, and RFC 4193 unique local addresses; they all are treated as global unicast).
One difference between IPv6 and IPv4 addressing is that IPv6 automatically generates a link-local IPv6 address for each active interface that has IPv6 support.
IPv6 addresses are represented a little bit different than IPv4 addresses. For IPv6, the 128-bit address is divided into eight 16-bit blocks, and each 16-bit block is converted to a 4-digit hexadecimal number and separated by colons. The resulting representation is called colon-hexadecimal.
In the example below IPv6 address in binary format is converted to a colon-hexadecimal representation
IPv6 address can be further simplified by removing leading zeros in each block:
As you can see IPv6 addresses can have long sequences of zeros. This contiguous sequence can be compressed to ::
Zero compression can only be used once. Otherwise, you could not determine the number of 0 bits represented by each instance of a double-colon
IPv6 prefix is written in address/prefix-length format. Compared to IPv4 decimal representation of a network mask cannot be used. Prefix examples:
Several IPv6 address types exist:
As you can see there are no Broadcast addresses in IPv6 network, compared to IPv4 broadcast functionality was completely replaced with multicast.
Packets addressed to a unicast address are delivered only to a single interface. To this group belong:
- globally unique addresses and can be used to connect to addresses with global scope anywhere;
- link-local addresses;
- unique local addresses (ULA RFC4193)
- site-local addresses (FEC0::/48) - deprecated;
- special-purpose addresses;
- compatibility addresses;
A global unicast address can be automatically assigned to the node by Stateless Address auto-configuration.
A link-local address is required on every IPv6-enabled interface, applications may rely on the existence of a link-local address even when there is no IPv6 routing, that is why the link-local address is generated automatically for every active interface using its interface identifier (calculated EUI-64 from MAC address if present). Address prefix is always FE80::/64 and IPv6 router never forwards link-local traffic beyond the link.
These addresses are comparable to the auto-configuration addresses 169.254.0.0/16 of IPv4.
A link-local address is also required for IPv6 Neighbor Discovery processes.
If the interface is set as bridge port, an interface-specific link-local address is removed leaving only bridge link-local address
Unique Local Address
Unique Local Address (ULA) is reserved for local use in home and enterprise environments not routed in public address space and is equivalent to IPv4s private address ranges.
Reserved address range is fc00::/7
Special Purpose Address
|Unspecified address (::/128)||Never assigned to an interface or used as a destination address, used only to indicate the absence of an address. Equivalent to IPv4 0.0.0.0 address.|
|loopback address (::1/128)||Used to identify a loopback interface, enabling a node to send packets to itself. It is equivalent to the IPv4 loopback address of 127.0.0.1.|
|2002::/16||This prefix is used for 6to4 addressing. Here, an address from the IPv4 network 126.96.36.199/24 is also used.|
|2001:db8::/32||Address range reserved for documentation. These should never be seen as source or destionation.|
|2001:0010::/28||Orchid fixed term experiment. Should not be seen as source or destination|
|2001:0002::/48||Used for benchmarking, should not be seen as source or destination|
|IPv4 compatible address||used by dual-stack nodes that are communicating with IPv6 over an IPv4 infrastructure. When the IPv4-compatible address is used as an IPv6 destination, IPv6 traffic is automatically encapsulated with an IPv4 header and sent to the destination by using the IPv4 infrastructure. Address is written in following format |
|IPv4 mapped address||used to represent an IPv4-only node to an IPv6 node. It is used only for internal representation. The IPv4-mapped address is never used as a source or destination address for an IPv6 packet. The IPv6 protocol does not support the use of IPv4-mapped addresses. Address is written in the following format: |
Most important multicast aspects are:
- traffic is sent to a single address but is processed by multiple hosts;
- group membership is dynamic, allowing hosts to join and leave the group at any time;
- in IPv6, Multicast Listener Discovery (MLD) messages are used to determine group membership on a network segment, also known as a link or subnet;
- a host can send traffic to the group's address without belonging to the corresponding group.
A single IPv6 multicast address identifies each multicast group. Each group's reserved IPv6 address is shared by all host members of the group who listen and receive any IPv6 messages sent to the group's address.
Multicast address consists of the following parts:
- The first 8 bits in the multicast address are always 1111 1111 (which is FF in hexadecimal format).
- Flag uses the 9th to 12th bit and shows if this multicast address is predefined (well-known) or not. If it is well-known, all bits are 0s.
- Scope ID indicates to which scope multicast address belongs, for example, Scope ID=2 is link-local scope.
- Group ID is used to specify a multicast group. There are predefined group IDs, such as Group ID=1 - all nodes. Therefore, if multicast address is ff02::1, that means Scope ID=2 and Group ID=1, indicating all nodes in link-local scope. This is analogous to broadcast in IPv4.
Here is the table of reserved IPV6 addresses for multicast:
|FF02::1||The all-nodes address used to reach all nodes on the same link.|
|FF02::2||The all-routers address used to reach all routers on the same link.|
|FF02::5||The all-Open Shortest Path First (OSPF) routers address used to reach all OSPF routers on the same link.|
|FF02::6||The all-OSPF designated routers address used to reach all OSPF designated routers on the same link.|
|FF02::1:FFXX:XXXX||The solicited-node address used in the address resolution process to resolve the IPv6 address of a link-local node to its link-layer address. The last 24 bits (XX:XXXX) of the solicited-node address are the last 24 bits of an IPv6 unicast address.|
The following table is a partial list of IPv6 multicast addresses that are reserved for IPv6 multicasting and registered with the Internet Assigned Numbers Authority (IANA). For complete list of assigned addresses read IANA document.
Multicast addresses can be used to discover nodes in a network. For example, discover all nodes
discover all routers
An anycast address is a new type of address incorporated in IPv6.
Anycasting is a new networking paradigm supporting service-oriented Addresses where an identical address can be assigned to multiple nodes providing a specific service. An anycast packet (i.e., one with an anycast destination address) is delivered to one of these nodes with the same anycast address.
An anycast address is not assigned a specific address range. It is assigned from the unicast address range.
The last 64 bits of an IPv6 address are the interface identifier that is unique to the 64-bit prefix of the IPv6 address. There are several ways how to determine interface identifier:
- randomly generated to provide a level of anonymity;
- manually configured.
Traditional interface identifiers for network adapters are 48-bit MAC address. This address consists of a 24-bit manufacturer ID and a 24-bit board ID.
IEEE EUI-64 is a new standard for network interface address. The company ID is still 24-bits in length, but the extension ID is 40 bits, creating a much larger address space for network adapters.
To create a EUI-64 address from the interface MAC address:
- 0xFFFE is inserted into the MAC address between the manufacturer ID and the board ID.
- seventh bit of the first byte is reversed.
Let's make an example with following MAC address 00:0C:42:28:79:45.
The image above illustrates the conversion process. When the result is converted to colon-hexadecimal notation, we get the interface identifier
20C:42FF:FE28:7945. As a result, corresponds link-local address is
In RouterOS, if the EUI-64 parameter of an address is configured, the last 64 bits of that address will be automatically generated and updated using interface identifier. The last bits must be configured to be zero for this case. Example:
Configuring IPv6 Address
This example shows how to set up simple addressing with global IPv6 addresses between two routers.
Check address list:
Notice that our added address has G flag indicated that this address can be globally routed. We also have a link-local address on the interface which is created automatically for every IPv6 capable interface.