HOME

TheInfoList



OR:

An IPv6 packet is the smallest message entity exchanged using
Internet Protocol version 6 Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. IPv ...
(IPv6).
Packet Packet may refer to: * A small container or pouch ** Packet (container), a small single use container ** Cigarette packet ** Sugar packet * Network packet, a formatted unit of data carried by a packet-mode computer network * Packet radio, a form ...
s consist of control information for addressing and routing and a
payload Payload is the object or the entity which is being carried by an aircraft or launch vehicle. Sometimes payload also refers to the carrying capacity of an aircraft or launch vehicle, usually measured in terms of weight. Depending on the nature of ...
of user data. The control information in IPv6 packets is subdivided into a mandatory fixed header and optional extension headers. The payload of an IPv6 packet is typically a
datagram A datagram is a basic transfer unit associated with a packet-switched network. Datagrams are typically structured in header and payload sections. Datagrams provide a connectionless communication service across a packet-switched network. The del ...
or segment of the higher-level
transport layer In computer networking, the transport layer is a conceptual division of methods in the layered architecture of protocols in the network stack in the Internet protocol suite and the OSI model. The protocols of this layer provide end-to-end ...
protocol, but may be data for an
internet layer The internet layer is a group of internetworking methods, protocols, and specifications in the Internet protocol suite that are used to transport network packets from the originating host across network boundaries; if necessary, to the destinati ...
(e.g.,
ICMPv6 Internet Control Message Protocol version 6 (ICMPv6) is the implementation of the Internet Control Message Protocol (ICMP) for Internet Protocol version 6 (IPv6). ICMPv6 is an integral part of IPv6 and performs error reporting and diagnostic func ...
) or link layer (e.g.,
OSPF Open Shortest Path First (OSPF) is a routing protocol for Internet Protocol (IP) networks. It uses a link state routing (LSR) algorithm and falls into the group of interior gateway protocols (IGPs), operating within a single autonomous sys ...
) instead. IPv6 packets are typically transmitted over the link layer (i.e., over
Ethernet Ethernet () is a family of wired computer networking technologies commonly used in local area networks (LAN), metropolitan area networks (MAN) and wide area networks (WAN). It was commercially introduced in 1980 and first standardized in 198 ...
or
Wi-Fi Wi-Fi () is a family of wireless network protocols, based on the IEEE 802.11 family of standards, which are commonly used for local area networking of devices and Internet access, allowing nearby digital devices to exchange data by radio wave ...
), which encapsulates each packet in a
frame A frame is often a structural system that supports other components of a physical construction and/or steel frame that limits the construction's extent. Frame and FRAME may also refer to: Physical objects In building construction *Framing (con ...
. Packets may also be transported over a higher-layer
tunneling protocol In computer networks, a tunneling protocol is a communication protocol which allows for the movement of data from one network to another. It involves allowing private network communications to be sent across a public network (such as the Internet ...
, such as
IPv4 Internet Protocol version 4 (IPv4) is the fourth version of the Internet Protocol (IP). It is one of the core protocols of standards-based internetworking methods in the Internet and other packet-switched networks. IPv4 was the first version de ...
when using
6to4 6to4 is an Internet transition mechanism for migrating from Internet Protocol version 4 (IPv4) to version 6 (IPv6) and a system that allows IPv6 packets to be transmitted over an IPv4 network (generally the IPv4 Internet) without the need to co ...
or Teredo transition technologies. In contrast to IPv4, routers do not fragment IPv6 packets larger than the
maximum transmission unit In computer networking, the maximum transmission unit (MTU) is the size of the largest protocol data unit (PDU) that can be communicated in a single network layer transaction. The MTU relates to, but is not identical to the maximum frame size that ...
(MTU), it is the sole responsibility of the originating node. A minimum MTU of 1,280
octets Octet may refer to: Music * Octet (music), ensemble consisting of eight instruments or voices, or composition written for such an ensemble ** String octet, a piece of music written for eight string instruments *** Octet (Mendelssohn), 1825 compos ...
is mandated by IPv6, but
hosts A host is a person responsible for guests at an event or for providing hospitality during it. Host may also refer to: Places *Host, Pennsylvania, a village in Berks County People *Jim Host (born 1937), American businessman *Michel Host ( ...
are "strongly recommended" to use
Path MTU Discovery Path MTU Discovery (PMTUD) is a standardized technique in computer networking for determining the maximum transmission unit (MTU) size on the network path between two Internet Protocol (IP) hosts, usually with the goal of avoiding IP fragmentati ...
to take advantage of MTUs greater than the minimum. Since July 2017, the
Internet Assigned Numbers Authority The Internet Assigned Numbers Authority (IANA) is a standards organization that oversees global IP address allocation, autonomous system number allocation, root zone management in the Domain Name System (DNS), media types, and other Interne ...
(IANA) has been responsible for registering all IPv6 parameters that are used in IPv6 packet headers.


Fixed header

The fixed header starts an IPv6 packet and has a size of 40
octets Octet may refer to: Music * Octet (music), ensemble consisting of eight instruments or voices, or composition written for such an ensemble ** String octet, a piece of music written for eight string instruments *** Octet (Mendelssohn), 1825 compos ...
(320 bits). The bytes of the multi-byte fields are in the
network byte order In computing, endianness, also known as byte sex, is the order or sequence of bytes of a word of digital data in computer memory. Endianness is primarily expressed as big-endian (BE) or little-endian (LE). A big-endian system stores the most sig ...
. : ; ''Version'' (4 bits) : The constant 6 (bit sequence ). ; ''Traffic Class'' (6+2 bits) : The bits of this field hold two values. The six most-significant bits hold the
differentiated services field Differentiated services or DiffServ is a computer networking architecture that specifies a mechanism for classifying and managing network traffic and providing quality of service (QoS) on modern IP networks. DiffServ can, for example, be used t ...
(DS field), which is used to classify packets. Currently, all standard DS fields end with a '0' bit. Any DS field that ends with two '1' bits is intended for local or experimental use. : The remaining two bits are used for
Explicit Congestion Notification Explicit Congestion Notification (ECN) is an extension to the Internet Protocol and to the Transmission Control Protocol and is defined in RFC 3168 (2001). ECN allows end-to-end notification of network congestion without dropping packets. ECN is ...
(ECN); priority values subdivide into ranges: traffic where the source provides congestion control and non-congestion control traffic. ; ''Flow Label'' (20 bits) : A high-entropy identifier of a flow of packets between a source and destination. A flow is a group of packets, e.g., a TCP session or a media stream. The special flow label 0 means the packet does not belong to any flow (using this scheme). An older scheme identifies flow by source address and port, destination address and port, protocol (value of the last ''Next Header'' field). It has further been suggested that the flow label be used to help detect spoofed packets.Use of the IPv6 Flow Label as a Transport-Layer Nonce to Defend Against Off-Path Spoofing Attacks
/ref> ; ''Payload Length'' (16 bits) : The size of the payload in octets, including any extension headers. The length is set to zero when a ''Hop-by-Hop'' extension header carries a Jumbo Payload option. ; ''Next Header'' (8 bits) : Specifies the type of the next header. This field usually specifies the
transport layer In computer networking, the transport layer is a conceptual division of methods in the layered architecture of protocols in the network stack in the Internet protocol suite and the OSI model. The protocols of this layer provide end-to-end ...
protocol used by a packet's payload. When extension headers are present in the packet this field indicates which extension header follows. The values are shared with those used for the IPv4 protocol field, as both fields have the same function (see
List of IP protocol numbers This is a list of the IP protocol numbers found in the field ''Protocol'' of the IPv4 header and the ''Next Header'' field of the IPv6 header. It is an identifier for the encapsulated protocol and determines the layout of the data that immediately ...
). ; ''Hop Limit'' (8 bits) : Replaces the
time to live Time to live (TTL) or hop limit is a mechanism which limits the lifespan or lifetime of data in a computer or network. TTL may be implemented as a counter or timestamp attached to or embedded in the data. Once the prescribed event count or timesp ...
field in IPv4. This value is decremented by one at each forwarding node and the packet is discarded if it becomes 0. However, the destination node should process the packet normally even if received with a hop limit of 0. ; ''Source Address'' (128 bits) : The unicast
IPv6 address An Internet Protocol Version 6 address (IPv6 address) is a numeric label that is used to identify and locate a network interface of a computer or a network node participating in a computer network using IPv6. IP addresses are included in the pac ...
of the sending node. ; ''Destination Address'' (128 bits) : The IPv6 unicast or multicast address of the destination node(s). In order to increase performance, and since current link layer technology and transport layer protocols are assumed to provide sufficient error detection, the header has no
checksum A checksum is a small-sized block of data derived from another block of digital data for the purpose of detecting errors that may have been introduced during its transmission or storage. By themselves, checksums are often used to verify data ...
to protect it.


Extension headers

Extension headers carry optional
internet layer The internet layer is a group of internetworking methods, protocols, and specifications in the Internet protocol suite that are used to transport network packets from the originating host across network boundaries; if necessary, to the destinati ...
information and are placed between the fixed header and the upper-layer protocol header. Extension headers form a chain, using the ''Next Header'' fields. The ''Next Header'' field in the fixed header indicates the type of the first extension header; the ''Next Header'' field of the last extension header indicates the type of the upper-layer protocol header in the payload of the packet. All extension headers are a multiple of 8 octets in size; some extension headers require internal padding to meet this requirement. There are several extension headers defined, and new extension headers may be defined in the future. Most extension headers are examined and processed at the packet's destination. ''Hop-by-Hop Options'' can be processed and modified by intermediate nodes and, if present, must be the first extension. All extension headers are optional and should appear at most once, except for the ''Destination Options'' header extension, which may appear twice. If a node does not recognize a specific extension header, it should discard the packet and send a ''Parameter Problem'' message (
ICMPv6 Internet Control Message Protocol version 6 (ICMPv6) is the implementation of the Internet Control Message Protocol (ICMP) for Internet Protocol version 6 (IPv6). ICMPv6 is an integral part of IPv6 and performs error reporting and diagnostic func ...
type 4, code 1). The defined extension headers below are listed in the preferred order for the case where there is more than one extension header following the fixed header. : Value 59 (No Next Header) in the Next Header field indicates that there is no next header ''whatsoever'' following this one, not even a header of an upper-layer protocol. It means that, from the header's point of view, the IPv6 packet ends right after it: the payload should be empty. There could, however, still be data in the payload if the payload length in the first header of the packet is greater than the length of all extension headers in the packet. This data should be ignored by hosts, but passed unaltered by routers.


Hop-by-hop options and destination options

The ''Hop-by-Hop Options'' extension header may be examined and altered by all nodes on the packet's path, including sending and receiving nodes. (For authentication, option values that may change along the path are ignored.) The ''Destination Options'' extension header needs to be examined by the destination node(s) only. The extension headers are both at least 8 octets in size; if more options are present than will fit in that space, blocks of 8 octets, containing options and padding, are added to the header repeatedly until all options are represented. : ; ''Next Header'' (8 bits) : Specifies the type of the next header. ; ''Header extension length'' (8 bits) : Length of this header in 8-octet units, not including the first 8 octets. ; ''Options and padding'' (variable) : Contains one or more options, and optional padding fields to align options and to make the total header length a multiple of 8 octets. Options are TLV-coded.


Routing

The ''Routing'' extension header is used to direct a packet to one or more intermediate nodes before being sent to its destination. The header is at least 8 octets in size; if more ''Type-specific Data'' is needed than will fit in 4 octets, blocks of 8 octets are added to the header repeatedly, until all ''Type-specific Data'' is placed. : ; ''Next header'' (8 bits): Indicates the type of the next header. ; ''Header extension length'' (8 bits): The length of this header, in multiples of 8 octets, not including the first 8 octets. ; ''Routing type'' (8 bits): A value between 0 and 255, as assigned by
IANA The Internet Assigned Numbers Authority (IANA) is a standards organization that oversees global IP address allocation, autonomous system number allocation, root zone management in the Domain Name System (DNS), media types, and other Interne ...
. : ; ''Segments Left'' (8 bits): Number of nodes this packet still has to visit before reaching its final destination. ; ''Type-specific Data'' (variable): Data that belongs to this type of routing header.


Fragment

In order to send a packet that is larger than the path MTU, the sending node splits the packet into fragments. The ''Fragment'' extension header carries the information necessary to reassemble the original (unfragmented) packet. : ; ''Next header'' (8 bits): Identifies the type of the next header. ; ''Reserved'' (8 bits): Initialized to all zeroes. ; ''Fragment offset'' (13 bits): Offset, in 8-octet units, relative to the start of the fragmentable part of the original packet. ; ''Res'' (2 bits): Reserved; initialized to zeroes. ; ''M Flag'' (1 bit): 1 means more fragments follow; 0 means last fragment. ; ''Identification'' (32 bits): Packet identification value, generated by the source node. Needed for reassembly of the original packet.


Authentication Header (AH) and Encapsulating Security Payload (ESP)

The ''
Authentication Header In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in v ...
'' and the ''
Encapsulating Security Payload In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in v ...
'' are part of
IPsec In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in ...
and are used identically in IPv6 and in IPv4.


Payload

The fixed and optional IPv6 headers are followed by the ''upper-layer payload'', the data provided by the transport layer, for example a TCP segment or a UDP datagram. The ''Next Header'' field of the last IPv6 header indicates what type of payload is contained in this packet.


Standard payload length

The payload length field of IPv6 (and
IPv4 Internet Protocol version 4 (IPv4) is the fourth version of the Internet Protocol (IP). It is one of the core protocols of standards-based internetworking methods in the Internet and other packet-switched networks. IPv4 was the first version de ...
) has a size of 16 bits, capable of specifying a maximum length of octets for the payload. In practice, hosts determine the maximum usable payload length using
Path MTU Discovery Path MTU Discovery (PMTUD) is a standardized technique in computer networking for determining the maximum transmission unit (MTU) size on the network path between two Internet Protocol (IP) hosts, usually with the goal of avoiding IP fragmentati ...
(yielding the minimum MTU along the path from sender to receiver), to avoid having to fragment packets. Most link-layer protocols have MTUs considerably smaller than octets.


Jumbogram

An optional feature of IPv6, the ''jumbo payload'' option in a ''Hop-By-Hop Options'' extension header, allows the exchange of packets with payloads of up to one octet less than 4 GB (232−1= octets), by making use of a 32-bit length field. Packets with such payloads are called
jumbogram In packet-switched computer networks, a jumbogram (portmanteau of ''jumbo'' and ''datagram'') is an internet-layer packet exceeding the standard maximum transmission unit (MTU) of the underlying network technology. In contrast, large packets f ...
s. Since both TCP and UDP include fields limited to 16 bits (length, urgent data pointer), support for IPv6 jumbograms requires modifications to the transport layer protocol implementation. Jumbograms are only relevant for links that have a MTU larger than octets (more than octets for the payload, plus 40 octets for the fixed header, plus 8 octets for the ''Hop-by-Hop'' extension header). Only few link-layer protocols can process packets larger than octets.


Fragmentation

Unlike in IPv4, IPv6 routers never fragment IPv6 packets. Packets exceeding the size of the
maximum transmission unit In computer networking, the maximum transmission unit (MTU) is the size of the largest protocol data unit (PDU) that can be communicated in a single network layer transaction. The MTU relates to, but is not identical to the maximum frame size that ...
(MTU) of the destination link are dropped and this condition is signaled by a ''Packet too big''
ICMPv6 Internet Control Message Protocol version 6 (ICMPv6) is the implementation of the Internet Control Message Protocol (ICMP) for Internet Protocol version 6 (IPv6). ICMPv6 is an integral part of IPv6 and performs error reporting and diagnostic func ...
message to the originating node, similarly to the IPv4 method when the ''Don't Fragment'' bit is set. End nodes in IPv6 are expected to perform
Path MTU Discovery Path MTU Discovery (PMTUD) is a standardized technique in computer networking for determining the maximum transmission unit (MTU) size on the network path between two Internet Protocol (IP) hosts, usually with the goal of avoiding IP fragmentati ...
to determine the maximum size of packets to send, and the upper-layer protocol is expected to limit the payload size. If the upper-layer protocol is unable to do so, the sending host may use the ''Fragment'' extension header instead. Any data link layer conveying IPv6 data must be capable of transmitting an IP packet containing up to 1,280 bytes, thus the sending endpoint may limit its packets to 1,280 bytes and avoid any need for fragmentation or Path MTU Discovery.


Fragmenting

A packet containing the first fragment of an original (larger) packet consists of five parts: the per-fragment headers (the crucial original headers that are repeatedly used in each fragment), followed by the ''Fragment'' extension header containing a zero Offset, then all the remaining original extension headers, then the original upper-layer header (alternatively the ESP header), and a piece of the original payload. Each subsequent packet consists of three parts: the per-fragment headers, followed by the ''Fragment'' extension header, and by a part of the original payload as identified by a Fragment Offset. The per-fragment headers are determined based on whether the original contains ''Routing'' or ''Hop-by-Hop'' extension header. If neither exists, the per-fragment part is just the fixed header. If the ''Routing'' extension header exists, the per-fragment headers include the fixed header and all the extension headers up to and including the ''Routing'' one. If the ''Hop-by-Hop'' extension header exists, the per-fragment headers consist of only the fixed header and the ''Hop-by-Hop'' extension header. In any case, the last header of the per-fragment part has its ''Next Header'' value set to to indicate that a ''Fragment'' extension header follows. Each ''Fragment'' extension header has its ''M'' flag set to (indicating more fragments follow), except the last, whose flag is set to . Each fragment's length is a multiple of 8 octets, except, potentially, the last fragment. The per-fragment headers were historically called the "unfragmentable part", referring to pre-2014 possibility of fragmenting the rest of the header. Now no headers are actually fragmentable.


Reassembly

The original packet is reassembled by the receiving node by collecting all fragments and placing each fragment at its indicated offset and discarding the ''Fragment'' extension headers of the packets that carried them. Packets containing fragments need not arrive in sequence; they will be rearranged by the receiving node. If not all fragments are received within 60 seconds after receiving the first packet with a fragment, reassembly of the original packet is abandoned and all fragments are discarded. If the first fragment was received (which contains the fixed header) and one or more others are missing, a ''Time Exceeded'' message (
ICMPv6 Internet Control Message Protocol version 6 (ICMPv6) is the implementation of the Internet Control Message Protocol (ICMP) for Internet Protocol version 6 (IPv6). ICMPv6 is an integral part of IPv6 and performs error reporting and diagnostic func ...
type 3, code 1) is returned to the node originating the fragmented packet. When reassembling node detects a fragment that overlaps with another fragment, the reassembly of the original packet is aborted and all fragments are dropped. A node may optionally ignore the exact duplicates of a fragment instead of treating exact duplicates as overlapping each other. Receiving hosts must make a best-effort attempt to reassemble fragmented IP datagrams that, after reassembly, contain up to 1500 bytes. Hosts are permitted to make an attempt to reassemble fragmented datagrams larger than 1,500 bytes, but they are also permitted to silently discard any datagram after it becomes apparent that the reassembled packet would be larger than 1,500 bytes. Therefore, senders should avoid sending fragmented IP datagrams with a total reassembled size larger than 1,500 bytes, unless they have knowledge that the receiver is capable of reassembling such large datagrams.


Security

Research has shown that the use of fragmentation can be leveraged to evade network security controls. As a result, in 2014 the earlier allowance for overflowing the IPv6 header chain beyond the first fragment became forbidden in order to avoid some very pathological fragmentation cases. Additionally, as a result of research on the evasion of Router Advertisement Guard, the use of fragmentation with Neighbor Discovery is deprecated, and the use of fragmentation with
Secure Neighbor Discovery The Secure Neighbor Discovery (SEND) protocol is a security extension of the Neighbor Discovery Protocol (NDP) in IPv6 defined in RFC 3971 and updated by RFC 6494. The Neighbor Discovery Protocol (NDP) is responsible in IPv6 for discovery of othe ...
(SEND) is discouraged.


References

{{IPv6 Packets (information technology) IPv6