An introduction to the IPv6 header and the fields inside it. Knowledge of the IPv6 header is necessary for any basic understanding of IPv6 and to do any troubleshooting.
The IPv6 header is larger in size than the IPv4 header, but contains fewer fields. Every IPv6 packet contains the IPv6 header and nothing is sent without it, unlike IPv4 where some packet type, e.g. ARP, is transported directly above Ethernet without an IP header.
The IPv6 packet compared to IPv4. Both are carried inside an Ethernet frame and has different Ethertype values to indicate the content. An Ethertype of hexadecimal 0800 defines a IPv4 packet inside and 86DD for IPv6.
The IPv4 header is 20 bytes long and IPv6 has the double size of 40 bytes, mostly because of the larger address size (16 bytes IPv6 address to 4 byte IPv4).
The mandatory fields in the IPv6 header is:
Destination Address: the target 128 bit IPv6 address of the packet, which could be an IPv6 unicast or multicast address.
Source Address: the sender IPv6 address, which could be the Link Local address or for example an Global Unique Routable address.
Hop Limit: The maximum number of router hops the packet is allowed to pass. Maximum 255, where each router decreases the value by one and if the counter reaches zero the router should destroy the packet and send an ICMPv6 packet Type 3 called “Time Exceeded“.
It should also be noted that the value of Hop Limit is set by the sending node. This could be either a specific default value of the operating system or delivered to a specific subnet through a Router Advertisement.
To show the default Hop Limit on a Windows host use the command:
netsh int ipv6 show global
Under General Global Parameters the Hop Limit value is displayed. If for any reason you would like to change the maximum Hop Limit use:
netsh int ipv6 set global defaultcurhoplimit=32
The “defaultcurhoplimit” could be between 1 and 255. Note that 1 would mean that each packet would be terminated at the first router.
Next Header: Due to the layered nature of networking each module (inside for example a single server) only knows how to interpret its private data and does not really “know” what is inside the payload there has to be some information on where to forward the packet content to. For example, in the Ethernet header this is called the Ethertype.
Next Header is the field in the IPv6 header that informs IPv6 what is actually carried inside its payload.
Some common values of the Next Header field is:
6 – TCP
17 – UDP
58 – ICMPv6
50 – IPsec ESP
The other fields in the IPv6 header is:
Payload length: 16 bits field holding the total size of the payload above the IPv6 header. This will by default allow a packet length of about 64 KB, which is way larger than the maximum frame size of 1518 in the Ethernet networks used today.
It is also possible to use even larger packet sizes than 64 KB by using the “extension header” Hop-by-Hop (Next Header = 0) allowing up to 4 GB payload. This is however very unlikely to be used due to the maximum Ethernet frame size being 1518 byte and both TCP and UDP has maximum payload sizes of 64 KB.
Flow Label: 20 bits reserved originally to be able to handle real time applications, normally not used.
Traffic Class: 8 bits field, which is divided into 6 bits for packet priority classes and 2 bits for ECN – Explicit Congestion Notification. This field will be explored further in a later blog post.
Version: 4 binary bits indicating the IP version. This is in a way already known through the value of the Ethertype Field in the Ethernet header, but exists also in the layer three IP header. The bit combination 0110 is the value for IPv6.
One thing to note is that the IPv6 header does not contain a header checksum like the IPv4 header does. This gives two notable effects:
1. IPv6 depends on higher level protocols to provide the checksum handling necessary and does not “protect” itself.
2. Since the Hop Limit field is changed on every router hop, just like the Time-To-Live field in IPv4, the router does not have to recompute this checksum for each packet passed through the router interface. For IPv4 packets this needs to be done for every single packet, since the decreased TTL field changes the content of the IPv4 header and by that needs a new checksum calculated and inserted into each packet. The removal of the Checksum field in IPv6 could lower some processing work on busy routers.
Further articles will continue to explore the workings of IPv6.
Hi Rickard.
I know you love the cmd 😉
But an modern alternative to netsh would be Powershell.
You could use Get-NetIPv6Protocol to list values or Set-NetIpv6Protcol to change any value.
Thank you for your comment Lasse. You are very correct that the commands are available through Powershell as well and I might also add these to the article above.
As for the somewhat “old school” way with the netsh commands the main value for me is that these will work on any server newer than Windows 2003 out there. 🙂
Regards, Rickard