Introduction
Call it emotional attachment to IPv4 or whatever you like, but recently I have become more and more interested in finding and easy way to subnet IPv6 prefixes in my head like we are used to doing in IPv4. This post expands on an idea I picked off of the NANOG mailing list.
The method presented here is for the quick subnetting in your head, which you should get by practice. So it works well for a small number of subnets (16 max) but can be expanded for any number of subnets. However if you have to deal with more than 16 subnets, it is certainly more efficient to use any of the several IPv6 calculators out there (my favourite is sipcalc – a command line tool).
This method helps you answer the question: “Given the prefix PPPP/Y, what are the sub-prefixes of length /Z (where Z > Y) that can be gotten from it?“
I assume that you understand the fundamentals of IPv6 addressing, very basic binary and hex math. I also assume that you know how to arrive at the value Z from an analysis of your network design or requirements.
Definitions
- Hexit – a single hexadecimal digit (0 – 9 , a – e). A hexit is made up of 4 bits.
- Hex grouping – each of the groups of hexits of an IPv6 address that are separated by colons.
- Defining hexit – the hexits that change for each subnet but stays the same for the same subnet. Think ‘interesting octet’ from IPv4 subnetting days. You could simply look it up from the following table.
The bit ranges that define various IPv6 hexits
- Parent prefix – the original prefix to be subnetted in prefix/length format.
- Y = prefix length of original prefix
- Z = prefix length of subnets of original prefix
The Procedure
Calculate the following parameters
-
Number of subnetting bits: x = Z – Y
-
Number of subnets possible with x bits: S = 2^x
-
Number of hexits represented by the x bits: h = x/4 (this should be rounded up to the next integer)
For a given number of subnet bits (x), the defining hexit for each subnet will increase in value according to the increment, from hexadecimal zero (0) to “e” as shown in the table below. Note that the ‘definining’ hexit(s) is simply the one after the boundary hexit (that defined by original prefix length Y.
IPv6 Quick Subnetting Cheatsheet
Examples
[a] Subnet 2001:db8::/32 into /36s
-
Subnetting bits (x) = 36 – 32 = 4 (these will give us 16 [i.e. 2^4] subnets.
-
Number of hexits represented by 4 bits = 4/4 = 1
-
From the table, the defining hexit should increment by 1 with discrete hex values 0 – f.
-
Thus our subnets are:
2001:db8:0000::/36 2001:db8:1000::/36 2001:db8:2000::/36 2001:db8:3000::/36 2001:db8:4000::/36 2001:db8:5000::/36 2001:db8:6000::/36 2001:db8:7000::/36 2001:db8:8000::/36 2001:db8:9000::/36 2001:db8:a000::/36 2001:db8:b000::/36 2001:db8:c000::/36 2001:db8:d000::/36 2001:db8:e000::/36 2001:db8:f000::/36
[b] As a small end site, you received the 2001:db8:c001:ba00::/56 assignment from your ISP, and you have 3 main office locations you want to divide this block between. Find these 3 subnets.
-
Number of subnets required = 3
-
Subnetting bits (x) such that (2^x) >=3 , x = 2 (this will actually give us 4 subnets of equal prefix length). Also the prefix length of our subnets will be 58 (56+2)
-
Number of hexits represented by 2 bits = 1
-
From the table, the defining hexit should increment by 4 with discrete hex values 0, 4, 8, c.
-
Thus our subnets are:
2001:db8:c001:ba00::/58 2001:db8:c001:ba40::/58 2001:db8:c001:ba80::/58 2001:db8:c001:bac0::/58
Thanks a lot….I think I’ll need to read this 5 or 7 times
Best document I have come across for ipv6 subnetting..Thanks a lot for sharing this post….
amazing Good Article ,the people just like u hard things can learn easy too.Great man,i also confuse regarding about IPv6 now i can get some of idea about this appreciate ,well-done.
The quickest way to uesardtnnd subnetting is that subnetting is a binary AND operation of all the octets in your IP address with the subnet mask. subnet binary 255 (11111111) always allows the octet to pass thru and becomes the same number in the network address. performing an AND operation if the mask octet is less that 255 will yield a consistent number that will become the lowest number of the network address octet. A smaller mask octet number will yield a wider network range for the chosen IP address, and this number range is 256 minus the mask octet. For example, a mask of 255.255.254.0 will yield a 2 x 255 address range for the chosen IP address. Lowest number in the range is the network address and the highest is the broadcast address.
Thanks a lot for explanation! Very fast and easy method!
Your example A suffers from incorrect syntax. The significant character in a /36 address is the 9th character, so the correct addresses for your /36 subnets within the specified /32 are:
2001:0db8:0000::/36
2001:0db8:1000::/36
2001:0db8:2000::/36
2001:0db8:3000::/36
…and so forth. I suspect you know that; however, you compressed the example incorrectly. You MUST NOT use the double colon to remove trailing zeroes from within a 4-character section; the double colon is only to summarize entire sections of zeroes. If there are fewer than 4 characters in a section, the missing characters are always leading zeroes, not trailing zeroes, even if followed by a double colon.
So the numbers you posted in your example:
2001:db8:0::/36
2001:db8:1::/36
2001:db8:2::/36
2001:db8:3::/36
…actually mean something else entirely:
2001:0db8:0000::/36
2001:0db8:0001::/36
2001:0db8:0002::/36
2001:0db8:0003::/36
…which is nonsense; those are different /48 ranges all within the same /36.
Thank you Gabriel for pointing it out. You are absolutely correct, my shortening is wrong. I will update the example asap.
Gabriel, you are absolutely WRONG, you seem to edit the 40th bit for /36. can you re-check your a calculations once again??
your examples makes a little clear I want to know that if we need more than 16 subnets then how can I use this method
You certainly can but I just don’t see the point, for more complicated stuff, i’d just use sipcalc or some other tool. However as an academic exercise, i will extend the examples to larger number of subnets. ;-)
Hi,I got some idea about Cisco ipsec vpn from your posts. But I still can not find the answer. I need craete an ipsec tunnel between home and warehouse. Juniper SSG5 is put at home and a cisco ASA is put at warehouse.I build a remote access tunnel at ASA side. It is working fine if access server at warehouse from home.But I also need to access a server at home from warehouse. It can not using cisco remote access vpn. I can not use cisco site to site vpn because home side has no static ip. Can you please give me any suggestions?Thanks,Yan
The best IPv6 subnetting tutorial in the Internet! Thanks for the effort for putting this together!
-Kaustubh
Thanks Kaustubh!! ..glad you found it useful
Mukom is a great teacher, i attended your class this week in Gambia, but the way you explain it here is much easier to understand than in class, or my i like to read things at my private space. but really good you did. Mohamed Faye Qcell
Thanks Mohammed … am beginning to think I should just give the short version in class and refer everyone to this blog for details!
Great example! Well done. One thing I would add would be a calculation ot the increments. I would rather have a way of calculating them than remember a chart. the values for “x” and the number of subnets can be caqlculated. Your example use a the chart to return the descrete values for the defining hexit. If you take 16 and divide it by the number of subnets you get an increment value that looks (to me) much like the “magic number” in an ipv4 calculation. For example if I was building 4 subnets as in example [b] my increment would be 16/4=4, and my discrete values would be 0,4,8,c(12). I realize that I am coming up with the same values but the less I have to memorize the happier I am. Again GREAT example! Well done!
Michael Schindler
Thanks MIchael, your suggestion is correct, the ‘magic number’ or ‘block’ (from v4-speak) is simple 16/(subnets), then you add till you hit 16 (in hex of course). I actually have a more detailed post about a pedantically long way to subnet in IPv6 at http://techxcellence.net/2012/04/03/ipv6-subnetting-general-procedure/ which has a procedure to calculate everything!
Nice Video The full and final version is 3 hours and is desgined for the 2009 CompTIA Network+ Exam. The course uses animation for better and easier learning. That You Share , So Very Nice Thanks You
Great explanation.
One question
In your /32’s to /36’s example you’ve left out, 2001:db8:9000::/36 which I assume is a oversight.
But you’ve also left out
2001:db8:f000::/36
Is there a reason for this?
Ooops (I did it again) … the :9000 and also :f000 were omissions. There should be 16 subnets i.e. 2^4. Thanks for pointing them out … and thank God for readers like you show keep me honest.
Did u update this yet????
zijO56 fxxouovxfzjh
Very good
I dont understand “Number of hexits represented by 2 bits = 1 and increment by 4″ compared to “Number of hexits represented by 4 bits = 4/4 = 1 and increment by 1″. Both equals 1 but once is incremented by 4 while the other is incremented by 1
Hello,
(a) The calculation (number of subnet bits)/4 gives you the number of hexits. This helps you find the ‘interesting’ hexit i.e. that one that will change from one subnet to the next.
(b) How much will the interesting hexit change? …by the increment which you look up from the table. If you want a more detailed subnetting procedure, check out http://techxcellence.net/2012/04/03/ipv6-subnetting-general-procedure/
Appreciate your fast reply but I still dont get it.
In the first example: 4/4 = 1 which makes the incrmeent of 1
In the second example 2/4 = 1 but the increment is 4?
Why in example 1 and 2 both resulting in 1 but the increment in different? I am kinda slow, sorry if raking your time.
The increment is NOT the result of the operations you are looking at. You do the operation then use the result to get the increment from the table.
Hey thanks , I got it already.
Could you explain about the table the one that has “The bit ranges that define various IPv6 hexits” underneath it. I am trying to understand
1. The area where the box is colored green , brown , yellow and blue?
2. how you derived the number 1,5,9 and 13?
(1) Each colour band represents a group of 4 hexits (or 16 hexits total). Notice that each is separated by a colon “:”
(2) Knowing that each hexit is four bits, the first hexit is starts from bit 1 – 4, the next hexit is represented by bits 5 – 9 etc.
I hope this helps.
See http://www.sput.nl/internet/cidr-routing.html and scroll to the bottom you’ll find table for /64 /60 /56
If you look at the Fourth Hexit it is the key to subnet address range each subnet being a successive up to 64 filled bits on the right with an increment in the fourth hexit to the next subnet range.
/64 is only one subnet 0000::: to 1111:1111:1111:1111
/60 is fff0 to ffff = 16 subnets see 4th hexit ie fff1 fff2 fff3 fff4 fff5 to ffff
/56 is ff00 to ffff = 256 subnets see 4th hexit is ff01 .. ffc5 …ffd6 …. ffff
Sorry in last comment I meant /64 is 0000::: to ffff:ffff:ffff:fff, as in all binary 1s filled in right most 4 hexits with fourth hexit ffff — very similar to a 255.255.255.0 IPV4 mask
Very good way to explain this. However, I do not know if we can call a “subnet” something with a prefix < /64. One /36 for example is not a subnet in IPv6. It is a group of 2^28 /64s.
Hi Carlos, I use ‘subnet’ here in the context of part of a network. If you’d rather you could also call it sub-prefix. Taking your example while a /36 is a supernet of several longer prefixes, it is also a subnet of a /32 for example. Network is not only /64.
Another Cheat Sheet for doiing IPV4 also: – http://www.aelius.com/njh/subnet_sheet.html
I think the tables are the easiest way. Also if you want to do the math you can use the programmer view on your computer’s calculator.It has hex,decimal and binary with logical operators. Loved the algebra in the examples, I checked and gave me Network Id when ANDED so should work.
In the /58 Example you could I think maybe use the same figures to nest a parent subnet as in
2001:db8:c001:ba00::/58 t
2001:db8:c001:ba40::/58
2001:db8:c001:ba80::/58
2001:db8:c001:bac0::/58
If you put 0 4 8 and C behind 0 4 8 C you get 4 subnets with 4 subnets to each one
2001:db8:c001:b000::/58
2001:db8:c001:b440::/58
2001:db8:c001:b880::/58
2001:db8:c001:bcc0::/58
I think you can do that ?
In previous comment no you cant do that as it is a provided fixed Global Id which you cant nibble at on that side. You can on the other side though but youd have to move your mask along another C – 1100 or F – 1111 to cut to the network id for routing.etc
Does anyone know if its OK if you want keep your IPV4 schema can you use the last 32 bits and use your IPV4 addresses converted to Hex in your new IPV6 schema. Is IPV6 limited only to subnetting within the fourth Hexet ? Is VLSM allowed ? It just seems like too many host ids for efficient hopping and routing using addresses past the fourth hexet so why not use the last 32 bits with hex conveted IPV4 addresses.It would make migrating IPV4 to IPV6 so easy if you could…
Yes that is possible. So if your webserver is 192.0.24.28, you can have your IPv6 address for the same web server as 2001:db8::192.0.24.28. Note that in this case the 192 in the v6 address is not equal to the 192 in the v4 address but once you do this, you can simply look at the v6 address and correlate it to your IPv6 space. Of course you can only this when you are manually configuring addresses. I am not aware of any hacks to make that work in SLAAC or DHCPv6
Maybe Microsoft should create a DHCPv6 service for it to encourage using IPV6 from IPV4. Surely its much more efficient than using the fouth hexet and having thousands of unused host-ids to hop along. I
Nice post
Thank you
Hello there, I discovered your web site by means of Google att the same time
as looking for a similar topic, your site came up, it seems to be good.
I have bookmarked it inn my google bookmarks.
Hi there, simply became alert to your wblog through Google, aand
located that it’s truly informative. I’m going to waatch out for brussels.
I wilol appreciate in case you continue this in future.
Numerous other people will be benefited out of your writing.
Cheers!
Pagerank Newswire and Enterprise Cable are classified as the market leaders, and thus, might be at night spending plan of the online business, but they offer you outstanding tips on crafting and utilize press announcments. Celebrity Evaluations includes a comparing data and opinions of many paid and free pr release submission companies. When you get mass media protection, request permission to share the item on your website..
Nouvel UGG 2014 http://www.cheapuggbootsfr.com/bottes-ugg-classic-short-sparkles
Thanks Geek. its very easy to understand & very helpful. Thanks again
Good post. I learn something totally new
and challenging on blogs I stumbleupon everyday.
It will always be exciting to read through content from other authors and practice something from other web sites.
Hello there! This post couldn’t be written much better!
Looking through this article reminds me of my previous roommate!
He constantly kept preaching about this. I’ll forward this information to him.
Pretty sure he’ll have a great read. Thanks for sharing!
It’s great to read something that’s both enjoyable and provides prgtdaaismc solutions.
I see a lot of interesting articles on your blog.
You have to spend a lot of time writing, i know how to
save you a lot of work, there is a tool that creates unique,
google friendly articles in couple of minutes, just search in google
– laranita’s free content source
Appreciate it to get expressing that with individuals you actually realize what you will be preaching about! Added. Please moreover check out my website Equates to). I will employ a hyperlink buy and sell agreement between people
At this time I am ready to do my breakfast, after having my breakfast
coming over again to read other news.
Very nice post. I jjust stumbled upon your weblog and woshed tto say that I have really enjoyed surfing around your blog posts.
After all I will be subscribing to your feed and Ihope you
write again very soon!
This post offers clear idea for the new people of blogging,
that genuinely how to do blogging and site-building.
Here’s a question: Why subnet with IPv6? Aren’t the chances of duplicate addresses so astronomical that we can just use DHCP?
thank you
Man, you are a genius, in few words you explained the concept in a very clear way.