IPv6 Subnetting – General Procedure

First off, because I know most of us are coming from the IPv4 world, I want to state a couple of things from IPv4 subnetting that we must UNLEARN and forget in order to grasp IPv6 subnetting.

  1. Why we subnet: In IPv4, we usually subnet to conserve addresses (“I can’t waste an entire /24 on a point to point link”). In IPv6 we subnet to optimize our network either for security (“I want all Finance department devices to be on their own subnet”, so we can write simple ACLs for accessing that subnet) or routing (“I want everyone on the same floor or a portion of it to be in the same subnet” – so we can have a single route entry for an entire floor or building thus keeping out routing tables small). Address conservation is not factor in IPv6 subnetting – if you allocate /64s to all your LANs, there’ll always be enough host addresses per subnet.
  2. There is no VLSM, only SLSM: To conserve addresses in IPv4, we use variable length subnet masking (VLSM) – so we’d take a prefix, cut it up and give /30s to point to point links, /25s to small LANs etc. In IPv6, again we don’t need to conserve space, so we assign and use the same prefix lengths (the IPv6 equivalent of a subnet mask) – this will be what we know in the IPv4 world as “same length subnet masking” (SLSM)
  3. Think in terms of subnets and not hosts: Again as we are using /64 subnets, we have enough addresses for hosts so we never really need to calculate the “number of hosts per subnet”. In IPv6 subnetting, we are concerned mostly about the number of subnets.

The general IPv6 subnetting problem has the following variations:

  • Given a specific prefix of length l, how many sub-prefixes of length l’ are there in the given prefix? and what are these prefixes?
  • Given a specific prefix of length l, you are required to break it up to fit a certain number of networks (N)
 

Definitions


  • Mother prefix: this is the prefix that you are going to subnet. It’s prefix length is L. You would get this from the problem set or in practice, as the prefix allocated to you by the RIR or your ISP.
  • Sub-prefixes: these are the component prefixes that you get from subnetting the mother prefix. They have a prefix length (designated L’) such that  L’ > L always. We find the sub-prefix lengths (L’) either directly (e.g. how many /52s are there in the /48 that I got from my ISP?) or from the situation we are facing (I have this /32 prefix that I need to divide equally amongst 700 POPs)
  • Subnet bits (s): in each variation of the IPv6 subnetting problem, you will need to find the number of bits of subnetting needed to give either the sub-prefix length or the number of subnets required.
  • Hexit: a single hexadecimal character (0 – 9 , a – f). A hexit is four bit or a nibble.
 

General procedure


[a] Find the number of subnet bits

  • Given both the mother-prefix length and the subnet prefix lengths, then s = L’ – L
  • Given the number of subnets (N), calculate s from the formular 2^s >= N
  • Mathematically, s = log N / log 2 (the answer is rounded up to the next integer)

[b] Find the number of subnet (or interesting) hexits

  • A hexit is a single hexadecimal character and the subnet hexits are those that will change for each of sub-prefixes.
  • Knowing that 1 hexit = 4 bit and having found the number of bits required then
  • Number of subnet hexits = s/4 (round it up to the next integer)
  • Note: If s/4 is an integer, then it means that the hex values for each of the hexits for the last subnet will be “F”.
  • If s/4 leaves a remainder, then the rightmost hexit will not end in something other than an “F”.
  • For simplicity in subnetting and address planning, it is recommended to always work with nibble boundaries (multiples of 4) so that we have clean hexit boundaries.

[c] Find the ‘Increment’ or ‘Block’

This is a constant which is the numerical difference between each of the subnet numbers. Progressive ‘subnet hexits’ are multiples of the ‘Increment’ or ‘Block’

The block B = 2^(16 – L’%16) – the modulo operation % simply takes the remainder and ignores the quotient of the division

[d] Enumerate the subnetIDs

Knowing your subnet prefix length, subnet hexits and block, your subnet IDs form a simple arithmetic progression with initial term 0 and common ratio = Increment

Generally the nth term of an arithmetic progression is: a(n) = a(0) + (n-1)d

Starting from the zeroth subnet i.e. a(0) = 0000 then we have a(n) = (n-1)d

Specifically, to find the last subnetID

  • First find the total number of possible subnets: S = 2^s
  • Last subnetID = a(S) = (S-1)d
  • IMPORTANT! The result above is in decimal so we must convert the result to hex. We an also convert S and d to hex and then work directly in hex.

Our subnets then will be of the general form –  mother:prefix:subnetID::/L’

It is really that simple but “the devil” as they say, “is in the details”. So let’s go search for the devil with an example (and hope he doesn’t demand our souls for the honour):

Worked example


Given the prefix 2001:db8::/32, we need to carve it into 900 sub-prefixes.

This problem gives us the number of required subnets so we’ll have to find the subnet bits. The simpler variation is when we are given the subnet prefix length.

Step #1: Finding the number subnet bits (s) are required

2^s >= 900. So s = (lg 900) / (lg 2) = 10 (rounded up to the nearest integer)

Thus in order to get 900 sub-prefixes, we need at least 10 bits of subnetting. (In fact 10 bits will give us 1024 (2^10) networks but 9 bits will give us 512 which doesn’t meet our requirement)

Now, 10 bits of subnetting means that the sub-prefixes will have a length (L’) of 32 + 10 = 42

Step #2: Finding the number of ‘Subnet Hexits’

Knowing that we need to do 10 bits of subnetting and 4 bits = 1 hexit, then

Therefore 10bits give us 10/4 = 2.5 hexits. We round this to 3 hexits.

The fraction simply means that hexit will vary from 0 and not get through to the top of the hex range i.e. ‘f’

Thus our sub-prefixes will be of the form: 2001:db8:HHH0::/42 (the first two ‘H’s going from 0 – f and the last one ending at some yet-to-be determined value). Again this is another reason to work with nibble (4 bit) boundaries, we avoid all this ‘mess’ and all hexits will change cleanly from 0, 1, 2, 3, 4 … up to f.

Step #3: Finding the Increment (or Block B)

B = 2^(16 – L’%16) = 2^(16 – 42%16) = 2^(16-10) = 2^6 = 64

The hexadecimal equivalent of 64 is 0x40

Step #4: Enumerating the subnetIDs

The general subnetID is given by either one of the following:

  • subnetID(n) = 64(n-1)         [decimal – so we must convert the final result to hex ]
  • subnetID(n’) = 40(n’-1)       [where n’ = hex equivalent of n]

Particularly, we want to find the subnetID of the last subnet (we would not need to do this if the subnet prefix fell on a nibble boundry), of which we know there are 1024 (since we calculated that we needed 10 bits to satisfy the design requirement)

So the 1024th subnetID is:

a(1024) = 64(1024 – 1) = 64(1024-1) = 1023(64) = 65472 which in hex is ffc0.

Alternatively, working in hex and knowing that 1024 = 0x400, we could also have

a(400) = 40(400-1) = 3ff(40) = ffc0

So then our last subnetID is : 2001:db8::/42 to 2001:db8:ffc0::/42

We can also find any arbitrary nth subnetID e.g the 243rd one:

a(243) = (243-1)x64 = 242 x 64 = 15488 = 0x3C80 which gives us prefix 2001:db8:3c80::/42 or in hex

a(f3) = 40(f3-1) = 40(f2) = 3C80 which gives us the same answer. [knowing that 243 = 0xf3]

Conclusion and getting real


While I enjoy the intellectual stimulation of knowing how to work this out, I think network engineers should use a good tool to do subnetting in IPv6 after understanding the basics. For a quick technique for doing subnetting of up to 16 subnets in your head, read this post. For anything more complicated, I’d resort to the myriad of tools out there. Apart from the “TheMaskU” iPad app which is really useful, my favorite and preferred is the open source sipcalc. To use these tools well, you need to understand how to find the number of subnet bits and derive the sub-prefix length from it. Our example in sipcalc will be solved as follows:

1
<br />$ sipcalc 2001:db8::/32 --v6split=42 | more<br />-[ipv6 : 2001:db8::/32] - 0<br /><br />[Split network]<br />Network                 - 2001:0db8:0000:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:003f:ffff:ffff:ffff:ffff:ffff<br />Network                 - 2001:0db8:0040:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:007f:ffff:ffff:ffff:ffff:ffff<br />Network                 - 2001:0db8:0080:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:00bf:ffff:ffff:ffff:ffff:ffff<br />Network                 - 2001:0db8:00c0:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:00ff:ffff:ffff:ffff:ffff:ffff<br />Network                 - 2001:0db8:0100:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:013f:ffff:ffff:ffff:ffff:ffff<br /><br />Network                 - 2001:0db8:fc80:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:fcbf:ffff:ffff:ffff:ffff:ffff<br />Network                 - 2001:0db8:fcc0:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:fcff:ffff:ffff:ffff:ffff:ffff<br />Network                 - 2001:0db8:fd00:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:fd3f:ffff:ffff:ffff:ffff:ffff<br />Network                 - 2001:0db8:fd40:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:fd7f:ffff:ffff:ffff:ffff:ffff<br />Network                 - 2001:0db8:fd80:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:fdbf:ffff:ffff:ffff:ffff:ffff<br />Network                 - 2001:0db8:fdc0:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:fdff:ffff:ffff:ffff:ffff:ffff<br />Network                 - 2001:0db8:fe00:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:fe3f:ffff:ffff:ffff:ffff:ffff<br />Network                 - 2001:0db8:fe40:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:fe7f:ffff:ffff:ffff:ffff:ffff<br />Network                 - 2001:0db8:fe80:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:febf:ffff:ffff:ffff:ffff:ffff<br />Network                 - 2001:0db8:fec0:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:feff:ffff:ffff:ffff:ffff:ffff<br />Network                 - 2001:0db8:ff00:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:ff3f:ffff:ffff:ffff:ffff:ffff<br />Network                 - 2001:0db8:ff40:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:ff7f:ffff:ffff:ffff:ffff:ffff<br />Network                 - 2001:0db8:ff80:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:ffbf:ffff:ffff:ffff:ffff:ffff<br />Network                 - 2001:0db8:ffc0:0000:0000:0000:0000:0000 -<br /><%%KEEPWHITESPACE%%>                          2001:0db8:ffff:ffff:ffff:ffff:ffff:ffff<br /><br />

16 thoughts on “IPv6 Subnetting – General Procedure

  1. A striking advertisement deal for techxcellence.net,

    Hi,

    I want to buy text links on one page of your website. I can pay you $40 for one link. My link will will NOT be a spam link. The link will be 100% related to your content.

    Let me know if you have any questions or concerns.


    Best Regards
    James Rohloff
    jamesrohloff@gmail.com

  2. Hello
    thant you for this article
    I have a question please, you say that “our sub-prefixes will be of the form: 2001:db8:0HHH::/42 ” but in the result the last last subnetID is : 2001:db8::/42 to 2001:db8:ffc0::/42
    I think that the correct sub-prefixes is 2001:db8:HHH0::/42, ?
    best regards

    • Hello Zled,

      Thank God for readers like you that spot my mistakes and keep me honest. You are right, I have updated the post to correct the typo.

      Shu’kran again and have a wonderful day.

      • Every computer has an aderdss which is usually given out by dhcp (in most cases given by your router). A dhcp aderdss can change (usually every 7 days) so if you want to connect to a computer over a network you won’t be able to find it. This is where static ip aderdsses come in. A static ip aderdss is a fixed aderdss which doesn’t change. This means your computer will always have the same aderdss which makes it easier to find. So you don’t need a static aderdsses for everyday use but you will need one if you intend to access data across a network.

  3. How often is it happening? Could it be phnniog home to check for firmware updates? Unlikely I know as it’s probably just a UDP broadcast, but perhaps possible.The other thing that springs to mind is that it’s simply advertising itself for some, perhaps, un-documented ability to share?

  4. I think there is a typo… in #2 finding the # of hexits, the last line has
    ‘mess’ and all hexits will vary cleanly from o – f.
    I think the letter o should be replaced with 0 (zero) for clarity.. I knew what was meant.

Leave a Reply