IPv6

IPv6: How Windows generates Link-Local Addresses (EUI-64)

In articles, blogs and forums I often read that Windows forms the IPv6 address from the MAC address. This process is called EUI-64, and the assumption that Windows (Vista and above) use EUI-64 is wrong. We can activate the EUI-64 process, but by default Windows uses a random value for generating IPv6 Link-Local Addresses.

EUI-64 (64-Bit Extended Unique Identifier)

Let’s take a look at a Cisco router. The IPv6 address of this router is calculated from the MAC address of the interface.

The MAC address is split into two parts and then FFFE is inserted in the middle of these two parts. Left and right of FF: FE are the parts of the MAC address of the interface.

Unbenannt.PNG

Windows (Windows Vista and above)

Windows operating systems don’t use EUI-64. The IPv6 address is calculated by using a random value. The MAC address has no influence on this. The lack of FFFE indicates that EUI-64 is not used. Here’s an example of a random generated IPv6 Link-Local Address.


Get-NetIPConfiguration | Select-Object IPv6LinkLocalAddress

Unbenannt.PNG

The setting is called RandomizeIdentifier and it’s enabled. The %2 at the end is the interface number of the network card.

Run Get-NetAdapter to show the ID of your network card. You’ll find it.


Get-NetAdapter

2.PNG


Get-NetIPv6Protocol

Unbenannt.PNG

If you want to change this simply set the RandomizIdentifier to Disabled.


Set-NetIPv6Protocol -RandomizeIdentifiers Disabled

Unbenannt.PNG

Now your computer uses EUI-64. Pay attention to ff:fe.


Get-NetIPAddress -AddressFamily IPv6 -InterfaceAlias "Ethernet" -PrefixOrigin Wellknown | Select-Object IPAddress

Unbenannt.PNG

The U/L Bit

As we can see, however, the parts that should be identical (MAC Address and IPv6 Address) are not exact identical. The leading zero in the IPv6 Address was removed. This is the default setting. There’s a difference in the second bit:

Unbenannt.PNG

The IPv6 address is thus not simulated 1:1. The differing bit is called U/L bit. It’s reserved for future technologies. Why it is as it is, can be found here:

https://supportforums.cisco.com/document/100566/understanding-ipv6-eui-64-bit-address

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s