Getting Started

Before you ask for Internet Protocol version 6 (IPv6) addresses, you need to have some idea of how many to ask for. If you have not already done so, please review the Basic Information topic in the IPv6 Address Plans article in the Network Management section.

If you already understand the difference between Provider Assigned/Provider Aggregatable and Provider Independent addresses, you can skip to the Nature of Your Organization section below.

As described in this article on The Headache of IPv6 Readdressing:

Provider Assigned or PA (sometimes referred to as Provider Aggregatable), is IPv6 address space that is registered (with a Regional Internet Registry (RIR) and effectively owned by an Internet Service Provider (ISP). Such IPv6 address space is designed to remain with that service provider. It is address space that you borrow as part of your service agreement for your Internet circuit and the agreement states that you will return that address space to the provider once the relationship is terminated. Even so, there are no guarantees that the address space they provide you will remain with you for the lifetime of your agreement either. They may change the IPv6 addresses they provide you if your office moves, if they change your service delivery method, if you upgrade your circuit, or if they have some maintenance or other reason to change what IPv6 address ranges they can hand out to a customer in a given geographic region. The simple thing to understand about PA address space is that it isn’t truly yours, you are just borrowing some from your ISP. Eventually you will have to give it back.

Contrast this to Provider Independent or PI, which is IPv6 address space that has been allocated to your organization from one of the five RIRs: American Registry for Internet Numbers (ARIN), Réseaux IP Européens Network Coordination Centre (RIPE NCC), Asia Pacific Network Information Centre (APNIC), Latin America and Caribbean Network Information Centre (LACNIC) or African Network Information Centre (AFRINIC). Because this IPv6 address space is allocated directly to your organization it stays with you (so long as you pay your modest ARIN dues), regardless of which service provider you are utilizing at any given time. You can change your service provider, add additional service providers and even peer with other corporations and not have to change your IPv6 address space. This is obviously the more optimal configuration if you can do it. To use PI address space you also need to have an Autonomous System Number or ASN. The ASN is what allows you to peer with your ISP utilizing Border Gateway Protocol (BGP) so that you can participate directly in Internet routing (sending and receiving prefixes to the global routing table). This routing method is what allows you to advertise your specific IPv6 prefix out to the public Internet through one or more Internet providers.

Nature of Your Organization

Where you get IPv6 addresses from depends on the nature of your organization. Is your organization:

1. A Home or Small Office/Home Office or Small-Medium Business
2. A Large Enterprise
3. Part of the United States (US) Department of Defense (DoD)
4. Part of another US Federal government organization
5. A US State government organization, or
6. A University, College, or other educational institution?

1. A Home or Small Office/Home Office or Small-Medium Business

If you are getting IPv6 addresses for your home, for a Small Office/Home Office (SOHO), or for a Small-Medium Sized Business (SMB) with only one Internet connection point, then

1. If your current ISP is listed in Available IPv6 Internet Service Providers (ISPs) and Networks article in the IPv6 and IoT Frequently Asked Questions section, contact them to see if they can provide you with IPv6 PA addresses and IPv6 Internet connectivity.
2. Otherwise, you will probably need to get PA IPv6 addresses from a new ISP after confirming that your current ISP is unable to provide IPv6 service to your location. Review this article for additional background information and this article as well as this article for some questions to ask any potential ISP.

2. A Large Enterprise

If you are getting IPv6 addresses for a large enterprise with multiple locations served by multiple ISPs, if your organization already has its own ASN, or if your organization has previously gotten IPv4 addresses directly from a RIR, then you will probably want to review this IPv6 Address Allocation and Assignment Policy document and then evaluate both:

1. Getting PI IPv6 addresses directly from one of the five RIRs. The RIR for North America is ARIN, and their procedures are documented here
2. Getting PA IPv6 addresses from each of your current ISPs or others if some of your current ISPs are unable to provide IPv6 service to some of your connection point(s).  Review this article for additional background information and this article as well as this article for some questions to ask any potential ISP

3. Part of the United States (US) Department of Defense (DoD)

If you are part of the US DoD, you will probably obtain IPv6 addresses in accordance with the DoD IPv6 Address Plan. Both the Address Plan and addresses can be obtained from the DoD Network Information Center (NIC) (Authentication Required). (The DoD NIC only issues addresses to those in the .mil domain.)

4. Part of another US Federal government organization

If you are part of some other US Federal government organization, you will probably get IPv6 addresses from the office of your organization’s Chief Information Officer (CIO). The points of contact for many non-DoD US Federal government organizations are listed in Part 1: United States Federal government (other than the DoD) organizations documents in the United States (US) IPv6 and IoT Policy, Guidance, and Best Practices article in the General Information section. If that office can’t help you, chances are you shouldn’t be using IPv6 addresses even if you can get them.

5. A US state government organization

If you are part of one of the US State governments that has deployed or is in the process of deploying IPv6 (including Arizona, Arkansas, Delaware, Florida, Idaho, Indiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Montana, Nebraska, New Hampshire, New Mexico, North Dakota, Oregon, South Dakota, Tennessee, Utah, Virginia, Washington, West Virginia, or Wyoming), then you will get your IPv6 addresses from your state CIO. The Washington State CIO provided these IPv6 Design Considerations. Some reasons why state governments are not planning to deploy IPv6 are also given in this 2016 letter from the National Association of State Chief Information Officers (NASCIO).

6. A University, College, or other educational institution

If you are part of some educational institution, the office of your institution’s CIO (who is not the Chief Instructional Officer) will probably either provide the IPv6 addresses or instructions on how to request them. As is the case with government organizations, if that office can’t help you, chances are you shouldn’t be using IPv6 addresses even if you can get them. 

Note: There is no shortage of material on the subject of Internet Protocol version 6 (IPv6) address plans. A google search for "IPv6 address plan" or "IPv6 address planning" returns about ten thousand results. The articles, presentations, and books referenced in topics 1 and 2 below provide an introduction to IPv6 address planning. Topics 3 - 7 below discuss specific aspects of IPv6 address planning.

This IPv6 Address Plans article contains 7 topics:

1. Basic Information
2. More Detailed Information
3. Voices of Experience
4. Internet Protocol Address Management (IPAM) software and Address Planning
5. Examples of Actual IPv6 Address Plans
    5.1 Examples from Organizations in the United States (US)
    5.2 Examples from Organizations Outside the US
6. IPv6 Subnet Planning
7. Tools That May Help 

1. Basic Information

As Internet Engineering Task Force (IETF) Request for Comments (RFC) 9099 observes;

A key task for a successful IPv6 deployment is to prepare an addressing plan. Because an abundance of address space is available, structuring an address plan around both services and geographic locations allows address space to become a basis for more structured security policies to permit or deny services between geographic regions.

This article and this more in-depth article introduce the organizational and technical challenges involved in IPv6 address planning, including a basic discussion of IPv6 subnet planning. For books on IPv6 address planning see part 3 of the IPv6 Training and Learning Information document in the IPv6 Training and Learning article in the Deployment section.

A word of caution: IPv6 address planning is not something that happens only once, and then you are done with it. After a network has transitioned from using IPv4-only to using dual-stack (both IPv6 and IPv4) or IPv6-only addressing, there will inevitably come a time when it will be necessary to transition the network from using that set of addresses to using yet another set of IPv6-only addresses. When that time comes, this article on The Headache of IPv6 Readdressing will become pertinent. This article emphasizes the need for careful consideration before enabling unique local addressing (ULA).

2. More Detailed Information

This article provides an informative discussion of the dramatic differences involved in IPv6 address planning compared to IPv4 address planning and expands on the cautions provided by an earlier article against the continued use of outdated IPv4 address planning practices. This series of articles in 3 parts (part1, part2, and part3) from ERNW Insinuator provides practical guidelines and considerations involved in IPv6 address planning. Marc Uebel of GestióIP provides an example of a hierarchical address plan.

This document and this presentation from Cisco Systems, Inc. provides additional guidelines and cautions about IPv6 address planning, while this presentation (based on earlier Cisco presentations) discusses the planning process from several viewpoints. This document from the Samenwerkende Universitaire Reken Faciliteiten network (SURFnet) group, this article from the Internet Society (ISOC), and this article from the Réseaux IP Européens (RIPE) Network Coordination Centre (NCC) (together with the Further Reading list of articles at the end) provide additional guidelines and examples to aid in IPv6 address planning and the IPv6 Framework for European Governments provides address planning guidelines in chapter 8 of Guidelines and Process: IPv6 for Public Administrations in Europe. This document from Oxford University describes their approach to allocation and management of IPv6 addresses at the university.

This American Registry for Internet Numbers (ARIN) IPv6 wiki IPv6 Addressing Plans article provides a collection of informal suggestions and guidelines for IPv6 address planning while the TeamARIN article, APNIC article, and Infoblox article provide suggestions and guidelines for service providers. This article from the African Network Information Center (AfriNIC) offers guidelines about what NOT to do during IPv6 address planning for homes and Small Offices/Home Offices (SOHO). RFCs 6177, 6883 and 7381 section 2.6, and this draft document updating RFC 6177 provide in-depth technical recommendations.

The Infoblox Inc. 6MAP wizard presentation and IPv6 Resources section of their IPv6 Center of Excellence web page provide links to additional IPv6 address planning tools and articles. Some of the tools are specific to Infoblox Inc products, but others can be useful in any IPv6 address planning effort. This Infoblox presentation (video available here) discuss an IPv6 Address Plan Case-Study.

3. Voices of Experience

A best practices document describes actions or practices that are known to produce good outcomes when followed. Presentations offering suggestions and best practices for IPv6 address planning based on their experience are provided by Ron Broersma, Defense Research and Engineering Network (DREN), Owen DeLong, Hurricane Electric, and Jeff Doyle, Jeff Doyle and Associates Inc. This ERNW Insinuator article (video available here) offers lessons learned during 5 years of hands-on address management on IPv6 networks.

4. IPAM software and Address Planning

This Frequently Asked Questions (FAQ) article answers questions about IPAM software. This paper discusses best practices when using IPAM software. This paper describes ways IPAM software can assist in IPv6 address planning. Several commercial and open-source IPAM programs for automating various aspects of planning, tracking and managing IPv6 addresses are available. One list of IPAM programs is available here. Another list of IPAM programs is available here (at the bottom of the page). Since 2012, Microsoft’s Windows server software includes an IPAM feature (see Part 3: IPv6 Static Addressing and DNSv6 in the Enabling IPv6 in Microsoft Windows Application Servers article in the Infrastructure section for more information). The NetDot and HaCi tools provide automated ways to collect, organize, and maintain IPv6 network addressing information once the resulting network is in operation.

5. Examples of Actual IPv6 Address Plans

5.1 Examples from Organizations in the US

One publicly available IPv6 address plan is this draft Veterans Affairs IPv6 Address Plan. Some lessons learned during the development of the Department of Veterans Affairs IPv6 address plan are available here. The IPv6 address plan used by the University of Pennsylvania is available here. The IPv6 address plan used by the University of Wisconsin-Madison is available here. The International Civil Aviation Organization IPv6 address plan is available here. The Department of Defense (DoD) IPv6 address plan is available here (Authentication required).

5.2 Examples from Organizations Outside the US

Documents describing Germany’s national IPv6 address plan and its administration are available: DEUTSCHLAND-ONLINE INFRASTRUKTUR IPv6 Reference Manual, and European Governments Enabled with IPv6 (GEN6) IPv6 Addressing Plans.  (The European 6NET project completed Jun 2005. It was followed by the 6DISS project which completed Sept 2007, and then 6DEPLOY and 6DEPLOY-2 (www.6deploy.eu) which completed Feb 2013.) 

Deliverables and Presentations under the Publications tab of the GEN6 website, which completed May 2015, provide additional material. The next European IPv6 project IPv6 Framework for European Governments which completed in 2018 provided examples of address plans as well as planning guidance in Guidelines and Process: IPv6 for Public Administrations in Europe and more generically in the tutorial A National-Level IPv6 Addressing Concept. Then came the European Union Internet Standards Deployment Monitoring project.

6. IPv6 Subnet Planning

Perhaps you need some help with your IPv6 subnet planning. One element of IPv6 address planning that is quite different than it was with IPv4 (and can be hard to understand just how different) is IPv6 subnet planning, as this article explains. Examples of different approaches to IPv6 subnet planning are given in this tutorial and this presentation. This excerpt from a book about IPv6 Address Planning by Tom Coffeen (referenced in part 3 of the IPv6 Training and Learning Information document in the IPv6 Training and Learning article in the Deployment section) discusses IPv6 subnet planning in detail. Best practices for IPv6 subnetting are given by these Best Current Operational Practices (BCOP) and Best Current Practices articles (these articles are quite similar but each provides a few additional pointers), as well as by this Réseaux IP Européens (RIPE) Network Coordination Centre (NCC) RIPE-690 IPv6 prefix assignment for end-users BCOP article. IETF RFC documents (RFC 3531 and RFC 5375) provide in-depth technical recommendations. This article provides a useful perspective on IPv6 subnet planning, plus pointers to some tools, while this article describes IPv6 subnet planning for Linux systems.

7. Tools That May Help

Each tool is a little different, so review the references below to see if one of them does what you are seeking.

The use of basic Microsoft Windows network testing command line tools (ipconfig, netstat, pathping, ping, route, and tracert) are explained in this article. The use of basic Unix/Linux network testing command line tools (ipconfig, mtr (my traceroute), netstat, pathping, ping, route, and traceroute) are explained in this article.

An extensive collection of tips on how to troubleshoot Internet Protocol version 6 (IPv6) network problems and of websites offering troubleshooting tools are available on the American Registry for Internet Numbers (ARIN) IPv6 wiki. Another collection of tips for IPv6 Troubleshooting for Residential ISP Helpdesks is available from the Réseaux IP Européens (RIPE) Network Coordination Centre (NCC). A collection of tools to perform troubleshooting is offered in the SI6 Networks IPv6 toolkit. A tutorial on Tools for Troubleshooting and Monitoring IPv6 Networks is available.

Microsoft offers tips on troubleshooting and testing network problems here, as does the University of New Hampshire InterOperability Lab here.

More troubleshooting techniques are described in the article Troubleshooting IPv6 Networks and Systems and presentation Troubleshooting Dual-Protocol Networks and Systems by Scott Hogg, who also wrote the article Mobile Apps for Troubleshooting IPv6. Also, Google’s Chrome browser used to be able to perform network troubleshooting, using its Tests tab as described in the IPv6 and Google Chrome article in the Applications section.

To verify that your network services (web, mail, DNS, NTP, and XMPP) are publicly available over IPv6, use the IPv6 Status Check script. IPv6 Status Check script may timeout while checking on the services that are available, if the servers are slow to respond. For an even more comprehensive test of your network services, try the International Computer Science Institute (ICSI) Netalyzr java script. (Note: The Netalyzr project ceased operation in Mar, 2019. This copy, archived in Feb, 2019, is still functional.)  Another way to thoroughly test the behavior of a website is by customizing the Google Analytics software (registration required) with the IPv6 Capability Tracker developed by the Asia Pacific Network Information Center (APNIC) Research and Development Labs.

If you need an external IPv6 website to verify basic IPv6 connectivity, try using ipv6.test-ipv6.com or ipv6test.google.com. Other websites and tools include:

• ip6.nl, www.whatismyv6.com, www.ipv6-test.com, ds.testmyipv6.com, and www.test-ipv6.com can be used to test IPv6 connectivity of your own system. (Notes: The www.ipv6-test.com and ready.chair6.net websites can also test IPv6 connectivity to your website. The www.test-ipv6.com website is available via IPv6-only as ipv6.test-ipv6.com and also via IPv4-only as ipv4.test-ipv6.com. The test-ipv6.com websites can also diagnose IPv6 packet fragmentation issues – under the “Tests Run” tab look at the “Test IPv6 large packet” result.)
• ip6.nl (enter a domain name and click on "start") and www.ipv6-test.com/ (click on "Website", enter a domain name and click on "Validate") can be used to test IPv6 connectivity of any website, as can Mozilla FireFox (after installing IPvFoo), Microsoft Edge (after installing and enabling IPvFoo), Opera (after installing IPvFoo), or Google Chrome (after installing IPvFoo). Don't expect these tools to provide identical results: ip6.nl tests the connectivity of a website using the open Internet, while the web browsers test the connectivity of a website using your local infrastructure.
• Network Tools provides useful utilities to test ping, trace, and DNS queries.
• www.ipv6-test.com can be used to test throughput. Commercial Internet Service Providers (ISPs) often maintain a website to test their own IPv6 throughput. Search for "speed test IPv6 [ISP name]" (without the square brackets) using any web search engine.
• The SMTP Email Test Tool at WebWiz can be used to test an IPv6 Mail Transfer Agent (MTA) server. Other tools are also available.
• Over at the MXToolbox website, the MX Lookup tool can be used to check the configuration of the MX records for your domain. Other tools are also available.
• Over at the EXPERTE website, several tools that can be used to check security features of websites are available, including the DNS Check tool which checks multiple security settings.
• IPv6 Testing Tools from Australia offers links to tools for connectivity, ISP readiness, and Path MTU testing. Other Path MTU tests are Path MTU Detection and MTU Test. Causes of Path MTU errors and additional approaches to dealing with them are described in Section 5.3 of Nippon Telegraph and Telephone (NTT) Information Sharing Platform Laboratories Deploying IPv6: Problems and Solutions published in 2011.
• Tools and techniques for multicast troubleshooting are discussed in the Multicast Troubleshooting topic of the Multicast on IPv6 Networks article in the Infrastructure section.
• High Assurance Domains (HAD) by the National Institute of Standards and Technology (NIST) offers links to tools for Domain-based Message Authentication, Reporting & Conformance (DMARC), authenticated e-mail, and DNSSEC testing, among others. Near the top of the HAD web page, click on the Associated Products link.

Scope of article

This article focuses on the physical and (on a software-defined network) virtual network nodes (like routers, switches, and gateways) that perform or enable the exchange of data between and among wide-area networks (WANs), rather than those network nodes that initiate data exchanges (like computers, smart phones, and sensors). This data exchange originally used only Internet Protocol (IP) version 4 (IPv4) and now uses either IP version 6 (IPv6) or IPv4. It is sometimes also done using wireless broadband (sometimes referred to as fixed-wireless access).

IPv6 WAN Deployment

This website covers a wide array of topics involved in deploying IPv6 on a WAN. It is maintained by the Réseaux IP Européens Network Coordination Centre (RIPE NCC).

A network address plan is an essential element in any WAN deployment. See the IPv6 Address Plans article in the Network Management section for more information about IPv6 Address Plans.

Multiprotocol Label Switching (MPLS) was widely used to implement wide-area networks and will continue to be widely used in the future despite rumors that a networking virtualization architecture called Software-Defined Wide Area Networking (SD-WAN) is replacing MPLS.

This presentation describes some of the transit and peering issues involved in IPv6 enabling a backbone network. This presentation describes some of the solutions to problems that can arise when network nodes are attached to multiple networks simultaneously using provisioning domains (PvDs).

For additional information about IPv6 enabling a backbone network, this presentation entitled Deploying a Production IPv6 Network in 30 Minutes or Less (or its free) was presented at the 46th North American Network Operators’ Group (NANOG46). Since 1998 and continuing to the present, the NANOG has presented in-depth tutorials on a variety of IPv6 deployment topics and offers a wide range of other resources.

This dive into IPv6 implementation presentation may provide more than you wanted to know about IPv6 enabling your network. It was presented at the American Registry for Internet Numbers (ARIN) XXII meeting in 2009. Google maintains its own in-depth IPv6 Knowledge Base specific to IPv6 network design, configuration, and deployment.

Best Current Operational Practices (BCOP) are available for:

General peering and transit configurations
Public peering exchange point configurations
External and internal border gateway configurations.

(Note: A best practices document describes actions or practices that are known to produce good outcomes when followed.)

IPv6 Segment Routing over IPv6 (SRv6)

The Internet Engineering Task Force (IETF) provides an in-depth review of SRv6 concepts here. These presentations discuss SR over MPLS networks with IPv6 in a Cisco environment, this presentation discusses it in a Juniper environment, and this paper discusses it in a Linux environment. Information about IPv6 MPLS network deployments using:

6-Provider Edge (6PE) is in this presentation and this later presentation, and
Border Gateway Protocol-4 (BGP) along with RIPng, EIGRPv6, IS-ISv6, and OSPFv3
     is in this presentation and this later presentation

while information about MPLS network deployments using: 

a. SR and Traffic Engineering Extensions (TE) (SR-TE) is compared with the earlier  
       Label Distribution Protocol (LDP) and Resource Reservation Protocol with TE (RSVP-TE) side-by-side  
       approach in this article,
b. Loop Free Alternates (LFA), Remote LFA (RLFA), and their successor Topology-Independent LFA 
       (TI-LFA) that leverage SR are compared in this article,  
c. Label-Switched Paths (LSP), RSVP-TE, and SR protocols are compared in this article, and
d. Several additional network deployment options discussed on the Juniper Networks Routing forum.

Finally, check the Before you Begin article in the Deployment section of the IPv6 Knowledge Base for material from 5G Americas, Alliance for Telecommunications Industry Solutions (ATIS), and Cisco.