An IPv4 address is 32-bit long. Using these 32 bits, we can create 232 IP addresses. As the Internet is growing larger, 232 addresses are becoming less than enough. We need a larger address space for IP addresses. So, we need IPv6, which is a successor of IPv4.
An IPv6 address is 128-bit long. Using these 128 bits, we can create 2128 IPv6 addresses, which is more than enough for any practical scenario.
A 128-bit IPv6 address can be divided into three parts. The first 48 bits are used for network routing. The next 16 bits are used for subnetting and the last 64 bits are used for interface IDs.
When we want to create a subnet in IPv6, we use the 16 subnet bits. Using these 16 bits, we can create 216 = 65,536 subnets. This number of subnets is usually more than enough.
So, how to create a subnet mask using these 16 subnet bits? A 128-bit IPv6 address can be written as:
X1X2X3X4 : X5X6X7X8 : X9X10X11X12 : X13X14X15X16 : X17X18X19X20 : X21X22X23X24 : X25X26X27X28 : X29X30X31X32
Here, Xi is a hexadecimal digit. One hexadecimal digit is 4-bit long. And, hence, an IPv6 address is 32×4 = 128-bit long.
So, in these 128 bits, X1X2X3X4 : X5X6X7X8 : X9X10X11X12 are for network routing. X13X14X15X16 are for subnetting. And, X17X18X19X20 : X21X22X23X24 : X25X26X27X28 : X29X30X31X32 are for interface IDs.
Now, let’s say, we want to create four subnets. So, the binary mask for those 16 subnet bits will be 1100 0000 0000 0000, which is C000 in hexadecimal. So, X13X14X15X16 will be C000.
And, hence, the subnet mask will be:
FFFF : FFFF : FFFF : C000 : 0000 : 0000 : 0000
This is how we create a subnet mask for IPv6.
I hope this helps. However, interested readers who want to know more about how different web application attacks work and how we can prevent them can refer to the book “Web Application Vulnerabilities And Prevention.”
0 Comments