IPv6 - Internet Protocol version 6
What is IPv6?
IPv6 stands for Internet Protocol version 6. It is the successor to IPv4, designed to solve the problem of IP address exhaustion. IPv6 uses 128-bit addresses, allowing for a vastly larger number of unique IP addresses compared to IPv4’s 32-bit system.
Why is IPv6 useful?
IPv4 addresses are running out due to the explosion of internet-connected devices.
It supports more efficient routing and better security features.
It enables end-to-end connectivity without the need for NAT (Network Address Translation).
It simplifies network configuration with auto-configuration capabilities.
How it works?
Device gets an IPv6 address — either via DHCPv6 or Stateless Address Autoconfiguration (SLAAC).
Packets are created with IPv6 headers — including source and destination IPv6 addresses.
Routers forward packets — based on the destination IPv6 address.
Target device receives data — and processes the packet if the address matches.
Where is IPv6 used?
Modern internet infrastructure — ISPs, cloud providers, and large enterprises are adopting IPv6.
Mobile networks — many cellular networks use IPv6 by default.
IoT devices — IPv6 supports the massive scale of connected devices.
Next-gen applications — that require direct, scalable, and secure communication.
Which OSI Layer does IPv6 operate at?
IPv6 operates at the Network Layer (Layer 3) of the OSI model.
It provides logical addressing and routing between devices across different networks.
It encapsulates data into packets and ensures they reach the correct destination.
Topics in this section,
In this section, you are going to learn
Terminology
Version Info
Version & RFC Details |
|||
|---|---|---|---|
IPv6 Version |
RFC Version |
Year |
Core Idea / Contribution |
IPv6 |
|||
RFC 1883 |
1995 |
Original specification of IPv6. |
|
RFC 2460 |
1998 |
First major IPv6 specification; introduced 128-bit addressing, simplified headers, extension headers, flow labels. |
|
RFC 4291 |
2006 |
Defines IPv6 addressing architecture including unicast, multicast, and anycast addresses. |
|
RFC 4443 |
2006 |
Defines ICMPv6, the control messaging protocol for IPv6. |
|
RFC 4861 |
2007 |
Specifies Neighbor Discovery Protocol (NDP) for IPv6. |
|
RFC 4862 |
2007 |
Defines Stateless Address Autoconfiguration (SLAAC) for IPv6. |
|
RFC 6106 |
2010 |
Adds DNS configuration options to Router Advertisements. |
|
RFC 5952 |
2010 |
Defines a canonical textual representation format for IPv6 addresses. |
|
RFC 8200 |
2017 |
Obsoletes RFC 2460; current standard for IPv6. Clarifies extension headers, flow labels, and updates terminology. |
|
RFC 9386 |
2023 |
Provides updated status and deployment insights for IPv6. |
Setup
Setup
IPv6 Packet
S.No |
Protocol Packets |
Description |
Size(bytes) |
|---|---|---|---|
1 |
IPv6 |
141 |
|
Header |
41 |
||
Version |
IP version (6 for IPv6) |
1 |
|
Traffic Class |
specifying the priority of the packet. |
1 |
|
Flow Label |
identifying flows of packets. |
3 |
|
Payload Length |
indicating the length of the payload. |
2 |
|
Next Header |
specifying the next level protocol (e.g., TCP, UDP). |
1 |
|
Hop Limit |
maximum number of hops the packet can take. |
1 |
|
Source IP Address |
IP address of the sender. |
16 |
|
Destination IP Address |
IP address of the receiver. |
16 |
|
Data |
actual payload carried by the IP packet. |
variable(100) |
IPv6 - Use Cases |
||
|---|---|---|
S.no |
Use Case |
Description |
1 |
Internet Communication |
IPv6 provides a vastly larger address space (128-bit) to support the growing number of internet-connected devices. |
2 |
Enterprise Networking |
Used in modern LANs and WANs, especially in organizations transitioning from IPv4 to IPv6 for scalability and future-proofing. |
3 |
Web Hosting & DNS |
Websites and services are increasingly hosted with IPv6 addresses; DNS supports AAAA records for IPv6 resolution. |
4 |
End-to-End Connectivity |
Eliminates the need for NAT, enabling true peer-to-peer communication and simplifying network configurations. |
5 |
VPN and Remote Access |
IPv6 supports secure tunneling and remote access protocols, often coexisting with IPv4 in dual-stack environments. |
6 |
IoT and Smart Devices |
IPv6s vast address space allows unique addressing for billions of IoT devices, improving manageability and routing. |
7 |
Stateless Address Autoconfiguration (SLAAC) |
Devices can self-configure IP addresses without DHCP, simplifying network setup. |
8 |
Multimedia and Real-Time Services |
IPv6 supports efficient multicast and QoS features, enhancing performance for VoIP, video conferencing, and streaming. |
IPv6 - Basic Features |
||
|---|---|---|
S.no |
Features |
Description |
1 |
128-bit Addressing |
Vast address space, enabling trillions of unique IPs. |
2 |
Simplified Header Structure |
Fixed 40-byte header with optional extension headers for flexibility. |
3 |
Multicast Support |
Efficient one-to-many communication for services like streaming. |
4 |
Stateless Address Autoconfiguration (SLAAC) |
Devices can self-configure IPs using router advertisements. |
5 |
Improved Security (IPsec) |
Mandatory support for encryption and authentication at the IP layer. |
6 |
Flow Label Field |
Allows labeling of packets for special handling. |
7 |
Extension Headers |
Modular headers for routing, fragmentation, security, etc. |
8 |
Hop Limit |
Replaces IPv4s TTL; limits packet lifetime across routers. |
9 |
Classless Addressing |
No address classes (A, B, C); uses CIDR-like prefixing. |
10 |
Efficient Routing |
Aggregated prefixes and simplified headers improve routing performance. |
128-bit Addressing - Testcases
Sl.no |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Assign Valid IPv6 Address |
Assign 2001:db8::1 |
Address accepted |
2 |
Assign Invalid IPv6 Address |
Assign 2001:db8::1:1:1::1 |
Address rejected |
3 |
Assign Full 128-bit Address |
Use all 8 segments |
Address accepted |
4 |
Assign Compressed Address |
Use :: for zeros |
Address accepted |
5 |
Assign Loopback Address |
::1 |
Packet routed locally |
6 |
Assign Link-local Address |
fe80::1 |
Used for local link communication |
7 |
Assign Unique Local Address |
fc00::/7 |
Used for internal networks |
8 |
Assign Global Unicast Address |
2000::/3 |
Routable on the internet |
9 |
Assign Multicast Address |
ff00::/8 |
Used for multicast traffic |
10 |
Assign Reserved Address |
:: |
Used as unspecified address |
11 |
Assign IPv4-Mapped IPv6 Address |
::ffff:192.0.2.128 |
Used for IPv4 compatibility |
12 |
Assign IPv4-Compatible IPv6 Address |
::192.0.2.128 |
Deprecated but accepted |
13 |
Assign Address with Leading Zeros |
2001:0db8::1 |
Address normalized |
14 |
Assign Address with Uppercase Letters |
2001:DB8::1 |
Address accepted case insensitive |
15 |
Assign Address with Lowercase Letters |
2001:db8::1 |
Address accepted |
16 |
Assign Address with Embedded IPv4 |
::ffff:192.168.1.1 |
IPv4 mapped IPv6 address |
17 |
Assign Address with Invalid Characters |
2001:db8::g1 |
Address rejected |
18 |
Assign Address with Too Many Segments |
9 segments |
Address rejected |
19 |
Assign Address with Too Few Segments |
6 segments without :: |
Address rejected |
20 |
Assign Address with Multiple :: |
2001::db8::1 |
Address rejected |
21 |
Assign Address with All Zeros |
:: |
Used as unspecified address |
22 |
Assign Address with All Ones |
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff |
Valid, reserved |
23 |
Assign Address with Prefix Length |
2001:db8::/64 |
Network portion defined |
24 |
Assign Address with /128 Prefix |
Host-specific address |
Used for loopback or point-to-point |
25 |
Assign Address with /64 Prefix |
Standard subnet size |
Used in most networks |
26 |
Assign Address with /48 Prefix |
Site-level aggregation |
Used by ISPs |
27 |
Assign Address with /32 Prefix |
Global routing prefix |
Assigned to large organizations |
28 |
Assign Address with /127 Prefix |
Point-to-point links |
Used in router-to-router links |
29 |
Assign Address with /0 Prefix |
Default route |
Used in routing tables |
30 |
Assign Address with SLAAC |
Stateless autoconfiguration |
Address generated automatically |
31 |
Assign Address with DHCPv6 |
Stateful configuration |
Address assigned by server |
32 |
Assign Address with Privacy Extension |
Temporary address |
Used for outbound connections |
33 |
Assign Address with Stable Interface ID |
Based on MAC |
Persistent address |
34 |
Assign Address with Random Interface ID |
Randomized |
Enhances privacy |
35 |
Assign Address with Duplicate Detection |
DAD enabled |
Duplicate address rejected |
36 |
Assign Address with Manual Configuration |
Static assignment |
Address accepted |
37 |
Assign Address with Multicast Scope |
ff02::1 |
Link-local multicast |
38 |
Assign Address with Site-local Scope |
fec0::/10 |
Deprecated, not routable |
39 |
Assign Address with Global Scope |
2001::/16 |
Routable globally |
40 |
Assign Address with Interface Index |
fe80::1%eth0 |
Used for link-local routing |
41 |
Assign Address with Routing Header |
Used in packet |
Routing header processed |
42 |
Assign Address with Extension Headers |
Fragmentation, security, etc. |
Headers processed |
43 |
Assign Address with ICMPv6 |
Ping to IPv6 address |
Echo reply received |
44 |
Assign Address with DNS AAAA Record |
IPv6 DNS resolution |
Address resolved |
45 |
Assign Address with NAT64 |
IPv6 to IPv4 translation |
Address mapped |
46 |
Assign Address with Dual Stack |
IPv4 and IPv6 coexist |
Both addresses assigned |
47 |
Assign Address with Firewall |
IPv6 rules applied |
Traffic filtered |
48 |
Assign Address with ACL |
IPv6 ACLs applied |
Traffic permitted or denied |
49 |
Assign Address with Routing Protocol |
OSPFv3, BGP, etc. |
Address advertised |
50 |
Assign Address with Packet Capture |
Wireshark or tcpdump |
IPv6 address visible in capture |
Simplified Header Structure - Testcases
S.no |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Validate Fixed Header Size |
IPv6 header is 40 bytes |
Header accepted |
2 |
No Header Checksum |
No checksum field |
Router does not perform checksum validation |
3 |
No Fragmentation in Header |
No fragmentation fields |
Fragmentation handled via extension header |
4 |
No Options Field |
No variable-length options |
Simplified parsing |
5 |
Validate Version Field |
Version = 6 |
Packet accepted |
6 |
Invalid Version Field |
Version ? 6 |
Packet dropped |
7 |
Validate Traffic Class Field |
QoS marking present |
Used for traffic prioritization |
8 |
Validate Flow Label Field |
Flow label set |
Used for flow identification |
9 |
Validate Payload Length Field |
Correct length |
Packet accepted |
10 |
Invalid Payload Length |
Length mismatch |
Packet dropped |
11 |
Validate Next Header Field |
Indicates upper-layer protocol |
Packet routed accordingly |
12 |
Unknown Next Header Value |
Unsupported protocol |
Packet dropped |
13 |
Validate Hop Limit Field |
TTL equivalent |
Decremented per hop |
14 |
Hop Limit = 0 |
TTL expired |
Packet dropped |
15 |
Validate Source Address |
Valid 128-bit address |
Packet accepted |
16 |
Invalid Source Address |
Malformed address |
Packet dropped |
17 |
Validate Destination Address |
Valid 128-bit address |
Packet routed |
18 |
Invalid Destination Address |
Malformed address |
Packet dropped |
19 |
Header with Extension Headers |
Next Header points to extension |
Extension processed |
20 |
Header with No Extension Headers |
Next Header = TCP/UDP |
Packet routed directly |
21 |
Header with Routing Extension |
Routing header present |
Intermediate nodes processed |
22 |
Header with Fragment Extension |
Fragmentation handled externally |
Reassembly at destination |
23 |
Header with Authentication Header |
AH present |
Packet authenticated |
24 |
Header with ESP |
Encrypted payload |
Decryption required |
25 |
Header with Hop-by-Hop Options |
Special processing at each hop |
Options processed |
26 |
Header with Destination Options |
Options processed at destination |
Packet accepted |
27 |
Header with Jumbo Payload Option |
Payload > 65535 bytes |
Jumbo payload handled |
28 |
Header with Mobility Header |
Mobile IPv6 support |
Mobility functions triggered |
29 |
Header with No Padding |
No alignment needed |
Packet accepted |
30 |
Header with Upper-Layer Protocol = TCP |
Next Header = 6 |
Routed to TCP stack |
31 |
Header with Upper-Layer Protocol = UDP |
Next Header = 17 |
Routed to UDP stack |
32 |
Header with Upper-Layer Protocol = ICMPv6 |
Next Header = 58 |
Routed to ICMPv6 handler |
33 |
Header with Upper-Layer Protocol = OSPF |
Next Header = 89 |
Routed to OSPFv3 |
34 |
Header with Upper-Layer Protocol = GRE |
Next Header = 47 |
Routed to GRE handler |
35 |
Header with Upper-Layer Protocol = ESP |
Next Header = 50 |
Routed to IPsec stack |
36 |
Header with Upper-Layer Protocol = AH |
Next Header = 51 |
Routed to IPsec stack |
37 |
Header with Invalid Flow Label |
Non-zero but unused |
Packet still accepted |
38 |
Header with Zero Flow Label |
Default behavior |
Packet accepted |
39 |
Header with Random Flow Label |
Used for load balancing |
Packet accepted |
40 |
Header with Traffic Class = EF |
Expedited forwarding |
Packet prioritized |
41 |
Header with Traffic Class = AF |
Assured forwarding |
Packet prioritized accordingly |
42 |
Header with Traffic Class = CS |
Class selector |
Packet handled per class |
43 |
Header with Extension Header Chain |
Multiple extensions |
All processed in order |
44 |
Header with Malformed Extension Chain |
Invalid order or loop |
Packet dropped |
45 |
Header with Unknown Extension Header |
Unrecognized type |
Packet dropped or skipped |
46 |
Header with Extension Header Length Error |
Length mismatch |
Packet dropped |
47 |
Header with No Upper-Layer Protocol |
Next Header = 59 (No Next Header) |
Payload ignored |
48 |
Header with ICMPv6 Error |
Error message generated |
Sent to source |
49 |
Header with Multicast Destination |
ff00::/8 |
Packet delivered to group |
50 |
Header with Unicast Destination |
2001::1 |
Packet routed normally |
Multicast Support - Testcases
Multicast Support - Test Cases |
|||
|---|---|---|---|
# |
Test Case |
Description |
Expected Result |
1 |
Send to All-Nodes Multicast |
Destination = ff02::1 |
All nodes on local link receive |
2 |
Send to All-Routers Multicast |
Destination = ff02::2 |
All routers on local link receive |
3 |
Send to Solicited-Node Multicast |
Destination = ff02::1:ffxx:xxxx |
Only matching node receives |
4 |
Join Multicast Group |
Host joins group via MLD |
Group membership recorded |
5 |
Leave Multicast Group |
Host leaves group |
Group membership updated |
6 |
Use MLDv1 |
Host uses MLDv1 |
Basic group join/leave supported |
7 |
Use MLDv2 |
Host uses MLDv2 |
Source filtering supported |
8 |
Send ICMPv6 Router Advertisement |
Sent to ff02::1 |
All nodes receive |
9 |
Send ICMPv6 Router Solicitation |
Sent to ff02::2 |
Routers respond |
10 |
Send ICMPv6 Neighbor Solicitation |
Sent to solicited-node address |
Target node responds |
11 |
Send ICMPv6 Neighbor Advertisement |
Sent to ff02::1 |
All nodes update cache |
12 |
Use DHCPv6 Multicast |
Sent to ff02::1:2 |
DHCPv6 servers respond |
13 |
Use Multicast DNS (mDNS) |
Sent to ff02::fb |
Local name resolution |
14 |
Use LLMNR |
Sent to ff02::1:3 |
Local name resolution |
15 |
Use RIPng |
Sent to ff02::9 |
RIP routers receive updates |
16 |
Use OSPFv3 |
Sent to ff02::5 and ff02::6 |
OSPF routers receive messages |
17 |
Use PIM |
Sent to ff02::d |
PIM routers receive messages |
18 |
Use NTP Multicast |
Sent to multicast group |
Time sync achieved |
19 |
Use SNMP Trap Multicast |
Sent to SNMP listeners |
Trap received |
20 |
Use SSDP over IPv6 |
Sent to ff02::c |
Devices discoverable |
21 |
Use Multicast for Streaming |
Video sent to group |
Only members receive |
22 |
Use Multicast for Software Updates |
Update sent to group |
Efficient delivery |
23 |
Use Multicast for IoT Devices |
Sensor data multicast |
All subscribers receive |
24 |
Use Multicast for Classroom |
Lecture stream multicast |
Students receive stream |
25 |
Use Multicast for Gaming |
Game state multicast |
All players updated |
26 |
Use Multicast for CDN |
Content distributed via multicast |
Edge nodes receive data |
27 |
Use Multicast for Backup |
Data replicated via multicast |
All nodes updated |
28 |
Use Multicast for Logging |
Logs sent to multicast group |
Central server receives |
29 |
Use Multicast for Alerting |
Alerts sent to group |
All listeners notified |
30 |
Use Multicast with VLAN |
Scoped to VLAN |
Only VLAN members receive |
31 |
Use Multicast with QoS |
DSCP marked packets |
Prioritized delivery |
32 |
Use Multicast with ACL |
ACL allows multicast |
Packet forwarded |
33 |
Use Multicast with Firewall |
Firewall permits group |
Packet allowed |
34 |
Use Multicast with NAT64 |
Translated to IPv4 multicast |
Packet routed |
35 |
Use Multicast with VPN |
Multicast tunneled |
Packet delivered |
36 |
Use Multicast with Wireless |
Sent over Wi-Fi |
All clients receive |
37 |
Use Multicast with Ethernet |
Switch floods to group members |
Efficient delivery |
38 |
Use Multicast with MLD Snooping |
Switch tracks group members |
Traffic limited to members |
39 |
Use Multicast with Logging |
Multicast events logged |
Entries recorded |
40 |
Use Multicast with Monitoring |
Multicast traffic captured |
Visible in packet sniffer |
41 |
Use Multicast with IPv6 Anycast |
Anycast not used |
Packet not delivered |
42 |
Use Multicast with IPv4 Stack |
Not supported |
Packet dropped |
43 |
Use Multicast with Extension Headers |
Routing or fragmentation |
Packet processed |
44 |
Use Multicast with Jumbo Payload |
Payload > 65535 bytes |
Delivered if supported |
45 |
Use Multicast with Fragmentation |
Packet fragmented |
Reassembled at receiver |
46 |
Use Multicast with Source Filtering |
MLDv2 include/exclude |
Source-based delivery |
47 |
Use Multicast with Duplicate Address Detection |
NS sent to solicited-node |
Conflict detected |
48 |
Use Multicast with Privacy Extensions |
Temporary address used |
Multicast still functional |
49 |
Use Multicast with Static Routes |
Route to group defined |
Packet forwarded |
50 |
Use Multicast with Dynamic Routing |
Route learned via protocol |
Packet routed correctly |
Stateless Address Autoconfiguration (SLAAC) - Testcases
Stateless Address Autoconfiguration (SLAAC) - Test Cases |
|||
|---|---|---|---|
# |
Test Case |
Description |
Expected Result |
1 |
SLAAC Enabled Interface |
Interface configured for SLAAC |
IPv6 address auto-configured |
2 |
SLAAC Disabled Interface |
SLAAC disabled |
No address auto-configured |
3 |
Receive Router Advertisement (RA) |
RA received with A-flag set |
Host configures address |
4 |
RA with A-flag Cleared |
Autonomous flag not set |
Host does not configure address |
5 |
RA with Prefix Information |
Valid prefix advertised |
Host uses prefix for address |
6 |
RA with Invalid Prefix |
Prefix length ? /64 |
Host ignores prefix |
7 |
Generate Interface ID from MAC |
EUI-64 format used |
Address generated correctly |
8 |
Generate Interface ID Randomly |
Privacy extension enabled |
Temporary address created |
9 |
Duplicate Address Detection (DAD) Success |
No conflict |
Address assigned |
10 |
DAD Failure |
Duplicate detected |
Address not assigned |
11 |
Multiple RAs Received |
Multiple prefixes advertised |
Multiple addresses configured |
12 |
RA with Lifetime Expired |
Prefix lifetime = 0 |
Address deprecated or removed |
13 |
RA with Valid Lifetime |
Prefix lifetime > 0 |
Address remains valid |
14 |
RA with On-Link Flag |
L-flag set |
Prefix added to routing table |
15 |
RA with No On-Link Flag |
L-flag cleared |
Prefix not added to routing table |
16 |
RA with M-flag Set |
Managed flag set |
Host may use DHCPv6 |
17 |
RA with O-flag Set |
Other config flag set |
Host may use DHCPv6 for DNS |
18 |
SLAAC with Static DNS |
DNS manually configured |
SLAAC address used with static DNS |
19 |
SLAAC with RDNSS Option |
DNS provided in RA |
Host configures DNS |
20 |
SLAAC with No RDNSS |
No DNS in RA |
DNS not auto-configured |
21 |
SLAAC with Link-Local RA |
RA from link-local router |
Address configured |
22 |
SLAAC with Global RA |
RA from global address |
Address configured |
23 |
SLAAC with Multicast RA |
RA sent to ff02::1 |
All nodes receive |
24 |
SLAAC with Unicast RA |
RA sent directly |
Target node configures address |
25 |
SLAAC with VLAN |
RA received on VLAN |
Address configured on VLAN interface |
26 |
SLAAC with Trunk Port |
RA received on tagged VLAN |
Address configured correctly |
27 |
SLAAC with Access Port |
RA received on untagged VLAN |
Address configured correctly |
28 |
SLAAC with Wireless Interface |
RA received over Wi-Fi |
Address configured |
29 |
SLAAC with Ethernet Interface |
RA received over Ethernet |
Address configured |
30 |
SLAAC with VPN Interface |
RA received over tunnel |
Address configured |
31 |
SLAAC with Firewall |
RA allowed |
Address configured |
32 |
SLAAC Blocked by Firewall |
RA blocked |
No address configured |
33 |
SLAAC with ACL |
RA permitted |
Address configured |
34 |
SLAAC with ACL Deny |
RA denied |
No address configured |
35 |
SLAAC with Logging Enabled |
RA processed |
Event logged |
36 |
SLAAC with Packet Capture |
RA and NS/NA visible |
SLAAC process observable |
37 |
SLAAC with Host Reboot |
Host reboots |
Address reconfigured |
38 |
SLAAC with Router Reboot |
Router reboots |
RA resumes after boot |
39 |
SLAAC with Multiple Interfaces |
RA received on multiple interfaces |
Address configured per interface |
40 |
SLAAC with Interface Down |
Interface disabled |
No address configured |
41 |
SLAAC with Interface Up |
Interface enabled |
Address configured |
42 |
SLAAC with Manual Address |
Static address present |
SLAAC address coexists |
43 |
SLAAC with DHCPv6 |
Both enabled |
SLAAC configures address, DHCPv6 configures DNS |
44 |
SLAAC with Privacy Extensions |
Temporary address created |
Used for outbound connections |
45 |
SLAAC with Stable Interface ID |
Address remains consistent |
Persistent address |
46 |
SLAAC with Short RA Interval |
Frequent RAs |
Address refreshed often |
47 |
SLAAC with Long RA Interval |
Infrequent RAs |
Address remains valid |
48 |
SLAAC with Expired Prefix |
Prefix lifetime = 0 |
Address deprecated |
49 |
SLAAC with Multiple Routers |
Multiple RAs |
Host selects preferred prefix |
50 |
SLAAC with No RA |
No router advertisement |
No address configured |
Improved Security - Testcases
Improved Security (IPsec) - Test Cases |
|||
|---|---|---|---|
# |
Test Case |
Description |
Expected Result |
1 |
Enable IPsec on IPv6 Interface |
IPsec enabled |
Interface accepts secure traffic |
2 |
Disable IPsec on IPv6 Interface |
IPsec disabled |
Traffic not encrypted |
3 |
Configure IPsec Transport Mode |
Transport mode set |
Payload encrypted, header visible |
4 |
Configure IPsec Tunnel Mode |
Tunnel mode set |
Entire packet encrypted |
5 |
Use Authentication Header (AH) |
AH applied |
Packet integrity verified |
6 |
Use Encapsulating Security Payload (ESP) |
ESP applied |
Packet encrypted and authenticated |
7 |
Use AH with IPv6 |
AH header inserted |
Packet integrity protected |
8 |
Use ESP with IPv6 |
ESP header inserted |
Payload encrypted |
9 |
Use AH + ESP |
Both headers used |
Full protection applied |
10 |
Use Manual Keying |
Static keys configured |
Secure communication established |
11 |
Use IKEv2 for Key Exchange |
IKEv2 negotiation |
SA established dynamically |
12 |
Use IPsec with IPv6 Multicast |
Multicast traffic secured |
Group keying required |
13 |
Use IPsec with IPv6 Unicast |
Unicast traffic secured |
Peer-to-peer encryption |
14 |
Use IPsec with IPv6 Anycast |
Anycast not supported |
Packet dropped or ignored |
15 |
Use IPsec with IPv6 Link-Local |
Link-local traffic secured |
Communication encrypted |
16 |
Use IPsec with IPv6 Global Address |
Global traffic secured |
End-to-end encryption |
17 |
Use IPsec with IPv6 Unique Local Address |
ULA traffic secured |
Internal traffic encrypted |
18 |
Use IPsec with Fragmented Packet |
Packet fragmented |
Reassembled before decryption |
19 |
Use IPsec with Jumbo Payload |
Large packet encrypted |
Delivered securely |
20 |
Use IPsec with Extension Headers |
Headers preserved |
IPsec applied correctly |
21 |
Use IPsec with Routing Header |
Routing header encrypted |
Packet routed securely |
22 |
Use IPsec with Hop-by-Hop Header |
Header processed |
Packet integrity maintained |
23 |
Use IPsec with ICMPv6 |
ICMPv6 messages secured |
Echo request/reply encrypted |
24 |
Use IPsec with TCP |
TCP session encrypted |
Data protected |
25 |
Use IPsec with UDP |
UDP datagram encrypted |
Data protected |
26 |
Use IPsec with DNS over IPv6 |
DNS queries encrypted |
Privacy ensured |
27 |
Use IPsec with NTP |
Time sync secured |
NTP packets encrypted |
28 |
Use IPsec with SNMP |
SNMP traps encrypted |
Management traffic secured |
29 |
Use IPsec with Routing Protocols |
OSPFv3, RIPng secured |
Routing updates protected |
30 |
Use IPsec with SLAAC |
RA/RS messages secured |
Autoconfiguration protected |
31 |
Use IPsec with DHCPv6 |
DHCPv6 messages encrypted |
Address assignment secured |
32 |
Use IPsec with MLD |
Multicast group joins secured |
MLD messages protected |
33 |
Use IPsec with VPN over IPv6 |
Tunnel established |
Secure remote access |
34 |
Use IPsec with IPv6 over IPsec Tunnel |
IPv6-in-IPv6 over IPsec |
Double encapsulation supported |
35 |
Use IPsec with NAT-T |
NAT traversal enabled |
IPsec works through NAT |
36 |
Use IPsec with Firewall |
IPsec traffic allowed |
Policy permits secure traffic |
37 |
Use IPsec with ACL |
ACL matches ESP/AH |
Traffic filtered correctly |
38 |
Use IPsec with QoS |
DSCP preserved |
Traffic prioritized |
39 |
Use IPsec with Logging |
Security events logged |
IPsec activity recorded |
40 |
Use IPsec with Monitoring |
IPsec sessions monitored |
Status visible in tools |
41 |
Use IPsec with Packet Capture |
ESP/AH visible |
Payload encrypted |
42 |
Use IPsec with Replay Protection |
Anti-replay enabled |
Duplicate packets dropped |
43 |
Use IPsec with Key Lifetime Expiry |
SA expires |
Re-keying triggered |
44 |
Use IPsec with Invalid SA |
No matching SA |
Packet dropped |
45 |
Use IPsec with Invalid SPI |
SPI not recognized |
Packet dropped |
46 |
Use IPsec with Authentication Failure |
Invalid HMAC |
Packet dropped |
47 |
Use IPsec with Encryption Failure |
Decryption fails |
Packet dropped |
48 |
Use IPsec with Peer Unreachable |
No response |
SA not established |
49 |
Use IPsec with Host Reboot |
Host restarts |
SA re-established |
50 |
Use IPsec with Router Reboot |
Router restarts |
Tunnel re-established |
Flow Label Field - Testcases
Flow Label Field - Test Cases |
|||
|---|---|---|---|
# |
Test Case |
Description |
Expected Result |
1 |
Flow Label = 0 |
Default value |
Treated as no special handling |
2 |
Flow Label ? 0 |
Non-zero value |
Flow-specific treatment applied |
3 |
Flow Label with TCP |
TCP session assigned flow label |
Packets grouped by flow |
4 |
Flow Label with UDP |
UDP stream assigned flow label |
Packets grouped by flow |
5 |
Flow Label with ICMPv6 |
ICMPv6 echo request |
Flow label ignored or set to 0 |
6 |
Flow Label with SCTP |
SCTP stream assigned label |
Flow identified |
7 |
Flow Label with Fragmented Packet |
All fragments share same label |
Reassembled correctly |
8 |
Flow Label with Jumbo Payload |
Large packet with label |
Handled as single flow |
9 |
Flow Label with Extension Headers |
Label preserved |
Headers processed normally |
10 |
Flow Label with Routing Header |
Label used for flow routing |
Packet routed accordingly |
11 |
Flow Label with Hop-by-Hop Header |
Label processed at each hop |
Packet treated per flow |
12 |
Flow Label with ESP |
Encrypted payload |
Label visible, payload encrypted |
13 |
Flow Label with AH |
Authenticated header |
Label integrity protected |
14 |
Flow Label with QoS Policy |
Label used for QoS classification |
Traffic prioritized |
15 |
Flow Label with Traffic Shaping |
Label used for shaping |
Bandwidth managed |
16 |
Flow Label with Load Balancer |
Label used for hashing |
Flow consistency maintained |
17 |
Flow Label with Firewall |
Label used in rules |
Traffic filtered accordingly |
18 |
Flow Label with ACL |
ACL matches flow label |
Packet permitted or denied |
19 |
Flow Label with Logging |
Label logged |
Entry recorded |
20 |
Flow Label with Monitoring |
Label visible in capture |
Flow identified |
21 |
Flow Label with Packet Sniffer |
Wireshark shows label |
Field decoded |
22 |
Flow Label with Router |
Router uses label for fast path |
Packet forwarded efficiently |
23 |
Flow Label with Switch |
Label ignored |
Layer 2 device forwards normally |
24 |
Flow Label with NAT64 |
Label preserved |
IPv6-to-IPv4 translation occurs |
25 |
Flow Label with VPN |
Label preserved through tunnel |
Flow maintained |
26 |
Flow Label with MPLS |
Label mapped to MPLS label |
Traffic engineered |
27 |
Flow Label with SRv6 |
Segment routing uses label |
Path optimized |
28 |
Flow Label with Mobile IPv6 |
Label used for mobility flow |
Session continuity maintained |
29 |
Flow Label with DNS |
Label not used |
DNS traffic treated normally |
30 |
Flow Label with NTP |
Label not used |
Time sync unaffected |
31 |
Flow Label with DHCPv6 |
Label not used |
Address assignment unaffected |
32 |
Flow Label with Multicast |
Label ignored |
Multicast traffic not flow-specific |
33 |
Flow Label with Anycast |
Label ignored |
Closest node responds |
34 |
Flow Label with SLAAC |
Label not used |
Address auto-configured |
35 |
Flow Label with Privacy Extensions |
Label used with temporary address |
Flow maintained |
36 |
Flow Label with Stable Interface ID |
Label reused |
Flow consistency ensured |
37 |
Flow Label with Replay Attack |
Label reused maliciously |
Packet dropped or logged |
38 |
Flow Label with Random Generation |
Label randomly assigned |
Flow uniqueness ensured |
39 |
Flow Label with Hash-Based Assignment |
Label derived from 5-tuple |
Consistent flow ID |
40 |
Flow Label with Manual Configuration |
Admin sets label |
Custom flow control |
41 |
Flow Label with Zero Compression |
Label = 0 |
No flow-specific treatment |
42 |
Flow Label with Duplicate Value |
Same label for different flows |
Risk of misclassification |
43 |
Flow Label with Expired Flow |
Flow ends, label reused |
New flow established |
44 |
Flow Label with High Entropy |
Randomized label |
Improves load distribution |
45 |
Flow Label with Low Entropy |
Sequential label |
May cause imbalance |
46 |
Flow Label with ICMPv6 Error |
Error message includes label |
Helps trace flow |
47 |
Flow Label with Traceroute |
Label preserved |
Path traced per flow |
48 |
Flow Label with Path MTU Discovery |
Label not used |
PMTUD functions normally |
49 |
Flow Label with Congestion Control |
Label used for flow fairness |
Traffic balanced |
50 |
Flow Label with Application Tagging |
App sets label |
Enables app-aware routing |
Extension Headers - Testcases
Extension Headers - Test Cases |
|||
|---|---|---|---|
# |
Test Case |
Description |
Expected Result |
1 |
No Extension Header |
Only base header used |
Packet processed normally |
2 |
Hop-by-Hop Options Header Present |
First extension header |
Processed by each router |
3 |
Routing Header Present |
Specifies intermediate nodes |
Packet routed accordingly |
4 |
Fragment Header Present |
Packet fragmented |
Reassembled at destination |
5 |
Destination Options Header Present |
Options for destination |
Processed only by destination |
6 |
Authentication Header (AH) Present |
IPsec authentication |
Packet integrity verified |
7 |
Encapsulating Security Payload (ESP) Present |
IPsec encryption |
Payload decrypted |
8 |
Mobility Header Present |
Mobile IPv6 support |
Mobility functions triggered |
9 |
Unknown Extension Header |
Unrecognized type |
Packet dropped or skipped |
10 |
Extension Header Order Valid |
Correct sequence |
Packet accepted |
11 |
Extension Header Order Invalid |
Incorrect sequence |
Packet dropped |
12 |
Multiple Extension Headers |
Chain of headers |
All processed in order |
13 |
Extension Header Length Valid |
Proper length field |
Header parsed correctly |
14 |
Extension Header Length Invalid |
Incorrect length |
Packet dropped |
15 |
Hop-by-Hop Header with Router Alert |
Special processing |
Packet inspected |
16 |
Hop-by-Hop Header with Jumbo Payload Option |
Payload > 65535 bytes |
Packet accepted |
17 |
Routing Header Type 0 |
Deprecated |
Packet dropped or ignored |
18 |
Routing Header Type 2 |
Mobile IPv6 |
Packet routed to home agent |
19 |
Fragment Header with Offset = 0 |
First fragment |
Reassembly begins |
20 |
Fragment Header with MF = 1 |
More fragments follow |
Await reassembly |
21 |
Fragment Header with MF = 0 |
Last fragment |
Reassembly completes |
22 |
Fragment Header with Overlapping Fragments |
Malformed fragments |
Packet dropped |
23 |
Fragment Header with Duplicate Fragments |
Redundant data |
Handled gracefully |
24 |
AH with Valid Authentication |
HMAC verified |
Packet accepted |
25 |
AH with Invalid Authentication |
HMAC mismatch |
Packet dropped |
26 |
ESP with Valid Encryption |
Payload decrypted |
Packet accepted |
27 |
ESP with Invalid Encryption |
Decryption fails |
Packet dropped |
28 |
Destination Options with Pad1 |
Single-byte padding |
Packet accepted |
29 |
Destination Options with PadN |
Multi-byte padding |
Packet accepted |
30 |
Destination Options with Unknown Option |
Unrecognized option |
Action based on option type |
31 |
Extension Header with Next Header = TCP |
TCP payload follows |
Routed to TCP stack |
32 |
Extension Header with Next Header = UDP |
UDP payload follows |
Routed to UDP stack |
33 |
Extension Header with Next Header = ICMPv6 |
ICMPv6 follows |
Routed to ICMPv6 handler |
34 |
Extension Header with Next Header = No Next Header (59) |
No upper-layer protocol |
Payload ignored |
35 |
Extension Header with Invalid Next Header |
Unknown protocol |
Packet dropped |
36 |
Extension Header with Loop |
Header points to itself |
Packet dropped |
37 |
Extension Header with Excessive Chain |
Too many headers |
Packet dropped |
38 |
Extension Header with Truncated Data |
Incomplete header |
Packet dropped |
39 |
Extension Header with Malformed Option |
Invalid format |
Packet dropped |
40 |
Extension Header with Duplicate Types |
Same header repeated |
Handled per RFC rules |
41 |
Extension Header with Logging Enabled |
Headers logged |
Entry recorded |
42 |
Extension Header with Packet Capture |
Headers visible in capture |
Analyzed by tools |
43 |
Extension Header with Firewall |
Headers inspected |
Packet allowed or blocked |
44 |
Extension Header with ACL |
ACL matches header type |
Packet filtered |
45 |
Extension Header with QoS |
Headers preserved |
Traffic prioritized |
46 |
Extension Header with Router Reboot |
Router processes headers |
Packet forwarded |
47 |
Extension Header with Host Reboot |
Host reprocesses headers |
Packet accepted |
48 |
Extension Header with VPN |
Headers encapsulated |
Tunnel endpoint processes |
49 |
Extension Header with NAT64 |
Headers preserved |
Translated if supported |
50 |
Extension Header with SRv6 |
Segment Routing Header |
Path-based forwarding applied |
Hop Limit - Testcases
Hop Limit - Test Cases |
|||
|---|---|---|---|
# |
Test Case |
Description |
Expected Result |
1 |
Hop Limit = 0 |
Packet with Hop Limit set to 0 |
Packet is dropped immediately |
2 |
Hop Limit = 1 |
Packet with Hop Limit set to 1 |
Packet is forwarded once, then dropped |
3 |
Hop Limit = 2 |
Packet with Hop Limit set to 2 |
Packet is forwarded twice, then dropped |
4 |
Hop Limit = 255 |
Max Hop Limit value |
Packet can traverse up to 255 hops |
5 |
Hop Limit decrements by 1 |
Each router decrements Hop Limit |
Hop Limit reduces by 1 per hop |
6 |
Hop Limit not decremented |
Router fails to decrement |
Packet loops indefinitely (error) |
7 |
Hop Limit = 1 at destination |
Packet reaches destination with HL=1 |
Packet is accepted |
8 |
Hop Limit = 1 at intermediate |
Packet dropped at intermediate router |
ICMPv6 Time Exceeded sent |
9 |
Hop Limit = 0 at source |
Source sends with HL=0 |
Packet dropped at source |
10 |
Hop Limit = 128 |
Common default value |
Packet traverses up to 128 hops |
11 |
Hop Limit = 64 |
Another common default |
Packet traverses up to 64 hops |
12 |
Hop Limit = 10 |
Short-lived packet |
Packet dropped after 10 hops |
13 |
Hop Limit = 1 with traceroute |
Used for hop discovery |
ICMPv6 Time Exceeded returned |
14 |
Hop Limit = 2 with traceroute |
Used for second hop discovery |
ICMPv6 Time Exceeded returned |
15 |
Hop Limit = 255 with traceroute |
Used to detect spoofing |
Packet reaches destination |
16 |
Hop Limit = 255, spoofed |
Spoofed packet with HL=255 |
Packet dropped if not from local |
17 |
Hop Limit = 1, loop test |
Loop detection test |
Packet dropped in loop |
18 |
Hop Limit = 0, loop test |
Loop detection test |
Packet dropped immediately |
19 |
Hop Limit = 5, 6 routers |
Packet dropped at 6th router |
ICMPv6 Time Exceeded sent |
20 |
Hop Limit = 6, 6 routers |
Packet reaches destination |
Packet accepted |
21 |
Hop Limit = 1, firewall |
Firewall blocks low HL |
Packet dropped |
22 |
Hop Limit = 255, firewall |
Firewall allows high HL |
Packet forwarded |
23 |
Hop Limit = 0, multicast |
Multicast packet with HL=0 |
Packet dropped |
24 |
Hop Limit = 1, multicast |
Multicast packet with HL=1 |
Packet reaches local nodes |
25 |
Hop Limit = 255, multicast |
Multicast packet with HL=255 |
Packet reaches all nodes |
26 |
Hop Limit = 1, ICMPv6 |
ICMPv6 error with HL=1 |
Packet dropped |
27 |
Hop Limit = 255, ICMPv6 |
ICMPv6 error with HL=255 |
Packet reaches destination |
28 |
Hop Limit = 1, ping |
Ping with HL=1 |
First hop replies with ICMPv6 |
29 |
Hop Limit = 64, ping |
Ping with HL=64 |
Packet reaches destination |
30 |
Hop Limit = 0, ping |
Ping with HL=0 |
Packet dropped |
31 |
Hop Limit = 1, router test |
Test router decrement |
HL becomes 0, packet dropped |
32 |
Hop Limit = 2, router test |
HL becomes 1, then 0 |
Packet dropped at second router |
33 |
Hop Limit = 255, loop test |
Loop with max HL |
Packet loops 255 times then dropped |
34 |
Hop Limit = 1, NAT64 |
NAT64 translation with HL=1 |
Packet dropped |
35 |
Hop Limit = 2, NAT64 |
NAT64 translation with HL=2 |
Packet forwarded once |
36 |
Hop Limit = 1, DNS64 |
DNS64 response with HL=1 |
Packet dropped |
37 |
Hop Limit = 64, DNS64 |
DNS64 response with HL=64 |
Packet accepted |
38 |
Hop Limit = 1, VPN tunnel |
VPN tunnel with HL=1 |
Packet dropped at tunnel entry |
39 |
Hop Limit = 2, VPN tunnel |
VPN tunnel with HL=2 |
Packet reaches tunnel exit |
40 |
Hop Limit = 255, VPN tunnel |
VPN tunnel with HL=255 |
Packet reaches destination |
41 |
Hop Limit = 1, mobile IPv6 |
Mobile node sends with HL=1 |
Packet dropped |
42 |
Hop Limit = 64, mobile IPv6 |
Mobile node sends with HL=64 |
Packet accepted |
43 |
Hop Limit = 1, segment routing |
Segment routing with HL=1 |
Packet dropped at first segment |
44 |
Hop Limit = 3, segment routing |
Packet reaches third segment |
Packet dropped |
45 |
Hop Limit = 5, segment routing |
Packet reaches destination |
Packet accepted |
46 |
Hop Limit = 1, SRv6 |
SRv6 packet with HL=1 |
Dropped at first segment |
47 |
Hop Limit = 2, SRv6 |
SRv6 packet with HL=2 |
Dropped at second segment |
48 |
Hop Limit = 3, SRv6 |
SRv6 packet with HL=3 |
Reaches third segment |
49 |
Hop Limit = 255, SRv6 |
SRv6 packet with HL=255 |
Reaches destination |
50 |
Hop Limit = 0, security test |
Test for HL=0 attack |
Packet dropped, alert generated |
Classless Addressing - Testcases
Classless Addressing - Test Cases |
|||
|---|---|---|---|
# |
Test Case |
Description |
Expected Result |
1 |
/128 address |
Single host address |
Only one device can use this address |
2 |
/64 address |
Standard subnet size |
Supports 2^64 host addresses |
3 |
/48 address |
Site-level aggregation |
Allows 65,536 /64 subnets |
4 |
/32 address |
ISP-level allocation |
ISP can assign multiple /48s |
5 |
/56 address |
Customer site allocation |
Allows 256 /64 subnets |
6 |
/96 address |
IPv4-mapped IPv6 |
Used for IPv4 compatibility |
7 |
/127 address |
Point-to-point link |
Only two addresses usable |
8 |
/126 address |
Small subnet |
Four addresses, two usable |
9 |
/120 address |
Very small subnet |
256 addresses |
10 |
/0 address |
Default route |
Matches all IPv6 addresses |
11 |
/64 subnetting |
Subnetting a /48 into /64s |
65,536 subnets created |
12 |
/56 subnetting |
Subnetting a /48 into /56s |
256 subnets created |
13 |
/64 to /128 |
Assigning host address |
Host gets unique address |
14 |
/64 to /127 |
Assigning point-to-point |
Two hosts can communicate |
15 |
Invalid prefix /129 |
Prefix length > 128 |
Error: Invalid prefix |
16 |
Overlapping prefixes |
Two subnets overlap |
Routing conflict |
17 |
Non-overlapping prefixes |
Proper subnetting |
No conflict |
18 |
Aggregation of /64s |
Combine into /48 |
Route summarization |
19 |
Aggregation of /56s |
Combine into /32 |
ISP-level summarization |
20 |
Assigning /64 to LAN |
Standard practice |
All devices auto-configure |
21 |
Assigning /128 to host |
Static assignment |
Host gets fixed address |
22 |
Assigning /127 to link |
Point-to-point link |
Efficient address use |
23 |
Assigning /126 to link |
Legacy point-to-point |
Four addresses used |
24 |
Assigning /96 to NAT64 |
IPv4/IPv6 translation |
IPv4-mapped IPv6 works |
25 |
Assigning /48 to enterprise |
Large network |
Multiple subnets supported |
26 |
Assigning /56 to home user |
Home network |
Multiple LANs supported |
27 |
Assigning /32 to ISP |
ISP allocation |
Multiple customers supported |
28 |
Assigning /64 to loopback |
Loopback interface |
Unique address |
29 |
Assigning /128 to loopback |
Loopback with /128 |
Valid configuration |
30 |
Assigning /64 to WAN |
WAN interface |
Valid configuration |
31 |
Assigning /64 to VPN |
VPN tunnel |
Tunnel endpoints configured |
32 |
Assigning /64 to VLAN |
VLAN interface |
Each VLAN gets unique subnet |
33 |
Assigning /64 to wireless |
Wireless LAN |
Devices auto-configure |
34 |
Assigning /64 to DMZ |
DMZ network |
Isolated subnet |
35 |
Assigning /64 to server farm |
Server subnet |
Scalable addressing |
36 |
Assigning /64 to IoT |
IoT network |
Supports many devices |
37 |
Assigning /64 to cloud |
Cloud subnet |
Elastic addressing |
38 |
Assigning /64 to container |
Container network |
Unique subnet per container |
39 |
Assigning /64 to hypervisor |
Virtual machines |
Each VM gets address |
40 |
Assigning /64 to SDN |
Software-defined network |
Programmable addressing |
41 |
Assigning /64 to edge device |
Edge computing |
Local subnet |
42 |
Assigning /64 to mobile network |
5G/4G subnet |
Mobile devices supported |
43 |
Assigning /64 to satellite |
Satellite link |
IPv6 over satellite |
44 |
Assigning /64 to mesh network |
IoT mesh |
Devices auto-configure |
45 |
Assigning /64 to smart grid |
Utility network |
Smart meters addressed |
46 |
Assigning /64 to SCADA |
Industrial control |
Secure addressing |
47 |
Assigning /64 to testbed |
Lab network |
Isolated testing |
48 |
Assigning /64 to research |
Research subnet |
Experimental addressing |
49 |
Assigning /64 to education |
Campus network |
Multiple departments |
50 |
Assigning /64 to public Wi-Fi |
Guest network |
Temporary addressing |
Efficient Routing - Testcases
Efficient Routing - Test Cases |
|||
|---|---|---|---|
# |
Test Case |
Description |
Expected Result |
1 |
Longest Prefix Match |
Router selects route with longest prefix |
Packet forwarded via most specific route |
2 |
Aggregated Route /32 |
ISP aggregates multiple /48s into /32 |
Reduces routing table size |
3 |
Aggregated Route /48 |
Enterprise aggregates /64s into /48 |
Simplifies internal routing |
4 |
Default Route ::/0 |
Packet with no specific match |
Forwarded to default gateway |
5 |
Static Route Configuration |
Manually configured route |
Packet follows static path |
6 |
Dynamic Routing Protocol |
OSPFv3 or BGPv6 used |
Routes updated dynamically |
7 |
Route Summarization |
Summarize multiple routes |
Reduces routing overhead |
8 |
Route Redistribution |
Between OSPFv3 and BGPv6 |
Routes shared across protocols |
9 |
Equal-Cost Multi-Path (ECMP) |
Multiple equal-cost routes |
Load balanced forwarding |
10 |
Unequal-Cost Multi-Path |
Routes with different costs |
Best path selected |
11 |
Loop Prevention |
Routing loop detected |
Packet dropped or rerouted |
12 |
Hop-by-Hop Header |
Special routing instructions |
Routers process header |
13 |
Source Routing (deprecated) |
Source specifies route |
Not supported in modern IPv6 |
14 |
Segment Routing (SRv6) |
Routing via segments |
Packet follows segment list |
15 |
Fast Reroute |
Link failure recovery |
Alternate path used instantly |
16 |
Route Flapping |
Unstable route |
Route dampened or suppressed |
17 |
Route Convergence |
Network change occurs |
Routing table updated quickly |
18 |
Route Filtering |
Block specific prefixes |
Unwanted routes not installed |
19 |
Route Preference |
Administrative distance used |
Most preferred route selected |
20 |
Route Metric |
Cost-based selection |
Lowest metric route chosen |
21 |
Link-State Routing |
OSPFv3 builds topology |
Efficient path computation |
22 |
Distance Vector Routing |
RIPng used |
Simple but less efficient |
23 |
BGPv6 Peering |
External routing |
Routes exchanged between ASes |
24 |
BGPv6 Aggregation |
Prefix aggregation in BGP |
Reduces global table size |
25 |
BGPv6 Filtering |
Prefix-lists applied |
Controls route advertisement |
26 |
BGPv6 Communities |
Tagging routes |
Policy-based routing decisions |
27 |
Route Advertisement |
RA messages in SLAAC |
Hosts learn default gateway |
28 |
Route Lifetime |
RA route expires |
Host removes route |
29 |
Multicast Routing |
Efficient group delivery |
Uses shortest path tree |
30 |
Anycast Routing |
Nearest node responds |
Fast and efficient service |
31 |
Mobile IPv6 Routing |
Mobile node changes location |
Route optimized via home agent |
32 |
Route Optimization |
Mobile IPv6 direct routing |
Avoids triangle routing |
33 |
Tunneling Efficiency |
IPv6 over IPv4 tunnel |
Adds overhead, less efficient |
34 |
Native IPv6 Routing |
No tunneling |
Most efficient path |
35 |
Dual Stack Routing |
IPv4 and IPv6 coexist |
IPv6 preferred if available |
36 |
Policy-Based Routing |
Route based on policy |
Custom forwarding decisions |
37 |
Traffic Engineering |
SRv6 or MPLS used |
Optimized path for traffic type |
38 |
Load Balancing |
Across multiple links |
Improves throughput |
39 |
Route Blackholing |
Drop specific traffic |
Prevents DDoS or misuse |
40 |
Route Injection |
Inject route into protocol |
Adds new path dynamically |
41 |
Route Leak Detection |
BGP route leak occurs |
Detected and mitigated |
42 |
Route Hijack Detection |
Malicious route advertised |
Alert triggered |
43 |
IPv6 Prefix Delegation |
DHCPv6-PD assigns prefixes |
Efficient subnetting |
44 |
Recursive Route Lookup |
Next-hop lookup required |
Final route determined |
45 |
Loopback Routing |
::1 used for testing |
Packet stays on local host |
46 |
Blackhole Route |
Null route configured |
Traffic silently dropped |
47 |
Route Aging |
Stale route removed |
Keeps table current |
48 |
Route Tagging |
Metadata for routes |
Used in policy decisions |
49 |
Route Monitoring |
SNMP or NetFlow used |
Tracks routing efficiency |
50 |
Route Validation |
RPKI or BGPsec used |
Ensures route authenticity |
Reference links