EUI-64 Process and Randomly Generated IPv6 Addresses

When SLAAC or SLAAC with stateless RA message is received to a client, the client is required to generate its own Interface ID. The client gets the prefix portion of the IPv6 address from the RA message but the RA message not held the information about the interface ID for the client. There for the client must create its own Interface ID. The Interface ID can be created using the EUI-64 process (Derived from MAC address ) or a randomly generated 64-bit number.

EUI-64 Process

Extended Unique Identifier (EUI) or modified EUI-64 is the process defined by IEEE. This process uses a client’s 48-bit Ethernet MAC address and inserts an extra 16 bits in the middle of the 48-bit MAC address to create a 64-bit Interface ID. Ethernet MAC addresses are usually represented in hexadecimal and are made up of two parts:

  • Organizationally Unique Identifier (OUI)– An OUI is a 24-bit number that uniquely identifies a vendor or manufacturer of the device. They are purchased and assigned by the IEEE. The OUI is basically the first three octets of a MAC address.
  • Device Identifier– The device identifier is a unique 24-bit (6 hexadecimal digits) value within a common OUI. The last three octets of the MAC address is device identifier.

An EUI-64 Interface ID is represented in binary and is made up of three parts:

  • 24-bit OUI from the client MAC address, but the 7th bit is reversed. This means that if the 7th bit is a 1, it becomes a 0, and vice versa.
  • 24-bit Device Identifier from the client MAC address
  • The inserted 16-bit value FFFE (in hexadecimal) between OUI and Device Identifier.

Following is the EUI-64 process using MAC address of 45:70:fa:b5:f8:75

  • Get the mac address of the PC or device for example 45:70:fa:b5:f8:75
  • Insert ff:fe in the middle: 45:70:fa:ff:fe:b5:f8:75
  • Reorder to IPv6 notation 4570:faff:feb5:f875
  • Now it’s 4 hextet, convert the first octet from hexadecimal to binary: 45-> 01000101
  • Flip the 7th bit: 01010010 ->01010000 
  • convert octet back to hexadecimal: 01010000 ->50
  • Change first octet with newly calculated one: 5070:faff:feb5:f875
  • Insert the link-local prefix at the beginning : fe80::5074:f2ff:feb1:a87f

An easy way to identify that an address was more than likely created using EUI-64 is the FFFE located in the middle of the Interface ID. The benefit of EUI-64 is the Ethernet MAC address can be used to find out the Interface ID. The Network administrators can easily track an IPv6 address to an end-device using the unique MAC address. but, this also caused privacy among users, because their packets can be traced to the actual physical computer. So, a randomly generated Interface ID may be used in its place.

Randomly Generated Interface IDs

The device can use a randomly generated Interface ID instead of using the MAC address and the EUI-64 process, Depending on the operating system. For example,  Windows Vista uses a randomly generated Interface ID instead of one created with EUI-64. Windows XP and previous Windows operating systems used EUI-64. After the Interface ID is established, both through the EUI-64 process or through random generation, it can be combined with an IPv6 prefix in the RA message to create a global unicast address. To avoid IP address duplicate addressing the client can use DAD (duplicate address detection). This is similar to ARP request for its own address.

Router Advertisement (RA) Messages

The RA message option 1, SLAAC is the default option for the router. The router interface can be configured for three options:

  1. SLAAC – Which says I’m all you need (Prefix, Prefix-length, Default Gateway)”
  2. SLAAC and DHCPv6 stateless–My information are here but you also need to get other information like DNS addresses from a DHCPv6 server.
  3. DHCPv6 Only – I can’t give you any information. Send a request to DHCPv6 server for all your required information.

RA Option 1- SLAAC

The ICMPv6 RA message is a suggestion to a device on how to get an IPv6 global unicast address. The device operating system is final authority to get an IPv6 address.This message suggests that the receiving device use the information in the RA message to create its own IPv6 global unicast address. The DHCPv6 services are not required for SLAAC.

Basically, SLAAC is no central server required to allocate global unicast addresses. The SLAAC is not keeping a list of devices and their addresses. The client device uses the information in the RA message to create its own global unicast address. The host device sends a request for addressing information to the local router. The local router advertises its addressing information (Prefix, Prefix length and Default Gateway) through RA message towards host computer. The two parts of the address are created as follows:

  • Prefix– Received in the RA message
  • Interface ID– Uses the EUI-64 process or by generating a random 64-bit number

RA Option 2 – SLAAC and DHCPv6 stateless

The router’s interface can be configured to send a router advertisement using SLAAC and stateless DHCPv6. A stateless DHCPv6 server distributes DNS server addresses and domain names only. It does not allocate global unicast addresses.The RA Option 2 (SLAAC and Stateless DHCPv6) functions are here:

  • SLAAC to create its own IPv6 global unicast address, router’s link-local address and the RA’s source IPv6 address for the default gateway address.
  • A stateless DHCPv6 server to obtain other information like DNS server address and a domain name.

RA Option 3 – Stateful DHCPv6

Stateful DHCPv6 is work just like DHCP for IPv4 addresses. A device can get its addressing information including a global unicast address, prefix length, and the addresses of DNS servers automatically using the services of a stateful DHCPv6 server. This option suggests devices:

  • The link-local address of the router, the RA’s source IPv6 address for the default gateway address.
  • A stateful DHCPv6 server to obtain a global unicast address, DNS server address, domain name and all other information.

A stateful DHCPv6 server allocates and maintains a list of devices which receive IPv6 address.The default gateway address can only be obtained from the RA message. The stateless or stateful DHCPv6 server does not afford the default gateway address.