Fact-checked by Grok 2 weeks ago

IPv6 packet

An IPv6 packet is the fundamental unit of data transmission in the version 6 (), serving as the successor to IPv4 to address the exhaustion of 32-bit and enable scalable growth; it comprises a fixed 40-octet base header, zero or more extension headers for additional functionality, and a variable-length that carries upper-layer protocol data. Developed by the (IETF), IPv6 introduces key enhancements over IPv4, including 128-bit source and destination addresses to support approximately 3.4 × 10^38 unique identifiers, elimination of the header for router efficiency, and simplified header processing to reduce overhead in high-speed networks. The base header include a 4-bit field set to 6, an 8-bit Traffic Class for quality-of-service marking, a 20-bit Flow Label to enable special handling of packet sequences from a source to a destination, a 16-bit Length indicating the size of the data following the header, an 8-bit Next Header field specifying the type of the next header or upper-layer protocol, and an 8-bit Hop Limit that decrements at each router to prevent infinite loops, replacing IPv4's . Extension headers in IPv6 packets provide modular support for features like hop-by-hop options (processed by every intermediate node), routing headers for source-based path specification, fragmentation (performed only at the source, not routers), and destination options (processed only at the final destination), with the Next Header chain linking them in a specific order to ensure proper processing. Unlike IPv4, IPv6 mandates a minimum link MTU of 1280 octets and supports jumbograms for payloads up to 4 gigabytes, facilitating efficient transmission over diverse network links while promoting end-to-end security through integration with . These design choices make IPv6 packets more future-proof, with approximately 45% of traffic to services using as of November 2025, driven by the need for expanded addressing in , mobile, and global expansion.

Overview

Definition and Purpose

An packet consists of an IPv6 header followed by the , which may include optional extension headers and upper-layer data. This structure enables the transmission of data across IPv6 networks, where the header provides essential and control information while the carries the actual content, such as segments. The primary purpose of the IPv6 packet format is to serve as the foundational unit for communication in the next-generation , addressing key limitations of IPv4, including exhaustion and inefficient header processing. By expanding the address length to 128 bits, IPv6 packets support a vastly larger number of unique addresses—approximately 3.4 × 10^38—facilitating global scalability without the need for (NAT) mechanisms commonly used in IPv4. Additionally, the design simplifies the fixed header to eight fields, reducing router processing overhead and enhancing efficiency for high-speed networks. IPv6 packets also incorporate mechanisms for extensibility through chained extension headers, allowing flexible insertion of options like or fragmentation without bloating the base header, which contrasts with IPv4's more rigid options field. This purposeful architecture promotes better support for emerging technologies, such as and quality-of-service flows, ensuring long-term adaptability in . Overall, the IPv6 packet's design prioritizes simplicity, security integration, and scalability to sustain the internet's growth into the foreseeable future.

Key Differences from IPv4

The IPv6 packet header introduces several fundamental changes compared to the IPv4 header to enhance processing efficiency, scalability, and flexibility in modern networks. The IPv6 header is fixed at 40 octets in length, eliminating the variable-length options field present in IPv4, which could extend the header up to 60 octets and complicate router processing. This fixed structure reduces parsing overhead, as routers no longer need to handle variable offsets or checksum recalculation for fragmented packets. A primary distinction lies in addressing: IPv6 employs 128-bit source and destination addresses, vastly expanding the address space from IPv4's 32-bit format to support approximately 3.4 × 10^38 unique addresses. IPv6 also introduces a 20-bit Flow Label field in the header, absent in IPv4, which enables routers to associate packets belonging to the same flow for quality-of-service handling without relying on . Additionally, the field (8 bits) in IPv6 replaces IPv4's octet, providing similar prioritization but with enhanced semantics for . Fragmentation handling differs significantly: IPv4 allows both hosts and routers to fragment packets using fields in the base header (, Flags, and ), whereas IPv6 restricts fragmentation to the source host only, implemented via a separate Fragment Header extension. This design prevents intermediate routers from fragmenting packets, reducing latency and enabling to avoid fragmentation altogether. The IPv6 base header omits the IPv4 Header field entirely, shifting error detection responsibility to upper-layer protocols like or , as link-layer mechanisms are deemed sufficient for header integrity. IPv6 replaces IPv4's inline options with a chain of optional Extension Headers, each identified by a Next Header field, allowing modular insertion of features like or without bloating the base header. For instance, the Hop Limit field (8 bits) supersedes IPv4's , decrementing by one per hop to prevent loops, but with semantics emphasizing hop count over time-based expiration. These changes collectively streamline , with IPv6 routers typically processing headers faster due to the simplified format and lack of verification.
AspectIPv4 Packet HeaderIPv6 Packet Header
LengthVariable (20–60 octets)Fixed (40 octets)
Addresses32 bits each128 bits each
FragmentationSupported in base header (routers/hosts)Source-only, via Fragment Header
ChecksumIncluded in headerOmitted; handled by upper layers
OptionsInline, variable-lengthExtension Headers (chained, TLV format)
Flow HandlingNo dedicated field20-bit Flow Label
This table summarizes the structural contrasts, highlighting IPv6's design for efficiency and extensibility.

Packet Headers

Fixed Header

The IPv6 fixed header forms the initial 40 octets of every packet, providing essential routing and delivery information while maintaining a streamlined structure compared to its IPv4 counterpart. This fixed-size header simplifies processing by devices, as it eliminates variable-length options present in IPv4, with any optional information deferred to extension headers that follow. The header's fields are arranged in byte order, ensuring consistent interpretation across diverse architectures. The header begins with a 4-bit Version field set to 6, indicating the protocol version, followed by an 8-bit Traffic Class field used for quality-of-service differentiation, such as prioritizing certain traffic flows. Adjacent to these is the 20-bit Flow Label, which enables routers to treat sequences of packets belonging to the same flow identically, supporting efficient traffic management without deep packet inspection. The 16-bit Payload Length field specifies the size of the data following the fixed header in octets, encompassing any extension headers and the upper-layer payload; for very large payloads exceeding 65,535 octets, this field is set to zero and a Jumbogram option is used elsewhere. Succeeding these is the 8-bit Next Header field, which identifies the type of header immediately following the fixed header—such as an extension header or the upper-layer protocol (e.g., TCP or UDP)—using the same numbering scheme as the IPv4 Protocol field, as defined by IANA. The 8-bit Hop Limit field serves as a loop-prevention mechanism, decremented by one at each intermediate node; if it reaches zero, the packet is discarded to prevent indefinite circulation. Finally, the header concludes with 128-bit Source Address and Destination Address fields, representing the IPv6 addresses of the packet's originator and intended recipient, respectively, formatted as specified in RFC 4291.
FieldSize (bits)Position (octets)Purpose
Version40 (bits 0-3)Specifies (value 6).
Traffic Class80 (bits 4-7) to 1 (bits 0-3)Supports and .
Flow Label201 (bits 4-7) to 3 (all bits)Identifies packets for the same flow to enable consistent handling.
Payload Length164-5Length of the payload (including extension headers) in octets.
Next Header86Indicates the type of the next header or upper-layer protocol.
Hop Limit87Decremented per hop; discards packet if zero to prevent loops.
Source Address1288-23 of the sending node.
Destination Address12824-39 of the final recipient.
This layout, as diagrammed in RFC 8200, ensures that the fixed header remains compact at exactly 40 octets, promoting faster and forwarding in high-speed networks. Routers must process this header fully before examining any extension headers, reinforcing its role as the packet's foundational control structure.

Extension Headers Overview

In , extension headers provide optional internet-layer information that is encoded in separate headers placed between the fixed header and the upper-layer header, such as or . These headers enable additional functionality beyond the basic header, supporting features like routing, fragmentation, and security without requiring changes to the core protocol structure. Unlike IPv4, where options are included in a single variable-length field, extension headers are designed for and , allowing nodes to process only the relevant headers without the entire packet. Each extension header is an integer multiple of 8 octets in length to maintain alignment for subsequent headers, with multi-octet fields aligned on natural boundaries of 1, 2, 4, or 8 octets. The Next Header field, an 8-bit selector in both the header and each extension header, identifies the type of the immediately following header using values from the IANA Numbers registry. This field facilitates chaining of zero or more extension headers, where the value points to the next header type until reaching the upper-layer . A recommended order for chaining includes the header followed by Hop-by-Hop Options, Destination Options (first set), , Fragment, Authentication Header, Encapsulating Security Payload, Destination Options (second set), and finally the upper-layer header. Extension headers are processed strictly in the order they appear in the packet, with intermediate nodes generally forwarding them unchanged except for specific types like Hop-by-Hop Options. The destination node examines all extension headers before processing the upper-layer header, and unrecognized Next Header values result in the packet being silently discarded along with an Parameter Problem message. Nodes must not skip ahead to find specific headers; instead, they process sequentially. While the order of most extension headers can vary, Hop-by-Hop Options must immediately follow the header, and each type occurs at most once except for Destination Options, which may appear up to twice. A full IPv6 implementation is required to support core extension headers including Hop-by-Hop Options, , Fragment, Destination Options, Authentication Header, and Encapsulating Security Payload. New extension header types are discouraged in favor of using the flexible Destination Options header to avoid increasing the minimum processing burden on routers. This design promotes extensibility while ensuring efficient packet handling in high-speed networks.

Extension Header Types

Hop-by-Hop Options and Destination Options

In IPv6, the Hop-by-Hop Options header carries optional information that must be examined and potentially processed by every node along the packet's delivery path, including intermediate routers and the final destination. This header immediately follows the base header when present and is identified by a Next Header value of 0 in the base header. Its format consists of an 8-bit Next Header field indicating the type of the next header, an 8-bit Header Extension Length field specifying the length in 8-octet units (excluding the first 8 octets), and a variable-length Options field containing one or more type-length-value (TLV) encoded options, padded to a multiple of 8 octets. Options are processed in the order they appear, and the header must preserve this order during forwarding. Nodes are not required to process all options but must forward packets containing the header without dropping them solely due to its presence. Processing of Hop-by-Hop Options has been refined to address performance and security concerns. Routers should process these options at full forwarding rate to avoid bottlenecks, and they must forward packets even if options are skipped or unprocessed. For unrecognized options, the action depends on the two-bit Action field in the Option Type: options with Action 00 (skip if unknown) are ignored and forwarded, while those with 01, 10, or 11 may trigger packet discard with an ICMP Parameter Problem message, though skipping is preferred for efficiency. Sources are encouraged to limit the number of options or order them by priority to minimize processing overhead. Security measures include for options like Router Alert to prevent denial-of-service attacks on the . Common Hop-by-Hop Options include the Router Alert option (Type 5, Action 00), which signals routers to examine the packet for protocols like or IGMP that require special handling, and the Jumbo Payload option (Type 194 or 0xC2, Action 11), used to indicate payloads larger than 65,535 octets when the base header's Payload Length field is set to 0. The Tunnel Encapsulation Limit option (Type 4, Action 00) specifies the maximum number of encapsulating or IPv4 headers allowed, aiding in preventing infinite encapsulation loops. Pad1 (Type 0) and PadN (Type 1) options provide alignment without data. New options, such as those for Operations, Administration, and Maintenance (IOAM) in 9486, extend capabilities for network telemetry while adhering to these processing rules. The Destination Options header, in contrast, carries optional information intended solely for processing by the packet's destination node or nodes listed in a header. It shares the same general format as the Hop-by-Hop Options header: an 8-bit Next Header field (value in the preceding header), an 8-bit , and TLV-encoded Options. This header can appear up to twice in a packet—once before a header (processed by intermediate destinations) and once before the upper-layer header (processed only by the final destination)—but its options are ignored by intermediate nodes. Like Hop-by-Hop Options, unrecognized options follow field rules, with skipping recommended for 00 to ensure delivery. A prominent Destination Option is the Home Address option (Type 201 or 0xC9, Action 11), used in Mobile IPv6 to allow a mobile node to send packets using its home address while appearing from its care-of address, facilitating seamless mobility. Pad1 and PadN options are also standard here for alignment. The Tunnel Encapsulation Limit can apply to Destination Options as well. IOAM options may also use this header for end-to-end data collection. Overall, both headers use a shared Option Type numbering space, with the 8-bit type structured as a 2-bit Action field (00: skip unknown, 01: discard and send ICMP, 10: discard no ICMP, 11: discard and send ICMP if feasible), a 5-bit changing field indicating mutable options, and a 1-bit experimental flag.
Option Type (Hex)NameActionApplicable Header(s)PurposeReference
0x00Pad100BothSingle-octet padding for alignmentRFC 8200
0x01PadN00BothMulti-octet padding for alignmentRFC 8200
0x04Tunnel Encapsulation Limit00BothLimits encapsulations to prevent loopsRFC 2473
0x05Router Alert00Hop-by-HopAlerts routers to inspect packet for upper-layer protocolsRFC 2711
0xC2Jumbo Payload11Hop-by-HopSupports payloads >65,535 octetsRFC 2675
0xC9Home Address11DestinationEnables Mobile IPv6 binding updatesRFC 6275

Routing Header

The IPv6 Routing Header is an extension header that enables a source node to specify one or more intermediate nodes that a packet must visit en route to its destination, allowing for explicit similar to the IPv4 Loose Source and Record Route option. It is inserted after the IPv6 base header or other extension headers and is processed by nodes indicated in the route, with the final destination handling it as a standard packet. This mechanism supports advanced routing scenarios, such as or constrained networks, but its use has been limited due to security concerns with certain types. The header's structure consists of several fixed fields followed by type-specific data. The Next Header field (8 bits) identifies the type of header immediately following the Routing Header. The Hdr Ext Len field (8 bits) specifies the length of the header in 8-octet units, excluding the first 8 octets. The Routing Type field (8 bits) indicates the variant of the Routing Header, determining the format and processing of the type-specific data. The Segments Left field (8 bits) counts the number of intermediate nodes remaining to be visited; it decrements by one at each such node. The type-specific data field is variable-length and contains addresses or other routing information based on the Routing Type. Processing of the Header occurs as follows: Intermediate s examine the Segments Left field; if it is greater than zero and the node matches the next address in the type-specific , it decrements Segments Left, swaps the destination with the next route address, and forwards the packet. If Segments Left is zero or the Routing Type is unrecognized but Segments Left is zero, the header is ignored, and the next header is processed. For unrecognized types with Segments Left greater than zero, the packet is discarded, and an Parameter Problem message (Code 0) is sent to the source. Additionally, if inserting the Routing Header would exceed the path MTU, the packet may be fragmented or discarded with an Packet Too Big message. Several Routing Types have been defined by the IETF, managed through IANA allocations. Type 0, the original loose source routing variant, was deprecated in 2007 due to its vulnerability to denial-of-service attacks via traffic amplification, where attackers could cause loops or excessive packet replication between nodes. Implementations must ignore Type 0 headers and treat them as unrecognized. Type 2 is the Type 2 Routing Header used in Mobile IPv6 to allow a mobile node to specify its care-of address as an intermediate destination, enabling correspondent nodes to route return traffic correctly without binding updates. It contains a single IPv6 address in its type-specific data and is processed only by the correspondent node. Type 3 is the RPL Source Route Header, designed for use in low-power and lossy networks (LLNs) under the for Low-Power and Lossy Networks (RPL). It carries a compressed list of IPv6 addresses for downward routes in RPL topologies, with the type-specific data including a CmprI (compression indicator) and CmprE ( compression) flags to optimize header size in resource-constrained environments. This type supports efficient routing in mesh networks for applications, with processing rules that prevent loops by validating against RPL DODAG information. An update in 9008 refined its use for better . Type 4 introduces the Segment Routing Header (SRH) for applying Segment Routing to the IPv6 data plane, enabling network programming where paths are defined by segments (e.g., node or adjacency identifiers). The type-specific data includes fields like Segments Left (reused), Last Entry, Flags, Tag, and a list of Segment Identifiers (SIDs), which can be IPv6 addresses or indexes into a Segment List. Processing involves steering packets through a sequence of segments, with optional HMAC for integrity protection against attacks. This type facilitates traffic engineering in service provider networks without stateful protocols, supporting scalability in 5G and data center environments. Security considerations for the Routing Header emphasize its potential for abuse, such as unauthorized path manipulation or amplification attacks, leading to recommendations for filtering of unrecognized types and validation of source addresses. Nodes should implement on ICMP responses to prevent , and the use of or SRH's can mitigate tampering. Overall, while powerful for controlled , deployment requires careful configuration to balance functionality and risk.

Fragment Header

The Fragment Header in IPv6 enables a source to divide a packet that exceeds the path (MTU) into fragments, which are then reassembled only at the destination , unlike IPv4 where intermediate routers can also fragment packets. This design promotes end-to-end MTU discovery and reduces processing overhead on routers by prohibiting on-path fragmentation. The header is an extension header identified by the Next Header value of 44 and appears in the packet only when fragmentation is required. The Fragment Header consists of 8 octets and follows the format specified in RFC 8200. It is inserted immediately before the first header of the Fragmentable Part of the packet, which includes the upper-layer protocol data and any subsequent extension headers that are not examined by nodes en route. The structure is as follows: 
  +---------------+---------------+---------------+---------------+
  |  Next Header  |   Reserved    |Fragment Offset|Res|M| Identification       |
  +---------------+---------------+---------------+---------------+
  |                                                               |
  +---------------+---------------+---------------+---------------+
The fields are defined as:
  • Next Header (8 bits): Specifies the type of the next header immediately following the Fragment Header, such as an upper-layer protocol (e.g., or ) or another extension header in the Fragmentable Part.
  • Reserved (8 bits): Set to zero by the sender and ignored by the receiver to allow for future extensions.
  • Fragment Offset (13 bits): Indicates the offset of the data in this fragment from the start of the Fragmentable Part, measured in units of 8 octets (64 bits). This field is zero for the first fragment.
  • Res (2 bits): Reserved for future use, set to zero by the sender and ignored by the receiver.
  • M flag (1 bit): The More Fragments flag; set to 1 if additional fragments follow this one, and 0 for the last fragment.
  • Identification (32 bits): A generated by the source for each fragmented packet, ensuring correct reassembly when combined with the source and destination addresses; it must not be reused for packets between the same source-destination pair within the maximum packet lifetime.
When fragmenting a packet, the source node creates the first fragment to include all preceding headers (Fixed Header and any non-fragmentable Extension Headers) plus the initial portion of the Fragmentable Part, ensuring it contains a complete upper-layer header if applicable. Subsequent fragments include only the followed by the remaining data portions, with each fragment's length being an integer multiple of 8 octets except possibly the last one. The total reassembled packet size must not exceed 65,535 octets, aligning with IPv6's addressing and header constraints. Reassembly at the destination relies on matching the Identification field, source , and destination across fragments; any overlapping fragments are discarded without generating an ICMP error, and incomplete sets are dropped after 60 seconds. If the first fragment lacks all headers through the upper-layer header, it is discarded, and an ICMP Parameter Problem message may be sent. This header's design supports efficient fragmentation while enhancing security by limiting reassembly to endpoints.

Security Headers

In IPv6, security is primarily provided through the IPsec protocol suite, which integrates and capabilities directly into the packet structure via dedicated extension headers. These headers enable end-to-end or hop-by-hop services without requiring modifications to the core protocol. The two primary extension headers are the and the Encapsulating Payload (ESP), both of which are processed only at the endpoints or specified intermediate nodes, not by routers in transit. The is designed to provide connectionless , data origin , and optional protection against replay attacks for datagrams. It authenticates the entire packet, excluding certain mutable fields like the Hop Limit, by computing an Integrity Check Value (ICV) over the protected portions. AH does not offer , focusing instead on verifying that the packet has not been altered in transit and originates from a trusted source. In , AH is inserted as an extension header following any hop-by-hop options, routing, and fragment headers, but before destination options or the upper-layer protocol header in transport mode; in tunnel mode, it follows the outer header. The AH next header value is 51, and its length is expressed in 32-bit words minus 2, ensuring 64-bit alignment for IPv6 compatibility. The structure of the AH consists of several fixed fields followed by the variable ICV:
FieldSize (bits)Description
Next Header8Identifies the type of header following AH (e.g., 44 for Fragment Header or 6 for ).
Payload Length8Length of the AH in 32-bit words, excluding the header itself; must be a multiple of 4 for 64-bit alignment in .
16Set to zero; included in ICV computation.
Security Parameters Index ()32Identifies the (SA) used for this packet.
Sequence Number32Monotonic counter for replay protection; supports an optional 64-bit Extended Sequence Number (ESN) where only the lower 32 bits are transmitted.
Integrity Check Value (ICV)Variable (multiple of 32)Cryptographic hash for integrity; padded to 64-bit boundary in , computed over the packet with mutable fields zeroed (e.g., Flow Label).
For -specific handling, the ICV calculation zeros out mutable fields such as the Flow Label and Traffic Class to account for changes by intermediate nodes, ensuring without false failures. AH supports algorithms like HMAC-SHA-1-96 for ICV generation, with replay implemented via a sliding window mechanism on the sequence number. The Encapsulating Security Payload () extends security beyond AH by providing through , along with data origin , connectionless , and anti-replay services. It can operate in confidentiality-only, integrity-only, or combined modes, making it versatile for securing sensitive traffic. ESP encapsulates the protected payload, encrypting it while optionally authenticating the entire ESP packet or just the payload. In , ESP appears as an extension header after hop-by-hop, , and fragment headers, but before the final destination options or upper-layer header in transport mode; its next header value is 50. Unlike AH, ESP aligns the following header to an 8-byte boundary and supports mixed IPv4/IPv6 tunnel modes. ESP's structure includes a fixed header, variable payload data, and a trailer, with the following key fields:
FieldSize (bits)Description
Security Parameters Index (SPI)32Identifies the for decryption and .
Sequence Number32Counter for anti-replay; uses 64-bit ESN with only lower 32 bits transmitted, managed via a receiver window of up to 2^31 packets.
Payload DataEncrypted original data, including upper-layer headers in transport mode or entire inner packet in tunnel mode.
Padding0-255 bytesOptional bytes for alignment or (TFC).
Pad Length8Specifies the number of padding bytes.
Next Header8Type of payload following the ESP trailer (e.g., 41 for ).
Integrity Check Value (ICV)Optional data, computed over the ESP header and payload (excluding padding in some modes).
In , ESP's encryption (e.g., using in mode) protects against , while the ICV—generated with algorithms like HMAC-SHA-256—ensures . Anti-replay is enforced by checking the sequence number against a bit-map window at the receiver, with synchronization rules to handle sequence overflows. ESP must provide either or (or both), and its use is recommended in conjunction with () for establishment. Both and adhere to strict ordering rules in packets: they follow the Fragment Header if present and appear at most once per packet, with ESP typically after AH if both are used. This positioning ensures that fragmentation occurs before security processing, avoiding issues with encrypted fragments. While is mandatory to implement in nodes, its invocation depends on policy, allowing flexible deployment for securing applications like VoIP or VPNs over networks.

Payload

Standard Payload

The standard payload in an IPv6 packet consists of the data that follows the fixed IPv6 header and any optional extension headers, carrying information from upper-layer protocols such as TCP, UDP, or ICMPv6. The size of the IPv6 payload, consisting of any extension headers and the upper-layer protocol data, is indicated by the 16-bit Payload Length field in the fixed header, which specifies the total length in octets (up to 65,535), excluding the 40-octet fixed header. To determine the length of the upper-layer protocol data, subtract the total lengths of any preceding extension headers (each extension header's length is given by its Hdr Ext Len field, in 8-octet units, plus 8 octets) from the Payload Length value. The field supports payloads up to 65,535 octets, making it suitable for most network traffic on links with a minimum transmission unit (MTU) of 1280 octets or greater, as required by IPv6 specifications. When no extension headers are present, the standard payload directly follows the fixed header and encapsulates the complete of the next higher-layer protocol, identified by the Next Header field in the header. For example, in a segment over , the payload includes the TCP header and data, with the protocol's incorporating a pseudo-header that accounts for the source and destination IPv6 addresses, the payload length, and the upper-layer protocol number. Similarly, datagrams in the standard payload use a 16-bit length field that aligns with the Payload Length, ensuring compatibility without additional options. This structure simplifies processing compared to IPv4 by avoiding fragmentation in the standard case, as IPv6 mandates to accommodate the payload size end-to-end. The Payload Length field is set to zero if the packet contains a Jumbo Payload option for oversized data, distinguishing standard payloads from jumbograms that exceed octets via a 32-bit Hop-by-Hop extension. In practice, standard payloads dominate IPv6 traffic, supporting efficient transmission over diverse link types while adhering to the protocol's design for streamlined header parsing.

Jumbograms

In IPv6, a jumbogram refers to a packet whose payload length exceeds the standard 65,535 octets limit imposed by the 16-bit Payload Length field in the IPv6 header. This mechanism allows for the transmission of very large payloads, ranging from 65,536 to 4,294,967,295 octets, specifically on links that support a (MTU) greater than 65,575 octets. Jumbograms are enabled through the Jumbo Payload option, which is a hop-by-hop option carried in the IPv6 Hop-by-Hop Options extension header. The Jumbo Payload option replaces the functionality of the IPv6 header's Payload Length when larger payloads are needed. In a jumbogram, the IPv6 header's Payload Length is set to zero to signal the presence of this option. The option itself consists of an 8-bit Option Type with the value 0xC2 (in ), an 8-bit Opt Data Length set to 4, and a 32-bit Jumbo Payload Length that specifies the total size in octets of the payload following the fixed header (including the Hop-by-Hop Options extension header and any subsequent extension headers, plus upper-layer data), which must be greater than 65,535. The option requires 8-octet alignment (specifically, 4n + 2 padding) to ensure proper processing by intermediate nodes. Jumbograms cannot include a Fragment Header, as IPv6 fragmentation is not permitted for these oversized packets; any attempt to fragment them at the source would violate the specification. All IPv6 nodes on the path must support the Jumbo Payload option if the link MTU exceeds 65,575 octets, as intermediate routers are required to process hop-by-hop options. Upon receiving a jumbogram, a node uses the Jumbo Payload Length value to determine the total payload size, including any extension headers and upper-layer data. If the option is malformed—such as when the Jumbo Payload Length is 65,535 or less, or if the Payload Length field is non-zero—an ICMPv6 Parameter Problem message is generated with code 0 (erroneous header field). The Jumbo Payload option introduces no new security issues beyond those of standard packets, though the larger size may reduce the accuracy of transport-layer checksums due to increased probability of bit errors over the link. For transport protocols, UDP jumbograms require the UDP header's 16-bit Length field to be set to zero, with the actual length derived from the Jumbo Payload option; the UDP checksum pseudo-header must use the true payload length rather than zero. In TCP, the Maximum Segment Size (MSS) option is adjusted to 65,535 when the path MTU supports jumbograms, effectively treating it as unlimited, while the Urgent Pointer field is capped at 65,535 or handled by segmenting the data if larger. Path MTU Discovery remains essential to negotiate the effective MSS, ensuring compatibility with legacy networks. Although defined in 1999, jumbograms have seen limited adoption due to the rarity of links supporting such large MTUs and sparse implementation in IPv6 stacks. Recent IETF drafts explore extensions like Advanced Jumbos to address limitations in basic jumbograms, but the original mechanism remains part of the IPv6 specification.

Fragmentation

Source Fragmentation

In IPv6, fragmentation is exclusively performed by the source node when a packet exceeds the path's (MTU), unlike IPv4 where intermediate routers can also fragment packets. This design choice shifts the responsibility to the sender, enabling routers to process packets more efficiently without fragmentation overhead. The source node relies on (PMTUD) to determine the effective PMTU before transmission; if the packet size surpasses this value, it divides the packet into fragments that each fit within the PMTU. The packet structure consists of an unfragmentable part—comprising the header, any extension headers present before the Fragment Header, and the upper-layer header—and a fragmentable part, which includes any remaining extension headers and the . The source fragments only the fragmentable part into pieces that are multiples of 8 octets, ensuring . The first fragment includes the complete unfragmentable part followed by the initial portion of the fragmentable part, while subsequent fragments prepend a Fragment Header to their respective portions of the fragmentable part. All fragments share the same source and destination addresses, along with a unique 32-bit Identification value generated by the source to facilitate reassembly at the destination. The Fragment Header, identified by a Next Header value of 44, is 8 octets long and contains fields for the next header type (8 bits), a field (8 bits), fragment (13 bits indicating the offset in 8-octet units from the start of the fragmentable part), two bits, the More Fragments (M) flag (1 bit, set to 1 for non-final fragments and 0 for the last), and the (32 bits). This header is inserted immediately before the fragmentable part in non-initial fragments, allowing the destination to reconstruct the original packet by ordering fragments based on offsets and matching identifications within a 60-second reassembly timeout. If PMTUD indicates a smaller PMTU during transmission, the source may need to retransmit using smaller fragments or abort if the upper-layer protocol prohibits fragmentation. To initiate PMTUD, the source assumes the PMTU equals the MTU of the first-hop link and sends packets accordingly; upon receiving an "Packet Too Big" message from a constricting , it reduces the PMTU to the reported value (never below 1280 octets, the IPv6 minimum link MTU) and fragments future packets if necessary. This process avoids unnecessary fragmentation by allowing the source to adapt proactively, though it requires robust handling of potential ICMP blackholing or misconfiguration issues. Hosts are strongly recommended to implement PMTUD to leverage larger MTUs where available, reducing fragmentation occurrences.

Reassembly Process

In IPv6, packet reassembly occurs exclusively at the destination and is not performed by intermediate routers, unlike in IPv4, to simplify routing and reduce processing overhead. The process begins when the destination receives fragments identified by matching source and destination addresses along with the 32-bit Identification field in the Fragment Header, which ensures fragments from the same original packet are grouped together. The reassembly algorithm positions each fragment using the 13-bit Fragment Offset field, expressed in units of 8 octets from the start of the Fragmentable Part of the original packet. The first fragment, with an offset of zero, carries the full set of headers up to and including the upper-layer header (such as or ), while subsequent fragments contain only the Fragment Header followed by data portions. The More Fragments (M) flag in the Fragment Header is set to 1 for all but the last fragment, signaling the receiver to expect additional pieces; when M is 0, reassembly can proceed once all prior fragments are collected. Overlapping fragments are not permitted; if detected, the entire packet is silently discarded to prevent potential security issues like amplification attacks. Upon complete collection, the reassembled packet is formed by concatenating the fragments in offset order, excluding all Fragment Headers, and computing the Payload Length as the total length of the Fragmentable Part based on fragment sizes and offsets. The destination must support a minimum reassembly of 1500 octets to handle standard (MTU) sizes, though larger buffers may be used for efficiency. If reassembly remains incomplete after 60 seconds from the receipt of the first fragment, the process is aborted, and an Time Exceeded message (Type 3, Code 1) is sent to the source if the first fragment was received, notifying it of the failure. This design promotes reliable end-to-end delivery while minimizing state maintenance at routers, with the Identification field often generated using a combination of timestamps, counters, or random values to avoid collisions across multiple fragmented packets.

Security Considerations

IPv6 packets share many security vulnerabilities with IPv4, such as eavesdropping, replay attacks, packet insertion, deletion, modification, man-in-the-middle attacks, and denial-of-service (DoS) RFC 8200, Section 11. However, the IPv6 header structure, particularly its extension headers, introduces additional risks due to mandatory processing requirements that can be exploited for resource exhaustion. Protection typically relies on as defined in the Security Architecture for the Internet Protocol RFC 4301, or upper-layer security like TLS and SSH, though no built-in mechanisms exist to prevent DoS attacks inherent to the protocol RFC 8200, Section 11. A primary concern is the processing overhead imposed by extension headers, which route packets through the slow path in hardware-accelerated devices, enabling DoS attacks by overwhelming routers with malformed or excessive headers RFC 9099, Section 2.2. For instance, the Hop-by-Hop Options header requires every intermediate router to parse it, potentially causing if combined with fragmentation, while the deprecated Header Type 0 allowed amplification loops before its disablement RFC 9288, Section 3.1. Fragmentation further exacerbates risks, as non-first fragments lack the upper-layer header, allowing bypass of filters that rely on transport-layer information and enabling attacks such as atomic fragment reordering or those using overlapping fragments RFC 7112. Illegal header chains, such as out-of-order or repeated extension headers, can crash nodes if not properly validated RFC 9099, Section 2.2.1. The Authentication Header (AH) and Encapsulating Security Payload (ESP) provide integrity and confidentiality but are optional, leaving many deployments vulnerable to spoofing in (NDP) messages carried in packets RFC 8200, Section 11. NDP itself, using , is susceptible to rogue (RAs) that redirect traffic or install false routes, often without cryptographic protection unless extensions like SEND are used RFC 9099, Section 4.1. Additionally, the larger reduces brute-force scanning but increases endpoint visibility without , heightening privacy risks from packet inspection RFC 7707. Mitigations emphasize perimeter filtering and validation: transit routers should drop packets with deprecated or risky extension headers (e.g., Routing Types 0, 1, 3) using a deny-list approach, while permitting essential ones like Fragment Header only when necessary RFC 9288, Section 5. Rate-limiting types critical for and neighbor discovery, combined with RA-Guard to block unauthorized RAs, helps prevent spoofing and RFC 9099, Section 4.2. Source Address Validation (SAVI) and ingress/ enforce address ownership, reducing amplification from spoofed packets RFC 9099, Section 3.3. Operators must monitor IANA registries for updates on numbers and options to adapt filters dynamically RFC 9288, Section 6.

References

  1. [1]
    RFC 8200 - Internet Protocol, Version 6 (IPv6) Specification
    This document specifies version 6 of the Internet Protocol (IPv6). It obsoletes RFC 2460. Status of This Memo This is an Internet Standards Track document.
  2. [2]
    https://www.google.com/intl/en/ipv6/
  3. [3]
    https://datatracker.ietf.org/doc/html/rfc8200#section-2
  4. [4]
    https://datatracker.ietf.org/doc/html/rfc8200#section-3
  5. [5]
    https://datatracker.ietf.org/doc/html/rfc8200#section-1
  6. [6]
    https://datatracker.ietf.org/doc/html/rfc8200#section-4
  7. [7]
    https://datatracker.ietf.org/doc/html/rfc8200#section-5
  8. [8]
    https://datatracker.ietf.org/doc/html/rfc8200#section-4.1
  9. [9]
    RFC 9673: IPv6 Hop-by-Hop Options Processing Procedures
    RFC 9673 specifies procedures for processing IPv6 Hop-by-Hop options in routers and hosts, modifying RFC 8200 to make them practical.Table of Contents · Hop-by-Hop Header... · Defining New Hop-by-Hop...
  10. [10]
    Internet Protocol Version 6 (IPv6) Parameters
    ### Summary of Destination Options and Hop-by-Hop Options Registry
  11. [11]
    https://www.iana.org/assignments/ipv6-parameters/ipv6-parameters.xhtml#ipv6-parameters-2
  12. [12]
    RFC 9486: IPv6 Options for In Situ Operations, Administration, and ...
    IANA has assigned the IPv6 Option-Types from the "Destination Options and Hop-by-Hop Options" subregistry of "Internet Protocol Version 6 (IPv6) Parameters ...
  13. [13]
    https://www.rfc-editor.org/rfc/rfc9486.html
  14. [14]
    RFC 8200: Internet Protocol, Version 6 (IPv6) Specification
    RFC 8200 IPv6 Specification July 2017 4.4. Routing Header The Routing header is used by an IPv6 source to list one or more intermediate nodes to be "visited ...
  15. [15]
    RFC 5871 - IANA Allocation Guidelines for the IPv6 Routing Header
    ... IPv6 Routing Header Abstract This document specifies the IANA guidelines for allocating new values for the Routing Type field in the IPv6 Routing Header.
  16. [16]
    RFC 8754: IPv6 Segment Routing Header (SRH)
    The Segment Routing Header (SRH) is a new Routing Extension Header used to apply Segment Routing to the IPv6 data plane.Table of Contents · Segment Routing Header · SR Nodes · Packet Processing
  17. [17]
    RFC 4302 - IP Authentication Header - IETF Datatracker
    This document describes an updated version of the IP Authentication Header (AH), which is designed to provide authentication services in IPv4 and IPv6.
  18. [18]
    RFC 4303 - IP Encapsulating Security Payload (ESP)
    This document describes an updated version of the Encapsulating Security Payload (ESP) protocol, which is designed to provide a mix of security services in IPv ...
  19. [19]
    RFC 2675 - IPv6 Jumbograms - IETF Datatracker
    RFC 2675 IPv6 Jumbograms August 1999 The IPv6 header [IPv6] has a 16-bit Payload Length field and, therefore, supports payloads up to 65,535 octets long.
  20. [20]
    RFC 2147: TCP and UDP over IPv6 Jumbograms
    IPv6 supports datagrams larger than 65535 bytes long, often referred to as jumbograms, through use of the Jumbo Payload hop-by-hop option.
  21. [21]
    IPv6 Parcels and Advanced Jumbos (AJs) - IETF Datatracker
    Apr 9, 2025 · ... IPv6 jumbograms defined in [RFC2675]. AJs are single-segment ... Hinden, "IPv6 Jumbograms", RFC 2675, DOI 10.17487/RFC2675, August ...
  22. [22]
    https://datatracker.ietf.org/doc/html/rfc4302
  23. [23]
    https://datatracker.ietf.org/doc/html/rfc4303
  24. [24]
    https://datatracker.ietf.org/doc/html/rfc2675
  25. [25]
    https://datatracker.ietf.org/doc/html/rfc2147