IPv4 and IPv6 are the two versions of the Internet Protocol that run the global internet and enterprise networks. For the CCNA 200-301 exam (Objective 1.9), you must understand not just the obvious differences like address length, but also the subtle changes in header structure, neighbor discovery, and routing behavior that catch even experienced engineers off guard. This chapter gives you the exact comparisons and exam traps you need to avoid losing points on protocol comparison questions.
Jump to a section
Think of IPv4 like an older apartment building where each unit gets a 4-digit apartment number (e.g., 1204). The building has a limited number of units—only about 4.3 billion possible numbers—and many are already taken. To fit more residents, the building manager uses a trick: she assigns the same apartment number to multiple units but uses different floor numbers (subnetting) and sometimes uses a shared lobby phone (NAT) to connect everyone. This works but gets messy: residents can't directly call each other without going through the lobby, and adding new units requires creative renumbering.
IPv6 is like a modern suburban development where every house gets a unique, 128-bit address written in hexadecimal (e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334). There are so many addresses (340 undecillion) that every device—from your phone to your smart fridge—can have its own globally unique address without any NAT tricks. The postal service (routers) can deliver mail directly to any house because each address is globally routable. The address format uses shorthand: leading zeros can be dropped, and consecutive zero groups can be replaced with "::" once (e.g., 2001:db8:85a3::8a2e:370:7334). This system is cleaner and more scalable, but it requires learning a new addressing scheme and understanding that the old tricks (NAT, private addresses) are no longer needed.
Address Length and Format
The most obvious difference is address length. IPv4 uses 32-bit addresses written in dotted decimal (e.g., 192.168.1.1), giving about 4.3 billion possible addresses. IPv6 uses 128-bit addresses written in hexadecimal, colon-separated (e.g., 2001:db8:abcd:0012::1), providing 340 undecillion addresses—enough for every grain of sand on Earth to have its own IP.
IPv6 addresses have a specific structure: the first 64 bits are the network prefix (routing prefix + subnet ID), and the last 64 bits are the interface identifier (often derived from the MAC address via EUI-64 or randomly generated). The prefix is assigned by an ISP or RIR, and the subnet ID allows for hierarchical subnetting within an organization.
Header Differences
IPv6 headers are simpler and more efficient than IPv4 headers. IPv4 headers have 12 fields and are variable length (20-60 bytes) due to options. IPv6 headers have 8 fields and are fixed at 40 bytes. Fields removed from IPv6 include:
Header Length: No longer needed because the header is fixed.
Identification, Flags, Fragment Offset: Fragmentation is handled by the source host (Path MTU Discovery) rather than routers.
Checksum: Removed because upper-layer protocols (TCP/UDP) already do checksums; removing it speeds up router processing.
Fields added or modified in IPv6:
Traffic Class (8 bits): Similar to IPv4's Type of Service (ToS) for QoS.
Flow Label (20 bits): Allows labeling of packets belonging to a specific flow for special handling (e.g., real-time traffic).
Payload Length (16 bits): Indicates the length of the payload after the header (excluding the header itself).
Next Header (8 bits): Identifies the type of the next header (e.g., TCP = 6, UDP = 17, ICMPv6 = 58). This can be an extension header or an upper-layer protocol.
Hop Limit (8 bits): Same as IPv4's TTL, decremented by each router.
Extension Headers
IPv6 uses extension headers to implement options that were part of the IPv4 header. Extension headers are placed between the IPv6 header and the upper-layer header. The Next Header field in the IPv6 header points to the first extension header, and each extension header has its own Next Header field pointing to the next one. Common extension headers include:
Hop-by-Hop Options: Processed by every router along the path (e.g., Jumbo Payload).
Routing: Similar to IPv4's Loose Source Routing.
Fragment: For fragmentation (only the source host fragments).
Destination Options: Processed only by the destination.
Authentication Header (AH) and Encapsulating Security Payload (ESP): For IPsec.
IPv6 replaces ARP with Neighbor Discovery Protocol (NDP), which uses ICMPv6 messages. NDP handles:
Neighbor Solicitation (NS) and Neighbor Advertisement (NA): Replace ARP requests and replies. NS is sent to the solicited-node multicast address (ff02::1:ffxx:xxxx), which is derived from the target IPv6 address, making it more efficient than ARP's broadcast.
Router Solicitation (RS) and Router Advertisement (RA): Hosts send RS to discover routers, and routers send RA periodically or in response to RS. RAs include the network prefix, default gateway, and other configuration parameters (e.g., MTU).
Redirect: Routers can inform hosts of a better next-hop.
Duplicate Address Detection (DAD): Before using an address, a host sends an NS to its own address to ensure no other host has it.
Address Types
IPv6 has three main address types:
- Unicast: One-to-one communication. Includes: - Global Unicast Address (GUA): Routable on the internet, starts with 2000::/3. - Unique Local Address (ULA): Similar to IPv4 private addresses (fc00::/7), not routable on the internet. - Link-Local Address: Required for every interface, used for communication on the same link (fe80::/10). Automatically generated. - Multicast: One-to-many (ff00::/8). IPv6 has no broadcast; multicast replaces it. - Anycast: One-to-nearest (one of many). An anycast address is assigned to multiple interfaces; packets are delivered to the closest one based on routing metrics.
Configuration and Verification
IPv6 can be configured statically or dynamically via SLAAC (Stateless Address Autoconfiguration) or DHCPv6. On Cisco IOS, IPv6 is enabled globally with ipv6 unicast-routing and on interfaces with ipv6 enable or by assigning an address.
Example static configuration:
interface GigabitEthernet0/0
ipv6 address 2001:db8:acad:1::1/64
ipv6 enable
no shutdownVerification commands:
show ipv6 interface brief
show ipv6 route
show ipv6 neighborsSample output of show ipv6 interface brief:
GigabitEthernet0/0 [up/up]
FE80::1
2001:DB8:ACAD:1::1Transition Mechanisms
Because IPv4 and IPv6 are not directly compatible, transition mechanisms are needed:
Dual Stack: Both IPv4 and IPv6 run on the same interface; the host or router chooses which to use based on DNS (A vs AAAA records).
Tunneling: IPv6 packets are encapsulated in IPv4 packets (e.g., 6to4, ISATAP, GRE tunnels).
Translation: NAT64 or DNS64 translates between IPv6 and IPv4 at the network edge.
For CCNA, dual stack is the most common approach.
Enable IPv6 routing globally
On a Cisco router, IPv6 routing is disabled by default. To enable it, use the global configuration command `ipv6 unicast-routing`. This allows the router to forward IPv6 packets and participate in IPv6 routing protocols (e.g., OSPFv3, EIGRP for IPv6). Without this command, the router will only process IPv6 traffic destined to itself (like ping to its own IPv6 address) but will not route IPv6 packets between interfaces.
Configure an IPv6 address on an interface
Use the interface configuration command `ipv6 address <prefix>/<prefix-length> [eui-64]` to assign a global unicast address. For example: `ipv6 address 2001:db8:acad:1::1/64`. Alternatively, use `ipv6 address autoconfig` for SLAAC. The `ipv6 enable` command enables IPv6 on the interface and generates a link-local address (fe80::/10) automatically. You can also manually assign a link-local address with `ipv6 address fe80::1 link-local`.
Verify IPv6 interface status
Use `show ipv6 interface brief` to see a summary of all IPv6-enabled interfaces, their status, and their IPv6 addresses (both link-local and global). Use `show ipv6 interface [interface]` for detailed information including multicast groups, neighbor cache entries, and ICMPv6 statistics. For example, `show ipv6 interface GigabitEthernet0/0` shows the link-local address, global address, and the solicited-node multicast address.
Test IPv6 connectivity with ping
Use the `ping` command with an IPv6 address (e.g., `ping 2001:db8:acad:1::2`). On Cisco IOS, you can also use `ping ipv6 2001:db8:acad:1::2`. If pinging a link-local address, you must specify the outgoing interface using `ping ipv6 fe80::1%GigabitEthernet0/0`. The `%` notation tells the router which interface to use because link-local addresses are not globally unique.
Examine the IPv6 routing table
Use `show ipv6 route` to display the IPv6 routing table. Routes include directly connected networks (C), static routes (S), and dynamic routes (O for OSPFv3, D for EIGRP for IPv6). The routing table also shows a default route (::/0) if configured. For example, a directly connected route appears as `C 2001:DB8:ACAD:1::/64 [0/0] via GigabitEthernet0/0, directly connected`.
View the IPv6 neighbor cache
Use `show ipv6 neighbors` to display the neighbor cache, which is equivalent to the ARP cache in IPv4. It shows IPv6 addresses, MAC addresses, and the state of the neighbor (REACH, STALE, DELAY, PROBE). For example, a reachable neighbor appears as `2001:db8:acad:1::2 aabb.cc00.0200 REACH Gi0/0`. This command is crucial for troubleshooting Layer 2 issues.
In enterprise networks, the transition to IPv6 is often driven by the exhaustion of public IPv4 addresses and the need to support new devices that are IPv6-only (e.g., some IoT sensors or mobile networks). A common scenario is a dual-stack deployment where both IPv4 and IPv6 run on the same network infrastructure. For example, a company might have a core network that supports both protocols, with DNS servers configured to return both A (IPv4) and AAAA (IPv6) records. Hosts then choose IPv6 if available, falling back to IPv4 if the destination is IPv4-only.
Another scenario is a branch office that connects to headquarters over an IPv4-only WAN. To transport IPv6 traffic, the network engineer configures a GRE tunnel between the branch router and the HQ router. The tunnel interface is assigned an IPv6 address, and the tunnel source and destination are IPv4 addresses. This allows IPv6 packets to be encapsulated in IPv4 and sent across the IPv4 WAN. Performance considerations include the overhead of encapsulation (additional 20-byte IPv4 header) and the need to ensure the tunnel MTU is set correctly to avoid fragmentation.
A third scenario is the use of NAT64 to allow IPv6-only hosts to access IPv4-only resources. The NAT64 gateway translates IPv6 packets to IPv4 packets and vice versa. This is often deployed in mobile networks where the radio network is IPv6-only but the internet still has many IPv4 servers. The gateway must maintain state for each translation, which can be resource-intensive. Misconfiguration of NAT64 can lead to asymmetric routing or failure to translate certain protocols (e.g., FTP).
Common misconfigurations include forgetting to enable ipv6 unicast-routing (so the router doesn't route IPv6), assigning overlapping IPv6 prefixes (causing routing loops), and not configuring the correct MTU on tunnels (causing packet drops). In production, network engineers use tools like debug ipv6 icmp and traceroute ipv6 to isolate issues.
For CCNA 200-301 Objective 1.9, the exam tests your ability to compare IPv4 and IPv6 addressing, header fields, and operational differences. Expect questions that ask you to identify which fields are present in IPv4 but not IPv6, or which protocol replaces ARP. The most common wrong answers include:
"IPv6 headers have a checksum field" – Many candidates assume IPv6 keeps the checksum because IPv4 had it. In reality, the checksum was removed because upper-layer protocols already provide error detection. This speeds up router processing (no need to recalculate checksum at each hop).
"IPv6 uses broadcast addresses like IPv4" – IPv6 eliminated broadcast entirely and uses multicast (e.g., solicited-node multicast) for neighbor discovery. Candidates who think broadcast still exists will choose wrong.
"IPv6 addresses are always 128 bits written in dotted decimal" – IPv6 uses hexadecimal colon notation; dotted decimal is only for IPv4. The exam may give a mixed format as a distractor.
"IPv6 fragmentation is done by routers like IPv4" – In IPv6, only the source host fragments using Path MTU Discovery; routers do not fragment. This is a key difference.
Specific values to memorize:
IPv4 address length: 32 bits (4 octets), IPv6: 128 bits (16 octets)
IPv4 header length: variable (20-60 bytes), IPv6: fixed 40 bytes
IPv4 TTL field: 8 bits, IPv6 Hop Limit: 8 bits (same but renamed)
IPv4 protocol field: 8 bits, IPv6 Next Header: 8 bits (similar but points to extension headers)
IPv4 has a header checksum, IPv6 does not.
IPv4 has fragmentation fields (Identification, Flags, Fragment Offset), IPv6 does not in the base header.
For scenario questions, use elimination: if a question mentions "broadcast" in the context of IPv6, it's wrong. If a question asks which field is missing from IPv6, look for checksum or fragment offset. If asked about neighbor discovery, the answer is ICMPv6 (not ARP).
IPv4: 32-bit address, dotted decimal, ~4.3 billion addresses.
IPv6: 128-bit address, hexadecimal colon notation, 340 undecillion addresses.
IPv6 headers are fixed 40 bytes; IPv4 headers are variable 20-60 bytes.
IPv6 removed the header checksum; upper-layer protocols handle error detection.
IPv6 removed fragmentation fields from the base header; only source hosts fragment.
IPv6 uses Neighbor Discovery Protocol (ICMPv6) instead of ARP.
IPv6 has no broadcast; multicast replaces broadcast (e.g., solicited-node multicast).
Dual stack is the primary transition mechanism; both IPv4 and IPv6 run simultaneously.
These come up on the exam all the time. Here's how to tell them apart.
IPv4
32-bit address length
Dotted decimal notation (e.g., 192.168.1.1)
Variable header length (20-60 bytes)
Contains header checksum
Uses ARP for MAC resolution
Supports broadcast
Fragmentation performed by routers and hosts
IPv6
128-bit address length
Hexadecimal colon notation (e.g., 2001:db8::1)
Fixed header length (40 bytes)
No header checksum
Uses Neighbor Discovery Protocol (ICMPv6)
No broadcast; uses multicast
Only source host fragments (Path MTU Discovery)
Mistake
IPv6 addresses are always 128 bits and always written in dotted decimal.
Correct
IPv6 addresses are 128 bits but written in hexadecimal with colons (e.g., 2001:db8::1). Dotted decimal is used only for IPv4.
Candidates see 'IP address' and default to dotted decimal notation from IPv4 experience.
Mistake
IPv6 still uses ARP for MAC address resolution.
Correct
IPv6 replaces ARP with Neighbor Discovery Protocol (NDP) using ICMPv6 messages (Neighbor Solicitation and Neighbor Advertisement).
ARP is so ingrained in IPv4 networking that many assume it carries over to IPv6.
Mistake
IPv6 headers have a checksum field like IPv4.
Correct
IPv6 removed the header checksum to improve processing speed; error detection is left to upper layers (TCP/UDP).
The IPv4 header checksum is a familiar field, so candidates expect it in IPv6.
Mistake
IPv6 routers can fragment packets like IPv4 routers.
Correct
In IPv6, only the source host can fragment packets (using Path MTU Discovery); routers do not fragment.
IPv4 routers commonly fragment packets, so candidates assume the same behavior in IPv6.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
IPv6 removed the header checksum to improve router performance. In IPv4, every router must recalculate the checksum because the TTL field changes, consuming CPU cycles. Since upper-layer protocols (TCP, UDP) already have their own checksums for the entire packet (including the pseudo-header with source/destination IP), the network layer does not need to duplicate this effort. This design decision reduces processing overhead at each hop, making IPv6 faster to route. For the exam, remember that 'no checksum' is a key IPv6 header difference.
IPv4 broadcast sends a packet to all hosts on a subnet (e.g., 192.168.1.255). IPv6 eliminated broadcast entirely because it is inefficient; every host must process broadcast frames. Instead, IPv6 uses multicast for all one-to-many communication. For example, Neighbor Solicitation messages are sent to the solicited-node multicast address (ff02::1:ffxx:xxxx), which only a few hosts listen to, reducing unnecessary processing. Also, the all-nodes multicast address (ff02::1) is similar to broadcast but is still multicast. On the exam, remember that IPv6 has no broadcast address.
In IPv4, both routers and hosts can fragment packets if they exceed the MTU of the next link. In IPv6, only the source host can fragment packets. The source performs Path MTU Discovery (PMTUD) by sending packets with the Don't Fragment (DF) bit (implicitly set in IPv6) and listening for ICMPv6 Packet Too Big messages. If a router receives a packet larger than the link MTU, it drops the packet and sends a Packet Too Big message back to the source, which then fragments and retransmits. This reduces router overhead and avoids the problems of fragmented packets being reassembled at the destination. For the exam, know that routers do not fragment IPv6 packets.
The Flow Label field (20 bits) is used to label packets belonging to a specific flow (e.g., a VoIP call or video stream) so that routers can apply special handling without deep packet inspection. For example, a router could use the flow label to ensure all packets of a flow take the same path or receive the same QoS treatment. However, flow label usage is not yet widely deployed, and its implementation is optional. On the exam, know that the flow label exists and is unique to IPv6.
Use the global configuration command: `ipv6 route <prefix>/<prefix-length> {next-hop-ipv6-address | exit-interface}`. For example, `ipv6 route 2001:db8:acad:2::/64 2001:db8:acad:1::2` creates a route to network 2001:db8:acad:2::/64 via next-hop 2001:db8:acad:1::2. You can also specify an exit interface, e.g., `ipv6 route ::/0 GigabitEthernet0/0` for a default route. Verify with `show ipv6 route static`. Note that you must first enable IPv6 routing globally with `ipv6 unicast-routing`.
SLAAC (Stateless Address Autoconfiguration) allows a host to automatically configure its IPv6 address using Router Advertisements (RAs) from a router. The RA provides the prefix, and the host generates its own interface identifier (usually via EUI-64 or privacy extensions). SLAAC does not provide DNS server information unless the RA includes the RDNSS option (RFC 8106). DHCPv6 can be stateful (assigns addresses and other parameters) or stateless (provides only parameters like DNS servers, while the address comes from SLAAC). Stateful DHCPv6 is similar to IPv4 DHCP. On the exam, know that SLAAC is the default and does not require a DHCP server.
ARP uses broadcast, which interrupts all hosts on a subnet even if they are not the target. IPv6's solicited-node multicast address (ff02::1:ffxx:xxxx) is formed by appending the last 24 bits of the target IPv6 address to the prefix ff02::1:ff00:0/104. Only hosts with that specific address join the multicast group, so only a few hosts (typically one) process the Neighbor Solicitation. This reduces processing overhead and bandwidth usage. For the exam, remember that solicited-node multicast is a key efficiency improvement over ARP broadcast.
You've just covered IPv4 vs IPv6: Key Differences for CCNA — now see how well it sticks with free CCNA 200-301 practice questions. Full explanations included, no account needed.
Done with this chapter?