How do you determine equality between two IPv6 addresses?

ipv6
Kirk Liemohn picture Kirk Liemohn · Nov 24, 2009 · Viewed 10.6k times · Source

I have an application that allows administrators to specify valid IP addresses from which web service requests can be made. I simply take the configured IP addresses and compare them against the incoming request. Comparing two IPv4 addresses is trivial and I thought comparing two IPv6 addresses would be as well.

However, my networking ignorance started to show when I noticed that IPv6 addresses are a little more complex. One issue I noticed is that if I look at the IP address on the machine (was viewing what VMWare console showed the IP address to be) versus the IP address from the web request (HttpContext.Current.Request.UserHostAddress within .NET) I noticed that one of them ended in %10 and another in %11:

  • ipconfig shows: fe80:8179:5576:c6d0:8b16%11
  • UserHostAddress shows: fe80::8179:5576:c6d0:8b16%10

The only difference is the %10 and %11 - what gives?

I have also seen IPv6 addresses end in "/" followed by 2 digits. Should I just ignore these final 3 digits (if they exist) when doing a comparison? If so, what are the valid alternate endings that I need to look for?

----------- EDIT -------------

Here is my solution based on the answer provided...

I simply store a "scrubbed" IP address and compare that with a "scrubbed" IP address. Using .NET here is how I scrub an IP address. Not the best from a performance standpoint, but it does work. I would rather just do a comparison of the GetAddressBytes() but I'm using a Dictionary and I decided against the extra step of creating my own ByteComparer.

IPAddress incomingIp = null;
bool ipAddressParsePassed = IPAddress.TryParse(userHostAddress, out incomingIp);
if (ipAddressParsePassed)
{
    IPAddress scrubbedIp = new IPAddress(incomingIp.GetAddressBytes());
    string scrubbedIpStr = scrubbedIp.ToString()
}

Answer

unwind picture unwind · Nov 24, 2009

Wikipedia states:

Because all link-local addresses in a host have a common prefix, normal routing procedures cannot be used to choose the outgoing interface when sending packets to a link-local destination. A special identifier, known as a zone index, is needed to provide the additional routing information; in the case of link-local addresses, zone indices correspond to interface identifiers.

When an address is written textually, the zone index is appended to the address, separated by a percent sign "%". The actual syntax of zone indices depends on the operating system [...]

So, those suffixes are zone indicators, that associate the address with a physical interface. This also explains why the suffices differ between wired and wireless interfaces, for instance.

To help answer the question, I don't think the suffixes should be included in any comparison. IPv6 addresses are 128 bits by definition, and the suffixes are strictly local information that does not make sense outside your own machine and it's current operating system.

Comparing the 128 bits should be enough.

Related questions

Is there a way for non-root processes to bind to "privileged" ports on Linux?

It's very annoying to have this limitation on my development box, when there won't ever be any users other than me. I'm aware of the standard workarounds, but none of them do exactly what I want: authbind (The version in …

Read More
Regular expression that matches valid IPv6 addresses

I'm having trouble writing a regular expression that matches valid IPv6 addresses, including those in their compressed form (with :: or leading zeros omitted from each byte pair). Can someone suggest a regular expression that would fulfill the requirement? I'm considering …

Read More
Maximum length of the textual representation of an IPv6 address?

I want to store the data returned by $_SERVER["REMOTE_ADDR"] in PHP into a DB field, pretty simple task, really. The problem is that I can't find any proper information about the maximum length of the textual representation of …

Read More