Usage Of Ipv6 Addresses - HP NonStop SSH 544701-014 Reference Manual

IPv6 addresses are not only longer than IPv4 addresses but there can be several valid representations of an IPv6 address.
An IPv6 address is represented as eight groups of four hexadecimal digits separated by colons, e.g.
2001:0db8:0000:0000:1319:0000:0000:7344. Each group represents 16 bits (two octets) of the IPv6 address. Leading
zeros are usually dropped, resulting in the valid representation 2001:0db8:0:0:1319:0:0:7344. Further simplifying (RFC
4291) allows to replace a sequence of 0 groups to one "::" group, resulting in 2001:0db8::1319:0:0:7344 (a maximum of
one "::" sequence is allowed). The original example address can also represented as 2001:0db8:0:0:1319::7344. Usually
the longest sequence of zero groups is replaced by "::". If there is more than one sequence of 0 groups of the same
length, the first sequence is replaced by "::".
Another IPv6 representation uses dotted decimals for the last 4 octets of an IPv6 address, especially used for IPv4
compatible IPv6 addresses like ::13.1.68.3 and IPv4-Mapped IPv6 addresses like ::FFFF:129.144.52.38.
In cases where a numeric element like a port (or any or hexadecimal element not belonging to the IP address) is
appended to an IP address separated by a colon, the IP address must be enclosed with square brackets if the IP address is
an IPv6 address, e.g. [2001:0db8::1319:0:0:7344]:4567. Otherwise the port could be misinterpreted as part of the address
(2001:0db8::1319:0:0:7344:4567 is a valid IPv6 address).
The representation for the unspecified address in IPv4 is "0.0.0.0". The unspecified address in IPv6 (sequence of zero
groups) can be represented as "::" or "0::0" (other forms are valid as well). The SSH2 process usually uses "0::0" as
representation of the unspecified IPv6 address but accepts any other representation as well.
All the listed variants of IPv6 address representation are supported by SSH2.

Usage of IPv6 Addresses

Representations of IPv6 addresses are used for restricting the listening (see SSH2 parameters INTERFACE), for defining
the local IP address when outgoing connections are established (SSH2 parameter INTERFACEOUT, ssh/sftp client
option –oBindAddress). Also, IPv6 address representations can be used instead of host names mapping to IPv6 addresses
when specifying the target host for ssh and sftp clients.
In addition, IPv6 addresses are used in all places where only IPv4 addresses could occur in pre-0092 releases (square
brackets may be needed for IPv6 addresses if required). This not only includes database entries, SSHCOM commands,
output of SSHCOM commands but log messages and audit messages as well.
Database entities that can hold IPv6 addresses:
Entity USER fields:
•
LAST-IP-ADDRESS
•
CI-PROGRAM (e.g. when configured with "TELNET <ip-address> <port>")
Entity RESTRICTION-PROFILE fields:
•
CONNECT-FROM
•
CONNECT-TO
•
PERMIT-LISTEN
•
PERMIT-OPEN
•
FORWARD-FROM
Entity KNOWNHOST fields:
•
Name (identifier) of a KNOWNHOST record
•
ADDRESSES
Entity PASSWORD fields:
•
Name (identifier) of a PASSWORD record
124 • Configuring and Running SSH2
HP NonStop SSH Reference Manual