Format of IPv6 Datagram
Other Extension Headers

Authentication and Encapsulating Security Payload Extension Headers

Authentication and data encryption are known as IPsec (IP security). IPsec is a very broad topic and there is not enough space to describe it. Therefore, we mention only the extension headers that are used for IPsec in the context of IPv6. We also mention the modes of encapsulating these headers into IPv6 datagram.

AH (Authentication Header) and ESP (Encapsulating Security Payload) headers are used for IPsec. AH header provides only authentication and ESP header provides authentication and data encryption. Datagram can be provided with one or both headers at the same time. In the case of IPv6, the IPsec implementation is mandatory, unlike in IPv4.

Both extension headers can be encapsulated in two modes:

IPsec Modes

No Next Header

No Next Header indicates the fact that all relevant information is only in the IPv6 header and extension headers and the datagram does not convey any data. For example, ICMPv6 protocol uses this extension header.