I have an application that allows administrators to specify valid IP addresses from which web service requests can be made. I simply take the configured IP addresses and compare them against the incoming request. Comparing two IPv4 addresses is trivial and I thought comparing two IPv6 addresses would be as well.
However, my networking ignorance started to show when I noticed that IPv6 addresses are a little more complex. One issue I noticed is that if I look at the IP address on the machine (was viewing what VMWare console showed the IP address to be) versus the IP address from the web request (HttpContext.Current.Request.UserHostAddress within .NET) I noticed that one of them ended in %10 and another in %11:
- ipconfig shows: fe80:8179:5576:c6d0:8b16%11
- UserHostAddress shows: fe80::8179:5576:c6d0:8b16%10
The only difference is the %10 and %11 - what gives?
I have also seen IPv6 addresses end in "/" followed by 2 digits. Should I just ignore these final 3 digits (if they exist) when doing a comparison? If so, what are the valid alternate endings that I need to look for?
----------- EDIT -------------
Here is my solution based on the answer provided...
I simply store a "scrubbed" IP address and compare that with a "scrubbed" IP address. Using .NET here is how I scrub an IP address. Not the best from a performance standpoint, but it does work. I would rather just do a comparison of the GetAddressBytes() but I'm using a Dictionary and I decided against the extra step of creating my own ByteComparer.
IPAddress incomingIp = null;
bool ipAddressParsePassed = IPAddress.TryParse(userHostAddress, out incomingIp);
if (ipAddressParsePassed)
{
IPAddress scrubbedIp = new IPAddress(incomingIp.GetAddressBytes());
string scrubbedIpStr = scrubbedIp.ToString()
}