The enterprise network WAN link has been receiving several denial of service attacks from both IPv4 and IPv6 sources. Which elements can you use to identify an IPv6 packet via its header, in order to filter future attacks?