IPv6 basic settings; addressing a host and static routing

[Originally posted Mar 20, 2012 12:01 PM by Antti Uitto   [ updated May 8, 2012 3:15 AM ]]

Once you have acquired yourself an globally valid IPv6 prefix, you may need to configure addresses on your hosts. By default computers will attempt to find themselves an IPv6 address automatically by using the processes of NDP or DHCPv6.

NDP (Neighbor Discovery Protocol)
http://en.wikipedia.org/wiki/Neighbor_Discovery_Protocol

DHCPv6 ( Dynamic Host Configuration Protocol version 6)
http://en.wikipedia.org/wiki/DHCPv6

Manual configuration is needed for example if your host acts as an IPv6 router. In that case the host does not try to autoconfigure itself.

Here are the very basics you will need to get IPv6 going. Dynamic routing, access control etc are not covered here.

Ubuntu / Debian Linux

Give IPv6 address for an interface

sudo nano /etc/network/interfaces

example snippet for interface eth0

auto eth0
 iface eth0 inet6 static
 address 2001:05c0:1400:000a:0000:0000:0000:0055
 netmask 64
 gateway 2001:05c0:1400:000a:0000:0000:0000:0001

Save and exit editor, then restart network.

/etc/init.d/networking restart

Static routes

ip -6 route add 2000::/3 via 2001:0db8:0:f101::1

Write routes also to /etc/rc.local to make them persist over reboots.

Check

ip -6 add
ip -6 route
ip -6 neigh
ping6 ipv6.google.com

Turn on IPv6 forwarding (routing) if needed.

sudo nano /etc/sysctl.conf

Uncomment
net.ipv6.conf.all.forwarding=1

Install and set up radvd

If you want this host to advertise itself as a router to your LAN, install and set up radvd

sudo apt-get install radvd

sudo nano /etc/radvd.conf

interface eth0
 {
 AdvSendAdvert on;
 prefix 2001:db8::/64
 {
 };
 };

Cisco router

conf t
 ipv6 unicast-routing
 ipv6 cef
interface Gi0/1
 ipv6 enable
 ipv6 address 2001:05c0:1400:000a:0000:0000:0000:0002/64
 or
 ipv6 address 2001:05c0:1400:000a::/64 eui-64
 (ipv6 nd suppress-ra [*] )
(ipv6 nd other-config-flag [**] )
exit
ipv6 route ::/0 2001:05c0:1400:000a:0000:0000:0000:0001
ipv6 route 2001:998::/32 2001:05c0:1400:000a:0000:0000:0000:0007[*]

[*] If the router interface in question is not facing your LAN (where the client computers are), you may want to put ipv6 nd suppress-ra  under the interface configuration.  This will disable router advertisements on that interface.

[**] Use this if you want the router to provide other IPv6 configurations to your computers, for example IPv6 DNS addresses. If you do this, you must also set up a service such as ipv6 dhcp pool that will give out these settings.

Vyatta router

By default Vyatta has IPv6 forwarding on so you can just address your interfaces and write your routes.

Give IPv6 address to an interface

set interfaces ethernet eth0 address 2001:db8:2::1/64
( set interfaces ethernet eth0 ipv6 router-advert prefix 2001:099:0013:004b::/64 [*] )
( set interfaces ethernet eth0 ipv6 router-advert other-config-flag true [**] )
commit
save

[*] Turn router-advert on if this interface is serving as IPv6 gateway to computers in your LAN. If this interface is facing only another router(s) you might want to leave it out.

[**] Use this if you want the router to provide other IPv6 configurations to your computers, for example IPv6 DNS addresses. If you do this, you must also set up a service such as DHCPv6 that will give out these settings.

 

Static route

set protocols static route6 ::/0 next-hop 2001:db8:2::1
commit
save

Check

show interfaces
show ipv6 route
show ipv6 neighbors
ping6 2001:db8:2::2
traceroute6 2a00:1450:4016:800::1010

Windows 7

To configure IPv6 for static addressing

  1. Click Use the following IPv6 address, and then do one of the following:
    • For a local area connection, in IPv6 address, Subnet prefix length, and Default gateway, type the IP address, subnet prefix length, and default gateway address.
    • For all other connections, in IPv6 address, type the IP address.
  2. Click Use the following DNS server addresses.
  3. In Preferred DNS server and Alternate DNS server, type the primary and secondary DNS server addresses.

Check

Open command line  Start - Run - cmd
  ipconfig

Sources

http://technet.microsoft.com/en-us/library/cc732106.aspx
http://www.cyberciti.biz/faq/ubuntu-ipv6-networking-configuration/
http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-addrg_bsc_con.html
Carla Schroder: Linux Networking Cookbook
Vyatta documentation www.vyatta.org

Advertisements

IPv6 basics; connecting via link-local

[Originally posted Mar 18, 2012 4:40 AM by Antti Uitto   [ updated Mar 18, 2012 5:34 AM ]]

In today’s story we are attached to a local area network (LAN) with a bunch of IPv6-enabled hosts. We do not necessarily need to have a valid IPv6 router present, since we are just fooling around in this local segment, pinging each other and testing connections.

IPv6 is a protocol meant serve a worldwide network and it’s numerous hosts. There are however addresses called link-local in each IPv6-enabled host. This link-local address is generated automatically by your computer’s operating system and it is valid for connectivity between hosts that can see each other in L2, even in absence of IPv6 routers. These addresses are also used by IPv6’s Neighbor Discovery Protocol.

Does my host have IPv6?

If your operating system is from this millenia, it should have IPv6 available. But let’s check.

Linux

user@host:~$ ifconfig
eth0      Link encap:Ethernet  HWaddr 00:13:d4:3e:dd:b3  
          inet addr:192.168.1.140  Bcast:192.168.1.255      
          Mask:255.255.255.0          
          inet6 addr: fe80::213:d4ff:fe3e:ddb3/64 Scope:Link
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host

Mine seems to have. Note that both of my IPv6 addresses are such that they would not help me if I wanted connectivity in the global Internet. They are valid inside my own LAN segment.

Windows

ipconfig

MAC OSX

ifconfig

Pinging IPv6

Ping commands:

Linux ping6  (http://linux.die.net/man/8/ping6)
Windows ping -6 
Mac OSX ping6
Cisco router ping ipv6

Is there anybody out there?

I pinged with my Linux box to my own localhost address

user@host:~$ ping6 ::1
 PING ::1(::1) 56 data bytes
 64 bytes from ::1: icmp_seq=1 ttl=64 time=0.036 ms
 64 bytes from ::1: icmp_seq=2 ttl=64 time=0.044 ms

It works!

Next I will check if I can see any IPv6 neighbors

user@host:~$ ip -6 neighbor
user@host:~$

There was no-one there.

I will attempt to summon other hosts to become visible by pingin to address ff02::1 which is  ip6-allnodes. All other IPv6 hosts should respond to this call.

user@host:~$ ping6 -I eth0 ff02::1
 PING ff02::1(ff02::1) from fe80::213:d4ff:fe3e:ddb3 eth0: 56 data bytes
 64 bytes from fe80::213:d4ff:fe3e:ddb3: icmp_seq=1 ttl=64 time=0.051 ms
 64 bytes from fe80::ba8d:12ff:fe03:474c: icmp_seq=1 ttl=64 time=70.8 ms (DUP!)
 64 bytes from fe80::1636:5ff:fe19:2392: icmp_seq=1 ttl=64 time=204 ms (DUP!)

Note! You will need to insert the name of the interface in the ping command. ( -I eth0 in this case)

After pinging allnodes-address I check again my neighbors:

user@host:~$ ip -6 neigh
 fe80::ba8d:12ff:fe03:474c dev eth0 lladdr b8:8d:12:03:47:4c REACHABLE
 fe80::1636:5ff:fe19:2392 dev eth0 lladdr 14:36:05:19:23:92 STALE
 fe80::a667:6ff:fe87:6b71 dev eth0 lladdr a4:67:06:87:6b:71 STALE

I ping one of them directly using the same syntax:

user@host:~$ ping6 -I eth0 fe80::ba8d:12ff:fe03:474c
 PING fe80::ba8d:12ff:fe03:474c(fe80::ba8d:12ff:fe03:474c) from fe80::213:d4ff:fe3e:ddb3 eth0: 56 data bytes
 64 bytes from fe80::ba8d:12ff:fe03:474c: icmp_seq=1 ttl=64 time=22.9 ms
 64 bytes from fe80::ba8d:12ff:fe03:474c: icmp_seq=2 ttl=64 time=40.9 ms

And the ssh into the neighbor:

user@host:~$ ssh fe80::ba8d:12ff:fe03:474c%eth0
 Password:
 Last login: Sun Mar 18 13:14:22 2012 from host.local
 Another-host:~ ap$
 Another-host:~ ap$

Note!  When connecting with link-local addresses you will need to specify the interface for the connection. In this case it is given as  %eth0  in the end of the neighbors link-local address.

Sources
Carla Schroder: Linux Networking Cookbook
http://en.wikipedia.org/wiki/Link-local_address#IPv6

IPv6 basics: The protocol and addresses

[Originally posted Mar 16, 2012 10:25 AM by Antti Uitto   [ updated Mar 16, 2012 11:11 AM ]]

You will find 1001 of these articles in the Internet. Here are my notes on the topic.

Internet Protocol version 6

Internet Protocol version 6 (IPv6) is a successor for the current Internet Protocol version 4 (IPv4). IPv6 was designed to bring a solution to IPv4 address exhaustion and to simplify the routing in the Internet. The protocol has many advantages over its predecessor, the most notable being the vast address space of 128 bits.
 
IPv6 is a new protocol, not a mere extension to IPv4. For that reason, IPv6 does not play nice together with the previous protocol version.
Wikipedia: IPv6 does not implement interoperability features with IPv4, and creates essentially a parallel, independent network.
If your host has IPv4 address, it can connect to other hosts that use IPv4. If your host has IPv6 address, it can connect other hosts using IPv6. 
 
It is possible to have a dual-stack on your host. In this case the host has addresses from both protocols and can connect directly both IPv4 and IPv6 hosts in the Internet. 
 

There are also several transition mechanisms available to enable communication between hosts that use different protocol versions. http://en.wikipedia.org/wiki/IPv6_transition_mechanisms

 At current time (march 2012) all modern operating systems support IPv6 and network gear is ready to handle the new protocol. Major deployment of the next generation protocol still lingers on slowly because there are hardly any serious end-user benfits to it. Efforts have been made to further advance the usage of IPv6 in the Internet: World IPv6 day  was an event 8.6.2011 where major Internet players enabled IPv6 in their services for one day in order to test the access and find out possible problems that large scale IPv6 deployment could bring about.

2011 World IPv6 day http://www.worldipv6day.org
Velocity 2011: Ian Flint, “World IPv6 Day: What We Learned”
http://youtu.be/T04o6bQN8Ls

6.6.2012 will be a World IPv6 launch in which these same players will enable IPv6 permanently and others are encouraged to join in.

http://www.worldipv6launch.org

Key benefits of IPv6

  • Huge address space of 128 bits
  • Inbuilt support for IPSEC
  • Stateless autoconfiguration, ease of management
  • Simplified routing
  • New applications and innovation due to the flexibility and capabilities of IPv6

IPv6 addresses

Example of an address

Here’s how and IPv4 address looks like:
173.194.35.146

And this one’s IPv6:
2a00:1450:4016:0800:0000:0000:0000:1011

It can be compressed to 2a00:1450:4016:800::1011 by omitting leading zeros in group and replacing groups of zero values with two consecutive colons.

Address classes

IPv6 traffic can be unicast, multicast or anycast.

  • Unicast – one-to-one
  • Multicast – one-to-many (to all interfaces that have joined the corresponding multicast group)
  • Anycast – one-to-closest (to topologically nearest node in a group of potential receivers all identified by the same destination address)

Address types

Global Unicast address (2000::/3)
The addresses routed in the Internet.

Unique local address (fc00::/7)
Addresses that can be routed only in organizations own network,
just like RFC1918 private addresses in IPv4.
Can not be routed in the Internet.

Link-local address (FE80::/10)

Non-routable addresses used for communication over a local link (L2).
Used by autoconfiguration mechanisms (Neighbor Discovery, Stateless Address Autoconfiguration)
IPv6 requires a link-local address.

Special addresses

::/0 – Default route
::/128 – Unspecified address. Used only by software before learning appropriate source address for the connection.
::1/128 – Localhost, local loopback

Address allocation

Globally routable IPv6 addresses are allocated

  • /32 Internet Service Provider
  • /48 Organization
  • /64 Site

* See sources at the bottom of the page for more information on IPv6 address formats, classes and types.

Calculators to help you with IPv6 addresses

Linux

sipcalc (Ubuntu installation: apt-get install sipcalc)
ipv6calc (Ubuntu installation: apt-get install ipv6calc)

Web

http://www.ipv6calculator.net
http://www.subnetonline.com/pages/subnet-calculators/ipv6-subnet-calculator.php

 
 

Sources

http://en.wikipedia.org/wiki/IPv6
http://en.wikipedia.org/wiki/IPv6_address
http://en.wikipedia.org/wiki/Anycast
http://en.wikipedia.org/wiki/Multicast
http://www.helium.com/items/2086218-understanding-ipv6
http://blogs.citrix.com/2012/01/26/0606-ipv6-%E2%80%93-beginning-of-the-end-for-ipv4/
http://www.ipv6now.com.au/primers/benefits.php
http://www.iana.org/assignments/ipv6-address-space/ipv6-address-space.xml
http://chrisgrundemann.com/index.php/2012/introducing-ipv6-neighbor-discovery-slaac/
Carla Schroder: Linux Networking Cookbook