IPv6

Revision 2 as of 2008-05-18 14:02:23

Clear message

IPv6 Introduction

IPv6 (also known as IPng “IP next generation”) is the new version of the well known IP protocol (also known as IPv4). Your Ubuntu system comes with all you will need to experiment with IPv6. This section focuses on getting IPv6 properly configured and running.

In the early 1990s, people became aware of the rapidly diminishing address space of IPv4. Given the expansion rate of the Internet there were two major concerns:

Running out of addresses. Today this is not so much of a concern anymore since RFC1918 private address space (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16) and Network Address Translation (NAT) are being employed.

Router table entries were getting too large. This is still a concern today.

IPv6 deals with these and many other issues:

  • 128 bit address space. In other words theoretically there are 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses available. This means there are approximately 6.67 * 10^27 IPv6 addresses per square meter on our planet.
  • Routers will only store network aggregation addresses in their routing tables thus reducing the average space of a routing table to 8192 entries.

There are also lots of other useful features of IPv6 such as:

  • Address autoconfiguration (RFC2462)
  • Anycast addresses (“one-out-of many”)
  • Mandatory multicast addresses
  • IPsec (IP security)
  • Simplified header structure
  • Mobile IP
  • IPv6-to-IPv4 transition mechanisms

For more information see:

  • IPv6 overview at playground.sun.com
  • KAME.net

Background on IPv6 Addresses

There are different types of IPv6 addresses: Unicast, Anycast and Multicast.

Unicast addresses are the well known addresses. A packet sent to a unicast address arrives exactly at the interface belonging to the address.

Anycast addresses are syntactically indistinguishable from unicast addresses but they address a group of interfaces. The packet destined for an anycast address will arrive at the nearest (in router metric) interface. Anycast addresses may only be used by routers.

Multicast addresses identify a group of interfaces. A packet destined for a multicast address will arrive at all interfaces belonging to the multicast group.

Note: The IPv4 broadcast address (usually xxx.xxx.xxx.255) is expressed by multicast addresses in IPv6.

Reserved IPv6 addresses

IPv6 address            Prefixlength (Bits)     Description                     Notes
::                      128 bits                unspecified                     cf. 0.0.0.0 in IPv4
::1                     128 bits                loopback address                cf. 127.0.0.1 in IPv4
::00:xx:xx:xx:xx        96 bits                 embedded IPv4                   The lower 32 bits are the IPv4 address. Also called “IPv4 compatible IPv6 address”
::ff:xx:xx:xx:xx        96 bits                 IPv4 mapped IPv6 address        The lower 32 bits are the IPv4 address. For hosts which do not support IPv6.
fe80:: - feb::          10 bits                 link-local                      cf. loopback address in IPv4
fec0:: - fef::          10 bits                 site-local       
ff::                    8 bits                  multicast        
001 (base 2)            3 bits                  global unicast                  All global unicast addresses are assigned from this pool. The first 3 bits are “001”.

Reading IPv6 Addresses

The canonical form is represented as: x:x:x:x:x:x:x:x, each “x” being a 16 Bit hex value. For example FEBC:A574:382B:23C1:AA49:4592:4EFE:9982

Often an address will have long substrings of all zeros therefore one such substring per address can be abbreviated by “::”. Also up to three leading “0”s per hexquad can be omitted. For example fe80::1 corresponds to the canonical form fe80:0000:0000:0000:0000:0000:0000:0001.

A third form is to write the last 32 Bit part in the well known (decimal) IPv4 style with dots “.” as separators. For example 2002::10.0.0.1 corresponds to the (hexadecimal) canonical representation 2002:0000:0000:0000:0000:0000:0a00:0001 which in turn is equivalent to writing 2002::a00:1.

By now the reader should be able to understand the following: 

# ifconfig

eth0      Link encap:Ethernet  HWaddr ee:ff:ee:ff:ee:ff  
          inet addr:192.168.1.2  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: 2001:eeff:eeff::1/64 Scope:Global
          inet6 addr: fe80::eeff:eeff:eeff:e5a7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:33785 errors:0 dropped:0 overruns:0 frame:0
          TX packets:33768 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:23272619 (22.1 MB)  TX bytes:21928501 (20.9 MB)
          Base address:0xb800 Memory:f2000000-f2020000

fe80::eeff:eeff:eeff:e5a7 of interface eth0 is an auto configured link-local address. It is generated from the MAC address as part of the auto configuration.

For further information on the structure of IPv6 addresses see [http://www.ietf.org/rfc/rfc3513.txt RFC3513].

Getting Connected

Here you have more than one option:

At the moment there are not many IPv6 Internet Service Provider who actually provide their users with IPv6 Internet services. In the near future every user need a IPv4/IPv6 dualstack configuration and this would increase cost for hardware and administration for the provider. The second reason is that there is not enough IPv6 capable hardware, like Cable-Modems, DSL-Routers on the market. So at the moment it seems that the easiest way to get IPv6 connectivity is tunneling the traffic over IPv4.

Get connected with SixXS

First you need an account on the SixXS Website. Please consider that they manually approve your information and that you should provide them with correct data about you. The system is very easy to use. For the creation of your account you are goint to receive some credit point. You can then use these credits for requesting new tunnels and subnets. A tunnel costs you 15 credits. If you are able to use the requested tunnels you are going to receive 10 Credits after a week.

Step by step you need to perform the following steps:

  1. Create an account
  2. Request a tunnel 2.1 Wait for tunnel approval
  3. Request a subnet 3.1 Wait for subnet approval

The approval of your requests are done manually, so be patient. Normally you will receive the approval within one our.

Note: If you only want to connect one computer, you can skip Step 3 and perform subsections "Synchronize with a timeserver" and "Install aiccu".

After your tunnel and the subnet are approved, you should have received an email like this: 

Dear Generic User,

The SixXS Staff have honored your request for a subnet on the following
tunnel:
-------
 PoP Name     : chzrh01 (ch.thermelec [AS20932])
 Subnet IPv6  : 2001:ffff:ffff::/48
 Routed to    : 2001:ffff:ffff:ff::2/64
 Your IPv4    : ayiya
-------

Please visit your home on the website for more information and options
regarding this subnet.

Regards,
 The SixXS tunnelrobot.

Note: The addresses suplied in this howto are fake's. Please use your addresses suplied in your e-mail. Else you will not have a working network. This means replce 2001:ffff:ffff::/48 with your address!!!

Subnet IPv6: This is the address of your /48 subnet routed to you. We need this address later to configure the preffix of the Router Advertising daemon and for your Routers local IPv6 network address. For a local subnet only /64 subnet should be used. Because of that we configure radvd with a /64 bit prefix and also the network interface.

Routed to: This is the address of your sixxs tunnel interface. Your IPv4: If you have no static address, use ayiya. If you have a static address, your public IPv4 address should stand here.

Replace also eth0 with the name of the network interface connected to your local network. The command line tool ifconfig is your friend if you don't know.

Synchronize with a timeserver

If you have no ntp daemon installed to keep your time synchronised. Then install openntpd or any other ntp daemon you want. This is because we are going to install aiccu, the IPv6 auto tunneling daemon, from SixXS. The tunnel will not work if the time difference of your clock is bigger than 120 seconds.

Install aiccu

aiccu is the SixXS client application. If aiccu runs in the daemon mode, it will make sure your tunnel is always up to date.

Install aiccu: 

sudo aptitude install aiccu

The installer will automatically prompt for username, password, and the tunnel_id you want to configure.

Note: If you don't know the tunnel_id then go to http://www.sixxs.net/home/ and check your tunnel information.

Note: The Tunnel id should also be in your "Tunnel Approval" email.

Configure local network interface

We also have to configure the local network interface with an IPv6 address. I prefer an easy to memorize address for my router so I choose 2001:ffff:ffff::1. According the information I got from sixxs, this is the First address I can use. Open the config file /etc/network/interfaces with an editor and add: 

iface eth0 inet6 static
        address 2001:ffff:ffff::1
        netmask 64

Note: replace eth0 widt the interface name you used in the /etc/radvd.conf config file.

Configure your Ubuntu box as a IPv6 router

  1. In /etc/sysctl.conf uncomment net.ipv6.conf.default.forwarding=1
  2. Install radvd 2.1 If you have a simple network you want to give IPv6 connectivity, then edit /etc/radvd.conf with your favorite editor

Note: If the computer is only routing IPv6, then only uncomment net.ipv6.conf.default.forwarding=1 and leave the IPv4 stuff unchanged.

Note: /etc/radvd.conf: This file does not exist after a fresh install. You can look at the sample configuration files in usr/share/doc/radvd/examples/ for further studies.

Sample /etc/radvd.conf: 

interface eth0
{
   AdvSendAdvert on;
   prefix 2001:ffff:ffff::/64
   {
        AdvOnLink on;
        AdvAutonomous on;
   };
};

eth0 is the interface which is used for the Router Advertising messages (RA's). If you are not sure about the interface, check with ifconfig on the command line.

The prefix you have to take from the information given by the sixxs stuff.

After a restart of radvd your router should automatically send "Router Advertising Messages" to your network and your IPv6 clients should auto configure them self.

Reboot or restart services

You can simply reboot now if you want that all changes taking effect or if this is not an option because you run other services that are needed run: 

sudo ifconfig eth0 down & sudo ifconfig eth0 up

for the network restart 

sudo /etc/init.d/aiccu restart

for the tunnel 

sudo /etc/init.d/radvd restart

for the advertising service

So thats really all. You should now be able to connect to the IPv6 internet with every IPv6 capable client automatically.

Conclusion

You should now be able to ping and surf IPv6 enabled sites like ipv6.google.com or kame.net. For a ping perform ping6 ipv6.google.com. It's a good idea to think about firewalling whitin your clients, because all clients have now a public reachable IPv6 IP. In ubuntu this is also an very easy task with the new ufw (uncomplicated firewall).

Copyright Notice

The IPv6 introduction was largely copied and modified from the FreeBSD Handbook. Copyright © 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 The FreeBSD Documentation Project.

CategoryDocumentation