Revision as of 10:27, 8 January 2012 by Craig Peacock (Talk | contribs)

Preamble

It has been a couple of years since I last played with IPv6, and since then my ISP Internode has introduced IPv6 as a production service - dual stack, native IPv6. Hence, it is now time to get more serious and have a go implementing IPv6 on the home network.

What is IPv6

IPv6 is the new Internet Protocol Version 6 defined by RFC 2460 and set to replace the current Internet Protocol Version 4 (IPv4). The address space for IPv4 is only 32 bits long, and with the proliferation of IP devices from desktop computers, tablets, smart phones, set-top boxes, VoIP telephones etc, the world is quickly running out of Internet Addresses.

While the main objective of IPv6 is a much larger address space, IPv6 can also offer these other advantages:

  • Stateless Address Auto-configuration
  • No NAT (Network Address Translation)
  • Easy Address Renumbering
  • Multiple Addresses per Interface
  • Improved Network Security

IPv6 Address Formats

Version 6 Internet Protocol (IP) addresses are 128 bits long and written in hexadecimal with pairs of bytes separated by colons. A IPv6 address looks like :

2001:44b8:0219:6400:0000:0000:0000:0001

but can be shortened to

2001:44b8:219:6400::1

by removing leading zeros and substituting zero blocks with two colons.

Scopes

With IPv4, RFC 1918 "Address Allocation for Private Internets" outlined private or non route-able address spaces e.g. 192.168.0.0/16

IPv6 defines a range of scopes, some of the more common are listed below:

  • Link-local Scope : Addresses that are not routable and are limited to the local subnet or link. These addresses start with a prefix of fe80::/64
  • Global Scope : Addresses that can be globally routed over the entire IPv6 inter-network. Currently prefixes with 2000::/3 have been allocated.

In addition to the above scopes, ff00::0/12 is reserved for multicast addresses.

Stateless address autoconfiguration

IPv6 introduces stateless address autoconfiguration allowing a host to automatically configure an IPv6 address.

As the interface ID component of the IPv6 address is 64 bits long, auto-configuration can use the interface's MAC address to generate the Interface ID (or lower 64 bits of the IPv6 address). This is referred to as an IEEE EUI-64 Identifier and is specified under RFC 4291.

The host then creates a link-local (fe80::/64) address using the interface ID and performs duplicate address detection (DAD).

The next stage is to try to configure a global address. The host will query all the routers on the subnet with a router solicitation (RS) message and ask for a list of prefixes. It then adds the prefix to Interface ID to create additional IPv6 addresses.

The host will keep listing for router advertisements (RA) and made address changes as the network changes.

IPv6 Router Advertisement Daemon (radvd)

The IPv6 Router Advertisement Daemon periodically sends router advertisement (RA) messages to a local ethernet LAN. These messages can also be requested using a router solicitation (RS) message.

RFC 2461 Neighbour Discovery for IP Version 6 (IPv6)

The source for radvd can be downloaded from http://www.litech.org/radvd/

A default radvd.conf file is shown below advertising an address prefix provided by Internode.

interface eth0 {
	AdvSendAdvert on;
	MinRtrAdvInterval 3;
	MaxRtrAdvInterval 10;
	prefix 2001:44b8:219:6400::/64 {
		AdvOnLink on;
		AdvAutonomous on;
	};
};

Options

  • AdvSendAdvert: Enable router to send periodic router advertisements and respond to router solicitations.
  • MinRtrAdvInterval: Minimum time between sending unsolicited multicast router advertisements (seconds)
  • MaxRtrAdvInterval: Maximum time between sending unsolicited multicast router advertisements (seconds). Must be no greater than 1800 seconds (30 Minutes)
  • Prefix: Prefix Definition
    • AdvOnLink: Indicates if prefix can be used for on-link determination.
    • AdvAutonomous: When set, indicates that this prefix can be used for autonomous address configuration as specified in RFC 4862.
    • AdvRouterAddr: When set, indicates that the address of interface is sent instead of network prefix

Routing

The routing table can be displayed using:

/sbin/ip -6 route show

Add default route

ip -6 route add 2000::/3 dev ppp0 ip -6 route add default dev ppp0 route add -inet6 default -interface ppp0

Firewall

ip6tables -A INPUT -m state --state NEW -m udp -p udp --dport 546 --sport 547 -s fe80::/10 -d fe80::/10 -j ACCEPT