IPv6: It's Better And Easier. Mostly.

By Carla Schroder | Aug 2, 2005 | Print this Page
http://www.enterprisenetworkingplanet.com/netos/article.php/3524596/IPv6-Its-Better-And-Easier-Mostly.htm

If you're still clinging stubbornly to your old IPv4 network, and sticking your fingers in your ears and going "lalalala" when anyone mentions IPv6, you're missing out on good things. IPv6 is coming, whether you want it to or not. And this is not a bad thing, because it solves a number of vexing problems and makes the network admin's life a bit easier.

The Linux kernel started including IPv6 support in 1996, and most modern Linux distributions provide a complete, ready-to-rock implementation, so we're going to skip over how to install IPv6 support, and leap right into playing with it.

We'll look at how to build a private IPv6 testbed and learn a batch of IPv6 commands, so you can get acquainted with IPv6 in the privacy of your own LAN. The examples here are for a single subnet; we'll dive into subnetting and routing in future articles.

Install iproute2
Yes, your old favorite net-tools programs will still work with IPv6. But it really is time to retire them and move up to iproute2. (See Resources for why.)

Also needed is ping6, which is usually bundled up in iputils. You'll see a lot of IPv6 documentation that warns about making sure your various utilities and applications are IPv6-aware. It shouldn't be a problem if you've been updating your systems regularly; anything more than 3 years old is suspect, and probably covered with mold.

Verify IPv6 Support
Any modern Linux should have IPv6 working by default, and you shouldn't have to do anything other than start running commands and having fun. Hopefully your system is running a 2.6 kernel:

$ uname -a
Linux windbag 2.6.11-ln.std #1 Sun Apr 10 18:27:05 PDT 2005 i686 GNU/Linux

The current 2.6 kernels are stable and everything works, so don't be shy about upgrading. 2.4 kernels are OK, but you may need to compile a new one with the necessary support. Don't even bother with a 2.2 kernel. (See Resources for information on kernel customization.)

Now check to see if IPv6 is already enabled:

$ cat /proc/net/if_inet6
00000000000000000000000000000001 01 80 10 80 lo
fe80000000000000020b6afffeef7e8d 02 40 20 80 eth0

Or run lsmod:

$ lsmod | grep ipv6
ipv6        253728 8

Or check to see if your NIC has been assigned an IPv6 address, and if the base sit0 tunnel is enabled:

$ ip address show
1: lo: mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0b:6a:ef:7e:8d brd ff:ff:ff:ff:ff:ff
inet 192.168.1.28/24 brd 192.168.1.255 scope global eth0
inet6 fe80::20b:6aff:feef:7e8d/64 scope link
       valid_lft forever preferred_lft forever
3: sit0: mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0

ifconfig -a also shows the same information, for y'all net-tools users. If IPv6 is not enabled on your system, see Resources to learn how to fix it.

ping6
The reliable old ping command is a bit more complicated to use with IPv6. You can ping by IP or hostname, just like with IPv4, but the addressing and syntax are more complex. Here are three ways to ping your local machine:

$ ping6 -I eth0 fe80::20b:6aff:feef:7e8d
PING fe80::20b:6aff:feef:7e8d(fe80::20b:6aff:feef:7e8d) from ::1 eth0: 56 data bytes
64 bytes from fe80::20b:6aff:feef:7e8d: icmp_seq=1 ttl=64 time=0.037 ms
64 bytes from fe80::20b:6aff:feef:7e8d: icmp_seq=2 ttl=64 time=0.046 ms
...

$ ping6 ::1
PING ::1(::1) 56 data bytes
64 bytes from ::1: icmp_seq=1 ttl=64 time=0.034 ms
64 bytes from ::1: icmp_seq=2 ttl=64 time=0.042 ms
...

$ ping6 localhost
PING localhost(localhost) from ::1 eth0: 56 data bytes
64 bytes from localhost: icmp_seq=1 ttl=64 time=0.037 ms
64 bytes from localhost: icmp_seq=2 ttl=64 time=0.045 ms
...

The first two example ping by IPv6 address. Note that the first one, which pings the link-local address, must have the interface specified. Link-local addresses start with fexx, and are local, non-routable IPs. The IPv6 address for localhost is always ::1. Just like with IPv4, you must have name resolution configured for IPv6 addresses so you can ping by hostname, for example in /etc/hosts:

127.0.0.1      localhost
::1             localhost
192.168.1.28  windbag
fe80::20b:6aff:feef:7e8d   windbag

Neighbor Discovery
IPv6 does away with ARP, hurrah. You can locate your IPv6 neighbors on your LAN with the ip command:

$ ip -6 neigh show
fe80::20a:e4ff:fe40:8bfd dev eth0 lladdr 00:0a:e4:40:8b:fd nud reachable

However, just like ARP, your LAN mates won't be in the "neighbor" table until you initiate contact with them at least once. Use ping6 to find your local IPv6 neighbors by pinging the multicast address. In this example I have only one other IPv6 host on my LAN:

$ ping6 -I eth0 ff02::1
PING ff02::1(ff02::1) from fe80::20b:6aff:feef:7e8d eth0: 56 data bytes
64 bytes from ::1: icmp_seq=1 ttl=64 time=0.043 ms
64 bytes from fe80::20a:e4ff:fe40:8bfd: icmp_seq=1 ttl=64 time=0.487 ms (DUP!)
...

Which you can ping by IP, and remember that link-local addresses must have the interface specified:

$ ping6 -I eth0 fe80::20a:e4ff:fe40:8bfd
PING fe80::20a:e4ff:fe40:8bfd(fe80::20a:e4ff:fe40:8bfd) from fe80::20b:6aff:feef:7e8d eth0: 56 data bytes
64 bytes from fe80::20a:e4ff:fe40:8bfd: icmp_seq=1 ttl=64 time=0.528 ms
...

A couple of quick ping notes: ping continues indefinitely until you stop it with Ctrl+C, or you can specify the number of pings with the -c flag, like:

$ ping6 -c4 localhost

Auto-configuring Clients
You're probably looking at how most of these commands are more complex than the old IPv4 syntax, and wondering where is the easier part? The easier part comes in network administration. With IPv6 you can do away with running a DHCP server. Install radvd, the stateless auto-configuration daemon, on your local gateway; this will automatically assign IP addresses to clients as they join the network. No client configuration is needed, just make sure no one is blocking port 41.

Configure radvd in /etc/radvd.conf. You may use this example exactly as shown:

interface eth0 {
  AdvSendAdvert on;
    prefix 3ffe:ffff:0100:f101::/64
    {
    AdvOnLink on;
    AdvAutonomous on;
    AdvRouterAddr on;
    };
  };

Whenever you make changes to /etc/radvd.conf remember to restart it:

# /etc/init.d/radvd restart

Setting A Static IP
While auto-configuration is most lovely and easy, you'll probably still want to assign static IPs to servers. Pick one from your already-assigned range in /etc/radvd.conf:

# ip -6 addr add 3ffe:ffff:0100:f101::1/64 dev eth0

Removing as address is just as easy:

# ip -6 addr del 3ffe:ffff:0100:f101::1/64 dev eth0

Be sure to study Peter Bieringer's excellent "Linux+IPv6-HOWTO." It's well-written and thorough. The sections on routing and understanding IPv6 addressing are especially good. Transitioning to IPv6 means network admins are going to run v4 and v6 side-by-side for some time, so you might as well get started now.

Resources