The Status of IPv6 and Open Source/Free Operating systems

CONFIGURATION OF IPV6

Examples from various operating [email protected] Twitter : oej Twitter : ipv6friday

foss-sthml.se meeting January 25th 2012

onsdag 25 januari 12

This is the year we launch the new Internet.

Do not stay behind!


IPv6 basics

• Larger IP packet headers - IP address 128 bits instead of 32

• All TCP/UDP protocols behave like before

• Protocols that embedd IP address will have to support the new formats

• Subnetting like before with CIDR prefixes

128 bit address

128 bit address


A common enterprise model

48 bitprefix

64 bitdevice

16 bitsubnet

65536 networks!

ISP get /32Enterprise /48 or /54


Dual stack

IPv4 IPv6

The IPv4Internet

The IPv6Internet


TWO highways to the same destination

IPv4

IPv6

IPv4

IPv6


Happy eyeballs

IPv4

IPv6

IPv4

IPv6


Migration

IPv4 IPv6 IPv6IPv4

1 2 3


Testing IPv6

IPv6

3


Multiple addressesper interface

Link local address based on MAC (FE80::)

Site local address - ULA FDxx

Global address based on network prefix and MAC

Global address based on network prefix and random data

Link local multicast addresses

Service specific multicast address

Loopback address (only for loopback interface)


Different views in OS/X

Network configuration shows

only IPv4

Advanced showsONE IPv6 address

ifconfig


Distributing IPv6 addressesLocal Link (FE80::) - automatically

Global based on RA prefix - automatic (SLAAC)

Global based on DHCP - automatic (SLAAC)

Static - manual configuration

Based on MAC address

Based on random data for privacy (temporary address)


DHCPv6

INFORMATIONOBJECTS

DYNAMICIP ADDRESS

STATICIP ADDRESS

DNS, SIP gateway, NTP server etc

Random address from a range

PRIVACY ENHANCEDIP ADDRESS

Managed temporary privacy-enhancedAddress

Static address based on device identifier


DHCPv6 for ISP’s

NETWORKPROVISIONING

Network prefix, subnet maskrouter


DUID = Device Identifier

SYSTEM

IF

IF

IF

DUID - Device Unique Identifier

IAID - Interface Adapter Identifier

In IPv4 DHCP the MACis the system!


Where are they?

DUID

IAID

IAID

ETH0

WLAN0

Only shown in MicrosoftWindows 7. I can’t find iteasily in any other system.

Required to set up staticDHCPv6 address

management.


Various options

RA +SLAAC

SLAAC+ DHCPv6

RA+ DHCPv6

• Announce a prefix and a router withRADVD or RTSOL support

• MAC or temporary

• Simple, but not much control

• RA tells device to use SLAAC and fetch more options in DHCPv6

• DNS address, NTP server

• Better management, but still not much control

• RA tells device to get IP and more options in DHCPv6

• Device sends DUID+IAID

• Better management - log in DHCP server

• Where is the DUID?


Privacy enhanced

• ”Welcome back. You’re using a MacBook Pro 10th generation from Sollentuna, Sweden.”

• Why should I let everyone see my MAC address? And that I use multiple devices?

• All systems support this. Windows enable it by default. No other system has it in the UI.


STATUS REPORTPlaying with different operating systems


Disclaimer• I’ve tested these systems as a beginner, just spending an

hour or so on each

• I want it to be that easy.

• After 15 years of IPv6 it should just work

• I might have missed some basic stuff - but someone like me should not be able to do that.

• Feedback is always positive!


TEST focus

• Can I install a desktop O/S over IPv6?

• Can I add and install packages over IPv6?

• Can I configure it with combinations of Router Solicitation/Adverts and DHCPv6?

• How ready are we to run IPv6 single stack?


Test network

IPv4Internet Home

Gateway

SheevaPlug

IPv6LAN

IPv4LAN

TunnelBroker

IPv6Internet


Top of the line: Windows 7

• Microsoft has implemented IPv6 throughout the O/S

• The O/S doesn’t work properly without IPv6

• Server-side support is improving, but doesn’t cover all of the product line


Installation over IPv6

• OpenBSD with router solicitations, do not use DHCPv6

• FreeBSD - found an IPv6 address, but did not succeed

• Maybe use a FTP/HTTP client that is single stack?

• Debian, Ubuntu - don’t know. I could not select addresses at installation, it just started automatically somehow. Could not test on IPv6 only network.

• I had to enable dual stack for installation on all systems


OpenBSD 5

• Stateless Autoconfiguration

• DHCPv6 - there are ports, but not integrated

• Very hard to find any documentation or information

• ftp.openbsd.org has no IPv6, mirrors have


FreeBSD 9.0

• Support for SLAAC

• Complicated to get support for DHCPv6

• No easy configuration

• IPv6 in sysinstall

• IPv6 in installer, but can’t install over IPv6 (port system distributed)

• ftp.freebsd.org has two IPv6 addresses

• System config supports ra + dhcpv6onsdag 25 januari 12

FreeBSD 9

• NO dhcpv6 options in network configuration

• Only router advertisments

• No privacy address in network configuration

• Most of the ports servers do not support IPv6 - maybe through proxy

• The install gets IPv6 address through SLAAC, saves it as static in config. Bad.


Fedora 15


Fedora 15

• No support for privacy address in user interface

• Good attempt at configuration, but broken

• Nothing is saved in ifcfg-eth0

• You can set if IPv4 or IPv6 or both are required for the system to indicate ”Connected to network”


debian


Debian

• DHCP for IPv4 and autoconf for Ipv6 overwrite /etc/resolv.conf

• Only Ipv6 name server, but dhcp ipv4 address

• ftp.se.debian.org supports IPv6 so for me, package installation worked over IPv6 only


Ubuntu 11.10

• Default installation use IPv4 and installs only IPv4 even if IPv6 is available

• Same network app as Fedora

• Supports IPv6 in a good way

• No UI support for IPv6 temporary addresses

• If dual stack, only IPv4 is shown in UI


Link local address in UI.


Oops. IPv6 only...


OS/X

What does thismean?

Where’s the DUID?(This is assigned by DHCPv6)


Summary

• Seems like most systems started with SLAAC and thought ”We’re done!”

• Confusion on RA+DNS, RA+DHCPv6, DHCPv6 without RA

• Bad support for privacy addresses

• Most of the stuff exist in all kernels, but sysctl is not for normal users


The end...or is it the beginning?

It’s embarrassing to see that thefree operating systems aredoing so badly in this area.


The Status of IPv6 and Open Source/Free Operating systems

Technology

Transcript of The Status of IPv6 and Open Source/Free Operating systems