CONFIGURATION OF IPV6
Examples from various operating [email protected] Twitter : oej Twitter : ipv6friday
foss-sthml.se meeting January 25th 2012
onsdag 25 januari 12
This is the year we launch the new Internet.
Do not stay behind!
onsdag 25 januari 12
IPv6 basics
• Larger IP packet headers - IP address 128 bits instead of 32
• All TCP/UDP protocols behave like before
• Protocols that embedd IP address will have to support the new formats
• Subnetting like before with CIDR prefixes
128 bit address
128 bit address
onsdag 25 januari 12
A common enterprise model
48 bitprefix
64 bitdevice
16 bitsubnet
65536 networks!
ISP get /32Enterprise /48 or /54
onsdag 25 januari 12
Dual stack
IPv4 IPv6
The IPv4Internet
The IPv6Internet
onsdag 25 januari 12
TWO highways to the same destination
IPv4
IPv6
IPv4
IPv6
onsdag 25 januari 12
Happy eyeballs
IPv4
IPv6
IPv4
IPv6
onsdag 25 januari 12
Migration
IPv4 IPv6 IPv6IPv4
1 2 3
onsdag 25 januari 12
Testing IPv6
IPv6
3
onsdag 25 januari 12
Multiple addressesper interface
Link local address based on MAC (FE80::)
Site local address - ULA FDxx
Global address based on network prefix and MAC
Global address based on network prefix and random data
Link local multicast addresses
Service specific multicast address
Loopback address (only for loopback interface)
onsdag 25 januari 12
Different views in OS/X
Network configuration shows
only IPv4
Advanced showsONE IPv6 address
ifconfig
onsdag 25 januari 12
Distributing IPv6 addressesLocal Link (FE80::) - automatically
Global based on RA prefix - automatic (SLAAC)
Global based on DHCP - automatic (SLAAC)
Static - manual configuration
Based on MAC address
Based on random data for privacy (temporary address)
onsdag 25 januari 12
DHCPv6
INFORMATIONOBJECTS
DYNAMICIP ADDRESS
STATICIP ADDRESS
DNS, SIP gateway, NTP server etc
Random address from a range
PRIVACY ENHANCEDIP ADDRESS
Managed temporary privacy-enhancedAddress
Static address based on device identifier
onsdag 25 januari 12
DHCPv6 for ISP’s
NETWORKPROVISIONING
Network prefix, subnet maskrouter
onsdag 25 januari 12
DUID = Device Identifier
SYSTEM
IF
IF
IF
DUID - Device Unique Identifier
IAID - Interface Adapter Identifier
In IPv4 DHCP the MACis the system!
onsdag 25 januari 12
Where are they?
DUID
IAID
IAID
ETH0
WLAN0
Only shown in MicrosoftWindows 7. I can’t find iteasily in any other system.
Required to set up staticDHCPv6 address
management.
onsdag 25 januari 12
Various options
RA +SLAAC
SLAAC+ DHCPv6
RA+ DHCPv6
• Announce a prefix and a router withRADVD or RTSOL support
• MAC or temporary
• Simple, but not much control
• RA tells device to use SLAAC and fetch more options in DHCPv6
• DNS address, NTP server
• Better management, but still not much control
• RA tells device to get IP and more options in DHCPv6
• Device sends DUID+IAID
• Better management - log in DHCP server
• Where is the DUID?
onsdag 25 januari 12
Privacy enhanced
• ”Welcome back. You’re using a MacBook Pro 10th generation from Sollentuna, Sweden.”
• Why should I let everyone see my MAC address? And that I use multiple devices?
• All systems support this. Windows enable it by default. No other system has it in the UI.
onsdag 25 januari 12
STATUS REPORTPlaying with different operating systems
onsdag 25 januari 12
Disclaimer• I’ve tested these systems as a beginner, just spending an
hour or so on each
• I want it to be that easy.
• After 15 years of IPv6 it should just work
• I might have missed some basic stuff - but someone like me should not be able to do that.
• Feedback is always positive!
onsdag 25 januari 12
TEST focus
• Can I install a desktop O/S over IPv6?
• Can I add and install packages over IPv6?
• Can I configure it with combinations of Router Solicitation/Adverts and DHCPv6?
• How ready are we to run IPv6 single stack?
onsdag 25 januari 12
Test network
IPv4Internet Home
Gateway
SheevaPlug
IPv6LAN
IPv4LAN
TunnelBroker
IPv6Internet
onsdag 25 januari 12
Top of the line: Windows 7
• Microsoft has implemented IPv6 throughout the O/S
• The O/S doesn’t work properly without IPv6
• Server-side support is improving, but doesn’t cover all of the product line
onsdag 25 januari 12
Installation over IPv6
• OpenBSD with router solicitations, do not use DHCPv6
• FreeBSD - found an IPv6 address, but did not succeed
• Maybe use a FTP/HTTP client that is single stack?
• Debian, Ubuntu - don’t know. I could not select addresses at installation, it just started automatically somehow. Could not test on IPv6 only network.
• I had to enable dual stack for installation on all systems
onsdag 25 januari 12
OpenBSD 5
• Stateless Autoconfiguration
• DHCPv6 - there are ports, but not integrated
• Very hard to find any documentation or information
• ftp.openbsd.org has no IPv6, mirrors have
onsdag 25 januari 12
FreeBSD 9.0
• Support for SLAAC
• Complicated to get support for DHCPv6
• No easy configuration
• IPv6 in sysinstall
• IPv6 in installer, but can’t install over IPv6 (port system distributed)
• ftp.freebsd.org has two IPv6 addresses
• System config supports ra + dhcpv6onsdag 25 januari 12
FreeBSD 9
• NO dhcpv6 options in network configuration
• Only router advertisments
• No privacy address in network configuration
• Most of the ports servers do not support IPv6 - maybe through proxy
• The install gets IPv6 address through SLAAC, saves it as static in config. Bad.
onsdag 25 januari 12
Fedora 15
onsdag 25 januari 12
Fedora 15
• No support for privacy address in user interface
• Good attempt at configuration, but broken
• Nothing is saved in ifcfg-eth0
• You can set if IPv4 or IPv6 or both are required for the system to indicate ”Connected to network”
onsdag 25 januari 12
debian
onsdag 25 januari 12
Debian
• DHCP for IPv4 and autoconf for Ipv6 overwrite /etc/resolv.conf
• Only Ipv6 name server, but dhcp ipv4 address
• ftp.se.debian.org supports IPv6 so for me, package installation worked over IPv6 only
onsdag 25 januari 12
Ubuntu 11.10
• Default installation use IPv4 and installs only IPv4 even if IPv6 is available
• Same network app as Fedora
• Supports IPv6 in a good way
• No UI support for IPv6 temporary addresses
• If dual stack, only IPv4 is shown in UI
onsdag 25 januari 12
Link local address in UI.
onsdag 25 januari 12
Oops. IPv6 only...
onsdag 25 januari 12
OS/X
What does thismean?
Where’s the DUID?(This is assigned by DHCPv6)
onsdag 25 januari 12
Summary
• Seems like most systems started with SLAAC and thought ”We’re done!”
• Confusion on RA+DNS, RA+DHCPv6, DHCPv6 without RA
• Bad support for privacy addresses
• Most of the stuff exist in all kernels, but sysctl is not for normal users
onsdag 25 januari 12
The end...or is it the beginning?
It’s embarrassing to see that thefree operating systems aredoing so badly in this area.
onsdag 25 januari 12
Top Related