Thursday, June 9, 2011

Using and Understanding IPv6 on openSUSE 11

Desktop - OpenSUSE

ipv6So IPv6 has been around a while now but do we know any benefits? We may know that it is 128bits long and too difficult to type but if that is all then we do ourselves a little injustice in not knowing how easy IPv6 can make our lives. So let us take a look at some of the automation features of IPv6 including auto-address assignment, router discovery and why we do not need a broadcast address.

IPv6 Addresses

There are different address spaces, or types, within the new protocol. These types define their scope (or where they are effective). But first we look at the addressing scheme. Yes, the address is 128 bits but is written in hexadecimal (hex).
Each hex character represents 4 binary bits. The address is then written in blocks of 4 hex numbers (4 * 4 bits = 16 bits per block) delimited by a colon. This will mean that or address is written as 32 hex characters within the following range:

0000:0000:0000:0000:0000:0000:0000:00000
FFFF: FFFF FFFF: FFFF: FFFF: FFFF: FFFF: FFFF

Main Points

  1. 128 bits
  2. 8 words which are colon separated
  3. Each word is 4 hex characters or 16 bits

Why use IPv6

We are still going to have IPv4 for the foreseeable future, the next 10 years or so. But IANA the governing body of the internet are running out of IPv4 Addresses. The central body are down to their last /8(1000 addresses) as is the Asia Pacific Local Authority. This means that in the APAC region IPv4 will only be issued to customers who can prove they are implementing IPv6 but have a proven need for the addresses. Public addresses are a limited resource that is running out.
IPv6 addressed being so much longer have vastly more addresses, trillions per person on earth so it is difficult to see how we could run out of IPv6 addresses. Technology improvements in the header of IPv6 will allow for better access and sharing of resources though built in Quality of Service (QoS), for example Remote Desktop Protocol (RDP) will require a constant bandwidth stream whereas as http, the main web browsing protocol works well with less consistent bandwidth . Major factors in adoption will also the automation features built-in to IPv6 where services such as gateways and DNS can be detected on the network without configuration.

Global Addresses

These addresses are public addresses that are issued on the internet and often begin with 2001:. This could give us a possible host with the ip-address of:
2001:0000:0000:0000:0000:0000:0000:0001
Do not fear - we have a form of shorthand that will allow us to omit leading zeros in each 4 block section so the address will become shortened to the following:
2001::1
NOTE: 2001:: is the first release of IPv6 Global Address. A real address would start 2001: the second word would then be an identifier for your Region in the World. Your ISP would then issue you a range using the third word. The prefix would then be /48 (3 * 16). The fourth bit you could then subnet yourself within your own enterprise to give you a /64 bit prefix. Below we see the network portion or first 64 bits in the four words of a typical global address:

2001
Regional ID
Your assigned prefix
Enterprise Subnet

Local Host

The local host (as in IPv4 127.0.0.1) will be addressed as:
0000:0000:0000:0000:0000:0000:0000:0001, or more simply:
::1
The output of “netstat –ant –inet6” from my openSUSE 11 box is shown below:
  1. Anything listed as listening on the Local Address ::1 is listening on the internal or loopback adaptor
  2. Anything listed as listening on the Local Address :: is listening on all IPv6 Interfaces
  3. Ignore the extra colon. This is normal and separates the IPv6 address from the port.
IPv6 Netstat

Link-Local Addresses

These start FE80:000o:0000:0000 and end with the MAC address of the host ensuring the uniqueness of the address on the network. The scope is restricted to the local network, and all hosts on it. This network scope cannot be routed and has no access to the internet. However, this does mean we have auto-configuration of the local hosts on our network. We do not need to set anything for communication to work locally. You may compare the Link-Local address with the 169.254 addresses in IPv4.
The network is written as FE80::/64. Indicating the network portion is 64 bits and the last 64 bits make up the host. In IPv4 this would be called the subnet-mask, in IPv6 this is called the prefix.
IPv6 Ethernet Adapter
The previous image shows the Link-local address from a Windows 7 machine. The %20 on the end is just used to identify the connection, or in other words, distinguishing between eth0 and eth1 if it were Linux.
Below is the Link-local address shown from openSUSE 11.As you can see the network address is the same as in Windows 7, FE80::/64
IPv6 Desktop

Unique Local Addresses

These addresses may compare with the private addresses in IPv4 such as 10.0.0.0, 172.16.0.0 and 192.168.0.0. The IPv6 range is FC00::/7 The first 7 bits must start 1111110 in binary. For the first 8 bits (2 hex characters) this would give a range starting 11111100 to 11111101 or in hex: FC to FD
When using a ULA it is normal to generate a unique address with a /48 prefix and then create your own subnets within the 4th hex word. The first 48 bits, or three words,being your ULA and bits 49-64, the fourth word, used for your subnet. This allows for a /64 bit prefix and use of MAC addresses to represent the 64 bits of the host.
To generate your own ULA use one of you MAC address from a network you own, (Network Card Serial Number), and use the online calculator to generate your /48 bit prefix: http://www.sixxs.net/tools/grh/ula/
IPv6 Unique Local Addresses
It does not matter which MAC address you choose to use in the calculator, it is just a method of ensuring a unique input. Even though ULAs do not connect directly to the internet, there is just no need to use the same addresses on every network in the way we have become used to with the 192.168 network in IPv4.
You can see from the output of the calculator above the prefix FD81:2043:94E6::/48 has been created for my use. With the complete use of the 4thword (bit 49 – 64), this would give me 65,000 subnets I could use if I opted for the /64 prefix.

FD81:2043:94E6::/64
FD81:2043:94E6::/64

All Hosts

There is no broadcast address for the network but we can access “all hosts” though the Multicast Address ff02::1
On linux if we use the command:
Ping6 –I eth0 ff02::1 we will see a response from each host
On Windows if we use the command:
Ping -6 ff02::1 we will see the response from the multicast group.

All Routers

Especially in smaller offices or home networks there is no need to configure a gateway for your clients as there is a multicast group for all routers: ff02::2. If the group exists on your network then you have an IPv6 Router. Again we can check for the existence of such devices by pinging the multicast address.
In short IPv6 will save us time and effort and these are only a few of the new features that are incorporated in the new protocol. We will need to learn more but the sooner the start the sooner we will become familiar with the new features within IPv6.

No comments:

Post a Comment