Benefits of IPv6
Large, extended address space: IPv6 provides 128-bit source and destination addresses compared to 32-bit addresses in IPv4. This represents an enormous number:
340,282,366,920,938,463,374,607,431,768,211,456
which is like 340 trillion trillion trillion.
Stateless autoconfiguration (SLAAC): IPv6 provides a configuration mechanism where hosts can self-generate a routable address. Unlike IPv4 autoconfigured address which are usable only on the local subnet and cannot be forwarded by a router, these can be visible and reachable from outside the local subnet.
No need to have NAT and PAT: Since a large number of public IPv6 addresses are available, there is no need to have Network Address Translation and Port Address Translation. All customer sites can get public IPv6 addresses. This will eliminate some of the NAT-induced application issues like those experienced by VoIP, videoconferencing, and other peer-to-peer applications. Though rendering NAT unnecessary is one of the benefits of IPv6, NAT64 is currently in use as an important tool to achieve backward compatibility with IPv4. A second issue with NAT-riddance is that most organizations hide their IPv4 network behind a NAT device. The security model will have to undergo a paradigm shift with the public accessible IPv6 addresses.
- The packet header in IPv6 is simpler than that used in IPv4, with many rarely used fields moved to separate optional header extensions.
- Routers on IPv6 do not perform fragmentation. The hosts on IPv6 are required to either perform path MTU discovery, perform end-to-end fragmentation or to send packets that do not exceed the IPv6 default MTU size of 1280 octets.
- The IPv6 header is not protected by a checksum. Rather, the integrity protection is presumed to be taken care of by the link-layer and higher layer error detection.
- The Time to Live field of IPv4 has been renamed to Hop Limit in IPv6, asserting the fact that routers are no longer expected to compute the time a packet spends in a queue.
Getting rid of broadcasts: IPv6 does not use the Layer 3 broadcasts addresses. It uses solicited node multicast addresses, a more efficient and selective technique for processes such as address resolution. In IPv4, the ARP uses broadcasts while in IPv6 solicited node multicasts are employed to accomplish the same purpose. There is also an all-node multicast address that essentially has the same effect as an IPv4 broadcast.
Transition tools: IPv6 has a number of tools to help with the transition from IPv4 to IPv6, including tunneling and NAT. Tunneling encapsulates the IPv6 packet into an IPv4 packet so that it can be delivered over IPv4-only networks. NAT provides a mechanism to translate an IPv4 address to an IPv6 address or vice-versa. IPv4 can also be tunneled over IPv6.
Mobility: Mobile IPv6 avoids triangular routing and is hence as efficient as native IPv6. IPv6 routers may also allow entire subnets to move to a new router connection point without renumbering.
IPv6 Features
Larger address space
- Global reachability and flexibility
- Aggregation
- Multihoming
- Autoconfiguration
- Plug-and-play
- End-to-end unique source and destination IP communication without NAT
- Renumbering
- Mobile IP RFC-compliant
- IPSec is native to and mandatory on IPv6
- Routing efficiency
- Performance and forwarding rate scalability
- No broadcasts
- No checksums
- Extension headers
- Flow labels
- Dual stack
- 6to4 and manual tunnels
- Translation
IPv4 Header
IPv6 Header
IPv6 Address Types
- Unicast
- Anycast
- Multicast
Unicast Addresses:
A unicast address uniquely identifies an interface on an IPv6 device. A packet sent to a unicast address is delivered to the interface identified by that address. A IPv6 address more accurately identifies an interface on a host rather than the host itself. A single interface can have multiple IPv6 addresses and an IPv4 address as well.
There are a few types of Unicast addresses in IPv6, in particular:
- Global unicast
- Unique local unicast
- Link-local unicast
- Unspecified address
- Loopback address
An anycast address is a unicast address assigned to several devices. A packet sent to an anycast address is delivered only to one of the devices configured with that address. The anycast packet will be routed to the nearest device.
There is an anycast address in IPv4 and like IPv6, it is a common unicast address assigned to multiple devices. In both IPv4 and IPv6, an anycast address is syntactically indistinguishable from a unicast address. In IPv6, the devices to which the anycast address is assigned are explicitly configured to recognize that it is an anycast address. This is not necessarily the case in IPv4.
Multicast Addresses:
A multicast address identifies a group of interfaces, typically belonging to different devices. A packet sent to a multicast address is delivered to all the devices identified by that address. All members of the multicast group process the packet. So, the difference between an anycast and a multicast address is that an anycast packet is only delivered to a single device, whereas a multicast packet can be delivered to multiple devices.
Representation of IPv6 Addressing:
Let us check this on a Cisco 4948 switch/router:
Router#
Router#
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#
Router(config)#int FastEthernet1
Router(config-if)#
Router(config-if)#no shutdown
Router(config-if)#
Router(config-if)#ipv6 address 3fde:0000:148F:312A:0000:0000:0000:3ab7/64
Router(config-if)#
Router(config-if)#exit
Router(config)#
Router(config)#exit
Router#
Router#
*Mar 19 21:26:50.508: %SYS-5-CONFIG_I: Configured from console by console
Router#
Router#
Router#show ipv6 int FastEthernet1
FastEthernet1 is down, line protocol is down
IPv6 is tentative, link-local address is FE80::2A94:FFF:FE9A:943F [TEN]
No Virtual link-local address(es):
Global unicast address(es):
3FDE:0:148F:312A::3AB7, subnet is 3FDE:0:148F:312A::/64 [TEN]
Joined group address(es):
FF02::1
VPN Routing/Forwarding "mgmtVrf"
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 24733)
Router#
Router#
As you can see above, the Cisco switch did a few smart things to the IPv6 address we entered:
There is an anycast address in IPv4 and like IPv6, it is a common unicast address assigned to multiple devices. In both IPv4 and IPv6, an anycast address is syntactically indistinguishable from a unicast address. In IPv6, the devices to which the anycast address is assigned are explicitly configured to recognize that it is an anycast address. This is not necessarily the case in IPv4.
Multicast Addresses:
A multicast address identifies a group of interfaces, typically belonging to different devices. A packet sent to a multicast address is delivered to all the devices identified by that address. All members of the multicast group process the packet. So, the difference between an anycast and a multicast address is that an anycast packet is only delivered to a single device, whereas a multicast packet can be delivered to multiple devices.
Representation of IPv6 Addressing:
Router#
Router#
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#
Router(config)#int FastEthernet1
Router(config-if)#
Router(config-if)#no shutdown
Router(config-if)#
Router(config-if)#ipv6 address 3fde:0000:148F:312A:0000:0000:0000:3ab7/64
Router(config-if)#
Router(config-if)#exit
Router(config)#
Router(config)#exit
Router#
Router#
*Mar 19 21:26:50.508: %SYS-5-CONFIG_I: Configured from console by console
Router#
Router#
Router#show ipv6 int FastEthernet1
FastEthernet1 is down, line protocol is down
IPv6 is tentative, link-local address is FE80::2A94:FFF:FE9A:943F [TEN]
No Virtual link-local address(es):
Global unicast address(es):
3FDE:0:148F:312A::3AB7, subnet is 3FDE:0:148F:312A::/64 [TEN]
Joined group address(es):
FF02::1
VPN Routing/Forwarding "mgmtVrf"
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 24733)
Router#
Router#
As you can see above, the Cisco switch did a few smart things to the IPv6 address we entered:
- Shortcuts were used and leading zeros chopped off
- The three consecutive fields of zeros were replaced succinctly by ::
- Mixed lowercase and uppercase were converted to complete uppercase
Diagrammatic representation of IPv6 Address Types
Stateless Autoconfiguration
Uses Neighbor Discovery Protocol, a messaging protocol that relies on ICMPv6 and facilitates the discovery of neighboring devices over a network.
NDP functions include the following:
Router, prefix, and parameter discovery
Address autoconfiguration and resolution
Duplicate address detection (DAD)
Tunneling Techniques:
Linux:
Configuring IPv6 on two machines and getting them to ping each other:
Node 1
pqr923.us.company.com: / >
pqr923.us.company.com: / >
pqr923.us.company.com: / > cat /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=pqr923.us.company.com
GATEWAY=10.145.120.1
IPV6_AUTOCONF=no
IPV6_DEFAULTGW=2616:d413:418:7f39::1
pqr923.us.company.com: / >
pqr923.us.company.com: / >pqr923.us.company.com: / >
pqr923.us.company.com: / > cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
UUID=96accc42-9e23-4170-9af1-ea52cfe7cc9e
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
HWADDR=00:37:38:8E:0D:74
IPADDR=10.145.120.175
PREFIX=23
GATEWAY=10.145.120.1
DNS1=175.75.139.82
DNS2=185.50.120.10
DNS3=195.165.32.172
DOMAIN=us.company.com
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
NAME="System eth0"
IPV6INIT=yes
IPV6ADDR=2616:d413:418:7f39:4000::923
IPV6_DEFAULT=2616:d413:418:7f39::1
pqr923.us.company.com: / >
pqr923.us.company.com: / >
pqr923.us.company.com: / >
pqr923.us.company.com: / >
pqr923.us.company.com: / > service network restart
Shutting down interface eth0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: [ OK ]
pqr923.us.company.com: / >
pqr923.us.company.com: / >
pqr923.us.company.com: / >
pqr923.us.company.com: / > ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:37:38:8E:0D:74
inet addr:10.145.120.175 Bcast:10.145.121.255 Mask:255.255.254.0
inet6 addr: 2616:d413:418:7f39:4000::923/64 Scope:Global
inet6 addr: fe80::221:27ff:fe8e:d34/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:41284 errors:0 dropped:0 overruns:0 frame:0
TX packets:6229 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2654091 (2.5 MiB) TX bytes:747366 (729.8 KiB)
pqr923.us.company.com: / > ping6 2616:d413:418:7f39:4000::923
PING 2616:d413:418:7f39:4000::923(2616:d413:418:7f39:4000::923) 56 data bytes
64 bytes from 2616:d413:418:7f39:4000::923: icmp_seq=1 ttl=64 time=0.045 ms
64 bytes from 2616:d413:418:7f39:4000::923: icmp_seq=2 ttl=64 time=0.027 ms
64 bytes from 2616:d413:418:7f39:4000::923: icmp_seq=3 ttl=64 time=0.027 ms
^C
--- 2616:d413:418:7f39:4000::923 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2446ms
rtt min/avg/max/mdev = 0.027/0.033/0.045/0.008 ms
pqr923.us.company.com: / >
pqr923.us.company.com: / >
pqr923.us.company.com: / >
pqr923.us.company.com: / >
pqr923.us.company.com: / > ping6 2616:d413:418:7f39:4000::924
PING 2616:d413:418:7f39:4000::924(2616:d413:418:7f39:4000::924) 56 data bytes
64 bytes from 2616:d413:418:7f39:4000::924: icmp_seq=1 ttl=64 time=2.26 ms
64 bytes from 2616:d413:418:7f39:4000::924: icmp_seq=2 ttl=64 time=0.189 ms
64 bytes from 2616:d413:418:7f39:4000::924: icmp_seq=3 ttl=64 time=0.184 ms
64 bytes from 2616:d413:418:7f39:4000::924: icmp_seq=4 ttl=64 time=0.183 ms
64 bytes from 2616:d413:418:7f39:4000::924: icmp_seq=5 ttl=64 time=0.182 ms
64 bytes from 2616:d413:418:7f39:4000::924: icmp_seq=6 ttl=64 time=0.181 ms
64 bytes from 2616:d413:418:7f39:4000::924: icmp_seq=7 ttl=255 time=0.183 ms
^C
--- 2616:d413:418:7f39:4000::924 ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6654ms
rtt min/avg/max/mdev = 0.181/0.480/2.262/0.727 ms
pqr923.us.company.com: / >
pqr923.us.company.com: / >
pqr923.us.company.com: / >
pqr923.us.company.com: / >
pqr923.us.company.com: / > traceroute6 2616:d413:418:7f39:4000::924
traceroute to 2616:d413:418:7f39:4000::924 (2616:d413:418:7f39:4000::924), 30 hops max, 80 byte packets
1 2616:d413:418:7f39:4000::924 (2616:d413:418:7f39:4000::924) 0.151 ms !X 0.146 ms !X 0.167 ms !X
pqr923.us.company.com: / >
pqr923.us.company.com: / > route -n -A inet6
Kernel IPv6 routing table
Destination Next Hop Flags Metric Ref Use Iface
2616:d413:418:7f39:4000::924/128 2616:d413:418:7f39:4000::924 UC 0 20 0 eth0
2616:d413:418:7f39::/64 :: U 256 0 0 eth0
fe80::/64 :: U 256 0 0 eth0
::/0 2616:d413:418:7f39::1 UG 1 0 0 eth0
2616:d413:418:7f39:4000::923/128 :: U 0 163 1 lo
fe80::221:27ff:fe8e:d34/128 :: U 0 16 1 lo
ff00::/8 :: U 256 0 0 eth0
pqr923.us.company.com: / >
pqr923.us.company.com: / >
Node 2
pqr924.us.company.com: / >
pqr924.us.company.com: / >
pqr924.us.company.com: / > cat /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=pqr924.us.company.com
GATEWAY=10.145.120.1
IPV6_AUTOCONF=no
IPV6_DEFAULTGW=2616:d413:418:7f39::1
pqr924.us.company.com: / >
pqr924.us.company.com: / >
pqr924.us.company.com: / > cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
UUID=96accc42-9e23-4170-9af1-ea52cfe8da9e
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
HWADDR=00:37:28:8F:0D:48
IPADDR=10.145.120.176
PREFIX=23
GATEWAY=10.145.120.1
DNS1=175.75.139.82
DNS2=185.50.120.10
DNS3=195.165.32.172
DOMAIN=us.company.com
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
NAME="System eth0"
IPV6INIT=yes
IPV6ADDR=2616:d413:418:7f39:4000::924
IPV6_DEFAULT=2616:d413:418:7f39::1
pqr924.us.company.com: / >
pqr924.us.company.com: / >
pqr924.us.company.com: / >
pqr924.us.company.com: / >
pqr924.us.company.com: / > service network restart
Shutting down interface eth0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: [ OK ]
pqr924.us.company.com: / >
pqr924.us.company.com: / >
pqr924.us.company.com: / > ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:37:28:8F:0D:48
inet addr:10.145.120.176 Bcast:10.145.121.255 Mask:255.255.254.0
inet6 addr: fe80::221:27ff:fe8e:d78/64 Scope:Link
inet6 addr: 2616:d413:418:7f39:4000::924/64 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:24737 errors:0 dropped:0 overruns:0 frame:0
TX packets:4151 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1629720 (1.5 MiB) TX bytes:512379 (500.3 KiB)
pqr924.us.company.com: / >
pqr924.us.company.com: / > ping6 2616:d413:418:7f39:4000::924
PING 2616:d413:418:7f39:4000::924(2616:d413:418:7f39:4000::924) 56 data bytes
64 bytes from 2616:d413:418:7f39:4000::924: icmp_seq=1 ttl=64 time=0.045 ms
64 bytes from 2616:d413:418:7f39:4000::924: icmp_seq=2 ttl=64 time=0.027 ms
^C
--- 2616:d413:418:7f39:4000::924 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1990ms
rtt min/avg/max/mdev = 0.027/0.036/0.045/0.009 ms
pqr924.us.company.com: / >
pqr924.us.company.com: / >
pqr924.us.company.com: / >
pqr924.us.company.com: / > ping6 2616:d413:418:7f39:4000::923
PING 2616:d413:418:7f39:4000::923(2616:d413:418:7f39:4000::923) 56 data bytes
64 bytes from 2616:d413:418:7f39:4000::923: icmp_seq=1 ttl=64 time=1.99 ms
64 bytes from 2616:d413:418:7f39:4000::923: icmp_seq=2 ttl=64 time=0.183 ms
64 bytes from 2616:d413:418:7f39:4000::923: icmp_seq=3 ttl=64 time=0.185 ms
64 bytes from 2616:d413:418:7f39:4000::923: icmp_seq=4 ttl=64 time=0.179 ms
64 bytes from 2616:d413:418:7f39:4000::923: icmp_seq=5 ttl=64 time=0.187 ms
^C
--- 2616:d413:418:7f39:4000::923 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4749ms
rtt min/avg/max/mdev = 0.179/0.546/1.999/0.726 ms
pqr924.us.company.com: / >
pqr924.us.company.com: / >
pqr924.us.company.com: / >
pqr924.us.company.com: / >
pqr924.us.company.com: / > traceroute6 2616:d413:418:7f39:4000::923
traceroute to 2616:d413:418:7f39:4000::923 (2616:d413:418:7f39:4000::923), 30 hops max, 80 byte packets
1 2616:d413:418:7f39:4000::923 (2616:d413:418:7f39:4000::923) 0.783 ms !X 0.693 ms !X 0.593 ms !X
pqr924.us.company.com: / >
pqr924.us.company.com: / >
pqr924.us.company.com: / > route -n -A inet6
Kernel IPv6 routing table
Destination Next Hop Flags Metric Ref Use Iface
2616:d413:418:7f39:4000::923/128 2616:d413:418:7f39:4000::923 UC 0 16 0 eth0
2616:d413:418:7f39::/64 :: U 256 0 0 eth0
fe80::/64
::/0 2616:d413:418:7f39::1 UG 1 0 0 eth0
:: U 256 0 0 eth0
::1/128 :: U 0 17 1 lo
2616:d413:418:7f39:4000::924/128 :: U 0 191 1 lo
fe80::221:27ff:fe8e:d78/128 :: U 0 21 1 lo
ff00::/8 :: U 256 0 0 eth0
pqr924.us.company.com: / >
pqr924.us.company.com: / >
IPv6 is enabled by setting the NETWORKING_IPV6 variable to yes in the /etc/sysconfig/network configuration file.
# vi /etc/sysconfig/network
NETWORKING_IPV6=yes
Restart the network services to enable IPv6:
# service network restart
Initial check: ping the loopback (::1) to ensure basic IPv6 is working:
# ping6 ::1
Reply packets should be seen on the screen.
To configure an interface we use the add keyword:
# ifconfig eth0 add inet6 3ffe:b00:0:1::a/64
To verify the IPv6 addresses on the interface eth0, type:
# ifconfig eth0
An IPv6 address starting with fe80:: should be assigned to the interface. If it is, then the IPv6 is working.
Configuring router advertisements:
When behaving as a router, Linux is configured with IPv6 forwarding enabled. RedHat 8.0 distribution does not include the router advertisement daemon. The radvd rpm must be installed for the Linux host to do router advertisements.
The radvd daemon is configured by the .etc/radvd.conf file. The following file enables router advertisements of the mentioned prefix on the eth0 interface:
# vi /etc/radvd.conf
interface eth0 {# ping6 ::1
Reply packets should be seen on the screen.
To configure an interface we use the add keyword:
# ifconfig eth0 add inet6 3ffe:b00:0:1::a/64
To verify the IPv6 addresses on the interface eth0, type:
# ifconfig eth0
An IPv6 address starting with fe80:: should be assigned to the interface. If it is, then the IPv6 is working.
Configuring router advertisements:
When behaving as a router, Linux is configured with IPv6 forwarding enabled. RedHat 8.0 distribution does not include the router advertisement daemon. The radvd rpm must be installed for the Linux host to do router advertisements.
The radvd daemon is configured by the .etc/radvd.conf file. The following file enables router advertisements of the mentioned prefix on the eth0 interface:
# vi /etc/radvd.conf
advSendAdvert on;
prefix 3ffe:b00:0:1::/64 {
AdvOnLink on;
};
};
Troubleshooting:
The first step is to verify if the kernel supports IPv6, by looking at the existence of the /proc/net/if_inet6 file. If it exists, then the kernel supports IPv6:
# cat /proc/net/if_inet6
The IPv6 module must also be loaded:
# lsmod | grep ipv6
Router advertisements received on an interface can be viewed:
# radvdump
Managing neighbors:
The following command is used to manage the neighbor cache:
# ip -6 neighbour show
Each entry in the cache is shown with the following information:
- IPv6 address
- interface name
- link-layer addresses
- state of neighbor unreachability detection
- designation of the neighbor as a router
# ip -6 neighbour add fe80::212:6bff:fe3a:9e9a lladdr 00:12:6b:3a:9e:9a dev eth0 nud reachable
The following deletes the fe80::212:6bff:fe3a:9e9a neighbor in the cache:
# ip -6 neighbour delete fe80::212:6bff:fe3a:9e9a dev eth0
To flush the neighbor cache, use:
# ip -6 neighbour flush
MTU in Router Advertisements:
The router advertisement daemon sends the link MTU with the 'advLinkMTU' statement in its /etc/radvd.conf configuration file. For example, you can set the link MTU to 1480 on th eth0 interface:
# vi /etc/radvd.conf
if eth0 {
advLinkMTU 1480;
};
Managing ICMP on Hosts and Routers:
To send an ICMP echo request to a node, use ping6:
# ping6 3ffe:b00:0:1::2
When sending to a link-local address, add the -I option followed by the interface name on which the packet should be sent:
# ping6 -I eth0 fe80::1
Configuring routing:
Forwarding:
To configure Linux to forward packets between interfaces,
# sysctl -w net.ipv6.conf.all.forwarding=1
or
# echo "1" > /proc/sys/net/ipv6/conf/all/forwarding
Static routes:
To add a static route, use the 'route add' command. The following example installs the 3ffe:b00:1::/48 static route pointing to fe80::2 :
# route -A inet6 add 3ffe:b00:1::/48 gw fe80::2
To delete a route, use the 'route del' command. The keyword 'gw' used in the add command is replaced by 'via'. The following example deletes the 3ffe:b00:1::/48 route:
# route -A inet6 del 3ffe:b00:1::/48 via fe80::2
Some versions of Linux do not support the IPv6 default route (::/0). To make a default route, use the current allocated address space. The equivalent of the default route is the 2000::/3 route since it is the defined unicast address range in the addressing architecture.
# route -A inet6 add 2000::/3 gw fe80::2
If using unique-local addressing, add also a route for fc00::/16 or fd00::/16 .
Route redirect:
By default, route redirects are accepted when Linux is not forwarding and refused when Linux is forwarding. To set the acceptance of route redirects, set the sysctl 'net.ipv6.conf.all.accept_redirects' variable to 1, as shown below:
# sysctl -w net.ipv6.conf.all.accept_redirects=1
or
# echo "1" > /proc/sys/net/ipv6/conf/all/accept_redirects
Troubleshooting:
To troubleshoot IPv6 routes, use the 'route -A inet6' command without any additional argument:
# route -A inet6
The IPv6 routes can also be seen using the 'netstat' command and by looking in the '/proc' filesystem, as shown below:
# cat /proc/net/ipv6_route
The 'traceroute6' command is used to identify the path taken from the source to the destination. It is the IPv6 version of traceroute:
# traceroute6 3ffe:b00:1:1::1
Configuring Mobility:
Linux supports MobileIPv6 and TSP tunnel broker.
MobileIPv6 on Linux is developed by HUT [Helsinki University of Technology]. It is configured by the network-mip6.conf file.
The key statements of this configuration file are shown in the below table.
# cat /etc/network-mip6.conf
FUNCTIONALITY=mn
HOMEDEV=mip6mnhal
HOMEADDRESS=3ffe:b00:0:1::/128
HOMEAGENT=3ffe:b00:0:0:1::1/64
Configuring Quality of Service QoS:
Ping has the -F option to set the flow label to a value, useful for testing the behavior of routers in the network processing the flow label. The following example sends ICMP packets where the flow label is set to 1:
# ping6 -F 1 3ffe:b00:0:1::2
Configuring Anycast and Multicast:
Use the -g flag in netstat to see the multicast groups in Linux:
# netstat -g
Configuring IPv6 in IPv4 Dominant Networks:
Linux supports static tunnels through the 'sit' interface, 6to4 through a generic interface, ISATAP through the 'is' interface and TSP tunnel broker through the tsp/freenet6 client.
Static IPv6 in IPv4 tunnels:
Linux has the 'ifconfig', 'route' and 'ip' commands (part of the iproute package) to create tunnels.
The following commands configure an IPv6 in IPv4 static tunnel using interface sit0, as in the above figure:
# ip tunnel add sit0 mode sit ttl 64 remote 192.0.3.1
# ifconfig sit0 up
# ifconfig sit0 add 3ffe:b00:1:1::1/128
To forward all IPv6 traffic through this static tunnel, use the route add command, as shown below:
# route -A inet6 add 2000::/3 dev sit0
Note the use of 2000::/3 as the default route, since Linux kernels do not like IPv6 default routes.
6to4:
6to4 is implemented as a virtual interface in Linux, below named 'tun6to4'. The whole 6to4 network is seen as a virtual link by setting the prefix length to 16.
Configuring Quality of Service QoS:
Ping has the -F option to set the flow label to a value, useful for testing the behavior of routers in the network processing the flow label. The following example sends ICMP packets where the flow label is set to 1:
# ping6 -F 1 3ffe:b00:0:1::2
Configuring Anycast and Multicast:
Use the -g flag in netstat to see the multicast groups in Linux:
# netstat -g
Configuring IPv6 in IPv4 Dominant Networks:
Linux supports static tunnels through the 'sit' interface, 6to4 through a generic interface, ISATAP through the 'is' interface and TSP tunnel broker through the tsp/freenet6 client.
Static IPv6 in IPv4 tunnels:
Linux has the 'ifconfig', 'route' and 'ip' commands (part of the iproute package) to create tunnels.
# ip tunnel add sit0 mode sit ttl 64 remote 192.0.3.1
# ifconfig sit0 up
# ifconfig sit0 add 3ffe:b00:1:1::1/128
To forward all IPv6 traffic through this static tunnel, use the route add command, as shown below:
# route -A inet6 add 2000::/3 dev sit0
Note the use of 2000::/3 as the default route, since Linux kernels do not like IPv6 default routes.
6to4:
6to4 is implemented as a virtual interface in Linux, below named 'tun6to4'. The whole 6to4 network is seen as a virtual link by setting the prefix length to 16.
