Bringing IPv6 to the home : Part 1
World IPv6 day came and went, but for most of us nothing much changed. In Malta especially, there currently seems no interest for ISPs to start using IPV6, very probably due to the challenges it poses. So I went on a mission to bring IPv6 connectivity to my home network (FYI, there are already some enterprises using IPv6 in Malta – but I do not know of any residential native IPv6 connections in Malta at the time of writing). There are various free “IPv6 broker” services available on the internet. The most well known of these is “Hurricane Electric“. I decided to go with “freenet6” since it was slightly simpler to setup.
These tunnel broker services and others like them use a variety of methods to setup a tunnel, where IPv6 traffic is encapsulated within IPv4 traffic. This traffic is then sent to a server (the “broker” server) which is directly connected to the IPv6 backbone. The server decapsulates the IPv6 packet and sends it along it’s way over the IPv6 internet… and the reverse process for the way back.
This article is the first in a series that explores the pain free method of getting IPv6 connectivity, checking out some more practical and technical aspects of IPv6 along the way
The first order of the day is getting IPv6 connectivity. I used a windows 7 machine to run the freenet6 client, but the process is relatively similar for linux. First the freenet6 client needs to be downloaded, and as it states on the download page, you will need to register with the site. Once the client is downloaded, I also registered with freenet6 to be able to get an entire /64 IPv6 subnet to share with the other PCs in my house. This is because gogo6 provides two methods of connecting to the IPv6 internet:
- Only the PC where the client is installed will connect to the IPv6 internet
- The PC where the client is installed will connect to the IPv6 internet, and in turn will also act as an IPv6 gateway for other PCs in it’s network.
I opted for the second option, it’s more convenient for multiple IPv6 nodes. Once the registration and downloads are done, we are ready to connect to the IPv6 broker server. Freenet6 has made this a breeze. Once the client opens, you are presented with a straightforward page. To make sure I connected to the closest available server, I manually filled in the server address as “amsterdam.freenet6.net”, and entered in my credentials that I obtained when registering with freenet6:
Since I wanted this PC to act as an IPv6 gateway, the last step was to enable the option “Enable Routing Advertisements” under the Advanced tab:
That’s it as far as configuration goes…. In the “basic” tab just select connect and the client should connect. Should you run into issues, going to:
Log tab > Enable Logging to File > Open Log Window…
Will help in troubleshooting. Now, looking at the network configuration of the gateway PC we see:
Ethernet adapter Local Area Connection 3:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : gogo6 Virtual Multi-Tunnel Adapter
Physical Address. . . . . . . . . : 02-50-F2-00-00-01
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:5c0:1400:b::d7fd(Preferred)
Link-local IPv6 Address . . . . . : fe80::4c25:3af1:4683:f358%28(Preferred)
Autoconfiguration IPv4 Address. . : 169.254.243.88(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : ::
DNS Servers . . . . . . . . . . . : 2001:5c0:1000:11::2
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
Physical Address. . . . . . . . . : 00-1B-38-6F-F4-9A
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:5c0:1519:7900::1(Preferred)
IPv6 Address. . . . . . . . . . . : 2001:5c0:1519:7900:55b6:d837:f953:8024(Preferred)
Temporary IPv6 Address. . . . . . : 2001:5c0:1519:7900:307c:cb81:395c:622c(Preferred)
Link-local IPv6 Address . . . . . : fe80::55b6:d837:f953:8024%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.168.171(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.168.168
The first interface “Description: gogo6…” is the virtual interface created by the freenet6 client. This basically creates an IPv6 point to point link with the broker server. Any traffic passing over this interface is encapsulated within IPv4 traffic and sent out. Also note how this interface is assigned an IPv6 DNS server.
The second interface “Description: Broadcom…” is my internal LAN address. It has both a valid IPv4 address, and 3 IPv6 addresses. This is the first difference between IPv4 and IPv6. We are used to dealing with a one-to-one relationship between IP and interface in the IPv4 world. However in IPv6 it is perfectly normal and expected to have multiple IPv6 addresse. In my case we have:
- IPv6 Address : this is the global, unique IPv6 address that is assigned to this PC. Imagine it as a kind of public IPv4 address assigned to my PC
- Temporaty IPv6 Address : this is another global, unique IPv6 address that is assigned to this PC. This PC uses the temporary IPv6 address when communicating with the outside world. It uses this address rather than the previous one for privacy concerns. If my PC where to continuously use the first IPv6 address that is unique to my PC, it would be very easy for an outsider to track my browsing an internet activity. To mitigate this, a temporary IPv6 address that is cycled periodically is used so that the IPv6 source address of a client is changed. Not a silver bullet, but it helps
- Link-local IPv6 address : this is the address that the PC uses when communicating with nodes on the same link (when I say link, read: “nodes in the same broadcast domain”). This address is used when determining IP addressing, during neighbor discovery (the IPv6 equivalent of ARP) and other functions. This address should never be sent to the public IPv6 network, it is unroutable.
Now to see if all this works. First we check if an IPv6 ready site is pingable. Via linux it’s a simple “ping6 http://www.google.com”. You can also visit sites such as http://test-ipv6.com/simple_test.html which tests for IPv6 connectivity.
Lastly, we check if other PCs in the network are detecting the newly created IPv6 gateway. In my case I have a linux host. Running ifconfig, we see:
eth0 Link encap:Ethernet HWaddr 5c:26:0a:15:77:2f
inet addr:192.168.1.18 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: 2001:5c0:1519:7900:5e26:aff:fe15:772f/64 Scope:Global
inet6 addr: fe80::5e26:aff:fe15:772f/64 Scope:Link
inet6 addr: 2001:5c0:1519:7900:b12f:7c01:32de:7e21/64 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:10931 errors:0 dropped:0 overruns:0 frame:0
TX packets:12669 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:5499387 (5.4 MB) TX bytes:2356845 (2.3 MB)
Note the 3 IPv6 addresses that are seen on the interface, similar to the windows machine. There are two global IPv6 addresses and one link local address.
The next post will delve a bit deeper and explore questions such as how clients in the network were provisioned with IPv6 addresses automagically – that is to say, without the need of any IPv6 DHCP servers, and how IPv6 traffic looks like over the network