Enabling IPv6 ------------- Remember IPv6 is 128 bits: 340.282.366.920.938.463.463.374.607.431.768.211.456 unique values For this workshop, we use a Unique Local Address ( fc00::/7 ) (RFC4193) We have registered: the prefix fdba:dc55:48c7::/48 In full notation: fdba:dc55:48c7:0000:0000:0000:0000:0000 prefixlen 48 /48 is what is given to each customer in an ISP environment. Normally, LANs are 64 bits in size (18446744073709551616 IPs), so this leaves 16 bits - in total, 65536 LANs! Note: We may also have a "real" routable prefix, which will be given in class. I. Manual configuration ----------------------- Manually, we will use the following addressing scheme: fdba:dc55:48c7:0000:0000:0000:00xx:000y/64 (LANs are 64 bit in IPv6) |<- prefix ->||site||<----- LAN ------>| ... where xx = your group number, and y is your host IP (i.e.: 1) For example, for Group 25, this will be: group IP vv vv fdba:dc55:48c7:0000:0000:0000:0025:0001/64 (LANs are 64 bit in IPv6) |<- prefix ->||site||<----- LAN ------>| Or, in short notation (consecutive 0's can be expressed as ::) fdba:dc55:48c7::25:1 prefixlen 64 (LAN 1. On AUTH1, edit /etc/rc.conf, and add ipv6_ifconfig_eth0="fdba:dc55:48c7::XX:YY/64" Save the file & exit, and run the ip6addrctl script, which sets a source address selection policy: # service ip6addrctl start Run ip6addrctl and look at the output. # ip6addrctl 2. Start IPv6: Normally, to configure IPv6, we would need to restart the networking configuration, like this - BUT DON'T DO IT! # service netif start # service routing start ... if you do this now, you will lose connection to your machine! So instead, let's do it manually: # ifconfig eth0 inet6 fdba:dc55:48c7::XX:YY/64 3. Check your interface: # ifconfig eth0 inet6 -> do you see an IPv6 address starting with fdba:... ? 4. Repeat steps 1 - 3 above for: - auth2.grpX - resolv.grpX 5. Check that the 3 hosts can ping each other: # ping6 fdba:dc55:48c7::XX:YY (where XX = group number, YY = IP of host) 6. Can you ping the gateway ? # ping6 fdba:dc55:48c7::0000:254 7. What is another way to express: fdba:dc55:48c7::0000:254 ? II. Auto configuration with RA/RS --------------------------------- 1. On AUTH1, edit /etc/rc.conf, and add ipv6_activate_all_interfaces="YES" Save and exit, and re-run the ipv6addrctl configuration: # service ip6addrctl start 2. Force an IPv6 sollicitaion # rtsol -F eth0 3. Check your IP configuration # ifconfig eth0 inet6 -> You should now see an additional IPv6 address starting with fdba:... Try and ask other participants in the class to ping your autoconfigured IPv6 address. 4. If you see another prefix than fdba:dc55:... When you run "ifconfig eth0 inet", do you see another prefix than fdba:dc55:, then it is probable that you have a routable IPv6 prefix configured as well! Test ipv6 connectivity to the Internet like this: # dig +short @10.20.0.254 ipv6.google.com AAAA Try and ping the IPv6 address returned by dig: # pin6 2404:6800:8005::67 Try and use the "mtr" command to see the path: # mtr -6 2404:6800:8005::67 ... BE AWARE that your machine is now connected, without filtering, to the IPv6 Internet!