Research e-Labs

A few folk here at SSC recently decided to set up a IPv6 network. As most will know, global IPv4 addresses are running out and IPv6 introduces a far larger address space. What follows is a diary or log entry style format showing my progress and thought patterns.

A global IP address is needed for anyone who wants make a web server or any other service available on the internet. The predictions are that the world will run out of IPv4 addresses in about four years (given current consumption). IPv6 introduces a far larger address space, a different syntax or way the addresses are constructed, simplified routing and adds increased security. Our goal is to set up a small isolated IPv6 network, then to connect this to the internet and test what works and what doesn’t.

In part one I attempt setting up the isolated network with various operating systems, wireless and DNS, then testing a few applications.

Phase 1: Create a self-contained simple IPv6 network

Step one: Equipment

• Recently vacated desktop (P4) - installed Debian 4 dual booted with Windows XP
• D-Link DI-524 wireless router
• OS X Leopard Macbook (built-in wi-fi)

Step two: Network this equipment together

I created a network with the Linux box connected to a D-Link DI-524 wireless router. The Mac laptop is connected to the wireless router via wireless
Linux box <……cable…..> D-Link router <- - - - wireless - - - -> Mac laptop

I statically set IPs to Linux box at 192.168.0.2 and Mac laptop at 192.168.0.3, D-Link router is 192.168.0.1. Time to check if pings work:
Linux box from Mac - success
Mac from Linux box - success

Step three: See what works IPv6-wise straight off

Try IPv6 pings:

(localhost address in IPv6) on Mac - success

on Linux box - success

So far so good!

Ran ifconfig on Linux box to check what IPv6 address the ethernet device had - fe80::208:2ff:fefb:30db so I tried pinging that - failed (unknown host)
Ran ipconfig on Mac to check what IPv6 address the wireless device had - fe80::21b:63ff:fe04:7cf1 so I tried pinging that - failed (No route to host)
tried cross-pinging - failed again

Time to look up configuring IPv6 on debian. I came accross http://people.debian.org/~csmall/ipv6/setup.html and found I might need to add this to /etc/network/interfaces:

this didn’t seem to do much

Unfortunately via Google I found out the D-Link (Firmware version V2.03 dated Fri, Dec 09 2005) doesn’t really do IPv6 so we’ll continue on anyway and see how far we get.

I then tried adding IPv6 to /etc/modules on Linux box.

Aha! help from http://lists.debian.org/debian-ipv6/2005/06/msg00051.html suggests the real way to use ping6 (on Linux box ping itself):

- success

now to try pinging the Mac from the Linux box:

- well well, success - and with ping times that suggest it is actually working. Realised I don’t actually need the “iface eth0 inet6 static” section in /etc/network/interfaces on the Linux box because it works automatically without it

on the Mac ping itself:

- success

ping the Linux box from the Mac

- success

I am assuming this is not a true IPv6 network as the router is still only talking IPv4 so all packets that are passing the router are IPv4 and in the case of IPv6 pinging, we have IPv6 encapsulated in IPv4?

Step four: Test applications

SSH

Installed sshd on the Linux box and tried connecting from the Mac
Normal IPv4:

- success (it asks me for a password)
Now IPv6:

- failed (No route to host)
hmmm trying the ssh man page… maybe we need to force IPv6 addresses with -6:

- failed (No route to host)
just checked

and that still works

At this point I decided to replace the dlink router with an apple airport express/basic 4 port switch to see if that was any better for IPv6. Unfortunately not the configuration mentions nothing of IPv6.

Due to the lack of IPv6 support in the wireless routers, I’m going to do away with the wireless side for now and just use a small 5 port switch to connect the Linux box and Mac together - I’ll get the Linux box to do DNS IPv6 style in the future.
First configure Linux box and Mac to work normally over IPv4 - modified the Linux box /etc/network/interfaces to say:

And set the ethernet port on the Mac to 192.168.0.2 subnet mask 255.255.255.0
The Mac now as IPv6 address of fe80::217:f2ff:fede:83e8, Linux box is same as before

IPv4 and IPv6 pings to the respective address local and between each other work fine.

Now we have IPv6 connectivity established, lets put Windows into the picture. Connected up a Windows Vista laptop and ran:

- told me it had an IPv6 address of fe80::2953:ea4:d099:a29c

Pinging from the Vista laptop:

- success pinging the Linux box

- success pinging the Mac box

Try pinging the Vista laptop from the Linux box and from the Mac laptop - this failed. I went into Control Pannel/Network and Sharing Center and turned on Network discovery and File sharing. Now pinging the Vista laptop from the other from the Linux box and the Mac works.

Web broswing

Now to try web-browsing to the Linux box (which has apache running) using its IPv6 address.

I tried this firefox on the Linux box itself http://[::1]/ - success.
I then tried http://[fe80::208:2ff:fefb:30db] - failed (it didn’t even attempt to find the page)
Tried this on the Mac laptop on both Firefox and Safari http://[fe80::208:2ff:fefb:30db] - failed (Unable to connect message)
Tried this on the Vista laptop - http://[fe80::208:2ff:fefb:30db] - success!

So I need to figure out why I can’t goto the Linux box’s IPv6 IP on the Linux box or Mac. I downloaded opera for the Mac and still no luck browsing the the IPv6 address of the Linux box. It seems this might be an OS thing which is strange because I can ping these addresses, but not web-browse to them.

I edited /etc/hosts on the Mac and added the line:

Then tried web-browsing to linuxboxv6 - failed
Tried

- failed
changed the line in the hosts file to:

Now web browsing and ping6′ing linuxboxv6 (from the Mac) - success!
So that means on the Mac even though I can’t web-browse to the IPv6 IP address, I can put the IP address into the hosts file as above (must append %interface_name - en0 or whatever) and specify a name then web-browse or ping6 that name.

Lets try applying the same concept to the Linux box.
Added this line to /etc/hosts

- failed

And on the Vista laptop changing c:\windows\system32\drivers\etc\hosts

- failed

Time to try setting up an ipv6 DNS server on the Linux box. From this article http://www.linuxjournal.com/node/6541/print it looks like BIND9/named is the way to go.

Spent a lot of time trying to configure BIND9 to map names to the v6 addresses. Followed various tutorials on the net with not much understanding or luck.

Decided to get BIND9 to map names to the v4 addresses of the machines then try adding in v6 BIND stuff. I roughly followed this guide for the ipv4 DNS server setup http://www.ubuntugeek.com/dns-server-setup-using-bind-in-ubuntu.html

I have the DNS setup like this (A records):

and told all machines that their dns IPv4 server is 192.168.0.1 - success (can ping the IPv4 names as per above from/to all three machines)

Now I add the following (AAAA or quad-A records):

I told all machines that their dns ipv6 server is fe80::208:2ff:fefb:30db - success (can ping the xxxxv6 names as per above from/to all three machines)

Lets try web browsing using the IPv4 and IPv6 names to connect the apache server on the Linux box:
http://debianv4 on the Mac - success
http://debianv6 on the Mac - success
http://debianv4 on the Linux box - success
http://debianv6 on the Linux box - success
http://debianv4 on the Vista laptop - success
http://debianv6 on the Vista laptop - failed - hmmmm! - I’m reading http://technet.microsoft.com/en-us/library/bb727035.aspx to see if that explains anything

Now I want to try the configure BIND on the Linux box to advertise itself as a IPv6 DNS server - so I don’t have to manually put in fe80::208:2ff:fefb:30db as the DNS IPv6 server to every machine on the network.

http://people.debian.org/~csmall/ipv6/setup.html appears to suggest radvd for router advertising.

Installed radvd on the Linux box and spent lots of time reading about how it might work.

Based on http://dufo.tugraz.at/~prokop/ipv6/ipv6-linux-routing.pdf
I edited the /etc/radvd.conf file to contain:

and restarted radvd.

I removed the DNS server fe80::208:2ff:fefb:30db from the Vista laptop’s IPv6 network config, then disabled/re-enabled the network interface, then I checked network connection details and good news:

• I saw a Property called Site-local IPv6 Address fec0::1:2953:ea4:d099:a29c%1 appear
• the IPv6 Default Gateway had been automatically picked up as fe80::208:2ff:fefb:30db

Unfortunately it says the IPv6 DNS Servers are fec0:0:0:ffff::1%1, fec0:0:0:ffff::2%1 and fec0:0:0:ffff::3%1 - was hoping it would say fe80::208:2ff:fefb:30db

So it looks like radvd has done gateway advertisement and prefix advertisement but not advertised the DNS.

Summary

We have covered the equipment used, experimenting with wireless, setting up a stand-alone network with IPv4 and IPv6 capabilities and using a Linux box to perform DNS.

Issue encountered so far:

• Network not wireless capable due to lack of support from tested wireless routers
• Can’t web-browse to IPv6 IPs on Mac or Linux box
• Can’t web-browse to IPv6 DNS name on Vista laptop
• DNS clients not automatically picking up IPv6 DNS server address

My next steps are to search out how IPv6 tunnels work and do some further digging around on the above issues. Stay tuned for part two!

(26 votes, average: 2.85 out of 5)

Tags: ipv4, ipv6

This entry was posted on Friday, May 30th, 2008 at 4:54 pm under Developer Resources, Exploration Diary, Standards & Compliance. You can leave a response, or trackback from your site.