elemental.org now live on IPv6

This week, I worked with my colo provider and was allotted use of 2607:f308:7::/48 – 80 bits of IPv6 address space totaling 1,208,925,819,614,629,174,706,176 IPv6 addresses to call my own. That’s one septillion, two hundred eight sextillion, nine hundred twenty-five quintillion, eight hundred nineteen quadrillion, six hundred fourteen trillion, six hundred twenty-nine billion, one hundred seventy-four million, seven hundred six thousand, one hundred seventy-six addresses. I hope ARIN doesn’t demand proof that I use them all.

I’ve assigned daleghent.com the address of 2607:f308:7::aa as you can see here:

[daleg@xenon]~$ host -t aaaa daleghent.com
daleghent.com has IPv6 address 2607:f308:7::aa

Setting this up on my server was a cinch. First, I configured my igb0 interface to have a link-local address. This unicast address lives in the v6 link-local reserved space of fe80::/10 and is in the EUI-64 format, using the MAC address of the physical igb0 interface:

[daleg@xenon]~$ sudo ipadm create-addr -T addrconf igb0/v6a
[daleg@xenon]~$ ipadm show-addr igb0/v6a
ADDROBJ           TYPE     STATE        ADDR
igb0/v6a          addrconf ok           fe80::ec4:7aff:fe09:b5f2/10

You can see how the MAC address is used to create the EUI-64 address:

[daleg@xenon]~$ dladm show-phys -m igb0
LINK         SLOT     ADDRESS            INUSE CLIENT
igb0         primary  c:c4:7a:9:b5:f2    yes  igb0

Once set up, the NDP daemon (in.ndpd) went to work, emitting Neighbor Discovery packets on this interface at regular intervals. Once my colo provider brought their side up with the IPv6 configuration, their link-local and mine discovered each other, and my IPv6 default route was auto-magically set up for me:

[daleg@xenon]~$ netstat -rn -f inet6

Routing Table: IPv6
  Destination/Mask            Gateway                   Flags Ref   Use    If
--------------------------- --------------------------- ----- --- ------- -----
::1                         ::1                         UH     20  660106 lo0
2607:f308:7::/48                --                      U       2       0 igb0
2607:f308:7::/48            2607:f308:7::aa             U       2       0 igb0
2607:f308:7::/48            2607:f308:7::2              U       2       0 igb0
fe80::/10                   fe80::ec4:7aff:fe09:b5f2    U       3   52838 igb0
default                     fe80::218:74ff:fee0:b8c0    UG      5  568839 igb0

Above, fe80::218:74ff:fee0:b8c0 is the local-link address of the router I’m connected to. Packets to and from my two local addresses of 2607:f308:7::2 and 2607:f308:7::aa need only work through my link-local connection to reach the world.

[daleg@xenon]~$ sudo ipadm create-addr -T static -a 2607:f308:7::2/48 igb0/v6s
[daleg@xenon]~$ sudo ipadm create-addr -T static -a 2607:f308:7::aa/48 igb0/aa
[daleg@xenon]~$ ipadm show-addr
ADDROBJ           TYPE     STATE        ADDR
lo0/v6            static   ok           ::1/128
igb0/v6a          addrconf ok           fe80::ec4:7aff:fe09:b5f2/10
igb0/v6s          static   ok           2607:f308:7::2/48
igb0/aa           static   ok           2607:f308:7::aa/48

Also ensure that the ipnodes line in /etc/nsswitch.conf knows how to use DNS:

[daleg@xenon]~$ grep ipnodes /etc/nsswitch.conf
ipnodes: files dns

That’s all there is to it.

Traceroute to me using IPv6

Eventually, I will enable IPv6 for all sites and services I host. I don’t think it’ll be hard at all.

Twenty one years ago in December 1995, the IETF ratified RFC 1883 which represented the culmination of years of research under IPNG-WG and codified Internet Protocol version 6, better-known as IPv6. Here in 2017, one can finally get the sense that IPv6 address usage is becoming a serious implementation topic. Entire cell phone networks are deployed using it now, however we continue to see hit-and-miss implementation on the larger Internet sites and the predominate North American ISPs such a Verizon and others. Comcast/TWC is a stand-out here, having assigned IPv6 addresses to its subscribers for a number of years. Google is an example of a provider of a large amount of services which all implement IPv6, however most don’t realize this and there aren’t any Google products of note which are available only via IPv6.

My personal prediction is that the next 3-5 years will see a sudden avalanche of v6 adoption on the service provider and ISP front. People have had enough time to experiment with it, and finger-in-the-air indications seem to favor future apps and protocols built exclusively around v6. IPv6 is also approaching a quarter of a century of existence, so basic infrastructure now groks it (the old “our routers don’t support it” excuse is a bit of unbelievable these days.) Once people finally have understood the protocol, how it is different and is in many cases superior to v4 from a performance perspective, being a part of the v6 network will hopefully become a strategic rather than just an operational imperative.

The key is to not focus on the “v4 will be depleted soon!” doomsday predictions which come and go and everyone pretty much ignores; but rather to focus on its more in-built advantages. Make people want to use it rather than trying to scare them into it.

Leave a Reply

Your email address will not be published. Required fields are marked *