IPv6 & Linux - HowTo - Part 6
Version: 3.25a from 2005-04-03
(P) & (C) 1997-2005 by Peter Bieringer <pb@bieringer.de>, see copyright notice for more
details
Original site of publishing: http://www.bieringer.de/linux/IPv6/;
suggestions, comments and improvements are welcome!
Important Changes, Testing & Network Troubleshooting, Q&As
Contents
Other important changes
IPv4 forwarding
For using IP forwarding (routing from one interface to another), you
have to switch on this option in the kernel
- Append for IPv4 routing: echo 1 >
/proc/sys/net/ipv4/ip_forward (/proc/sys/net/ipv4/ip_forwarding
in older kernel versions)
- E.g. at /etc/sysconfig/network-scripts/ifup-routes
- On newer RedHat systems: edit /etc/sysctl.conf
/etc/protocols
Append new lines with IPv6 protocol numbers , if not exist:
- ipv6 41
IPv6 # IPv6
- ipv6-route 43 IPv6-Route # Routing Header for IPv6
- ipv6-frag 44 IPv6-Frag # Fragment Header for
IPv6
- ipv6-crypt 50 IPv6-Crypt # Encryption Header for IPv6
- ipv6-auth 51 IPv6-Auth # Authentication Header
for IPv6
- ipv6-icmp 58 IPv6-ICMP icmpv6 icmp6
# ICMP for IPv6
- ipv6-nonxt 59 IPv6-NoNxt # No Next Header for IPv6
- ipv6-opts 60 IPv6-Opts # Destination Options
for IPv6
/etc/hosts
Append new lines with special IPv6 addresses, if not exist:
- ::1 ip6-localhost ip6-loopback
- fe00::0 ip6-localnet
- ff00::0 ip6-mcastprefix
- ff02::1 ip6-allnodes
- ff02::2 ip6-allrouters
Testing & network Troubleshooting
- Make a reboot
- Look for correct interface configuration:
- ifconfig
- Here you should see IPv6 addresses, too.
- If not, perhaps you compiled IPv6 as module, so do
not
forget to
- Test: lsmod | grep -i ipvg
- edit your /etc/conf.modules (or /etc/modules.conf)
- Add a line: alias net-pf-10 ipv6
- Load module immediately: modprobe ipv6
- If module is loaded and no IPv6 addresses are displayed (the
link local address must be shown without any configuration!):
- Perhaps your used set of net-tools is not the one you've
compiled for using with IPv6 (perhaps you forgot a "make install"...)
- Look for correct IPv6 routing tables:
- route -A inet6
- If you get an error, you're using the old only IPv4 ready
net-tools set, see ifconfig section for details
- Test primitive socket operation (if ping6 has SUID bit
not set, you can only use it as root):
- Loopback address:
- Link local address:
- e.g.: ping6 fe80::2e0:18ff:fe90:9205
- On 2.4.x kernels, you will mostly get an error message like "connect:
Invalid argument". In this case you have to specify the
interface, too, like:
- ping6 -I eth0 fe80::2e0:18ff:fe90:9205
- Other addresses:
- If you have problems, look at your interfaces:
- tcpdump -i {interface} -t -e
Now you can see the link-layer addresses, packet types {ipv6|ip|arp}and
{host addresses | resolved hostnames}
If tcpdump won't work and you compiled Paket Socket
as module, do not forget to
- Edit your /etc/conf.modules
Add a line: alias net-pf-17 af_packet
- Load module immediately: modprobe af_packet
- For decoding all of the IPv6 information contained in an IPv6
packet (e.g. autoconfiguration packets), you can also use
- tcpdump [-i interface] -vv -s 512
- If you have created IPv6 DNS files you can query the information
with: nslookup
>set querytype=ANY
>hostname
- Using BIND9 (client utilities), you can also use
- host -n IPv6-address for ip6.int.
reverse lookup tests
- If name resolution works (by DNS or /etc/hosts)
you can test this for IPv4:
- And now for IPv6:
- Start the Router ADVertisement Daemon on one host and
look at the others with radvdump for incoming router
advertisements
- Try now some external addresses:
Protocol / Application |
Full Qualified Domain Name (FQDN) |
FTP, traceroute, ping |
ftp.ipv6.uni-muenster.de |
WWW |
www.ipv6.uni-muenster.de |
Questions & answers
See first Linux+IPv6-HOWTO
[LDP] | Linux+IPv6-HOWTO
[DS6]
Basic commands - how they are used?
What command to use to
- assign a static IPv6 address to an interface:
- Abstract: ifconfig ipv6 add $device $ipv6address/$prefixlength
- Example: ifconfig ipv6 add eth0 fec0::1/64
- assign a default gateway for IPv6 traffic
- default routes are not really supported by vanilla kernels, so
use the Aggregatable Global Unicast prefix as default
- Abstract: route -A inet6 add 2000::/3 gw $addressgw
dev $devicegw
- Example: route -A inet6 add 2000::/3 gw
3ffe:ffff:1234:5678::1 dev eth0
For others, manual pages or digging in the scripts are your friend....
Cannot ping
If you got the error "ping: icmp6: unknown protocol", look in /etc/protocols for
specific changes
Because of some definition changes (old inet6-apps, new net-tools),
the ping utility included in inet6-apps uses an old one which is not
contained in newer /etc/protocol files. Solution: add alias
name like shown on this page.
"connect: Invalid argument": kernel 2.4.x in use, you have to
specify also the interface, see upper shown hints
"ping: icmp open socket: Operation not permitted": you are
not
root and ping6 has SUID bit not set. ICMP sockets are only allowed to
root
for opening.
Cannot connect to services using
link local addresses
If you have successfully tested ping6 using scoped link-local
addresses, it's possible that you want to use this addresses also for
connections
to TCP services.
Unfortunately this mostly won't work because you cannot set the scope
for this address using client programs.
Solution: add site-local addresses to your interfaces and use them
instead of link-local ones.
I want to setup an IPv6-only host
Using current Linux kernels it's not possible to build IPv4 as module.
Therefore IPv4 is always present. But you can switch it off if you
setup a special address on the device, e.g.
ifconfig eth0 0.0.0.0.
IPv4 connections are no longer possible afterwards, so be carefully,
especially for DNS configuration.
Where can I get a
IPv6 address?
How do they look or more specifically what do the colons mean?
I've got the programs compiled and setup but I'm not sure where to
start next.
- On startup each interface is assigned a so called link-local
address, which is automatic generated from the interface identifier
(i.e. Ethernet MAC) and the prefix is fe80
- Example: fe80::2c0:6cff:fe00:f043
- With this addresses, you can send packets from each interface
to another on the link. But not through routers, because it is link-local.
- At IPv6 you can assign more than one address to each interface.
so if you want to test/use routing, feel free to take site-local
addresses. They are starting with fec0.
- Example: fec0:0:0:1:2c0:6cff:fe00:f043
- Now you have an interface identifier (64 bits) and a network
specifier (i.e. 16 bits). So you can route packets with address prefix fec0:0:0:1::/64
to a specific interface
- Both types of addresses mentioned above won't be routable into
the IPv6-Internet (called 6bone).
In this case you need a aggregatable-global-unicast address and
also a connection to the 6bone.
- If your ISP provides you already an IPv6 uplink
- You will get a prefix from it
- If not, you need a so called IPv6-in-IPv4-tunnel
- See also IPv6-HOWTO-1.html#joinIPv6backbone
- Therefore you need two tunnelpoints, one at your site and
one connected to the 6bone.
- To request for a tunnel, it's a good way to look at the 6bone-hookup-Page
or send an e-mail to the 6bone-maillist
with a short description of your location on earth and your IPv4
Internet
connection
- It's better to create a tunnel to a point with a good
connection, than to a point locally close to you with a worse
connection.
- Normally, someone will create a tunnel to you
- From this one, you will get your prefix
Additional information: draft-ietf-ipngwg-addr-arch-v2-xx.txt (xx
= latest version), will be found at ftp://ds.internic.net/internet-drafts/
How much time will I need to set up one IPv6
host?
- Depends on your CPU power, because much code to compile
- In your network experience
- Downloading time
Here are some values:
What |
Estimated Time [hour] |
Linux distribution |
~ 1 to 2 |
Decompressing, compiling & installation of all the
necessary code |
~ 3 to 4 |
Setup scripts and configuration files |
~ 1 |
Testing of link-local |
~ 0.5 |
Testing of site-local |
~ 0.5 |
Creating and testing of a tunnel |
~ 1 |
Set up configuration and testing DNS |
~ 1- 2 |
Set up configuration and testing RAdvD |
~ 1 |
If you have to set up several hosts, which are nearly equal in hard
disk space, you can install the complete system at one host and copy
this complete (all directories) afterwards by NFS to all
the other ones or directly direct disk-to-disk. Don't forget to install
the bootloader in the right way...
How to get the version number of used libc?
Several possibilities:
- If using a Linux distribution based on RedHat packages:
- If using a Linux distribution based on tar.gz packages:
- find /lib -name libc.* -type l -ls
What are the minimal hardware
specifications for an IPv6 host?
Depends on your time and money budget :-)
I'm controlling four hosts at the moment:
An always connected tunnel endpoint |
P-100 / 64 MByte / 1 GByte |
My primary host at home |
PII-350 / 64 MByte / 6 GByte |
My dial on demand router |
P-133 / 64 MByte / 1 GByte |
My small client |
486 DX-66 / 16 MByte / 500 MByte |
On all hosts I get no problems running IPv6, only the 486's need much
time compiling a new kernel version.
Therefore I prefer following requirements:
CPU |
>= 486 DX-33 (slow kernel compiling time: ~ 3 - 4
hours)
>= P-133 (faster kernel compiling ~ 20 min, better for kernel
turnarounds) |
Main memory |
>= 16 MByte (lower increases permanently swapping...) |
Hard disk space |
>= 200 MByte (depends on your distribution, too, 1 GByte
should be enough for a maximum system) |
Graphic adaptor |
>= 512 kByte VGA |
Network interface card |
NE 2000 clone or a better one (must be supported by Linux) |
SuSE Linux specific
- Enable IPv6 resolver
- /etc/nsswitch.conf
-
hosts: files dns
-
networks: files dns
+
hosts: files dns6
+
networks: files dns6
Your connection is via:
IPv4
Your address: 18.97.14.87
|
www.bieringer.de is maintained by webmaster at bieringer dot de
(Impressum)
|
|
|