Network Configuration—IPv6 with FreeBSD

0
1885
6 min read

Several methods were introduced to reduce the usage of IP addresses in the internet including:

  • Classless Interdomain Routing (CIDR): This introduced the death of classful addressing (for example Class A, B, C) by a new subnetting method which is not limited, unlike the classful method.
  • Network Address Translation (NAT): Using NAT you do not need to use public IP addresses on your internal hosts.

Using CIDR subnets and NAT only helped IPv4 to live a few years longer, but was not the ultimate cure to the problem. Besides the addressing issues, there were other problems with IPv4 which could not be easily solved. These issues include the following:

  • The size of internet routing tables was growing rapidly and this forced backbone providers to upgrade their networking gears.
  • The IPv4 was very inefficient for high throughput links and did not support QoS by nature.

Back in the early 90s, IETF had started a workgroup to solve the deficiencies of the IP protocol. In 1995, the IETF published the initial drafts of IPv6 as the next generation IP. Since then, the protocol has matured enormously and been implemented in many operating systems.

IPv6 Facts

If you are not familiar with IPv6, here is a very quick look at the difference between IPv4 and IPv6. (For a more detailed insight into IPv6 and its configuration in various operating systems, it is recommended that you read Running IPv6 book by Iljitsch van Beijnum).


Fact One—Addressing

Addressing in IPv6 is quite different from legacy IPv4 addresses. IPv6 uses 128-bit address space unlike the 32-bit addressing system in IPv4. A typical IPv6 address would look like—2002:a00:1:5353:20a:95ff:fef5:246e

Fact Two—Address Types

There are 4 types of addresses in IPv6:

  • Unicast: A typical IPv6 address you use on a host.
  • Multicast: Addresses that start with ff:: are equivalent to IPv4 multicast.
  • Anycast: A typical IPv6 address that is used on a router.
  • Reserved: Includes loopback, link-local, site-local, and so on.

Fact Three—ARP

There is no ARP! MAC to IP mapping is no longer needed as MAC addresses are embedded into IPv6 addresses. Instead, ND is born. ND is used to auto-configure addresses on hosts, duplicated detection, and so on.

Fact Four—Interface Configuration

If you are new to IPv6, you will be shocked to see an IPv6 address, telling yourself that you are in trouble assigning addresses to interfaces or remembering the addresses. However, it is not all that hard. In most cases, you can have your host autoconfigure IPv6 address on its interfaces. Typically, you should set this up only on your network gateway (router) manually.

Using IPv6

Running FreeBSD 7, the kernel is already IPv6 enabled. However, you should manually enable IPv6 in the UserLand, by adding the following line to the /etc/rc.conf configuration file:

ipv6_enable="YES"

And manually start the appropriate rc script (or reboot the system) for the changes to take effect:

# /etc/rc.d/network_ipv6 start

This will enable IPv6 on all interfaces that are IPv6 capable. This behavior is changed by modifying the following variable in the /etc/rc.conf file:

ipv6_network_interfaces="fxp0 bge0"

This will enable IPv6 support on specified interfaces. The default value for this variable is auto.

Once you enable IPv6, interfaces will discover the IPv6 enabled routers on the network and build their own IPv6 addresses based on the network prefix they receive from the router.

Configuring Interfaces

In a typical scenario, IPv6 network stack will automatically look for an IPv6 enabled router on the same network for each interface and try to automatically configure the IPv6 address on the interface.

The following is an example of an automatically configured interface(replace the $ with %):

# ifconfig ed0
ed0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric
0 mtu 1500
ether 00:1c:42:8d:5d:bf
inet6 fe80::21c:42ff:fe8d:5dbf$ed0 prefixlen 64 scopeid 0x1
inet 192.168.0.225 netmask 0xffffff00 broadcast 192.168.0.255
inet6 2a01:3c8::21c:42ff:fe8d:5dbf prefixlen 64 autoconf
media: Ethernet autoselect (10baseT/UTP)

Beside the IPv4 address, there are two IPv6 addresses on the interface. One address begins with fe80:: and identified with the scopeid 0x1 tag, which is called a link-local address. Another address begins with 2a01:3c8::, which is the unicast address of this interface.

The unicast address prefix is obtained from the IPv6 router on the network. The whole address is created using the 64 bits Extended Unique Identifier (EUI-64) algorithm, which consists of the hosts MAC address with some minor modifications.

The link-local address (that is from the reserved address pool) always starts with fe80:: and is used for local network usage. This can be compared with RFC1819 private addresses that are suitable for local use. The network stack will automatically assign a link-local address to each IPv6 enabled interface, regardless whether an IPv6 router is discovered on the network. This means that in a scenario of a home network or a lab network, you do not need to run an IPv6 router or have a valid IPv6 prefix in order to establish an IPv6 network. All the hosts will be automatically provisioned with a link-local address, so they can exchange IPv6 traffic.

The network discovery protocol (NDP) helps the host find the router on the network and then create a unicast address for the interface. NDP is known as the equivalent to ARP protocol in IPv6. The ndp(8) utility is used to control the behavior of this protocol:

# ndp -a
Neighbor Linklayer Address Netif Expire S Flags
2a01:3c8:: 0:16:cb:98:d4:bf ed0 20s R R
2a01:3c8::21c:42ff:fe8d:5dbf 0:1c:42:8d:5d:bf ed0 permanent R
fe80::216:cbff:fe98:d4bf$ed0 0:16:cb:98:d4:bf ed0 23h58m48s S R
fe80::21c:42ff:fe8d:5dbf$ed0 0:1c:42:8d:5d:bf ed0 permanent R
fe80::1%lo0 (incomplete) lo0 permanent R

The above example shows the discovered IPv6 hosts(replace the $ with %). The ed0 interface is connected to an IPv6 enabled network and receives a valid prefix via a router (the first entry of the list). The second entry is the unicast address of the ed0. The third and the fourth entries are link-local address for the router and our host. And the last entry belongs to the local host.

As you have seen so far, there are some special (reserved) IPv6 addresses. The following table shows a list of reserved addresses:

 

Address

Name

Description

::

Unspecified

Equivalent to 0.0.0.0 in Pv4

::1

Loopback address

Equivalent to 127.0.0.1 in IPv4

fe80::

Link-local

fec0::

Site-local

ff00::

Multicast

 

In case you want to configure the static IPv6 address on an interface, it can be done as in a typical IPv4 scenario:

# ifconfig vr0 inet6 2a01:3c8::21c:42ff:dead:beef prefixlen 64

This will manually configure an IP address on the specified interface. Note the prefixlen keyword that is equivalent to subnet mask in IPv4.

LEAVE A REPLY

Please enter your comment!
Please enter your name here