IPv6 & Linux - HowTo - Part 6
Version: 3.23f from 2002-04-20
(P) & (C) 1997-2002 by Peter Bieringer <[email protected]>,
see copyright notice for
more details
Original site of publishing: http://www.bieringer.de/linux/IPv6/;
suggestions, comments and improvements are welcome!
Important Changes, Testing & Network Troubleshooting, Q&As
Contents
Other important changes
IPv4 forwarding
For using IP forwarding (routing from one interface to another), you have
to switch on this option in the kernel
-
Append for IPv4 routing: echo 1 > /proc/sys/net/ipv4/ip_forward
(/proc/sys/net/ipv4/ip_forwarding in older kernel versions)
-
E.g. at /etc/sysconfig/network-scripts/ifup-routes
-
On newer RedHat systems: edit /etc/sysctl.conf
/etc/protocols
Append new lines with IPv6 protocol numbers , if not exist:
-
ipv6 41 IPv6
# IPv6
-
ipv6-route 43 IPv6-Route # Routing Header for IPv6
-
ipv6-frag 44 IPv6-Frag # Fragment Header for IPv6
-
ipv6-crypt 50 IPv6-Crypt # Encryption Header for IPv6
-
ipv6-auth 51 IPv6-Auth # Authentication Header for IPv6
-
ipv6-icmp 58 IPv6-ICMP icmpv6 icmp6 # ICMP
for IPv6
-
ipv6-nonxt 59 IPv6-NoNxt # No Next Header for IPv6
-
ipv6-opts 60 IPv6-Opts # Destination Options for IPv6
/etc/hosts
Append new lines with special IPv6 addresses, if not exist:
-
::1 ip6-localhost ip6-loopback
-
fe00::0 ip6-localnet
-
ff00::0 ip6-mcastprefix
-
ff02::1 ip6-allnodes
-
ff02::2 ip6-allrouters
-
ff02::3 ip6-allhosts
Testing & network Troubleshooting
-
Make a reboot
-
Look for correct interface configuration:
-
ifconfig
-
Here you should see IPv6 addresses, too.
-
If not, perhaps you compiled IPv6 as module, so do not forget to
-
Test: lsmod | grep -i ipvg
-
edit your /etc/conf.modules (or /etc/modules.conf)
-
Add a line: alias net-pf-10 ipv6
-
Load module immediately: modprobe ipv6
-
If module is loaded and no IPv6 addresses are displayed (the link local
address must be shown without any configuration!):
-
Perhaps your used set of net-tools is not the one you've compiled for using
with IPv6 (perhaps you forgot a "make install"...)
-
Look for correct IPv6 routing tables:
-
route -A inet6
-
If you get an error, you're using the old only IPv4 ready net-tools set,
see ifconfig section for details
-
Test primitive socket operation (if ping6 has SUID bit not set, you
can only use it as root):
-
Loopback address:
-
Link local address:
-
e.g.: ping6 fe80::2e0:18ff:fe90:9205
-
On 2.4.x kernels, you will mostly get an error message like "connect:
Invalid argument". In this case you have to specify the interface,
too, like:
-
ping6 -I eth0 fe80::2e0:18ff:fe90:9205
-
Other addresses:
-
If you have problems, look at your interfaces:
-
tcpdump -i {interface} -t -e
Now you can see the link-layer addresses, packet types {ipv6|ip|arp}and
{host addresses | resolved hostnames}
If tcpdump won't work and you compiled Paket Socket
as module, do not forget to
-
Edit your /etc/conf.modules
Add a line: alias net-pf-17 af_packet
-
Load module immediately: modprobe af_packet
-
For decoding all of the IPv6 information contained in an IPv6 packet (e.g.
autoconfiguration packets), you can also use
-
tcpdump [-i interface] -vv -s 512
-
If you have created IPv6 DNS files you can query the information with:
nslookup
>set querytype=ANY
>hostname
-
Using BIND9 (client utilities), you can also use
-
host -n IPv6-address for ip6.int. reverse lookup
tests
-
If name resolution works (by DNS or /etc/hosts) you can
test this for IPv4:
-
And now for IPv6:
-
Start the Router ADVertisement Daemon on one host and look at the
others with radvdump for incoming router advertisements
-
Try now some external addresses:
| Protocol / Application |
Full Qualified Domain Name (FQDN) |
| FTP, traceroute, ping |
ftp.ipv6.uni-muenster.de |
| WWW |
www.ipv6.uni-muenster.de |
Questions & answers
See first Linux+IPv6-HOWTO
[LDP] | Linux+IPv6-HOWTO
[mirror] | Linux+IPv6-HOWTO
[local copy]
Basic commands - how they are used?
What command to use to
-
assign a static IPv6 address to an interface:
-
Abstract: ifconfig ipv6 add $device $ipv6address/$prefixlength
-
Example: ifconfig ipv6 add eth0 fec0::1/64
-
assign a default gateway for IPv6 traffic
-
default routes are not really supported by vanilla kernels, so use the
Aggregatable Global Unicast prefix as default
-
Abstract: route -A inet6 add 2000::/3 gw $addressgw dev $devicegw
-
Example: route -A inet6 add 2000::/3 gw 3ffe:ffff:1234:5678::1 dev
eth0
For others, manual pages or digging in the scripts are your friend....
Cannot ping
If you got the error "ping: icmp6: unknown protocol", look in /etc/protocols
for specific changes
Because of some definition changes (old inet6-apps, new net-tools),
the ping utility included in inet6-apps uses an old one which is not contained
in newer /etc/protocol files. Solution: add alias name like shown
on this page.
"connect: Invalid argument": kernel 2.4.x in use, you have to
specify also the interface, see upper shown hints
"ping: icmp open socket: Operation not permitted": you are not
root and ping6 has SUID bit not set. ICMP sockets are only allowed to root
for opening.
Cannot connect to services using link
local addresses
If you have successfully tested ping6 using scoped link-local addresses,
it's possible that you want to use this addresses also for connections
to TCP services.
Unfortunately this mostly won't work because you cannot set the scope
for this address using client programs.
Solution: add site-local addresses to your interfaces and use them instead
of link-local ones.
I want to setup an IPv6-only host
Using current Linux kernels it's not possible to build IPv4 as module.
Therefore IPv4 is always present. But you can switch it off if you setup
a special address on the device, e.g.
ifconfig eth0 0.0.0.0.
IPv4 connections are no longer possible afterwards, so be carefully, especially
for DNS configuration.
Where can I get a IPv6 address?
How do they look or more specifically what do the colons mean? I've
got the programs compiled and setup but I'm not sure where to start next.
-
On startup each interface is assigned a so called link-local address,
which is automatic generated from the interface identifier (i.e. Ethernet
MAC) and the prefix is fe80
-
Example: fe80::2c0:6cff:fe00:f043
-
With this addresses, you can send packets from each interface to another
on the link. But not through routers, because it is link-local.
-
At IPv6 you can assign more than one address to each interface. so if you
want to test/use routing, feel free to take site-local addresses.
They are starting with fec0.
-
Example: fec0:0:0:1:2c0:6cff:fe00:f043
-
Now you have an interface identifier (64 bits) and a network specifier
(i.e. 16 bits). So you can route packets with address prefix fec0:0:0:1::/64
to a specific interface
-
Both types of addresses mentioned above won't be routable into the IPv6-Internet
(called 6bone). In this case
you need a aggregatable-global-unicast address and also a connection
to the 6bone.
-
If your ISP provides you already an IPv6 uplink
-
You will get a prefix from it
-
If not, you need a so called IPv6-in-IPv4-tunnel
-
See also IPv6-HOWTO-1.html#joinIPv6backbone
-
Therefore you need two tunnelpoints, one at your site and one connected
to the 6bone.
-
To request for a tunnel, it's a good way to look at the 6bone-hookup-Page
or send an e-mail to the 6bone-maillist
with a short description of your location on earth and your IPv4 Internet
connection
-
It's better to create a tunnel to a point with a good connection, than
to a point locally close to you with a worse connection.
-
Normally, someone will create a tunnel to you
-
From this one, you will get your prefix
Additional information: draft-ietf-ipngwg-addr-arch-v2-xx.txt (xx
= latest version), will be found at ftp://ds.internic.net/internet-drafts/
How much
time will I need to set up one IPv6 host?
-
Depends on your CPU power, because much code to compile
-
In your network experience
-
Downloading time
Here are some values:
| What |
Estimated Time [hour] |
| Linux distribution |
~ 1 to 2 |
| Decompressing, compiling & installation of all the necessary code |
~ 3 to 4 |
| Setup scripts and configuration files |
~ 1 |
| Testing of link-local |
~ 0.5 |
| Testing of site-local |
~ 0.5 |
| Creating and testing of a tunnel |
~ 1 |
| Set up configuration and testing DNS |
~ 1- 2 |
| Set up configuration and testing RAdvD |
~ 1 |
If you have to set up several hosts, which are nearly equal in hard disk
space, you can install the complete system at one host and copy this complete
(all directories) afterwards by NFS to all the other ones or directly direct
disk-to-disk. Don't forget to install the bootloader in the right way...
How to get the
version number of used libc?
Several possibilities:
-
If using a Linux distribution based on RedHat packages:
-
If using a Linux distribution based on tar.gz packages:
-
find /lib -name libc.* -type l -ls
What are the minimal
hardware specifications for an IPv6 host?
Depends on your time and money budget :-)
I'm controlling four hosts at the moment:
| An always connected tunnel endpoint |
P-100 / 64 MByte / 1 GByte |
| My primary host at home |
PII-350 / 64 MByte / 6 GByte |
| My dial on demand router |
P-133 / 64 MByte / 1 GByte |
| My small client |
486 DX-66 / 16 MByte / 500 MByte |
On all hosts I get no problems running IPv6, only the 486's need much time
compiling a new kernel version.
Therefore I prefer following requirements:
| CPU |
>= 486 DX-33 (slow kernel compiling time: ~ 3 - 4 hours)
>= P-133 (faster kernel compiling ~ 20 min, better for kernel
turnarounds) |
| Main memory |
>= 16 MByte (lower increases permanently swapping...) |
| Hard disk space |
>= 200 MByte (depends on your distribution, too, 1 GByte should be
enough for a maximum system) |
| Graphic adaptor |
>= 512 kByte VGA |
| Network interface card |
NE 2000 clone or a better one (must be supported by Linux) |
SuSE Linux specific
-
Enable IPv6 resolver
-
/etc/nsswitch.conf
- hosts:
files dns
- networks:
files dns
+ hosts:
files dns6
+ networks:
files dns6