Geekly Articles each Day
📜 ⬆️ ⬇️

IPv6 configuration in Linux OS Debian v7.XX, Ubuntu v14.XX, CentOS v6.XX and FreeBSD v10.XX

The following material does not claim exclusivity. However, I had to collect it bit by bit from different sources, checking something experimentally. After that, the idea was born of systematizing the knowledge and experience gained, setting out everything in one note.

Linux Debian v7.XX, Ubuntu v14.XX
CentOS v6.XX
FreeBSD v10.XX

After the introduction of IPv6 support, on the hosting site of the company in which I work, we needed to automate the configuration of VDS accordingly. It is necessary to state that this is not about any tunneling, but full support. Those. the network infrastructure in the data center provides switching and routing of IPv6, there are corresponding BGPv6 connections with the backbone Internet providers.

Spoiler
 $ ping6 -n -c 4 ipv6.google.com
 PING ipv6.google.com (2a00: 1450: 4013: c01 :: 66) 56 data bytes
 64 bytes from 2a00: 1450: 4013: c01 :: 66: icmp_seq = 1 ttl = 51 time = 12.4 ms
 64 bytes from 2a00: 1450: 4013: c01 :: 66: icmp_seq = 2 ttl = 51 time = 12.3 ms
 64 bytes from 2a00: 1450: 4013: c01 :: 66: icmp_seq = 3 ttl = 51 time = 12.4 ms
 64 bytes from 2a00: 1450: 4013: c01 :: 66: icmp_seq = 4 ttl = 51 time = 12.4 ms

 --- ipv6.google.com ping statistics ---
 4 packets transmitted, 4 received, 0% packet loss, time 3017ms
 rtt min / avg / max / mdev = 12.393 / 12.423 / 12.465 / 0.028 ms

') 
 $ traceroute -n -6 -I ipv6.google.com
 traceroute to ipv6.google.com (2a00: 1450: 4013: c01 :: 66), 30 hops max, 80 byte packets
  1 2a04: XXXX: 1 :: 1 11.684 ms 11.758 ms 11.753 ms
  2 2a04: XXXX: 0: 103 :: 1 0.978 ms 0.980 ms 0.977 ms
  3 2001: 1900: 5: 2: 2 :: 1939 11.640 ms 11.637 ms 11.633 ms
  4 2001: 1900: 104: 8 :: 8 11.629 ms 11.699 ms 11.696 ms
  5 2001: 1900: 5: 3 :: 276 11.692 ms 11.688 ms 11.683 ms
  6 2001: 4860 :: 1: 0: abf6 11.681 ms 10.735 ms 10.721 ms
  7 2001: 4860 :: 8: 0: abf1 10.705 ms 3.051 ms 3.036 ms
  8 2001: 4860 :: 8: 0: 8f8e 5.778 ms 5.768 ms 5.756 ms
  9 2001: 4860 :: 8: 0: 519f 9.570 ms 9.562 ms 9.544 ms
 10 2001: 4860 :: 8: 0: 519e 23.371 ms 23.363 ms 12.068 ms
 11 2001: 4860 :: 2: 0: 8652 12.659 ms 12.637 ms 12.625 ms
 12 2a00: 1450: 4013: c01 :: 66 12.339 ms 12.445 ms 12.426 ms


Addresses are assigned and registered in the OS settings statically, i.e. IPv6 auto configuration functionality is not enabled. This is due to the specifics of address space and security. The task is complicated by the fact that VDS may have several IPv4 and IPv6 addresses at once.

Linux Debian v7.XX, Ubuntu v14.XX


In quite fresh Linux distributions, there is already full IPv6 support. Therefore, there is no need to reinstall anything manually.
Consider an example setup.
"/ etc / network / interfaces"
 auto lo
 iface lo inet loopback

 allow-hotplug eth0
 iface eth0 inet static
   address 185.XXX.208.119
   network 185.XXX.208.0
   netmask 255.255.255.0
   broadcast 185.XXX.208.255
   gateway 185.XXX.208.1

 auto eth0: 1
 iface eth0: 1 inet static
   address 185.XXX.208.169
   netmask 255.255.255.255

 auto eth0: 2
 iface eth0: 2 inet static
   address 185.XXX.208.171
   netmask 255.255.255.255

 iface eth0 inet6 static
   address 2a04: XXXX: 1: 0: 0: 0: 0: 12
   netmask 48

 iface eth0 inet6 static
   address 2a04: XXXX: 1: 0: 0: 0: 0: 15
   netmask 48

 iface eth0 inet6 static
   address 2a04: XXXX: 1: 0: 0: 0: 0: 16
   netmask 48
   gateway 2a04: XXXX: 1 :: 1


Here you should pay attention to two points. First, all IPv6 addresses are assigned directly to the network interface itself: unlike IPv4, there is no need to create “eth0: X” virtual adapters. Secondly, the default IPv6 gateway is specified once for any of the addresses. He will act for all.
The result of the settings in the output of the command "ifconfig":
 # ifconfig -a
 eth0 Link encap: Ethernet HWaddr 00: 16: 3e: 34: 80: fe
           inet addr: 185.XXX.208.119 Bcast: 185.XXX.208.255 Mask: 255.255.255.0
           inet6 addr: fe80 :: 216: 3eff: fe34: 80fe / 64 Scope: Link
           inet6 addr: 2a04: XXXX: 1 :: 12/48 Scope: Global
           inet6 addr: 2a04: XXXX: 1 :: 16/48 Scope: Global
           inet6 addr: 2a04: XXXX: 1 :: 15/48 Scope: Global
           UP BROADCAST RUNNING MULTICAST MTU: 1500 Metric: 1
           RX packets: 823965 errors: 0 dropped: 0 overruns: 0 frame: 0
           TX packets: 1223 errors: 0 dropped: 0 overruns: 0 carrier: 0
           collisions: 0 txqueuelen: 1000
           RX bytes: 450489490 (429.6 MiB) TX bytes: 158298 (154.5 KiB)
           Interrupt: 26

 eth0: 1 Link encap: Ethernet HWaddr 00: 16: 3e: 34: 80: fe
           inet addr: 185.XXX.208.169 Bcast: 185.XXX.208.169 Mask: 255.255.255.255
           UP BROADCAST RUNNING MULTICAST MTU: 1500 Metric: 1
           Interrupt: 26

 eth0: 2 Link encap: Ethernet HWaddr 00: 16: 3e: 34: 80: fe
           inet addr: 185.XXX.208.171 Bcast: 185.XXX.208.171 Mask: 255.255.255.255
           UP BROADCAST RUNNING MULTICAST MTU: 1500 Metric: 1
           Interrupt: 26

 lo Link encap: Local Loopback
           inet addr: 127.0.0.1 Mask: 255.0.0.0
           inet6 addr: :: 1/128 Scope: Host
           UP LOOPBACK RUNNING MTU: 16436 Metric: 1
           RX packets: 0 errors: 0 dropped: 0 overruns: 0 frame: 0
           TX packets: 0 errors: 0 dropped: 0 overruns: 0 carrier: 0
           collisions: 0 txqueuelen: 0
           RX bytes: 0 (0.0 B) TX bytes: 0 (0.0 B)

Basic diagnostics can be performed using the "ping6 -n -c 4 ipv6.google.com" and "traceroute -n -6 -I ipv6.google.com" commands. Check the MAC addresses of the neighbors: "ip -6 neighbor show". Examine the routing table: “route -n6” or “ip -6 route show”. Find out which of the IPv6 addresses the system uses by default for outgoing connections: “ip -6 route get 2a00: 1450: 4013: c01 :: 65”.

CentOS v6.XX


Setting up CentOS is more intricate due to the fact that the options are somewhat larger, and they are scattered across several files.
"/ etc / sysconfig / network"
 NETWORKING = yes
 GATEWAY = 185.XXX.209.1
 HOSTNAME = ipv6.test
 NETWORKING_IPV6 = yes
 IPV6_AUTOCONF = no
 IPV6_AUTOTUNNEL = no
 IPV6_DEFAULTDEV = eth0
 IPV6_DEFAULTGW = 2a04: XXXX: 1 :: 1


"/ etc / sysconfig / network-scripts / ifcfg-eth0"
 TYPE = Ethernet
 DEVICE = eth0
 ONBOOT = yes
 IPADDR = 185.XXX.209.208
 NETWORK = 185.XXX.209.0
 NETMASK = 255.255.255.0
 BROADCAST = 185.XXX.209.255
 GATEWAY = 185.XXX.209.1
 IPV6INIT = yes
 IPV6_DEFAULTGW = 2a04: XXXX: 1 :: 1
 IPV6ADDR = 2a04: XXXX: 1: 0: 0: 0: 0: 12/48
 IPV6ADDR_SECONDARIES = "2a04: XXXX: 1: 0: 0: 0: 0: 15/48 2a04: XXXX: 1: 0: 0: 0: 0: 16/48"


"/ etc / sysconfig / network-scripts / ifcfg-eth0: 1"
 TYPE = Ethernet
 DEVICE = eth0: 1
 ONBOOT = yes
 IPADDR = 185.XXX.209.213
 NETMASK = 255.255.255.255


"/ etc / sysconfig / network-scripts / ifcfg-eth0: 2"
 TYPE = Ethernet
 DEVICE = eth0: 2
 ONBOOT = yes
 IPADDR = 185.XXX.209.232
 NETMASK = 255.255.255.255


Overall, the picture is similar to Debian. The “eth0: X” virtual network interfaces are only needed for IPv4. The “NETWORKING_IPV6” and “IPV6INIT” options include support for IPv6. In "IPV6_DEFAULTGW" we specify the default gateway. The first IPv6 address is assigned in “IPV6ADDR”, all others are listed in “IPV6ADDR_SECONDARIES”.

The output of the “ifconfig” command is similar to Debian:
 $ ifconfig -a
 eth0 Link encap: Ethernet HWaddr 00: 16: 3E: 18: BF: 3A
           inet addr: 185.XXX.209.208 Bcast: 185.XXX.209.255 Mask: 255.255.255.0
           inet6 addr: 2a04: XXXX: 1 :: 12/48 Scope: Global
           inet6 addr: 2a04: XXXX: 1 :: 15/48 Scope: Global
           inet6 addr: 2a04: XXXX: 1 :: 16/48 Scope: Global
           inet6 addr: fe80 :: 216: 3eff: fe18: bf3a / 64 Scope: Link
           UP BROADCAST RUNNING MULTICAST MTU: 1500 Metric: 1
           RX packets: 80834 errors: 0 dropped: 0 overruns: 0 frame: 0
           TX packets: 67 errors: 0 dropped: 0 overruns: 0 carrier: 0
           collisions: 0 txqueuelen: 1000
           RX bytes: 40241487 (38.3 MiB) TX bytes: 11895 (11.6 KiB)
           Interrupt: 245

 eth0: 1 Link encap: Ethernet HWaddr 00: 16: 3E: 18: BF: 3A
           inet addr: 185.XXX.209.213 Bcast: 185.XXX.209.213 Mask: 255.255.255.255
           UP BROADCAST RUNNING MULTICAST MTU: 1500 Metric: 1
           Interrupt: 245

 eth0: 2 Link encap: Ethernet HWaddr 00: 16: 3E: 18: BF: 3A
           inet addr: 185.XXX.209.232 Bcast: 185.XXX.209.232 Mask: 255.255.255.255
           UP BROADCAST RUNNING MULTICAST MTU: 1500 Metric: 1
           Interrupt: 245

 lo Link encap: Local Loopback
           inet addr: 127.0.0.1 Mask: 255.0.0.0
           inet6 addr: :: 1/128 Scope: Host
           UP LOOPBACK RUNNING MTU: 16436 Metric: 1
           RX packets: 0 errors: 0 dropped: 0 overruns: 0 frame: 0
           TX packets: 0 errors: 0 dropped: 0 overruns: 0 carrier: 0
           collisions: 0 txqueuelen: 0
           RX bytes: 0 (0.0 b) TX bytes: 0 (0.0 b)

The diagnostic tools are the same as those used in Debian .

FreeBSD v10.XX


FreeBSD already has everything you need to support IPv6.
Consider an example setup.
"/etc/rc.conf"
 hostname = "ipv6.test"
 defaultrouter = "185.XXX.209.1"
 ifconfig_xn0 = "inet 185.XXX.209.41 netmask 255.255.255.0"
 ipv6_defaultrouter = "2a04: XXXX: 1 :: 1"
 ifconfig_xn0_ipv6 = "2a04: XXXX: 1: 0: 0: 0: 0: 12/48"
 ifconfig_xn0_aliases = "inet6 2a04: XXXX: 1: 0: 0: 0: 0: 15/48 inet6 2a04: XXXX: 1: 0: 0: 0: 0: 16/48 inet 185.XXX.209.104 netmask 255.255.255.255 inet 185.XXX.209.131 netmask 255.255.255.255 "


The primary IPv6 address is specified in the “ifconfig_xn0_ipv6” option. Since FreeBSD does not use the mechanism of virtual network interfaces for IPv4, all additional addresses, including IPv6, are listed in “ifconfig_xn0_aliases”.
The output of the ifconfig command is slightly different from the Linux OS.

 # ifconfig -a
 lo0: flags = 8049 <UP, LOOPBACK, RUNNING, MULTICAST> metric 0 mtu 16384
         options = 600003 <RXCSUM, TXCSUM, RXCSUM_IPV6, TXCSUM_IPV6>
         inet6 :: 1 prefixlen 128
         inet6 fe80 :: 1% lo0 prefixlen 64 scopeid 0x1
         inet 127.0.0.1 netmask 0xff000000
         nd6 options = 21 <PERFORMNUD, AUTO_LINKLOCAL>
 xn0: flags = 8843 <UP, BROADCAST, RUNNING, SIMPLEX, MULTICAST> metric 0 mtu 1500
         options = 503 <RXCSUM, TXCSUM, TSO4, LRO>
         ether 00: 16: 3e: f4: 17: 6c
         inet 185.XXX.209.41 netmask 0xffffff00 broadcast 185.XXX.209.255
         inet6 fe80 :: 216: 3eff: fef4: 176c% xn0 prefixlen 64 scopeid 0x2
         inet6 2a04: XXXX: 1 :: 12 prefixlen 48
         inet 185.XXX.209.104 netmask 0xffffffff broadcast 185.XXX.209.104
         inet 185.XXX.209.131 netmask 0xffffffff broadcast 185.XXX.209.131
         inet6 2a04: XXXX: 1 :: 15 prefixlen 48
         inet6 2a04: XXXX: 1 :: 16 prefixlen 48
         nd6 options = 21 <PERFORMNUD, AUTO_LINKLOCAL>
         media: ethernet manual
         status: active


The diagnostic tool is also slightly different: "ping6 -n -c 4 ipv6.google.com" and "traceroute6 -n ipv6.google.com". Check the MAC addresses of neighbors: "ndp -an". Examine the routing table: "netstat -rn6". Find out which of the IPv6 addresses the system uses by default for outgoing connections: "route -nv6 get 2a00: 1450: 4013: c01 :: 65".

 # route -nv6 get 2a00: 1450: 4013: c01 :: 65
 RTA_DST: inet6 2a00: 1450: 4013: c01 :: 65;  RTA_IFP: link;  RTM_GET: Report Metrics: len 240, pid: 0, seq 1, errno 0, flags: <UP, GATEWAY, HOST, STATIC>
 locks: inits:
 sockaddrs: <DST, IFP>
  2a00: 1450: 4013: c01 :: 65 link # 0
    route to: 2a00: 1450: 4013: c01 :: 65
 destination: ::
        mask: ::
     gateway: 2a04: XXXX: 1 :: 1
         fib: 0
   interface: xn0
       flags: <UP, GATEWAY, DONE, STATIC>
  recvpipe sendpipe ssthresh rtt, msec mtu weight expire
        0 0 0 0 1500 1 0


 locks: inits:
 sockaddrs: <DST, GATEWAY, NETMASK, IFP, IFA>
  :: 2a04: XXXX: 1 :: 1 :: xn0: 0.16.3e.f4.17.6c 2a04: XXXX: 1 :: 12

In this case, the default address is the one specified most recently in the output of the command: “2a04: XXXX: 1 :: 12”.

Source: https://habr.com/ru/post/270611/

More articles:


All Articles