In this installment, we assign a global, static IPv6 address to an interface on the home Linux Server. This is the first step to go from “my first ping” to a (mostly) fully functional IPv6 home Linux server with SSH, HTTP and other services.
To get from the all-client network to a functioning server, we need to get a persistent static IPv6 address on at least one of the server’s interfaces and get that address into DNS. Then we need the service daemons to bind to that IPv6 address.
In addition to being much larger than IPv4 addresses, IPv6 addresses are also more complicated. Like IPv4, IPv6 has unicast, multicast and anycast addresses, but there are no broadcast addresses. You’ll use either anycast or multicast instead. IPv6 addresses also have scope. The two scopes that we need to be concerned with for this setup are link-local and global.
A big change in IPv6 is that you need to think in terms of “interfaces” instead of “hosts” having IPv6 addresses, and every interface will have multiple IPv6 addresses as a matter of course.
IPv6 has “auto configuration” built in, which will give you two addresses: a link-local unicast address and a global EIU-64 unicast address. Both are created by using the interface’s hardware (MAC) address as the lower 64 bits of the full IPv6 address.
At this point in my project, all the home systems are using “link local” and modified EIU-64 IPv6 addresses. You can see this on the Linux server via “ifconfig”:
server$ ifconfig eth0 eth0 Link encap:Ethernet HWaddr 00:30:1b:82:cb:42 inet addr:192.168.1.200 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::230:1bff:fe82:cb42/64 Scope:Link inet6 addr: 2001:470:67:88:230:1bff:fe82:cb42/64 Scope:Global
This interface has three IP addresses: an RFC-1918 IPv4 address, a link-local address (the fe80:: address) and a global EIU-64 auto configured address that is made by concatenating the /64 IPv6 prefix (2001:470:67:88) and the interface hardware address (230:1bff:fe82:cb42).
At this point, we could put the EIU-64 address into DNS, but that is not a good practice. Changing the interface’s hardware (or the whole server) would change the address, requiring a DNS change. DNS names should be tied to services, not hardware…
Getting an IPv6 address onto the eth0 interface is relatively easy; just edit /etc/network/interfaces to add something like this:
### Start IPV6 static configuration iface eth0 inet6 static pre-up modprobe ipv6 address 2001:470:67:88::10 netmask 64 ### END IPV6 configuration
Reset the interface and check its addresses:
server# ifup --force eth0 server# ifconfig eth0 eth0 Link encap:Ethernet HWaddr 00:30:1b:82:cb:42 inet addr:192.168.1.200 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::230:1bff:fe82:cb42/64 Scope:Link inet6 addr: 2001:470:67:88::10/64 Scope:Global
And now the interface has a global, static IPv6 address. You can demonstrate this with a quick SSH to the global address, from another client on the home network:
laptop$ ssh -v tep@2001:470:67:88::10 OpenSSH_5.2p1, OpenSSL 0.9.8r 8 Feb 2011 debug1: Reading configuration data /etc/ssh_config debug1: Connecting to 2001:470:67:88::10 [2001:470:67:88::10] port 22. debug1: Connection established. ...
And we’re done. Next, DNS AAAA records and services.