IPv6 Crash Course

Astro <astro@spaceboyz.net>

Warum IPv6?

IPv6 Packet Header

Adressen

IPv4

IPv6

Subnets & Subnet Masks

IPv4

  172.22.16.21
& 255.255.255.0
= 172.22.16.0
  172.22.16.70
& 255.255.255.192
= 172.22.16.64

IPv6

  2001:08d8:0081:05c8:0219:dbff:fe64:81a7
& ffff:ffff:ffff:ffff:0000:0000:0000:0000
= 2001:08d8:0081:05c8:0000:0000:0000:0000
  2001:8d8:81:5c8:219:dbff:fe64:81a7
& ffff:ffff:ffff:ff00::
= 2001:8d8:81:500::

CIDR Notation

IPv4 (Netmask bits)

a.b.c.d/0
0.0.0.0
a.b.c.d/8
255.0.0.0
a.b.c.d/16
255.255.0.0
a.b.c.d/24
255.255.255.0
a.b.c.d/25
255.255.255.128
a.b.c.d/26
255.255.255.192
a.b.c.d/27
255.255.255.224
a.b.c.d/28
255.255.255.240
a.b.c.d/29
255.255.255.248
a.b.c.d/30
255.255.255.252
a.b.c.d/31
255.255.255.254
a.b.c.d/32
255.255.255.255

IPv6 (Prefix length)

::/0
::
a:b:c:d:e:f:g:h/60
ffff:ffff:ffff:fff0::
a:b:c:d:e:f:g:h/61
ffff:ffff:ffff:fff8::
a:b:c:d:e:f:g:h/62
ffff:ffff:ffff:fffc::
a:b:c:d:e:f:g:h/63
ffff:ffff:ffff:fffe::
a:b:c:d:e:f:g:h/64
ffff:ffff:ffff:ffff::
a:b:c:d:e:f:g:h/128
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff

Routing-Tabelle

default via 172.22.16.4 dev eth0        default = 0.0.0.0/0
172.22.16.0/24 dev eth0
default via 172.22.16.2 dev eth0
unreachable 172.16.0.0/12
172.22.0.0/15 via 172.22.16.1
172.22.16.0/24 via 172.22.16.4
172.22.16.0/26 dev eth0
2001:8d8:81:5c8::/64 dev eth0 
fe80::/64 dev eth0  
ff00::/8 dev eth0  
default via fe80::2de:caff:fefb:ad03 dev eth0
2001:67c:21ec:bbbb::/64 via fe80::f00d:f00d dev dc99 
2001:67c:21ec:cccc::/64 via fe80::f00d:f00d dev dc99 
2001:67c:21ec:eeee::/64 via fe80::f00d:f00d dev dc99 
2001:67c:21ec::/48 via fe80::cafe:cafe dev dc24

sipcalc

IPv4

$ sipcalc 217.115.11.132/27
-[ipv4 : 217.115.11.132/27] - 0

[CIDR]
Host address		- 217.115.11.132
Host address (decimal)	- 3648195460
Host address (hex)	- D9730B84
Network address		- 217.115.11.128
Network mask		- 255.255.255.224
Network mask (bits)	- 27
Network mask (hex)	- FFFFFFE0
Broadcast address	- 217.115.11.159
Cisco wildcard		- 0.0.0.31
Addresses in network	- 32
Network range		- 217.115.11.128 - 217.115.11.159
Usable range		- 217.115.11.129 - 217.115.11.158

IPv6

$ sipcalc 2001:db8::c3d2:0:1/64
-[ipv6 : 2001:db8::c3d2:0:1/64] - 0

[IPV6 INFO]
Expanded Address	- 2001:0db8:0000:0000:0000:c3d2:0000:0001
Compressed address	- 2001:db8::c3d2:0:1
Subnet prefix (masked)	- 2001:db8:0:0:0:0:0:0/64
Address ID (masked)	- 0:0:0:0:0:c3d2:0:1/64
Prefix address		- ffff:ffff:ffff:ffff:0:0:0:0
Prefix length		- 64
Address type		- Aggregatable Global Unicast Addresses
Network range		- 2001:0db8:0000:0000:0000:0000:0000:0000 -
			  2001:0db8:0000:0000:ffff:ffff:ffff:ffff

Scopes (1/2)

IPv4 (RFC5735)

0.0.0.0/8
"This" network
10.0.0.0/8
Private use (RFC1918)
127.0.0.1/8
Loopback
169.254.0.0/16
Link-local (Zeroconf)
172.16.0.0/12
Private use (RFC1918)
192.0.0.0/24
Reserved
192.0.2.0/24
TEST-NET-1
192.88.99.0/24
6to4 relay anycast
192.168.0.0/16
Private use (RFC1918)
198.18.0.0/15
SPECIAL-IPV4-BENCHMARK-TESTING-IANA-RESERVED
198.51.100.0/24
TEST-NET-2
203.0.113.0/24
TEST-NET-3
224.0.0.0/4
Multicast

IPv6 (RFC4291)

::1
Loopback
ff00::/8
Multicast
fe80::/8
Link-local
Alles andere
Global Unicast
Aktuelles Unicast Prefix: 2000::/3 (2000:: - 3fff:ffff:…)
fec0::/10, 0200::/7, ::/96, 5f00::/8, 3ffe::/16
Deprecated

Scopes (2/2)

General multicast address format
Bits844112
Fieldprefixflagsscopegroup ID
Multicast address flags[5]
BitFlag01
0 (MSB)(Reserved)(Reserved)(Reserved)
1R (Rendezvous)[6]Rendezvous point not embeddedRendezvous point embedded
2P (Prefix)[7]Without prefix informationAddress based on network prefix
3 (LSB)T (Transient)[8]Well-known multicast addressDynamically assigned multicast address
Multicast address scope
IPv6 address[note 1]IPv4 equivalent[9]ScopePurpose
ff00::/16-ff0f::/16Reserved
ffx1::/16127.0.0.0/8Interface-localPackets with this destination address may not be sent over any network link, but must remain within the current node; this is the multicast equivalent of the unicast loopback address.
ffx2::/16224.0.0.0/24Link-localPackets with this destination address may not be routed anywhere.
ffx3::/16239.255.0.0/16IPv4 local scope
ffx4::/16Admin-localThe smallest scope that must be administratively configured.
ffx5::/16Site-localRestricted to the local physical network.
ffx8::/16239.192.0.0/14Organization-localRestricted to networks used by the organization administering the local network. (For example, these addresses might be used over VPNs; when packets for this group are routed over the public internet (where these addresses are not valid), they would have to be encapsulated in some other protocol.)
ffxe::/16224.0.1.0-238.255.255.255Global scopeEligible to be routed over the public internet.

Verkonfiguriert?

% ping6 ff02::1%eth0
PING ff02::1%eth0(ff02::1) 56 data bytes
64 bytes from fe80::219:dbff:fe64:81a7: icmp_seq=1 ttl=64 time=0.022 ms
64 bytes from fe80::2de:caff:fefb:ad07: icmp_seq=1 ttl=64 time=0.852 ms (DUP!)
64 bytes from fe80::21b:21ff:fe0e:5592: icmp_seq=1 ttl=64 time=0.978 ms (DUP!)
^C
% ssh fe80::21b:21ff:fe0e:5592%eth0
blaster:~$ 

iproute2 (1/3)

$ ip
Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }
       ip [ -force ] -batch filename
where  OBJECT := { link | addr | addrlabel | route | rule | neigh | ntable |
                   tunnel | tuntap | maddr | mroute | mrule | monitor | xfrm |
                   netns | l2tp }
       OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |
                    -f[amily] { inet | inet6 | ipx | dnet | link } |
                    -l[oops] { maximum-addr-flush-attempts } |
                    -o[neline] | -t[imestamp] | -b[atch] [filename] |
                    -rc[vbuf] [size]}
$ ip a help
Usage: ip addr {add|change|replace} IFADDR dev STRING [ LIFETIME ]
                                                      [ CONFFLAG-LIST ]
       ip addr del IFADDR dev STRING
       ip addr {show|flush} [ dev STRING ] [ scope SCOPE-ID ]
                            [ to PREFIX ] [ FLAG-LIST ] [ label PATTERN ]
IFADDR := PREFIX | ADDR peer PREFIX
          [ broadcast ADDR ] [ anycast ADDR ]
          [ label STRING ] [ scope SCOPE-ID ]
SCOPE-ID := [ host | link | global | NUMBER ]
FLAG-LIST := [ FLAG-LIST ] FLAG
FLAG  := [ permanent | dynamic | secondary | primary |
           tentative | deprecated | dadfailed | temporary |
           CONFFLAG-LIST ]
CONFFLAG-LIST := [ CONFFLAG-LIST ] CONFFLAG
CONFFLAG  := [ home | nodad ]
LIFETIME := [ valid_lft LFT ] [ preferred_lft LFT ]
LFT := forever | SECONDS

iproute2 (2/3)

Adresse konfigurieren:

ip addr add fe80::fefe:fa7/64 dev wlan0

Adresse entfernen:

ip a d fe80::fefe:fa7/64 dev wlan0

iproute2 (3/3)

IPv4-Routingtabelle anzeigen:

ip route

IPv6-Routingtabelle anzeigen:

ip -6 route

Route setzen:

ip r a 2000::/3 dev wlan0 via fe80::2de:caff:fefb:ad03

Route löschen:

ip r d 2000::/3

Transition Mechanisms