IPv6 is slowly, but steadily making itself present on the Internet today. Major web sites like Google, Yahoo, YouTube and Facebook are now serving their content off IPv6-enabled servers. You can expect IPv6 adoptation to pick up speed as the IPv4 address shortage becomes increasingly acute in the years ahead.
What is IPv6? Internet Protocol version 6 is a network protocol that is designed to be the successor to the legacy IP (v4) protocol. The motivation for introducing a new protocol was that the world is quickly running out of publicly routable IP addresses. Already in January 2011 the Internet Assigned Numbers Authority (IANA) allocated the last address blocks out of its reserve to the regional Internet registries. Of the five regional Internet registries, already two have depleted their own reserves: the Asia Pacific Network Information Centre in the spring of 2011 and most recenlty RIPE NCC, the regional registry for Europe, on September 14, 2012.
IPv6 is not exactly new: the first specifications were drafted in the mid 1990s. IPv6 is also not radically different: it has much in common with the ideas and principles of the legacy IPv4 protocol, but uses a new protocol and address format, which makes it incompatible with IPv4.
The choice between the old IPv4 and IPv6 is not a one-or-the-other choice, but both protocols can be — and usually are — used in parallel. For example, a web server can have both an IPv4 and IPv6 address, and a client computer can choose which protocol to use when connecting to the server. As both protocols can coexist, there is no need to agree upon a “flag day” on the Internet when everybody switches over from the old protocol to the new one, but the transition can be gradual.
Connecting to the IPv6 internet normally requires an IPv6-enabled internet connection, i.e. your ISP must be connected to the global IPv6 network and provide IPv6 addresses to you. You also need an IPv6-enabled router and your devices need to be able to communicate using IPv6.
Want to try out IPv6?
What can you do if you want to try out IPv6, but you don’t have a IPv6 compatible Internet connection? Fortunately, a couple of transition mechanisms have been created to connect IPv6 capable islands over an IPv4-only sea. These mechanisms all have in common that they use so called tunneling, where IPv6 packets are transmitted over the legacy Internet. The tunnel endpoints are relay hosts, which are connected to both the legacy Internet and the IPv6 Internet. IPv6 traffic going into the tunnel is encapsulated in IPv4 packets, which are then sent to the other end of the tunnel. When the packets are received at the other end of the tunnel, the IPv6 packets are decapsulated and continue their journey to their destination in the IPv6 Internet.
Let’s take a look at two of these tunneling mechanisms and how you can easily set up a Linux computer to connect to the IPv6 Internet using them. All you need is an old-fashioned Internet connection and no IPv6-capable router is required. Both mechanisms require kernel support: the Universal TUNTAP driver and, of course, support for IPv6 must be enabled in the kernel. This should not be a problem, as modern distributions come with this options enabled by default.
The first tunneling method we’ll look at is 6to4. Using this method we set up a tunnel to an endpoint with the IPv4 special address 184.108.40.206. This address is a “anycast” address (as opposed to a unicast address), which means it is assigned to several hosts on the Internet. Thus, 6to4 does not require setting up an explicit tunnel, but relies on the routing infrastructure to forward packets to the nearest host with this address, which functions as a 6to4 relay. 6to4 requires a public IPv4 address to work.
Here’s how to set up your host to use 6to4:
First we define a network interface for the tunnel.
% sudo /sbin/ip tunnel add tun0 mode sit remote any local 198.51.100.23 % sudo /sbin/ip link set dev tun0 up
The address 198.51.100.23 is just an example; replace it with your public IPv4 address. The name of the interface is tun0. You can choose another name for this, as long as it is not in use already.
Next we need to assign an IPv6 address for the tunnel interface. This address must start with 2002:YOUR-V4-ADDR::, where YOUR-V4-ADDR is your IPv4 address in hexadecimal format. Use the following command to calculate a suitable IPv6 address for your tunnel interface (remember to use your own address instead of 198.51.100.23):
% ipv4="198.51.100.23"; printf "2002:%02x%02x:%02x%02x::1" `echo $ipv4 | tr "." " "`
The result (2002:c633:6417::1) is added to the tunnel interface:
% sudo /sbin/ip -6 addr add 2002:c633:6417::1/16 dev tun0 metric 1
Finally, we need to add a route for IPv6. This command uses an IPv4-compatible IPv6 address to specify the special anycast address:
% sudo /sbin/ip -6 route add 2000::/3 via ::220.127.116.11 dev tun0 metric 1
Test by pinging an IPv6 host:
% ping6 -n google.com PING google.com(2a00:1450:4001:c01::8a) 56 data bytes 64 bytes from 2a00:1450:4001:c01::8a: icmp_seq=1 ttl=49 time=45.2 ms 64 bytes from 2a00:1450:4001:c01::8a: icmp_seq=2 ttl=49 time=45.7 ms
The second tunneling mechanism is called Teredo, and is really just an extension to 6to4. Teredo was designed by Christian Huitema at Microsoft, and comes installed and enabled by default (under certain conditions) on Windows Vista and Windows 7. There is an implementation for Linux called Miredo. The good thing about Teredo is that it is designed to work across Network Address Translation (NAT), so you don’t need a public IP address, like with 6to4. Unlike 6to4, Teredo uses the UDP protocol to encapsulate packets.
To use Teredo, install the Miredo package from your distribution’s package repository. For example, on Ubuntu:
% sudo apt-get install miredo
Using Teredo requires the selection of a Teredo Server which is used for configuring the tunnel. When using Miredo, this is specified as ServerAddress in the Miredo configuration file, typically located in /etc/miredo/miredo.conf. When installing Miredo using you distribution’s package system, this is typically already set to some sensible value. Note that a Teredo Server is not the same thing as a Teredo Relay — the Teredo Server is only used to set up and maintain the tunnel to the IPv6 Internet.
After installing and configuring Miredo, make sure the Miredo service is running.
Teredo is simpler to set up of the two tunneling mechanisms above, and also has the advantage that it works behind a NAT. Behind the scenes, Teredo is more complicated than 6to4, mostly because of the complex setup procedure enabling it to be used behind a NAT. Teredo (Miredo) is controlled by a user space daemon that needs to be running. Teredo encapsulates IPv6 packets using UDP, whereas 6to4 embeds the IPv6 packets directly in the payload portions of IPv4 packets.
These two methods of connecting to the IPv6 Internet are not the only options. You can also set up a static tunnel, which is closer to a “real” IPv6 Internet connection. This usually involves registering with a tunnel broker like SixXS.net and setting up a tunnel to a Point of Presence. This is outside the scope of this blog entry.
Update September 2014: To test your IPv6 support in a browser, visit the site ipv6-test.co.uk or try to open ipv6.google.com. Unfortunately is seems Chome/Chromium has in version 28 removed the IPv6 support of users who run Teredo/Miredo.