Implementing IPv6 At Home – Part 1
There have been a lot of articles floating around the net, lately, that mention how quickly we’re running out of IPv4 addresses. Seeing all of this got my interests in IPv6 rekindled. I’d been meaning to get it up and running on my network since I got my Cisco router, but it wasn’t until lately that I was really able to find enough information on the subject to know where to begin. I don’t have anywhere near enough knowledge to write up a tutorial, but I find it helpful and interesting to hear about other peoples’ experience with new technology. I hope it’s helpful for you to see how things went for me.
Selecting a transition mechanism
With regards to deployment, IPv6 is really in its toddler years right now. We’ve moved past the old 6bone test network, but most ISPs still aren’t offering native connectivity yet. That means that the majority of people are going to have to choose a transition mechanism to connect to the rest of the world. There are two main types of transition mechanisms:
- Dual network stacks running IPv4 and IPv6 simultaneously
- Encapsulation of IPv6 packets inside of IPv4 packets (tunneling)
Running dual network stacks is a no-brainer. Even though I’m setting up v6, I still need to talk to all of the v4 hosts that comprise the majority of the current Internet. The real question was what type of tunnel I wanted to use.. There are quite a few different options out there; the most well known being 6to4, Teredo and manual point to point tunneling.
6to4 and Teredo are both automatic tunneling protocols. They don’t require a specific tunnel to be configured and your IPv6 addresses are automatically allocated based on your IPv4 address. Teredo is meant to be used on a single host behind NAT, while 6to4 is generally used on gateway devices. I’d recommend reading the RFCs for more specific information, but a Google search will go a long way as well.
I had a very hard time trying to decide which way to go because I have a dynamic IP address and have no easy way to get a static address. In the end, I chose a manual point to point tunnel. My IP address doesn’t change that often and I decided that the extra control was worth the extra effort of making a change on the tunnel provider’s site once every few months. My tunnel is through Hurricane Electric. They’ve got a very easy setup wizard and even have example configurations for many deployment scenarios.
Requesting and configuring the tunnel
This was the easiest step in the entire setup. I went to http://tunnelbroker.net and signed up for an account. Then I just clicked on “Create Regular Tunnel”. The form asks for your public IP address and gives you a list of servers in different locations to connect to. HE assigns a routed /64 by default, but everyone has the option of allocating a /48 with the click of a link.
Router configuration
After getting the tunnel set up, I went on to configure my router. As I mentioned before, HE has configurations available for the tunnel, so that didn’t take much work at all. The rest I was able to piece together from a Cisco article: Tunneling IPv6 through an IPv4 Network. What I came up with in the end was something like this:
ipv6 unicast-routing ipv6 cef ! interface Tunnel0 description Hurricane Electric IPv6 Tunnel Broker no ip address ipv6 enable ipv6 address 2001:x:x:x::2 tunnel source x.x.x.x tunnel destination x.x.x.x tunnel mode ipv6ip ! interface FastEthernet0/1 description Inside Network ipv6 address 2001:x:x::1/64 ipv6 enable ! ipv6 route ::/0 Tunnel0
Line 1 enables unicast IPv6 routing. Line 2 enables Cisco express forwarding for IPv6. The tunnel is configured on lines 4-11. IPv6 is configured and enabled for our inside LAN interface on lines 15 and 16 and I set the default route for IPv6 to the tunnel interface on line 18.
By default, this will issue router advertisements and allow machines to do stateless autoconfiguration for IPv6 addressing. I originally ran into trouble with this while I was trying to subnet my /48. I had my inside LAN interface configured with a /52 and none of the machines on my network would autoconfigure themselves. Eventually I realized that all hosts should be sitting on a /64 subnet. This is in an RFC somewhere. I’ll link to it if I’m able to find it. Once I made the change everything just magically started working.
Final outcome
At this point, I’ve got IPv6 connectivity up and running. I can get to IPv6 enabled sites on the internet by IP address, but I’m not able resolve AAAA records yet because I haven’t got DHCP and DNS configured yet. I’ll get to that in the next post.