3 Internet Protocol Version 6

Internet Protocol Version 6 (IPv6) is both a completely new network layer protocol and a major revision of the Internet architecture. As such, it builds upon and incorporates experiences gained with IPv4. This chapter describes the following:

The history and purpose of IPv6

Terms

IPv6 addressing

The IPv6 environment

How to plan for your IPv6 configuration

How to configure your system to support IPv6 addressing

How to perform post-configuration tasks

How to log IPv6 activity

For troubleshooting information, see Section 8.4.

3.1 Introduction to IPv6

In the early 1990s the members of the Internet community realized that the address space and certain aspects of the current TCP/IP architecture were not capable of sustaining the explosive growth of the Internet. The problems included the exhaustion of the Internet address space, the size of routing tables, and requirements for new technology features.

The Internet Engineering Task Force (IETF) made several efforts to study and improve the use of the 32-bit Internet Protocol (IPv4) addresses. They also tackled the longer-term goal of identifying and replacing protocols and services that would limit growth.

These efforts identified the 32-bit addressing architecture of IPv4 as the principal problem, in terms of router overhead and of network administration. In addition, IPv4 addresses were often unevenly allocated in blocks that were too large or too small, and therefore difficult to change within any existing network.

In July 1994, the Internet Protocol Next Generation (IPng) directorate announced the Internet Protocol Version 6 (IPv6) as the replacement network layer protocol, and IETF working groups began to build specifications. See RFC 1752, "The Recommendation for the IP Next Generation Protocol," for additional information on the IPv6 protocol selection process.

3.2 Terms

The following terms are used in this chapter:

node: Any system that uses the IPv6 protocol to communicate.

router: A node that forwards IPv6 packets addressed to other nodes. These systems typically have more than one network interface card (NIC) installed and configured.

host: Any node that is not a router.

link: A medium or facility over which nodes communicate with each other at the link layer. Examples include Ethernet, FDDI, PPP links, or internet layer tunnels.

interface: A node's attachment to a link, which is usually assigned an IPv6 address or addresses. This can be a physical NIC (for example, tu0 or ee0) or virtual network interface (for example, ipt0, described in Section 3.5.2.2).

3.3 IPv6 Addressing

This section is intended for administrators who need an introduction to IPv6 addressing. If you already know this information, skip to Section 3.4.

The most noticeable feature of IPv6 is the IPv6 address. The address size is increased from 32 bits to 128 bits. This section describes:

Address text representation

Address autoconfiguration

Address resolution

Address assignment

3.3.1 Address Text Representation

You can use the following syntax to represent IPv6 addresses as text strings:

x:x:x:x:x:x:x:x

The x is a hexadecimal value of a 16-bit piece of the address. For example, the following addresses are IPv6 addresses:

FEDC:BA98:7654:3210:FEDC:BA98:7654:3210
 
1070:0:0:0:0:800:200C:417B

IPv6 addresses can contain long strings of zero (0) bits. To make it easier to write these addresses, you can use two colon characters (::) one time in an address to represent 1 or more 16-bit groups of zeros. For example, you can compress the second IPv6 address example as follows:

1070::800:200C:417B

Alternatively, you can use the following syntax to represent IPv6 addresses in an environment of IPv4 and IPv6 nodes:

x:x:x:x:x:x:d.d.d.d

In this case, x is a hexadecimal value of a 16-bit piece of the address (six high-order pieces) and d is a decimal value of an 8-bit piece of address (four low-order pieces) in standard, dotted-quad IPv4 form. For example, the following are IPv6 addresses:

0:0:0:0:0:0:13.1.68.3
 
0:0:0:0:0:FFFF:129.144.52.38

When compressed, these addresses are as follows:

::13.1.68.3
 
::FFFF:129.144.52.38

Like IPv4 address prefixes, IPv6 address prefixes are represented using the Classless Inter-Domain Routing (CIDR) notation. This notation has the following format:

ipv6-address/prefix-length

For example, you can represent the 60-bit hexadecimal prefix 12AB00000000CD3 in any of the following ways:

12AB:0000:0000:CD30:0000:0000:0000:0000/60
12AB::CD30:0:0:0:0/60
12AB:0:0:CD30::/60

3.3.2 Types of Addresses

There are three types of IPv6 addresses:

Unicast

Anycast

Multicast

Note

Unlike IPv4, IPv6 does not define a broadcast address. To get the function of a broadcast address, use a multicast address with link-local scope (see Section 3.3.2.2).

The following sections describe only the unicast and multicast address types and provide examples.

3.3.2.1 Unicast Address

A unicast address is an identifier for a physical network interface. Packets sent to a unicast address are delivered to the node containing the interface identified by the address.

Unicast addresses typically have the following format:

This address typically consists of a 64-bit prefix followed by a 64-bit interface ID as follows:

An interface ID identifies an interface on a link. The interface ID must be unique on a link, but can also be unique over a broader scope. In many cases, an interface's ID is derived from its link-layer address. The same interface ID can be used on multiple interfaces on a single node.

According to RFC 2373, most prefixes must have 64-bit interface identifiers. For 48-bit MAC addresses, the interface identifier is created by inserting the hexadecimal values of 0xFF and 0xFE in the middle of the address and inverting the universal/local bit (bit 7) in the resulting 64-bit address. Figure 3-1 shows how this process works.

Figure 3-1: Creating an Interface ID from a MAC Address

The following list describes commonly used unicast addresses and their values:

Unspecified address

Indicates the absence of an address, and is never assigned to an interface. The unspecified address has the value 0:0:0:0:0:0:0:0 in the normal form or :: in the compressed form.

Loopback address

Used by a node to send IP datagrams to itself, and is typically assigned to the loopback interface. The IPv6 loopback address has the value 0:0:0:0:0:0:0:1 in the normal form or ::1 in the compressed form.

IPv6 addresses with embedded IPv4 addresses

Used in mixed IPv4 and IPv6 environments, and can be either of the following:

IPv4-compatible IPv6 address
Used by IPv6 nodes to tunnel IPv6 packets across an IPv4 routing infrastructure. The IPv4 address is carried in the low-order 32-bits. The format of this address is as follows:

Note

Do not use IPv4-compatible IPv6 addresses in the Domain Name System (DNS) or the local /etc/ipnodes file.

IPv4-mapped IPv6 address
Used to represent an IPv4 address and to identify nodes that do not support IPv6 (IPv4-only nodes). It is not used in an IPv6 packet. The format of this address is as follows:

Local-use IPv6 unicast addresses

Can be either of the following:

Link-local
Used for addressing on a single link when performing address autoconfiguration, neighbor discovery, or when no routers are present. This address is assumed to be unique only on the link to which the interface is connected. The format of this address is as follows:

Site-local
Used for sites or organizations that are not connected to the global Internet. This address is assumed to be unique only in the site to which the interface is connected. The format of this address is as follows:

If you plan to use site-local addresses, be aware of the following guidelines:
- Do not connect a single node to multiple sites.
- Do not use site-local addresses in the global DNS (the addresses cannot be visible outside the site).
- Dynamic DNS updates for site-local addresses are not supported.
- Do not advertise or propagate routes containing site-local prefixes outside the site.

Interfaces typically have multiple IPv6 addresses. After IPv6 is configured and the system boots, the LAN, PPP, and configured tunnel interfaces are automatically assigned a link-local address. If a router is on the link, the system also autoconfigures a global unicast address on the interfaces.

3.3.2.2 Multicast Address

A multicast address is an identifier for a group of nodes, similar to an IPv4 multicast address. Multicast addresses have the following format:

In the preceding address format, the fields have the following definition:

11111111

Identifies the address as multicast.

Flags

Can be either 0000, which indicates a permanently-assigned (well-known) multicast address, or 0001, which indicates a temporary (transient) multicast address.

Scope

Indicates the scope of the multicast group. The following table lists the scope values:

Value (Hex)	Scope
1	Node-local
2	Link-local
5	Site-local
8	Organization-local
E	Global

Group ID

Identifies the multicast group within the specified scope.

Table 3-1 lists some well-known multicast addresses.

Table 3-1: Well-Known Multicast Addresses

Multicast Address	Meaning
FF02::1	All nodes (link-local)
FF02::2	All routers (link-local)
FF02::9	All RIPng routers (link-local)

3.3.3 Address Prefixes

Each IPv6 address has a unique pattern of leading bits that indicates its address type. These leading bits are named the format prefix (also referred to as a prefix). Table 3-2 lists some of the IPv6 address types and their prefixes.

Table 3-2: IPv6 Address Types and Prefixes

Address Type	Prefix
Aggregatable Global Unicast	2000::/3
Link-local	FE80::/10
Site-local	FEC0::/10
Multicast	FF00::/8

3.3.4 Address Autoconfiguration

The IPv6 address changes have lead to the following definitions for configuring addresses:

Stateless address autoconfiguration

Dynamic Host Configuration Protocol Version 6 (DHCPv6), which is stateful address autoconfiguration

In the stateless model, nodes learn address prefixes by listening for Router Advertisement packets. Addresses are formed by combining the prefix with a datalink-specific interface identifier, which is typically derived from the datalink address of the interface. This model is favored by administrators who do not need tight control over address configuration. See RFC 2462 for more information.

In DHCPv6, hosts can request addresses, configuration information, and services from dedicated configuration servers. This model is favored by administrators who want to delegate addresses based on a client/server model. The DHCPv6 Internet Drafts are currently undergoing revision. See the Dynamic Host Configuration charter web page at http://www.ietf.org/html.charter/dhc-charters.html for more information.

Note

This version of Tru64 UNIX does not support DHCPv6.

In both cases, the resulting addresses have associated lifetimes, and systems must be able to acquire new addresses and release expired addresses. Combined with the ability to register updated address information with Domain Name System (DNS) servers, these mechanisms provide a path towards network renumbering and provide network administrators with control over the use of network addresses without manual intervention on each host on the network.

3.3.5 Address Resolution

The Domain Name System (DNS) provides support for mapping names to IP addresses and mapping IP addresses back to their corresponding names. Because of the increase in size of the IPv6 address, the DNS has the following new features:

AAAA resource record type
This holds IPv6 addresses, encoded in network byte order. The version of BIND shipped with operating system supports AAAA records. (BIND is the implementation of DNS that ships with Tru64 UNIX.)

AAAA query
A query for a specified domain name in the Internet class returns all associated AAAA resource records in the response.

IP6.INT domain for looking up a name for a specified address (address-to-name mapping)
An IPv6 address is represented in reverse order as a sequence of 4-bit nibbles separated by dots with the suffix .IP6.INT appended. For example, the IPv6 address 4321:0:1:2:3:4:567:89ab has the following inverse lookup domain name:
```
b.a.9.8.7.6.5.0.4.0.0.0.3.0.0.0.2.0.0.0.1.0.0.0.0.0.0.0.1.2.3.4.IP6.INT
 
```

See Network Administration: Services for guidelines on configuring BIND in an IPv6 environment.

3.3.6 Address Assignment

IPv6 addresses are now being deployed by the regional registries. If you connect your system to a network that already runs IPv6, your system will automatically configure the IPv6 addresses it needs.

If you are a network administrator, contact your Internet Service Provider (ISP) for an IPv6 address range for your site. See the IANA web page at http://www.iana.org/ipaddress/ip-addresses.htm for more information about regional registries and address allocations.

Because of the need to test various implementations of the IPv6 RFCs, the IETF has defined a temporary IPv6 address allocation scheme. You can assign the addresses in this scheme to hosts and routers for testing IPv6 on the 6bone. See the 6bone home page at the following location for more information on 6bone address allocation and assignment:

http://www.6bone.net

At the present time, the 6bone test addresses are aggregatable global unicast addresses. Contact your 6bone service provider (for example, gw-6bone@pa.dec.com) for a 6bone address delegation.

The following sections describe the aggregatable global unicast addresses and the aggregatable testing addresses.

3.3.6.1 Aggregatable Global Unicast Address Format

The aggregatable global unicast address format for IPv6 is designed to support current provider-based aggregation and new exchange-based aggregation. Whether a site connects to a provider or to an exchange, the address format enables efficient route aggregation for either type. Aggregatable global unicast addresses have the following form. See RFC 2374 for additional information.

In the preceding address format, the fields have the following definition:

Format Prefix: The Format Prefix. For aggregatable global unicast addresses, the value for this field is 001.
TLA ID: The Top-Level Aggregation Identifier.
Reserved: Reserved for future use. At present, set to all zeros (0).
NLA ID: The Next-Level Aggregation Identifier. These are assigned by the TLA ID administrator to create an addressing hierarchy and to identify end user sites. Each organization assigned a TLA ID is also assigned 24-bits of NLA ID space whose layout and use is the responsibility of the organization.
SLA ID: The Site-Level Aggregation Identifier. These are used by an end user site to create its own local addressing hierarchy and to identify subnets.
Interface ID: The 64-bit interface identifier of the interface that is connected to the link.

3.3.6.2 Aggregatable Testing Address Format

Aggregatable global unicast addresses for IPv6 testing have the following form. See RFC 2471 for more information on the proposed testing address allocation plan.

In the preceding address format, the fields have the following definition:

001: The Format Prefix for aggregatable global unicast addresses.
1111111111110: The 6bone Top-Level Aggregation (TLA) Identifier, 0x1FFE, reserved by the Internet Assigned Numbers Naming Authority (IANA), and used temporarily for IPv6 testing.
Next-Level Aggregation (NLA) Identifier: The ID assigned by the TLA ID administrator to create an addressing hierarchy and to identify end user sites on the 6bone network.
Site-Level Aggregation (SLA) Identifier: The ID assigned by an end user site to create its own local addressing hierarchy and to identify subnets.
Interface ID: The 64-bit interface identifier of the interface that is connected to the link.

For the most recent information about pTLA and pNLA assignments, see the 6bone home page at the following location:

http://www.6bone.net

3.4 IPv6 Environment

This section shows some sample IPv6 configurations. Select a configuration that most closely matches the environment into which you want to configure IPv6 on your system. These configurations are used again in Section 3.5 to describe how to configure selected systems in each configuration. For those configurations that show an IPv6 global address or address prefix, the addresses use the format described in Section 3.3.6.2.

IPv6 is supported LAN and PPP network interfaces. See the Technical Overview for a list of commands and daemons that are supported in an IPv6 environment.

Figure 3-2 shows a simple LAN configuration in which Host A and Host B communicate using IPv6.

Figure 3-2: Simple Host-to-Host Configuration

Figure 3-3 shows a simple LAN configuration in which Host A, Host B, and Router A communicate using IPv6 and in which Host A and Host B obtain global addresses from Router A.

Figure 3-3: Host-to-Host with Router Configuration

Figure 3-4 shows a configuration in which two IPv6 networks are connected through an IPv6 router, Router A.

Figure 3-4: IPv6 Network-to-IPv6 Network with Router Configuration

Figure 3-5 shows a configuration in which four IPv6 networks are connected using three routers. The three routers exchange routing information with each other using the RIPng protocol.

Figure 3-5: Multiple IPv6 Networks and Multiple Routers Configuration

Figure 3-6 shows a configuration in which Host A and Host B, connected to an IPv4 network, communicate using IPv6 through an IPv4 tunnel.

Figure 3-6: Host-to-Host over Tunnel Configuration

Figure 3-7 shows a configuration in which Host X is connected to an IPv4 network and Router A, an IPv6 router, is connected to the same IPv4 network and also is connected to two IPv6 networks. Host X communicates with Host B using IPv6 through an IPv4 tunnel between Host X and Router A.

Figure 3-7: Host-to-Router over Tunnel Configuration

Figure 3-8 shows a configuration in which four IPv6 networks are connected through two routers and an IPv4 network. Host A communicates with Host F through an IPv4 tunnel between router A and router B.

Figure 3-8: IPv6 Network-to-IPv6 Network over Tunnel Configuration

3.5 Planning IPv6

You can configure IPv6 on any node. For cluster members, you can configure IPv6 on each individual cluster member independently.

Note

IPv6 does not support cluster-wide communication. You cannot use an IPv6 address for the cluster alias. See the Cluster Administration manual for information on configuring a cluster.

This section describes those tasks that you need to do before configuring IPv6.

3.5.1 Verifying IPv6 Support in the Kernel

Verify that the IP Version 6 (IPV6) and IP-in-IP Tunneling (IPTUNNEL) support is in the kernel by issuing the following commands:

# sysconfig -q ipv6
# sysconfig -q iptunnel

If neither the ipv6: nor the iptunnel: subsystem attributes are displayed, do the following:

Build a new kernel by using the following command:
```
# doconfig -c SYSTEM_NAME
```
Choose the IPV6 and IPTUNNEL options in addition to any other options that you want.

Save the original kernel, then move the new kernel to the root directory.
```
# mv /vmunix /vmunix.save
# mv /sys/SYSTEM_NAME/vmunix /vmunix
```

Reboot the system. Make sure there are no other users on the system. Use a command similar to the following:
```
# shutdown -r +5 "Adding IPv6 and IPTUNNEL kernel options ..."
```

You are now ready to configure your system to communicate in an IPv6 network environment.

3.5.2 Preparing for the Configuration

After you verify IPv6 support in the kernel, you configure your system to communicate in an IPv6 network environment by running the IPv6 configuration utility, ip6_setup. The ip6_setup utility enables you to configure the following:

IPv6 host

IPv6 router

When you run the ip6_setup configuration utility, it gathers information from the system and prompts you for additional configuration information.

Before you configure the IPv6 network software, you must gather information about your system and network environment. Figure 3-9 shows the IPv6 Configuration Worksheet. The following sections describe the information that you need to record on the worksheet.

If you are viewing this manual on line, you can use the print feature to print a copy of this worksheet.

Figure 3-9: IPv6 Configuration Worksheet

IPv6 router

If you want this system to function as an IPv6 router, check Yes; otherwise, check No. If you check No, the system is configured as an IPv6 host.

An IPv6 router can advertise address prefixes to all hosts on connected links (for example, a LAN and a configured tunnel) and forward packets toward their destinations. Packets can be forwarded directly on the link or over IPv4 tunnels.

DNS/BIND automatic updates (hosts only)

If you want this system to record its addresses in the DNS/BIND database automatically, check Yes; otherwise, check No. If you check Yes, you must configure your system as a DNS/BIND client and your DNS/BIND server must support dynamic updates to the DNS database. See Network Administration: Services for information on configuring your DNS/BIND server.

IPv6 interfaces

Enter the device names of the network interface to the IPv6 network. For example, le0 and fta0. If you are creating a configured tunnel only on your system, enter none.

IPv6 routing over PPP (routers only)

If you want IPv6 routing to run over a PPP interface, check Yes; otherwise, check No. See ppp_manual_setup(7) for information on configuring a PPP interface.

Configured tunnel

If you want IPv6 to run over a configured IPv4 tunnel, check Yes; otherwise, check No. A configured tunnel has one source and one destination in an IPv4 network. Use configured tunnels instead of automatic tunnels. You can define multiple configured tunnels.

Automatic tunnel

If you want to configure IPv6 to run over IPv4 automatic tunnels, check Yes; otherwise, check No.

Manual routes

If you want to configure routes to other systems manually, check Yes; otherwise, check No.

On a router, you might want to configure static routes if one of the following conditions is true:

You want a configured tunnel and you are not advertising an address prefix on the tunnel link.

You want a configured tunnel and the router at the other end of the tunnel is not running the RIPng protocol.

Your system is not running the RIPng protocol.

On a host, you might want to configure static routes if you want a configured tunnel to a router and the router is not advertising itself as a default router on the tunnel link.

Start IPv6

If you want to start IPv6 directly from the configuration utility, ip6_setup, check Yes. If you want to start IPv6 during the next system boot, check No.

3.5.2.1 DNS/BIND

Domain name: The fully qualified domain name for your node. This consists of the host name and the DNS/BIND domain name (for example, host1.subdomain.example).

3.5.2.2 Configured Tunnel

Interface

The name of the configured tunnel interface (for example, ipt0, ipt1). The ip6_setup script supplies this value.

Destination IPv4 address

The remote node's IPv4 address (the remote end of the tunnel).

Source IPv4 address

Your node's IPv4 address (this end of the tunnel).

RIPng

If your system is a router and you want the router to run the RIPng protocol on the tunnel link to exchange IPv6 routing information with a router at the remote end of the tunnel, check Yes; otherwise, check No.

Address prefix

If your system is a router and you want to advertise address prefixes to the node at the remote end of the tunnel, enter a 64-bit prefix; otherwise, write Done.

If your system is an IPv6 host and the router at the remote end of the tunnel is not advertising an address prefix, enter a 64-bit prefix to be configured on the tunnel interface.

3.5.2.3 Router

Interface

The name of the interface (LAN, PPP, or configured tunnel) on which you want to run the RIPng protocol or advertise an address prefix.

RIPng

If you want the router to run the RIPng protocol on the specified interface and to exchange IPv6 routing information with other routers on the link (LAN, PPP, or configured tunnel), check Yes; otherwise, check No.

Address prefix

If you want to advertise address prefixes to all hosts on the link, enter a 64-bit prefix; otherwise, write Done.

If you write Done, the router will not advertise an address prefix. All hosts must obtain their prefix information from another source.

Prefixes in IPv6 define a subnet, and are typically configured on a router for a specific link by the network administrator. The router advertises this prefix to all nodes connected to that link, along with the length of the prefix, whether the prefix is on link (that is, a neighbor), whether the prefix can also be used for stateless address configuration, and the length of time the prefix is valid.

3.5.2.4 Manual Routes

Destination prefix: The address prefix of a remote IPv6 network. The address prefix contains a Classless Inter-Domain Routing (CIDR) style bit length, for example, 5F00::/8. If you want to use the default route, write Default.
Interface: The name of the interface through which you are sending traffic to the remote IPv6 network.
Next hop address: The IPv6 address of the first router in the path to the destination prefix. Write the link local address of the router. If the connection to the router is over an IPv4 tunnel, write the link local IPv6 address of the remote tunnel endpoint.

3.5.3 Configuring Systems in Sample IPv6 Configurations

This section describes each sample configuration presented in Section 3.4 and shows how selected systems are configured in each example. In some cases, this section presents additional options for you to consider in the configuration.

3.5.3.1 Simple Host-to-Host Configuration

In Figure 3-2, Host A and Host B use IPv6 link-local addresses. By default, the ip6_setup configuration utility automatically creates a link-local address for your system. The following is a sample completed worksheet for Host A:

After configuring IPv6 on Host A, you edit the /etc/ipnodes file and insert the link-local address for Host B. The configuration process for Host B in this configuration is similar to Host A's.

With this configuration, no global address prefix is advertised on the LAN. If you want to advertise a global address prefix, you could either configure one of the nodes as a router by using the ip6_setup utility or add an IPv6 router to the LAN configuration. An IPv6 router advertises a global prefix on the link.

You can use the netstat -in command to view a local node's link-local and global addresses.

If you are on Host A and want to connect to Host B using the telnet command, the format of the command is as follows:

# telnet fe80::0a00:2bff:fee2:1e11

Instead of specifying the link-local address, place the address and the node name in the /etc/ipnodes file. Then, use the node name as the argument to the telnet command.

3.5.3.2 Host-to-Host with Router Configuration

In Figure 3-3, Host A and Host B are on a LAN with Router A. In this case, Router A advertises the global address prefix 3ffe:1200:4112:1::/64 on the LAN. Host A and Host B use this address prefix to create global IPv6 addresses. See Section 3.3.6 for more information on obtaining experimental testing addresses. The following is a sample completed worksheet for Router A:

After configuring IPv6 on Router A, you can edit the /etc/ipnodes file and add the global addresses for the other nodes. You would also do this on Host A and Host B. Alternatively, you could establish DNS/BIND in your network using the global addresses.

If you added a DNS/BIND server with dynamic updates enabled on the network, the worksheet for Host A would have the following information:

3.5.3.3 IPv6 Network-to-IPv6 Network with Router Configuration

In Figure 3-4, two IPv6 networks are connected to each other through Router A and its multiple interfaces. The following is a sample completed worksheet for Router A:

3.5.3.4 Multiple IPv6 Networks and Multiple Routers Configuration

In Figure 3-5, four IPv6 networks are interconnected to each other using the three routers. In this configuration, the routers must exchange routing information in order for the routers to learn the routes to other subnets in the network. To accomplish this, each router must run the RIPng protocol. The following is a sample completed worksheet for Router A:

The worksheets for the other routers are similar.

3.5.3.5 Host-to-Host over Tunnel Configuration

In Figure 3-6, two IPv6 systems communicate with each other over a configured tunnel through an IPv4 network, and use IPv6 link-local addresses. The following is a sample completed worksheet for Host A:

After configuring IPv6 on Host A, you edit the /etc/ipnodes file and insert the link-local address for Host B. The configuration process for Host B in this configuration is similar to Host A's.

With this configuration, no global address prefix is advertised on the tunnel. If you want to advertise a global address prefix, you could configure one of the nodes as a router by using ip6_setup. An IPv6 router advertises a global prefix on the link.

You can use the netstat -in command to view a local node's link-local and global addresses.

If you are on Host A and want to connect to Host B using the telnet command, the format of the command is as follows:

# telnet fe80::5.6.7.8

Instead of specifying the link-local address, place the address and the node name in the /etc/ipnodes file. Then, use the node name as the argument to the telnet command.

3.5.3.6 Host-to-Router over Tunnel Configuration

In Figure 3-7, Host X communicates with Host B over a configured tunnel through an IPv4 network; both nodes use IPv6 addresses. The tunnel in this case is a between Host X and Router A. The following is a sample completed worksheet for Host X when Router A is advertising itself as the default router for the tunnel link and advertising a global address prefix on the tunnel link:

If Router A is not advertising a global address prefix on the tunnel link, the value 3ffe:1200:4113:1::/64 would be in the Address prefix field in Configured Tunnel section of the Host X worksheet. If Router A is not advertising itself as the default router for the tunnel link, the following information would also be on the Host X worksheet:

The following is a sample completed worksheet for Router A when Router A is advertising a global address prefix on the tunnel link:

If Router A is not advertising a global prefix on the tunnel link, the following information would be on the Router A worksheet. Note the manual route to Host X. Instead of specifying a destination network prefix, you specify the host route, 3ffe:1200:4113:1::5.6.7.8, to Host X. The next hop is the link-local IPv6 address of Host X's tunnel interface, fe80::5.6.7.8.

3.5.3.7 IPv6 Network-to-IPv6 Network over Tunnel Configuration

In Figure 3-8, Host A communicates with Host F over a configured tunnel through an IPv4 network. The host configuration is similar to that of Host A in Section 3.5.3.1. All nodes automatically use their default router in order to communicate with nodes on other networks. The following is a sample completed worksheet for Router A:

You do not have to run RIPng on the tu0 and tu1 interfaces because there are no routers attached to the interfaces.

The configuration of Router B is similar, except that the source and destination addresses for the configured tunnel are 1.2.3.4 and 5.6.7.8, respectively, and the address prefixes advertised on tu0 and tu1 are 3ffe:1200:4113:1::/64 and 3ffe:1200:4113:2::/64, respectively.

Note

If the routers were not configured to use RIPng over the tunnel interface, each router would then need to specify a manual route to the other.

3.6 Configuring IPv6 on Your System

This section describes how to configure your system as either an IPv6 host or an IPv6 router.

3.6.1 Configuring an IPv6 Host

To configure an IPv6 host, do the following:

Log in as superuser.

Invoke the ip6_setup utility by entering the following command:
```
# /usr/sbin/ip6_setup
```
The utility displays a status message.

Press Enter to indicate that you want to configure the system as an IPv6 host and not as a router.

Indicate whether you want your DNS/BIND client to update IPv6 addresses in the DNS/BIND name database automatically.
If you want to update IPv6 addresses in the DNS/BIND name database automatically, enter y; if you do not, press Enter and go to step 6.

Enter the IPv6 fully qualified domain name.

Enter the names of the IPv6 LAN interfaces to use. Separate multiple names by a space character. If you want to use the default, press Enter. If you are configuring a configured tunnel only, enter none.

Indicate whether you want to create a configured tunnel or additional configured tunnels.
If you want to create a configured tunnel or additional configured tunnels, enter y; otherwise, press Enter and go to step 11.

Enter the tunnel's destination IPv4 address.
If you are finished creating configured tunnels, enter Done. Go to step 11.

Enter the tunnel's source IPv4 address. If you want to use the default, press Enter.

Indicate whether the host is to use an IPv6 address prefix on the tunnel interface.
If you want the host to use an IPv6 address prefix because a router is not advertising a global address prefix, enter the prefix. Enter as many prefixes as you want. When you are finished entering prefixes for the interface, enter Done. Go to step 8.
If you do not want the host to use an IPv6 address prefix on the tunnel interface, enter Done. Go to step 8.

Indicate whether you want to configure an automatic tunnel.
If you want to configure an automatic tunnel, enter y; otherwise, press Enter.

Indicate whether you want to define manual routes to an adjacent router or remote IPv6 network.
If you want to manually define routes, enter y.
If you do not want to manually define routes, enter n. Go to step 16.

Enter the IPv6 address prefix of the remote IPv6 network. When you are finished entering manual routes, enter Done; go to step 16.

Enter the name of the interface through which you will send traffic to the remote IPv6 network.

Enter the link-local IPv6 address of the first router in the path to the destination network. This address together with the IPv6 address prefix constitute the static routing table entry. Go to step 13.

The ip6_setup utility displays the configuration information and asks you to indicate whether you want to update the current startup procedures with the new configuration information.
If you are not satisfied with the configuration, enter n. The utility ends immediately without changing any of the current configuration files.
If you are satisified with the configuration, enter y. The ip6_setup utility updates the /etc/rc.config and /etc/routes files with the IPv6 configuration information.

If IPv6 is not currently running on your system, indicate whether you want to start IPv6 now.
If you want to start IPv6 now, press Enter. The ip6_setup utility starts IPv6.
If you do not want to start IPv6 now, enter n. IPv6 will start during the next system boot.
If IPv6 is currently running, indicate whether you want to restart it now.

The /etc/rc.config file contains configuration information used by the system startup scripts to start IPv6.

3.6.2 Configuring an IPv6 Router

To configure an IPv6 router, do the following:

Log in as superuser.

Invoke the ip6_setup utility by entering the following command:
```
# /usr/sbin/ip6_setup
```
The utility displays a status message.

Enter y to configure the system as an IPv6 router.

Enter the names of the IPv6 LAN interfaces to use. Separate multiple names by a space character. If you want to use the default, press Enter. If you are configuring a configured tunnel only, enter none.

Note

Use the next two steps when configuring IPv6 LAN interfaces, IPv6 over PPP interfaces, and IPv6 over IPv4 configured tunnel interfaces. Follow the directions carefully.

Indicate if the router is to run the RIPng protocol on the designated interface.
If you want to run the RIPng protocol, press Enter; if you do not, enter n.

Indicate if the router is to advertise an IPv6 address prefix on the designated interface.
If you want the router to advertise an IPv6 address prefix, enter the prefix. Enter as many prefixes as you want. When you are finished entering prefixes for the interface, enter Done.
If you do not want the router to advertise an IPv6 address prefix on the designated interface, enter Done.
If you are configuring additional LAN interfaces, go to step 5.
If you are configuring PPP interfaces, go to step 8.
If you are configuring IPv6 over IPv4 configured tunnels, go to step 10.

Indicate if you want to use IPv6 routing over PPP links.
If you want to use IPv6 routing over PPP links, enter y; otherwise, press Enter and go to step 9.

Enter the name of the PPP interface over which to run IPv6 and press Enter. Go to step 5.
If you are finished entering routing information for PPP interfaces, enter Done.

Indicate if you want to create IPv6 over IPv4 configured tunnels.
If you want to create configured tunnels, enter y; otherwise, press Enter and go to step 12.

Enter the tunnel's destination IPv4 address.
If you are finished creating configured tunnels, enter Done. Go to step 12.

Enter the tunnel's source IPv4 address. If you want to use the default, press Enter. Go to step 5.

Indicate if you want to configure an automatic tunnel.
If you want to configure an automatic tunnel, enter y; otherwise, press Enter.

Indicate if you want to define manual routes to an adjacent router or remote IPv6 network.
If you want to manually define routes, enter y.
If you do not want to manually define routes, enter n. Go to step 17.

Enter the IPv6 address prefix of the remote IPv6 network. When you are finished entering manual routes, enter Done. Go to step 17.

Enter the name of the interface through which you will send traffic to the remote IPv6 network.

Enter the IPv6 address of the next node in the path to the destination network. This address together with the IPv6 address prefix constitute the static routing table entry. Go to step 14.

The ip6_setup utility displays the configuration information and asks you to indicate whether you want to update the current startup procedures with the new configuration information.
If you are not satisfied with the configuration, enter n. The utility ends immediately without changing any of the current configuration files.
If you are satisified with the configuration, enter y. The ip6_setup utility updates the /etc/rc.config, /etc/routes, and /etc/ip6rtrd.conf files with the IPv6 configuration information. You can modify these values as necessary.

If IPv6 is not currently running on your system, indicate whether you want to start IPv6 now.
If you want to start IPv6 now, press Enter. The ip6_setup utility starts IPv6.
If you do not want to start IPv6 now, enter n. IPv6 will start during the next system boot.
If IPv6 is currently running, indicate whether you want to restart it now.

The /etc/rc.config, /etc/routes, and /etc/ip6rtrd.conf files contain configuration information used by the system startup procedures to start IPv6. You can edit them to change your configuration.

3.7 Postconfiguration Tasks

After using the ip6_setup utility to initially configure IPv6, you might want to do the following:

Connect to the 6bone network

Initialize a new interface for IPv6

Remove IPv6 from an interface

Create a configured tunnel

Add addresses to or delete addresses from an interface

Add or delete a default router

Manually add a route for an on-link prefix

Configure routing support in the kernel

Edit the run-time configuration file (/etc/rc.config)

Edit the router configuration file (/etc/ip6rtrd.conf)

Tune the ipv6 and iptunnel kernel subsystems

The following sections describe these tasks.

3.7.1 Connecting to the 6bone Network

To connect to the 6bone network, choose a 6bone point that appears to be reasonably adjacent to your normal IPv4 paths into the Internet. The 6bone Web site at http://www.6bone.net contains information on how to join the 6bone network and how to find an attachment point.

If you want to connect to the 6bone network through the Compaq Palo Alto, California site either before or after you configure IPv6 on your host or router, complete the following steps:

Register your IPv4 tunnel by sending the IPv4 address of your router to the following address:
```
gw-6bone@pa.dec.com
 
```

Wait for confirmation that support for your tunnel is configured at Compaq. Compaq will provide an IPv6 global address prefix for you to use at your site and the IPv4 address of the Compaq Palo Alto router.

Configure your tunnel by running the ip6_setup utility. See Section 3.6.1 for host configuration and Section 3.6.2 for router configuration. Alternatively, you could run the iptunnel command (see Section 3.7.4).

Verify that your tunnel is operational by issuing the ping command to one of the following Compaq IPv6 nodes:
```
altavista.ipv6.digital.com
ftp.ipv6.digital.com
www.ipv6.digital.com
```

3.7.2 Initializing a New Interface for IPv6

In some cases, you might want to add a new interface card to your system or change an interface card from one type to another. After the new card is installed, you must initialize it for IPv6 operation. To initialize an interface, use the ifconfig command with the following syntax:

ifconfig device ipv6 up

For LAN interfaces, the ifconfig command creates the link-local address (FE80::) and starts Duplicate Address Detection.

For example, to initialize Ethernet interface ee0 for use with IPv6, enter the following command:

# ifconfig ee0 ipv6 up

To initialize the loopback interface for use with IPv6, enter the following command:

# ifconfig lo0 ipv6 up

To initialize the automatic tunnel interface, enter the following command:

# ifconfig tun0 ipv6 up

This chooses one of the system's IPv4 addresses for use as the tunnel endpoint.

If you are adding the interface card permanently, use the ip6_setup utility.

3.7.2.1 Setting the IPv6 Interface Identifier

You can set the IPv6 interface ID at the same time you initialize an interface by using the ifconfig command with the ip6interfaceid parameter. For example, to initialize Ethernet interface ee0 for use with IPv6 and set its interface ID to the 64-bit value 0x0123456789abcdef, enter the following command:

# ifconfig ee0 ip6interfaceid ::0123:4567:89ab:cdef ipv6 up

Although the interface ID is expressed in standard IPv6 address format, only the low order 64 bits are used.

3.7.3 Removing IPv6 from an Interface

Removing IPv6 from an interface removes the IPv6 configuration associated with the interface, including all IPv6 addresses and IPv6 routes through the interface. To remove IPv6 from an interface, use the ifconfig command with the following syntax:

ifconfig device -ipv6

For example, to remove IPv6 from Ethernet interface ee0, enter the following command:

# ifconfig ee0 -ipv6

3.7.4 Creating a Configured Tunnel

To create a configured (manual) tunnel, use the /usr/sbin/iptunnel command with the following syntax:

iptunnel create remote-tunnel-endpoint [local-tunnel-endpoint]

For example, to create a tunnel to the remote system 16.20.136.47, enter the following command:

# iptunnel create 16.20.136.47

To initialize the tunnel for IPv6 operation, enter the following command:

# ifconfig ipt0 ipv6 up

If you want this change to be permanent, use the ip6_setup utility.

3.7.5 Adding an Address to an Interface

To add or assign an IPv6 prefix to an interface and to direct the kernel to automatically append the interface identifier, use the ifconfig command with the following syntax:

ifconfig interface-name inet6 ip6prefix prefix

The following command assigns the prefix 3ffe:1200:4112:2::/64 to interface ln0 (the interface ID is 0a00:2bff:fe12:3456). As a result of this command, the address on the interface is 3ffe:1200:4112:2:0a00:2bff:fe12:3456.

# ifconfig ln0 inet6 ip6prefix 3ffe:1200:4112:2::/64

The ip6prefix parameter directs the kernel to automatically append the interface identifier to the address prefix.

To add or assign a full IPv6 address to an interface manually, use the ifconfig command with the following syntax:

ifconfig interface-name inet6 address

The following command assigns the address 3ffe:1200:4112:2::1 to interface ee0:

# ifconfig ee0 inet6 3ffe:1200:4112:2::1

Note

For IPv6 hosts, the nd6hostd daemon configures interface prefixes automatically, depending on the contents of router advertisements.
For IPv6 routers, the ip6rtrd daemon configures interface prefixes automatically, depending on the contents of the /etc/ip6rtrd.conf file.

3.7.6 Deleting an Address from an Interface

To delete an IPv6 address from an interface manually, use the ifconfig command with the following syntax:

ifconfig interface-name inet6 delete address

For example:

# ifconfig ee0 inet6 delete 3ffe:1200:4112:2::1

3.7.7 Adding or Deleting a Default Router

To add a default router, use the route utility with the following syntax:

route add -inet6 default router-address -dev interface

For example:

# route add -inet6 default fe80::0a00:2bff:fe12:3456 -dev ee0

To delete a default router, use the route utility with the following syntax:

route delete -inet6 default router-address -dev interface

For example:

# route delete -inet6 default fe80::0a00:2bff:fe12:3456 -dev ee0

Note

For IPv6 hosts, the nd6hostd daemon performs the add and delete router operations automatically, depending on the contents of router advertisements.

3.7.8 Manually Adding a Route for an On-Link Prefix

After you manually add an address and prefix to an interface, you can also add a static route so that traffic to other nodes with the same prefix is sent directly to the destination rather than through a router. For example, if the prefix 3ffe:1200:4112:5::/64 was added to an Ethernet interface, which was initialized with the link-local address fe80::0a00:2bff:fe12:3456, the following command adds a route to neighboring nodes with the same prefix:

# route add -inet6 3ffe:1200:4112:5::/64 fe80::0a00:2bff:fe12:3456 -interface

This command specifies that destinations with prefix 3ffe:1200:4112:5::/64 are reachable through the interface with address fe80::0a00:2bff:fe12:3456. In other words, 3ffe:1200:4112:5::/64 is an on-link prefix.

Note

For IPv6 hosts, the nd6hostd daemon automatically adds on-link prefixes, based on the contents of router advertisements.

3.7.9 Configuring Routing Support in the Kernel

Before configuring a router, you must enable forwarding by setting the ipv6forwarding and ipv6router attributes of the ipv6 kernel subsystem to 1. You set these attributes by entering the following sysconfig commands:

# /sbin/sysconfig -r ipv6 ipv6forwarding=1
# /sbin/sysconfig -r ipv6 ipv6router=1

These commands are typically executed by the system startup scripts on nodes configured as IPv6 routers.

3.7.10 Editing the Run-Time Configuration File

After you configure the system, either as an IPv6 host or an IPv6 router, the /etc/rc.config file contains information used by the system startup procedures to start IPv6. You can modify this file as appropriate for your configuration by using the rcmgr command. The following variables are used by IPv6:

IPV6="yes|no": If set to yes, starts IPv6 during system startup.
IP6DEV_n="dev": Specifies an IPv6 device name. The device name must be in the rc.config file. The n value is an integer number that starts at 0 and increments sequentially for each device.
IP6IFCONFIG_n_m="string": Specifies options and parameters to use on an ifconfig command line during system startup. The n value is an integer number that corresponds to the number in the IP6DEV_n variable. The m value is an integer that starts at 0 and increments sequentially for each ifconfig line needed for each device.
NUM_IP6CONFIG="number": Specifies the number of IPv6 devices configured.
IP6ROUTER="yes|no": If set to yes, configures the node as an IPv6 router. Otherwise, configures the node as a host.
IP6RTRD="yes|no": If set to yes, starts the IPv6 router daemon, ip6rtrd, during IPv6 startup.
IP6RTRD_FLAGS="string": Specifies a string of options and parameters to use in starting the ip6rtrd daemon.
ND6HOSTD="yes|no": If set to yes, starts the IPv6 host daemon, nd6hostd, during IPv6 startup.
ND6HOSTD_FLAGS="string": Specifies a string of options and parameters to use in starting the nd6hostd daemon.
IPTUNNEL_n="string": Specifies a string of options and parameters to use to create a configured tunnel during system startup. This variable is used only when the device specified with the IP6DEV_n variable is a configured tunnel (for example, ipt0).

Example 3-1 shows sample variables for an IPv6 host in the /etc/rc.config file.

Example 3-1: Sample IPv6 Host Configuration Variables

IPV6="yes"
IP6DEV_0="tu0"
IP6IFCONFIG_0_0="ipv6 up"
IP6DEV_1="tun0"
IP6IFCONFIG_1_0="ipv6 up"
NUM_IP6CONFIG=2
IP6ROUTER="no"
IP6RTRD="no"
IP6RTRD_FLAGS=""
ND6HOSTD="yes"
ND6HOSTD_FLAGS=" -u -n host1.corp.com"

Example 3-2 shows sample variables for an IPv6 router in the /etc/rc.config file.

Example 3-2: Sample IPv6 Router Configuration Variables

IPV6="yes"
IP6DEV_0="tu0"
IP6IFCONFIG_0_0="ipv6 up"
IP6DEV_1="tu1"
IP6IFCONFIG_1_0="ipv6 up"
NUM_IP6CONFIG=2
IP6ROUTER="yes"
IP6RTRD="yes"
IP6RTRD_FLAGS="/etc/ip6rtrd.conf"
ND6HOSTD="no"
ND6HOSTD_FLAGS=""

3.7.11 Editing the Router Configuration File

After you configure the system as an IPv6 router, the ip6rtrd daemon sends out periodic router advertisements for the following reasons:

To advertise itself as a potential default router for IPv6 traffic. The IPv6 nodes on the link receive these advertisements as part of their Neighbor Discovery processing.

To advertise an IPv6 address prefix, in which case IPv6 nodes on the link perform address autoconfiguration.

The /etc/ip6rtrd.conf file contains the configuration data needed to send Router Advertisement messages. This file is created when ip6_setup is run, if the system is configured as a router. The link interface and advertised prefix are inserted, and other default values are used. You can modify this file as appropriate for your network, for example, when using multiple prefix values. See ip6rtrd.conf(4) for more information.

Example 3-3 is a sample configuration file.

Example 3-3: Sample ip6rtrd.conf File

#
# Sample ip6rtrd configuration file
#
interface tu0 {
        MaxRtrAdvInterval 600
        MinRtrAdvInterval 200
        AdvManagedFlag 0
        AdvOtherConfigFlag 0
        AdvLinkMTU 1500
        AdvReachableTime 0
        AdvRetransTimer 0
        AdvCurHopLimit 64
        AdvDefaultLifetime 1800
        Prefix dec:1::/64 {
                AdvValidLifetime 1200
                AdvPreferredLifetime 600
                AdvOnLinkFlag 1
                AdvAutonomousFlag 1
        }
}

3.7.12 Tuning the Kernel Subsystems

You can use either the sysconfig utility or dxkerneltuner utility to tune the IPv6 subsystems. See sys_attrs_ipv6(5) and sys_attrs_iptunnel(5) for information on tuning the IPv6 subsystem and IP tunnel subsystem, respectively.

3.8 IPv6 Daemon Log Files

The nd6hostd and ip6rtrd daemons log informational and severe events in the /var/adm/syslog.dated/date/daemon.log file. You can view the contents of this message file by using the Event Viewer that is part of the SysMan Menu utility. See Section 9.8 for more information about the Event Viewer.

By default, the daemons do not log debug information. To enable logging of debug information for the nd6hostd daemon, issue the following commands:

# rcmgr set ND6HOSTD_FLAGS "-d -l /usr/tmp/nd6hostd.log"
# /usr/sbin/rcinet restart inet6

To enable logging of debug information for the ip6rtrd daemon, issue the following commands:

# rcmgr set IP6RTRD_FLAGS "-d -l /usr/tmp/ip6rtrd.log"
# /usr/sbin/rcinet restart inet6