LPI E - IPV6
Learning IPv6 isn't just a nice-to-have skill anymore – it's essential for anyone working in the networking industry. By understanding IPv6, you'll be better equipped to handle the challenges of the modern internet and ensure that your network is secure and future-proof. So, take your time, study hard, and get ready to become an IPv6 expert.
To help you test your knowledge, we'll also provide a practice exam at the end of the post. This will give you the chance to apply what you've learned and see how well you've understood the concepts. So, let's get started on your journey to becoming an IPv6 pro!
To help you test your knowledge, we'll also provide a practice exam at the end of the post. This will give you the chance to apply what you've learned and see how well you've understood the concepts. So, let's get started on your journey to becoming an IPv6 pro!
IPv6 Types
An IPv6 address is 128 bits long and consists of a network prefix and interface identifier. There are different types of IPv6 addresses, including unicast, multicast, and anycast addresses, and different addressing schemes that can be used. The prefix length and scope of an IPv6 address are also important parameters to consider.
- Types of IPv6 addresses:
There are different types of IPv6 addresses - Unicast addresses: These are unique addresses used for one-to-one communication between two devices. Unicast addresses can be further divided into global unicast addresses, unique local addresses, and link-local addresses.
- Multicast addresses: These are used for one-to-many communication between devices. A multicast address can be used to send a message to a group of devices on the same network.
- Anycast addresses: These are used for one-to-nearest communication between devices. An anycast address identifies a group of devices that provide the same service, and the message is sent to the nearest device in the group.
- IPv6 addressing schemes: There are different addressing schemes that can be used with IPv6
- Stateless Address Autoconfiguration (SLAAC)
- Dynamic Host Configuration Protocol version 6 (DHCPv6)
- Manual configuration.
The Identifier
An IPv6 address is a unique 128-bit identifier that is used to locate and communicate with devices on the internet. The identifier is made up of a network prefix and interface identifier, and it provides a way for devices to be identified and distinguished from one another.
- The identifier is made up of two main parts - the network prefix and the interface identifier.
- The network prefix identifies the network to which the device is connected.
- The interface identifier identifies the specific device on that network.
Examples:
- 2001:0db8:85a3:0000:0000:8a2e:0370:7334
- Network prefix: 2001:0db8:85a3:0000:0000:0000:0000:0000/64
- Interface identifier: 8a2e:0370:7334
- 2001:0db8:1234:5678:90ab:cdef:0123:4567
- Network prefix: 2001:0db8:1234:5678:0000:0000:0000:0000/64
- Interface identifier: 90ab:cdef:0123:4567
- fe80::1
- Network prefix: fe80::/64
- Interface identifier: 1
2001:0db8:85a3:0000:0000:8a2e:0370:7334
- This address is an example of a public IPv6 address, as it starts with the prefix "2000::/3", which is reserved for public use by the Internet Assigned Numbers Authority (IANA).
- In this address, the first 64 bits (2001:0db8:85a3:0000:0000:0000:0000:0000) represent the network prefix, which identifies the network to which the device is connected.
- The last 64 bits (8a2e:0370:7334) represent the interface identifier, which identifies the specific device on that network.
- This address is an example of a link-local IPv6 address, which is used for communication within a single network segment.
- In this address, the first 64 bits (fe80::/64) represent the link-local prefix, which identifies the local network segment to which the device is connected.
- The last 64 bits (21c:25ff:fe0d:a31d) represent the interface identifier, which identifies the specific device on that network segment.
- This address is an example of a subnetted IPv6 address, where the network prefix has been subdivided into smaller network segments.
- In this address, the first 64 bits (2001:0db8:85a3:0:0:0:0:0) represent the network prefix, which has been divided into smaller subnets using the "slash" notation (e.g., /64).
- The last 64 bits can be used for the interface identifier, which identifies the specific device on that subnet.
In IPv6, subnetting refers to the process of dividing a larger network into smaller subnetworks, each with its own unique network prefix. This allows for more efficient use of IP addresses and can improve network performance by reducing the size of broadcast domains.
The example subnetted IPv6 address provided, 2001:0db8:85a3:0:0:0:0:0/64, has been subdivided into smaller network segments by using the "slash" notation /64. The first 64 bits of this address, 2001:0db8:85a3:0:0:0:0:0, represent the network prefix. The network prefix is the portion of the address that identifies the network to which the device is connected.
The remaining 64 bits of this address can be used for the interface identifier, which identifies the specific device on that subnet. In this case, the interface identifier is set to all zeros, indicating that it is not used to identify a specific device.
The example subnetted IPv6 address provided, 2001:0db8:85a3:0:0:0:0:0/64, has been subdivided into smaller network segments by using the "slash" notation /64. The first 64 bits of this address, 2001:0db8:85a3:0:0:0:0:0, represent the network prefix. The network prefix is the portion of the address that identifies the network to which the device is connected.
The remaining 64 bits of this address can be used for the interface identifier, which identifies the specific device on that subnet. In this case, the interface identifier is set to all zeros, indicating that it is not used to identify a specific device.
Types of IPv6 addresses:
Unicast Type Scenario
Suppose a system administrator is setting up a new network that requires communication between two specific devices. The administrator needs to assign unique IPv6 addresses to both devices to enable one-to-one communication.
To create a unique unicast IPv6 address for each device, use the following steps:
To create a unique unicast IPv6 address for each device, use the following steps:
1. Determine the prefix that will be used for the network. This prefix should be chosen based on the specific requirements of the network and may be provided by the Internet Service Provider (ISP) or chosen by the administrator.
If the ISP provides a prefix, it can be viewed using the ip -6 addr command in the Linux terminal. For example:
$ ip -6 addr
This command will display the current IPv6 addresses assigned to the network interfaces on the system, including the prefix assigned by the ISP.
$ ip -6 addr
This command will display the current IPv6 addresses assigned to the network interfaces on the system, including the prefix assigned by the ISP.
If the prefix is chosen by the administrator, it should be based on the specific requirements of the network. The prefix should be chosen such that it does not overlap with any existing IPv6 prefixes in use on the internet.
Once the prefix is determined, it can be set using the ip -6 addr add command. For example, to add the prefix 2001:db8:abcd::/48 to the eth0 interface, the following command can be used:
$ ip -6 addr add 2001:db8:abcd::/48 dev eth0
This command will add the specified IPv6 prefix to the eth0 interface, allowing devices on the network to use addresses within that prefix.
$ ip -6 addr add 2001:db8:abcd::/48 dev eth0
This command will add the specified IPv6 prefix to the eth0 interface, allowing devices on the network to use addresses within that prefix.
2. Use the MAC address of the device as a basis for creating the interface identifier. To do this, use the ifconfig command on Linux to view the MAC address of the device's network interface card (NIC).
To create a unicast IPv6 address using the MAC address of the device as the interface identifier, use the ip command on Linux. The syntax is as follows:
$ ip -6 address add <IPv6-address>/<prefix-length> dev <interface-name>
For example, if the interface identifier generated from the MAC address of the eth0 interface is "fe80::a00:27ff:fe8f:1234", the command to configure the IPv6 address for the eth0 interface could be:
$ ip -6 address add fe80::a00:27ff:fe8f:1234/64 dev eth0
In this command, the "ip" command is used to add an IPv6 address to the "eth0" network interface. The "fe80::" prefix indicates that it is a link-local address, which means it is only valid on the local network segment and is not globally routable. The "a00:27ff:fe8f:1234" portion is the interface identifier, which has been manually configured to the MAC address of the network interface card (NIC) on the device. Finally, "/64" indicates the prefix length of the subnet, which in this case is a standard length for IPv6 subnets.
Note: To create the interface identifier, the MAC address of the device should be modified to follow the format specified by IPv6. This usually involves flipping the seventh bit of the first octet and inserting the string ff:fe in the middle. The modified MAC address is then used as the interface identifier.
$ ip -6 address add fe80::a00:27ff:fe8f:1234/64 dev eth0
In this command, the "ip" command is used to add an IPv6 address to the "eth0" network interface. The "fe80::" prefix indicates that it is a link-local address, which means it is only valid on the local network segment and is not globally routable. The "a00:27ff:fe8f:1234" portion is the interface identifier, which has been manually configured to the MAC address of the network interface card (NIC) on the device. Finally, "/64" indicates the prefix length of the subnet, which in this case is a standard length for IPv6 subnets.
Note: To create the interface identifier, the MAC address of the device should be modified to follow the format specified by IPv6. This usually involves flipping the seventh bit of the first octet and inserting the string ff:fe in the middle. The modified MAC address is then used as the interface identifier.
3. Concatenate the prefix and the interface identifier to create the full IPv6 address for the device.
$ ip -6 address add <prefix>::<interface-identifier>/64 dev eth0
- ip: This is the command to configure networking in Linux.
- -6: This option specifies that we are configuring IPv6 settings.
- address add: This specifies that we are adding an IP address to an interface.
- <prefix>: This is the prefix assigned to the network. This can be obtained from the network administrator or ISP.
- ::: This is the double colon notation used to represent groups of consecutive zeroes in the address. It can be used to make the address more readable.
- <interface-identifier>: This is the interface identifier obtained from the MAC address of the device's NIC.
- /64: This specifies the length of the prefix, which is usually 64 for IPv6.
- dev eth0: This specifies the interface (in this case, eth0) to which the IP address should be added.
By concatenating the prefix and interface identifier, we create the full IPv6 address for the device. The ip -6 address add command is then used to add this address to the device's eth0 interface.
4. Assign the newly created IPv6 address to the device's network interface using the ip command on Linux.
To assign the newly created IPv6 address to the device's network interface on Linux, you can use the ip command. Here's an example of how to assign an IPv6 address to the eth0 network interface:
First, verify the current IPv6 addresses assigned to the eth0 interface using the ip -6 address show dev eth0 command:
$ ip -6 address show dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fe80::a00:27ff:fe8f:1234/64 scope link
valid_lft forever preferred_lft forever
This will show you the current IPv6 addresses assigned to the eth0 interface, which may include a link-local address and/or other addresses that have been previously assigned.
To assign the newly created IPv6 address to the eth0 interface, use the ip -6 address add <ipv6-address>/<prefix-length> dev eth0 command. For example:
$ sudo ip -6 address add 2001:db8:abcd:1234::1/64 dev eth0
This will assign the IPv6 address 2001:db8:abcd:1234::1/64 to the eth0 interface.
Finally, verify that the new IPv6 address has been assigned to the eth0 interface using the ip -6 address show dev eth0 command:
$ ip -6 address show dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fe80::a00:27ff:fe8f:1234/64 scope link
valid_lft forever preferred_lft forever
inet6 2001:db8:abcd:1234::1/64 scope global
valid_lft forever preferred_lft forever
This will show you that the new IPv6 address 2001:db8:abcd:1234::1/64 has been successfully assigned to the eth0 interface.
Types of IPv6 addresses:
Multicase Type Scenarios
A company has a video streaming service that needs to send video streams to all devices on the same network. The system administrator needs to configure a multicast address for the video streams.
/* ================= * /
To configure a multicast address, the administrator can use the "ip" command on Linux. Here's an example of how to add a multicast address to the eth0 interface:$ ip -6 address add ff02::1/64 dev eth0
Explanation:
The "ip" command with the "-6" option is used to manage IPv6 addresses. The "address add" option is used to add an IPv6 address to an interface. In this example, "ff02::1" is a link-local multicast address that is used to send messages to all nodes on the same link. "dev eth0" specifies the interface to which the multicast address is assigned.
/* ================= * /
To verify that the multicast address has been assigned to the interface, the administrator can use the "ip" command with the "address show" option:$ ip -6 address show dev eth0
Explanation:
The "address show" option is used to display the IPv6 addresses assigned to the specified interface. In this example, "dev eth0" specifies the interface to be displayed. The output will show the multicast address that was added in the previous example.
/* ================= * /
To send a multicast message, the administrator can use the "ping6" command on Linux. Here's an example of how to send a multicast ping message:$ ping6 ff02::1%eth0
Explanation:
The "ping6" command is used to send an ICMPv6 echo request to a destination host or multicast group. In this example, "ff02::1" is the multicast address to which the ping message is sent. "%eth0" specifies the interface to be used for sending the message. The output will show whether the message was received by any devices on the network that are listening to the multicast address.
Types of IPv6 addresses:
Anycast Type Scenarios
A system administrator is managing a cluster of web servers that are geographically dispersed. They want to ensure that incoming traffic is automatically routed to the closest web server to provide the best performance for users. The administrator decides to use anycast addresses for the web servers.
Instructions:
Instructions:
- Assign a unique anycast address to each web server in the cluster.
- Configure the routers to advertise the anycast address for the web server cluster.
- When a user requests a web page, the router will automatically route the traffic to the nearest web server in the cluster.
# Assign anycast addresses to web servers
$ ip -6 address add 2001:db8::1/64 anycast dev eth0
$ ip -6 address add 2001:db8::2/64 anycast dev eth0
$ ip -6 address add 2001:db8::3/64 anycast dev eth0
$ ip -6 address add 2001:db8::1/64 anycast dev eth0
$ ip -6 address add 2001:db8::2/64 anycast dev eth0
$ ip -6 address add 2001:db8::3/64 anycast dev eth0
- The ip command is used to configure and show network interfaces in Linux.
- The -6 option specifies that we are working with IPv6 addresses.
- The address parameter tells ip that we want to add a new IP address to a specific network interface.
- The IPv6 address is specified as 2001:db8::1/64. The /64 at the end specifies the prefix length of the subnet. In this case, it's a /64 subnet, which is the most common prefix length for IPv6 subnets.
- The anycast keyword specifies that the address is an anycast address.
- dev eth0 specifies the network interface where the address should be added.
# Advertise anycast addresses through routers
$ ip -6 route add 2001:db8::/64 dev eth0 proto kernel metric 256
$ ip -6 route add 2001:db8::/64 dev eth0 proto kernel metric 256
- <IPv6 prefix>/<prefix length>: This is the anycast address prefix that will be advertised. In the given snippet, it is 2001:db8::/64.
- dev <interface>: This specifies the network interface through which the anycast address should be advertised. In the given snippet, it is eth0.
- proto kernel: This specifies the protocol used for the routing table entry. In this case, it is kernel.
- metric <metric>: This sets the metric or priority for the route. In the given snippet, it is 256.
- The command is adding a route to the kernel routing table to advertise the anycast addresses within the 2001:db8::/64 prefix via the eth0 interface with a priority of 256.
Explanation:
By assigning a unique anycast address to each web server in the cluster and advertising it through the routers, the system administrator can provide load balancing for the web servers. When a user requests a web page, the router will route the traffic to the nearest web server in the cluster, reducing latency and improving performance.
By assigning a unique anycast address to each web server in the cluster and advertising it through the routers, the system administrator can provide load balancing for the web servers. When a user requests a web page, the router will route the traffic to the nearest web server in the cluster, reducing latency and improving performance.
/* ================= * /
Distributed Denial of Service (DDoS) protection
A network administrator wants to protect their network from DDoS attacks by distributing traffic across multiple network devices. They decide to use anycast addresses to achieve this.
A network administrator wants to protect their network from DDoS attacks by distributing traffic across multiple network devices. They decide to use anycast addresses to achieve this.
Instructions:
- Assign a unique anycast address to each network device.
- Configure the routers to advertise the anycast addresses for the network devices.
- When a DDoS attack occurs, the anycast addresses will distribute the traffic across multiple network devices, preventing any single device from being overwhelmed.
# Assign anycast addresses to network devices
$ ip -6 address add 2001:db8::1/64 anycast dev eth0
$ ip -6 address add 2001:db8::2/64 anycast dev eth1
$ ip -6 address add 2001:db8::3/64 anycast dev eth2
$ ip -6 address add 2001:db8::1/64 anycast dev eth0
$ ip -6 address add 2001:db8::2/64 anycast dev eth1
$ ip -6 address add 2001:db8::3/64 anycast dev eth2
- ip: the command used to manipulate networking on Linux systems.
- -6: specifies that we're working with IPv6.
- address: specifies that we want to add an address.
- add: adds an address to the interface.
- 2001:db8::1/64: specifies the anycast address that will be assigned to the device. The /64 denotes the network prefix length, which is commonly used for local area networks.
- anycast: specifies that this address is an anycast address.
- dev eth0: specifies the network interface to which the address will be assigned.
$ ip -6 route add 2001:db8::/64 dev eth0 proto kernel metric 256
$ ip -6 route add 2001:db8::/64 dev eth1 proto kernel metric 256
$ ip -6 route add 2001:db8::/64 dev eth2 proto kernel metric 256
Advertise anycast addresses through routers:
- route: specifies that we want to add a new route.
- add: adds a new route to the routing table.
- 2001:db8::/64: specifies the network prefix that the anycast addresses belong to.
- dev eth0: specifies the network interface that the anycast addresses are assigned to.
- proto kernel: specifies the routing protocol to use. In this case, we're using the kernel routing protocol.
- metric 256: specifies the metric for the route. The metric is used by the routing algorithm to determine the best path for packets to take. A higher metric value indicates a less-preferred route.
Explanation:
By assigning a unique anycast address to each network device and advertising it through the routers, the network administrator can distribute traffic across multiple devices, preventing any single device from being overwhelmed during a DDoS attack. This can help protect the network from downtime and disruption.
By assigning a unique anycast address to each network device and advertising it through the routers, the network administrator can distribute traffic across multiple devices, preventing any single device from being overwhelmed during a DDoS attack. This can help protect the network from downtime and disruption.
IPv6 addressing schemes:
SLAAC
Stateless Address Autoconfiguration (SLAAC) is a type of IPv6 address configuration method that allows devices to generate their own unique IPv6 addresses without relying on a central server.
SLAAC is also more resilient to network failures, as devices can generate new addresses if needed without needing to contact a central server. Overall, SLAAC simplifies the process of assigning unique IPv6 addresses to network devices and allows for more efficient and flexible network management.
Scenario:
A company has just deployed a new subnet on their network and they need to configure IPv6 addresses for the devices on the subnet. The system administrator wants to use Stateless Address Autoconfiguration (SLAAC) to assign IPv6 addresses to the devices automatically. They want to make sure that the devices on the subnet are able to communicate with each other and with devices on other subnets.
Solution:
/* ================= * /
Verify that SLAAC is enabled on the network router:
Verify that SLAAC is enabled on the network router:
If the output is "net.ipv6.conf.all.autoconf = 1", then SLAAC is enabled. If not, enable it by setting the value to 1:
$ sysctl -w net.ipv6.conf.all.autoconf=1
Assign the IPv6 prefix to the network interface on the router:
$ ip -6 address add <ipv6-prefix>::/64 dev <interface>
- The "<ipv6-prefix>" should be replaced with the IPv6 prefix assigned by the ISP or network administrator.
- The "<interface>" should be replaced with the name of the network interface where the prefix will be assigned.
$ ip -6 address add 2001:db8:1234::/64 dev eth0
/* ================= * /
$ cat /proc/sys/net/ipv6/conf/eth0/autoconf
Verify that SLAAC is enabled on the network interface of the router:
$ cat /proc/sys/net/ipv6/conf/<interface>/autoconf
Example:$ cat /proc/sys/net/ipv6/conf/eth0/autoconf
The output should be "1" if SLAAC is enabled on the interface.
/* ================= * /
Ensure that the devices on the subnet have IPv6 enabled:
$ sysctl net.ipv6.conf.all.disable_ipv6If the output is "net.ipv6.conf.all.disable_ipv6 = 0", then IPv6 is enabled. If not, enable it by setting the value to 0:
$ sysctl -w net.ipv6.conf.all.disable_ipv6=0
Restart the network service on the devices to ensure they acquire new IPv6 addresses via SLAAC:
$ systemctl restart NetworkManager
After following these steps, the devices on the subnet should be automatically assigned unique IPv6 addresses via SLAAC and be able to communicate with each other and with devices on other subnets.
In this scenario, SLAAC is a good choice because the devices on the network are all configured with the same network prefix and are assigned unique interface identifiers based on their MAC addresses. This makes it easy to configure and manage the devices on the network without the need for additional DHCPv6 servers or manual configuration.
IPv6 addressing schemes:
DHCPv6
DHCPv6 is an essential tool for modern network administration, particularly in larger or more complex networks, where manual configuration of IP addresses can be time-consuming and error-prone.
To set up DHCPv6 on a Linux server, you would need to install the DHCPv6 server software and configure it to listen on the appropriate network interfaces. Here is an example of how to install and configure the ISC DHCPv6 server on a Ubuntu Linux server:
Scenario:
You need to configure DHCPv6 on your Linux server to automatically assign IPv6 addresses to devices on your network.
To set up DHCPv6 on a Linux server, you would need to install the DHCPv6 server software and configure it to listen on the appropriate network interfaces. Here is an example of how to install and configure the ISC DHCPv6 server on a Ubuntu Linux server:
# Install the DHCPv6 server software
$ sudo apt-get install isc-dhcp-server
# Configure the DHCPv6 server to listen on eth0
$ sudo nano /etc/dhcp/dhcpd6.conf
$ sudo apt-get install isc-dhcp-server
# Configure the DHCPv6 server to listen on eth0
$ sudo nano /etc/dhcp/dhcpd6.conf
# Add the following lines to the dhcpd6.conf file:
subnet6 2001:db8::/64 {
range6 2001:db8::1000 2001:db8::2000;
option dhcp6.name-servers 2001:4860:4860::8888;
option dhcp6.domain-search "example.com";
option dhcp6.client-class "linux";
}
interface eth0 {
server-duid "00:01:00:01:26:3d:8d:2d:67:6e:2d:01:08:08";
send dhcp6.server-id = lladdr 00:01:00:01:26:3d:8d:2d:67:6e:2d:01:08:08;
send dhcp6.name-servers 2001:db8::1;
}
subnet6 2001:db8::/64 {
range6 2001:db8::1000 2001:db8::2000;
option dhcp6.name-servers 2001:4860:4860::8888;
option dhcp6.domain-search "example.com";
option dhcp6.client-class "linux";
}
interface eth0 {
server-duid "00:01:00:01:26:3d:8d:2d:67:6e:2d:01:08:08";
send dhcp6.server-id = lladdr 00:01:00:01:26:3d:8d:2d:67:6e:2d:01:08:08;
send dhcp6.name-servers 2001:db8::1;
}
In this example, the DHCPv6 server is configured to assign IPv6 addresses from the 2001:db8::/64 subnet to clients on the network. The DHCPv6 server also provides additional configuration information, such as DNS servers and domain search information. Finally, the DHCPv6 server is configured to listen on the eth0 network interface and uses a unique server identifier (server-duid) to identify itself to clients.
/* ================= * /
Scenario:
You need to troubleshoot DHCPv6 connectivity issues on your Linux server.
To troubleshoot DHCPv6 connectivity issues on a Linux server, you can use the tcpdump command to capture network traffic and diagnose any issues. Here is an example of how to use tcpdump to capture DHCPv6 traffic on the eth0 network interface:
To troubleshoot DHCPv6 connectivity issues on a Linux server, you can use the tcpdump command to capture network traffic and diagnose any issues. Here is an example of how to use tcpdump to capture DHCPv6 traffic on the eth0 network interface:
# Capture DHCPv6 traffic on eth0
$ sudo tcpdump -i eth0 -v -s 1500 -c 1 'ip6 proto 17 and udp port 546'
$ sudo tcpdump -i eth0 -v -s 1500 -c 1 'ip6 proto 17 and udp port 546'
In this example, the tcpdump command is used to capture a single packet of DHCPv6 traffic on the eth0 network interface. The -v option enables verbose output, while the -s 1500 option sets the packet capture size to 1500 bytes. Finally, the -c 1 option sets the capture count to 1, so that only a single packet is captured. The filter 'ip6 proto 17 and udp port 546' ensures that only DHCPv6 traffic is captured.
/* ================= * /
Scenario:
Configuring DHCPv6 Relay Agent
A system administrator needs to configure a DHCPv6 relay agent to forward DHCPv6 requests from clients to the DHCPv6 server located on a different network. The following snippet can be used to configure the DHCPv6 relay agent:
A system administrator needs to configure a DHCPv6 relay agent to forward DHCPv6 requests from clients to the DHCPv6 server located on a different network. The following snippet can be used to configure the DHCPv6 relay agent:
# Install the DHCPv6 relay agent
$ apt-get install dhcpv6-relay
# Configure the DHCPv6 relay agent
$ dhcpv6-relay -6 -u eth0 -s 2001:db8::1 -S eth1
$ apt-get install dhcpv6-relay
# Configure the DHCPv6 relay agent
$ dhcpv6-relay -6 -u eth0 -s 2001:db8::1 -S eth1
Explanation:
- apt-get install dhcpv6-relay: This installs the DHCPv6 relay agent on the system.
- dhcpv6-relay -6: This enables the DHCPv6 relay agent to listen on IPv6 addresses.
- -u eth0: This specifies the interface where the DHCPv6 requests will be received from the clients.
- -s 2001:db8::1: This specifies the IPv6 address of the DHCPv6 server.
- -S eth1: This specifies the interface where the DHCPv6 relay agent will forward the DHCPv6 requests to the DHCPv6 server.
Scenario:
Assigning Static DHCPv6 Addresses
A system administrator needs to assign static IPv6 addresses to some clients on the network using DHCPv6. The following snippet can be used to configure the DHCPv6 server to assign static IPv6 addresses:
A system administrator needs to assign static IPv6 addresses to some clients on the network using DHCPv6. The following snippet can be used to configure the DHCPv6 server to assign static IPv6 addresses:
# Install the DHCPv6 server
$ apt-get install isc-dhcp-server
# Configure the DHCPv6 server
$ vi /etc/dhcp/dhcpd6.conf
subnet6 2001:db8::/64 {
range6 2001:db8::1000 2001:db8::2000;
option dhcp6.name-servers 2001:db8::1;
option dhcp6.domain-search "example.com";
host client1 {
host-identifier option dhcp6.client-id 00:01:00:01:1b:02:7e:01:23:45:67:89:ab:cd;
fixed-address6 2001:db8::1001;
}
}
Explanation:
- apt-get install isc-dhcp-server: This installs the ISC DHCPv6 server on the system.
- vi /etc/dhcp/dhcpd6.conf: This opens the configuration file for the DHCPv6 server.
- subnet6 2001:db8::/64: This defines the subnet for the DHCPv6 server.
- range6 2001:db8::1000 2001:db8::2000: This specifies the range of IPv6 addresses that will be assigned dynamically.
- option dhcp6.name-servers 2001:db8::1: This specifies the IPv6 address of the DNS server.
- option dhcp6.domain-search "example.com": This specifies the domain search list for the clients.
- host client1: This specifies the client for which a static IPv6 address is to be assigned.
- host-identifier option dhcp6.client-id 00:01:00:01:1b:02:7e:01:23:45:67:89:ab:cd: This specifies the unique client identifier for the client.
- fixed-address6 2001:db8::1001: This specifies the static IPv6 address to be assigned to the client.
IPv6 addressing schemes:
Manual Configuation
Sometimes, a network administrator may need to manually configure IPv6 addresses for servers. This is usually done when the network topology or infrastructure requires it, or when DHCPv6 is not available or desired. Here is an example of how a Linux system administrator can manually configure IPv6 addresses:
Determine the IPv6 addresses and subnet prefix that will be used. For example, suppose the subnet prefix is 2001:db8:1::/64, and the server addresses will be 2001:db8:1::1 and 2001:db8:1::2.
Add the IPv6 addresses to the network interfaces using the ip command. For example:
$ sudo ip -6 addr add 2001:db8:1::1/64 dev eth0
$ sudo ip -6 addr add 2001:db8:1::2/64 dev eth0
This command adds the IPv6 addresses 2001:db8:1::1 and 2001:db8:1::2 to the eth0 interface.
$ sudo ip -6 addr add 2001:db8:1::1/64 dev eth0
$ sudo ip -6 addr add 2001:db8:1::2/64 dev eth0
This command adds the IPv6 addresses 2001:db8:1::1 and 2001:db8:1::2 to the eth0 interface.
Verify the configuration using the ip command.
For example:
This command displays the IPv6 addresses assigned to the eth0 interface.
$ ip -6 addr show eth0
This command displays the IPv6 addresses assigned to the eth0 interface.
Configure the default gateway using the ip command. For example:
$ sudo ip -6 route add default via 2001:db8:1::ff dev eth0
This command adds a default route via the IPv6 address 2001:db8:1::ff on the eth0 interface.
Verify the default route using the ip command. For example:
$ ip -6 route show
$ ip -6 route show
This command displays the IPv6 routes configured on the system, including the default route.
By following these steps, a Linux system administrator can manually configure IPv6 addresses for servers.
By following these steps, a Linux system administrator can manually configure IPv6 addresses for servers.