[Bradford] IPv6

Devo Too mike_g at devotoo.org.uk
Wed May 8 19:41:58 UTC 2019 

On 08/05/2019 20:09, David Spencer via Bradford wrote:
> On Tue, 7 May 2019, 18:07 Devo Too via Bradford, 
> <bradford at mailman.lug.org.uk <mailto:bradford at mailman.lug.org.uk>> wrote:
> 
>     Hi Folks,
> 
>     I'm moving slowly into 21st century IT. Am I correct in thinking this
>     'fe80::207:cbff:fe04:3b5' is the IPv6 address of a server, with the /64
>     giving the subnet?
> 
>        inet6 fe80::207:cbff:fe04:3b5/64 scope link
>              valid_lft forever preferred_lft forever
> 
>     It's from the eth0 output of the command 'ip -6 addr show'
> 
>     Thanks,
> 
>     Mike
> 
>     -- 
>     Bradford mailing list
>     Bradford at mailman.lug.org.uk <mailto:Bradford at mailman.lug.org.uk>
>     https://mailman.lug.org.uk/mailman/listinfo/bradford
> 
> 
> Hi Mike,
> 
> It's the *link local* address of the *interface* on the server. Link 
> local addresses are bugger all use, they're mostly used to bootstrap 
> real addresses.
> 
> In more detail -- anything that starts 'fe80' is a 'link local' address, 
> not a proper ipv6 address. It's the ipv6 equivalent of those awful 
> 169.254 ipv4 addresses you get in lonely un-networked printers or 
> windows boxes. In the world of ipv6 every interface that's up will have 
> a unique fe80 address based on the mac address. But to do anything 
> useful you'll need an upstream connection of some sort, which will end 
> up giving the interface one or more additional proper global routeable 
> addresses. Proper global routeable addresses start with 2 :)
> 
> There are multiple ways of getting a proper globally routeable address, 
> the easiest and most common is to have your interface get it from the 
> upstream router.
> 
> This needs
>   (1) the router to have an ipv6 address, and
>   (2) the router to have Router Advertisements enabled, and
>   (3) the interface to be plugged in and to have stateless 
> autoconfiguration (SLAAC) enabled.
> 
> About 1, BT and Sky dish out ipv6 ranges ("prefixes") to customer 
> routers, so long as the router is up to the job. If your ISP doesn't do 
> ipv6 you will have to work round them by setting up a free tunnel, or 
> vpn, or wait for them to get with the programme (Virgin) or give up and 
> dump the tossers (Talktalk).
> 
> About 2, this is almost certainly enabled by default if the router is 
> ipv6 aware.
> 
> About 3, this is enabled on pretty much every Linux distro. SLAAC works 
> a bit like DHCP but better (dhcpv6 is a thing too, but is quite 
> different to dhcp, and is mostly poo and not used). You can see it 
> happening (or not happening) in 'dmesg' when interfaces come up.
> 
> "/64" tells the network stack how much of the address is in the local 
> subnet, and therefore what's on the lan or the wan when you talk to 
> another address. This works just like ipv4 subnetting, but the notation 
> is used more ubiquitously so that you'll never need to see the 
> equivalent of the ipv4 .255.255 netmask bollocks. Commonly your ISP 
> actually gives you a /56 prefix, and so you will theoretically have 256 
> /64 networks of 18,446,744,073,709,551,616 hosts each to play with, but 
> your typical domestic router will just use the first /64 network in the 
> range and ignore the rest. Nobody ever subdivides a /64 network.
> 
> There are other setups (tunnels, ULA addresses) but you don't want to 
> get into all that unless there's some reason why you can't have a bog 
> standard ISP-and-router setup.
> 
> Lots of good writeups out there describe things like link-local 
> addresses and slaac and router advertisements in more detail, but of 
> course you can't look them up until you know the right terminology, so 
> hopefully I've just provided that :) ... Wikipedia is generally ok on 
> these topics.
> 
> Cheers
> -D.

Thanks David. After trying for some time to find answers which made 
sense to me, without implying I didn't find any, just that I couldn't 
make sense of any, I entered that link local address into the name 
servers on Bytemark to point to my new piece of very cheap old iron on 
Oneprovider, who don't offer any kind of DNS service so I'm on my own 
here. Anyway, I was trying to create an account with eff.org so I could 
get LetsEncrypt certs. It worked!

But it seems you're telling me anyone trying to connect to any of the 
sites, once configured, using IPv6 may or may not be able to connect.

They gave me an IPv4 address at handover but I've had to go digging, 
without success, for an IPv6. By the sounds of it, Oneprovider probably 
only dish them out to their "cloud" clients or those who have had the 
old iron since it was new iron so already had it when they started to be 
flogged off very cheaply.

Looks like more reading on screen to be done. Not doing my eyes any good 
at all! First, though, I'll look up the dmesg command to see if it can 
give me anything more explicit than a link local address.

Cheers,

Mike

More information about the Bradford mailing list