IPv6 in FC4 - How
Michael H. Warfield
mhw at wittsend.com
Sat Nov 5 01:34:00 UTC 2005
On Fri, 2005-11-04 at 17:20 -0600, Jay Cliburn wrote:
> I'd like to tinker with IPv6 within my home network, but I'm finding a
> dearth of information relating to configuring IPv6 in FC4. I can't
> even find a ping6 manpage on my FC4 systems. The ping6 command is
> there, but no manpage. I searched the list archive back through June
> 2005, but the few IPv6 threads found there deal mostly with how to
> completely shut it off.
Yeah... FC3 and FC4 and beyond have IPv6 enabled by accident. Even
though the configuration defaults to "no", one of the configuration
utilities (I suspect either "ip" or "ifconfig" or both) references
PF_INET6 and the kernel kmodloads it in for you and away you go. But
it's not properly configured like it should be and that's caused some
people some problems (hence the threads on how to really REALLY turn it
off - which requires rebooting the system, BTW...). They really should
change the default to "yes" so it's at least configured properly and
won't cause some of the problems some people have experienced. You can
even turn it on in WindowsXP without even rebooting Windows! And newer
versions of Windows (Vista) are just going to have it enabled (like FC3
and FC4 except it will be fully configured and not just up by accident).
Someone else mentioned that ping6 and traceroute6 work the same as ping
and traceroute. So go with that... For routes and addresses, look at
the "ip" command. Listing routes is something like "ip -6 route ls".
Most of the stock utilities (sendmail, telnet, ssh, ftp, postgres,
apache, mozilla, firefox, xinetd, fetchmail, evolution, imapd, popd,
etc, etc, etc) already understand IPv6 and may (for the servers at
least) just require some configuration fine tuning. Clients should be
ready to rock and roll on v6 right out of the box. Ping6 and
traceroute6 are the only cases I'm aware of where a stock utility has a
"v6" version that is separate (Not counting specialized transition tools
like netcat6, nc6).
So lets take it baby steps at a time, then...
Be sure to enable IPv6 (NETWORKING_IPV6=yes) in /etc/sysconfig/network
and restart your network so it gets properly configured. If you do an
"ip -6 route ls" you should see LOTS of routes (even if you are not
connected to the global v6 net yet). Most of those routes are there to
stub off invalid 6to4 (2002::/16) routes for private addresses. Others
deal with scopes and things. Don't mess with 6to4 unless you really
understand what it does and how it behaves and what IPv6 is all about.
It SHOULD be an entry level transition mechanism but it requires a
little more cluefulness than what it should for entry level. It's
actually easier to get a static tunnel first, if you are learning about
My first hearty recommendation would be, unless you already have access
to an IPv6 feed and routes on your network already, head up to one of
the major tunnel brokers and check their site out. Freenet6
(www.freenet6.net or www.hexago.net) would be a really good starting
point. Another good one is Hurricane Electric's tunnelbroker,
www.tunnelbroker.net. (If you are in Europe try your ISP first or
SixXS.net for a tunnel.) They've all got sample configurations for
various operating systems including several flavors of Linux such as
Fedora/Redhat. Start out setting up a tunnel for yourself (they're
free, even for multi-subnet networks) and get connected to the global v6
first as a single system. That way you won't have problems with your
applications (like Mozilla/Firefox et al) thinking they have v6
available when they don't. They will default to trying v6 FIRST and
will time out or misbehave when you cross a system with v6 in DNS (more
than you might suspect) you can't reach if you are not connected to the
global v6 address space. If you are behind a NAT device, you'll have to
go with either Freenet6 or SixXS. Neither Hurricane Electric or OCCAID
(another big tunnel broker for the advanced network clueful who know how
to speak BGP) will work well over NAT because they only support 6in4
(SIT) and don't support any UDP based transports (tsp, teredo, ayiya, or
OpenVPN). You can make the later two brokers work over NAT but, those
of us who know how wouldn't be asking for the help you're asking for...
(For the record - I have accounts with all four of those tunnel brokers
and currently use OCCAID. I can vouch for all of them.)
Once you have your tunnel up, you've got an end node on IPv6 and can
expand from there. Try out your connectivity by browsing to
www.SixXS.net (which is in Europe) and www.ipv6style.jp (which is in
Japan - duh). They will both display your IPv6 address when you are
connected. Or hop up to www.kame.net. Kame, the turtle, is static on
IPv4 and is animated (swimming) on IPv6. So you can verify your v6
networking is now up as an end node.
Then start exploring setting up a network and a router and playing with
more systems. That's when you will want to add static addresses on your
router / tunnel anchor system and fire up either quagga (my personal
preference) or radvd to advertise routes to your network. Freenet6 will
actually do this for you "under the hood", using radvd, if you specify a
"router" configuration type in the tsp configuration file. All you have
to do is change that one variable and check the settings for interfaces
in your tsp.conf file and then restart tspd to switch from host mode to
router mode. Then you've got yourself a nice pretty advertising IPv6
router that's plumbed to the global v6 network. All you have to do on
any other systems is just enable IPv6. You DON'T go assigning or adding
any addresses or routes inside your network (other than other routers
between subnets). Everything will autoconfigure to your router. V6
networks are really easy to setup.
While I was speaking at Linux Lunacy V on the Carnival cruise ship
Miracle a couple of weeks ago, I was managing to route the entire cruise
ship to the v6 Internet through my laptop. :-)
The tunnel brokers will also let you specify a DNS server for reverse
lookups and delegate to you, so you can play with IPv6 reverse DNS (Here
there be dragons - this be the one TRUELY UGLY area of IPv6 - perl be
your friend setting up IPv6 reverse DNS zones!).
> Can someone point me to a document or two that discuss how to
> configure, use, and troubleshoot IPv6 under FC4?
FC4 specifically... Probably not. Most of it is very generic and
there's nothing really specific to FC4. Most of the rpm based Linux
distros will be about the same (Debian based configs, OTOH, suck with
their ifup/ifdown system and the way it works). Check out distro
specific information at any of the tunnel brokers I mentioned above.
Their goal is to get you started easy. Past that, check out
www.ip6style.jp and browse through their stacks of howtos and tutorials.
The wealth of information that's out there is pretty cool. There are
also some Linux specific HowTo's. Peter Bieringer's howtos and docs are
pretty darn good though some chapters are a bit dated at this point
(some of the app comments are from a couple of years ago).
Michael H. Warfield | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 307 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20051104/97dfeaac/attachment-0002.bin
More information about the users