Managing IPV6 Networking in Centos/RHEL8

IPv6 overview

IPV6 is in use as a replacement of ipv4 network. The major problem with IPV4 addresses is exhaustion of addresses. It resolves this problem by using much larger network address space.

It also provides a number of enhancements and new features for network configuration management and support for future protocol changes.

Not in wide deployment

The key reason it is not yet in wide deployment is that the core protocol does not have a simple way for systems that only have IPv6 addresses to communicate with systems that only have IPv4 addresses.

Basically, the plan at present is to provide all hosts with both IPv4 and IPv6 addresses, so that Internet resources only using one of the protocols can be reached from the host. This is called a dual-stack configuration.

How to Interpret IPv6 addresses

IPv6 addresses

This address is a 128-bit number, normally expressed as eight colon-separated groups of four hexadecimal nibbles (half-bytes). Each nibble represents four bits of the the address, so each group represents 16 bits of the IPv6 address.

2001 : 0db8 : 0000 : 0010 : 0000 : 0000 : 0000 : 0001

To write IPV6 address in easier way, you don’t need to write leading zeros in a colon-separated group. However, one nibble must be write in each field. No need to write zeros that follow nonzero nibble in the group.

2001 : db8 : 0 : 10 : 0 : 0 : 0 : 1

The addresses with long strings of zeros are common, one or more groups of consecutive zeros may be combined with exactly one : : block.

2001 : db8 : 0 : 10 : : 1

NOTE:

You need to notice under these rules, 2001 : db8 : : 0010 : 0 : 0 : 0 : 1 would be another less convenient way to write the example address. But this is a valid representation of the same address, and it can confuse you as new to ip version 6.

Tips for writing consistently readable addresses:

1.  Leading zeros in a g roup must always be suppressed.

2.  Use : :  to shorten as much as possible. If two runs of zeros are equal in length, shorten the leftmost run of zeros by preference.

3.  Although it is allowed, do not use : : to shorten one group of zeros. Use : 0 : instead, and save : : for runs of zeros longer than a single group.

4. Always use lowercase letters for hexadecimal numbers a through f.

 IMPORTANT:

To include a TCP or UDP network port after an IPv6 address, always enclose the address in square brackets so that the port does not look like it is part of the address.

[2001 : db8 : 0 : 10 : : 1] : 80

Subnets

A normal address is divided into two parts: the network prefix and interface ID.

In the same subnet, two network interfaces can not have same interface id. The interface ID identifies a particular interface on the subnet.

IPv6 has a standard subnet mask it uses almost all normal addresses, /64. In this case half address is the network prefix and half of it is the interface ID.  This means that a single subnet can hold as many hosts as necessary.

Typically, the network provider will allocate a shorter prefix to an organization, such as a /48. This leaves the rest of the network part for assigning subnets from that allocated prefix. For a /48 allocation, that leaves 16 bits for subnets (up to 65536 subnets).

subnet in IPv6

Address allocation

Common 1 Pv6 Addresses and Networks:

IPv6 address or networkPurposeDescription
: : 1/128localhostThe IPv6 equivalent to 127 . 0. 0 . 1/8, set on the loopback interface.
::The unspecified addressThe IPv6 equivalent to 0.0.0.0. For a network service, this could indicate that it is listening on all configured IP addresses.
::/0The default route (the ipv6 internet)The IPv6 equivalent to 0.0.0.0/0. The default route in the routing table matches this network; the router for this network is where all traffic is sent for which there is not a better route.
2000::/3Global unicast address“Normal” IPv6 addresses are currently being allocated from this space by IANA. This is equivalent to all the networks ranging from 2000 : : /16 through 3fff : : /16.
fd00 : : /8Unique local addresses (RFC 4193)IPv6 has no direct equivalent of RFC 1918 private address space, although this is close. A site can use these to self-allocate a private routable IP address space inside the organization, but these networks can not be used on the global Internet. The site must randomly select a /48 from this space, but it can subnet the allocation into /64 networks normally.
fe80::/64Link-local addressesEvery IPv6 interface automatically configures a link-local address that only works on the local link on this network. This will be discussed in more detail later.
ff00::/8MulticastThe IPv6 equivalent to 224 . 0. 0. 0/ 4.
Multicast is used to transmit to multiple hosts
at the same time, and is particularly important
in IPv6 because it has no broadcast addresses.
Link-local addresses

It is an unroutable address which is use to talk to hosts on a specific network link only. Every network interface in system configure automatically link-local address on the fe80 : : network.

To make this unique, The usual procedure to convert the 48-bit MAC address to a 64-bit interface ID is to set bit 7 of the MAC address and insert ff : fe between its two middle bytes.

Network prefix: fe80 : : /64

MAC address: 00 : 11 : 22 : aa : bb : cc

Link-local address: fe80 : : 211 : 22ff : feaa : bbcc/64

Example: To ping this link-local address by using ens160 network interface the correct command would be:

$ ping6 fe80 : : 211 : 22ff : feaa : bbcc%ens160

Multicast

Multicast plays a larger role in IPv6 as there is no broadcast address. One key multicast address in IPv6 is ff02 : : 1.

Link-scope multicast addresses (starting ff02 : : /8) need to be specified with a scope identifier, just like a link-local address.

[root@localhost -]$ pings ff02 : : 1%ens160

IPv6 address configuration

IPv6 supports manual configuration, and two methods of dynamic configuration, one of which DHCPv6.

Static addressing

There were two networks that could not be use. the lowest address in the subnet and the highest. Below interface IDs are reserved and can not be used for a normal network address on a host.

The all-zeros id entifier 0000 : 0000 : 0000 : 0000 ("sub net router anycast") used by all routers on the link. ( For the 2001 : db8 : : /64 network, this would be the address 2001 : db8 : : .)

The identifiers fdff : ffff : ffff : ff80 through fdff : ffff : ffff : ffff.

DHCPv6 configuration

Essentially, a host sends a DHCPv6 request from its link-local address to port 547/UDP on ff02 : : 1: 2, the all-dhcp-servers link-local multicast group. The DHCPv6 server then usually sends a reply with appropriate information to port 546/UDP on the client’s link-local address.

SLAAC configuration

IPv6 also supports a second dynamic configuration method, called stateless Address Autoconfiguration (SLAAC). Using SLAAC, the host brings up its interface with a link-local fe80 : : /64 address normally. It then sends a ” router solicitation” to ff02 : : 2, the all-routers link-local multicast group.

IPv6 Networking Configuration

IPv6 with NetworkManager

There are some different settings then ipv4, that are relevant for connections, but most commands will be similar for IPv6 configuration.

Command to add address

Here we use ip – 2001:db8:0:1::c000:207/64

Gateway – 2001:db8:0:1::1

# nmcli con add con-name eno2 type ethernet ifname eno2 \
I > ip6 2001:db8:0:1::c000:207/64 gw6 2001:db8:0:1::1

Command to show the configuration

# nmcli con show connection-name where connection-name is the name of the connection, can be used to view IPv6-related settings:

# nmcli con show eno2 | grep ipv6

Command to modify configuration

# nmcli con mod eno2 ipv6.address " 2001:db8:0:1::a00:1/64 2001:db8:0:1::1"

Important:

If a connection that got its IPv6 information by SLAAC or a DHCPv6 server is being
changed to get it from static configuration files only, the setting ipv6 . method should
also be changed from auto or dhcp to manual. Otherwise, the connection may hang or not complete successfully when it is activated, or it may get an IPv6 address from SLAAC or DHCPv6 in addition to the static address.

To Add DNS server to the list of nameservers:

# nmcli con mod eno2 +ipv6.dns 2001:4860:4860::8888

Command to displays the routing table

# ip -6 route show

IPv6 Troubleshooting

Connectivity

The ping6 command is used for ping in CentOS/RHEL8.

# ping6 <ipv6 address>

If you face the error connect: Invalid argument then use the ping6 command with proper network interface. let’s suppose we need to ping ff02::1 on eth1.

# ping6 ff02::1%eth1

Routing

The tracepath6 and traceroute -6 both are the equivalent to tracepath and traceroute.

# tracepath6 2001:db8:0:2: :451

Ports and services

Either the ss or netstat command can display info about network sockets.

# ss -A inet -n

Thanks for reading this article hope it will help you a lot. Since IPv6 not in wide use yet. We will come back with much more findings as per use.

Comments and suggestions below.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest articles

x