IPv6 is the new version of the well known IP protocol, also known as IPv4. IPv6 provides several advantages over IPv4 as well as many new features:
Its 128-bit address space allows for 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses. This addresses the IPv4 address shortage and eventual IPv4 address exhaustion.
Routers only store network aggregation addresses in their routing tables, thus reducing the average space of a routing table to 8192 entries. This addresses the scalability issues associated with IPv4, which required every allocated block of IPv4 addresses to be exchanged between Internet routers, causing their routing tables to become too large to allow efficient routing.
Address autoconfiguration (RFC2462).
Mandatory multicast addresses.
Built-in IPsec (IP security).
Simplified header structure.
Support for mobile IP.
IPv6-to-IPv4 transition mechanisms.
FreeBSD includes the http://www.kame.net/ IPv6 reference implementation and comes with everything needed to use IPv6. This section focuses on getting IPv6 configured and running.
There are three different types of IPv6 addresses:
A packet sent to a unicast address arrives at the interface belonging to the address.
These addresses are syntactically indistinguishable from unicast addresses but they address a group of interfaces. The packet destined for an anycast address will arrive at the nearest router interface. Anycast addresses are only used by routers.
These addresses identify a group of interfaces. A
packet destined for a multicast address will arrive at
all interfaces belonging to the multicast group. The
IPv4 broadcast address, usually
xxx.xxx.xxx.255
, is
expressed by multicast addresses in
IPv6.
When reading an IPv6 address, the
canonical form is represented as
x:x:x:x:x:x:x:x
, where each
x
represents a 16 bit hex value. An
example is
FEBC:A574:382B:23C1:AA49:4592:4EFE:9982
.
Often, an address will have long substrings of all zeros.
A ::
(double colon) can be used to replace
one substring per address. Also, up to three leading
0
s per hex value can be omitted. For
example, fe80::1
corresponds to the
canonical form
fe80:0000:0000:0000:0000:0000:0000:0001
.
A third form is to write the last 32 bits using the well
known IPv4 notation. For example,
2002::10.0.0.1
corresponds to the
hexadecimal canonical representation
2002:0000:0000:0000:0000:0000:0a00:0001
,
which in turn is equivalent to
2002::a00:1
.
To view a FreeBSD system's IPv6 address, use ifconfig(8):
#
ifconfig
rl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 inet 10.0.0.10 netmask 0xffffff00 broadcast 10.0.0.255 inet6 fe80::200:21ff:fe03:8e1%rl0 prefixlen 64 scopeid 0x1 ether 00:00:21:03:08:e1 media: Ethernet autoselect (100baseTX ) status: active
In this example,
fe80::200:21ff:fe03:8e1%rl0
is an
auto-configured link-local address which was automatically
generated from the MAC address.
Some IPv6 addresses are reserved. A summary of these reserved addresses is seen in Table 31.3, “Reserved IPv6 Addresses”:
IPv6 address | Prefixlength (Bits) | Description | Notes |
---|---|---|---|
:: | 128 bits | unspecified | Equivalent to 0.0.0.0 in
IPv4. |
::1 | 128 bits | loopback address | Equivalent to 127.0.0.1 in
IPv4. |
::00:xx:xx:xx:xx | 96 bits | embedded IPv4 | The lower 32 bits are the compatible IPv4 address. |
::ff:xx:xx:xx:xx | 96 bits | IPv4 mapped IPv6 address | The lower 32 bits are the IPv4 address for hosts which do not support IPv6. |
fe80::/10 | 10 bits | link-local | Equivalent to 169.254.0.0/16 in IPv4. |
fc00::/7 | 7 bits | unique-local | Unique local addresses are intended for local communication and are only routable within a set of cooperating sites. |
ff00:: | 8 bits | multicast | |
2000::-3fff:: | 3 bits | global unicast | All global unicast addresses are assigned from
this pool. The first 3 bits are
001 . |
For further information on the structure of IPv6 addresses, refer to RFC3513.
To configure a FreeBSD system as an IPv6
client, add these two lines to
rc.conf
:
ifconfig_em0
_ipv6="inet6 accept_rtadv"
rtsold_enable="YES"
The first line enables the specified interface to receive router solicitation messages. The second line enables the router solicitation daemon, rtsol(8).
For FreeBSD 8.x
, add a third
line:
ipv6_enable="YES"
If the interface needs a statically assigned IPv6 address, add an entry to specify the static address and associated prefix length:
ifconfig_fxp0
_ipv6="inet62001:db8:4672:6565:2026:5043:2d42:5344
prefixlen64
"
On a FreeBSD 8.x
system, that
line uses this format instead:
ipv6_ifconfig_fxp0
="2001:db8:4672:6565:2026:5043:2d42:5344
"
To assign a default router, specify its address:
ipv6_defaultrouter="2001:db8:4672:6565::1
"
In order to connect to other IPv6 networks, one must have a provider or a tunnel that supports IPv6:
Contact an Internet Service Provider to see if they offer IPv6.
SixXS offers tunnels with end-points all around the globe.
Hurricane Electric offers tunnels with end-points all around the globe.
Install the net/freenet6 package or port for a dial-up connection.
This section demonstrates how to take the directions from
a tunnel provider and convert them into
/etc/rc.conf
settings that will persist
through reboots.
The first /etc/rc.conf
entry creates
the generic tunneling interface
:gif0
gif_interfaces="gif0
"
Next, configure that interface with the
IPv4 addresses of the local and remote
endpoints. Replace MY_IPv4_ADDR
and REMOTE_IPv4_ADDR
with the
actual IPv4 addresses:
gifconfig_gif0="MY_IPv4_ADDR REMOTE_IPv4_ADDR
"
To apply the IPv6 address that has been
assigned for use as the IPv6 tunnel
endpoint, add this line, replacing
MY_ASSIGNED_IPv6_TUNNEL_ENDPOINT_ADDR
with the assigned address:
ifconfig_gif0_ipv6="inet6 MY_ASSIGNED_IPv6_TUNNEL_ENDPOINT_ADDR
"
For FreeBSD 8.x
, that line
should instead use this format:
ipv6_ifconfig_gif0="MY_ASSIGNED_IPv6_TUNNEL_ENDPOINT_ADDR
"
Then, set the default route for the other side of the
IPv6 tunnel. Replace
MY_IPv6_REMOTE_TUNNEL_ENDPOINT_ADDR
with the default gateway address assigned by the
provider:
ipv6_defaultrouter="MY_IPv6_REMOTE_TUNNEL_ENDPOINT_ADDR
"
If the FreeBSD system will route IPv6 packets between the rest of the network and the world, enable the gateway using this line:
ipv6_gateway_enable="YES"
This section demonstrates how to setup rtadvd(8) to advertise the IPv6 default route.
To enable rtadvd(8), add the following to
/etc/rc.conf
:
rtadvd_enable="YES"
It is important to specify the interface on which to
do IPv6 router solicitation. For example,
to tell rtadvd(8) to use
fxp0
:
rtadvd_interfaces="fxp0"
Next, create the configuration file,
/etc/rtadvd.conf
as seen in this
example:
fxp0:\ :addrs#1:addr="2001:471:1f11:246::":prefixlen#64:tc=ether:
Replace fxp0
with the interface
to be used and 2001:471:1f11:246::
with the prefix of the allocation.
For a dedicated /64
subnet, nothing else needs
to be changed. Otherwise, change the
prefixlen#
to the correct value.
When IPv6 is enabled on a server, there may be a need to enable IPv4 mapped IPv6 address communication. This compatibility option allows for IPv4 addresses to be represented as IPv6 addresses. Permitting IPv6 applications to communicate with IPv4 and vice versa may be a security issue.
This option may not be required in most cases and is
available only for compatibility. This option will allow
IPv6-only applications to work with
IPv4 in a dual stack environment. This
is most useful for third party applications which may not
support an IPv6-only environment. To
enable this feature,
add the following to /etc/rc.conf
:
ipv6_ipv4mapping="YES"
Reviewing the information in RFC 3493, section 3.6 and 3.7 as well as RFC 4038 section 4.2 may be useful to some adminstrators.
All FreeBSD documents are available for download at http://ftp.FreeBSD.org/pub/FreeBSD/doc/
Questions that are not answered by the
documentation may be
sent to <[email protected]>.
Send questions about this document to <[email protected]>.