15.13 The 128-Bit IP Address: IPv6

     

Our current IP addresses are 32 bits long. This is known as IPv4. At the time, the 32-bit address space was deemed sufficient. With the explosion of the Internet, we are quickly running out of IP addresses. The result is that in the late 1990s, IPv6 was launched (IPv5 never made it out of the lab) to address the problem. IPv6 uses a 128-bit address. It is hoped that the increased number of available addresses (2 32 = 4,294,967,296, while 2 128 = 3.4 x 10 38 ) will be sufficient for the increased number of users and devices requiring an IP address while connecting to the Internet. An immediate problem with introducing a 128-bit address is that lots of networking hardware is hard-wired for 32-bit addresses in registers and relays in switching equipment. The complete rollout of IPv6 may take some years while network infrastructure companies upgrade their hardware to accommodate the bigger addresses, while still offering support for the older IPv4 addresses. As far as HP-UX is concerned , we can add IPv6 support to HP-UX 11i right now. The software has been shipped as part of the Software Pack that is part of the HP-UX 11i media kit as of December 2001, or it can be downloaded via http://software.hp.com (be aware that it's a 21MB download). An important aspect of loading the software bundle is that you will have to download additional software for specific additional IPv6-enabled applications. The vast majority of the traditional ARPA/Berkeley services are included in the IPv6 depot, but not everything. The additional IPv6-enabled applications you may wish to download are WU-FTPD 2.6.1, BIND v9.1.3, DHCPv6, and Sendmail 8.11.1. These are also available as free downloads from http://software.hp.com. IPv6 is still relatively new, so if you are going to investigate it, ensure that you have the most up-to-date patches for all associated applications.

Once the software is installed (it requires a reboot), nodes are said to be dual-stack machines because they support both IPv6 and IPv4 addresses. Initially, no IPv6 interfaces will be configured. In our example network, I have installed the IPv6 software on node hpeos003 . I have maintained my IPv4 configuration with IPv6 addresses being applied to lan0 and lan1 ( dual-stack machines , remember?). My hostname is still configured in /etc/rc.config.d/ netconf . The IPv6 configuration is in the file /etc/rc.config.d/netconf-ipv6 :

 

 root@hpeos003[]  more /etc/rc.config.d/netconf-ipv6  ... IPV6_INTERFACE[0]="lan0" IPV6_INTERFACE_STATE[0]="up" IPV6_LINK_LOCAL_ADDRESS[0]="" IPV6_INTERFACE[1]="lan1" IPV6_INTERFACE_STATE[0]="up" IPV6_LINK_LOCAL_ADDRESS[0]="" 

As you can see, I haven't specified an IPv6 address. IPv6 supports the concept of auto-configuration . In this instance, IPv6 will construct a unique IP address based on my MAC address. First, let's look at an IPv6 IP address. It's 128 bits long and can be represented by a 16-octet integer; it's just like an IPv4 IP address except an IPv6 address is four times as long. This can be a bit cumbersome, so we normally represent an IPv6 address using a colon hexadecimal notation where each hexadecimal integer represents a 16-bit value, as in the following example:

8888:7777:6666:5555:4444:3333:2222:1111

Subnetting is achieved by applying a subnet prefix. The prefix is a decimal integer that signifies how many of the left-most contiguous bits of the IPv6 address are to be used as the subnet address, e.g., a subnet prefix of 48 would be represented as follows :

graphics/15inf01.gif

The first address applied to an interface is known as the primary interface address and is a link-local address (an address used for a single link). Normally, this address is configured using auto-configuration . We can manually configure this address as long as it confirms to the 64-bit EUI-64 interface identifier defined in RFC 2373; basically, this means the first 10 bits start 1111 1110 10 = fe80. In addition to the primary interface address, we can configure a secondary interface addresses . Additional addresses can either be link-local addresses (defined as before) or site-local addresses (IP addresses used for a single site whose first 10 bits are 1111 1111 10 = fec0) or Global addresses (address that uniquely identify a node on the Internet where the first 3 bits of the address are 001). The netconf-ipv6 file has examples of these, but to understand the addressing scheme completely, you should get your hands on RFC 2373 (I obtained it from http://www.ietf.org/rfc/rfc2373.txt). Addresses are usually unicast addresses that identify a single interface (like normal IP addresses), but we can also define multicast and anycast (not yet supported on HP-UX 11i) address types. There are no broadcast addresses in IPv6; the functionality of a broadcast address has been superceded by multicast addressing . I have decided to use auto-configuration to let IPv6 construct a link-local unicast address using its own design rules. For this example, we will use the interface lan0 .

 

 root@hpeos003[]  lanscan  Hardware Station        Crd Hdw   Net-Interface  NM  MAC       HP-DLPI DLPI Path     Address        In# State NamePPA        ID  Type      Support Mjr# 0/0/0/0  0x00306E5C3FF8  0   UP    lan0 snap0     1   ETHER     Yes     119 0/2/0/0/4/0 0x00306E467BF0 1   UP    lan1 snap1     2   ETHER     Yes     119 0/2/0/0/5/0 0x00306E467BF1 2   UP    lan2 snap2     3   ETHER     Yes     119 0/2/0/0/6/0 0x00306E467BF2 3   UP    lan3 snap3     4   ETHER     Yes     119 0/2/0/0/7/0 0x00306E467BF3 4   UP    lan4 snap4     5   ETHER     Yes     119 root@hpeos003[] 

Here's the process it goes through to achieve this:

  1. First, we take the MAC address for a given interface:

    0x0030635c3ff8.

  2. IPv6 will insert a special string known as an EUI-64 identifier into the middle of the MAC address. The string IPv6 inserts is 0xfffe , giving us this:

    00:30:63: ff:fe :5c:3f:f8

    We now have a 64-bit value.

  3. We take this 64-bit value and transform it into a 64-bit EUI-64 interface identifier by flipping what is known as the Universal/local bit = bit 57(see RFC 2373). Bit 57 for us looks like this:

    0000 00 0 : 0011 000 : 0110 0011 : 1111 1111 :1111 1110 : 0101 1100 : 0011 1111 : 1111 1000

    0000 00 1 0 : 0011 000 : 0110 0011 : 1111 1111 :1111 1110 : 0101 1100 : 0011 1111 : 1111 1000

    This gives us the 64-bit EUI-64 interface identifier of:

    02:30:63: ff:fe :5c:3f:f8

  4. We achieve our IPV6 address by finally pre-pending the well-known prefix fe80::/10 to this interface identifier giving us:

    fe80::230:63 ff:fe 5c:3ff8/10

  5. As you can see, the leading 0's are dropped, and if we do not specify particular parts of the address, we will see double colons (::).

Aren't you glad IPv6 auto-configuration does all this for you?! Alternately, I could have assigned a unicast address of: fe80::1/10 manually (other nodes being fe80::2/10 , 3/10 , 4/10 , and so on). We can see our IPv4/IPv6 with all the usual commands like netstat , and so on, although ifconfig does require an additional parameter ( inet6 ) to signify that we are interested in IPv6 addresses:

 

 root@hpeos003[]  netstat -in  IPv4: Name    Mtu  Network         Address         Ipkts   Ierrs Opkts   Oerrs Coll lan1    1500 192.168.0.64    192.168.0.65    142     0     153     0     0 lan0    1500 192.168.0.32    192.168.0.33    29      0     28      0     1 lo0     4136 127.0.0.0       127.0.0.1       3362    0     3362    0     0 IPv6: Name        Mtu Address/Prefix                                 Ipkts    Opkts lan1       1500 fe80::230:6eff:fe46:7bf0/10                      274      281 lan0       1500 fe80::230:6eff:fe5c:3ff8/10                      255      259 lo0        4136 ::1/128    6        6 root@hpeos003[] root@hpeos003[]  ifconfig lan0 inet6  lan0: flags=4800841<UP,RUNNING,MULTICAST,PRIVATE,ONLINK>         inet6 fe80::230:6eff:fe5c:3ff8 prefix 10 root@hpeos003[]  ifconfig lan1 inet6  lan1: flags=4800841<UP,RUNNING,MULTICAST,PRIVATE,ONLINK>         inet6 fe80::230:6eff:fe46:7bf0 prefix 10 root@hpeos003[] 

We can also add entries into our /etc/ hosts file for these new addresses. The addresses are added without the prefix:

 

 root@hpeos003[]  grep hp3 /etc/hosts  fe80::230:6eff:fe46:7bf0        hpeos003        hp3v6 hp3v6_lan1 fe80::230:6eff:fe5c:3ff8        hpeos003        hp3v6 hp3v6_lan0 root@hpeos003[] 

As you can see, I have added appropriate aliases for hp3v6 to test commands such as ping , and so on. Be aware that some commands like ifconfig and ping will need to be told the address family, i.e., inet6 , when you use a specific command:

 

 root@hpeos003[]  ping -f inet6 hp3v6  PING hp3v6: 64 byte packets 64 bytes from fe80::230:6eff:fe46:7bf0: icmp_seq=0. time=0. ms 64 bytes from fe80::230:6eff:fe46:7bf0: icmp_seq=1. time=0. ms 64 bytes from fe80::230:6eff:fe46:7bf0: icmp_seq=2. time=0. ms 64 bytes from fe80::230:6eff:fe46:7bf0: icmp_seq=3. time=0. ms ----hp3v6 PING Statistics---- 4 packets transmitted, 4 packets received, 0% packet loss round-trip (ms)  min/avg/max = 0/0/0 root@hpeos003[] 

There is one more aspect of host lookup: /etc/nsswitch.conf . There is a new entity known as ipnodes used to identify the switch policy. If you haven't created the /etc/nsswitch.conf file, the default switch policy is as follows:

 

 root@hpeos003[]  cat /etc/nsswitch.conf  ipnodes: dns [ NOTFOUND=continue ] files root@hpeos003[] 

IPv6 uses a new protocol to discover link-level address, i.e., a replacement for ARP. The protocol is called Neighbor Discovery Protocol (NDP). Here is a list of what it does:

  • Advertise their link-layer address on the local link.

  • Find neighbors' link-layer addresses on the local link.

  • Find neighboring routers able to forward IPv6 packets.

  • Actively track which neighbors are reachable .

  • Search for alternate routers when a path to a router fails.

NDP has an administrative command called ndp where you can view and manipulate the NDP cache:

 

 root@hpeos003[]  ndp -a  Destination                  Physical Address  Interface State     Flags hpeos003                     0:30:6e:46:7b:f0  lan1      REACHABLE LP hpeos003                     0:30:6e:5c:3f:f8  lan0      REACHABLE LP root@hpeos003[] 

Realistically, you will probably want to go much further with the configuration than this. What you will most likely want to do is to start configuring site-local addresses as secondary interface addresses and configure routing, and so on. The thing to understand here is that a site-local IPv6 address has a particular format (see Table 15-9):

Table 15-9. Format of an IPv6 Site-Local Address

10 bits

38 bits

16 bits

64 bits

1111111011

 

subnet ID

interface identifier


The default prefix is 64 bits, so we can specify an IPv6 site-local address in something of this form:

fec0:0:0:1::1/64

This is what I have started to do on my network. Here are the configuration changes I made to node hpeos003 :

 

 root@hpeos003[]  vi /etc/rc.config.d/netconf-ipv6  .. IPV6_SECONDARY_INTERFACE_NAME[0]="lan0:1" IPV6_ADDRESS[0]="fec0:0:0:1::1" IPV6_PREFIXLEN[0]="" IPV6_SECONDARY_INTERFACE_STATE[0]="up" DHCPV6_ENABLE[0]=0 IPV6_SECONDARY_INTERFACE_NAME[1]="lan1:1" IPV6_ADDRESS[1]="fec0:0:0:2::1" IPV6_PREFIXLEN[1]="" IPV6_SECONDARY_INTERFACE_STATE[1]="up" DHCPV6_ENABLE[1]=0 

Notice that I didn't specify the prefix; I am accepting the default of 64 bits. You can identify the subnet addresses via netstat :

 

 root@hpeos003[]  netstat -in  IPv4: Name    Mtu  Network         Address         Ipkts   Ierrs Opkts   Oerrs Coll lan1    1500 192.168.0.64    192.168.0.65    61494   0     63914   0     1062 lan0    1500 192.168.0.32    192.168.0.33    3385    0     4654    0     1 lo0     4136 127.0.0.0       127.0.0.1       1496    0     1496    0     0 IPv6: Name        Mtu Address/Prefix                                 Ipkts    Opkts lan1:1     1500 fec0:0:0:2::1/64                                  34       44 lan1       1500 fe80::230:6eff:fe46:7bf0/10                      369      292 lan0       1500 fe80::230:6eff:fe5c:3ff8/10                      305      307 lan0:1     1500 fec0:0:0:1::1/64                                  76      105 lo0        4136 ::1/128                                            0        0 root@hpeos003[] root@hpeos003[]  netstat -rn  IPv4 Routing tables: Destination           Gateway            Flags   Refs Interface  Pmtu 127.0.0.1             127.0.0.1          UH        0  lo0        4136 192.168.0.33          192.168.0.33       UH        0  lan0       4136 192.168.0.65          192.168.0.65       UH        0  lan1       4136 192.168.0.32          192.168.0.33       U         2  lan0       1500 192.168.0.64          192.168.0.65       U         2  lan1       1500 127.0.0.0             127.0.0.1          U         0  lo0           0 IPv6 Routing tables: Destination/Prefix         Gateway                  Flags Refs Interface Pmtu ::1/128                    ::1                      UH      0  lo0       4136 fec0:0:0:1::1/128          fec0:0:0:1::1            UH      0  lan0:1    4136 fec0:0:0:2::1/128          fec0:0:0:2::1            UH      0  lan1:1    4136 fe80::230:6eff:fe46:7bf0/128                            fe80::230:6eff:fe46:7bf0 UH      0  lan1      4136 fe80::230:6eff:fe5c:3ff8/128                            fe80::230:6eff:fe5c:3ff8 UH      0  lan0      4136 fec0:0:0:1::/64            fec0:0:0:1::1            U       3  lan0:1    1500 fec0:0:0:2::/64            fec0:0:0:2::1            U       3  lan1:1    1500 fe80::/10                  fe80::230:6eff:fe46:7bf0 U       3  lan1      1500 fe80::/10                  fe80::230:6eff:fe5c:3ff8 U       3  lan0      1500 root@hpeos003[] 

You might want to work out possible updates to make to the other nodes in my network. Static routing table entries are configured in the netconf-ipv6 file as well. Check out the manual page for the route command for the syntax for IPv6, but it's relatively straightforward to understand.



HP-UX CSE(c) Official Study Guide and Desk Reference
HP-UX CSE(c) Official Study Guide and Desk Reference
ISBN: N/A
EAN: N/A
Year: 2006
Pages: 434

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net