Difference between revisions of "IPv6"

From AAISP Support Site
Jump to: navigation, search
[quality revision][quality revision]
m (Explain firewall and routing issues of new IPv6 address blocks)
m (LNSes send RA every ~1 hour)
Line 23: Line 23:
 
Customers are allocated a /48 block of addresses - this is usually per customer, and so a customer with multiple circuits or sites will have a /64 allocated from the larger /48 block. A /48 contains 65536 /64's and a /64 subnet is 18 million trillion addresses.  
 
Customers are allocated a /48 block of addresses - this is usually per customer, and so a customer with multiple circuits or sites will have a /64 allocated from the larger /48 block. A /48 contains 65536 /64's and a /64 subnet is 18 million trillion addresses.  
  
(Here, CPE refers to the router belonging to the customer which is being used at their end of the broadband line.)
+
(Here, Customer Premises Equipment (CPE) refers to the router belonging to the customer which is being used at their end of the broadband line, and L2TP Network Server (LNS) refers to our equipment at our end of the broadband link.)
  
When the CPE logs in and negotiates PPP, we use IPV6CP  to negotiate an interface identifier - this happens at the same time as IPCP happens to negotiate V4 connectivity. Once this has been negotiated,the CPE should perform an ICMPv6 router solicitation - our LNSes will then reply with a Router Advertisement in order to negotiate the [http://en.wikipedia.org/wiki/Link-local_address Link Local] address in the form of FE80::, and will be based on the MAC address of the interface.
+
When the CPE logs in and negotiates PPP, we use IPV6CP  to negotiate an interface identifier - this happens at the same time as IPCP happens to negotiate V4 connectivity. Once this has been negotiated, the CPE should perform an ICMPv6 Router Solicitation - our LNSes will then reply with a ICMPv6 Router Advertisement in order to negotiate the [http://en.wikipedia.org/wiki/Link-local_address Link Local] address in the form of FE80::, and will be based on the MAC address of the interface.
At this stage, there should be basic IPv6 connectivity to link-local, and if static routes and manually assigned addresses in place you should have a working connection.
+
At this stage, there should be basic IPv6 connectivity to link-local, and if static routes and manually assigned addresses in place you should have a working connection.  Our LNSes continue to send ICMPv6 Router Advertisements approximately once an hour (every 4096 seconds).
  
 
Optionally, if routes and addresses have not been configured statically, DHCPv6 can be used for automatic negotiation of the IPv6 WAN and LAN prefixes - using DHCPv6 is usually the default for our routers (i.e. the ZyXEL) that we supply.
 
Optionally, if routes and addresses have not been configured statically, DHCPv6 can be used for automatic negotiation of the IPv6 WAN and LAN prefixes - using DHCPv6 is usually the default for our routers (i.e. the ZyXEL) that we supply.

Revision as of 22:13, 18 September 2019

IPv6 Enabled Servers

Most of the AAISP servers and services are IPv6 enabled as are the desktop computers in the AAISP Offices.

IPv6 Only

Here is our page about running an IPv6 only network: IPv6 Only

IPv6 Routers

We have a wiki page about IPv6 Routers IPv6 Routers

IPv6 for Customer Connections

Pages with IPv6 information on our main website:

See the IPv6 Configuration page for more details on hardware and configuration.

IPv6 on AAISP Broadband

This is how we route and assign IPv6 on DSL connections.

Customers are allocated a /48 block of addresses - this is usually per customer, and so a customer with multiple circuits or sites will have a /64 allocated from the larger /48 block. A /48 contains 65536 /64's and a /64 subnet is 18 million trillion addresses.

(Here, Customer Premises Equipment (CPE) refers to the router belonging to the customer which is being used at their end of the broadband line, and L2TP Network Server (LNS) refers to our equipment at our end of the broadband link.)

When the CPE logs in and negotiates PPP, we use IPV6CP to negotiate an interface identifier - this happens at the same time as IPCP happens to negotiate V4 connectivity. Once this has been negotiated, the CPE should perform an ICMPv6 Router Solicitation - our LNSes will then reply with a ICMPv6 Router Advertisement in order to negotiate the Link Local address in the form of FE80::, and will be based on the MAC address of the interface. At this stage, there should be basic IPv6 connectivity to link-local, and if static routes and manually assigned addresses in place you should have a working connection. Our LNSes continue to send ICMPv6 Router Advertisements approximately once an hour (every 4096 seconds).

Optionally, if routes and addresses have not been configured statically, DHCPv6 can be used for automatic negotiation of the IPv6 WAN and LAN prefixes - using DHCPv6 is usually the default for our routers (i.e. the ZyXEL) that we supply. When DHCPv6 is enabled, the CPE sends a DHCPv6 Solicitation to the IPv6 broadcast address, containing a list of options that it requires. Once we receive the DHCPv6 Solicitation, the LNS you are connected to will send a reply containing responses to the options requested. The CPE can then take the options and apply them as appropriate.

In the DHCPv6 Solicitation, you would usually request DHCPv6 IA (Option 3, Identity Association for Non-temporary Address) to assign your IPv6 'WAN' address. This address is a single IPv6 address in the form of:

2001:8b0:1111:1111:0:ffff:[your IPv4 WAN in HEX]

We also respond to DHCPv6 Prefix Delegation (Option 25, Identity Association for Prefix Delegation, responded to by Option 26, IA Prefix) from the CPE and we'll tell the CPE one of the /64 Blocks. -this may be requested multiple times by the CPE. A Client Identifier (Option 1) is also present in the DHCPv6 transaction, optionally DNS recursive name server (Option 23) can be requested.

At this point we will be routing any IPv6 blocks to your /128 WAN address. Usually a line will have at least one /64 block routed.

Customers can add additional /64 blocks on the Control Pages that will be routed.

If you want the whole /48 routed, untick the routing on all of the /64s you have, they disappear, and then tick the line routing on the /48 you have. Alternatively Support staff can help.

Your router will have to reconnect to AAISP before the new block is routed to your /128 WAN address. You will have to allow the new block through any firewall you have, and then route the new block appropriately on your local network.

How many IPs?
Subnet Addresses
/64 18,446,744,073,709,551,616 about 18 million trillion
/48 65,536 lots of /64's
1,208,925,819,614,629,174,706,176 total!
about 1.2 septillion*

*Actually: 1 septillion, 208 sextillion, 925 quintillion, 819 quadrillion, 614 trillion, 629 billion, 174 million, 706 thousand, 1 hundred and 76