IPv6, also known as IPng “IP next generation”, is the new version of the well known IP protocol, also known as IPv4. FreeBSD includes the KAME IPv6 reference implementation. FreeBSD comes with everything needed to use IPv6. This section focuses on getting IPv6 configured and running.
In the early 1990s, people became aware of the rapidly diminishing address space of IPv4. Given the expansion rate of the Internet, there were two major concerns:
Running out of addresses. Today this is not so much of
a concern, since RFC1918 private address space (10.0.0.0/8
, 172.16.0.0/12
, and 192.168.0.0/16
) and
NAT are being employed.
Router table entries were getting too large. This is still a concern today.
IPv6 deals with these and many other issues by providing the following:
128 bit address space which allows for 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses. This means there are approximately 6.67 * 10^27 IPv6 addresses per square meter on the planet.
Routers only store network aggregation addresses in their routing tables, thus reducing the average space of a routing table to 8192 entries.
There are other useful features of IPv6:
Address autoconfiguration (RFC2462).
Anycast addresses (“one-out-of many”).
Mandatory multicast addresses.
IPsec (IP security).
Simplified header structure.
Mobile IP.
IPv6-to-IPv4 transition mechanisms.
For more information see:
There are different types of IPv6 addresses: unicast, anycast, and multicast.
Unicast addresses are the well known addresses. A packet sent to a unicast address arrives at the interface belonging to the address.
Anycast addresses are syntactically indistinguishable from unicast addresses but they address a group of interfaces. The packet destined for an anycast address will arrive at the nearest (in router metric) interface. Anycast addresses may only be used by routers.
Multicast addresses identify a group of interfaces. A packet destined for a multicast address will arrive at all interfaces belonging to the multicast group.
The IPv4 broadcast address, usually
xxx.xxx.xxx.255
, is expressed
by multicast addresses in IPv6.
IPv6 address | Prefixlength (Bits) | Description | Notes |
---|---|---|---|
:: | 128 bits | unspecified | Equivalent to 0.0.0.0 in
IPv4. |
::1 | 128 bits | loopback address | Equivalent to 127.0.0.1 in
IPv4. |
::00:xx:xx:xx:xx | 96 bits | embedded IPv4 | The lower 32 bits are the compatible IPv4 address. |
::ff:xx:xx:xx:xx | 96 bits | IPv4 mapped IPv6 address | The lower 32 bits are the IPv4 address for hosts which do not support IPv6. |
fe80:: - feb:: | 10 bits | link-local | Equivalent to the loopback address in IPv4. |
fec0:: - fef:: | 10 bits | site-local | |
ff:: | 8 bits | multicast | |
001 (base
2) | 3 bits | global unicast | All global unicast addresses are assigned from this pool. The first 3 bits are “001”. |
The canonical form is represented as:
x:x:x:x:x:x:x:x
, with each
“x” being a 16 bit hex value. For example:
FEBC:A574:382B:23C1:AA49:4592:4EFE:9982
.
Often an address will have long substrings of all zeros.
One such substring per address can be abbreviated by
“::”. Also, up to three leading
“0”s per hex quad can be omitted. For example,
fe80::1
corresponds to the
canonical form fe80:0000:0000:0000:0000:0000:0000:0001
.
A third form is to write the last 32 bit part in the
well known (decimal) IPv4 style with dots
(“.”) as separators. For example, 2002::10.0.0.1
corresponds to the
hexadecimal canonical representation 2002:0000:0000:0000:0000:0000:0a00:0001
,
which in turn is equivalent to 2002::a00:1
.
Here is a sample entry from ifconfig(8):
#
ifconfig
fe80::200:21ff:fe03:8e1%rl0
is an
auto configured link-local address. It is generated from
the MAC address as part of the auto
configuration.
For further information on the structure of IPv6 addresses, see RFC3513.
Currently, there are four ways to connect to other IPv6 hosts and networks:
There used to be two types of DNS records for IPv6. The IETF has declared AAAA records as the current standard.
Using AAAA records is straightforward. Assign the hostname to the IPv6 address in the primary zone DNS file:
Current versions of named(8) and dns/djbdns
support
AAAA records.
These settings configure a machine on a
LAN which acts as a client, not a
router. To instruct rtsol(8) to autoconfigure the
interface on boot on
FreeBSD 9.x
and later, add
this line to rc.conf
:
For FreeBSD 8.x
,
add:
To statically assign the IPv6
address, 2001:471:1f11:251:290:27ff:fee0:2093
,
to fxp0
, add the following for
FreeBSD 9.x
:
64
"Be sure to change prefixlen
64
to the appropriate value for the
subnet.
For FreeBSD 8x
,
add:
To assign a default router of 2001:471:1f11:251::1
, add the
following to /etc/rc.conf
:
This section demonstrates how to take the directions
from a tunnel provider and convert it into settings that
will persist through reboots. To restore the tunnel on
startup, add the following lines to
/etc/rc.conf
.
The first entry lists the generic tunneling interfaces
to be configured. This example configures one interface,
gif0
:
To configure that interface with a local endpoint of
MY_IPv4_ADDR
to a remote endpoint
of REMOTE_IPv4_ADDR
:
MY_IPv4_ADDR REMOTE_IPv4_ADDR
"To apply the IPv6 address that has
been assigned for use as the IPv6 tunnel
endpoint, add the following line for
FreeBSD 9.x
and later:
MY_ASSIGNED_IPv6_TUNNEL_ENDPOINT_ADDR
"For FreeBSD 8.x
,
add:
MY_ASSIGNED_IPv6_TUNNEL_ENDPOINT_ADDR
"Then, set the default route for IPv6. This is the other side of the IPv6 tunnel:
MY_IPv6_REMOTE_TUNNEL_ENDPOINT_ADDR
"This section demonstrates how to setup rtadvd(8) to advertise the IPv6 default route.
To enable rtadvd(8), add the following to
/etc/rc.conf
:
It is important to specify the interface on which to
do IPv6 router solicitation. For example,
to tell rtadvd(8) to use
fxp0
:
Next, create the configuration file,
/etc/rtadvd.conf
as seen in this
example:
Replace fxp0
with the interface
to be used and 2001:471:1f11:246::
with the
prefix of the allocation.
For a dedicated /64
subnet, nothing else needs to be changed. Otherwise, change
the prefixlen#
to the correct value.
When IPv6 is enabled on a server, there may be a need to enable IPv4 mapped IPv6 address communication. This compatibility option allows for IPv4 addresses to be represented as IPv6 addresses. Permitting IPv6 applications to communicate with IPv4 and vice versa may be a security issue.
This option may not be required in most cases and is
available only for compatibility. This option will allow
IPv6-only applications to work with
IPv4 in a dual stack environment. This
is most useful for third party applications which may not
support an IPv6-only environment. To
enable this feature,
add the following to /etc/rc.conf
:
Reviewing the information in RFC 3493, section 3.6 and 3.7 as well as RFC 4038 section 4.2 may be useful to some adminstrators.
This, and other documents, can be downloaded from http://ftp.FreeBSD.org/pub/FreeBSD/doc/
For questions about FreeBSD, read the
documentation before
contacting <questions@FreeBSD.org>.
For questions about this documentation, e-mail <doc@FreeBSD.org>.