|
Welcome to Catalin(ux) M. BOIE's page! Here you can find some work of mine on Linux kernel & other stuff. E-mail: catab # embedromix dot ro Phone: +40-745-048374 |
 |
|
My Fedora repository: rpm -Uhv http://kernel.embedromix.ro/dinorepo-0.0.12-1.noarch.rpm My Oracle/RedHat/CentOS repository: rpm -Uhv http://kernel.embedromix.ro/dinorepo-el-0.0.13-1.noarch.rpm Supported architectures: x86_64, i386, armv7hl, aarch64. |
| For commercial support and customizations, contact us at: Embedromix |
[Home] [Networking] [Crypto] [Linux kernel patches] [Userspace] [Docs] [CV/Resume] [Links]
| Name | Description | Links |
| Presentations | Presentations made by me | present.html |
| IFB | A mini howto on how to shape on incoming packets and distribute packets on multiple interfaces, sharing bandwidth. | ifb.html |
| RAID mini HOWTO | A mini howto describing linear, 0, 1, 5 and 6, using mdadm. | RAID.html |
| git mini HOWTO | A mini howto describing how to use git. | git.html |
| LVM mini HOWTO | A mini howto describing how to use LVM. | LVM.html |
| IPv6 mini howtos | Some mini howtos to easy IPv6 implementation. | ipv6.html |
| Random stuff | Some usefull one-liners. | random.html |
| Name | Description | Links |
| IPv6 6to4 | A mini howto describing 6to4 tunneling. | ipv6-6to4.html |
| IPv6 ULIUA | A mini howto describing "Unique Local IPv6 Unicast Addresses". | ipv6-uliua.html |
Content: Unique Local IPv6 Unicast Addresses howto.
Author: Catalin(ux) M BOIE
URL: http://kernel.embedromix.ro/docs/
Version: 0.1
Unique Local IPv6 Unicast Addresses (RFC4193)
This tutorial explain the usage of a special class of IPv6, similar with 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16 classes (RFC1918). Do not forget that fec0::/10 (RFC3879) classes are deprecated because of ambiguous meaning of word "site".
The new allocated range is: FC00::/7.
FC00::/7 is split in two: FC00::/8 and FD00::/8. For FC00::/8 the method to generate the Global ID is not defined yet, so, do not use it and choose FD00::/8 instead.
How to choose:
FDXX:XXXX:XXXX:YYYY::/64
where:
XX:XXXX:XXXX - the Global ID - choose it randomly enough
YYYY - the subnet id - pick what you wish between 0000 and FFFF.
Example:
FD99:9999:9999:2222::/64
First usable address in subnet 2222 is FD99:9999:9999:2222::1/64 and the last one is FD99:9999:9999:2222:FFFF:FFFF:FFFF:FFFE/64.
Example usage:
Let's link together 2 sites (site 1 and site2) with a tunnel:
site1: /etc/sysconfig/network-scripts/ifcfg-v6site2: DEVICE=v6site2 TYPE=sit BOOTPROTO=none ONBOOT=yes IPV6INIT=yes IPV6TUNNELIPV4=Now, restart the network (service network restart) and try to ping between sites:IPV6TUNNELIPV4LOCAL= IPV6ADDR=FD22:2222:2222:9999::2/64 site2: /etc/sysconfig/network-scripts/ifcfg-v6site1: DEVICE=v6site1 TYPE=sit BOOTPROTO=none ONBOOT=yes IPV6INIT=yes IPV6TUNNELIPV4= IPV6TUNNELIPV4LOCAL= IPV6ADDR=FD22:2222:2222:9999::1/64
on site1:
ping6 FD22:2222:2222:9999::1
and on site2:
ping6 FD22:2222:2222:9999::2
If the ping6 doesn't work, check with tcpdump that the packets arrive at site2. If they arrive, probably IP protocol 41 is not allowed. You should add "-A INPUT -p ipv6 -j ACCEPT" to /etc/sysconfig/iptables and restart the service (service iptables restart) to let it pass.
As a bonus, if we want to route a class between the site1 and site2, let's configure static routes. Let's assume that we have another class on interface dummy0 (ip li set dummy0 up; ip ad ad fd99:9999:9999:4444::1/64 dev dummy0) on site2 that we want to make it accesible to site1:
- On site1 set static route by editing /etc/sysconfig/network-scripts/route6-v6site2 and adding the following line:
fd99:9999:9999:4444::/64 via fd22:2222:2222:9999::1 dev v6site2
Verify by running "ip -6 ro li". - On site2, activate forwarding by adding "IPV6FORWARDING=yes" to /etc/sysconfig/network and restarting the network (service network restart).
- On site2, allow forwarding to fd99:9999:9999:4444::/64 network by adding "-A FORWARD -d fd99:9999:9999:4444::/64 -j ACCEPT" before the REJECT line, to /etc/sysconfig/ip6tables and restarting the service (service ip6tables restart).
- Test from site1 using "ping6 fd99:9999:9999:4444::1".
TODO:
- The routing part should be moved in other section.