Because I use a home ISP that supports IPv6 and has done for quite a few years, I have been using IPv6 for some time. But recently a problem meant that I was losing IPv6 connectivity. IPv4 was working fine so only a minor hiccup. But the process of investigating this I learnt quite a bit about IPv6 and I thought I would document this here. It might help someone else.
IPv6 addresses are 128 bits long and are written down in a standard notation, this looks like:
It is rare to have a completely populated address, so the notation allows for shortening the bits of the address that are zero. So the address
::1 is all zero except for the last bit. Also the CDIR format of showing the number of significant bits is often used. When used in some commands the interface to send on is specified with a
There are several types of IP address, and they can be recognised by the most significant part of the address. These are the ones I came across.
::1/128 this is the loopback address same as
fe80::/64 anything staring with
fe80 is a link local address. A bit like
192.168.x.x and can only be used on a single link
ff0X:: These are multicast addresses. the most useful ones are
ff02::1 All nodes in the link-local
ff02::2 All routers in the link-local
IPv6 has been designed for auto-configuration, so an endpoint should not have to have anything set in order to use a network. Everything is automatic.
The link local address is automatically calculated from the MAC address of the interface, it should be there for any interface that is connected regardless of the network supporting IPv6 or not. You can display the IP addresses with
ipconfig on windows) or
ip -6 address show
Neighbor discovery protocol allows the discovery the link local addresses of locally connected interfaces. We do this with a ping or as it is more formally known via Internet Control Message Protocol version 6 (ICMPv6) to a multicast address.
$ ping6 -c2 ff02::1%eth0
$ ping6 -c2 ff02::1%eth0
PING ff02::1%eth0(ff02::1%eth0) 56 data bytes
64 bytes from fe80::3e98:c0ee:51ae:b461%eth0: icmp_seq=1 ttl=64 time=0.072 ms
64 bytes from fe80::1e74:dff:fe2c:b897%eth0: icmp_seq=1 ttl=64 time=2.53 ms (DUP!)
64 bytes from fe80::3e98:c0ee:51ae:b461%eth0: icmp_seq=2 ttl=64 time=0.059 ms
--- ff02::1%eth0 ping statistics ---
2 packets transmitted, 2 received, +1 duplicates, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.059/0.887/2.532/1.163 ms
This should give you a response form the link local of that interface, and anything else that has an IPv6 interface on that network segment. But
$ ping6 -c2 ff02::2%eth0
PING ff02::2%eth0(ff02::2%eth0) 56 data bytes
64 bytes from fe80::1e74:dff:fe2c:b897%eth0: icmp_seq=1 ttl=64 time=2.58 ms
64 bytes from fe80::1e74:dff:fe2c:b897%eth0: icmp_seq=2 ttl=64 time=0.946 ms
--- ff02::2%eth0 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.946/1.764/2.582/0.818 ms
will only give responses from routers on the segment. So now we have local addresses sorted, we need to get a routeable IPv6 address. There are a number of ways this can happen, most commonly this uses Stateless Address Autoconfiguration (SLAAC).
The steps in getting a Global scope IPv6 address then are first to find the router. This is either from the response to a Router Solicitation (RS) ICMPv6 message, or from just listening as a router will periodically send out a Router Advertisement (RA).
Wireshark capture of IPv6 address auto-configuration
Lets step through the auto-configuration process. The first step is setting the Link Local address, this is configured from the MAC address, but there still could be conflicts. in packet 83 we send a neighbour solicitation out for the address we want to use. If nobody responds then we go ahead and use that address, packet 97.
The next important bit is the Router Solicitation, and Router Advertisement. Routers will send out a Router Advertisement periodically to the multicast address
ff02::1 periodically, but can be prompted by Router Solicitation, packets 118 & 119. The Router Advertisement is displayed in the packet analysis window, and we can see the Prefix information as well as DNS servers from the router.
Next is packet 141 where we send out a Neighbor Solicitation for
2001:8b0:1679:ea38:cf58:def3:b993:1412 to check that nobody else is using this address. If nobody replies then we go and use this address.