IPv6 Adventures – Part 1

31 01 2012

So – I decided it was finally time to finish implementing & document my IPv6 config – mainly so I remember how I did it, but also to help others on their IPv6 journey to the interwebs

High Level:

– Get a IPv6 subnet (duh) – This will depend on your scenario, several ISP’s offer native IPv6 (Internode) – mine does not (Telstra Bigpond).
– Configure a router / firewall / host with IPv6 address from your subnet
– Configure an IPv6 DNS address on that device to resolve AAAA records
– Bask in the IPv6ness of the interwebs – it looks eerily like the IPv4ness of the interwebs.

My Journey:

– I was already running the awesome Astaro for my border FW & home – which has great IPv6 support built in.
– I signed up for a subnet with Freenet6 / gogonet – http://gogonet.gogo6.com/page/freenet6-ipv6-services

*STOP HERE*

Ok, before we move on with turning the IPv6 up – you need to plan out a couple of things.

– Your IPv6 address is PUBLIC – it is reachable from the outside world, consider the consequences & firewall appropriately, also turn off NAT for IPv6 if your FW supports it – it will be a PITA when testing with your web browser & getting a different IPv6 address than you expect.

– IPv6 Subnetting – depending on the provider, you will be allocated something like a /56 subnet (4722366482869645213696 host IP’s — SERIOUSLY)

I broke my /56 up into /64 subnets for each zone (INSIDE / DMZ1 / DMZ2 / DARKNET) – still giving me 256 subnets containing 18446744073709551616 host addresses each …. I dont think im going to run out of addresses any time soon.

I could have broken em up into /96 subnets, giving me 1099511627776 subnets with 4294967296 (4 billion) hosts in each …. but really, when we are talking numbers like this, its just academic – use whatever fits your network design. I figured that im not going to ever need 256 subnets or more, so I just broke it up there, and /64 is a nice subnet mask boundry.

So what does this actually look like ?

2406:A000:F006:A400::/56 – My allocated IPv6 subnet from my tunnel broker

You can get some good info about your subnet using tools like http://www.gestioip.net/cgi-bin/subnet_calculator.cgi

IP address: 2406:a000:f006:a400:0000:0000:0000:0000
type: GLOBAL-UNICASTnetwork2406:a000:f006:a400::
Prefix length: 56
Prefix address: ffff:ffff:ffff:ff00:0000:0000:0000:0000
address range start: 2406:a000:f006:a400:0000:0000:0000:0000
address range end: 2406:a000:f006:a4ff:ffff:ffff:ffff:ffff
total IP addresses: 4722366482869645213696

As I mentioned above, I carved out 4x /64 subnets from this.

You can do in offline, but I cheated & used this IPv6 subnet calc – http://www.subnetonline.com/pages/subnet-calculators/ipv6-subnet-calculator.php

Here we go – nice & neat /64 subnets – im using 4 from the possible 256.

2406:a000:f006:a400::/64
2406:a000:f006:a401::/64
2406:a000:f006:a402::/64
2406:a000:f006:a403::/64

ffff:ffff:ffff:ffff:0000:0000:0000:0000 – /64 Mask

Now that we have our subnets planned out, we can continue on to implementation

Next Time ….

Advertisements

Actions

Information

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: