IPv6 Cheat Sheet

IPv6 is a lot less complicated that you think.

Once you get past the hex codes and once you see that basic concepts and tools are similar, you’re in good shape to start using it.

Ping IPv6

One of the most complicated things if you’ve never worked with IPv6 is to use the PING command. To use the ping command under most circumstances, you may need:

  • To use the ping6 command instead of ping
  • An IPv6 enabled workstation or an IPv6 website to ping from
  • Specify the interface from which to ping

The second point is important, because under some circumstances if you ping and IPv6 address you might get Invalid Argument like below:

ping6 fe80::88e9:97ff:fec3:aae0
PING fe80::88e9:97ff:fec3:aae0(fe80::88e9:97ff:fec3:aae0) 56 data bytes
ping6: sendmsg: Invalid argument

The solution is to specify a % and the interface name, for example:

ping6 fe80::88e9:97ff:fec3:aae0%ens18

Add a default IPv6 Route

Example:

ip -6 route add default via 2620:1e6:101::8888:1 dev venet0

Default IPv6 Route

Normally on Linux to determine the default route you may use ip route or netstat -rn

The equivalent for IPv6 is ip -6 route

Alternatives to see default IPv6 route

ip -6 route show

route -A inet6

In the above output, lookfor [::]/0

Testing IPv6 from localhost

Here is a cool test, you can ping the 8.8.8.8 and 8.8.4.4 name servers that belong to Google 🙂

ping6 2001:4860:4860::8888
ping6 2001:4860:4860::8844

Add IPv6 to Netplan on Ubuntu

An example is below. The two additional section for the IPv6 address and IPv6 gateway are in bold. It also has IPv4 settings. The default 50-cloud-init.yaml file lives in /etc/netplan:

# cat 50-cloud-init.yaml 
# This file is generated from information provided by the datasource.  Changes
# to it will not persist across an instance reboot.  To disable cloud-init's
# network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
    version: 2
    ethernets:
        eth0:
            addresses:
            - 192.168.0.2/24
            - 2001:db8:1234:5678::2/64
            gateway4: 192.168.0.1
            gateway6: 2001:db8:1234:5678::1
            match:
                macaddress: aa:bb:cc:dd:ee:ff
            nameservers:
                addresses:
                - 1.1.1.1
                - 8.8.4.4
                search:
                - vander.host
            set-name: eth0

Remember in Netplan you can’t use tabs, and when you’re done, do this:

sudo netplan apply

What is a /64?

“There are 2^128 or 340 trillion, trillion, trillion IPv6 addresses, which is more than 100 times the number of atoms on the surface of the Earth. This will be more than sufficient to support trillions of Internet devices for the forseeable future. So in answer to your question, we don’t need to subnet like we did for IPv4. We subnetted and used NAT as a workaround because we didn’t have enough addresses before. Using /64 should always be fine. We will destroy the earth or kill ourselves before we run out.”

See https://stackoverflow.com/questions/15265893/what-does-it-mean-64-in-ipv6 and  http://www.steves-internet-guide.com/ipv6-guide/

Caveats

Shared Hosting Control Panels

A notable caveat on some Linux control panels, e.g. Virtualmin, is that there is a separate firewall for IPv6. In fact, that is also the case when you are using cloud providers such as AWS. So be careful! Your server might be Fort Knox for IPv4, but an intruder could come in via IPv6.

References

Share this article

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to Top