[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 216
  • Last Modified:

OK. I've got IPv6. Now, what do I do with it?

My ISP just upgraded us to IPv6. I see that I have a /56 network. Sounds wonderful. What can I do with it?

The first thing I wanted to do was create an Apache website that uses SSL on one of my shiney new IPv6 addresses (I have a block of 18 ipv4 addresses, and they are all  in use, so, going ipv6 is a great thing for this).

But, I don't know how to do it?

What are the steps here? For example, this is what I would do with ipv4 addresses...

1. Use ipcalc to calculate out the address space:

michael@backup01:/home/michael# ipcalc 192.168.1.10/28
Address:   192.168.1.10         11000000.10101000.00000001.0000 1010
Netmask:   255.255.255.240 = 28 11111111.11111111.11111111.1111 0000
Wildcard:  0.0.0.15             00000000.00000000.00000000.0000 1111
=>
Network:   192.168.1.0/28       11000000.10101000.00000001.0000 0000
HostMin:   192.168.1.1          11000000.10101000.00000001.0000 0001
HostMax:   192.168.1.14         11000000.10101000.00000001.0000 1110
Broadcast: 192.168.1.15         11000000.10101000.00000001.0000 1111
Hosts/Net: 14                    Class C, Private Internet

This shows me that I have 14 usable addresses. I know my HostMax is the gateway, and I know my HostMin is the device (router). So, I have 13 usable in this example.

2. Consult my spreadsheet to see that 192.168.1.1 - 192.168.1.8 are all in use.

3. Configure my new site on 192.168.1.9.

What does this procedure look like with IPv6?
0
DrDamnit
Asked:
DrDamnit
  • 4
  • 3
  • 2
  • +2
4 Solutions
 
MaheshArchitectCommented:
U don't have to do any thing on server end, even no need to change IPV4 private address on server

U need to do some work on firewall \ gateway device I guess
U need to do public IPV6 to private IPv4 conversion (NAT64 \ 6 to 4) \ translation

http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/enterprise-ipv6-solution/white_paper_c11-676278.html

Check your device vendor documentation
0
 
giltjrCommented:
As Mahesh stated, you to configure your firewall/router NAT your public IPV6 addresses to your internal IPV4.

You also need to:

Add AAAA records to the DNS server that does your name resolution for you on the Internet.  This allows somebody to get your IP V6 address when they  look up your host name.

Last, but not least, you need to wait for the rest of the world to start using IPV6 so they will do a IPV6 name lookup for the AAAA record you created above.
0
 
DrDamnitAuthor Commented:
The server in question is on a public IP address. It's not behind a firewall. So I'm assuming I should be able to just add another network device and it should just pull a brand-new IPv6 address from upstream. The problem is I don't know how to force this.
0
Restore individual SQL databases with ease

Veeam Explorer for Microsoft SQL Server delivers an easy-to-use, wizard-driven interface for restoring your databases from a backup. No expert SQL background required. Web interface provides a complete view of all available SQL databases to simplify the recovery of lost database

 
David Johnson, CD, MVPOwnerCommented:
you don't pull a ipv6 address you assign it either via dhcp or in the tcpip ipv6 properties of the network adapter.ipv6 settings
0
 
giltjrCommented:
Even  if you get an IPV6 address via DHCP, if you want to actually have people connect to it using IPV6 you need to somehow get a DNS entry (AAAA record for IPV6) pointing to the IPV6 address.

If course setting it up for IPV6 DHCP assumes that you, or your ISP,  has an IPV6 DHCP server setup.
0
 
MaheshArchitectCommented:
U need to check with ISP, how you will get IPv6 Public IP (static or dynamic), If its dynamic, ISP will create reservation on his DHCP IPv6 scope for your specific IPV6 address
OR
He will provide you static IP which you could set directly on server
In any case as stated giltjr, you do require Host(AAAA) record to be created on public DNS server (ISP DNS server) and in order to replicate that to all internet dns servers, it will take at least 12 HRS, after that it will be resolvable from entire internet world.
0
 
DrDamnitAuthor Commented:
Somehow, these answers have gotten way off topic.

My question here is diretly related to putting a server with SSL on the "public" internet with IPv6. That means, when I put a AAAA record in the DNS, users anywehre in the world can connect (provided they have ipv6).

In IPv4, we had to get a public static IP; however, with IPv6, it seems that concept has gone away.

@David Johnson:
I have IPv6 DHCP  severs setup in my LAN, but that is not part of this question. The server in question is currently outside my LAN on a public ipv4 address. It's a linux box, and it has "magically" received an IPv6 address. I can only assume it came from Comcast, our ISP. So, I want to add 10 more IPv6 addresses to the box using logical network adapaters.

@giltjr:
This is exactly my question. Rephrased.

@Mahesh:

They have assigned me a /56, which means I should have 256 subnets, and each subnet gives me 18,446,744,073,709,551,616 addresses (If I've read the spec correctly).

So far, I've used 1. I want to use 10 more.
0
 
QlemoC++ DeveloperCommented:
You should be free to use any address of the /56 network, as the complete block should be routed to you. Unless you have a ff80:: (IIRC), which is a local, non-routed network.
0
 
giltjrCommented:
Then use them.  I guess I not sure what you are asking.

You can do anything you want with your IPV6 addresses.  Just like you would with an IPV4 address.  The only difference is that on the public Internet there are very few people actually using IPV6, so there would be very few people accessing your servers via your IPV6 and there would be very few services you could access using IPV6.
0
 
DrDamnitAuthor Commented:
Qlemo... exactly. But, how do I calculate out another address on the network?
0
 
QlemoC++ DeveloperCommented:
The same way as with IPv4 - by counting the bits from left. IPv6 is grouped into words, and 56 bits are 7 bytes, so your netmask is ffff:ffff:ffff:ff00::. You can build subnets, but I would keep the first 64 bits  (of 128) just as given by your ISP.
0
 
giltjrCommented:
O.K., it sounds like this question is even more basic that I (maybe all of us) thought:  Maybe this will help:

https://thwack.solarwinds.com/community/solarwinds-community/geek-speak_tht/blog/2013/07/24/simplified-ipv6-subnetting-understanding-what-s-what
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

  • 4
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now