Solved

OK. I've got IPv6. Now, what do I do with it?

Posted on 2015-01-31
12
201 Views
Last Modified: 2015-03-27
My ISP just upgraded us to IPv6. I see that I have a /56 network. Sounds wonderful. What can I do with it?

The first thing I wanted to do was create an Apache website that uses SSL on one of my shiney new IPv6 addresses (I have a block of 18 ipv4 addresses, and they are all  in use, so, going ipv6 is a great thing for this).

But, I don't know how to do it?

What are the steps here? For example, this is what I would do with ipv4 addresses...

1. Use ipcalc to calculate out the address space:

michael@backup01:/home/michael# ipcalc 192.168.1.10/28
Address:   192.168.1.10         11000000.10101000.00000001.0000 1010
Netmask:   255.255.255.240 = 28 11111111.11111111.11111111.1111 0000
Wildcard:  0.0.0.15             00000000.00000000.00000000.0000 1111
=>
Network:   192.168.1.0/28       11000000.10101000.00000001.0000 0000
HostMin:   192.168.1.1          11000000.10101000.00000001.0000 0001
HostMax:   192.168.1.14         11000000.10101000.00000001.0000 1110
Broadcast: 192.168.1.15         11000000.10101000.00000001.0000 1111
Hosts/Net: 14                    Class C, Private Internet

This shows me that I have 14 usable addresses. I know my HostMax is the gateway, and I know my HostMin is the device (router). So, I have 13 usable in this example.

2. Consult my spreadsheet to see that 192.168.1.1 - 192.168.1.8 are all in use.

3. Configure my new site on 192.168.1.9.

What does this procedure look like with IPv6?
0
Comment
Question by:DrDamnit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +2
12 Comments
 
LVL 37

Expert Comment

by:Mahesh
ID: 40581750
U don't have to do any thing on server end, even no need to change IPV4 private address on server

U need to do some work on firewall \ gateway device I guess
U need to do public IPV6 to private IPv4 conversion (NAT64 \ 6 to 4) \ translation

http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/enterprise-ipv6-solution/white_paper_c11-676278.html

Check your device vendor documentation
0
 
LVL 57

Expert Comment

by:giltjr
ID: 40581830
As Mahesh stated, you to configure your firewall/router NAT your public IPV6 addresses to your internal IPV4.

You also need to:

Add AAAA records to the DNS server that does your name resolution for you on the Internet.  This allows somebody to get your IP V6 address when they  look up your host name.

Last, but not least, you need to wait for the rest of the world to start using IPV6 so they will do a IPV6 name lookup for the AAAA record you created above.
0
 
LVL 32

Author Comment

by:DrDamnit
ID: 40581889
The server in question is on a public IP address. It's not behind a firewall. So I'm assuming I should be able to just add another network device and it should just pull a brand-new IPv6 address from upstream. The problem is I don't know how to force this.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 40582026
you don't pull a ipv6 address you assign it either via dhcp or in the tcpip ipv6 properties of the network adapter.ipv6 settings
0
 
LVL 57

Expert Comment

by:giltjr
ID: 40582051
Even  if you get an IPV6 address via DHCP, if you want to actually have people connect to it using IPV6 you need to somehow get a DNS entry (AAAA record for IPV6) pointing to the IPV6 address.

If course setting it up for IPV6 DHCP assumes that you, or your ISP,  has an IPV6 DHCP server setup.
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 40582168
U need to check with ISP, how you will get IPv6 Public IP (static or dynamic), If its dynamic, ISP will create reservation on his DHCP IPv6 scope for your specific IPV6 address
OR
He will provide you static IP which you could set directly on server
In any case as stated giltjr, you do require Host(AAAA) record to be created on public DNS server (ISP DNS server) and in order to replicate that to all internet dns servers, it will take at least 12 HRS, after that it will be resolvable from entire internet world.
0
 
LVL 32

Author Comment

by:DrDamnit
ID: 40587128
Somehow, these answers have gotten way off topic.

My question here is diretly related to putting a server with SSL on the "public" internet with IPv6. That means, when I put a AAAA record in the DNS, users anywehre in the world can connect (provided they have ipv6).

In IPv4, we had to get a public static IP; however, with IPv6, it seems that concept has gone away.

@David Johnson:
I have IPv6 DHCP  severs setup in my LAN, but that is not part of this question. The server in question is currently outside my LAN on a public ipv4 address. It's a linux box, and it has "magically" received an IPv6 address. I can only assume it came from Comcast, our ISP. So, I want to add 10 more IPv6 addresses to the box using logical network adapaters.

@giltjr:
This is exactly my question. Rephrased.

@Mahesh:

They have assigned me a /56, which means I should have 256 subnets, and each subnet gives me 18,446,744,073,709,551,616 addresses (If I've read the spec correctly).

So far, I've used 1. I want to use 10 more.
0
 
LVL 70

Assisted Solution

by:Qlemo
Qlemo earned 250 total points
ID: 40587171
You should be free to use any address of the /56 network, as the complete block should be routed to you. Unless you have a ff80:: (IIRC), which is a local, non-routed network.
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 250 total points
ID: 40587359
Then use them.  I guess I not sure what you are asking.

You can do anything you want with your IPV6 addresses.  Just like you would with an IPV4 address.  The only difference is that on the public Internet there are very few people actually using IPV6, so there would be very few people accessing your servers via your IPV6 and there would be very few services you could access using IPV6.
0
 
LVL 32

Author Comment

by:DrDamnit
ID: 40587830
Qlemo... exactly. But, how do I calculate out another address on the network?
0
 
LVL 70

Assisted Solution

by:Qlemo
Qlemo earned 250 total points
ID: 40588107
The same way as with IPv4 - by counting the bits from left. IPv6 is grouped into words, and 56 bits are 7 bytes, so your netmask is ffff:ffff:ffff:ff00::. You can build subnets, but I would keep the first 64 bits  (of 128) just as given by your ISP.
0
 
LVL 57

Accepted Solution

by:
giltjr earned 250 total points
ID: 40588408
O.K., it sounds like this question is even more basic that I (maybe all of us) thought:  Maybe this will help:

https://thwack.solarwinds.com/community/solarwinds-community/geek-speak_tht/blog/2013/07/24/simplified-ipv6-subnetting-understanding-what-s-what
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question