Solved

OK. I've got IPv6. Now, what do I do with it?

Posted on 2015-01-31
12
181 Views
Last Modified: 2015-03-27
My ISP just upgraded us to IPv6. I see that I have a /56 network. Sounds wonderful. What can I do with it?

The first thing I wanted to do was create an Apache website that uses SSL on one of my shiney new IPv6 addresses (I have a block of 18 ipv4 addresses, and they are all  in use, so, going ipv6 is a great thing for this).

But, I don't know how to do it?

What are the steps here? For example, this is what I would do with ipv4 addresses...

1. Use ipcalc to calculate out the address space:

michael@backup01:/home/michael# ipcalc 192.168.1.10/28
Address:   192.168.1.10         11000000.10101000.00000001.0000 1010
Netmask:   255.255.255.240 = 28 11111111.11111111.11111111.1111 0000
Wildcard:  0.0.0.15             00000000.00000000.00000000.0000 1111
=>
Network:   192.168.1.0/28       11000000.10101000.00000001.0000 0000
HostMin:   192.168.1.1          11000000.10101000.00000001.0000 0001
HostMax:   192.168.1.14         11000000.10101000.00000001.0000 1110
Broadcast: 192.168.1.15         11000000.10101000.00000001.0000 1111
Hosts/Net: 14                    Class C, Private Internet

This shows me that I have 14 usable addresses. I know my HostMax is the gateway, and I know my HostMin is the device (router). So, I have 13 usable in this example.

2. Consult my spreadsheet to see that 192.168.1.1 - 192.168.1.8 are all in use.

3. Configure my new site on 192.168.1.9.

What does this procedure look like with IPv6?
0
Comment
Question by:DrDamnit
  • 4
  • 3
  • 2
  • +2
12 Comments
 
LVL 35

Expert Comment

by:Mahesh
Comment Utility
U don't have to do any thing on server end, even no need to change IPV4 private address on server

U need to do some work on firewall \ gateway device I guess
U need to do public IPV6 to private IPv4 conversion (NAT64 \ 6 to 4) \ translation

http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/enterprise-ipv6-solution/white_paper_c11-676278.html

Check your device vendor documentation
0
 
LVL 57

Expert Comment

by:giltjr
Comment Utility
As Mahesh stated, you to configure your firewall/router NAT your public IPV6 addresses to your internal IPV4.

You also need to:

Add AAAA records to the DNS server that does your name resolution for you on the Internet.  This allows somebody to get your IP V6 address when they  look up your host name.

Last, but not least, you need to wait for the rest of the world to start using IPV6 so they will do a IPV6 name lookup for the AAAA record you created above.
0
 
LVL 32

Author Comment

by:DrDamnit
Comment Utility
The server in question is on a public IP address. It's not behind a firewall. So I'm assuming I should be able to just add another network device and it should just pull a brand-new IPv6 address from upstream. The problem is I don't know how to force this.
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
Comment Utility
you don't pull a ipv6 address you assign it either via dhcp or in the tcpip ipv6 properties of the network adapter.ipv6 settings
0
 
LVL 57

Expert Comment

by:giltjr
Comment Utility
Even  if you get an IPV6 address via DHCP, if you want to actually have people connect to it using IPV6 you need to somehow get a DNS entry (AAAA record for IPV6) pointing to the IPV6 address.

If course setting it up for IPV6 DHCP assumes that you, or your ISP,  has an IPV6 DHCP server setup.
0
 
LVL 35

Expert Comment

by:Mahesh
Comment Utility
U need to check with ISP, how you will get IPv6 Public IP (static or dynamic), If its dynamic, ISP will create reservation on his DHCP IPv6 scope for your specific IPV6 address
OR
He will provide you static IP which you could set directly on server
In any case as stated giltjr, you do require Host(AAAA) record to be created on public DNS server (ISP DNS server) and in order to replicate that to all internet dns servers, it will take at least 12 HRS, after that it will be resolvable from entire internet world.
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 32

Author Comment

by:DrDamnit
Comment Utility
Somehow, these answers have gotten way off topic.

My question here is diretly related to putting a server with SSL on the "public" internet with IPv6. That means, when I put a AAAA record in the DNS, users anywehre in the world can connect (provided they have ipv6).

In IPv4, we had to get a public static IP; however, with IPv6, it seems that concept has gone away.

@David Johnson:
I have IPv6 DHCP  severs setup in my LAN, but that is not part of this question. The server in question is currently outside my LAN on a public ipv4 address. It's a linux box, and it has "magically" received an IPv6 address. I can only assume it came from Comcast, our ISP. So, I want to add 10 more IPv6 addresses to the box using logical network adapaters.

@giltjr:
This is exactly my question. Rephrased.

@Mahesh:

They have assigned me a /56, which means I should have 256 subnets, and each subnet gives me 18,446,744,073,709,551,616 addresses (If I've read the spec correctly).

So far, I've used 1. I want to use 10 more.
0
 
LVL 68

Assisted Solution

by:Qlemo
Qlemo earned 250 total points
Comment Utility
You should be free to use any address of the /56 network, as the complete block should be routed to you. Unless you have a ff80:: (IIRC), which is a local, non-routed network.
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 250 total points
Comment Utility
Then use them.  I guess I not sure what you are asking.

You can do anything you want with your IPV6 addresses.  Just like you would with an IPV4 address.  The only difference is that on the public Internet there are very few people actually using IPV6, so there would be very few people accessing your servers via your IPV6 and there would be very few services you could access using IPV6.
0
 
LVL 32

Author Comment

by:DrDamnit
Comment Utility
Qlemo... exactly. But, how do I calculate out another address on the network?
0
 
LVL 68

Assisted Solution

by:Qlemo
Qlemo earned 250 total points
Comment Utility
The same way as with IPv4 - by counting the bits from left. IPv6 is grouped into words, and 56 bits are 7 bytes, so your netmask is ffff:ffff:ffff:ff00::. You can build subnets, but I would keep the first 64 bits  (of 128) just as given by your ISP.
0
 
LVL 57

Accepted Solution

by:
giltjr earned 250 total points
Comment Utility
O.K., it sounds like this question is even more basic that I (maybe all of us) thought:  Maybe this will help:

https://thwack.solarwinds.com/community/solarwinds-community/geek-speak_tht/blog/2013/07/24/simplified-ipv6-subnetting-understanding-what-s-what
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now