Someone on a mailing list asked recently “What’s the best practice for IPv6 addressing?” The question got me thinking, and I thought I’d share some useful guidelines.
So you have an application. It was written (as far as you know) without IPv6 in mind, and now it has to work with IPv6. How hard is that going to be? Well, it depends on the application. Most of the following is not really Java specific (but some of it is).
I’ve just spent an hour struggling with (I thought) IPv6 on Windows 7. IPv6 is enabled by default on Windows 7. I was seeing autoconfigured addresses on the ethernet interface, but there was no IPv6 connectivity beyond that. Looking at it with Wireshark, I could see neighbor discovery packets leaving, but answer came there none. No firewall rules were blocking ICMPv6; in desperation I turned the firewalls OFF on both source and destination test machines – still nothing. What the…?
IPv6 destination address selection is the process of deciding which IPv6 address a connection should be made to. This is the flip side of IPv6 source address selection, which has been the subject of several earlier articles (start here). Destination address selection is described in the same RFC as source address selection – RFC 6724 (which obsoletes RFC 3484).
If you read the doco (like “man gai.conf”) you would be forgiven for thinking that the contents of /etc/gai.conf controlled source and destination address selection in IPv6. You would be wrong.
NAT came into existence because of IPv4 address scarcity. With IPv6, that reason disappears. So, if we no longer need to multiplex addresses, should we retain NAT?
In a previous article, I discussed how IPv6 source address selection worked. Normally it all Just Works, but there are several situations where you may want or need to control the address selection process. In this article, we’ll look at why you might want to control source address selection, and how you can do it.
Source address selection must be very irritated; destination address selection gets all the press coverage.
This article will start to redress the balance, by talking about what source address selection is, why it is needed, and how it works. If you want the nitty-gritty, check out RFC 6724 (which obsoletes RFC 3484).
ULA (Unique Local Addresses, or Unique Local IPv6 Unicast Addresses to give them their full name) are IPv6’s equivalent of IPv4’s “private” addresses.
The idea is to append a random 40 bits to the reserved ULA prefix fd00::/8, thus building a /48 that you can call your own. You can use this /48 wherever and however you like, with the sole proviso that it must not be routed on the public Internet. The ULA space is defined in RFC4192 (http://tools.ietf.org/html/rfc4193).