January 31, 2017

IPv6 for Server Admins and Client Developers


Thiago Macieira
Thiago Macieira from the Intel Open Source Technology Center provided a brief introduction to IPv6 and a comparison to IPv4 at LinuxCon Europe.

IPv6 has been around for a long time. The first IPv6 RFC was released more than 20 years ago, and we began exhausting the IPv4 address space in 2011. Thiago Macieira from the Intel Open Source Technology Center began his talk at LinuxCon Europe by saying that he didn’t think he would still need to be talking about this today, and he wished we had already solved this problem. But, many people have not yet made the switch to IPv6, so his talk contained a brief introduction to IPv6 and some of the differences compared to IPv4. 

Macieira says that one of the reasons things haven’t completely fallen apart yet is because we’ve created some workarounds, but they are just workarounds, and we still need to plan our move to IPv6. The biggest difference is the address size, with IPv4 containing only 32 bits of address space compared to 128 bits for IPv6. To put this in perspective, IPv6 would give us many trillions of addresses for every square centimeter on the planet. Another difference is that multicasting goes from optional in IPv4 to mandatory in IPv6 allowing one-to-many communication commonly used for things like Multicast DNS, which is what, for example, Apple uses to discover other devices on your home network. Other differences include a higher minimum Maximum Transmission Unit (MTU) and maximum packet size along with fragmentation at the origin (instead of at the router) and privacy extensions.

StateLess Address Auto-Configuration (SLAAC) in IPv6 provides a way for devices to configure themselves, even over the Internet, and communicate with each other without requiring a DHCP server. This is accomplished securely, while still protecting privacy, by using temporary addresses or stable, but opaque addresses, Macieira explained. However, you still need to make sure that your firewall is correctly configured using ip6tables, not iptables keeping in mind that addressable from the world does not mean that your device is reachable from the world.

Macieira points out that when using an API, there are two things to keep in mind. First, always use an IPv6 API. They are actually simpler to use and will still support IPv4, so if an API doesn't support IPv6 already, stop using it. Second, don't assume anything about the address.

The talk concluded with a number of interesting things that you can do with IPv6. Watch the entire video of the talk to learn more about how and why to use IPv6.

Click Here!