Practical Networking for Linux Admins: IPv6 Routing
Our story so far: We have learned the important bits about TCP/IP, IPv6, and IPv4 and IPv6 LAN Addressing, which is all very excellent. But, if you want your computers to talk to each other, then you must know about routing.
Simple Test Lab
Now we have a good use for the
ip assigns multiple addresses to network interfaces, which is totally groovy because you can practice setting up and testing routing without needing a herd of computers. All you need to get started is two computers connected to the same Ethernet switch. In the following examples, I'm using a desktop PC and a laptop connected to an old 8-port gigabit switch. Yes, I know, there are newer switches that are so fast they reach the future before we do. Any Ethernet switch you want to use is fine.
If you are using Network Manager it will try to find a DHCP server when you plug in your Ethernet cables, so don't run any name services on your test lab.
Assigning and Removing IP Addresses
First check your network interface names. The output is snipped for clarity:
$ ip addr show 1: lo: <LOOPBACK,UP,LOWER_UP> [...] 2: enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> [...] 3: wlx9cefd5fe8f20: <BROADCAST,MULTICAST,UP,LOWER_UP> [...]
My Ubuntu system likes to give network interfaces strange names. enp0s25 is my wired Ethernet interface. Let's give it an IPv6 address from the range reserved for examples and documentation (see Practical Networking for Linux Admins: Real IPv6):
$ sudo ip -6 addr add 2001:0db8::1/64 dev enp0s25
Let us admire our new address (again with trimmed output), and note also how the link local address is assigned automatically:
$ ip addr show 2: enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> link/ether d0:50:99:82:e7:2b brd ff:ff:ff:ff:ff:ff inet6 2001:db8::1/64 scope global inet6 fe80::d250:99ff:fe82:e72b/64 scope link
Assign an address to the second host:
$ sudo ip -6 addr add 2001:0db8::2/64 dev eth0
Now the two hosts can ping each other. Remember,
ping6 requires specifying the network interface, even if you only have one:
$ ping6 -I enp0s25 2001:db8::2 PING 2001:db8::2(2001:db8::2) from 2001:db8::1 enp0s25: 56 data bytes 64 bytes from 2001:db8::2: icmp_seq=1 ttl=64 time=1.01 ms
You can also ping the link local addresses:
$ ping6 -I enp0s25 fe80::ea9a:8fff:fe67:190d PING fe80::ea9a:8fff:fe67:190d(fe80::ea9a:8fff:fe67:190d) from fe80::d250:99ff:fe82:e72b enp0s25: 56 data bytes 64 bytes from fe80::ea9a:8fff:fe67:190d: icmp_seq=1 ttl=64 time=0.531 ms
link/ether is the MAC address. Note the
scope values of
global is a routable address, while
link is the link local address that operates only within a single network segment. In IPv4 networks this is called a broadcast domain, which contains all hosts within a single logical network segment. Unlike IPv4 networks, IPv6 does not use a broadcast address. IPv4 has three address types: unicast, multicast and broadcast. As the excellent TCP/IP Guide says:
"Broadcast addressing as a distinct addressing method is gone in IPv6. Broadcast functionality is implemented using multicast addressing to groups of devices."
Delete an address this way:
$ sudo ip -6 addr del 2001:0db8::1/64 dev enp0s25
Now we'll add a second address to one of our test machines that's in a different subnet. In the 2001:0db8::0/64 network, the first four octets define the network, and the last four are the host addresses. The "2" in the host address on my second test machine helps me remember which machine is which, so I'll recycle that for the new subnet:
$ sudo ip -6 addr add 2001:db8:0:1::2/64 dev eth0
I ping the new address from the first test machine, to no avail:
$ ping6 -I enp0s25 2001:db8:0:1::2 connect: Network is unreachable
So, I'll create a route to the new subnet. Run
ip -6 route show first to see your existing routing table, and copy it for a reference. Then create the new route:
$ sudo ip -6 route add 2001:db8:0:1::0/64 dev enp0s25
Now look what ping does:
$ ping6 -I enp0s25 2001:db8:0:1::2 PING 2001:db8:0:1::2(2001:db8:0:1::2) from 2001:db8::1 enp0s25: 56 data bytes 64 bytes from 2001:db8:0:1::2: icmp_seq=1 ttl=64 time=0.583 ms
Success! We are networking nerds deluxe! Just to make sure, delete the route and try ping again:
$ sudo ip -6 route del 2001:db8:0:1::0/64 dev enp0s25 $ ping6 -I enp0s25 2001:db8:0:1::2 connect: Network is unreachable
None of these configurations survive a reboot. This is good news when you want to wipe everything and start over, but not so good news when you want to keep them. Every Linux distribution has its own special way of configuring IP addresses and static routes. If you're running Network Manager you can configure everything with it. You can also push all of this to clients with a DHCP server, such as the excellent Dnsmasq, which provides name services, router advertisement, and network booting. All of which are large topics for another day. Until then, be well and enjoy being an IPv6 guru.
Learn more about Linux through the free "Introduction to Linux" course from The Linux Foundation and edX.