30.10. IPv6

Originally Written by Aaron Kaplan.
Restructured and Added by Tom Rhodes.
Extended by Brad Davis.

IPv6, also known as IPng IP next generation, is the new version of the well known IP protocol, also known as IPv4. FreeBSD includes the KAME IPv6 reference implementation. FreeBSD comes with everything needed to use IPv6. This section focuses on getting IPv6 configured and running.

In the early 1990s, people became aware of the rapidly diminishing address space of IPv4. Given the expansion rate of the Internet, there were two major concerns:

IPv6 deals with these and many other issues by providing the following:

There are many other useful features of IPv6:

For more information see:

30.10.1. Background on IPv6 Addresses

There are different types of IPv6 addresses: unicast, anycast, and multicast.

Unicast addresses are the well known addresses. A packet sent to a unicast address arrives at the interface belonging to the address.

Anycast addresses are syntactically indistinguishable from unicast addresses but they address a group of interfaces. The packet destined for an anycast address will arrive at the nearest (in router metric) interface. Anycast addresses may only be used by routers.

Multicast addresses identify a group of interfaces. A packet destined for a multicast address will arrive at all interfaces belonging to the multicast group.

Note:

The IPv4 broadcast address, usually xxx.xxx.xxx.255, is expressed by multicast addresses in IPv6.

Table 30.2. Reserved IPv6 Addresses
IPv6 addressPrefixlength (Bits)DescriptionNotes
::128 bitsunspecifiedEquivalent to 0.0.0.0 in IPv4.
::1128 bitsloopback addressEquivalent to 127.0.0.1 in IPv4.
::00:xx:xx:xx:xx96 bitsembedded IPv4The lower 32 bits are the compatible IPv4 address.
::ff:xx:xx:xx:xx96 bitsIPv4 mapped IPv6 addressThe lower 32 bits are the IPv4 address for hosts which do not support IPv6.
fe80:: - feb::10 bitslink-localEquivalent to the loopback address in IPv4.
fec0:: - fef::10 bitssite-local 
ff::8 bitsmulticast 
001 (base 2)3 bitsglobal unicastAll global unicast addresses are assigned from this pool. The first 3 bits are 001.

30.10.2. Reading IPv6 Addresses

The canonical form is represented as: x:x:x:x:x:x:x:x, with each x being a 16 bit hex value. For example: FEBC:A574:382B:23C1:AA49:4592:4EFE:9982.

Often an address will have long substrings of all zeros. One such substring per address can be abbreviated by ::. Also, up to three leading 0s per hex quad can be omitted. For example, fe80::1 corresponds to the canonical form fe80:0000:0000:0000:0000:0000:0000:0001.

A third form is to write the last 32 bit part in the well known (decimal) IPv4 style with dots (.) as separators. For example, 2002::10.0.0.1 corresponds to the hexadecimal canonical representation 2002:0000:0000:0000:0000:0000:0a00:0001, which in turn is equivalent to 2002::a00:1.

Here is a sample entry from ifconfig(8):

# ifconfig
rl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
         inet 10.0.0.10 netmask 0xffffff00 broadcast 10.0.0.255
         inet6 fe80::200:21ff:fe03:8e1%rl0 prefixlen 64 scopeid 0x1
         ether 00:00:21:03:08:e1
         media: Ethernet autoselect (100baseTX )
         status: active

fe80::200:21ff:fe03:8e1%rl0 is an auto configured link-local address. It is generated from the MAC address as part of the auto configuration.

For further information on the structure of IPv6 addresses, see RFC3513.

30.10.3. Getting Connected

Currently, there are four ways to connect to other IPv6 hosts and networks:

  • Contact an Internet Service Provider to see if they offer IPv6.

  • SixXS offers tunnels with end-points all around the globe.

  • Hurricane Electric offers tunnels with end-points all around the globe.

  • Tunnel via 6-to-4 as described in RFC3068.

  • Use the net/freenet6 port for a dial-up connection.

30.10.4. Applying the Needed Changes to /etc/rc.conf

30.10.4.1. IPv6 Client Auto-Configuration

To automatically configure a machine on a LAN which acts as a client, not a router, two items are required. First to enable the em0 to receive the router solicitation messages, add this line to rc.conf:

ifconfig_em0_ipv6="inet6 accept_rtadv"

Secondly, the router solicitation daemon, rtsol(8), should be enabled by adding the following to rc.conf:

rtsold_enable="YES"

For FreeBSD 8.x, add:

ipv6_enable="YES"

30.10.4.2. IPv6 Client Static Configuration

To statically assign the IPv6 address, 2001:db8:4672:6565:2026:5043:2d42:5344, to fxp0, add the following for FreeBSD 9.x:

ifconfig_fxp0_ipv6="inet6 2001:db8:4672:6565:2026:5043:2d42:5344 prefixlen 64"

Note:

Be sure to change prefixlen 64 to the appropriate value for the subnet.

For FreeBSD 8.x, add:

ipv6_ifconfig_fxp0="2001:db8:4672:6565:2026:5043:2d42:5344"

To assign a default router of 2001:db8:4672:6565::1, add the following to /etc/rc.conf:

ipv6_defaultrouter="2001:db8:4672:6565::1"

30.10.4.3. IPv6 Router/Gateway Settings

This section demonstrates how to take the directions from a tunnel provider and convert it into settings that will persist through reboots. To restore the tunnel on startup, add the following lines to /etc/rc.conf.

The first entry lists the generic tunneling interfaces to be configured. This example configures one interface, gif0:

gif_interfaces="gif0"

To configure that interface with a local endpoint of MY_IPv4_ADDR to a remote endpoint of REMOTE_IPv4_ADDR:

gifconfig_gif0="MY_IPv4_ADDR REMOTE_IPv4_ADDR"

To apply the IPv6 address that has been assigned for use as the IPv6 tunnel endpoint, add the following line for FreeBSD 9.x and later:

ifconfig_gif0_ipv6="inet6 MY_ASSIGNED_IPv6_TUNNEL_ENDPOINT_ADDR"

For FreeBSD 8.x, add:

ipv6_ifconfig_gif0="MY_ASSIGNED_IPv6_TUNNEL_ENDPOINT_ADDR"

Then, set the default route for IPv6. This is the other side of the IPv6 tunnel:

ipv6_defaultrouter="MY_IPv6_REMOTE_TUNNEL_ENDPOINT_ADDR"

30.10.4.4. IPv6 Tunnel Settings

If the server is to route IPv6 between the rest of the network and the world, the following /etc/rc.conf setting will also be needed:

ipv6_gateway_enable="YES"

30.10.5. Router Advertisement and Host Auto Configuration

This section demonstrates how to setup rtadvd(8) to advertise the IPv6 default route.

To enable rtadvd(8), add the following to /etc/rc.conf:

rtadvd_enable="YES"

It is important to specify the interface on which to do IPv6 router solicitation. For example, to tell rtadvd(8) to use fxp0:

rtadvd_interfaces="fxp0"

Next, create the configuration file, /etc/rtadvd.conf as seen in this example:

fxp0:\
	:addrs#1:addr="2001:471:1f11:246::":prefixlen#64:tc=ether:

Replace fxp0 with the interface to be used and 2001:471:1f11:246:: with the prefix of the allocation.

For a dedicated /64 subnet, nothing else needs to be changed. Otherwise, change the prefixlen# to the correct value.

30.10.6. IPv6 and IPv6 Address Mapping

When IPv6 is enabled on a server, there may be a need to enable IPv4 mapped IPv6 address communication. This compatibility option allows for IPv4 addresses to be represented as IPv6 addresses. Permitting IPv6 applications to communicate with IPv4 and vice versa may be a security issue.

This option may not be required in most cases and is available only for compatibility. This option will allow IPv6-only applications to work with IPv4 in a dual stack environment. This is most useful for third party applications which may not support an IPv6-only environment. To enable this feature, add the following to /etc/rc.conf:

ipv6_ipv4mapping="YES"

Reviewing the information in RFC 3493, section 3.6 and 3.7 as well as RFC 4038 section 4.2 may be useful to some adminstrators.

30.10.7. Application Use of IPv6

Currently IPv6 support for many applications and services is very good, though for some software it still needs work. For authoritative information about the support of IPv6, please consult the Official Documentation for the software in question.

Web, DNS and Mail applications and servers have the best support for IPv6 because they are the most common use case. Other applications may have varying degrees of IPv6 support.

All FreeBSD documents are available for download at http://ftp.FreeBSD.org/pub/FreeBSD/doc/

Questions that are not answered by the documentation may be sent to <freebsd-questions@FreeBSD.org>.
Send questions about this document to <freebsd-doc@FreeBSD.org>.