Ipv6 Auto Address Assignment

Explanation of the IPv6 address assignment using Ethernet. More...

Explanation of the IPv6 address assignment using Ethernet.

The Network library maintains several IPv6 addresses for the Ethernet network interface:

  • Static Address
    is used to communicate globally over internet. It is configured manually or via DHCPv6 in stateful mode.
  • Dynamic Address
    is configured by a Stateless Address Autoconfiguration and also used to communicate globally.
  • Link-local Address
    is automatically configured from the interface MAC address. The scope of a link-local address is the intercommunication between hosts on the local area network. The link-local address allows IPv6 hosts to communicate when there is no router and no DHCPv6 server available on the local area network (LAN).

The IPv6 addresses for the Ethernet network interface are assigned in several ways:

  • Static IPv6
    The IPv6 address, subnet prefix length and default gateway are configuredmanually in the system configuration file. However, it is possible to change the IPv6 address atruntime. The static configuration specifies also a primary and optional secondary DNS server. To make use of the static IPv6 configuration, you need to disable DHCP for IPv6.
  • Dynamic Host Configuration Protocol for IPv6 (DHCPv6)
    This mode is mostly used. It requires a centralized DHCPv6 server in the local area network (LAN). There are two methods of DHCPv6:
    • statelessmode
      Only extended information, such as primary and optional secondary DNS server, is obtained from a DHCPv6 server. IPv6 address is not assigned, so the IPv6 address from the Ethernet configuration is set for a Static address of Ethernet interface.
    • statefulmode
      DHCPv6 server maintains a database of leased IPv6 addresses, and assigns to the client an unused IPv6address. The DHCPv6 server specifies also a primary and optional secondary DNS server. The DNSserver is used to resolve the IP address for a known host name.
  • IPv6 Stateless Address Autoconfiguration (SLAAC)
    This mode is always used and configures a Dynamic Address. SLAAC provides the ability to address a host based on a network prefix that is advertised from a local network router via Router Advertisements (RA).
Note

End-host address assignment options for IPv6 networks

Overview of the different ways IPv6 end-host address assignment can be configured.

Address Types and Scope

First, we need a quick understanding of the different address types in IPv6 which are referred to as "scope".
  • Global scope addresses are the ones we most used to, the regular globally reachable address and often registered in DNS. For UW-Madison, our global prefix is 2607:f388::/32.
  • Link-Local scope is used within a particular subnet only and are not routable at all. They start with the IPv6 prefix fe80::/64. In IPv4, these are most similar to 169.254.x.x addresses hosts use if they do not have global addresses, however in IPv6 they are always configured.
  • Loopback is the how a host can refer to itself, similar to 127.0.0.1 in IPv4. The IPv6 address is ::1/128 and is also called Host Scope.
  • Multicast can be used both with link-local, site-local, and global scope. This is how, for example, nodes on a given lan can find each other. Multicast addresses are in the range ff00::/8. More on IPv6 Multicast addresses.
  • Broadcast is not used in IPv6 in favor of Multicast.
  • Site-Local scope is specific to an enterprise. However as an addressing range, it has been deprecated since 2004. Documentation that referrers to it or the range fec0::/10 is out of date.
  • Uniform Local Addressing to some degree replaces site-local. ULA is similar to RFC 1918 address in IPv4, but with some differences. ULA is relatively new, and there still is an amount of churn in the standards bodies about how the addresses should be used. UW Network Services discourages the use ULA at this time.

    Now, we can discuss how hosts can be assigned Global scope addresses.

Stateless Autoconfiguration

This is one of the most common mechanisms used for IPv6 address assignment. A host listens (or solicits) for messages from the router about what network prefix the host is on. The host then takes the network prefix, and appends its mac address in a modified form (by inserting FF:FE in the middle, and setting the 7th bit to a 1) and uses that as the global scope address. This is typically the default on Unixes (OS X, Linux, BSD, Solaris, etc).

Example:

Prefix announced by router: 2607:f388:f:100::/64
Host mac address: 00:0C:29:4A:7C:B0
Autoconfigured address: 2607:f388:f:100:20c:29ff:fe4a:7cb0/64

Stateless Autoconfiguration w/ Privacy Extensions

One of the issues with the above method is that mac addresses are typically unique globally. If a host moved between subnets (or from UW to a user's home) the network prefix portion of the address would be different, but the lower 64 bits of the address would remain the same. This global uniqueness is then a privacy concern because a machine would potentially be recognizable regardless of where it connected to the internet.

To combat this, a host can still take the network prefix announced by the router, but then generate a random identifier to use for the host portions of the address. To take things further, the host can change the lower bits periodically to help stay anonymous.

This is the default behavior on some Microsoft platforms, and particularly annoying in enterprise environments. However, it can be disabled using the registry or commands:

netsh interface ipv6 set privacy state=disabled store=persistent netsh interface ipv6 set global randomizeidentifiers=disabled store=persistent

Static Configuration

Perhaps the most obvious mechanism for giving a host a global scope address is to assign one and statically configure on the host. However, some hosts may still also automatically configure dynamic addresses unless configured not to. This is particularly annoying for servers or for where firewalling is used. Example: IPv6 static address configuration for linux hosts. Also, see the note near the bottom of this page on disabling autoconfiguration.

Stateless Autoconfiguration w/ stateless DHCPv6

After using one of the above mechanisms for address assignment, the typical next step is to configure DNS servers for the host to use. This can be done via a lightweight DHCPv6 server who's only job is to hand out options, but not keep track of address assignments. This can be used with Microsoft operating systems newer than XP. The routers on the network must be configured to announce to clients that stateless DHCP service is available. Stateless DHCPv6 clients are not included as part of OS X.

Stateless Autoconfiguration w/ DNS Advertisement (RFC 5006)

A new way to assign DNS servers in IPv6 is to have the routers announce them out to the network along with the prefix. UW's routers currently can not send this option, and client support for RFC 5006 nearly non-existent.

Stateful DHCPv6

Networks can be configured to only use DHCP for addressing and options. This is very similar to how DHCP is typically used on IPv4 networks. Some differences are that the network's routers must be configured to tell the clients to use statefull DHCP, and support for identifying a host based on its mac addresses across a relay may be problematic (match on the DUID instead). Stateful DHCPv6 clients are not included as part of OS X.

If you use stateful DHCPv6 for all hosts on a lan, it is possible to turn off autoconfiguration. See the note near the bottom of this page.

Note on using IPv4 DNS servers on dual-stack hosts

It should be pointed out that since most (nearly all) hosts on the UW network will have both IPv4 connectivity as well as IPv6, DNS is no different from any other network application and you can certainly use IPv4 DNS servers and not worry about configuring your hosts to use DNS over IPv6. However, you will want to make sure that your DNS servers are usable over IPv6.

Note on disabling autoconfiguration

Our routers have the capability to not announce the IPv6 configuration out to the network. This prevents hosts from autoconfiguring themselves, and is useful for server environments or applications where you want hosts to be 100% staticly configured or configured solely by stateful DHCPv6. This also can be useful if you have many ipv6 capable hosts (nearly every modern host) but want to keep them disabled while you manually enable them one at a time.

0 thoughts on “Ipv6 Auto Address Assignment

Leave a Reply

Your email address will not be published. Required fields are marked *