Wednesday, February 28, 2018

[Educational] IPv6 from an IPv4 User's Perspective

I'm new to IPv6 and have been using IPv4 for a while now, and I am rather comfortable with it. As a result, I have quite a few questions to ask.

First of all, I know that it is not uncommon to be assigned a /64 block from an ISP rather than a /48 block. The /48 block clearly has the 4th block of nibbles open for subnetting, however this obviously isn't available in a /64 block. How can we split a /64 block (or smaller like a /68 etc) into subnets?

When I set up a Hurricane Electric IPv6 tunnel (as my ISP is IPv4 only) and configured an AirPort base station to use the IPv6 tunnel, I got the equivalent of being on a dual-stack network. I have used this network for a little while now to try and work out IPv6, however I see some confusing things:

  • The default route for IPv6 is within my own /64 block and ends in ::1 (so it is 2001:XXXX:XXXX:XXXX::1). The WAN address simply states my block and ends in ::. If the WAN address is not ::1 then the default route must be another device. Does this mean Hurricane Electric (or any Tunnel provider for that matter) use one address, specifically ::1, from your block for something? I'm not quite understanding what, but I certainly know that the ::1 global unicast address is NOT my AirPort base station, as I can ping it successfully from an external network with the base station disconnected. I assume Default Route to be like IPv4's Default Gateway, but I don't understand why that would be within my own block...
  • Each device gets its own link local address in the FE80:: range, and I assume this would be the equivalent of a 10.x.x.x or 192.168.x.x address in IPv4, and it cannot under any circumstances be externally routed, however devices usually also get two IPv6 addresses within the assigned /64 block. I cannot ping these addresses and get a response on anything other than the local network, so I assume these addresses are used for outgoing connections only, and I also assume that rather than the connections originating from the router's IPv6 address (as would be the case with NAT in IPv4) it will actually originate from the devices own IPv6 address it has self assigned from the /64 block. Are these assumptions correct?
  • How is the WAN address my /64 block with just :: on the end, making it 2001:XXXX:XXXX:XXXX::? is 2001:XXXX:XXXX:XXXX::0:0:0 a valid address on its own, considering I can ping it and get a response, and stop getting responses when I disconnect my base station? I question flat 0's being a valid address as 192.168.0.0 is not a valid address, but a network identifier in IPv4.
  • Can I prevent devices on a network from self-assigning themselves both global unicast and link local addresses? I would preferably like to be able to statically give out FE80:: and 2001:: addresses by myself to devices, or even have them given out in the way I want by a DHCPv6 server (though I have not yet found any implementation on this)
  • I can tell it would be largely frowned upon, but would it be possible to set up one main router which gives out IPv6 addresses in my /64 block to other routers, then these routers use NAT to provide link-local only addresses to connected devices, and would the same thing be achievable but with the second routers receiving an IPv6 address and then using NAT to provide an IPv4 network to connected devices?


No comments:

Post a Comment