Open main menu

Linux and Unix Users Group at Virginia Teck Wiki β

IPv6

Revision as of 06:12, 24 May 2011 by imported>Bguzz (Created page with "=Overview= Most Internet-connected computers communicate using Internet Protocol version 4, usually abbreviated IPv4. IPv4 assigns an address to each computer. These addresses a...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Overview

Most Internet-connected computers communicate using Internet Protocol version 4, usually abbreviated IPv4. IPv4 assigns an address to each computer. These addresses are 32 bits long, and can be written as a period-separated list of four numbers from zero to 255. One example would be 192.168.1.1, an address commonly given to home networking equipment. The 32-bit address space of IPv4 allows for about four billion addresses. Given that there are over six billion people on the planet, it's clear that these addresses will eventually run out. It turns out that due to the way these addresses are allocated in blocks, we actually already have run out.

Enter IP version 6, or IPv6. IPv6 uses 128 bits for each address, but is not yet very widely used. Virginia Tech, being the cutting edge institution it is, already supports IPv6 campus-wide. While this does not directly affect your computing experience, connecting your computer to a native IPv6 networks has a few implications you should be aware of.

Stateless Autoconfiguration and Privacy Extensions

In IPv4, a computer would need to be told its address either manually or by using a network service called DHCP. In DHCP, the computer asks a server to assign it an IP address that is not in use by anyone else.

In IPv6, the address space is so large that a mechanism called "stateless autoconfiguration" can be used. In stateless autoconfiguration, a computer asks a nearby router for the network prefix (the first few digits of the IP address that will be the same for all computers on the network), and then the computer fills in the rest of the bits on its own. Most Linux distributions do this by using the hardware address of the network adapter. This means that by default, your IP address could be used to uniquely identify your computer anywhere on the Internet, threatening your privacy online.

That's where privacy extensions come in. You can configure your Linux machine to generate an address randomly rather than by using the hardware address. We do that by adding a udev rule that enables temporary addresses when a network interface is enabled.

In Ubuntu and Debian, enable temporary addresses by opening a terminal and typing

   sudo -i
   echo 'ACTION=="add", SUBSYSTEM=="net", RUN="/sbin/sysctl -w net.ipv6.conf.%k.use_tempaddr=2"' > /etc/udev/rules.d/custom-ipv6privacy.rules

And then reboot your machine. You can verify that it worked by running

   ip addr show | grep temporary

from a terminal. If there are any lines which end in "scope temporary global dynamic" you're good to go.