ipv6 stuff

[tld]

I've been hoping to bite the bullet and get ipv6 working here. Like many, I've put it off because every time I've looked into it it just seemed insanely over-complex. I wish this time where different. I was reading Neddy's wiki which (as with everything from him) is a huge help:

https://wiki.gentoo.org/wiki/User:NeddySeagoon/IPv6

On a related note, I have a Linksys router running dd-wrt and I'd like to handle as much as I can there. I have to say though that this wiki around that is beyond the most insanely complex thing I've ever read:

https://wiki.dd-wrt.com/wiki/index.php/IPv6

That just seems patently absurd to me. An example of something that totally throws me there is trying to get a grasp on radvd. Neddy's guide explains that radvd runs on your router. However the section on radvd in the dd-wrt page is expressly labeled "if your DD-WRT box is NOT your IPv6-router", though it's mentioned again under the "6to4" setup. Clearly I must be missing something. To complicate matters even more, reading posts on the dd-wrt forum there's a lot of talk about using dnsmasq in place of radvd altogether.

It really just can't be as bad as it appears. Thanks in advance for any pointers at all.

Tom

[NeddySeagoon]

tld,

Most of that dd-wrt link is aimed at setting up an IPv6 tunnel over IPv4.
When IPv6 was rare, that was the only way to go. You used a 'Tunnel Broker' and got a /64 at your end of the tunnel.
That level of service was free.
In those days, the router only saw IPv4 and the IPv6 tunnel endpoint was on the machine you wanted IPv6 on.

These days you should get a /64 for your uplink. Possibly ppp0 and a delegated prefix for all your LAN segments.

dhcpcd on ppp0 will get both your IPv4 and IPv6 uplink addresses, even if they are assigned dynamically.
It will also get your delegated prefix and hand out a /64 from that prefix to all the interfaces in your router.

There is a dhcp server for IPv6 but I don't use it.

dhcpcd asks a server for the network setup. That's how IPv4 works. Its a pull mechanism.
The server keeps track of the IP addresses its handed out and refuses if there are none left.

radvd is push for IPv6 only. It broadcasts the prefix (usually a /64) to the LAN segment and every device on the segment makes up its own IPv6 address using the broadcast 64 bit prefix and its 48 bit MAC address. This is guaranteed to be unique as MAC addresses are supposed to be unique in the world too.
All that matters is that you don't have two identical MAC addresses on the same LAN segment.

What I missed out of that guide ... and its hard to find anywhere, is that the uplink to the ISP uses dynamic address assignments and the downlink(s) to your LAN segments use radvd, which is effectively static assigned addresses.

You will need

[tld]

Wow...thanks for the details for sure! I clearly have a lot to learn and a lot to digest around this.

I've always used all static ipv4 addresses with Linux so it's been a long time since I even had dhcpcd running. I'm still pretty confused as to what will be happening on the router vs the Linux hosts, and frankly I hadn't even heard much about PPP since the dial-up days ...wasn't even aware that would be part of this.

Thanks!
Tom

[NeddySeagoon]

tld,

You may well be all static. My /64 and /48 are fixed.
I choose to use dhcpcd to pick up the setup from my ISP but I don't have to.

You can play with IPv6 on your own LAN and as far as your ISP with the self assigned fe80:: <link> local addresses.
There will be a link local IPv6 address on your uplink. You can't get any further though until you have a <global> address.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.

[1clue]

I'm about to tackle the router idea again too.

One thing I learned since my last router is to not focus too hard on how things work in ipv6. Mechanically they work the same way with respect to net masks and routing. Some attention goes into understanding what's a link-local vs global vs the other types, but my advice is that you shouldn't get worried about it if you aren't having trouble with equipment working.

At this point almost every computing device sold works with ipv6. Almost every computing device sold autoconfigures itself with ipv6. So if your goal is to have connectivity then I suggest telling your dd-wrt router to configure itself for ipv6 (probably your ISP supports it whether it's advertised or not) and then let things happen.

Note that this does NOT apply to your firewall. You definitely need to pay attention to ipv6 and ipv4 both, and keeping track of what addresses go to the same host can be a pain.

[tld]

I think you're correct. That dd-wrt link above is woefully out of date by all accounts, and to a large extent things may just work. You're right that you have to be careful regarding the firewall stuff, though it sounds as though even some of that may have a default configuration:

https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1061686

Tom

[1clue]

@tld,

I've found dd-wrt to be a hugely unsatisfactory router.

It's fine for a basic replacement of a SOHO router, but when you get into less frequently used features like vlans and such it becomes problematic. That said it's been a few years since I even had a router that works with it.

One thing I noticed was that the port names for the GUI (meaning web interface) did not match with the port names in the command line. In my case the numbering was reversed in the GUI. I also had issues with the specific router hardware I was using, and much of the forum posts consisted of people who complained that none of the developers were working on reported issues.

Personally, I decided to buy better hardware which is oriented toward routing and then put a real Linux distro on it. There is tons of hardware out there. I recommend that if you want to go that way, find a board with multiple Intel NICs on it which use the 'igb' driver.

[tld]

Interesting. So far it's worked out well for me though I can't say I've done anything too out of the ordinary. I also have a Linksys WRT1900ACS which may just happen to be pretty well supported.

Tom