Can we please get an IPv6 video?

I don’t understand IPv6 at all. I think the team is great at explaining technical matters.

Can we have an IPv6 video, please?

I two would champion this as most of the people in my IT shop do not understand IPv6 nor how we use it internally. I would love to be able to point them to that video. Especially the baked in QoS and auto IP generation.

So its so much more than just longer IP addresses?

So much more than longer IPs. Bigger IPs is the selling point that they went with to get the normies on board, but honestly that was the most boring of the feature set.

That an MS dragged their heals for as long as they can since the spend so much effort to get IPv4 stuff working after the whole MS Windows with Networking fiasco. They finally got it right but it took them a decade too long to make the networking features more generic and less IPv4 specific. There are still a few quirks found in MS Server from time to time though.

One thing we use internally and that I use at my house is the auto IP negotiation. If all of your devices have unique MACs, then you can setup your DHCP server to allow the device to request an IP by using it’s MAC.

So say for exampe, you network is using the range 2020:: - 2020::FFFF :FFFF:FFFF just means that everything in between is just 0s. then if you have a device with mac 0123456789AB, you can allow the device to suggest to the DHCP server that it would like to lease IP 2020::0123:4567:89AB. This can be very dangerous though so I only do this with physical devices. Once I have the agreed upon IP, I then lock it in a static IP and then turn that feature off. I do this more out of laziness as IPv6 addresses are nea impossible to remember so it is quicker to do that then it is to give it a manual static address. This quick MS article should help you get your feet wet on auto configuration.

The cons against the above is that, if you leave it on all of the time, without switch port security turned on, basically give rogue device carte blanche to join your network. I don’t add devices often so I am willing to let the matrix blip briefly just for the added convenience of adding a device to the network and then locking it down. Like a mama duck, I count how many devices have been added to the network and since I have a list of the newly added devices, I see something that was not there before and that was not recently added by me, I reject it from the network.

There are many other wonderful features of IPv6. I will tell you though, learn how to use DNS because seriously, on Marc Zuckerberg can remember v6 adresses, even if they are mostly zeros.

I am pretty sure that

Doesn’t MS also use ip6 for all the homegroup networking nonsense?

I don’t know as we use some bare minimum features on the Windows machines at work. All of the RHEL systems use IPv6 extensively. I also don’t have a Windows machine at home. I use *nix exclusively at home.

This is actually not as hard as you make it out to be - but still harder than IPv4, to be sure.

IPv6 addresses are divided into three major parts: Network (first 48 bits), Subnet (16 bits) and Host (last 64 bits). They are also using hexadecimal byte encoding in eight groups. That is, a full IPv6 address is 1234:5678:90AB:CDEF:ABCD:EF12:3456:7890

This looks huge and daunting, but actually, there are two tricks that will help you. The first is that leading zeroes does not need to be typed out, e.g. 0012:0345:6708:… can be written as 12:345:6708:…

The second trick is the :: shortcut which is a one-time alias for “all groups between these two is zero”.

Now, remember what I told you about addresses being split into several parts? This means your ISP will designate a network to you, and you are free to use the rest to whatever you want:

abcd:0cb0:0043:0000:0000:0000:0000:0000

Now you are free to address this space however you see fit. So, say you have five machines that need a static IP address, then:

Host A: abcd:0cb0:0043:0000:0000:0000:0000:0001
Host B: abcd:0cb0:0043:0000:0000:0000:0000:0002
Host C: abcd:0cb0:0043:0000:0000:0000:0000:0003
Host D: abcd:0cb0:0043:0000:0000:0000:0000:0004
Host E: abcd:0cb0:0043:0000:0000:0000:0000:0005

With the short forms these get a lot easier to remember:

Network: abcd:cb0:43::
Host A:  abcd:cb0:43::1
Host B:  abcd:cb0:43::2
Host C:  abcd:cb0:43::3
Host D:  abcd:cb0:43::4
Host E:  abcd:cb0:43::5

Or in other words, you only need to remember your 12-digit network number and which number you assigned your server to. So it’s not that much harder than remembering IPv4 addresses.

That being said, you still definitely want a DNS, because not even the Zuck can remember all IP addresses to all servers in the world. But for the networks you administer, it’s quite possible to remember them.

Thanks for adding that. I was being overly dramatic there, but for my job, the network was setup by a third party company and they did not make it easy for us to work with. we are dealing with at least 300 machines daily, not to mention the many internal networks that each other third party systems run. The should hand still us working with string at least 20 char long with very few machines falling in sequence in each network. -> but I do exactly what you mentioned at home.

All that to be said, hey people are knowledgeable about this stuff on the forum but there are many more that are not. If we showed the thoughtfulness of the developers and consortium that came up with IPv6, we could help convert the world sooner.

Aye, I completely agree on an IPv6 video, if only to show some neat tips and tricks.

Of course, the biggest reason IPv6 isn’t deployed full-scale yet is that it offers no real benefit over IPv4, pretty much how Linux Desktops offers no real benefit over Windows. Sure, there are benefits, just not big enough to matter. If IPv6 could elegantly solve the problem of a host suddenly switching networks (say, a cellphone switching masts from abcd::1 to abdd::1) and handle re-routes neatly, that would be awesome. Alas, all that is handled above the IP layer for better or worse.

I heard stories of certain software within the stack to have weird behavior/failures when ipv6 is disabled in a network, don’t remember if that was Micro. or some Apple.

In bigger corporate or merged environments a lot of people would be very, very happy to be able to simply migrate those new networks together
The mathematical probability of them not being compatible is very low.

The public IP(v6) space is big now enough that companies could just buy some and definitely have 0 collision and simply address everything with public addresses - not saying you have to route to those devices.
… remembering back in the days when US universities did this to campus buildings … public /24 blocks, public address for anyone in the building (sometimes behind firewall, sometimes not).

Then again, we do have source NAT and other networking “magic” that allows a “simple” initial integration, so yes, we are back to: “no real benefits” for management, so no money, thus no adoption of IPv6.
Would be nice to hear someone give good reasons.

I would move this below the IP stack, dual homing between those 2+ masts and them sending the data, below IP stack making sure the same package gets processed only once (might already be the case actually, as you keep the IP across towers as far as I know).

What IPv6 could do: Everyone on earth gets his own personal network range, birth right kind of thing.
Unfortunately at the near end of IPv6 specification they found kind of a privacy flaw: using the same address everywhere kind of gives you away as “this person” immediately.

back to the topic…

+2 on having a video on how elaborate the IPv6 stack is in tools and pieces that our Level1 team is getting their hands on would be nice (next to the basic introduction asked by the initial post).

Note: Personally having all local services at home running IPv6 only, v4 is used for some internet sites that don’t support v6, aand my faster upstream internet only has v4…

Are you sure that we can omit leading zeros when the rest of the field is populated? I think I read somewhere that you can only omit blocks that are 100% zeros and that the :: omission cannot happen twice in a given address.

I’d like to see more folks get familiar with nd-proxying and nd-relaying, and how it relates to SLAAC and what happens to your LAN when your ISP decides to renumber a part of their network and hand out new prefixes to everyone, and how that affects your own DNS within your home.

In particular, there’s a widely held expectation when dynamically assigning IP addresses that each host will get their own public /64 , and it’s usually the ISP managed modem/gateway that’s handing them out individually.

This “maintaining a personal stateful network level firewall” is slightly at odds with what many ISPs allow you to do. (notably, they want you to pay for a business plan to get a /48, and a /56 support is a hit and miss between ISPs).

Yep, each two-byte hex field may omit all leading zeroes, so 00ab:0cde:0000:0f10:0000:0000:0000:0004 can indeed be shortened to ab:cde:0:f10::4 or, if you wish, ab:cde::f10:0:0:0:4. You must not have two :: in the same address and must have at least one digit in each field otherwise.

+1 on IPv6 video…
I do use it at home now, and I have 3 subnets running their own PD… And I know some terms like PD and RA… But I still feel confused and unsure.

I’d also like one, also like to know the possible implementations ISP vise.

Nice.

I’ll make a shirt that says

“There’s no place like ::1”

And I’ll make hundreds if not thousands of dollars off network admins and site reliability engineers.

I love your enthusiasm regarding the shirt income

I mean, even I wont be able to get the referrence off the bat.

It’s really not any different to be honest, at least for a non-network admin. There are some differences, but honestly, it’s not bad. I think people see the long addresses and don’t know what to think. Just remember, it’s a number that’s all it is. IPv4 addresses are just numbers too. How we write the addresses matters to us, but to the computer, it doesn’t care at all.

Other than the long-ass addresses there are some notable changes:

• No more default gateways! All router(s) send out router advertisements (RA) to let devices know they are their gateway
• No more need for PAT (what your router does to translate your many inside private addresses to your single public address) for home routers.
• • This is the big one that throws people after how big the addresses are
• • Your router now will be a true router as it will be assigned a public address facing the internet and then given a range of public addresses to give to clients behind it and it will truly route the traffic and not just translate some private to public address through PAT (see point 5 in the “what hasn’t changed” list)
• There are officially local addresses now and are required for IPv6 (think like the 169.254.X.X Microsoft auto config range that your nic is set to if you dont’ have a DHCP server, but actually useful and has a purpose in life)
• • All local traffic will use this local address, only when traffic is routed out will it use your public address. You will never need to configure these, these addresses are all augimatic via EUI-64.
• New protocols to help ease address configuration, like SLAAC/EUI-64
• No more broadcasts, only unicast, multicast, and anycast
• A stupid amount of transition protocols (NAT64, NAT-PT, NPTv6) so you can talk 4 to 6 or 6 to 4 or whatever else you want, some of which are already dead and which no-one even ever should know about since you can run IPv4 and IPv6 at the same time (and should until we reach critical mass adoption point)
• EDIT Totally forgot that ARP is replaced by NDP, same thing as ARP, just has more features.

What hasn’t changed:

• IPv4 (meaning dual stack)
• Private address space and PAT/NAT. Yes, there is actual private address space in IPv6 despite the sheer amount of addresses available and it will be used. You may not always want to let the world know your public address, like on your credit card processing servers or SQL servers or whatever other PCI/HIPAA/STIGd device you need to protect
• Routing. Stuff still routes and puts around the network like normal…
• Still have TCP, UDP, ICMP, etc
• Firewalls still firewall traffic (deny outside to inside, allow inside to outside and build a state to allow return traffic)
• DHCP is still a thing if you want to. There is a new thing called stateless DHCP, which just hands out like DNS addresses, where if you have clients auto-config their address
• Still have cables and stuff
• Still configure routing protocols the same
• Still configure Vlans the same
• Still have DNS
• Still have web servers
• Still have a bunch of other stuff that doesn’t change or changes only very slightly

Honestly, being a network admin it frustrates the hell out of me that even other CCNP or CCIE network admins still have a hard time trying to understand IPv6 when there really isn’t much of a difference. Cisco has been pushing IPv6 in their exams for a while now and has been pushing it even harder recently. I expect more of an adoption of IPv6 over the next 10 years as new admins grow up and take over from the older unwilling admins.

Ain’t there letters in it?

Yes, but letters can be numbers too if you use your i m a g i n a t i o n~~~~