Jump to content



Photo

Implementing dual stack IPv4/IPv6 at my home


  • Please log in to reply
19 replies to this topic

#1 +riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 20 October 2013 - 11:00

Hello,
 
As you know, I very recently started a thread that I was asked at work to make our network IPv6.....
 
This is related but more on a personal level as it is for my home. Might as well do it now than later.
 
I believe my ISP supports native IPv6 but Ive left a comment on their forums so I should know 100% shortly.
 
Lets see:
4 Windows 7 PCs
1 Blu-ray player in about 2012
A TV in 2006-2007
Various Android phones
 
As much as I can remember right now, those devices are the equipment in my home that our connected to the internet thru my router.
 
Its obvious that at this stage a dual stack of mixing IPv4 and IPv6 (tunnel or nonrelated?) is required since at home a lot of sites accessed will still be IPv4 only.
 
Oh, I have a DD-WRT router (SVN revision 18777) and a Amper ASL-26555 as my ADSL modem (IPv6 compatible). 
 
Thank you for reading and helping.


#2 PGHammer

PGHammer

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 31-August 03
  • Location: Accokeek, MD
  • OS: Windows 8 Pro with Media Center x64

Posted 20 October 2013 - 11:11

Hello,
 
As you know, I very recently started a thread that I was asked at work to make our network IPv6.....
 
This is related but more on a personal level as it is for my home. Might as well do it now than later.
 
I believe my ISP supports native IPv6 but Ive left a comment on their forums so I should know 100% shortly.
 
Lets see:
4 Windows 7 PCs
1 Blu-ray player in about 2012
A TV in 2006-2007
Various Android phones
 
As much as I can remember right now, those devices are the equipment in my home that our connected to the internet thru my router.
 
Its obvious that at this stage a dual stack of mixing IPv4 and IPv6 (tunnel or nonrelated?) is required since at home a lot of sites accessed will still be IPv4 only.
 
Oh, I have a DD-WRT router (SVN revision 18777) and a Amper ASL-26555 as my ADSL modem (IPv6 compatible). 
 
Thank you for reading and helping.

 

The Android phones likely support IPv6, as mobile has been a big driver, especially in Asia.  The issue will be the TVs and BD player (if it supports wireless connectivity) - if Linux is the base, IPv6 could be present.

Windows has supported IPv6 out of the box since Vista, and has been backported all the way back to Windows 2000.



#3 OP +riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 20 October 2013 - 11:19

Hello,

The Android phones likely support IPv6, as mobile has been a big driver, especially in Asia.  The issue will be the TVs and BD player (if it supports wireless connectivity) - if Linux is the base, IPv6 could be present.
Windows has supported IPv6 out of the box since Vista, and has been backported all the way back to Windows 2000.

Im almost sure the BD player does but the TV Im not sure....should be since its updated recently too so lets just suppose they do...

#4 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 86
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 22 October 2013 - 13:23

To play with or setup a dual native what does it matter if some devices do not support ipv6 as of yet - that is the whole point of dual stack ;)  I would not mess with your tv or bluray player for ipv6 to be honest.

 

If your planning on using dd-wrt as your ipv6 router - I would really suggest you look into how to add ipv6 firewall on it.  I don't think it has one enabled by default.  You don't want to expose boxes directly to ipv6.

 

You might want to look into running something that is going to give you more insight and features with ipv6 at your gateway - pfsense has great ipv6 support, and m0n0wall does as well.  With ipv6 firewall.



#5 OP +riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 22 October 2013 - 15:57

Hello,

To play with or setup a dual native what does it matter if some devices do not support ipv6 as of yet - that is the whole point of dual stack ;)  I would not mess with your tv or bluray player for ipv6 to be honest.
 
If your planning on using dd-wrt as your ipv6 router - I would really suggest you look into how to add ipv6 firewall on it.  I don't think it has one enabled by default.  You don't want to expose boxes directly to ipv6.
 
You might want to look into running something that is going to give you more insight and features with ipv6 at your gateway - pfsense has great ipv6 support, and m0n0wall does as well.  With ipv6 firewall.

http://www.dd-wrt.co..._K26_big_images

It looks pretty easy enough to implement. Thing is my router TP-Link TL-WR1043ND runs k2.4 and Im not sure if its OK with k2.6

#6 OP +riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 22 October 2013 - 16:05

Hello,

:( Sadly still in 2013 my ISP, one of the biggest at international level, tells me that Im stuck with a tunnel if I want to use IPv6.

#7 tonyjr

tonyjr

    Brewer

  • Joined: 20-July 04
  • Location: Essex, UK
  • OS: ESXi, CentOS, MS-DOS, Windows Server 2008 R2 Enterprise
  • Phone: Blackberry Bold 9900

Posted 18 November 2013 - 22:29

ipv6.png

 

If you have a tunnel from HE.net, it isn't too much work to get it working on your router. The main bit is the firewall, which is a bit different to IPv4, but doesn't take too long to remember the basics. The screenshot attached shows the tunnel endpoint configured, addresses for the tunnel endpoint and local network interfaces, the RA setting for the local network interfaces and firewall.

 

Working configuration for a few years.

 

Have a play with it and see how it goes.

 

 



#8 OP +riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 20 November 2013 - 14:57

Hello,

attachicon.gifipv6.png
 
If you have a tunnel from HE.net, it isn't too much work to get it working on your router. The main bit is the firewall, which is a bit different to IPv4, but doesn't take too long to remember the basics. The screenshot attached shows the tunnel endpoint configured, addresses for the tunnel endpoint and local network interfaces, the RA setting for the local network interfaces and firewall.
 
Working configuration for a few years.
 
Have a play with it and see how it goes.

I wanted to get it working internally first then work with HE.net (also recommended by BudMan) to have WAN IPv6 access.....

I actually already have a IPv6 firewall working on the DD-WRT. I mean working as in implemented, not yet tested.

#9 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 86
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 20 November 2013 - 16:47

"I wanted to get it working internally first then work"

And why would it not already be working internally? Your 4 windows 7 machines out of the box should be able to talk to each other on via their link local ipv6 addresses.

Unless you plan on creating multiple ipv6 segments on your local network to play with - the only really way to play with it in any real sense is to get a tunnel if your isp does not support it.

#10 OP +riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 21 November 2013 - 08:52

Hello,

"I wanted to get it working internally first then work"

And why would it not already be working internally? Your 4 windows 7 machines out of the box should be able to talk to each other on via their link local ipv6 addresses.

Using ping, it gives me (out of 4) 2 or 3 that say "Request timed out". The rest ping normally.

In a traditional manner, shouldnt I use DHCPv6? This was I know a set of IPs the clients will get...

Unless you plan on creating multiple ipv6 segments on your local network to play with - the only really way to play with it in any real sense is to get a tunnel if your isp does not support it.

OK :) So how would I go on setting up a tunnel (Ill use HE since Ive read a lot recommend it) on DDWRT?

#11 The_Decryptor

The_Decryptor

    STEAL THE DECLARATION OF INDEPENDENCE

  • Tech Issues Solved: 4
  • Joined: 28-September 02
  • Location: Sol System
  • OS: iSymbian 9.2 SP24.8 Mars Bar

Posted 21 November 2013 - 10:07

Running DHCPv6 lets you create a mapping of hostname <> IP, which you don't get with normal auto-configuration. Windows Server comes with a good one, otherwise you can run (newish) builds of dnsmasq (Although I prefer the default setup of OpenWRT, it has a custom DHCPv6 server)

If DD-WRT comes with the required modules then creating a HE.net tunnel should be as simple as following the instructions HE.net gives you, then configuring the firewall to not leak everything in your network to the world (To the router, your HE.net tunnel is exactly the same as your normal internet connection, you need to setup forwarding/routing rules between your internal prefix and the internet)

That being said, unless you're close to a HE POP, you probably won't see much IPv6 usage due to "Happy Eyeballs", even with my native v6 connection (Which is actually slightly faster than my v4 one) apps will randomly fall back to IPv4 on some systems.

#12 tonyjr

tonyjr

    Brewer

  • Joined: 20-July 04
  • Location: Essex, UK
  • OS: ESXi, CentOS, MS-DOS, Windows Server 2008 R2 Enterprise
  • Phone: Blackberry Bold 9900

Posted 03 December 2013 - 00:17

I wouldn't bother with DHCPv6, personally. Just use whatever's built into your router to broadcast RAs.

 

Simple and it does the job.



#13 The_Decryptor

The_Decryptor

    STEAL THE DECLARATION OF INDEPENDENCE

  • Tech Issues Solved: 4
  • Joined: 28-September 02
  • Location: Sol System
  • OS: iSymbian 9.2 SP24.8 Mars Bar

Posted 03 December 2013 - 05:26

If you want a mapping of hostnames to IP (And back again) you need DHCPv6 though (Or hope every system has Bonjour/Avahi installed). If you're using IPv4 with DHCP then it's likely you've already got that DNS mapping happening, in which case your systems won't use IPv6 to talk to each other (Since they won't know the other system has an IPv6 address, outside of plain fe80::/10 broadcasts)

On my router (OpenWRT trunk) I have a combined DNS/DHCPv4 server called dnsmasq, and a DHCPv6/RA server called 6relayd that inserts the DHCPv6 records into dnsmasq, so when a system does a DNS lookup for a host on my network it gets back both the v4 and v6 addresses (And when a system does reverse DNS it finds the normal hostname)

Sure, not using DHCPv6 won't hurt, but it does mean you'll have to enter the hexadecimal addresses to communicate, which is a right pain.

Edit: Oh, and if you want to split your network in two with a "downstream" router, you'd then have to manually configure the IP addresses. DHCPv6 also hands out network prefixes, not just plain IP addresses.

#14 tonyjr

tonyjr

    Brewer

  • Joined: 20-July 04
  • Location: Essex, UK
  • OS: ESXi, CentOS, MS-DOS, Windows Server 2008 R2 Enterprise
  • Phone: Blackberry Bold 9900

Posted 03 December 2013 - 06:36

I'm running dual stack without DHCPv6 and any dual stack client sutomatically registers its IPv6 address into Windows Server DNS with secure update once it receives the RA with DNS server information. I don't think I had to configure anything on the DNS Server. Static entries required for static IPv6 addresses as usual though.

#15 The_Decryptor

The_Decryptor

    STEAL THE DECLARATION OF INDEPENDENCE

  • Tech Issues Solved: 4
  • Joined: 28-September 02
  • Location: Sol System
  • OS: iSymbian 9.2 SP24.8 Mars Bar

Posted 03 December 2013 - 07:22

Hmm, so that is what Windows does, seems strange (Like, the DNS server shouldn't allow any random system to update records, it should only allow a trusted client)

 

Won't work in a mixed setup though, where you have Linux and Windows clients, or use a non Windows Server DNS server (like bind)

 

Edit: And putting the logic in the DHCP server allows for stuff like batching, restoring DNS info across restarts, etc.