====== IPv6 ====== ===== Tests ===== ^ Service ^ Tests Subjects ^ | [[https://www.mythic-beasts.com/ipv6/health-check?domain=onmars.eu|mythic-beasts.com]] | Nameservers, Webserver, Mailserver | | [[http://test-ipv6.com/|test-ipv6.com]] | Connection, DNS Resolver | | [[http://ipv6-test.com/|ipv6-test.com]] | Connection, DNS Resolver, Reverse DNS, ICMP, [[http://ipv6-test.com/pingtest/|Ping]], [[http://ipv6-test.com/speedtest/|Speed]], [[http://ipv6-test.com/validate.php|Webserver]] | ===== Tunneling ===== ==== 6to4 ==== * IPv4 World <-> ''192.88.99.1''6to4 relay''2002:x.x.x.x::/48'' <-> IPv6 World * ''192.88.99.1'' is an anycast address of the nearest //6to4 relay// * ''2002:x.x.x.x::/48'' is an anycast route of the nearest //6to4 relay// * On one side of the IPv4 net is an //6to4 relay//, on the other an //6to4 router// or host * IPv4 Hosts get an IPv6 Net * IPv6 Hosts get nothing (they know "I'm talking to an 'IPv4 host'" but they don't get an IPv4 IP/Net) * IPv6 encapsulated in IPv4 \\ IPv4(Type=41, Src=x.x.x.x, Dst=192.88.99.1, Payload=IPv6(Src=2002:x.x.x.x, Dst=Dst)) * ''2002::/16'' gets an **public** IPv4 Address appended => ''2002:x.x.x.x::/48'' => 16 Bit remaining for subnets. * Unmanaged: Automatically finds nearest Router per anycast * As an public IPv4 is required, it's hard to NAT ^ Host ^^ IPv4 only Net ^ 6to4 relay ^ At least IPv6 Net ^ ^ At least IPv6 Net ^ 6to4 router ^ ::: ^ ::: ^ ::: ^ | IPv6(Src=2002:x.x.x.x::, Dst=y) | -> | IPv4(Type=41, Src=x.x.x.x, Dst=192.88.99.1) + IPv6(Src=2002:x.x.x.x::, Dst=y) | -> | IPv6(Src=2002:x.x.x.x::, Dst=y) | | IPv6(Src=y, Dst=2002:x.x.x.x::) | <- | IPv4(Type=41, Src=192.88.99.1, Dst=x.x.x.x) + IPv6(Src=y, Dst=2002:x.x.x.x::) | <- | IPv6(Src=y, Dst=2002:x.x.x.x::) | ==== 6in4 ==== * Like 6to4, but with explicitly configured relays (managed) * On both sides of the IPv4 only net are relays or hosts * Both have to configure the IPv4 IP of the other endpoint => Only usable for static IPv4 addresses. * Not dependent on an ''2002::/16'' net ==== AYIYA ==== * Solves the NATing problems of 6in4 and 6to4 by using NATable transport protocols (UDP, TCP, SCTP) * Prevents spoofing by signing packages * Prevents replaying * Does **not** encrypt packages * Still has problems with dynamic IPv4 addresses (those transport protocols does not support roaming) ==== AICCU ==== * Software/Protocol developed by SixXS to make 6in4 and AYIYA usable for dynamic IPv4 addresses (informs the other endpoint about new IPv4 address) * Also used by HE ==== Address Embedding ==== * IPv6 representations of IPv4 addresses * IPv4-Mapped IPv6 Address: ''::FFFF:x.x.x.x'' * Only on one host * Use IPv6 API for IPv4 (prevents duplicated or complicated code) * Can never be seen on the wire * IPv4-Compatible IPv6 Address: ''::x.x.x.x''(deprecated) * Can be routed and translated to the corresponding IPv4 (and back???) * Can be seen on the wire