IPv6 in my LAN

After en­abling IPv6 in my WLAN router, I also en­abled IPv6 in my FreeBSD sys­tems. I have to tell that the IPv6 chapter in the FreeBSD hand­book does not con­tain as much in­form­a­tion as I would like to have about this.

Con­fig­ur­ing the in­ter­faces of my two 9-​current sys­tems to also carry a spe­cif­ic IPv6 ad­dress (an easy one from the ULA I use) was easy after read­ing the man-​page for rc.conf. After a little bit of ex­per­i­ment­ing it came down to:

ifconfig_rl0_ipv6=“inet6 ::2:1 pre­fixlen 64 accept_​rtadv”
ipv6_defaultrouter=”<router ad­dress>”

Apart from this ad­dress (I chose it be­cause the IPv4 ad­dress ends in “.2”, this way I can add some easy to re­mem­ber ad­dresses for this ma­chine if needed), I also have two auto­mat­ic­ally con­figured ad­dresses. One is with the same ULA and some not so easy to re­mem­ber end (con­struc­ted from the MAC ad­dress), and one is from the of­fi­cial pre­fix the router con­struc­ted out of the of­fi­cial IPv4 ad­dress from the ISP (+ the same end than the oth­er end).

Ad­di­tion­ally I also have all my jails on this ma­chine with an IPv6 ad­dress now (yes, they are like “…:2:100” with the :100 be­cause the IPv4 ad­dress ends in “.100”). Still TODO is the con­ver­sion of all the ser­vices in the jails to also listen on the IPv6 ad­dress.

I already changed the con­fig of my in­tern­al DNS to have the IPv6 ad­dresses for all sys­tems, listen on the IPv6 ad­dress (when I add an IPv6 net­work to allow-​query/​allow-​query-​cache/​allow-​recursion bind does not want to start). And as I was there, I also en­abled the DNSSEC veri­fic­a­tion (but I get a lot of er­ror mes­sages in the logs: “un­able to con­vert er­rno to isc_​result: 42: Pro­tocol not avail­able”, one search res­ult which talks ex­actly about this er­ror tells it is a “cos­met­ic er­ror”…).

I no­ticed that an IPv6 ping between two phys­ic­al ma­chines takes a little bit more time than an IPv4 ping (no IPsec en­abled). It sur­prised me that this is such a no­tice­able dif­fer­ence (not with­in the std-​dev at all):

— m87​.Leidinger​.net ping stat­ist­ics —
10 pack­ets trans­mit­ted, 10 pack­ets re­ceived, 0.0% pack­et loss
round-​trip min/​avg/​max/​stddev = 0.168÷0.193÷0.220÷0.017 ms

— m87​.Leidinger​.net ping6 stat­ist­ics —
10 pack­ets trans­mit­ted, 10 pack­ets re­ceived, 0.0% pack­et loss
round-​trip min/​avg/​max/​std-​dev = 0.207÷0.325÷0.370÷0.047 ms

The in­form­a­tion I miss in the FreeBSD hand­book in the IPv6 chapter is what those oth­er IPv6 re­lated ser­vices are and when/​how to con­fig­ure them. I have an idea now what this rad­vd is, but I am not sure what the in­ter­ac­tion is with the accept_​rtadv set­ting for if­con­fig (and I do not think I need it, as my WLAN router seems to do it already). I know that I get the IPv6-​friendly net­work neigh­bor­hood dis­played with ndp(8). I did not have a look at en­abling IPv6 mul­tic­ast sup­port in FreeBSD, and I do not know what those oth­er IPv6 op­tions for rc.conf do.

1 thought on “IPv6 in my LAN”

  1. Route Ad­vert­ise­ment al­lows zero-​configuration, i.e. auto­mat­ic ad­dress setup with the cor­rect pre­fix and a suf­fix taken from the MAC.
    OTOH rtad­vd is the serv­er part and you cor­rectly stip­u­lated that you do not need it; not un­less the that FreeBSD host is also an IPv6 router, e.g. one of his in­ter­faces act as gate­way to an­oth­er loc­al net­work in a dif­fer­ent (or longer) pre­fix.

Leave a Reply

Your email address will not be published. Required fields are marked *