Tanner said: "How do you get IPv6 addresses? Would this work, say, as sort of a VPN where both your laptop and home network have IPv6 addresses and you could connect to them while the laptop is elsewhere?"
That's a great question. You can do IPv6 two different ways both of which will provide you IPv6 address space. We'll call the two ways "hard" and "easy". We'll cover the VPN thing second.
The Hard Way
The hard way is you go to your ISP and beg/plead/ask/pay for a block of IPv6 addresses much like you would if you wanted a set of IPv4 addresses. ISPs aren't fully on the IPv6 bandwagon yet so expect to get a lot of "why do you want to do that" and "I'm not sure we support that" kind of questions and comments. It's rather frustrating and I don't recommend going this route.
The Easy Way
If your ISP grants you a routable IPv4 address (i.e. not in the 10.x.x.x, 172.16.x.x or 192.168.x.x ranges) you already have an IPv6 range at your disposal using 6to4 addressing (and a large block of addresses at that). With 6to4 addressing any routable IPv4 address you are granted addresses in the humongous 2002::/16 IPv6 address space. How is it automatic? Your IPv4 routable address is automatically translated into hexadecimal. Why? For one reason IPv4 uses dot-decimal notation while IPv6 uses hexadecimal addressing.
Let's look a bit further. All IPv6 6to4 address, as previously stated, are contained within the 2002::/16 range. Following the network designation of 2002 the first 32 bits are your routable IPv4 address translated into hex. For instance if your firewall was issued the address of 192.0.2.42 by your ISP your IPv6 address range would be 2002:c000:022a::/48. After that you have another 16 bit network field to do as you please and a 64 bit host field all at your disposal.
So does this mean you can have a full network of hosts addressable on the Internet using IPv6 6to4 behind a NAT firewall with a single IPv4 address. Yes! Yes it does. It's really quite fun. If you are on a remote network and your computer has been issued an IPv6 address, either statically configured by the network administrator or, far more likely, issued by the DHCP server, you will be able to communicate with however many IPv6 devices you have on your remote network, even though the remote devices are exist behind a single IPv4 NAT'ed address. Cool huh?
Finally there is one important caveat: if the IPv4 addresses on your home firewall changes so does all your IPv6 6to4 addresses. As I write this I am not aware of a service such as dyndns on the IPv4 side that will update domain names using IPv6 6to4. Hint hint there, industrious TriLUGers!
Subscribe to:
Post Comments (Atom)
2 comments:
Ok, so I'm a bit confused now. I think you've written "IPv6" in a couple of places you meant to write "IPv4". I.e. "If your ISP grants you a routable IPv6 address (i.e. not in the 10.x.x.x, 172.16.x.x or 192.168.x.x ranges)" and possibly (although, not sure about this one) "As long as your remote host, wherever you may be, has been granted an IPv6 address through native addressing".
Can you please clarify? Thanks!
Still, I see the basic idea now and that's pretty cool!
Oh! Good catch! That should have read "IPv4". If I ever write a book on this stuff I'll have to make you an editor. :)
The second one is kind-of correct though I'll change "native" to something else. I don't like how that reads. Basically what I was trying to say is if your remote host has ONLY an IPv4 address you won't be able to communicate with your IPv6 devices. In order for the remote host to communicate with your "home" IPv6 6to4 devices your remote computer must also have an IPv6 address.
Post a Comment