Examples from various operating systems
firstname.lastname@example.orgTwitter: oejTwitter: ipv6friday
TCP/IP Geeks Stockholm 2015-03-17
Why IPv6 is important
• The Internet grows... a lot more than during the dot.com
• IPv6 is the only solution for growth
• Continued IPv4 use will lead to walled gardens, separate
Internet islands with little or no connectivity
• IPv6 enables global realtime communication between all
The Internet grows... more than during
the dot.com days
• Internet growth is bigger now than during the worst growth
during the dot.com explosion
• We have more Internet-enabled smart phones than IPv4
• An explosion of Internet-connected things is already happening.
We are global
• The Internet is growing personal and global.
• The only solution for global realtime communication is IPv6
• The current solution costs too much and is not global any more
• The change will go gradually
• IPv4 NAT will keep us alive
• Don’t count with more public IP addresses for servers and
• Don’t panic, but start acting.
• Your contacts/customers in Asia will complain that they can’t e-
mail you, or reach your web
• You buy a cool gadget in the Duty-Free electronic store, and it
just won’t connect
• Your ISP or hosting center says they will have to charge 1.000
Euro for the new IP address - per year.
IPv6 is the only solution
• There is no other magic solution to Internet growth and scalability
1. Learn IPv6
• You need to upgrade your network engineers
• It’s not hard, but remember, it’s a new protocol
• A new protocol means new security issues
2. Get addresses
• Your ISP (or your next ISP) will give you a /48 network
• You will have more addresses than the current Internet and all of
IPv4 - yourself!
3. Require IPv6
• Don’t buy any network services, equipment or computers that
does not support IPv6
• Wake up, it’s 2015
• If no IPv6 support, take the cost this year, because you will soon
have to replace it.
4. Convert public services
• Convert e-mail, DNS,VoIP and web to IPv6
• Make sure the world can reach you
5. Check vendors
• Does your bank, consultants, outsourcing partners, vendors
• API Services you use?
• What’s the status of your business neighbourhood?
6. Dual stack on PCs
• When buying new PCs or upgrading, implement dual stack
• Supported by Linux, Mac,Windows
• Very simple to enable
7. Use IPv6 - only
• If all clients have dual stack, don’t be afraid to use ONLY ipv6 on
• Old servers are harder to move away from IPv4
• Use NAT64 for IPv4 reachability
8. Move the IT
• Let the IT department PCs be IPv6 only
9. Beneﬁt from IPv6
• VPNs are much easier
• You have a large address space - use it
• Mobility is built in
• IPv6 over IPv6, IPv6 over IPv4
• No more NAT traversal issues
10. Don’t panic.
• There is urgency, but your business won’t collapse if this doesn’t
• Make IPv6 part of every IT project
• Don’t make it a special project
• Start now.
• The beauty of the Internet is global reachability, global connectivity
• Without IPv6, the Internet will be fragmented into separate
islands and walled gardens
• We don’t want that. No one wants that. Stay connected.
Go IPv6 today!
Help your customers
• Wake them up
• Train them on all levels
• Introduce IPv6 in all current projects
• Help them test
• Get their public services connected to IPv6
• Require IPv6 from all your vendors
• Larger IP packet headers - IP address 128 bits instead of 32
• AllTCP/UDP protocols behave like before
• Protocols that embedd IP address will have to support the new formats
• Subnetting like before with CIDR preﬁxes
A common enterprise model
ISP get /32
Enterprise /48 or /56
TWO highways to the same destination
Link local address based on MAC (FE80::)
Site local address - ULA FDxx
Global address based on network preﬁx and MAC
Global address based on network preﬁx and random data
Link local multicast addresses
Service speciﬁc multicast address
Loopback address (only for loopback interface)
The app selects
Different views in OS/X
shows only IPv4
ONE IPv6 address
Distributing IPv6 addresses
Local Link (FE80::) - automatically
Global based on RA preﬁx - automatic (SLAAC)
Global based on DHCP - automatic (SLAAC)
Static - manual conﬁguration
Based on MAC address
Based on random data for privacy (temporary address)
DNS, SIP gateway, NTP server etc
Random address from a range
Managed temporary privacy-enhanced
Static address based on device identiﬁer
DHCPv6 for ISP’s
Network preﬁx, subnet mask
Gets a network (not an address)
from the service provider.
Distributes real Internet addresses to
network hosts. No NAT.
DUID = Device Identiﬁer
DUID - Device Unique Identiﬁer
IAID - Interface Adapter Identiﬁer
In IPv4 DHCP the MAC
is the system!
Where are they?
Only shown in Microsoft
Windows 7. I can’t ﬁnd it
easily in any other system.
Required to set up static
• Announce a preﬁx and a
RADVD or RTSOL support
• MAC or temporary
• Simple, but not much control
• RA tells device to use
SLAAC and fetch more
options in DHCPv6
• DNS address, NTP server
• Better management, but still
not much control
• RA tells device to get IP and
more options in DHCPv6
• Device sends DUID+IAID
• Better management - log in
• Where is the DUID?
• ”Welcome back.You’re using a
MacBook Pro 10th generation
from Sollentuna, Sweden.”
• Why should I let everyone see my
MAC address? And that I use
• All systems support this.Windows
enable it by default. No other
system has it in the UI.
...or is it the
We need to make IPv6 a normal
part of all network projects. Now.