🔍

IPv6 on 2023

by Alejandro Liu

Updated: 2024-03-19

in 2023

tagged address, alpine, configuration, information, linux, network

This is a sequel to my article IPv6 blues.

At the time it looked that only /64 prefix address was being allocated. However, when I recently checked my ADSL modem router configuration I noticed that actually the ADSL modem gets assigned /48 prefix. Thids makes the configuration much easier.

What is nice, is that for "reasonable" configurations, IPv6 usually does the right thing and configures most things by itself. For IPv6 routing, you only need to enable the right functionality and most of the addressing is determined automatically.

This article expands on this Alpine Linux Wiki article.

Layout

This is a very simple configuration.

eth0 KPN modem router HOME NETWORK eth1

The current Alpine Linux kernel (v3.17.3) has IPv6 enabled by default, so nothing special needs to be done for that.

Enabling forwarding

By deault, IP (v4 or v6) forward is disabled on a Linux kernel. To enable, you need to modify syctl.conf. Create a file:

/etc/sysctl.d/router.conf

# Controls IP packet forwarding
net.ipv4.ip_forward = 1

# http://vk5tu.livejournal.com/37206.html
# What's this special value "2"? Originally the value was "1", but this 
# disabled autoconfiguration on all interfaces. That is, you couldn't appear 
# to be a router on some interfaces and appear to be a host on other 
# interfaces. But that's exactly the mental model of a ADSL router. 

# Controls IP packet forwarding
net.ipv6.conf.all.forwarding = 2
net.ipv6.conf.default.forwarding = 2

# Accept Router Advertisments
net.ipv6.conf.all.accept_ra = 2
net.ipv6.conf.default.accept_ra = 2

# We are a router so disable temporary addresses
net.ipv6.conf.all.use_tempaddr = 0
net.ipv6.conf.default.use_tempaddr = 0

Configure networking

Configure IPv6 address for eth1. We don't need to configure eth0 as that will be done by dhcpcd through the ISP's router advertisements:

# Conect to ISP
auto eth0
iface eth0 inet static
  address 192.168.2.250
  netmask 255.255.255.0
  broadcast 192.168.2.255

# Connected to local LAN
auto eth1
iface eth1 inet static
  address 192.168.3.1
  netmask 255.255.255.0
  broadcast 192.168.3.255

iface eth1 inet6 static
  address fde4:8dba:82e1:fff4::1
  netmask 64
  autoconf 0
  accept_ra 0
  privext 0

Prefix delegation

The next step will be to configure DHCPv6 Prefix Delegation with your ISP. Install dhcpcd.

apk add dhcpcd

Configure it:

/etc/dhcpcd.conf


# Enable extra debugging
#debug
#logfile /var/log/dhcpcd.log

# Allow users of this group to interact with dhcpcd via the control
# socket.
#controlgroup wheel

# Inform the DHCP server of our hostname for DDNS.
hostname gateway

# Use the hardware address of the interface for the Client ID.
#clientid
# or
# Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as
# per RFC4361. Some non-RFC compliant DHCP servers do not reply with
# this set. In this case, comment out duid and enable clientid above.
duid

# Persist interface configuration when dhcpcd exits.
persistent

# Rapid commit support.
# Safe to enable by default because it requires the equivalent option
# set on the server to actually work.
option rapid_commit

# A list of options to request from the DHCP server.
option domain_name_servers, domain_name, domain_search, host_name
option classless_static_routes

# Most distributions have NTP support.
option ntp_servers

# Respect the network MTU.
# Some interface drivers reset when changing the MTU so disabled by
# default.
#option interface_mtu

# A ServerID is required by RFC2131.
require dhcp_server_identifier

# Generate Stable Private IPv6 Addresses instead of hardware based
# ones
slaac private

# A hook script is provided to lookup the hostname if not set by the
# DHCP server, but it should not be run by default.
nohook lookup-hostname

# IPv6 Only
ipv6only

# Disable solicitations on all interfaces
noipv6rs

# Wait for IP before forking to background
waitip 6

# Don't touch DNS
nohook resolv.conf

# Use the interface connected to WAN
interface eth0
    ipv6rs # enable routing solicitation get the default IPv6 route
    iaid 1
    ia_pd 1/::/56 eth1/2/64

Add dhcpcd to the default run level:

rc-update add dhcpcd default

Router advertisement

Now we need to configure radvd to give router advertisements to our internal network for addressing and routing.

apk add radvd

Once radvd is installed, you may configure it:

/etc/radvd.conf


interface eth0 {

  # We are sending advertisements (route)
  AdvSendAdvert on;

  # When set, host use the administered (stateful) protocol
  # for address autoconfiguration. The use of this flag is
  # described in RFC 4862
  AdvManagedFlag on;

  # When set, host use the administered (stateful) protocol
  # for address autoconfiguration. For other (non-address)
  # information.
  # The use of this flag is described in RFC 4862
  AdvOtherConfigFlag on;

  # Suggested Maximum Transmission setting for using the
  # Hurricane Electric Tunnel Broker.
  # AdvLinkMTU 1480;

  # We have native Dual Stack IPv6 so we can use the regular MTU
  # http://blogs.cisco.com/enterprise/ipv6-mtu-gotchas-and-other-icmp-issues
  AdvLinkMTU 1500;

  prefix ::/64 {
    AdvOnLink on;
    AdvAutonomous on; ## SLAAC based on EUI
    AdvRouterAddr on;
  };
};

interface eth1 {

  AdvSendAdvert on;
  AdvManagedFlag on;
  AdvOtherConfigFlag on;
  AdvLinkMTU 1500;

  # Helps the route not get lost when on WiFi with packet loss
  MaxRtrAdvInterval 30;
  AdvDefaultLifetime 9000;

  prefix fde4:8dba:82e1:fff3::/64 {
    AdvOnLink on;
    AdvAutonomous on; ## SLAAC based on EUI
  };
};

Add radvd to the default run level:

rc-update add radvd default

Conclusion

At this point you should have a working IPv6 set-up. Things that you may want to add:

  • Firewall rules
  • Additional static routes and subnets
  • DHCP daemon configuration to have more control on IP address assignments
  • OpenVPN