IPv6 in Ubuntu 12.04

August 3, 2012 by hs

I have been exploring IPv6 for a couple months now. It’s a very interesting subject and will quickly become inevitable. IPv6 is coming and it’s here to stay. I have learned a lot about IPv6 in Ubuntu and Windows. Consider this the first article in a series I’ll be publishing as I learn more. I will not give an introduction to IPv6 here. There are lot of good places to learn about it

IPv6 is enabled by default in Ubuntu 12.04 Precise Pangolin. A Local Link Unicast (link-local) address is configured automatically. If you have Router Advertisement (RA) enabled on a switch or router on your network then Ubuntu will autoconfigure its own Global Unicast Address as well. But how does your /etc/network/interfaces file look? Something similar to below.

auto lo iface lo inet loopback auto eth0 iface eth0 inet dhcp

See how you didn’t have to do anything on Ubuntu to get IPv6 working? But let’s dig deeper.

If you still want to be explicit for Ubuntu to use autoconfiguration for IPv6 then edit /etc/network/interfaces.

sudo vim /etc/network/interfaces

And add a line for IPv6 to make the file look similar to below:

auto lo iface lo inet loopback auto eth0 iface eth0 inet dhcp iface eth0 inet6 auto

Bring down eth0 and bring it back up.

sudo ifdown eth0

sudo ifup eth0

Static IPv6 Address

What if you wanted to use a static IPv6 address? Just edit your /etc/network/interfaces file and make it look similar to below.

auto lo iface lo inet loopback auto eth0 iface eth0 inet dhcp iface eth0 inet6 static address 2999:abcd:1234:5678::a157 netmask 64 gateway 2999:abcd:1234:5678::1 dns-nameservers 2999:abcd:1234:5678::20 dns-search codeghar.com

Privacy Extension

Let’s say you want to enable privacy extension. That’s also quite easy to do.

sudo vim /etc/sysctl.d/10-ipv6-privacy.conf

In this file, make sure you have the following two lines. This will enable privacy extension on all interfaces. By default Ubuntu already has privacy enabled (I think).

net.ipv6.conf.all.use_tempaddr = 2 net.ipv6.conf.default.use_tempaddr = 2

Save the file and exit vim. Now run the following command to enable these settings.

sudo service procps restart

If that doesn’t work then you can restart your computer.

Look at your IPs and you’ll notice something interesting.

ip addr show

1: lo: mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: mtu 1500 qdisc pfifo_fast state UP ql en 1000 link/ether 00:05:06:07:08:09 brd ff:ff:ff:ff:ff:ff inet 192.168.1.100/24 brd 198.168.1.255 scope global eth0 inet6 2789:1234:cdef:9876:395e:c9fd:78b4:d863/64 scope global temporary dynamic valid_lft 604349sec preferred_lft 85349sec inet6 2789:1234:cdef:9876:205:06ff:fe07:0809/64 scope global dynamic valid_lft 2591921sec preferred_lft 604721sec inet6 fe80::205:06ff:fe07:0809/64 scope link valid_lft forever preferred_lft forever

For eth0 you’ll notice two IPv6 addresses with scope global: “scope global temporary dynamic” and “scope global dynamic”. The term “temporary” means that this is a disposable address generated because of privacy extension. It will expire when “preferred_lft” seconds expire and new temporary address will be generated.

Since we chose value 2 in file /etc/sysctl.d/10-ipv6-privacy.conf, these temporary addresses will be used when connecting to other computers.

Security

Do not forget that you now need to maintain two firewalls, one for IPv4 and one for IPv6. I’ll write another post about ip6tables, the firewall for IPv6.

Disable IPv6

I highly recommend to NOT disable IPv6 in Ubuntu. But if you still want to you can.

sudo vim /etc/sysctl.conf

Add three lines to the file.

net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1

Save the file and exit vim. Now run the following command to enable these settings.

sudo service procps restart

If that doesn’t work then you can restart your computer.

Hat Tips

IPv6 privacy extensions on Linux; Make curl download using non-Privacy extension IPv6 address?; How to be anonymous on IPV6 protocol by not using MAC address in EUI-64?; Disable IPv6 If your Internet is Working Slow in Ubuntu 12.04 Precise Pangolin/Linux Mint 13; IPV6 auto configuration not working