This chapter shows you how to enable IPv6 and IPv6 routers. This chapter also shows you how to configure IPv6 addresses for DNS, NIS, and NIS+. You also learn how to create tunnels between routers. This chapter also shows you how to run IPv6 additions to commands that display diagnostics. Finally, this chapter shows you how to display IPv6 name service information.
This chapter contains the following information:
Topic |
Information |
---|---|
Overview information about IPv6 | |
Transition information about transitioning from IPv4 to IPv6 | |
Conceptual information that is related to the procedures in this chapter |
This section provides procedures that you might need to configure IPv6 nodes on your network.
The term node in this context refers either to a Solaris server or client workstation.
Task |
Description |
For Instructions, Go to ... |
---|---|---|
Enable IPv6 on a node |
Involves touching hostname6.interface file, displaying addresses, and entering the addresses in the /etc/inet/ipnodes file. (See note.) | |
Configure a Solaris IPv6 router |
Involves adding entries to the indp.conf file. | |
Add IPv6 addresses to NIS and NIS+ |
Involves adding entries to the /etc/ipnodes file. | |
Add IPv6 addresses to DNS |
Involves adding AAAA records to the DNS zone and reverse zone file. |
You can enable IPv6 on a system when you install the Solaris software. If you answered yes to enable IPv6 during the installation process, you can omit the following procedures to enable IPv6.
Become superuser on the system where you want to enable IPv6.
On a command line, type the following for each interface.
# touch /etc/hostname6.interface |
Interface |
Interface name, such as le0, le1. |
Reboot.
The reboot process sends out router discovery packets. The router responds with a prefix. The response enables the node to configure the interfaces with an IP address. Rebooting also restarts key network daemons in IPv6 mode.
On a command line, display the IPv6 addresses.
# ifconfig -a |
Add the IPv6 address to the appropriate name service as follows:
For NIS and NIS+, see How to Add IPv6 Addresses to NIS and NIS+.
For DNS, see How to Add IPv6 Addresses to DNS.
Become superuser on the system that acts as a router.
Edit the file /etc/inet/ndpd.conf with subnet prefixes by adding one or more of the following entries.
See the in.ndpd(1M) man page for a list of variables and allowable values. For more information about the ndpd.conf file, see the ndpd.conf(4) man page.
Add entries that specify router behavior for all interfaces.
ifdefault variable value |
Add entries that specify the default behavior of prefix advertisement.
prefixdefault variable value |
Add sets per interface parameter entries.
if interface variable value |
Add advertisements for each entry for interface prefix information.
prefix prefix/length interface variable value |
Reboot the system.
Neighbor discovery (in.ndpd) relays the subnet address prefixes of the hosts to the hosts. Also, the next generation RIP routing protocol (in.ripngd) runs automatically.
# Send router advertisements out all NICs ifdefault AdvSendAdvertisements on # Advertise a global prefix and a # site local prefix on three interfaces. # 0x9255 = 146.85 prefix 2:0:0:9255::0/64 hme0 prefix fec0:0:0:9255::0/64 hme0 # 0x9256 = 146.86 prefix 2:0:0:9256::0/64 hme1 prefix fec0:0:0:9256::0/64 hme1 # 0x9259 = 146.89 prefix 2:0:0:9259::0/64 hme2 prefix fec0:0:0:9259::0/64 hme2 |
A new table has been added for NIS+ named ipnodes.org_dir. The table contains both IPv4 and IPv6 addresses for a host. The existing hosts.org_dir table, which contains only IPv4 addresses for a host, remains the same to facilitate existing applications. Both the hosts.org_dir and ipnodes.org_dir tables must be consistent with the IPv4 addresses. See IPv6 Extensions to Solaris Name Services for an overview.
Administration of the new ipnodes.org_dir table is similar to administering the hosts.org_dir. The same tools and utilities that are used in administering the previous NIS+ tables are valid for ipnodes.org_dir. See System Administration Guide: Naming and Directory Services for details on how to manipulate the NIS+ table.
The following procedure merges the entries from /etc/inet/ipnodes into the ipnodes.org_dir table (in verbose mode). The NIS+ table was probably created by nistbladm(1), nissetup(1M), or nisserver(1M).
On a command line, type the following command:
% nisaddent -mv -f /etc/inet/ipnodes ipnodes |
Use the following procedure to display the ipnodes.org_dir table.
On a command line, type the following command:
% nisaddent -d ipnodes |
Two new maps have been added for NIS: ipnodes.byname and ipnodes.byaddr. These maps contain both IPv4 and IPv6 host name and address associations. The hosts.byname and hosts.byaddr maps, which contain only IPv4 host name and address associations, remain the same to facilitate existing applications. Administration of the new maps is similar to the maintenance of the hosts.byname and hosts.byaddr older maps. Again, it is important that when you update the hosts maps with IPv4 addresses that the new ipnode maps are also updated with the same information.
Tools that are aware of IPv6 use the new NIS maps and the new NIS+ tables.
Become superuser on system that has DNS.
Edit the appropriate DNS zone file by adding AAAA records for the IPv6–enabled host, using the following format.
host-name IN AAAA host-address |
Edit the DNS reverse zone file and add PTR records, using the following format.
host-address IN PTR host-name |
See RFC 1886 for more information about AAAA and PTR records.
vallejo IN AAAA 2::9256:a00:20ff:fe12 IN AAAA fec0::9256:a00:20ff:fe12:528 |
$ORIGIN ip6.int. 8.2.5.0.2.1.e.f.f.f.9.2.0.0.a.0.6.5.2.9.0.0.0.0.0.0.0.0.2.0.0.0 \ IN PTR vallejo.Eng.apex.COM. 8.2.5.0.2.1.e.f.f.f.9.2.0.0.a.0.6.5.2.9.0.0.0.0.0.0.0.0.0.c.e.f \ IN PTR vallejo.Eng.apex.COM. |
The following commands are modified to accommodate the Solaris implementation of IPv6.
You can use the new additions to conduct diagnostics. For conceptual descriptions of these commands, see IPv6 Extensions to the ifconfig Utility and IPv6 Extensions to Existing Utilities.
Task |
Description |
For Instructions, Go to ... |
---|---|---|
Display interface address assignments |
Displays all, or just IPv4, or just IPv6 address assignments by using ifconfig command. | |
Display network status |
Displays all sockets and routing table entries. Displays inet address family for IPv4. Displays inet6 address family for IPv6. Displays statistics for IPv6 or ICMPv6 counters of interfaces by using the netstat command. | |
Control the display output of IPv6 related commands |
Controls the output of the ping, netstat, ifconfig, and traceroute commands. Creates a file that is named inet_type. Sets the DEFAULT_IP variable in this file. | |
Monitor only IPv6 network traffic |
Displays all IPv6 packets by using the snoop command. | |
Probe all multihomed host addresses |
Checks all addresses by using the ping command. | |
Trace all routes |
Uses the traceroute command. |
You can use the ifconfig command to display all address assignments as well as just IPv4 or IPv6 address assignments.
On the command line, type the following command.
% ifconfig [option] |
For more information on the ifconfig command, see the ifconfig(1M) man page.
% ifconfig -a lo0: flags=1000849 mtu 8232 index 1 inet 120.10.0.1 netmask ff000000 le0: flags=1000843 mtu 1500 index 2 inet 120.46.86.54 netmask ffffff00 broadcast 120.146.86.255 ether 8:0:73:56:a8 lo0: flags=2000849 mtu 8252 index 1 inet6 ::1/128 le0: flags=2000841 mtu 1500 index 2 ether 8:0:20:56:a8 inet6 fe80::a00:fe73:56a8/10 le0:1: flags=2080841 mtu 1500 index 2 inet6 fec0::56:20ff:fe73:56a8/64 le0:2: flags=2080841 mtu 1500 index 2 inet6 2::56:a00:fe73:56a8/64 |
% ifconfig -a4 lo0: flags=1000849 mtu 8232 index 1 inet 120.10.0.1 netmask ff000000 le0: flags=1000843 mtu 1500 index 2 inet 120.46.86.54 netmask ffffff00 broadcast 120.46.86.255 ether 8:0:20:56:a8 |
% ifconfig -a6 lo0: flags=2000849 mtu 8252 index 1 inet6 ::1/128 le0: flags=2000841 mtu 1500 index 2 ether 8:0:20:56:a8 inet6 fe80::a00:fe73:56a8/10 le0:1: flags=2080841 mtu 1500 index 2 inet6 fec0::56:20ff:fe73:56a8/64 le0:2: flags=2080841 mtu 1500 index 2 inet6 2::56:a00:fe73:56a8/64 |
These procedures enable you to display the following structure formats for network data by using the netstat command:
All sockets and routing table entries
Inet address family for IPv4
Inet6 address family for IPv6
Statistics per interface—IPv6/ICMPv6 counters
For more information on the netstat command, see the netstat(1M) man page.
% netstat -a UDP: IPv4 Local Address Remote Address State -------------------- -------------------- ------- *.* Unbound *.apexrpc Idle *.* Unbound . . UDP: IPv6 Local Address Remote Address State If --------------------------------- --------------------------------- ------- *.* Unbound *.time Idle *.echo Idle *.discard Idle *.daytime Idle *.chargen Idle TCP: IPv4 Local Address Remote Address Swind Send-Q Rwind Recv-Q State -------------------- -------------------- ----- ------ ----- ------ ------- *.* *.* 0 0 0 0 IDLE *.apexrpc *.* 0 0 0 0 LISTEN *.* *.* 0 0 0 0 IDLE *.ftp *.* 0 0 0 0 LISTEN localhost.427 *.* 0 0 0 0 LISTEN *.telnet *.* 0 0 0 0 LISTEN tn.apex.COM.telnet is.Eng.apex.COM 8760 0 8760 0 ESTABLISHED tn.apex.COM.33528 np.apex.COM.46637 8760 0 8760 0 TIME_WAIT tn.apex.COM.33529 np.apex.COM.apexrpc 8760 0 8760 0 TIME_WAIT TCP: IPv6 Local Address Remote Address Swind Send-Q Rwind Recv-Q State If ----------------- ----------------- ----- ------ ----- ------ ----- *.* *.* 0 0 0 0 IDLE *.ftp *.* 0 0 0 0 LISTEN *.telnet *.* 0 0 0 0 LISTEN *.shell *.* 0 0 0 0 LISTEN *.smtp *.* 0 0 0 0 LISTEN . . 2::56:8.login something.1023 8640 0 8640 0 ESTABLISHED fe80::a:a8.echo fe80::a:89 8640 0 8640 0 ESTABLISHED fe80::a:a8.ftp fe80::a:90 8640 0 8640 0 ESTABLISHED |
% netstat -f inet TCP: IPv4 Local Address Remote Address Swind Send-Q Rwind Recv-Q State -------------------- -------------------- ----- ------ ----- ------ ------- tn.apex.COM.telnet is.apex.COM.35388 8760 0 8760 0 ESTABLISHED tn.apex.COM.1022 alive-v4.nfsd 8760 0 8760 0 ESTABLISHED tn.apex.COM.1021 sl.apex.COM.nfsd 8760 0 8760 0 ESTABLISHED . . tn.apex.COM.33539 np.apex.COM.apexrpc 8760 0 8760 0 TIME_WAIT |
% netstat -f inet6 TCP: IPv6 Local Address Remote Address Swind Send-Q Rwind Recv-Q State If -------------------- --------------------- ----- ------ ----- ------ ----------- ----- 2::56:a8.login something.1023 8640 0 8640 0 ESTABLISHED fe80::a0:a8.echo fe80::a0:de.35389 8640 0 8640 0 ESTABLISHED . . fe80::a0:a8.ftp-data fe80::a0:de.35394 25920 0 25920 0 TIME_WAIT |
% netstat -sa RAWIP rawipInDatagrams = 1407 rawipInErrors = 0 rawipInCksumErrs = 0 rawipOutDatagrams = 5 rawipOutErrors = 0 UDP udpInDatagrams = 7900 udpInErrors = 0 udpOutDatagrams = 7725 udpOutErrors = 0 TCP tcpRtoAlgorithm = 4 tcpRtoMin = 200 tcpRtoMax = 60000 tcpMaxConn = -1 . . IPv4 ipForwarding = 2 ipDefaultTTL = 255 ipInReceives =406345 ipInHdrErrors = 0 ipInAddrErrors = 0 ipInCksumErrs = 0 . . IPv6 for lo0 ipv6Forwarding = 2 ipv6DefaultHopLimit = 0 ipv6InReceives = 0 ipv6InHdrErrors = 0 . . IPv6 for le0 ipv6Forwarding = 2 ipv6DefaultHopLimit = 255 ipv6InReceives = 885 ipv6InHdrErrors = 0 . . IPv6 ipv6Forwarding = 2 ipv6DefaultHopLimit = 255 ipv6InReceives = 885 ipv6InHdrErrors = 0 . . ICMPv4 icmpInMsgs = 618 icmpInErrors = 0 icmpInCksumErrs = 0 icmpInUnknowns = 0 icmpInDestUnreachs = 5 icmpInTimeExcds = 0 . . ICMPv6 for lo0 icmp6InMsgs = 0 icmp6InErrors = 0 icmp6InDestUnreachs = 0 icmp6InAdminProhibs = 0 . . ICMPv6 for le0 icmp6InMsgs = 796 icmp6InErrors = 0 icmp6InDestUnreachs = 0 icmp6InAdminProhibs = 0 icmp6InTimeExcds = 0 icmp6InParmProblems = 0 . . ICMPv6 icmp6InMsgs = 796 icmp6InErrors = 0 icmp6InDestUnreachs = 0 icmp6InAdminProhibs = 0 . . IGMP: 2542 messages received 0 messages received with too few bytes 0 messages received with bad checksum 2542 membership queries received . . |
You can control the output of the netstat and ifconfig commands. Create a file that is named inet_type in the /etc/default directory. Then specify the value of the DEFAULT_IP variable. For more information about the inet_type, see the inet_type(4) man page.
Create the /etc/default/inet_type file.
Make one of the following entries, as needed.
To display IPv4 information only, type:
DEFAULT_IP=IP_VERSION4 |
To display both IPv4 and IPv6 information, type:
DEFAULT_IP=BOTH |
or
DEFAULT_IP=IP_VERSION6 |
The -4 and -6 flags in ifconfig override the value set in the inet_type file. The -f flag in netstat also overrides the value that is set in the inet_type file.
When you specify the DEFAULT_IP=BOTH or DEFAULT_IP=IP_VERSION6 variable in the inet_type file, you should have the following results:
% ifconfig -a lo0: flags=1000849 mtu 8232 index 1 inet 120.10.0.1 netmask ff000000 le0: flags=1000843 mtu 1500 index 2 inet 120.46.86.54 netmask ffffff00 broadcast 120.46.86.255 ether 8:0:20:56:a8 lo0: flags=2000849 mtu 8252 index 1 inet6 ::1/128 le0: flags=2000841 mtu 1500 index 2 ether 8:0:20:56:a8 inet6 fe80::a00:fe73:56a8/10 le0:1: flags=2080841 mtu 1500 index 2 inet6 fec0::56:a00:fe73:56a8/64 le0:2: flags=2080841 mtu 1500 index 2 inet6 2::56:a00:fe73:56a8/64 |
When you specify the DEFAULT_IP=IP_VERSION4 variable in the inet_type file, you should have the following results:
% ifconfig -a lo0: flags=849 mtu 8232 inet 120.10.0.1 netmask ff000000 le0: flags=843 mtu 1500 inet 120.46.86.54 netmask ffffff00 broadcast 120.46.86.255 ether 8:0:20:56:a8 |
In this procedure, you use the snoop command to display all IPv6 packets.
For more information on the snoop command, see the snoop(1M) man page.
# snoop ip6 Using device /dev/le (promiscuous mode) fe80::a0:a1 -> ff02::9 IPv6 S=fe80::a0:a1 D=ff02::9 LEN=892 fe80::a0:de -> fe80::a0:a8 IPv6 S=fe80::a0:de D=fe80::a0:a8 LEN=104 fe80::a0:a8 -> fe80::a0:de IPv6 S=fe80::a0:a8 D=fe80::a0:de LEN=104 fe80::a0:a1 -> ff02::9 IPv6 S=fe80::a0:a1 D=ff02::9 LEN=892 fe80::a0:de -> fe80::a0:a8 IPv6 S=fe80::a0:de D=fe80::a0:a8 LEN=104 fe80::a0:a8 -> fe80::a0:de IPv6 S=fe80::a0:a8 D=fe80::a0:de LEN=152 fe80::a0:a1 -> ff02::9 IPv6 S=fe80::a0:a1 D=ff02::9 LEN=892 fe80::a0:de -> fe80::a0:a8 IPv6 S=fe80::a0:de D=fe80::a0:a8 LEN=72 fe80::a0:a8 -> fe80::a0:de IPv6 S=fe80::a0:a8 D=fe80::a0:de LEN=72 fe80::a0:a8 -> fe80::a0:de IPv6 S=fe80::a0:a8 D=fe80::a0:de LEN=72 fe80::a0:de -> fe80::a0:a8 IPv6 S=fe80::a0:de D=fe80::a0:a8 LEN=72 |
In this procedure, you use the ping command to check all addresses.
On the command line, type the following command.
% ping -a ipng11 ipng11 (2::102:a00:fe79:19b0) is alive ipng11 (fec0::102:a00:fe79:19b0) is alive ipng11 (190.68.10.75) is alive |
For more information on the ping command, see the ping(1M) man page.
In this procedure, you use the traceroute command to trace all routes.
On the command line, type the following command.
% traceroute -a <hostname> |
For more information on the traceroute command, see the traceroute(1M) man page.
% traceroute -a ipng11 traceroute: Warning: Multiple interfaces found; using 2::56:a0:a8 @ le0:2 traceroute to ipng11 (2::102:a00:fe79:19b0),30 hops max, 60 byte packets 1 ipng-rout86 (2::56:a00:fe1f:59a1) 35.534 ms 56.998 ms * 2 2::255:0:c0a8:717 32.659 ms 39.444 ms * 3 ipng61.Eng.apex.COM (2::103:a00:fe9a:ce7b) 401.518 ms 7.143 ms * 4 ipng12-00 (2::100:a00:fe7c:cf35) 113.034 ms 7.949 ms * 5 ipng11 (2::102:a00:fe79:19b0) 66.111 ms * 36.965 ms traceroute: Warning: Multiple interfaces found; using fec0::56:a8 @ le0:1 traceroute to ipng11 (fec0::10:b0), 30 hops max, 60 byte packets 1 ipng-rout86 (fec0::56:a00:fe1f:59a1) 96.342 ms 78.282 ms 88.327 ms 2 ipng8-tun1 (fec0::25:0:0:c0a8:717) 268.614 ms 508.416 ms 438.774 ms 3 ipng61.Eng.apex.COM (fec0::103:a00:fe9a:ce7b) 6.356 ms * 713.166 ms 4 ipng12-00 (fec0::100:a00:fe7c:cf35) 7.409 ms * 122.094 ms 5 ipng11 (fec0::102:a00:fe79:19b0) 10.620 ms * * traceroute to ipng11.eng.apex.com (190.68.10.75),30 hops max,40 byte packets 1 rmpj17c-086.Eng.apex.COM (120.46.86.1) 4.360 ms 3.452 ms 3.479 ms 2 flrmpj17u.Eng.apex.COM (120.46.17.131) 4.062 ms 3.848 ms 3.505 ms 3 ipng8.Eng.apex.COM (120.68.7.23) 4.773 ms * 4.294 ms 4 ipng61.Eng.apex.COM (120.68.10.104) 5.128 ms 5.362 ms * 5 ipng12-20.Eng.apex.COM (120.68.10.62) 7.298 ms 5.444 ms * 6 ipng11.Eng.apex.COM (120.68.10.75) 8.053 ms 6.394 ms * |
This section describes how you configure IPv6 over IPv4 tunnels.
For conceptual descriptions of tunnels, see Solaris Tunneling Interfaces for IPv6 and Tunneling Mechanism.
Become superuser.
Create the file /etc/hostname6.ip.tunn. Use the values 0, 1, 2, and so on, for n. Then add entries following these steps.
Add the tunnel source addresses. Then add the tunnel destination addresses.
tsrc IPv4-source-addr tdst IPv4-destination-addr up |
(Optional) Add a logical interface for the source and destination IPv6 addresses.
addif IPv6-source-address IPv6-destination-address up |
Omit this step if you want the address autoconfigured for this interface. You do not need to configure link-local addresses for your tunnel. Link-local addresses are configured automatically.
When you finish configuring the tunnels, you must reboot.
You must perform the same steps at the other end of the tunnel for bidirectional communication to occur.
If your system is to be configured as a router, you must also configure your router to advertise over tunneling interfaces before rebooting. See How to Configure Your Router to Advertise Over Tunneling Interfaces.
This example shows a tunnel for which all IPv6 addresses are autoconfigured.
tsrc 129.146.86.138 tdst 192.168.7.19 up |
This example shows a tunnel for which global source and global destination addresses are manually configured. The site-local source and site-local destination addresses are also manually configured.
tsrc 120.46.86.138 tdst 190.68.7.19 up addif fec0::1234:a00:fe12:528 fec0::5678:a00:20ff:fe12:1234 up addif 2::1234:a00:fe12:528 2::5678:a00:20ff:fe12:1234 up |
Following these steps for each tunnel.
Become superuser.
Edit the /etc/inet/ndpd.conf file. Add entries by using the following steps.
Reboot.
This section provides procedures to display IPv6 name service information.
Task |
Description |
For Instructions, Go to ... |
---|---|---|
Display name service information for IPv6 |
Displays name service information for IPv6 by using the nslookup command. | |
Verify that DNS IPv6 PTR records are updated correctly |
Displays the PTR records for DNS IPv6 PTR records by using the nslookup command. Also uses the set q=PTR parameter. |
How to Verify That DNS IPv6 PTR Records Are Updated Correctly |
Display IPv6 information through NIS |
Displays the IPv6 information through NIS by using the ypmatch command. | |
Display IPv6 information through NIS |
Displays the IPv6 information through NIS+ by using the nismatch command. | |
Display IPv6 information independent of name service |
Displays the IPv6 information by using the getent command. |
In this procedure, you use the nslookup command to display IPv6 name service information.
On the command line, type the following command:
% /usr/sbin/nslookup |
The default server name and address appear, followed by the nslookup command angle bracket prompt.
To see information about a particular host, type the following commands at the angle bracket prompt:
>set q=any >host-name |
To see only AAAA records, type the following command at the angle bracket prompt:
>set q=AAAA |
Quit the command by typing exit.
% /usr/sbin/nslookup Default Server: space1999.Eng.apex.COM Address: 120.46.168.78 > set q=any > vallejo Server: space1999.Eng.apex.COM Address: 120.46.168.78 vallejo.ipv6.eng.apex.com IPv6 address = fec0::9256:a00:fe12:528 vallejo.ipv6.eng.apex.com IPv6 address = 2::9256:a00:fe12:528 > exit |
In this procedure, you use the nslookup command to display PTR records for DNS IPv6.
On the command line, type the following command:
% /usr/sbin/nslookup |
The default server name and address display, followed by the nslookup command angle bracket prompt.
To see the PTR records, type the following command at the angle bracket prompt:
>set q=PTR |
Quit the command by typing exit.
% /usr/sbin/nslookup Default Server: space1999.Eng.apex.COM Address: 120.46.168.78 > set q=PTR > 8.2.5.0.2.1.e.f.f.f.0.2.0.0.a.0.6.5.2.9.0.0.0.0.0.0.0.0.2.0.0.0.ip6.int 8.2.5.0.2.1.e.f.f.f.0.2.0.0.a.0.6.5.2.9.0.0.0.0.0.0.0.0.2.0.0.0.ip6.int name = vallejo.ipv6.Eng.apex.COM ip6.int nameserver = space1999.Eng.apex.COM > exit |
In this procedure, you use the ypmatch command to display IPv6 information through NIS.
On the command line, type the following command:
% ypmatch host-name ipnodes.byname |
The information about host-name displays.
% ypmatch vallejo ipnodes.byname fec0::9256:a00:20ff:fe12:528 vallejo 2::9256:a00:20ff:fe12:528 vallejo |
In this procedure, you use the nismatch command to display IPv6 information through NIS.
On the command line, type the following command:
% nismatch host-name ipnodes.org-dir |
The information about host-name displays.
% nismatch vallejo ipnodes.org_dir vallejo vallejo fec0::9256:a00:20ff:fe12:528 vallejo vallejo 2::9256:a00:20ff:fe12:528 |
On the command line, type the following command:
% getent ipnodes host-name |
The information about host-name displays.
% getent ipnodes vallejo 2::56:a00:fe87:9aba vallejo vallejo fec0::56:a00:fe87:9aba vallejo vallejo |