IPv6 with prefix delegation and VRFs

Written in the wee hours in English • Tags: , ,

DNA Welho has added IPv6 support to all their cable hookups on June 9th,1 which was a national IPv6 deployment flag day in Finland. I only heard about it from Facebook comments today. Until now I’ve had IPv6 disabled on the private VRF because my fast cable hookup only provided IPv4. Using IPv6 from the DSL hookup would have just slowed things down.

After some poking around I was able to get my VRF-separated home network connected using a delegated prefix. (more…)

CloudFlare must be rolling out new changes: I’ve seen the NetBSD Planet fail with a “cloudflare-nginx” generated “500 Internal Server Error” for an hour or two the past couple of nights. Last night at around 9pm UTC it happened again and didn’t recover. I changed the backend from an IPv6 address to IPv4 and that brought the site back. Eventually we’ll have to live with just IPv6 addresses, so this is an unfortunate regression on CloudFlare’s part.

Disabling 6to4 and Teredo

Written in the mid-afternoon in English • Tags: , ,

Windows tries to use 6to4 and Teredo automatically, not always resulting in a good IPv6 experience. To disable both, execute these commands:

netsh interface ipv6 6to4 set state disabled
netsh interface teredo set state disabled

On Windows XP teredo isn’t a context inside interface, but rather a setting in ipv6:

netsh interface ipv6 set teredo disabled

Sources and more information:

The bridge kludge

Written late in the afternoon in English • Tags: , ,

I ran into a model symptom of lacking multicast support with IPv6: a system wouldn’t answer to IPv6 traffic it didn’t initiate. But unless you’ve run into the problem before and managed to diagnose it successfully, you might not realize it’s about multicast.

It was my second Debian Linux system with IPv6 connectivity that gave me a start. I built one more system and got the same results. I could have sworn the first one had worked fine without any tricks. I considered it, but decided I’d rather not abandon IPv6 on Linux. After all, I had it running on all the other platforms (NetBSD, Mac OS X, Windows). (more…)

Disabling temporary IPv6 addresses

Written early in the evening in English • Tags: , ,

I never seem to be able to remember this, and somehow I end up with new Windows installations without this change:

netsh interface ipv6 set privacy state=disable

This will disable temporary IPv6 addresses. These are especially nasty on desktop systems, where the address will expire from under you. If you find yourself having to restart your SSH terminal connections every 14 hours to 6 days, this is why (as far as I can tell).

I really don’t buy the privacy aspect of generating random IP addresses. If you worry about eavesdropping, encrypt your traffic. If you worry about someone tracking your traffic patterns, stop browsing those questionable sites. :)

IPv6 is here

Written in the mid-morning in English • Tags: , ,

I’ve had IPv6 connectivity for over 5 years (first from IIJ, now from SixXS). However, it wasn’t until last night that I finally got my website on IPv6, when some final wrinkles in the web server configuration were ironed out. (more…)