ASD

about insights blog +follow

posted on Tue, Oct 02 '18 under tag: code

IPV6 opens up the internet to any internet connected device and vice versa. How to make use of it, though?

If your ISP is future proof, they are running a dual IPv4/IPv6 stack giving you and your devices both addresses.

IPv4, as you might already know, has only about 4 billion unique addresses. And therefore, the existing internet infrastructure relies heavily on routers, NAT, and other gimmicks that allow multiple devices to share same address. This also restricts what devices can do.

But, in IPv6 regime, thankfully, every physical device connected gets a unique IP address. This need not be a static IP address. Every time you reboot your device you might get a new unique IP address. But this is a direct representation of your device on the internet. And that opens up a lot of opportunities.

If you are a Reliance Jio or ACT Fibernet subscriber, you probably already have IPv6 support. Do let me know if you have a different ISP that gives IPv6 support.

Setting up IPv6

You can make use of IPv6 only if your ISP supports it. There is no way around it. (I mean, you can obviously use tunnels that rely on a server which has IPv6 support, but these ways are not straightforward)

List of IPv6 supported ISPs in India

There is definitely a push from regulators and from the reality of IP scarcity to adopt IPv6. These ISPs have confirmedly adopted:

Configuring Router

Your router needs to know how to delegate IPv6 addresses. Most often you need to go to the router administration page, look for “IPv6”, turn it on with the default settings, and that would be all that is required to be done.

Configuring Android

Modern Android phones automatically get IPv6 addresses. There is no configuration required. Maybe reconnect to WiFi.

Configuring GNU/Linux

Modern GNU/Linux operating systems automatically get IPv6 addresses. There is no configuration required here either. Maybe reconnect LAN/WiFi. (Update your system if it is old)

Testing whether it works

Head over to ipv6-test.com or test-ipv6.com to test how things are working. I get an 18/20 and a 10/10 on these sites.

What now?

Your device with IPv6 address is now accessible from anywhere in the world through IPv6 network. If your address is FE80:0000:0000:0000:0202:B3FF:FE1E:8329 and you are running a simple webserver on your device listening at port 8080, if you enter [FE80:0000:0000:0000:0202:B3FF:FE1E:8329]:8080 in the browser of any device with IPv6 capability in the world, you get a response from your server. Do you get it?

Do you get it?

This is the future of decentralized internet. When computers are directly reachable from world over. When there is no port forwarding mess. When devices will directly communicate with each other without resorting to a third-party server.

Okay, not necessarily so fast. The address you have is most likely a dynamic IP. Which means it keeps changing every time you reboot. Also, it is too long for anyone to remember. So, what do you do?

Dynamic DNS

If you do not have a BIND nameserver running on a server you control, the rest of this article might not be very useful for you. But I do have a nameserver running. And therefore, I set up dynamic updates on it.

What you need is AAAA records that point to your IPv6 address.

Nameserver configuration

I am assuming that you already have a BIND server running and serving requests for your zone.

Run ddns-confgen and it will generate a secret key and also tell you where in your configuration you need to put it.

Client configuration

Copy the key section generated by ddns-confgen into a file in your local machine. Let’s call it keyfile. You can now use the nsupdate utility with -k keyfile to update your DNS!

Here is how a typical interaction with nsupdate line will look like

$ nsupdate
> zone learnlearn.in
> del ipv6.learnlearn.in
> add ipv6.learnlearn.in 1800 AAAA FE80:0000:0000:0000:0202:B3FF:FE1E:8329
> send

Automating

You could create a bash script that automatically does this update based on the current ip and sends it over via nsupdate. You would then set a systemd or cron job to take care of running it repeatedly. But there is an even better way of doing it.

If you are using NetworkManager for connecting to networks, (or other managers will have their own ways of doing this), you can configure scripts to automatically run at various stages of connections coming online/offline/getting IP address, and so on. Here is a script I made.

$ sudo cat /etc/NetworkManager/dispatcher.d/10-set-ipv6-dns
#!/bin/zsh

TMPFILE=/path/to/file/to/store/data/in

# ipv6 extraction script from i3-blocks community
IF=$(ip route | awk '/^default/ { print $5 ; exit}')
IPADDR=$(ip addr show $IF | perl -n -e "/inet6 ([^\/]+).* scope global/ && print \$1 and exit")

if [ -z "$IPADDR" ]; then
  echo "not connected"
  exit
fi

echo "$IPADDR"

if grep -q "$IPADDR" "$TMPFILE"; then
  echo "No change in IP"
  exit
fi

rm $TMPFILE

echo "zone learnlearn.in" > $TMPFILE
echo "update delete ipv6.learnlearn.in" >> $TMPFILE
echo "update add ipv6.learnlearn.in 1800 IN AAAA $IPADDR" >> $TMPFILE
echo "send" >> $TMPFILE

nsupdate -k /path/to/keyfile -v $TMPFILE

The file needs to be chmod +x and also chown root:root for it to run.

This script will now take care of updating your nameserver everytime there is a change in IP