Hey everyone, thanks for responding with your helpful experience. My ipv6
setup has been head-banging, but I sure (_think) I know a lot more about
ipv6, NDP, RA, RR, icmpv6, etc. than I did before :-)
Bart Trojanowski wrote:
For the most part, IPv6 is pretty seamless there days. Except for some unexpected holdouts like github.com, a lot of the internet is reachable via IPv6.
My servers hosted at cacloud and ovh came with ipv6 just working. I had to
disable ipv6 initially, but my hosted vps websites are accessible by ipv6
now. Compared to getting ipv6 on TekSavvy working, it was trivial.
Despite attending the wonderful ipv6summit.ca local ipv6 conference at
uOttawa in 2011 (which I recall you had a big part in organizing Bart?)
I'm only finally getting mine unstoppered, despite this beong a todo since
then. Although I signed up for the TekSavvy ipv6 beta years ago I didn't
want to activate it until I thought that I understood ipv6 properly and
was fairly certain I wasn't opening huge security holes.
That goes beyond network packet firewalls. As shipped with Ubuntu, ufw
does a decent basic job securing ipv6. But I also have tight application
restrictions, from always binding specific addresses/interfaces and not
using default wild-card binding, to Apache ip-specific extra content
access restrictions e.g. I don't normally need to access web app admin
areas from any IP address in the world, just my own.
Bart Trojanowski wrote:
I am enjoying native IPv6 from TekSavvy, including /64 address delegation to my
intranet hosts. It is a brittle setup, but it works.
Excellent! Thanks for letting me know it IS working Bart. That is a useful
starting point. To be certain, it is operating today for you? (see my
TekSavvy comments below why I ask)
I'd agree with 'brittle' in my very limited experience. :-(
Static addresses and ipv6 availability are reasons I am chose DSL, not
cable. Very useful to know it CAN work. TekSavvy support has sown seeds of
doubt in my mind this week about this with comments like these:
TekSavvy via dslreports.com direct support forum in the past few days
said:
"Honestly, this is a little above my head. I have emailed this to the
day's team to see if anyone can help you out with."
AND (next CSR reply)
"Due to some problems with IPv6 we did remove them from DSL logins. I have
added this back to your login. Just please keep in mind if you do run into
trouble we cannot assist much. If you unplug your modem for around 10
minutes you should now get the following:
2607:f2c0:...::/64
2607:f2c0:...::/56
These are Static and are included in the current cost for your IPv4 Static
monthly charge. As for a website for this, I am sorry I do not know of
any. I will see if someone knows more about this.
2018-Jul-30 6:54 am"
AND
"Hey Brad, [sic, and does not invoke my confidence!]
Any chance you could attempt to power down the modem for a few minutes &
take out the phone cord as well? Then plug back in and re-test?
I know we did have some maintenance performed on the servers this
morning."
[Yikes. Sounds like a Bell/Rogers/Microsoft "support" reply)
So I end up here with people who are truly tech-savvy.
I did hard-code the static IPs into my /etc/interfaces for ppp and that
worked for one day, until I had to reboot, although at this point I am
wondering how my default ipv6 route got set? ...I don't remember setting a
default route. But hey, it was 3:30 AM when i finally got it working... I
just wasn't getting any joy with SLAAC or dhcpv6 prior to that.
Perhaps I misunderstood TekSavvy and should be getting my static /64
prefix via SLAAC, and as it is static it would be consistent - does that
seem correct? Just like my static ipv4 (except that it IS hard-coded in
interfaces)?
As I understand it the /56 via dhcpv6 is optional and I don't need to
acquire that with dhcpv6 initially (unless I need other info like name
servers, but I run my own bind9, ntp. etc. so I don't need to know those.
I just need the default route which should come in the RA, and the kernel
will apply, correct?)
Anyway, right now on wireshark I'm seeing RA Router Advertisements but no
RS or response from my host.
Also, and more serious, right now I'm not even able to ping6 the TekSavvy
endpoint reported by ppp,
ppp.log: remote LL address fe80::0200:00ff:fe00:0000
This endpoint was reachable before. As I understand it, an ipv6 link local
address on an interface (ppp0) should always work and a GUA global address
(and route) wouldn't override that, just work in parallel, right?
Bart, thanks for your config details. I'll work through them, double
check, and report back. I have, at least at one time this week, had
consistent settings. If I've said anything here that screams I'm way off
base, please let me know.
I'm getting the same bandwidth (50⇑/10⇓) and latency (10ms) on v4 and v6 with TekSavvy DSL -- but it wasn't always the case.
For the one day my ipv6 worked I was getting similar performance to ipv4.
Various website ipv6 tests and connectivity to my own servers were good.
I shall digest what everyone has posted so far and report further. Any
further comments welcomed. This time I am not giving up until this
works! 25% of worldwide traffic is ipv6... I don't want to be a
laggard ;-)
This satirical article about not adopting ipv6 is pretty funny!
https://community.infoblox.com/t5/IPv6-CoE-Blog/Life-as-an-IPv6-Technology-Laggard/ba-p/11989
Brett