Preparing for World IPv6 Day: I changed my MTU to 1280

In preparation for World IPv6 Day on 8 June 2011, I thought I’d check my connectivity..

I visited a test-ipv6 page .. but the page took too long to open, had broken images, timeouts and readiness score 1/10 !

test.ipv6 with mtu 1500 - Problems!
test.ipv6 with mtu 1500 - Problems!

So I changed my MTU to 1280 and tested again

(In linux you might type: /sbin/ifconfig eth0 mtu 1280)

test.ipv6 with mtu 1280 - No Problems!
test.ipv6 with mtu 1280 - No Problems!

I then found this relevant discussion: IPv6 and path MTU discovery black holes

UPDATE 4/6/2011: An MTU of 1492 also seems to work correctly in my setup (as @chatasos prefers http://goo.gl/KRgm5)

IPv6 reverse DNS in 60″

Your allocation: 2001:db8/32
You LAN: 2001:db8:2:2001/64
Your device: 2001:db8:2:2001::11 (mydevice.local)

Let «host» do the dirty work for you!

sotiris@jumbo:~$ host 2001:db8:2:2001::11
Host 1.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.2.2.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa not found: 3(NXDOMAIN)

The zone for your /32 is 8.b.d.0.1.0.0.2.ip6.arpa

$TTL 1d
@    IN    SOA ( 42 1h 15m 30d 10m )
     IN    NS    localhost.
;
1.0.0.2.2.0.0.0    IN    NS    localhost. ; delegate 2001:db8:2:2001/64

The zone for your /64 is 1.0.0.2.2.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa

$TTL 1d
@    IN    SOA ( 42 1h 15m 30d 10m )
     IN    NS    localhost.
;
1.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR mydevice.local.

Reconfig and run host again

sotiris@jumbo:~$ host 2001:db8:2:2001::11
1.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.2.2.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa domain name pointer mydevice.local.

Re: Why DNS blacklists don’t work for IPv6 networks

Today @hakmem tweeted a blog post by John Levine entitled «Why DNS blacklists don’t work for IPv6 networks«.

I find the last paragraph very interesting:

For the most part mail systems simply won’t use IPv6 addresses, since all the mail that anyone wants will continue to be sent using IPv4.

How do you define «All the mail that anyone wants» ?
What I want in my email, is not always what another person wants.

Why will it continue to be sent using IPv4, when every dual-stack server that runs an MTA these days *prefers* IPv6 transport when it is available?

IPv6 Certification

The good people over at Hurricane Electric have setup an IPv6 Certification Project. It allows you to certify your ability to configure IPv6, and to validate your IPv6 servers configuration.

Through the certification process set you will be able to:

  • Prove that you have IPv6 connectivity
  • Prove that you have a working IPv6 web server
  • Prove that you have a working IPv6 email address
  • Prove that you have working forward IPv6 DNS
  • Prove that you have working reverse IPv6 DNS for your mail server
  • Prove that you have name servers with IPv6 addresses that can respond to queries via IPv6
  • Prove your knowledge of IPv6 techonologies through quick and easy testing

You will also demonstrate that you are familiar with IPv6 concepts such as:

  • the format of IPv6 addresses
  • AAAA records
  • reverse DNS for IPv6
  • the IPv6 localhost address
  • the IPv6 default route
  • the IPv6 documentation prefix
  • the IPv6 link local prefix
  • the IPv6 multicast prefix
  • how to do an IPv6 ping
  • how to do an IPv6 traceroute
  • common IPv6 prefix lengths such as /64, /48, /32
  • and more!

This certification service is both entertaining and educational. It also helps you commit to using IPv6 for a long period of time, as it requires the output of 100 different traceroute6/ping6/aaaa/prt/whois commands, performed at least 24-hours apart.

Plus, you get a clickable IPv6 Certification badge to post in your blog and a kewl t-shirt (at 1500 points) :-)

IPv6 Certification Badge for banana

The levels are:

  • Newbie
  • Explorer
  • Enthusiast
  • Administrator
  • Professional
  • Guru
  • Sage