Preparing for World IPv6 Day: I changed my MTU to 1280

In preparation for World IPv6 Day on 8 June 2011, I thought I’d check my connectivity..

I visited a test-ipv6 page .. but the page took too long to open, had broken images, timeouts and readiness score 1/10 !

test.ipv6 with mtu 1500 - Problems!
test.ipv6 with mtu 1500 - Problems!

So I changed my MTU to 1280 and tested again

(In linux you might type: /sbin/ifconfig eth0 mtu 1280)

test.ipv6 with mtu 1280 - No Problems!
test.ipv6 with mtu 1280 - No Problems!

I then found this relevant discussion: IPv6 and path MTU discovery black holes

UPDATE 4/6/2011: An MTU of 1492 also seems to work correctly in my setup (as @chatasos prefers http://goo.gl/KRgm5)

IPv6 reverse DNS in 60″

Your allocation: 2001:db8/32
You LAN: 2001:db8:2:2001/64
Your device: 2001:db8:2:2001::11 (mydevice.local)

Let «host» do the dirty work for you!

sotiris@jumbo:~$ host 2001:db8:2:2001::11
Host 1.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.2.2.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa not found: 3(NXDOMAIN)

The zone for your /32 is 8.b.d.0.1.0.0.2.ip6.arpa

$TTL 1d
@    IN    SOA ( 42 1h 15m 30d 10m )
     IN    NS    localhost.
;
1.0.0.2.2.0.0.0    IN    NS    localhost. ; delegate 2001:db8:2:2001/64

The zone for your /64 is 1.0.0.2.2.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa

$TTL 1d
@    IN    SOA ( 42 1h 15m 30d 10m )
     IN    NS    localhost.
;
1.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR mydevice.local.

Reconfig and run host again

sotiris@jumbo:~$ host 2001:db8:2:2001::11
1.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.2.2.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa domain name pointer mydevice.local.

Re: Why DNS blacklists don’t work for IPv6 networks

Today @hakmem tweeted a blog post by John Levine entitled «Why DNS blacklists don’t work for IPv6 networks«.

I find the last paragraph very interesting:

For the most part mail systems simply won’t use IPv6 addresses, since all the mail that anyone wants will continue to be sent using IPv4.

How do you define «All the mail that anyone wants» ?
What I want in my email, is not always what another person wants.

Why will it continue to be sent using IPv4, when every dual-stack server that runs an MTA these days *prefers* IPv6 transport when it is available?

IPv6 Certification

The good people over at Hurricane Electric have setup an IPv6 Certification Project. It allows you to certify your ability to configure IPv6, and to validate your IPv6 servers configuration.

Through the certification process set you will be able to:

  • Prove that you have IPv6 connectivity
  • Prove that you have a working IPv6 web server
  • Prove that you have a working IPv6 email address
  • Prove that you have working forward IPv6 DNS
  • Prove that you have working reverse IPv6 DNS for your mail server
  • Prove that you have name servers with IPv6 addresses that can respond to queries via IPv6
  • Prove your knowledge of IPv6 techonologies through quick and easy testing

You will also demonstrate that you are familiar with IPv6 concepts such as:

  • the format of IPv6 addresses
  • AAAA records
  • reverse DNS for IPv6
  • the IPv6 localhost address
  • the IPv6 default route
  • the IPv6 documentation prefix
  • the IPv6 link local prefix
  • the IPv6 multicast prefix
  • how to do an IPv6 ping
  • how to do an IPv6 traceroute
  • common IPv6 prefix lengths such as /64, /48, /32
  • and more!

This certification service is both entertaining and educational. It also helps you commit to using IPv6 for a long period of time, as it requires the output of 100 different traceroute6/ping6/aaaa/prt/whois commands, performed at least 24-hours apart.

Plus, you get a clickable IPv6 Certification badge to post in your blog and a kewl t-shirt (at 1500 points) :-)

IPv6 Certification Badge for banana

The levels are:

  • Newbie
  • Explorer
  • Enthusiast
  • Administrator
  • Professional
  • Guru
  • Sage

ipv6calc: ipv6 address conversion utility

ipv6calc is a swiss-army knife utility to manipulate ipv6 addresses. It can be used to convert IPv6 addresses from one format to another and extract embedded information.

$ ipv6calc -q --out revnibbles.arpa 2002:d4fb:e54::1
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.5.e.0.b.f.4.d.2.0.0.2.ip6.arpa.
(the above can also be obtained easily using dig -x 2002:d4fb:e54::1)
$ ipv6calc -q --action conv6to4 --in ipv4 193.92.110.1 --out ipv6
2002:c15c:6e01::

$ ipv6calc -q --action conv6to4 --in ipv6 2002:c15c:6e01:: --out ipv4
193.92.110.1

$ ipv6calc -q --addr_to_uncompressed 2002:c15c:6e01::
2002:c15c:6e01:0:0:0:0:0

$ ipv6calc -q -i 2002:c15c:6e01::
Address type: unicast, 6to4, global-unicast, productive
Address type is 6to4 and included IPv4 address is: 193.92.110.1
IPv4 registry for 6to4 address: RIPENCC
Address type has SLA: 0000
Interface identifier: 0000:0000:0000:0000
Interface identifier is probably manual set or based on a local EUI-64 identifier
$ ipv6calc -q --action geneui64 00:1f:c6:7e:83:b8
021f:c6ff:fe7e:83b8

$ ipv6calc -q -i fe80::21f:c6ff:fe7e:83b8/64
Address type: unicast, link-local
Registry for address: reserved
Interface identifier: 021f:c6ff:fe7e:83b8
EUI-48/MAC address: 00:1f:c6:7e:83:b8
MAC is a global unique one
MAC is an unicast one
OUI is: ASUSTek COMPUTER INC.