IPv6 on the Go

by Craig Miller

IPv6 on the go

Here's another example of IPv6 in the palm of your hand.  This time it is a small battery-powered wireless router, smaller than a deck of playing cards. The router has 4G on the WAN, and Wifi on the LAN side.

Wireless Hotspot

While visiting with my cousin recently, he said he needed help upgrading his wireless router. I am always happy to help when I can. He was having all sorts of trouble getting the windows software to work. Being used to not running windows apps (I mostly run Linux), I looked for the upgrade option on the web interface on the router. There is usually lots of room for improvement in web user interface design for embedded devices, and little router was no exception. It took a bit of perusing the menus to find the upgrade option, but once done, the router was upgraded and it was then that I noticed that the little 4G router not only was doing IPv4 NAT (expected), but was also providing IPv6 on the LAN (Wifi) side.

Note the IPv6 Address at the bottom

Verizon won't sell you a Jetpack router, but they will rent/lease it to you, adding about $10 to your monthly service bill.

Looking under the covers

Digging into the router a bit more, the router has a GUA (Global Unique Address) on the LAN side, which would appear that the router is doing DHCPv6-PD on the WAN (rather than running a proxy service and extending the /64 from the Service Provider RFC 7278).

$ ./v6disc
-- INT:wlan0 prefixs: 2600:1003:b458:e277 
-- Detecting hosts on wlan0 link 
-- Discovered hosts for prefix: 2600:1003:b458:e277 on wlan0 
2600:1003:b458:e277:216:8ff:fe00:3        <--- Jetpack           
2600:1003:b458:e277:f203:8cff:fe3f:f041                       
-- Pau 

Probing the Jetpack a bit more, we see that it is listening on telnet & DNS on IPv6, and the web interface is only available on IPv4
$ nmap -6 -sT 2600:1003:b458:e277:216:8ff:fe00:3
Starting Nmap 6.40 ( http://nmap.org ) at 2017-03-25 17:44 EDT
Nmap scan report for 2600:1003:b458:e277:216:8ff:fe00:3
Host is up (0.021s latency).
Not shown: 998 closed ports
PORT   STATE SERVICE
23/tcp open  telnet*
53/tcp open  domain

$ nmap -sT 192.168.1.1
Starting Nmap 6.40 ( http://nmap.org ) at 2017-03-25 17:46 EDT
Nmap scan report for my.jetpack (192.168.1.1)
Host is up (0.012s latency).
Not shown: 997 closed ports
PORT   STATE SERVICE
23/tcp open  telnet
53/tcp open  domain
80/tcp open  http

The Jetpack router is made for Verizon by Franklin Wireless Corporation (based on the MAC address) which has their own product line of mobile hotspots, and runs for hours on the internal battery.

IPv6 Everywhere, even in Hotspots

We have grown used to firing up a hotspot on our phones to give access to laptops, etc when there is no Wifi available. IPv6 is the future internet protocol with less latency (no NAT) and t is great to see that Service Providers like Verizon are also supporting IPv6 connectivity on their portable hotspots.


* Although the telnet port is open, one can not telnet to it, as it immediately disconnects

Windows 10 now runs in SLAAC Networks

by Craig Miller

Microsoft released the Creator Update last month (11 April 2017) with lots of interesting stuff. But the most interesting for IPv6 is support for the RDNSS field in the RA (Router Advertisement). The RDNSS field is the one that carries DNS server information in the RA.

In order to run an IPv6-only SLAAC-based network the host must need 2 things: an address, and the address of a DNS server. Without DNS, IPv4 or IPv6 is pretty useless these days.

Windows 10 and SLAAC Requirements

In order to see the new feature in action, the Windows 10 machine must:

• Be in a IPv6-only network (no IPv4) 
• Hear a RA (Router Advertisement) without the M-bit set (or DHCPv6 disabled). 

Of course, it would be good if your router was sending RDNSS in the RA. 

Windows 10 SLAAC-only Details

In this environment, the output of ipconfig is still a little misleading:

C:\Users\Craig>ipconfig /all

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : lan

   Description . . . . . . . . . . . : Realtek PCIe GBE 

   ...
   DHCPv6 IAID . . . . . . . . . . . : 75761763
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-A3-2E-82-80-FA-5B-96-37-56

   DNS Servers . . . . . . . . . . . : fdf7:56a9:b7af:1101::1

   Connection-specific DNS Suffix Search List :

                                       lan

The DNS Server field is now showing my RDNSS address (the ULA address of my router) and DNSSL (DNS Search List)!

Another way to confirm the DNS servers that Windows 10 knows about is with a netsh command:
C:\Users\Craig>netsh int ipv6 show dnsservers

Configuration for interface "Ethernet"
    DNS servers configured through DHCP:  fdf7:56a9:b7af:1101::1
    Register with which suffix:           Primary only

Running a quick check to see if it can actually resolve an address using only RDNSS:

C:\Users\Craig>nslookup www.google.com

Server:  OpenWrt.lan

Address:  fdf7:56a9:b7af:1101::1

Non-authoritative answer:

Name:    www.google.com

Addresses:  2604:470:4001:806::2004

          172.217.29.164

Now it is possible to run simplified (SLAAC) networks

The fact that MS is now supporting SLAAC-only networks is a huge shift from their previous DHCPv6 only stance. Why is this important? Because there are use-cases for SLAAC-only networks, and now not only can you use your Android devices (which don’t do DHCPv6) but also your Windows 10 machines as well.

Windows continues to dominate the PC market with about 85%. Now with Windows 10 Creator Update, there is no excuse to not deploy IPv6 in your network now.

* adapted from my ipv6hawaii.org article
** Win10 details from André Lange, author of ip6neigh

North American IPv6 Summit

by Craig Miller

The North American IPv6 Summit was held in Sunnyvale last week. It is always a pleasure to be in a large room with people who get it. There is no convincing that we need to give up our comfortable Linus-blanket of IPv4 for something new and different. No, everyone in the room is a convert, and many are outspoken advocates.

The conference was organized by the regional IPv6 Task Forces: California IPv6 Task Force, Rocky Mountain IPv6 Task Force, Texas IPv6 Task Force, and Mexico IPv6 Task Force.

Speakers, shakers and movers

Some of the speakers were:

• Tony Scott, the former CIO of the Unitied States of America
• John Curran, the President and CEO of ARIN (American Registry for Internet Numbers)
• Kevin Jones, Chair for IPv6 transition at NASA
• John Brzozowski, Chief Architect, IPv6 and Fellow,  at Comcast

Major Points

So if everyone is a convert, there's nothing to talk about, right? Actually there are quite a few things. Some of the key points made at this year's conference were:

• Dual-stack is only half way. We need to start moving to IPv6-only networks. There were presentations on how Cisco, Microsoft, and Comcast are doing just that.
• IPv6 impacts on Cloud Computing, and IoT. A case study of BC Hydro operating 2 million smart meters (IoT) all on IPv6.
• Content is being delivered over IPv6, thanks to CDN (Content Delivery Networks), like Akamai and Cloudfare, fronting IPv4-only legacy sites.
• Microsoft adds SLAAC capability to Windows 10, Creator Update (11 April 2017). Now it is possible to have Windows and Android on the same SLAAC (Stateless Address Auto Config) IPv6-only network!

Missed it? Here's the presentations

Thanks to all the volunteers of the regional task forces, and Linked-in for hosting the conference. The presentations are posted online, in case you didn't make it down to Sunnyvale last week. Hope to see you there next time.