Bog Roll ::

It's Not Magic, It's Work!

29 Jan 2021

Further adventures in IPv6 land

Now all my systems at home are running IPv6, and have been renamed I'm having fun with the way IPv6 works relative to IPv4.

With IPv4 my computers had one IP address per interface, which usually means just one, except when a laptop is connected via wires and wireless at the same when it is multi-homed. For the machine that has more than one address it's not a problem, but it's a pain to connect to as means duplicate records in DNS and more faff with DHCPD. Most of the time it's not a problem, but once I added WireGuard everything had at least two IPs.

To solve the VPN address, I reorganised my domains. The external machines have their own unique IPv4 and IPv6 addresses at the top of my domain, and the home systems are on their own home sub-domain and the VPN addresses in a different VPN only domain, which makes the name resolution easy, and the domain search order simple.

IPv6 is inherently both more complex and simpler than IPv4... Every machine makes up a non routeable local address based on its own MAC address (unless privacy in enabled), and it normally takes a prefix from the router and adds that to the local address to create a globally unique and routeable address. You can also allocate a local non-routeable, private address which is static and can easily be used in your local DNS. The global address is basically based on something given to you by your ISP, so can change at any time so no use for DNS, and the local address is no use if privacy is enabled as instead of a static MAC address base, it becomes a random number...

For my immobile systems, you can tell the system to allocate a static IPv4 and IPv6 address, and let the automatic IPv6 address happen as well. I can then put the static address into my DNS, and not worry about the global address. On the mobile systems it's a bit more confusing, but it turns out you can merge the static allocation, and let network-manager deal with the automatic stuff as well... Win!