The simplest test of network connectivity is called ping. A ping message is merely a way for one machine to ask another machine, “Are you alive.” If I want to test the connectivity of my machine to the internet, I will find a machine across the network and ‘ping’ it. While ping will execute if given a domain name (such as adam.younglogic.com) that actually requires a decent bit of protocol magic to translate from that to the associated IPv4 address. Usually, I will use the machine responsible for telling my machine about domain names. These are called name servers. In a Linux system, the name servers are defined by the file /etc/resolv.conf. Someone had something against the letter ‘e’. Thus cat /etc/resolv.conf will get you at least one ipaddress to ping. However, a simpler test is to talk to your default router. This is the place where your workstation/laptop sends all outgoing network traffic.

On my system I can find out this info my typing route -n:

adyoung@adyoung-laptop:~$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.171.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8
172.16.127.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
10.17.124.0 0.0.0.0 255.255.252.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0
0.0.0.0 10.17.127.253 0.0.0.0 UG 0 0 0 eth0
0.0.0.0 0.0.0.0 0.0.0.0 U 1000 0 0 eth1

With the interesting line being:

0.0.0.0 10.17.127.253 0.0.0.0 UG 0 0 0 eth0

This says that anything which matches the mask 0.0.0.0, which is everything, route to 10.17.127.253. So this is where I would start:

$ ping 10.17.127.253
PING 10.17.127.253 (10.17.127.253) 56(84) bytes of data.
64 bytes from 10.17.127.253: icmp_seq=1 ttl=64 time=0.663 ms
64 bytes from 10.17.127.253: icmp_seq=2 ttl=64 time=0.574 ms
64 bytes from 10.17.127.253: icmp_seq=3 ttl=64 time=0.614 ms

— 10.17.127.253 ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.574/0.617/0.663/0.036 ms

Note that I hit<ctlr-c> to break it after three responses. Most Linux people that have set up their own networks have to do this type of troubleshooting/testing on a regular basis.

What is the comparable test for IPv6? Well, articles found via a goolge search talk about running ping ipv6, but if I do that I get:

$ ping ipv6
ping: unknown host ipv6

Which tells me the ping program doesn’t know about ipv6 as is. Here is what I eventually found that worked:

ping6 -I eth0 ::1

The ping6 binary seems to be ipv6 aware, where as ping itself is not. I have to tell it explicitly to use a given network interface (ethernet card or port on the motherboard), in this case, eth0.

::1 is the loopback address for networking.

$ /sbin/ifconfig lo
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1106638 errors:0 dropped:0 overruns:0 frame:0
TX packets:1106638 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:220029171 (209.8 MiB) TX bytes:220029171 (209.8 MiB)

Last posting I was wondering about the IPv6 Address on my work machine. Seems that there is a scheme for generating an IPv6 address from an ethernet MAC address. From RFC 2426:

The OUI of the Ethernet address (the first three octets) becomes the

company_id of the EUI-64 (the first three octets).  The fourth and

fifth octets of the EUI are set to the fixed value FFFE hexadecimal.

The last three octets of the Ethernet address become the last three

octets of the EUI-64.   The Interface Identifier is then formed from the EUI-64 by

complementing the "Universal/Local" (U/L) bit, which is the next-to-

lowest order bit of the first octet of the EUI-64.  Complementing

this bit will generally change a 0 value to a 1, since an interface's

built-in address is expected to be from a universally administered

address space and hence have a globally unique value.  A universally

administered IEEE 802 address or an EUI-64 is signified by a 0 in the

U/L bit position, while a globally unique IPv6 Interface Identifier

is signified by a 1 in the corresponding position.  For further

discussion on this point, see [AARCH].

For example, the Interface Identifier for an Ethernet interface whose

built-in address is, in hexadecimal,

34-56-78-9A-BC-DE

would be

36-56-78-FF-FE-9A-BC-DE.

OK. For my machine the MAC address is: 00:18:8B:C4:28:4B. The IPv6 address is fe80::218:8bff:fec4:284b/64. Let’s ignore the leading fe80 for now. In IPv6 if a range is all zeros, it can be shorthanded like this ::. Note that this may mean :00:00:00:00:00:, not just :00:. The total number of bits has to add up to 128. The MAC address leads off with 00:18 In hex: The “next to lowest order bit of the first octet” is the equivalent of adding the number 2 to that leading 00, so it would look like this 02:18. In IPv6 we can lead off the leading Zero, and we do see that the IPv6 address starts off with 218. The next two hex digits are 8B in both the MAC address and the IPv6 address. Next we see ff:fe complying with “The fourth and fifth octets of the EUI are set to the fixed value FFFE hexadecimal.” And Both the MAC address and the IPv6 address end with C4:28:4B.

The next Paragraph of the RFC clears up the remainder of the format of the IPv6 address:

   The IPv6 link-local address [AARCH] for an Ethernet interface is

 formed by appending the Interface Identifier, as defined above, to

the prefix FE80::/64.

But what is this /64? From RFC 2373:

The text representation of IPv6 address prefixes is similar to the

   way IPv4 addresses prefixes are written in CIDR notation.  An IPv6

   address prefix is represented by the notation:      ipv6-address/prefix-length

where

ipv6-address    is an IPv6 address in any of the notations listed

                      in section 2.2.

prefix-length   is a decimal value specifying how many of the

                      leftmost contiguous bits of the address comprise

                      the prefix.

So the 64 leftmost bits are the prefix. Since an address in IPv6 is 128 Bits long, that means half is prefix, half is machine specific address. The Right 8 bytes are 02188bff fec4284b, which is the portion converted from the mac address.

So It seems that all Ethernet interfaces get a minimum of one IPv6 address at all times. Any address assigned by DHCP is in addition to this one address. My best guess at this reason is to standardize something like DHCP at the IP level as opposed to Ethernet. DHCP for IPv4 is defined specific to ethernet. If you were using a different architecture, you would have to use a separate protocol. My guess is that Infiniband and other modern networking architectures do something similar. Now one daemon can respond with IPv6 address regardless of the interface type.

Come June of 2008, all new systems purchased by the government have to support an updated version of the Internet Protocol: version 6, or IPv6 for short. My boss just let me know that I may be heading up an effort to get our software IPv6 compliant. So now I am in research mode learning about IPv6.

A little background is appropriate for the non-network literate. Most computers are now network aware. The vast majority of these use the internet protocol as part of their networking stack. We use the word stack because networking is done in layers. Each layer on a given machine talks with a comparable layer on the remote machine. There is an overly complex model taught in networking classes that divides it into multiple layers, and most people memorize it to pass the test. Few people use it in everyday work. A simplified way to view it is this: Application->TCP->IP->Ethernet. An application is something like a web browser or an email client, but also many internal programs running on your program reporting your every keystroke to Sony or The Department of Homeland Security. This application talks an application networking protocol like Hypertext Tranport (HTTP), Simple Mail Transport (SMTP), file transport (FTP) and so on. This protocol depends on the transmission control protocol (TCP) to make the end to end connection. TCP does a lot of the heavy lifting in keeping the wires of the internet flowing smoothly. This is called congestion control. TCP is built on top of the Internet Protocol. The most important thing IP provides is routing the communication from our machine to the remote machine and back again. Ethernet is the lowest layer most people have to deal with. It covers many things, including the physical hardware in your computer. Any one of these layers can be swapped out. For instance, at a previous company we used a networking hardware layer called Infiniband instead of Ethernet for certain types of network traffic.

The current, ubiquitous standard is IP version 4 (IPv4). Probably the most visible difference between v4 and v6 is the addressing scheme. When you type a request into a web browser like this http://www.younglogic.com, the http refers to the protocol, and the www.younglogic.com refers to a machine name. That machine name is converted by your computer into a machine address. On my machine I can find out the domain name by typing:

host younglogic.com

And I find out:

younglogic.com has address 208.97.174.16

This string of numbers and periods is an IPv4 address. As long as there has been an internet in use by the majority of the public, this has been the way that a computer is identified on the network. It is stored as a base 2 number (as all computer information is stored) using 32 binary digits (bits). for instance, 16 at the end is stored like this: 00010000. An IPv6 address is 128 bits, or twice as many bits long as a IPv4 address.

If I look at the network information for my machine here at work I see this:

eth0 Link encap:Ethernet HWaddr 00:18:8B:81:F8:1E
inet addr:10.17.124.195 Bcast:10.17.127.255 Mask:255.255.252.0
inet6 addr: fe80::218:8bff:fe81:f81e/64 Scope:Link

The HWAddr 00:18:8B:81:F8:1E is unique to the ethernet chip on my computers motherboard. This is called the Media Access Control (MAC) Address and it is supposed to be universally unique. The inet addr field is the dynamically assigned address my machine has been granted from my company dhcp server. The broadcast and mask fields tell me the scope of view my machine has on the local network. I can send network packets out that are broadcast to all machines on my subnet. My subnet is defined by my address logically anded with my netmask. Thus my subnet is 10.17.127.XXX. All machine with an IP address that starts with 10.17, and who third number has the bits set for 127 (64+32+16+8+4+2+1 but not 128 in Binary 00111111) will see that message.

Notice that my machine has an IPv6 address set as well, even though everything I do is IPv4. Why is that? There seems to be an implicit conversion going on from IPv4 to IPv6. I can’t see an obvious translation from my IPv4 address to by IPv6 address, so the best I can guess is that my company assigns both numbers, but perhaps they come from different schemes. More info as I learn.

Here is the thing about IPv6: everything currently assumes IPv4. The simple tools for network troubleshooting like traceroute and ping are both IPv4 by default. The route command does not seem to have options for IPv6, at least according to the man page. It mentions /proc/net/route, and /proc/net/ipv6_route:

A little google magic shows one way to find routing info:

/sbin/ip -6 route show dev eth0
fe80::/64 metric 256 expires 21323624sec mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 metric 256 expires 21323624sec mtu 1500 advmss 1440 hoplimit 4294967295

Ah, and it seems route does work when passed -A inet6:

Destination Next Hop Flags Metric Ref Use Iface
::1/128 :: U 0 3 1 lo
fe80::218:8bff:fec4:284b/128 :: U 0 0 1 lo
fe80::250:56ff:fec0:1/128 :: U 0 0 1 lo
fe80::250:56ff:fec0:8/128 :: U 0 0 1 lo
fe80::/64 :: U 256 0 0 eth0
ff00::/8 :: U 256 0 0 eth0
Much to learn here.