1- How to configure the DHCPv6 client
We will use dhclient.
You'll need to edit the following file /etc/dhcp/dhclient6.conf :
interface "eno1" {
send dhcp6.client-id DUID;
}
You will have to adapt the interface name (eno1) and the DUID
START YOUR DHCPV6 CLIENT AT BOOT
Once the client is configured, you'll need to create a new SystemD service.
Create the following file, adapting the interface name (eno0) and the DUID /etc/systemd/system/dhclient.service:
[Unit] Description=dhclient for sending DUID IPv6 After=network-online.target Wants=network-online.target [Service] Restart=always RestartSec=10 Type=forking ExecStart=/sbin/dhclient -cf /etc/dhcp/dhclient6.conf -6 -P -v eno1 ExecStop=/sbin/dhclient -x -pf /var/run/dhclient6.pid [Install] WantedBy=network.target
dhclient's path may vary depending on your OS. To know the exact path, use the following command: which dhclient
Then, enable it for every reboot: systemctl enable dhclient.service.
2 - HOW TO CONFIGURE THE NETWORK
CONFIGURE THE NETWORK ON UBUNTU 16 & DEBIAN 8 AND 9
Start by editing /etc/network/interfaces as follows:
auto eno1
iface eno1 inet6 static
address IPV6ADDRESS
netmask PREFIXLENGTH
You'll need to replace eno1 with the proper interface name.
With Debian & old versions of Ubuntu, it's usually eth0.
The network interface is initialized with the command allow-hotplug by default on Debian 9. It is possible that the network restart fails with this configuration. In this case, you can initialize the network with auto to avoid the problem.
Alternate configuration without SystemD
If you don't use SystemD to start your services, you can configure your /etc/network/interfaces as follows:
iface eno1 inet6 static
pre-up modprobe ipv6
pre-up dhclient -cf /etc/dhcp/dhclient6.conf -6 -P -d -v $IFACE
address IPV6ADDRESS
netmask PREFIXLEN
Still adapting your interface name (eno1) to your needs, as well as the IPv6 address and the Netmask.
CONFIGURE THE NETWORK USING NETPLAN
Ubuntu uses since the release of Ubuntu 18.04 LTS a new tool to configure the network, called netplan.
It replaces the classical network configuration with new configuration files, written in YAML format, and located in the /etc/netplan directory. For more information regarding netplan, refer to the official Ubuntu documentation.
Open the default configuration file /etc/netplan/01-netcfg.yaml in a text editor, and edit it as follows:
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
enp1s0:
dhcp4: no
dhcp6: no
addresses:
- "aaa.bbb.ccc.ddd/24" # The main IP address of your Dedibox server
- "/" # An IP address from your IPv6 block and it's subnet mask
gateway4: aaa.bbb.ccc.1 # The gateway is the IP address of your Dedibox, ending on .1
nameservers:
addresses: [62.210.16.6, 62.210.16.7]
routes:
- to: 0.0.0.0
via: aaa.bbb.ccc.1
on-link: true
You'll need to replace enp1s0 with the proper interface name. To find the interface name of your machine, use the ifconfig command.
Reboot your server once you have configured the new network settings.
CONFIGURE THE NETWORK ON CENTOS 7
After configuring your dhclient and SystemD, you'll need to edit /etc/sysconfig/network-scripts/ifcfg-eth0:
# Generated by parse-kickstart UUID=xxxxx DNS1=62.210.16.6 BOOTPROTO=none DEVICE=eth0 ONBOOT=yes TYPE=Ethernet IPADDR=62.210.xx.xx PREFIX=24 GATEWAY=62.210.xx.1 DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6ADDR="IPV6ADDRESS/PREFIXLEN" IPV6_AUTOCONF=yes NAME="System eth0"
Once done with the configuration, you can reboot your server to check that the service & the configuration are correctly applied at the boot!
You will need to allow in your firewall 546/UDP Incoming & 547/UDP Outgoing.
TEST YOUR CONFIGURATION
Launch the dhclient with the following command:
dhclient -cf /etc/dhcp/dhclient6.conf -6 -P -v eth0
To check your IPv6 connectivity, you can use the PING command:
ping6 ipv6.google.com
DEBUG
If the configuration is not working for you, check your interface name with the following command:
ifconfig -a
Also, your server needs to be configured to accept RA (Router Advertisement).
By default, your server won't accept to forward packets from an interface to another if it's automatically configured (through DHCPv6).
If you need to forward IPv6 packets and use an automated configuration, you'll need to set your sysctl net.ipv6.conf.all.accept_ra to 2 in /etc/sysctl.conf.
This is usually useful for Hypervisor Host such as Proxmox.
The examples are given for eth0/eno1, if your main interface have a different name, you'll need to modify it in all of your configurations files.
TRAFFIC LIMITATION OF YOUR CLIENT
In certain cases, some DHCPv6 clients may unfortunately send several requests per second (especially dchp6c).
This triggers blocking of your server's network port by our automatic protection, as it will be seen as a source of a UDP flood.
To avoid this problem, we invite you to limit the traffic sent from your dhclient6 directly in your firewall configuration.
Following an example for IPTABLES :
ip6tables -A OUTPUT -p udp --dport 547 -m limit --limit 10/min --limit-burst 5 -j ACCEPT ip6tables -A OUTPUT -p udp --dport 547 -j DROP
In Rescue mode
To test the IPv6 on your server in rescue mode, reboot the server in rescue mode with the “Ubuntu 14 - Trusty” mode. The dhclient is already available on it.
Create the file which will contain your DUID.
nano /etc/dhcp/dhclient6.conf
First, start the dhclient:
dhclient -cf /etc/dhcp/dhclient6.conf -6 -P -v <interface>
After, add the IPv6 address to your network interface:
/sbin/ifconfig <interface> inet6 add IPV6ADDRESS/PREFIXLENGTH
Then you can try to ping6:
ping6 ipv6.google.com
