Setting up IPv6 on AIX 7.1
During doing cleanup of the OS and filesystems, I discovered that marduk got IPv6 recently...
$ host marduk.sch.bme.humarduk.sch.bme.hu has address 152.66.211.195marduk.sch.bme.hu has IPv6 address 2001:738:2001:2078:0:211:195:0I still have some time to play with the machine while it is even up.
First, I put the address on the interface:
# chdev -l en1 -a netaddr6=2001:738:2001:2078:0:211:195:0Then I found a document about autoconf, so I deleted the address and followed the doc:
# ifconfig en1 inet6 delete 2001:738:2001:2078:0:211:195:0# ifconfig -aen1: flags=1e080863,c0<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT,CHECKSUM_OFFLOAD(ACTIVE),LARGESEND,CHAIN> inet 152.66.211.195 netmask 0xfffff800 broadcast 152.66.215.255 tcp_sendspace 131072 tcp_recvspace 65536 rfc1323 0lo0: flags=e08084b,c0<UP,BROADCAST,LOOPBACK,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT,LARGESEND,CHAIN> inet 127.0.0.1 netmask 0xff000000 broadcast 127.255.255.255 inet6 ::1%1/0 tcp_sendspace 131072 tcp_recvspace 131072 rfc1323 1Here's what I was getting by following this IBM document:
Upgrading to IPv6 with IPv4 not configured in AIX 5.2 and later
# autoconf6 -i en1# ifconfig -aen1: flags=1e080863,c0<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT,CHECKSUM_OFFLOAD(ACTIVE),LARGESEND,CHAIN> inet 152.66.211.195 netmask 0xfffff800 broadcast 152.66.215.255 inet6 fe80::209:6bff:fe2e:2d5c/64 tcp_sendspace 131072 tcp_recvspace 65536 rfc1323 0sit0: flags=8100041<UP,RUNNING,LINK0> inet6 ::152.66.211.195/96lo0: flags=e08084b,c0<UP,BROADCAST,LOOPBACK,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT,LARGESEND,CHAIN> inet 127.0.0.1 netmask 0xff000000 broadcast 127.255.255.255 inet6 ::1%1/128 tcp_sendspace 131072 tcp_recvspace 131072 rfc1323 1# startsrc -s ndpd-host0513-059 The ndpd-host Subsystem has been started. Subsystem PID is 2949132.# lssrc -s ndpd-hostSubsystem Group PID Status ndpd-host tcpip 2949132 activeThis would be a router only setting
# no -o ip6forwardingip6forwarding = 0# no -o ip6forwarding=1Setting ip6forwarding to 1Just for the record: a list of various 'no' params for IPv6
# no -a | grep ip6 ip6_defttl = 64 ip6_prune = 1 ip6forwarding = 0 ip6srcrouteforward = 1 maxnip6q = 20Routing tables and NDP table with autoconf:
# netstat -rnRouting tablesDestination Gateway Flags Refs Use If Exp GroupsRoute Tree for Protocol Family 2 (Internet):default 152.66.215.254 UG 1 35681 en1 - -127/8 127.0.0.1 U 1 3 lo0 - -152.66.208.0 152.66.211.195 UHSb 0 0 en1 - - =>152.66.208/21 152.66.211.195 U 0 2 en1 - -152.66.211.195 127.0.0.1 UGHS 0 1 lo0 - -152.66.215.255 152.66.211.195 UHSb 0 0 en1 - -Route Tree for Protocol Family 24 (Internet v6):::/96 0.0.0.0 UC 0 0 sit0 - - =>default link#2 UC 0 0 en1 - -::1%1 ::1%1 UH 0 0 lo0 - -fe80::/64 link#2 UCX 0 0 en1 - -fe80::209:6bff:fe2e:2d5c UHXLWl 0 1 lo0 - -ff01::%1/16 ::1 U 0 0 lo0 - -ff02::/16 fe80::209:6bff:fe2e:2d5c U 1 9 en1 - -ff11::%1/16 ::1 U 0 0 lo0 - -ff12::/16 fe80::209:6bff:fe2e:2d5c U 0 0 en1 - -# ndp -a? (fe80::209:6bff:fe2e:2d5c) at link#1 0:0:0:0:0:0 [loopback] permanentHere's where I left it with autoconf6
# ifconfig -a en1: flags=1e080863,c0<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT,CHECKSUM_OFFLOAD(ACTIVE),LARGESEND,CHAIN> inet 152.66.211.195 netmask 0xfffff800 broadcast 152.66.215.255 inet6 fe80::209:6bff:fe2e:2d5c/64 tcp_sendspace 131072 tcp_recvspace 65536 rfc1323 0sit0: flags=8100041<UP,RUNNING,LINK0> inet6 ::152.66.211.195/96lo0: flags=e08084b,c0<UP,BROADCAST,LOOPBACK,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT,LARGESEND,CHAIN> inet 127.0.0.1 netmask 0xff000000 broadcast 127.255.255.255 inet6 ::1%1/128 tcp_sendspace 131072 tcp_recvspace 131072 rfc1323 1Deleted the autoconf address
# ifconfig en1 inet6 delete fe80::209:6bff:fe2e:2d5c/64I had no idea about what the value of prefixlen should be...
# ifconfig en1 inet6 2001:738:2001:2078:0:211:195:0inet6 needs prefixlen# ifconfig en1 inet6 2001:738:2001:2078:0:211:195:0 prefixlen 16# ifconfig -a en1: flags=1e080863,c0<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT,CHECKSUM_OFFLOAD(ACTIVE),LARGESEND,CHAIN> inet 152.66.211.195 netmask 0xfffff800 broadcast 152.66.215.255 inet6 2001:738:2001:2078:0:211:195:0/16 tcp_sendspace 131072 tcp_recvspace 65536 rfc1323 0sit0: flags=8100041<UP,RUNNING,LINK0> inet6 ::152.66.211.195/96lo0: flags=e08084b,c0<UP,BROADCAST,LOOPBACK,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT,LARGESEND,CHAIN> inet 127.0.0.1 netmask 0xff000000 broadcast 127.255.255.255 inet6 ::1%1/128 tcp_sendspace 131072 tcp_recvspace 131072 rfc1323 1A ping didn't work, I tried a different prefixlen which failed for the first time...
# ifconfig en1 inet6 delete 2001:738:2001:2078:0:211:195:0/16# ifconfig en1 inet6 2001:738:2001:2078:0:211:195:0 prefixlen 64dad sendto NDsol: A route to the remote host is not available.Suddenly, 16 isn't accepted either:
# ifconfig en1 inet6 2001:738:2001:2078:0:211:195:0 prefixlen 16dad sendto NDsol: A route to the remote host is not available.In the meantime, I don't need this, as this machine doesn't route packages:
# no -o ip6forwarding=0Setting ip6forwarding to 0Trying again and it accepts 64 now:
# ifconfig en1 inet6 2001:738:2001:2078:0:211:195:0inet6 needs prefixlen# ifconfig en1 inet6 2001:738:2001:2078:0:211:195:0 prefixlen 64I can ping myself now
# ping 2001:738:2001:2078:0:211:195:0PING 2001:738:2001:2078:0:211:195:0: (2001:738:2001:2078:0:211:195:0): 56 data bytes64 bytes from 2001:738:2001:2078:0:211:195:0: icmp_seq=0 ttl=255 time=0.275 msNDP discovery or 'broadcast' ping still doesn't show anything
# ndp -a? (2001:738:2001:2078:0:211:195:0) at link#1 0:9:6b:2e:2d:5c [loopback] permanent# ping -o en1 ff02::1 PING ff02::1: (ff02::1): 56 data bytes0821-069 ping: sendto: A route to the remote host is not available.ping: wrote ff02::1 64 chars, ret=-1Here is my routing table after the above steps:
# netstat -rRouting tablesDestination Gateway Flags Refs Use If Exp GroupsRoute Tree for Protocol Family 2 (Internet):default router.sch.bme.hu UG 1 37568 en1 - - 127/8 loopback U 1 3 lo0 - - 152.66.208.0 marduk.sch.bme.hu UHSb 0 0 en1 - - =>152.66.208/21 marduk.sch.bme.hu U 0 165 en1 - - marduk.sch.bme.hu loopback UGHS 0 1 lo0 - - 152.66.215.255 marduk.sch.bme.hu UHSb 0 0 en1 - - Route Tree for Protocol Family 24 (Internet v6):::/96 0.0.0.0 UC 0 0 sit0 - - ::1%1 ::1%1 UH 0 0 lo0 - - ff01::%1/16 ::1 U 0 0 lo0 - - ff11::%1/16 ::1 U 0 0 lo0 - - Adding the route for IPv6:
# chdev -l inet0 -a rout6=net,,,,,'default','2001:738:2001:2078:0:215:254:0'inet0 changed# lsattr -El inet0 -a rout6 -F value net,,,,,::,2001:738:2001:2078:0:215:254:0# netstat -rnf inet6Routing tablesDestination Gateway Flags Refs Use If Exp GroupsRoute Tree for Protocol Family 24 (Internet v6):::/96 0.0.0.0 UC 0 0 sit0 - - =>default 2001:738:2001:2078:0:215:254:0 UG 56 247 en1 - - ::1%1 ::1%1 UH 0 0 lo0 - - 2001:738:2001:2078::/64 link#2 UCX 27 0 en1 - - 2001:738:2001:2078:0:211:195:0 UHXLWl 0 86 lo0 - - ff01::%1/16 ::1 U 0 0 lo0 - - ff02::16%1 link#2 UHXLW 0 5 en1 - - ff02::1:ff95:0%1 link#2 UHXLW 0 4 en1 - - ff11::%1/16 ::1 U 0 0 lo0 - - 'Broadcast' ping started to work:
# ping -o en1 ff02::1PING ff02::1: (ff02::1): 56 data bytes64 bytes from 2001:738:2001:2078:0:211:195:0: icmp_seq=0 ttl=255 time=5.219 ms64 bytes from 2001:738:2001:2078:0:xxx:xxx:0: icmp_seq=0 ttl=64 time=5.311 ms (DUP!)64 bytes from 2001:738:2001:2078:0:xxx:xxx:0: icmp_seq=0 ttl=64 time=5.349 ms (DUP!)64 bytes from fe80::21b:38ff:fe5d:a839: icmp_seq=0 ttl=255 time=5.384 ms (DUP!)64 bytes from fe80::218:f3ff:feb3:9eec: icmp_seq=0 ttl=255 time=5.419 ms (DUP!)Results
I cannot ping the router via IPv6, but ping works via IPv4
I cannot ping anything outside the LAN
I can resolve any hostname via both IPv4 and v6
netsvc.conf
If you disabled IPv6, you should re-enable it:
# hosts = local4, bind4
hosts = local, bind
resolv.conf
You should put your IPv6 nameserver here. If you add the line 'options inet6', the IPv6 (AAAA) records will be searched in the first place.
This is something AIX specific about RFC 3484:
# ipv6policy -showPOLICYaddress=::ffff:0.0.0.0prefix=96,precedence=10,label=4address=::prefix=96,precedence=20,label=3address=2002::prefix=16,precedence=30,label=2address=::prefix=0,precedence=40,label=1address=::1prefix=128,precedence=50,label=0See man ipv6policy.
chdev -l $iface -a netaddr6=$your_ipv6_address -a prefixlen=64chdev -l inet0 -a rout6==net,,,,,default,$your_ipv6_routevi /etc/netsvc.conf # optionalvi /etc/resolv.conf # optionalDocumentation
man autoconf6
man ifconfig
man ipv6policy
man ndpd-host