LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Why does my ubuntu-server have 4 ipv6 addresses? (https://www.linuxquestions.org/questions/linux-networking-3/why-does-my-ubuntu-server-have-4-ipv6-addresses-4175701900/)

wh33t 10-12-2021 04:54 PM

Why does my ubuntu-server have 4 ipv6 addresses?
 
It's especially strange to me because my netplan has a single ipv4 static set.

Code:

ifconfig
ens18: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.252  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::a411:74ff:fe98:7eb9  prefixlen 64  scopeid 0x20<link>
        inet6 2604:3d08:1a7f:d170::ade1  prefixlen 128  scopeid 0x0<global>
        inet6 2604:3d08:1a7f:d170:6a82:8160:8551:75f3  prefixlen 64  scopeid 0x0<global>
        inet6 2604:3d08:1a7f:d170:a411:74ff:fe98:7eb9  prefixlen 64  scopeid 0x0<global>
        ether a6:11:74:98:7e:b9  txqueuelen 1000  (Ethernet)
        RX packets 638998  bytes 232555550 (232.5 MB)
        RX errors 0  dropped 11  overruns 0  frame 0
        TX packets 49155  bytes 8624048 (8.6 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 24134  bytes 1625670 (1.6 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 24134  bytes 1625670 (1.6 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


And my netplan

Code:

cat /etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
  ethernets:
    ens18:
      dhcp4: no
      addresses: [192.168.0.252/24]
      gateway4: 192.168.0.1
      nameservers:
        addresses: [192.168.0.1]
  version: 2

Any suggestions why this is happening?

I actually want to also set a static ipv6 in my netplan, but I'm not sure why this computer even has ipv6 addresses to begin with. My router which comes from my ISP doesn't even have any options it's web gui to setup ipv6 dhcp addresses.

What gives?

Ser Olmy 10-12-2021 05:57 PM

This is all done by the IPv6 stack itself and the IPv6 autoconfig mechanism.

This is the link-local address:
Quote:

Originally Posted by wh33t (Post 6291448)
Code:

        inet6 fe80::a411:74ff:fe98:7eb9  prefixlen 64  scopeid 0x20<link>

All IPv6 addresses starting with "fe80::" are link-local addresses, and these are assigned automatically when IPv6 is enabled. Note the "scopeid 0x20<link>" part at the end.

All interfaces participating in an IPv6 network must have a link-local address, as it's used by a number of core IPv6 services, like Neighbor Discovery and routing. It's auto-generated, either from the interface's MAC address, or if privacy extensions are enabled, by an algorithm ensuring the address will be unique.

Then there's the automatically generated global routable address:
Quote:

Originally Posted by wh33t (Post 6291448)
Code:

        inet6 2604:3d08:1a7f:d170:a411:74ff:fe98:7eb9  prefixlen 64  scopeid 0x0<global>

Starting with 2604, this falls within the 2000::/3 scope (2000-3fff), and as such it's a public, routable address.

Note how the last 16 digits (the "host" part) are identical to those of the link-local address. This tells you that the IPv6 autoconfig mechanism is active and has detected a router on the network. IPv6 routers advertise their presence on the network using the Router Advertisement mechanism of the Neighbor Discovery protocol (part of ICMPv6), allowing clients to determine the IPv6 prefix of the local network. Using this information, the autoconfig mechanism has generated the host part of the address and assigned it to the interface.

Then there's the second, global address:
Quote:

Originally Posted by wh33t (Post 6291448)
Code:

        inet6 2604:3d08:1a7f:d170::ade1  prefixlen 128  scopeid 0x0<global>

As you can see, the address belongs to the same network (2604:3d08:1a7f:d170::/64) as the IPv6 address just discussed, and the source of this address is probably a DHCPv6 service running on the router. The "/128" prefix is the giveaway here; the address supplied by DHCPv6 lacks a scope identifier, so the host is supposed to obtain this via the Router Advertisement messages sent by the router.

As for how and why this happens: Unlike with IPv4, where your ISP assigns a single, global IPv4 address to your router which masks your entire LAN behind it using private IPv4 addresses, with IPv6 you're actually supposed to use routable addresses everywhere. Since the addresses technically belong to your ISP, they need to tell your router which addresses to use on its LAN interface as well as the WAN side.

This is done using a mechanism called "Prefix Delegation" (PD): When the router asks for an IPv6 address for its WAN interface via DHCPv6, it also receives a PD parameter telling it which IPv6 prefix the ISP will now be routing to the WAN interface. A router with IPv6 support will then automatically configure its LAN interface as well, start sending out Router Solicitation (RA) messages periodically, and possibly also configure and start a DHCPv6 service to assign addresses within this prefix to hosts on the LAN.

It seems your router and/or your computer uses both autoconfiguration/RA and DHCPv6. As a result, you end up with at least two globally routable addresses. This is normal and is unlikely to cause any issues.

Finally, there's the third, global IPv6 address:
Quote:

Originally Posted by wh33t (Post 6291448)
Code:

        inet6 2604:3d08:1a7f:d170:6a82:8160:8551:75f3  prefixlen 64  scopeid 0x0<global>

This is yet another globally routable IPv6 address in the same network/prefix (2604:3d08:1a7f:d170::/64), but with a radically different (and seemingly random) host part. You'd expect to see this on a computer where either Privacy Extensions are enabled or a DHCPv6 client is running, as both mechanisms will typically replace the assigned address periodically. In both cases, the "old" address will remain as long as there are active processes using it.

wh33t 10-13-2021 10:45 AM

Incredible. Thank you so much.

So if I wanted to set a static ipv6 address, can I just use one of the publicly routable addresses it already has?

Ser Olmy 10-14-2021 12:48 AM

Quote:

Originally Posted by wh33t (Post 6291653)
So if I wanted to set a static ipv6 address, can I just use one of the publicly routable addresses it already has?

Precisely. Or really any other address in the 2604:3d08:1a7f:d170::/64 network.

There is a question regarding what might happen if your ISP decides to allocate a different prefix to your router, but unless the router goes offline for a non-trivial length of time, that's not a very likely scenario. Worst case, you'll have to change the IPv6 address of the server after an outage.


All times are GMT -5. The time now is 07:42 AM.