Tuesday, January 24, 2012

DNS, DNS, where art thou DNS?

While configuring my router last night I began to wonder what the DNS settings were.  Windows 7 now indicates that DNS is at an external address - being that of the router (of course the gateway).  I stumbled across a post on the comcast6 website where they published the IPv6 DNS entries and began to wonder if my network was using those values?   After poking around for awhile I was unable to determine what DNS my PC is actually using.  Windows 7 is simply forwarding all DNS requests to the gateway address.

The router allows one to override certain settings in the IPv4 configuration.  This particular router allows a hybrid autoconfig scheme where it pulls in settings via DHCP and the user may then override specific settings as needed.  However no such interface exists on the IPv6 configuration UI.   Actually, I wasn't able to find a place to define any network based settings at this level for IPv6.

This is more of an academic quest - IPv6 DNS is working.  I know that DHCP has morphed under IPv6, and I need to read the IPv6 specification a bit more closely than I have so far.

I'll get right on that as soon as I catch up on back episodes of TopGear.


Monday, January 23, 2012

Win7 IPv6 disabling 6to4

I spent some time this evening making sure that my Windows 7 laptop wasn't directly accessing 6to4. I wanted to make sure that the Win7 computer was properly routing traffic to the router - and the router then pushing data through the tunnel.

First thing was to disable the IPv6 traffic through tunnel interfaces. The fix-it programs on the MS website are quite handy for this job (See KB 929852). After rebooting I used regedit to view the local settings for the PC (as described on the KB) just to verify all settings. Because IPv6 was previously enabled using the full-tilt option, everything continues to work. Using a tracert, nslookup, and ping, I verified that traffic is indeed flowing through the gateway address (the router).

The reason I disabled the local 6to4 was because the Win7 computer could have tunneled through the IPv4 address of the router.  So even if the new modem allows native IPv6 the Win7 PC may have continued to seek out the network using the 6to4 adapter.  These kinds of changes should be encapsulated at the router thus enabling access for all devices.

In other news, I purchased the Motorola SB6121 SURFboard modem. That should be hooked up and ready to go by the end of this week. I hope to see if native IPv6 is available in my area this weekend.

Comcast has also updated their blog site indicating support for World IPv6 Day 2012 as well as announcing a pilot of IPv6 in select California markets. See http://www.comcast6.net/.

Wednesday, January 18, 2012

World IPv6 Day - this time it's for real!

Just announced,  June 6th 2012 will be World IPv6 Day.

...and this time they promise to leave it on afterwards!

More details...
http://www.worldipv6launch.org/

Last year was a connect-a-thon.  After 24-hours they unplugged everything and went home.  Not this year.  We can keep using it and work out the kinks.

In preparation I'm buying a new DOCSIS 3.0 Cable "modem" (Motorola SB6120 SURFboard) which has native support for IPv6.  Comcast is listed as a supporter of IPv6 day, so I'm hoping to have native IPv6 to my house rather than my current 6to4 tunnel.

Show your inner dork.  Get your running shoes on, this is the kind of thing that'll cause people to chase you down and beat you up.

Thursday, January 12, 2012

Adventures in IPv6

A little over a year ago I heard about a world wide event called World IPv6 Day which was supposed to give everyone a preview of IPv6.  In the months prior I began researching what changes I could make to my home network and give it a try.  IPv6 is the next big thing, it will save the world.  Since I work for a company that owns a class A network (not running out anytime soon), the only way to learn IPv6 was to screw around with my home network.

My ISP is Comcast.  After poking around I discovered that they have a great technology area on their website.  It contains blogs and howto articles, readiness site, as well as progress reports towards technology adoption.  Around the same time there was some DNS highjacking going on and DNSSEC was top of mind too. Comcast was in the early days of providing DNSSEC too and had published instructions on how to setup your home to use it (they recently announced that DNSSEC has been rolled out to all users - no special configuration required).

Google is your friend

I found the Comcast technology website by searching for "comcast ipv6."  After figuring out what kind of IPv6 I would be able to use (6to4) - I had to read up on that.  And later when everything seemed to be configured correctly and still not working... a quick search sent me to the Microsoft KB articles for a few "fix-it" scripts.  Cox has limited information, and it looks like TimeWarner has a lot of detail like Comcast.  All three claim to have started trials in 2011 with plans to roll out in 2012.  Some plan to address their Business customers first and then upgrade Home customers later.   Comcast is rather specific with their plans - they even discuss the address width that they plan on using (very wide) during initial rollout, and then plan to shrink it later once all the bugs are shaken out.

When in doubt - Google it.

Equipment Check

First off was to check my equipment and determine what might and might not work.  I use a Netgear N600 WNDR3700 (gen1) Wifi Firewall/Router, Comcast provides the Cable "modem" (RCA DCM425), and my OS is Windows 7 (x64).

The first stop is probably your home router, if it won't do IPv6 go to jail and do not collect $200.  While I haven't tried it - Comcast is providing a 6to4, so maybe you can tunnel from the PC all they through to the other end - some assembly required.  Thankfully Netgear released a firmware update early last year that provided support for IPv6.

Comcast has provided details regarding which equipment will support IPv6 at http://mydeviceinfo.comcast.net/.  First thing noted, the cable "modem" I have doesn't support IPv6 (and I've only had it a year!).  No matter, a bit more searching turned up that Comcast is offering 6to4 technology, which is basically a Virtual Private Network (VPN) that tunnels traffic over the legacy IPv4.  So my router and PC both see an IPv6 network, but the traffic tunnels through IPv4 technology.  Not truly IPv6 - but my computer won't know the difference (well - that isn't completely true).  It is important to note that 6to4 technology is a temporary solution until native IPv6 is rolled out.   It allows two ends of the conversation to support and test IPv6 while the infrastructure between the two nodes uses legacy IPv4.

Configuration

Netgear has an IPv6 setup page that allows one to manually enter the configuration information.  For grins and giggles I pressed the "auto-detect" button rather than entering all of the required data.  To my surprise the router correctly found the 6to4 gateway and the configuration was complete!

Windows 7 out of the box has IPv6 configured.  ipconfig showed that the router had assigned an IPv6 address already.  So that seemed to all that was necessary.

Test the configuration.

Alternate name for this section:  Nothing Works

Again - back to Google.  I found a website called Test Your IPv6 at http://test-ipv6.com/.   I later would find a duplication of this site at Comcast http://test-ipv6.comcast.net/# 

First attempt - all tests failed.   However it gave great diagnostic information, everything from "your browser prefers IPv4 over IPv6" and "DNS isn't working."   More poking around, a few more configuration changes, and still nothing worked.

I began to wonder if Windows was correctly talking to the router, which maybe wasn't forwarding traffic through the tunnel.  Harder yet was trying to determine how to get my software to "prefer" IPv6.  I use Google Chrome as my browser and couldn't find any settings Under the Hood.  The Chrome webpage indicates the Chrome is IPv6 ready.  I also know from my day job that Chrome likes to use Windows and IE network settings.  This was a good hint - I guessed that the problem had to be in the OS, fix that and other things might work.

Finally I stumbled across a few MS KB articles.  One specifically talked about changing Windows 7 to use different IPv6 settings and 6to4 adapter (http://support.microsoft.com/kb/929852).  The KB was long and had many many choices - I think this was the first time I had ever used their "Fix it" download option.  So I let it make the changes for me.  Still - nothing worked.

I slapped the laptop shut and went to bed.   Days later I decided to pickup the project once more.  Strangely - it was working.

Not all Tests are Equal

One things I hadn't considered was the dual stack issue.  IPv4 will be around for awhile.  Some of these tests provide details around whether IPv4 will work after turning on IPv6.

Now that I could access ipv6.google.com I tried running the tests just to make sure I wasn't imagining things.  test-ipv6.com gave a score of 7/10.   As I noted above, I found the same webpage at Comcast - so I ran that one too... it gave a score of 10/10.  After using profanity in the form of a question - I decided to put that on hold.

All hooked up and nowhere to go

So now that it works, what can you do?   Google offers search at http://ipv6.google.com.  According to the Google IPv6 Day page,  GMail and YouTube are supposed offer IPv6 access too.  I wasn't able to figure that out - it seems that much of the World IPv6 Day have been shutdown.

Personally I think it should all be turned on all the time.  It's the only way we're going to knock the bugs out.

Next?

Where am I now?  I wonder if my PC has it's own 6to4 tunnel into Comcast.  My next step along this path is to undo some of the Windows changes (and read more about them). Both ping and tracert for Windows 7 have a few IPv6 options ("tracert -6" for instance).   I'm trying to decipher the output to determine where the tunnel is and how the home router is involved.

I plan to head back to http://support.microsoft.com/kb/929852 and run some of the other scripts.  While writing this post I discovered that one of the choices is "change DNS to prefer IPv6."   My goal is to verify that devices on my network are talking to the router, and the router is sending data through the 6to4 tunnel.

And if you read this and wondered what they heck IPv6 is and why do I care? http://en.wikipedia.org/wiki/IPv6

This is one of those "yeah, kind of important" but don't worry, somebody else will take care of it.  Go back to sleep.

Unless you are a software developer.  Be on the lookout for IPv6.  Do you have any code that assumes an IPAddress is either 15 characters long or has Dots in the addresss (like string s.Split(".")) - you have work to do.

Links

Test your configuration http://test-ipv6.com/
Windows 7 configuration fix-it: http://support.microsoft.com/kb/929852
Windows 7 6to4 adapter http://support.microsoft.com/kb/980486
Google Search, IPv6 enabled: http://ipv6.google.com
World IPv6 Day: http://www.worldipv6day.org/