et lux in tenebris lucet

Just this last week I finally converted my last IPv4-only transit into dual-stack. It’s long been a goal of mine to be 100% IPv6 native and it’s finally done.

Last year when I was searching for ways to overcome the lack of built-in IPv6 functions in MySQL, I was curious how other people were solving the problem. There are solutions out there that store IPv6 addresses across two database fields, but I find this unwieldy and prefer storing them as a single value. This was by far the most elegant solution I found that doesn’t rely on external dependencies (like writing special functions for your program to handle the two-value method):

http://oierud.name/bliki/IPv6AdressesAndMysql.html

Basically, it duplicates the capabilities of the built-in IPv4 INET_ATON() and INET_NTOA() counterparts. And case the URL ever goes dead:

DELIMITER //
CREATE FUNCTION INET_ATON6(n CHAR(39))
RETURNS DECIMAL(39) UNSIGNED
DETERMINISTIC
BEGIN
    RETURN CAST(CONV(SUBSTRING(n FROM  1 FOR 4), 16, 10) AS DECIMAL(39))
                       * 5192296858534827628530496329220096 -- 65536 ^ 7
         + CAST(CONV(SUBSTRING(n FROM  6 FOR 4), 16, 10) AS DECIMAL(39))
                       *      79228162514264337593543950336 -- 65536 ^ 6
         + CAST(CONV(SUBSTRING(n FROM 11 FOR 4), 16, 10) AS DECIMAL(39))
                       *          1208925819614629174706176 -- 65536 ^ 5
         + CAST(CONV(SUBSTRING(n FROM 16 FOR 4), 16, 10) AS DECIMAL(39)) 
                       *               18446744073709551616 -- 65536 ^ 4
         + CAST(CONV(SUBSTRING(n FROM 21 FOR 4), 16, 10) AS DECIMAL(39))
                       *                    281474976710656 -- 65536 ^ 3
         + CAST(CONV(SUBSTRING(n FROM 26 FOR 4), 16, 10) AS DECIMAL(39))
                       *                         4294967296 -- 65536 ^ 2
         + CAST(CONV(SUBSTRING(n FROM 31 FOR 4), 16, 10) AS DECIMAL(39))
                       *                              65536 -- 65536 ^ 1
         + CAST(CONV(SUBSTRING(n FROM 36 FOR 4), 16, 10) AS DECIMAL(39))
         ;
END;
//
DELIMITER ;

DELIMITER //
CREATE FUNCTION INET_NTOA6(n DECIMAL(39) UNSIGNED)
RETURNS CHAR(39)
DETERMINISTIC
BEGIN
  DECLARE a CHAR(39)             DEFAULT '';
  DECLARE i INT                  DEFAULT 7;
  DECLARE q DECIMAL(39) UNSIGNED DEFAULT 0;
  DECLARE r INT                  DEFAULT 0;
  WHILE i DO
    -- DIV doesn't work with nubers > bigint
    SET q := FLOOR(n / 65536);
    SET r := n MOD 65536;
    SET n := q;
    SET a := CONCAT_WS(':', LPAD(CONV(r, 10, 16), 4, '0'), a);

    SET i := i - 1;
  END WHILE;

  SET a := TRIM(TRAILING ':' FROM CONCAT_WS(':',
                                            LPAD(CONV(n, 10, 16), 4, '0'),
                                            a));

  RETURN a;

END;
//
DELIMITER ;

What watching a movie (Tears of the Sun) on Netflix via my Roku box looks like:

During a recent thread on NANOG, it was asserted that 2Mbps was sufficient for streaming, so I looked at my graphs to share my personal experience. The reported quality on the Roku was “four dots”. The scale is one to four dots then “HD”.

In the IPv4 world, router or gateway redundancy is accomplished using a protocol such as VRRP or HSRP. Many of these same routers support IPv6, but not the redundancy factor. Or do they? Fortunately in IPv6 land there’s a built-in feature in the protocol called “router advertisement”, or RA. A router with an IPv6 address on an interface will generate an RA for hosts on the same layer 2 segment. Using this feature, we can create a simple failover setup for IPv6 between two routers. In this example I’m using Cisco routers, but the same concept can be applied elsewhere.

The concept is extremely simple: configure the IPv6 address on both router interfaces as anycast (that is, disable duplicate address detection) and adjust the RA interval and lifetime parameters to your liking. The hosts will pick up the link local addresses from each router/gateway as a candidate default gateway. If one of them fails it will stop sending its respective RA.

The Cisco interface config commands to be applied to the router interfaces are:

ipv6 address 2001:0DB8:107:400::1/64 anycast
ipv6 nd ra-interval 60
ipv6 nd ra-lifetime 300


That’s it! Now you have a basic redundant IPv6 gateway. The obvious drawback to this is recovery time: the failed RA will have to time out on the hosts before it is removed from their routing table. However, you can adjust the RA lifetime on most platforms. This also requires that the hosts listen for RA (which may have implications on an end-user network such as rouge RA). The benefit is that in any case you’ll have simple redundancy using a protocol feature that you may otherwise not have.

You can’t disable autoconf in sysctl.conf because the ipv6 module hasn’t loaded yet, and the ipv6 module loads after /etc/network/interfaces is parsed (thus ignoring your inet6 static section), so here’s how to do static IPv6 addressing with Debian:

iface eth0 inet6 static
    address 2001:0DB8:107:400::a
    netmask 64
    pre-up modprobe ipv6
    pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf

The gateway will be picked up by listening for router advertisements, as this simply disables the autoconf address. This is ideal for servers.

Debian 6.0 “squeeze”

The IPv6 module no longer exists since it’s now built in (like IPv4), so just omit the modprobe line as such:

iface eth0 inet6 static
    address 2001:0DB8:107:400::a
    netmask 64
    pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf

Click to embiggen.

The Firearms: Source LAN release party was a great success for such short notice. High five!

Firearms has returned with its first new release after five years! To celebrate this awesome achievement, a Firearms: Source LAN party is being held to play the hell out of it. We will be taking advantage of the awesome bandwidth at rollernet and playing online (you really need at least 8 vs. 8 teams to play LAN only), so everyone needs their own Steam account due to modern day copy protection.

Insults and profanity will be used freely. This is a rated R gaming environment. Bring snacks, drinks, chips, and some cash to chip in for food. A mini fridge is available and we will have bottled water on site. Plan on playing long into the night.

If you can’t make it we’ll most likely be playing online as a group, so join us online. We have set up two public servers just in case: Roller Network Firearms #1 and Roller Network Firearms #2. Friendly Fire may be on or off and will be noted, but we generally prefer to play FF ON.

What you will need to play:

1. See our Firearms: Source page for more info.

Install all of these and you should be good to go. We have plenty of bandwidth to download things the day of. Steam is available for Windows and MacOS, but the Firearms mod is Windows only.

What to bring to the LAN:

You must provide your own Computer, Headphones, Keyboard, Mouse and LCD Monitor. We have power and Ethernet cables; NO WIFI. (We have it, but we don’t use it for gaming.) Use corded mice and keyboards for best results.

A limited supply of keyboards and mice is available on site in case something breaks or is forgotten. Bring a mouse pad or wrist wrest if you can’t play without them (I can’t). We do have plenty of power cords, power strips and Ethernet cables. Leave those at home. Headphones are an absolute must with multiple people playing in the same room. Microphones are optional, but useful to talk to teammates online. LCD monitors are required due to power, weight, and heat limitations.

HAVE FUN and welcome to Firearms!

Local Mirror Copies:

• See our Firearms: Source page for mirrors.