|
[IPv6] so many ipv6 addressesI've got 4 ipv6 addresses on my windows 7 PC. All ipv6 prefix addresses that are blacked out are the same. I assume this is the prefix delegation given to me by comcast. These make sense on where they come from: 1. Temporary IPv6 Address - Windows uses this for anonymity purposes 2. Link-Local - private network related These I'm not so sure about: 3. IPv6 Address - ending in 1eab4. beneath "Lease Expires" #3 I have no idea where it came from - Comcast? My router? Windows? It doesn't appear to be related to my MAC address. #4 I'm guessing is related to attaching the prefix given by Comcast to the uniquely windows generated suffix (that is also used in the link local address) Does anyone know where 3 and 4 come from? |
|
graysonf MVM join:1999-07-16 Fort Lauderdale, FL
1 recommendation |
[IPv6] Re: so many ipv6 addressesSee here if you want to eliminate that. » blackundertone.wordpress ··· dresses/ |
|
|
I'm not looking to disable the temporary address or randomization of the ipv6 address. That doesn't bother me (yet), what I'm interested in is where a couple of the addresses are generated from. |
|
(Software) OPNsense Ubiquiti UniFi UAP-AC-PRO
1 recommendation |
The fe80: addresses are link local and are generated by the device based on the MAC address of the NIC, they are not routed and not seen outside of the layer 2 broadcast domain. Since you cut off label on some of them, I cant tell you wich is wich but the others sources are DHCPv6 and Stateless autoconfiguration and the Tempory Address, DHCPv6 is mostly like DHCPv4 and for info on SLAAC (» en.wikipedia.org/wiki/IP ··· guration). |
|
1 recommendation |
said by Napsterbater:Since you cut off label on some of them, I cant tell you wich is wich but the others sources are DHCPv6 and Stateless autoconfiguration and the Tempory Address, DHCPv6 is mostly like DHCPv4 and for info on SLAAC (»en.wikipedia.org/wiki/IP ··· guration). As I mentioned in original post, blacked out sections are prefix delegated, not fe80. would the address ending in 1eab be the DHCPv6 as it is not based on anything remotely close to a mac address? And does the DHCPv6 generate from Comcast or my router? |
|
mikev Premium Member join:2002-05-04 Leesburg, VA ·Verizon FiOS (Software) pfSense Panasonic KX-TGP600
1 recommendation |
mikev
Premium Member
2014-Sep-28 8:49 pm
said by QuakeFrag:would the address ending in 1eab be the DHCPv6 as it is not based on anything remotely close to a mac address? And does the DHCPv6 generate from Comcast or my router? This is most likely what's going on. DHCPv6 will be generating from your router, based on the prefix that it was delegated from Comcast. Most routers with IPv6 support send an "assisted" router advertisement, allowing both SLAAC (autogenerated) and DHCPv6 addresses. DHCPv6 is also used to provide IPv6 DNS servers, something that SLAAC doesn't (and devices that use only SLAAC, like Android, will instead use IPv4 nameservers, if available). |
|
camperjust visiting this planet Premium Member join:2010-03-21 Bethel, CT 2 edits
1 recommendation |
camper
Premium Member
2014-Sep-28 10:20 pm
Re: so many ipv6 addresses  said by mikev:DHCPv6 will be generating from your router I don't think those addresses are coming from DHCPv6. I get similar addresses on my Windows 7 notebook, and I have turned off the DHCPv6 server on my home network. said by mikev:DHCPv6 is also used to provide IPv6 DNS servers, something that SLAAC doesn't On my home network, I give out the IPv6 DNS server addresses via router advertisements (SLAAC), not DHCPv6. The FreeBSD clients on my home net pick up the IPv6 DNS server via router advertisements. Windows 7 does not seem to have that ability. On my Windows 7 notebook, when I run the command > ipconfig /all I see the following: Ethernet adapter Local Area Connection:
Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller Physical Address. . . . . . . . . : 00-14-22-A6-ED-21 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2601:6:abcd:1234:f418:94e2:9552:b657(Preferred) IPv6 Address. . . . . . . . . . . : fdcf:b715:cdef:6789:f418:94e2:9552:b657(Preferred) Temporary IPv6 Address. . . . . . : 2601:6:abcd:1234:4d8e:50f2:a847:7cf1(Preferred) Temporary IPv6 Address. . . . . . : fdcf:b715:cdef:6789:4d8e:50f2:a847:7cf1(Preferred) Link-local IPv6 Address . . . . . : fe80::f418:94e2:9552:b657(Preferred) IPv4 Address. . . . . . . . . . . : 10.20.2.19(Preferred) Subnet Mask . . . . . . . . . . . : 255.0.0.0 Lease Obtained. . . . . . . . . . : Sunday, September 28, 2014 9:47:51 PM Lease Expires . . . . . . . . . . : Wednesday, October 01, 2014 9:44:10 PM Default Gateway . . . . . . . . . : fe80::21b:21ff:fe19:8855 10.20.1.1 DHCP Server . . . . . . . . . . . : 10.20.1.1 DNS Servers . . . . . . . . . . . : 10.20.1.1 NetBIOS over Tcpip. . . . . . . . : Enabled
The 2601:6:abcd:1234 and fdcf:b715:cdef:6789 prefixes are given out via router advertisements. The host portion (the "interface ID", the last 64 bits, or last 4 quibbles) of the non-temporary IPv6 addresses from those two prefixes does not appear to have any relationship to the MAC address of the NIC, even though the host portion of the two addresses (and the host portion of the fe80 address as well) is the same for both prefixes. I'm wondering if this is a Windows thing, because the FreeBSD hosts on my network derive those 64 bits of the host portion from the MAC address of the NIC. |
|
RR ConductorRidin' the rails Premium Member join:2002-04-02 Redwood Valley, CA ARRIS SB6183 Netgear R7000
1 edit
1 recommendation |
to QuakeFrag
Re: [IPv6] so many ipv6 addressesThis sounds like the reason why- "Unlike IPv4, IPv6 requires a link-local address to be assigned to every network interface on which the IPv6 protocol is enabled, even when one or more routable addresses are also assigned.[8] Consequently, IPv6 hosts usually have more than one IPv6 address assigned to each of their IPv6-enabled network interfaces. The link-local address is required for IPv6 sublayer operations of the Neighbor Discovery Protocol, as well as for some other IPv6-based protocols, like DHCPv6" » en.wikipedia.org/wiki/Li ··· _address |
|
|
to QuakeFrag
I'm still waiting for that breakthrough that makes ipv6 even remotely user friendly. |
|
|
(Software) OPNsense Ubiquiti UniFi UAP-AC-PRO
|
to camper
Re: so many ipv6 addressessaid by camper:The 2601:6:abcd:1234 and fdcf:b715:cdef:6789 prefixes are given out via router advertisements. The host portion (the "interface ID", the last 64 bits, or last 4 quibbles) of the non-temporary IPv6 addresses from those two prefixes does not appear to have any relationship to the MAC address of the NIC, even though the host portion of the two addresses (and the host portion of the fe80 address as well) is the same for both prefixes.
I'm wondering if this is a Windows thing, because the FreeBSD hosts on my network derive those 64 bits of the host portion from the MAC address of the NIC. Found the answer. TBH I never looked at my IP's/MAC that hard to notice. said by »home.swkls.org/ipv6-stat ··· ndows-7/ :]Non-Windows machines stick to this format, and even XP and prior (with IPv6 installed) will behave like this. However, from Vista onward, Microsoft decided to break with standards (no surprise) and use a randomizing function for IPv6 auto configured addresses. We can disable this behavior with the following command:
netsh interface ipv6 set global randomizeidentifiers=disabled
In addition to the auto-configured IPv6 address, a host will also generate a random, temporary IPv6 address. This is used for Internet communication to help mitigate some security concerns. Remember, the interface identifier (in our example 210:18FF:FEA1:ECF) is unique and would not change even if the device were moved to a different topological network. The implication is that if we relied solely upon the interface identifier, devices could be tracked as they move from network to network (think mobile device i.e. cellphone or laptop). So, the temporary identifier is used to help obscure the client device, at least to some extent. |
|
Napsterbater |
to QuakeFrag
Re: [IPv6] so many ipv6 addressessaid by QuakeFrag:These I'm not so sure about: 3. IPv6 Address - ending in 1eab 4. beneath "Lease Expires"
#3 I have no idea where it came from - Comcast? My router? Windows? It doesn't appear to be related to my MAC address.
#4 I'm guessing is related to attaching the prefix given by Comcast to the uniquely windows generated suffix (that is also used in the link local address) Now that i'm on my home system with IPv6 I compared you screenshot with my system. 1eab is gonna be Autoconfigured from Router Advertisements. (see this post » Re: so many ipv6 addresses) and 9fe3 is gonna be from DHCPv6 |
|
camperjust visiting this planet Premium Member join:2010-03-21 Bethel, CT
2 recommendations |
to Moffetts
said by Moffetts:I'm still waiting for that breakthrough that makes ipv6 even remotely user friendly.   When my friends visit and use the guest SSID of my WiFi, they get and use IPv6 addresses, and browse using IPv6 addresses to sites that support IPv6. And most of the time they do not even know they are doing so. How much more user friendly do you want it to be for them? |
|
camper |
to Napsterbater
Re: so many ipv6 addressessaid by Napsterbater:...However, from Vista onward, Microsoft decided to break with standards (no surprise) and use a randomizing function for IPv6 auto configured addresses....   Thanks for that link. |
|
3 recommendations |
to Moffetts
Re: [IPv6] so many ipv6 addressessaid by Moffetts:I'm still waiting for that breakthrough that makes ipv6 even remotely user friendly. It's called DNS |
|
NormanSI gave her time to steal my mind away MVM join:2001-02-14 San Jose, CA
3 recommendations |
to Moffetts
IPv4 is not "more user friendly" than IPv6. Just ask anybody who has never dealt with IP addresses.
For the average Joe, it is all "transparent". As long as the provider sets it up right. |
|
NetDog Premium Member join:2002-03-04 Hollywood, FL
1 recommendation |
to QuakeFrag
I suggest you do a little v6 reading.. or goto youtube and do a search for v6.. |
|
|
I've done reading on this buy I'm still having difficulty understanding, hence why I am here. I'm just looking for the differences between the two IP's and where they come from. I understood the link local, temporary address, and already knew about the randomizedentifiers flag in windows before i posted anything. I thought I was clear in my original post about what info I was looking for.
To remove some of the confusion I disabled the Windows 7 crap that prevents the MAC address from being used:
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) 82579V Gigabit Network Connection Physical Address. . . . . . . . . : 30-85-A9-98-4F-86 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2601:6:xxxx:xxxx::b6a0:1eab(Preferred) Lease Obtained. . . . . . . . . . : Monday, September 29, 2014 15:21:26 Lease Expires . . . . . . . . . . : Tuesday, September 30, 2014 03:21:27 IPv6 Address. . . . . . . . . . . : 2601:6:xxxx:xxxx:3285:a9ff:fe98:4f86(Preferred) Link-local IPv6 Address . . . . . : fe80::3285:a9ff:fe98:4f86%10(Preferred) IPv4 Address. . . . . . . . . . . : 172.16.2.5(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.0.0 Lease Obtained. . . . . . . . . . : Monday, September 29, 2014 15:21:25 Lease Expires . . . . . . . . . . : Monday, October 06, 2014 15:21:25 Default Gateway . . . . . . . . . : fe80::beae:c5ff:fee7:ee5c%10 172.16.0.1 DHCP Server . . . . . . . . . . . : 172.16.0.1 DHCPv6 IAID . . . . . . . . . . . : 238060969 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-C6-EC-29-30-85-A9-98-4F-86 DNS Servers . . . . . . . . . . . : 2601:6:xxxx:xxxx:beae:c5ff:fee7:ee5c 8.8.8.8 75.75.75.75 NetBIOS over Tcpip. . . . . . . . : Enabled
2601:6:xxxx:xxxx:3285:a9ff:fe98:4f86 from my understanding appears to be SLAAC 2601:6:xxxx:xxxx::b6a0:1eab I'm still not sure about, must be DHCPv6 because of the lease time. So my router must be running a DHCPv6 server and assigning what seems to be an arbitrary IP suffix.
Is this right? |
|
NetDog Premium Member join:2002-03-04 Hollywood, FL |
NetDog
Premium Member
2014-Sep-29 3:40 pm
said by QuakeFrag:2601:6:xxxx:xxxx:3285:a9ff:fe98:4f86 from my understanding appears to be SLAAC 2601:6:xxxx:xxxx::b6a0:1eab I'm still not sure about, must be DHCPv6 because of the lease time. So my router must be running a DHCPv6 server and assigning what seems to be an arbitrary IP suffix.
Is this right? Yep.. Just keep in mind v6 can have many addresses. I have servers that have 10 static address. It is ok they have more then one address.. The problem is when it has more then one address from different ranges now that get tricky, and for home user that can be a sign of issues.. |
|
(Software) OPNsense Ubiquiti UniFi UAP-AC-PRO
1 edit |
to QuakeFrag
said by QuakeFrag:To remove some of the confusion I disabled the Windows 7 crap that prevents the MAC address from being used: If you have, you must not have rebooted/reset the interface. 2601:6:xxxx:xxxx::b6a0:1eab is SLAAC DHCP from you router 2601:6:xxxx:xxxx:3285:a9ff:fe98:4f86 is DHCPv6 from your router SLAAC. You can also use the command "netsh interface ipv6 show address" And you will get somthing like this. C:\Windows\system32>netsh interface ipv6 show address
Interface 6: Ethernet
Addr Type DAD State Valid Life Pref. Life Address
--------- ----------- ---------- ---------- ------------------------
Public Preferred 23h59m58s 59m58s 2001:***:****:1:5d3f:a871:2d9a:a3b8
Temporary Preferred 23h59m58s 59m58s 2001:***:****:1:c935:425c:d1d6:eb60
Dhcp Preferred 23h31m53s 31m53s 2001:***:****:1:dcdd:c054:11e0:e2a4
Other Preferred infinite infinite fe80::5d3f:a871:2d9a:a3b8%6
Interface 1: Loopback Pseudo-Interface 1
Addr Type DAD State Valid Life Pref. Life Address
--------- ----------- ---------- ---------- ------------------------
Other Preferred infinite infinite ::1
Public = SLAAC My Cisco 887 has both RA and DHCPv6 set for a Valid Lifetime of 24hrs and a Prefered Lifetime of 60mins. And for Comparison (note this is Windows 8 and a few line are in a different order). Ethernet adapter Ethernet:
Connection-specific DNS Suffix . : napshome.local
Description . . . . . . . . . . . : Intel(R) 82583V Gigabit Network Connection
Physical Address. . . . . . . . . : 40-16-7E-E8-D0-B8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:***:****:1:5d3f:a871:2d9a:a3b8(Preferred)
IPv6 Address. . . . . . . . . . . : 2001:***:****:1:dcdd:c054:11e0:e2a4(Preferred)
Lease Obtained. . . . . . . . . . : Monday, September 29, 2014 11:23:29
Lease Expires . . . . . . . . . . : Tuesday, September 30, 2014 15:15:10
Temporary IPv6 Address. . . . . . : 2001:***:****:1:c935:425c:d1d6:eb60(Preferred)
Link-local IPv6 Address . . . . . : fe80::5d3f:a871:2d9a:a3b8%6(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.1.112(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, September 29, 2014 11:23:27
Lease Expires . . . . . . . . . . : Thursday, October 30, 2014 11:23:27
Default Gateway . . . . . . . . . : fe80::d2d0:fdff:fe1a:ca90%6
10.0.1.3
DHCP Server . . . . . . . . . . . : 10.0.1.3
DHCPv6 IAID . . . . . . . . . . . : 54531710
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-34-C7-06-40-16-7E-E8-D0-B8
DNS Servers . . . . . . . . . . . : 2001:470:e138:1::2
fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
10.0.1.2
Primary WINS Server . . . . . . . : 10.0.1.2
NetBIOS over Tcpip. . . . . . . . : Enabled
Connection-specific DNS Suffix Search List :
napshome.local
EDIT: Was corrected Below |
|
NetFixerFrom My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU
1 edit |
NetFixer
Premium Member
2014-Sep-29 4:07 pm
said by Napsterbater:2601:6:xxxx:xxxx::b6a0:1eab is indeed SLAAC
2601:6:xxxx:xxxx:3285:a9ff:fe98:4f86 is DHCPv6 from your router. I think you have those two definitions reversed. The "ff:fe" in the middle of the local network address, and the near match to the NIC's MAC address for the rest of the local network address pretty much identifies the second instance as SLAAC. I don't use DHCPv6 (the client is installed, but it is disabled) and I also disable IPv6 privacy addresses, so the information below from the Windows PC I am using to make this post illustrates that the "ff:fe" IPv6 address is SLAAC, not DHCPv6: C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : rws-wks
Primary Dns Suffix . . . . . . . : dcs-net.lan
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : dcs-net.lan
dcs-net.net
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-40-CA-71-C6-B4
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.20.100
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
Ethernet adapter Local Area Connection 4:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NETGEAR GA311 Gigabit Adapter
Physical Address. . . . . . . . . : E0-91-F5-95-B6-9D
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.9.100
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : 2601:5:1f00:f7:e291:f5ff:fe95:b69d
IP Address. . . . . . . . . . . . : fe80::e291:f5ff:fe95:b69d%4
Default Gateway . . . . . . . . . : 192.168.9.254
fe80::1e7e:e5ff:fe4c:e6ff%4
DNS Servers . . . . . . . . . . . : 192.168.9.2
208.67.222.123
fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
Tunnel adapter Automatic Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : C0-A8-14-64
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : fe80::5efe:192.168.20.100%2
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter Automatic Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : C0-A8-09-64
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : fe80::5efe:192.168.9.100%2
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\>netsh int ipv6 show addr
Querying active state...
Interface 4: Local Area Connection 4
Addr Type DAD State Valid Life Pref. Life Address
--------- ---------- ------------ ------------ -----------------------------
Public Preferred 3d20h27m12s 3d20h27m12s 2601:5:1f00:f7:e291:f5ff:fe95:b69d
Link Preferred infinite infinite fe80::e291:f5ff:fe95:b69d
Interface 2: Automatic Tunneling Pseudo-Interface
Addr Type DAD State Valid Life Pref. Life Address
--------- ---------- ------------ ------------ -----------------------------
Link Preferred infinite infinite fe80::5efe:192.168.20.100
Link Preferred infinite infinite fe80::5efe:192.168.9.100
Interface 1: Loopback Pseudo-Interface
Addr Type DAD State Valid Life Pref. Life Address
--------- ---------- ------------ ------------ -----------------------------
Loopback Preferred infinite infinite ::1
Link Preferred infinite infinite fe80::1
|
|
|
Bah, you right. Not sure I was thinking on that anyways, the length alone gives the DHCP one away. |
|
|
to mikev
Re: [IPv6] Re: so many ipv6 addressessaid by mikev:DHCPv6 is also used to provide IPv6 DNS servers, something that SLAAC doesn't (and devices that use only SLAAC, like Android, will instead use IPv4 nameservers, if available). I'm confused by this point, because I thought I knew the basics on how this works (this = Comcast's IPv6 implementation). If the point were true, then, as I read it, this website » ipv6.test-ipv6.com will not be reachable on an Android device, because it is purposely setup as an IPv6 (Quad A) DNS record only. Yet it has worked correctly on Android for me for several months now. Am I missing something in this? |
|
|
to cheeseman
Re: [IPv6] so many ipv6 addressessaid by cheeseman:said by Moffetts:I'm still waiting for that breakthrough that makes ipv6 even remotely user friendly. It's called DNS Solid point. |
|
NetFixerFrom My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU
|
to Napsterbater
said by Napsterbater:Bah, you right. Not sure I was thinking on that anyways, the length alone gives the DHCP one away. I figured that it was an accidental typo on your part, but I wanted to make sure that it didn't further confuse the OP. I think there has already been discussion in this thread regarding IPv6 not being very user friendly. |
|
|
Sadly not a typo, more of head up a** moment heh. |
|
NetFixerFrom My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU
|
NetFixer
Premium Member
2014-Sep-29 4:30 pm
said by Napsterbater:Sadly not a typo, more of head up a** moment heh. BTDT...it happens occasionally to all of us (especially when you are looking at a long scrolling list of numbers). |
|
mikev Premium Member join:2002-05-04 Leesburg, VA ·Verizon FiOS (Software) pfSense Panasonic KX-TGP600
1 edit |
to OldCoalMiner
Re: [IPv6] Re: so many ipv6 addressesI've already been proven wrong regarding SLAAC and DNS (I actually wasn't aware that SLAAC could be used to provide DNS server info, so I learned something today)... but I'm pretty sure I have this right.
Here's something to try when you have a moment... Turn off IPv4/DHCP on your router, if possible. This might only be possible with a more advanced router or unofficial firmware (i.e. Tomato, DD-WRT, or others). Turn your network into IPv6-only and see if your Android device is able to connect to anything (if it can even connect to the network; see below). To be double-sure, make sure you turn on Airplane mode then turn WiFi back on, so it doesn't fall back to using the cell network for anything (assuming you're using a cell phone instead of a tablet).
In fact, if you make your network IPv6-only (as I've somewhat done to my Android device by disabling the DHCP server on my router before attempting to connect to the network), it will actually disconnect from the network because it can't get an IPv4 address. And if you manually provide an IPv4 address, it will default to using Google's IPv4 DNS servers if you don't provide your own, so you have no option to NOT provide an IPv4 DNS server.
So that's why even though it has an IPv6 address through SLAAC, your Android device is still able to access IPv6-only sites through the use of the IPv4 DNS servers.
I even remember there was a big to-do about Android's IPv6 "support" last year... I think it was at one of the security conferences, they set up an IPv6-only network, and none of the Android devices could use it! |
|
NetFixerFrom My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU
|
NetFixer
Premium Member
2014-Sep-29 10:26 pm
said by mikev:So that's why even though it has an IPv6 address through SLAAC, your Android device is still able to access IPv6-only sites through the use of the IPv4 DNS servers. Just about any public IPv4 addressed DNS server will still return a request for an AAAA record. That includes DNS servers from AT&T, Comcast, Google, Level3, OpenDNS, et al. C:\>dig -taaaa www.comcast.net @75.75.75.75
; <<>> DiG 9.9.2 <<>> -taaaa www.comcast.net @75.75.75.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53321
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;www.comcast.net. IN AAAA
;; ANSWER SECTION:
www.comcast.net. 120 IN CNAME www.comcast.net.edgesuite.net.
www.comcast.net.edgesuite.net. 128 IN CNAME a1526.dscg.akamai.net.
a1526.dscg.akamai.net. 11 IN AAAA 2600:1402:e::b833:96a0
a1526.dscg.akamai.net. 11 IN AAAA 2600:1402:e::b833:9698
;; Query time: 46 msec
;; SERVER: 75.75.75.75#53(75.75.75.75)
;; WHEN: Mon Sep 29 21:16:00 2014
;; MSG SIZE rcvd: 172
C:\>dig -taaaa www.comcast.net @8.8.8.8
; <<>> DiG 9.9.2 <<>> -taaaa www.comcast.net @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52052
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.comcast.net. IN AAAA
;; ANSWER SECTION:
www.comcast.net. 80 IN CNAME www.comcast.net.edgesuite.net.
www.comcast.net.edgesuite.net. 148 IN CNAME a1526.dscg.akamai.net.
a1526.dscg.akamai.net. 19 IN AAAA 2600:1402:a::b81a:8fb8
a1526.dscg.akamai.net. 19 IN AAAA 2600:1402:a::b81a:8fb3
;; Query time: 46 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Sep 29 21:16:36 2014
;; MSG SIZE rcvd: 172
C:\>dig -taaaa www.comcast.net @4.2.2.1
; <<>> DiG 9.9.2 <<>> -taaaa www.comcast.net @4.2.2.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26638
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.comcast.net. IN AAAA
;; ANSWER SECTION:
www.comcast.net. 120 IN CNAME www.comcast.net.edgesuite.net.
www.comcast.net.edgesuite.net. 300 IN CNAME a1526.dscg.akamai.net.
a1526.dscg.akamai.net. 20 IN AAAA 2001:559:0:5d::1743:3d39
a1526.dscg.akamai.net. 20 IN AAAA 2001:559:0:5d::1743:3d3b
;; Query time: 93 msec
;; SERVER: 4.2.2.1#53(4.2.2.1)
;; WHEN: Mon Sep 29 21:16:47 2014
;; MSG SIZE rcvd: 172
C:\>dig -taaaa www.comcast.net @208.67.222.222
; <<>> DiG 9.9.2 <<>> -taaaa www.comcast.net @208.67.222.222
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62447
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.comcast.net. IN AAAA
;; ANSWER SECTION:
www.comcast.net. 80 IN CNAME www.comcast.net.edgesuite.net.
www.comcast.net.edgesuite.net. 130 IN CNAME a1526.dscg.akamai.net.
a1526.dscg.akamai.net. 20 IN AAAA 2600:1402:a::b81a:8fb3
a1526.dscg.akamai.net. 20 IN AAAA 2600:1402:a::b81a:8fb8
;; Query time: 78 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Mon Sep 29 21:16:57 2014
;; MSG SIZE rcvd: 172
C:\>dig -taaaa www.comcast.net @192.168.9.2
; <<>> DiG 9.9.2 <<>> -taaaa www.comcast.net @192.168.9.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46571
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;www.comcast.net. IN AAAA
;; ANSWER SECTION:
www.comcast.net. 120 IN CNAME www.comcast.net.edgesuite.net.
www.comcast.net.edgesuite.net. 132 IN CNAME a1526.dscg.akamai.net.
a1526.dscg.akamai.net. 20 IN AAAA 2600:1402:a::b81a:8fb8
a1526.dscg.akamai.net. 20 IN AAAA 2600:1402:a::b81a:8fb3
;; Query time: 19 msec
;; SERVER: 192.168.9.2#53(192.168.9.2)
;; WHEN: Mon Sep 29 21:22:57 2014
;; MSG SIZE rcvd: 172
I can't easily do an AT&T DNS request at the moment, because AT&T's ACL for their Anycast DNS servers restricts access from Comcast IP addresses (but if I did such a DNS request from an AT&T IP address, their IPv4 DNS servers would also respond to an AAAA request). |
|
|
to mikev
I've previously tried a variation on this, on some Windows 7 machines, disabled all but the IPv6 "properties" on the network adapters. Doing so could still get to that website and to the usual suspects google.com and yahoo.com and etc.
But as expected anything looking for an A DNS record fails. I think there's some logic in {something in windows or your browser} that either prefers or defaults to IPv4/IPv6 when one or the other is not available. It works fairly seamlessly in my experience.
Will try your test with my router and an android phone and report back. |
|
|
v6movement to mikev
Anon
2014-Sep-29 11:18 pm
to mikev
said by mikev:I even remember there was a big to-do about Android's IPv6 "support" last year... I think it was at one of the security conferences, they set up an IPv6-only network, and none of the Android devices could use it! There are two long known issues with Android's v6 support making it unusable on a v6-only network via Wifi and it is truly embarrassing how poorly Google deals with Android issues. 1) It has no means of retrieving DNS servers for the network whether via RFC6106 for RA or DHCPv6 2) It's Wifi subsystem has a bug that will result in it not keeping a connection established to a network if it doesn't have v4. |
|