OVH Community, your new community space.

IP explination please


Myatu
24-09-2013, 16:47
No probs.

Here's some IPv6 statistics gathered by Google:

http://www.google.com/intl/en/ipv6/statistics.html

In Europe, Romania has the highest adoption rate of IPv6. And I know that their Internet is blistering fast, even in the middle of nowhere. The UK could learn a trick or two from them.
rickyday
23-09-2013, 22:41
Quote Originally Posted by Myatu
That's right. A bit (1 or 0), so 2^64. Enough to give every dust particle in your room its own IP address.



There's a bit of a quirk with OVH's assignments, that makes a bit inconvenient to automatically assign v6 IPs to VMs. You get a /64 block, but the gateway is on a /56 address. This is "outside" the /64 block's range.

Think of it as you using a /24 netmask on IPv4, but the gateway is in fact on a /18 netmask - you would need to setup a route specifically to the gateway in that case, as is the case with OVH's IPv6 setup.

OVH had done this that people could use the full /64 block, but it is more of an inconvenience than convenience. Pair this with the fact that OVH has disabled RA (auto configuration) - which was hailed as a hallmark feature of IPv6, this is even more so the case.



IPv6 doesn't have a "broadcast" feature, just like it has no native NAT (with so many IPs to choose from, is it really needed?). Instead of broadcast, it uses multicast. Basically, a channel (using a "link-local multicast IP", see the address space below) where other nodes subscribe to, and then all receive a message on that channel if one of those nodes says something.

Here's a list of the IPv6 address space:

http://www.iana.org/assignments/ipv6...ss-space.xhtml



IPv6 is gaining though, and this of course includes those script kiddies. And therein lies an important thing to remember, particularly with *nix, is that IPv4 and IPv6 are separate. That means a firewall is separate too. Its common to forget this, and build an impenetrable fortress on IPv4, but the IPv6 side is fully exposed.



There are several companies out there that provide discounted IPv6-only servers or VPSes. I have so myself, too.



IPv6 really isn't that difficult to be honest. It's just getting your head around the new notations (and address range), and getting rid of some things you're accustomed to doing with IPv4. The only thing I'd say to keep an eye on, is as said before, to ensure you have a firewall on both IPv4 *and* IPv6, as they're separate.
Thanks for the information there Myatu, extremely helpful and appreciated
Jasgriff
23-09-2013, 20:16
Quote Originally Posted by Myatu
It depends on how one uses /xx in a sentence.

If one says, "I need a /24 block", then they're talking about 255 IPs that they need.

If one says, "Use a netmask of /24", then they're talking about a netmask of 255.255.255.0 - which is indeed used to limit routing (only the IPs where the first 3 octets are the same is valid here).

That would apply to either internal or external IPs.
Cheers myatu.

I have a better idea of how they work now
RapidSeeds
23-09-2013, 16:13
Except that the far-east has excellent ipv6 support. Many of my friends have native ipv6 with their Chinese ISP.
Trapper
23-09-2013, 14:40
Quote Originally Posted by Myatu
That's right. A bit (1 or 0), so 2^64. Enough to give every dust particle in your room its own IP address.
Ahhh, if only the far-east-emporer had know about IPv6...

http://www.dr-mikes-math-games-for-k...hessboard.html

~Trap
Myatu
23-09-2013, 14:19
Quote Originally Posted by rickyday
How many addresses is a /64 IPv6 block?

18,446,744,073,709,551,616

Is that right? if so that's ridiculous that I haven't been utilising IPv6 and have been struggling with IPv4 failovers for a month or so!
That's right. A bit (1 or 0), so 2^64. Enough to give every dust particle in your room its own IP address.

Quote Originally Posted by rickyday
Now I just need to get my head around the implementing of IPv6 and how to setup the addressing for my virtual machines.
There's a bit of a quirk with OVH's assignments, that makes a bit inconvenient to automatically assign v6 IPs to VMs. You get a /64 block, but the gateway is on a /56 address. This is "outside" the /64 block's range.

Think of it as you using a /24 netmask on IPv4, but the gateway is in fact on a /18 netmask - you would need to setup a route specifically to the gateway in that case, as is the case with OVH's IPv6 setup.

OVH had done this that people could use the full /64 block, but it is more of an inconvenience than convenience. Pair this with the fact that OVH has disabled RA (auto configuration) - which was hailed as a hallmark feature of IPv6, this is even more so the case.

Quote Originally Posted by rickyday
Also are there any reservations when using IPv6 for instance like the 0 & 255 addresses in IPv4 and also multicast addresses and similar?
IPv6 doesn't have a "broadcast" feature, just like it has no native NAT (with so many IPs to choose from, is it really needed?). Instead of broadcast, it uses multicast. Basically, a channel (using a "link-local multicast IP", see the address space below) where other nodes subscribe to, and then all receive a message on that channel if one of those nodes says something.

Here's a list of the IPv6 address space:

http://www.iana.org/assignments/ipv6...ss-space.xhtml

Quote Originally Posted by rickyday
I also like the idea of most of the planet not using IPv6 at the moment, so less script kiddies port scanning etc, etc.
IPv6 is gaining though, and this of course includes those script kiddies. And therein lies an important thing to remember, particularly with *nix, is that IPv4 and IPv6 are separate. That means a firewall is separate too. Its common to forget this, and build an impenetrable fortress on IPv4, but the IPv6 side is fully exposed.

Quote Originally Posted by rickyday
Also do people that have IPv6 setup just use IPv6 or have it running alongside IPv4 as well.
There are several companies out there that provide discounted IPv6-only servers or VPSes. I have so myself, too.

Quote Originally Posted by rickyday
Any does and don'ts would be marvellous for a novice
IPv6 really isn't that difficult to be honest. It's just getting your head around the new notations (and address range), and getting rid of some things you're accustomed to doing with IPv4. The only thing I'd say to keep an eye on, is as said before, to ensure you have a firewall on both IPv4 *and* IPv6, as they're separate.
Myatu
23-09-2013, 13:52
Quote Originally Posted by Jasgriff
Ahhh I see so this determines how many internal IP address can be used?
It depends on how one uses /xx in a sentence.

If one says, "I need a /24 block", then they're talking about 255 IPs that they need.

If one says, "Use a netmask of /24", then they're talking about a netmask of 255.255.255.0 - which is indeed used to limit routing (only the IPs where the first 3 octets are the same is valid here).

That would apply to either internal or external IPs.
rickyday
22-09-2013, 19:13
Quote Originally Posted by LawsHosting
IPv6 is all very well, but not everyone (e.g. ISP's) has native IPv6 support.
Completely agree it is a pain.

There are ways around that though and Myatu posted a great HOW-TO regarding IPv6 tunnelling.

Will have to do until ISPs make the big move

Still very handy if you have multiple servers with OVH and want to utilise it with your VMs.
LawsHosting
22-09-2013, 18:56
IPv6 is all very well, but not everyone (e.g. ISP's) has native IPv6 support.
rickyday
22-09-2013, 15:15
Quote Originally Posted by Myatu
Hmm. Trying to keep this simple

They're the mask bits. The IP(v4) is 32 bits long. Commonly you use 4 bytes (1 byte = 8 bits) - or octets - to write them down, like:

0.0.0.0

but in bits it would be like:

00000000.00000000.00000000.00000000

A "mask" sits on top of the bits that are "fixed" in a range. So let's take /24, which means that the first 24 bits are masked:

11111111.11111111.11111111.00000000

This is the same as:

255.255.255.0

So you see here, that the first 3 octets are "fixed", but the last octet is not.

For an IP block, that would mean you'd have a byte's range (0-255) number of IPs (in reality, up to 253, as 0 is reserved and 255 is used for broadcast).

This is rather simple, until you start using blocks that don't exactly match a full byte, like /26. In bits, that would be:

11111111.11111111.11111111.11000000

And in bytes (octets), that would be:

255.255.255.192

So this will leave the range 192-255 (or 192-254, given 255 is for broadcast). Or 63 IP addresses.

An IP subnet calculator that shows the above with ease is:

http://jodies.de/ipcalc
That's very well explained as always Myatu, is there a ipv6 calc similar to that one you recommend, tried a couple and got quite confused.

Many thanks
rickyday
22-09-2013, 14:31
Crikey I really need to start utilising my IPv6 /64 block then on my mSP.

Much better option that purchasing Pro usage and a RIPE Block of IPv4 addresses.

How many addresses is a /64 IPv6 block?

18,446,744,073,709,551,616

Is that right? if so that's ridiculous that I haven't been utilising IPv6 and have been struggling with IPv4 failovers for a month or so!

Now I just need to get my head around the implementing of IPv6 and how to setup the addressing for my virtual machines.

Also are there any reservations when using IPv6 for instance like the 0 & 255 addresses in IPv4 and also multicast addresses and similar?

Ive got a IPv6 book to read from Microsoft Press on the shelf at home, perhaps now time to read it

I also like the idea of most of the planet not using IPv6 at the moment, so less script kiddies port scanning etc, etc.

Also do people that have IPv6 setup just use IPv6 or have it running alongside IPv4 as well.

Fascinating I have all these IP addresses at my disposable now! But I just need to set it all up

Any does and don'ts would be marvellous for a novice
benarcher
22-09-2013, 09:47
Quote Originally Posted by Jasgriff
Ahhh I see so this determines how many internal IP address can be used?
External IPs. If you have a /24 block of IPs based on (for instance) 119.139.9.xxx - it would mean you can use the entirety of the IPs in that range (0-255)
Jasgriff
22-09-2013, 09:12
Ahhh I see so this determines how many internal IP address can be used?
Myatu
22-09-2013, 00:52
Hmm. Trying to keep this simple

They're the mask bits. The IP(v4) is 32 bits long. Commonly you use 4 bytes (1 byte = 8 bits) - or octets - to write them down, like:

0.0.0.0

but in bits it would be like:

00000000.00000000.00000000.00000000

A "mask" sits on top of the bits that are "fixed" in a range. So let's take /24, which means that the first 24 bits are masked:

11111111.11111111.11111111.00000000

This is the same as:

255.255.255.0

So you see here, that the first 3 octets are "fixed", but the last octet is not.

For an IP block, that would mean you'd have a byte's range (0-255) number of IPs (in reality, up to 253, as 0 is reserved and 255 is used for broadcast).

This is rather simple, until you start using blocks that don't exactly match a full byte, like /26. In bits, that would be:

11111111.11111111.11111111.11000000

And in bytes (octets), that would be:

255.255.255.192

So this will leave the range 192-255 (or 192-254, given 255 is for broadcast). Or 63 IP addresses.

An IP subnet calculator that shows the above with ease is:

http://jodies.de/ipcalc
Jasgriff
22-09-2013, 00:16
I am confused as to what is meant when people refer to IP blocks being /24 /25 /26 etc.

Is there a simple way of explaining it without going into the in's and outs of a ducks ar$e on google