Posts Tagged ‘stupid ipv6 tricks’

Stupid ipv6 tricks – get current global ipv6 prefix – linux

Saturday, July 29th, 2023

I need to know what global prefix my server is on in order to be able to add firewall rules allowing access from this prefix for specific ports. I don’t control the gateway, but it only gives me the one prefix I’m currently using in the router advertisement.

I can use “ip -6 route show dev eth0” to get the routes, including the prefix:

$ ip -6 route show dev eth0
2001:db8:778:6600::/64 proto ra metric 1 expires 299sec pref medium
fe80::/64 proto kernel metric 256 pref medium
default via fe80::dead:beff:dead:beef proto ra metric 1 expires 179sec pref medium

Since I’ve gotten it from the router advertisement and it’s not the default route and we want the lowest metric (at least in my case), we can grep for the specific line and get only the prefix itself to be used in bash scripts:

prefix=$(ip -6 route show dev eth0 | grep "proto ra metric 1" | grep -v ^default | awk '{print $1}')


Stupid IPv6 Tricks

Monday, June 22nd, 2015

Today, I was given a VM with an IPv6 address, but it had no IPv6 default route:

$ route -A inet6
Kernel IPv6 routing table
Destination Next Hop Flags Metric Ref Use Iface
2001:db8:80:fd::/64 * U 256 1 0 eth1
fe80::/64 * U 256 0 0 eth1
localhost/128 * U 0 48 1 lo
2001:db8:80:fd::67:8/128 * U 0 77 1 lo
fe80::a00:32ff:feb7:73cd/128 * U 0 53 1 lo
ff00::/8 * U 256 0 0 eth1

Sadness.

I was also not given the router I needed to set the default route to. But no fear, we can ping the router multicast address!

$ ping6 ff02::2 -I eth1 -c1
PING ff02::2(ff02::2) from fe80::a00:32ff:feb7:73cd eth1: 56 data bytes
64 bytes from fe80::a00:32ff:fe4f:9ebc: icmp_seq=1 ttl=64 time=0.411 ms
--- ff02::2 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.411/0.411/0.411/0.000 ms

And all is solved!

# route -A inet6 add default gw fe80::a00:43ff:fe4f:9ebc dev eth1
$ route -A inet6
Kernel IPv6 routing table
Destination Next Hop Flags Metric Ref Use Iface
2001:db8:80:fd::/64 * U 256 1 0 eth1
fe80::/64 * U 256 0 0 eth1
*/0 fe80::a00:32ff:fe4f:9ebc UG 1 0 0 eth1
localhost/128 * U 0 48 1 lo
2001:db8:80:fd::67:8/128 * U 0 77 1 lo
fe80::a00:32ff:feb7:73cd/128 * U 0 53 1 lo
ff00::/8 * U 256 0 0 eth1
$ ping6 facebook.com -c1
PING facebook.com(edge-star6-shv-12-frc3.facebook.com) 56 data bytes
64 bytes from edge-star6-shv-12-frc3.facebook.com: icmp_seq=1 ttl=48 time=163 ms
--- facebook.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 163.953/163.953/163.953/0.000 ms

And there was much rejoicing!