IPv6Integration

/!\ Being worked on /!\

Summary

The 6bone has just been "shut down". More and more ISPs provide IPv6 connectivity to their customers. The ipv6 module is compiled in Ubuntu kernels and causes some issues such as DNS resolution timeouts. A lot of applications are IPv6 enabled but no real policy is defined. It is about time to think about a real IPv6 integration in Ubuntu.

Rationale

Ubuntu already works in IPv6 network and a lot of applications available are IPv6 enabled but there is no glue provided that ensures that IPv6 networking will work out of the box or that it doesn't cause networking issues to users.

Use cases

Alice wants to download data on a remote FTP server. This server is reachable using both IPv4 and IPv6. Alice's FTP client gets the IPv6 address from a DNS server but Alice's machine is not connected to an IPv6 enabled network. Her client can't connect to the server and show an ugly "Connection timeout".

Eric has got a brand new laptop. He wants to see the lovely dancing turtle without configuring anything. Unfortunately the damn network administrators decided to use stateful DHCPv6 instead of stateless autoconfiguration.

Pete's ISP uses IPv4, but Pete wants to run IPv6 with full-up security on his home network. He has Ubuntu server running on one box that he will use as gateway, installing two NICs. One will speak IPv4 to the cable/DSL modem (and get DHCP'd from the ISP), the other will speak IPv6 (and only IPv6) to the home network, offering autoconfiguration to all devices. The box will translate (NAT?) between NIC6 and NIC4; all traffic over NIC6 will use IPv6 confidentiality services; strong authentication is also of interest.

Betty runs a small business with a mix of wired and wireless devices, some IPv6 capable, others limited to IPv4. She wants to run Ubuntu server as a firewall, NAT, and autoconfiguration server for her single-site Intranet. She'll connect an old WAP she has lying around to NIC4, and use to connect her wireless users. They'll get DHCP if IPv4, IPv6 autoconfiguration otherwise. In both cases, she wants box-to-box session confidentiality (IPSec or IPv6, as the case may be), not WPA or WEP. The server should reject any unprotected traffic.

(Implementation of the "Power User Pete" use case is likely very similar to that for "Business Betty", who wants a similar configuration for her small business. One exception: as her business grows, Betty will eventually want her two sites to appear to her users as a single Intranet to anyone "on the inside". The use "old hardware lying around" is realistic and important, because there's a lot of it and we cannot all afford to upgrade all the time.)

Scope

Design

Implementation

Code

Data preservation and migration

Outstanding issues

BoF agenda and discussion


CategorySpec

IPv6Integration (last edited 2008-08-06 16:35:06 by localhost)