Internet address (IPv6) autodiscovery

Posted by towo on Tuesday, September 1, 2009 · Leave a Comment 

At the U23 yes­ter­day, we inclu­ded a sim­ple prac­tice les­son on how net­works work. We have a ser­ver on our net­work cal­led fiep.labor.koeln.ccc.de. fiep only has a sin­gle address, 192.168.23.240/25 accor­ding to the local DNS ser­ver, as oppo­sed to the rest of the net­work, 172.23.23.0/24.

The rou­ter did not announce any route for 192.168.23.128/25, but fiep still had addres­ses in other net­works (172.23.23.23 as well as an address in 2001:6f8:100c:1::/48), but they weren’t announ­ced anywhere.

The task, as given, was “to con­nect to http://fiep/hacking4pizza/”. In essence, this redu­ced the task at hand to eit­her just giving your­self an IP in the 192.168.23.128/25 net­work or just set­ting a route for said net­work, and then opening up your brow­ser. Along with other work­a­rounds, of course, that do require know­ledge not easily available.

We had an inte­res­ting case, though: one sin­gle Mac user could con­nect to the host wit­hout pro­blem, just typ­ing in http://fiep/ and everything’s good.

Con­fu­sion was amongst us. We couldn’t quite explain how the Mac mana­ged to just access the site. We assu­med it was IPv6, blo­cked it, and voilà, it didn’t work anymore.

Vague theo­ries were ram­ped up. Mine was the sca­riest, and also rather possible:

  1. The cli­ent looks up the host­name, as usual.
  2. It gets the IP, sees that it has no route to go there.
  3. Next, an ARP request is pus­hed out for the IP.
  4. The switch comes yap­ping along and says “got it!”, along with the MAC address.
  5. The cli­ent then gene­ra­tes an IPv6 address from the MAC address.
  6. Voila, con­nec­tivity.

There’s just two points where this would have went wrong:

  1. Usually, the default route cat­ches any stragglers.
  2. Why gene­rate a v6 address when it gets a con­nec­tion to the v4 address? Of course, it doesn’t know whe­ther the rou­ter will actually for­ward anything at all.

In the end, though, it was some­thing way more sim­ple: we still had an exter­nal DNS ser­ver which pro­pa­ga­ted the public IPv6 address, and the cli­ent was using an exter­nal DNS server.

But try­ing to find out what actually hap­pened did prove quite entertaining.

Filed under Articles · Tagged with , , ,

About towo
towo has been writing stuff on the Internet on and off for years. He also thinks that author blurbs are silly.

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!