Dynamic IPv6 prefixes, how is that supposed to work?

    • I have a Pirelli Centro Grande ISDN router with IPv6 turned on. For years I have been using DynDNS from the provider No-IP for a specific application. This always worked well and without any problems.

    Today I looked into IPv6 in more detail and discovered that every time the IPv4 address changes (e.g. after restarting the router) the IPv6 prefix also changes. This means that my computers always get a new IPv6 address. How does Swisscom imagine this will work?

    With IPv4 I have port forwarding, which means I only have to change the IPv4 address at noip.com and the Centro Grande with DynDNS does this well and completely automatically. I can use port forwarding to send the protocols to their destinations.

    With IPv6, however, each target host has an IPv6 address and I see no way to automatically and dynamically allocate these addresses when the IPv6 address changes.

    Have I missed something or have I made a fundamental error in thinking? Or what was Swisscom thinking? I assume there is a solution. It has to, right?

    P.S. But please don’t come and say the solution is IPv4… we’re in 2016!

    Show original language (German)

    • @pgloor wrote:

      […]

      Today I looked into IPv6 in more detail and discovered that every time the IPv4 address changes (e.g. after restarting the router) the IPv6 prefix also changes. This means that my computers always get a new IPv6 address. How does Swisscom imagine this will work?

      Swisscom is currently using an interim solution called “6rd”, in which the IPv6 prefix is ​​calculated from the dynamically allocated IPv4. When the IPv4 changes, the IPv6 prefix inevitably does too. Details can be found in the document linked by @user109.

      @pgloor wrote:

      […]

      With IPv4 I have port forwarding, which means I only have to change the IPv4 address at noip.com and the Centro Grande with DynDNS does that well and completely automatically. I can use port forwarding to send the protocols to their destinations.

      With IPv6, however, each target host has an IPv6 address and I see no way of automatically and dynamically allocating these addresses when the IPv6 address changes.

      […]

      P.S. But please don’t come and say the solution is IPv4… we’re in 2016!

      If noip.com does not support dynamic updates of IPv6 (AAAA records), switch to another provider. It certainly works with afraid.org and Synology’s DDNS service; other providers can be found using a search engine. Since each target device in your network has a different address, you also have to configure a DDNS client on each of these devices.

      Another approach is native IPv6 without changing prefixes, which is in fact roughly equivalent to static IPv4. This has advantages and disadvantages and anyway is currently not~ possible with Swisscom with an SME subscription.

      With IPv6 you no longer need port forwarding on the router; you may still have to set up a firewall rule to allow access.

      Edit: as per Tux0ne’s comment.

    @pgloor wrote:

    […]

    Today I looked into IPv6 in more detail and discovered that every time the IPv4 address changes (e.g. after restarting the router) the IPv6 prefix also changes. This means that my computers always get a new IPv6 address. How does Swisscom imagine this will work?

    Swisscom is currently using an interim solution called “6rd”, in which the IPv6 prefix is ​​calculated from the dynamically allocated IPv4. When the IPv4 changes, the IPv6 prefix inevitably does too. Details can be found in the document linked by @user109.

    @pgloor wrote:

    […]

    With IPv4 I have port forwarding, which means I only have to change the IPv4 address at noip.com and the Centro Grande with DynDNS does that well and completely automatically. I can use port forwarding to send the protocols to their destinations.

    With IPv6, however, each target host has an IPv6 address and I see no way of automatically and dynamically allocating these addresses when the IPv6 address changes.

    […]

    P.S. But please don’t come and say the solution is IPv4… we’re in 2016!

    If noip.com does not support dynamic updates of IPv6 (AAAA records), switch to another provider. It certainly works with afraid.org and Synology’s DDNS service; other providers can be found using a search engine. Since each target device in your network has a different address, you also have to configure a DDNS client on each of these devices.

    Another approach is native IPv6 without changing prefixes, which is in fact roughly equivalent to static IPv4. This has advantages and disadvantages and anyway is currently not~ possible with Swisscom with an SME subscription.

    With IPv6 you no longer need port forwarding on the router; you may still have to set up a firewall rule to allow access.

    Edit: as per Tux0ne’s comment.

    Show original language (German)

    Have you tried turning it off and on again?

    Just additional. For SME products on ALL IP, native IPv6 is/is offered, provided you have fixed IPv4.
    It’s my turn. I just received another sign of life from Swisscom on Friday…

    Show original language (German)

    @Tux0ne wrote:
    Just additional. For SME products on ALL IP, native IPv6 is/is offered, provided you have fixed IPv4.
    It’s my turn. I just received another sign of life from Swisscom on Friday…

    I don’t want to change subscriptions and, as a private user, I certainly don’t want an SME solution. All I expect is the same performance as before even when switching to IPv6.

    However, I would be willing to pay a little more for a fixed prefix (e.g. CHF 2 / month or something similar to the DynDNS service costs).

    Show original language (German)

    @PowerMac wrote:

    Swisscom is currently using an interim solution called “6rd”, in which the IPv6 prefix is ​​calculated from the dynamically allocated IPv4. When the IPv4 changes, the IPv6 prefix inevitably does too. Details can be found in the document linked by @user109.

    The document that @user109 refers to is great for my current work, but it doesn’t answer the DynDNS question either. My work specifically relates to a personal project that is about clarifying how to enable IPv6 for home-based servers such as Opensimulator in the future. The document therefore provides the best overview of the entire problem that I have ever seen.

    @PowerMac wrote:
    If noip.com does not support dynamic updates of IPv6 (AAAA records), switch to another provider. It certainly works with afraid.org and Synology’s DDNS service; other providers can be found using a search engine.

    On the one hand, I paid for the service in advance for three years at noip.com. Well, it’s your own fault.

    As for Synology’s solution, it is only a solution for Synology products. I admit, that’s one approach, but here the buck is simply passed from one person to another.

    I haven’t found any other solutions that are supported by the Pirelli Centro Grande.

    If, for technical reasons, because you missed it or for whatever reason, it is not possible to offer fixed IPv6 addresses, it would not be easy for a company like Swisscom to offer a solution in the spirit of Synology, where you can simply use the routable one, for example IP of the devices could register?

    I expect a professional solution from Swisscom that is officially supported by Swisscom, whether with DynDNS service or a fixed IpV6 Global prefix doesn’t matter to me. Is that asking too much?

    Show original language (German)

    If you want to remotely access the web GUI or other functions of the router, an IPv6-capable DDNS client makes sense there, but not for everything else. Since with IPv6 each device has its own, globally unique IP, a separate host name must also be maintained for each of these devices.

    To do this, you would have to install and maintain a DDNS client on each of these devices. This isn’t really practical for many devices.

    I was just brainstorming something and had an idea:

    A possible approach would be to make the router itself a DDNS server. This could be done, for example, by creating a DNS zone for each Internet connection and delegating it to the respective router.

    Example: Customer 0815’s router receives a DNS delegation for the zone “customer0815.swisscom-customers.ch”. DNS requests for lower-level host names such as “mySmartphone.customer0815.swisscom-customers.ch” are then forwarded to the router and answered by it because it knows about its internal clients.

    In terms of safety and other things, there are certainly a few things to consider, but just as an idea…

    Show original language (German)

    Have you tried turning it off and on again?

    v4 and v6 cannot be traded in the same way, you should be aware of that.

    Actually, the router becomes a little “less important” with v6.

    The idea of ​​@PowerMac is an approach that brings a certain intelligence centrally to the router like in v4.

    But I don’t think support is capable of managing this. You should also put some energy into the CPE’s v6 firewall. But as long as there are people with the dreaded D30 who deactivate v6 on principle… 😉

    Currently you need some know-how and the right service providers and the right servers so that you can work with dynamic prefixes. Some people will probably do the configuration statically, for the reason that the prefix rarely changes as long as you don’t do anything to your access…

    However. We are currently working with 6RD. Whatever the solution may be later, native alone does not mean that the prefix is ​​static.

    But I read that there is a provider in DE that offers the choice of static or dynamic via the router interface.

    At Swisscom, this choice would of course have to be available online Kundencenter. Otherwise you would immediately have the next problem with “router compulsory”.

    The simplest option would be to give the customer the choice to fix the prefix. This means that as a customer you have the most options and are not hardware dependent.

    Maybe IPv6@swisscom can say something about this?

    Show original language (German)

    The idea of ​​@PowerMac corresponds roughly to what I thought of myself.

    A DDNS Portmapper Box is available at http://www.feste-ip.net. I’ll try to do something similar with a Raspberry Pi in the next few days to delve deeper into the subject.

    I will briefly report on my experiences and results later in this thread.

    Show original language (German)

    I just took a closer look at this portmapper box. As far as I can see, this is designed for DS-Lite customers who still want to get public IPv4 via paid detours. This probably doesn’t really do much for Swisscom customers with (still) public IPv4 on the WAN port.

    With the RasPi and some shell scripting you will be able to create nice things. For example, consider a script that registers the IPv6 addresses of existing network devices with a capable DDNS provider. Since you are a paying customer at noip.com, I would ask them what the service offering for dynamic AAAA records looks like.

    Show original language (German)

    Have you tried turning it off and on again?

    5 days later

    I’m struggling a bit with it now. In the end I even tore down my beloved firewall and set up something new.

    But I now have native v6 switched on and actively running.

    Dual Session WAN with PPPoE passthrough terminated on a firewall (v6 DHCP6-PD with /48 network).

    I don’t know how many people in Switzerland already have this active. But the product is scheduled to be released for SME in February.

    Show original language (German)