The Linux kernel implements most of its IPv6 parts from USAGI. The integrated USAGI version/release is unknown. Implemented into the kernel are the core functions of USAGI; the "standard" user-level programs provide basic IPv6 functionality. Support for several newer subprotocols is not integrated into kernel/most base systems and has to be installed by hand or as third-party software/packages.
|Current version||Linux kernel 2.6|
|Tested version||Linux 2.6.16|
Basic IPv6 functions
IPv6 is (in most configurations) active by default and successfully performs stateless autoconfiguration upon reception of RAs. The required IPv6 kernel modules are (mostly) loaded automatically.
Privacy addresses are not enabled by default. Their generation is activated with
a sysctl: (if is the used interface)
To prefer privacy addresses and use them over the normal addresses, use:
The Linux netfilter firewall has stateless IPv6 filtering support since 2007 with the integration into Linux kernel 184.108.40.206
The IPv6 part of netfilter is called via the separate command ip6tables.
See the Further Reading list for links to usage examples
Firewall Usage and
Linux supports configured tunnels with the sit tunnel-interface. Setting up a manual tunnel requires several steps on the command line.
Beforehand, you need the following information:
- IPv4-address of the host
- IPv4-address of the router/tunnel-server
- (Tunnel) IPv6-address of the host
Create the interface (sit1 is the tunnel interface)
and set up the IPv4 addresses:
ip tunnel add sit1 mode sit remote $router-ipv4 local $host-ipv4
ip link set sit1 up
Set up the IPv6 address of the host:
ip address add dev sit1 $tunnel-v6host
Set the (IPv6) default route on the tunnel:
ip route add ::/0 dev sit1
Linux supports automatic 6to4-tunnelling with the tun6to4 tunnel-interface. Setting up a 6to4 tunnel requires several steps on the command line.
Beforehand, you need the following information:
- 6to4/IPv6-prefix of the host (see 6to4 Details: Creating the prefix for instructions).
Create and activate the interface:
ip tunnel add tun6to4 mode sit ttl 64 remote any local
ip link set dev tun6to4 up
Apply the 6to4 prefix:
ip -6 addr add $6to4/16 dev tun6to4
Set the (IPv6) default route on the public 6to4 anycast address:
ip -6 route add 2000::/3 via ::220.127.116.11 dev tun6to4 metric 1
Linux does not integrate DHCPv6 by default; most distributions do not include DHCPv6 software in their installation. DHCPv6 functionality (server, relay and client) can be obtained through external packages (see DHCPv6 software overview for comparison):
In our tests Dibbler was used successfully as DHCPv6 client and server in both stateful and stateless mode. It received (as client) several types of additional addresses and DNS information, which then were used by the network stack. As server, it distributed these information successfully to a variety of clients. (See the above referenced Dibbler DHCPv6 page for more information and configuration hints.)
Linux (in the form of SuSE 10.1) integrates an IPv6-capable PPP daemon into its base system.
Most Linux distributions (including SuSE) ship the standard, IPv6-capable (
Paul’s PPP Package)
The PPP software supports (in version 2.4.3) RFC 2472 2 and was tested successfully with IPv6 on DSL (via PPPoE). After the addition of one configuration line the PPP daemon pppd tries to negotiate IPv6 while establishing the PPP link (IPv6CP) and successfully creates a link-local address for the PPP interface. The IPv6 stack afterward receives RAs on the PPP link and configures an global address on the PPP interface.
IPv6-relevant configuration of the PPP daemon is limited to specifying whether and how a IPv6 link-local address should be generated. The following line needs to be added to /etc/ppp/options and activates IPv6:
Supported IPv6 RFCs & IDs
This list of supported RFCs is specific to two Linux distributions which supply this data — SUSE Linux Enterprise Server 10 SP2 (Kernel 2.6.16 modified) and Red Hat Enterprise Linux 5.2 (Kernel 2.6.18 modified).
|RFC 1981||Path MTU discovery for IP version 6|
|RFC 2460||Internet protocol, version 6 (IPv6) specification|
|RFC 2461||Neighbor discovery for IP version 6 (IPv6)|
|RFC 2462||IPv6 stateless address autoconfiguration|
|RFC 2464||Transmission of IPv6 packets over Ethernet networks|
|RFC 2465||Management Information Base for IPv6: Textual Conventions and General Group|
(only Red Hat)
|RFC 2710||Multicast Listener Discovery (MLD)|
|RFC 3041||Privacy Extensions|
|RFC 3056||6to4 [RFC is not listed but probably supported —Ed.|
|RFC 3315||Stateful DHCPv6|
|RFC 3484||Default Address selection|
|RFC 3596||DNS Extensions to support IPv6|
|RFC 3810||Multicast Listener Discovery Version 2 (MLDv2)|
|RFC 4007||IPv6 Scoped Address Architecture|
|RFC 4193||Unique Local IPv6 Unicast Addresses|
|RFC 4213||Transition Mechanisms for IPv6 Host and Routers|
|RFC 4291||IPv6 Addressing Architecture|
|RFC 4443||Internet Control Message Protocol (ICMPv6) for the Internet ProtoVersion 6 (IPv6) Specification|
There will be no Linux-specific/distribution-agnostic list — many RFCs describe functions which are supplied by system services, and thus outside the kernel.
- Paul’s PPP Package Homepage (Paul Mackerras: n.d. Accessed 20.12.2006)↑
- PPPD(8) manual page from pppd version 2.4.3 (Paul Mackerras: n.d. Accessed 15.1.2007)↑
Special Interoperability Test Certification of
the Novell SuSE Linux Enterprise Server 10, Service Pack 2 [...]
(Defense Information Systems Agency/Joint Interoperability Test Command (JITC): July 2008. Accessed April 2009) and
Special Interoperability Test Certification of the Red Hat Enterprise Linux 5.2 Server and Client [...] (Defense Information Systems Agency/Joint Interoperability Test Command (JITC): July 2008. Accessed April 2009) and
SUSE Linux Enterprise Server 10 SP2 IPv6 Letter of Compliance for DISA/JITC (Novell, Inc.: n.d. Accessed April 2009) and
RedHat Enterprise Release 5.2 IPv6 Letter of Compliance for DISA/JITC (Red Hat, Inc.: n.d. Accessed May 2009) ↑
- Status of Open Source and commercial IPv6 firewall implementations Slides of talk at European Conference on Applied IPv6 (ECAI6) (Peter Bieringer: September 2007. Accessed May 2009)↑
- Linux IPv6 HOWTO (Peter Bieringer, TLDP.org: February 2009. Accessed May 2009) Essential reading, especially the chapters:
- Current Status of IPv6 Support for Networking Applications (Peter Bieringer et al, deepspace6.net: April 2010. Accessed April 2010)