Menu
Article Lighthouse

IPv6 in Lighthouse

Adrian Manning

Adrian Manning

Category Lighthouse

IPv6

IPv6 has been specified for almost a decade. A vast majority of the Internet has updated and has support for IPv6 networks, however Ethereum is lagging in this regard.

As Ethereum is decentralized, the more nodes on the network that support IPv6, the easier it is for new nodes to join using IPv6. This is why:

we-need-you

This post is designed to go along-side our Lighthouse NAT guide which contains more technical details for setting up correct network configuration for a Lighthouse node.

How IPv6 Works (From a Users Point of View)

We're not going to explain the inner workings of IPv6 in this section, rather give a super high-level overview of what to expect and look for when enabling IPv6 on your Lighthouse node.

There a few ways to enable IPv6 support. The way we are recommending is called a dual-stack set-up. This means that Lighthouse listens on both IPv4 and IPv6 at the same time. It will form connections with IPv4 and IPv6 peers separately, but it prioritises IPv6 if one of our peers supports it.

The discovery mechanism for IPv6 requires other IPv6 peers on the network to help it identify if its contactable via IPv6. This is one of the main reasons we are encouraging users to adopt IPv6 as more users with IPv6 support will speed up this process.

IPv6 addresses are typically globally routable. This means that the IPv6 address of your computer can be used publicly to connect to your node (this is generally not the case for IPv4 see our post about NAT). This does not mean your node is publicly accessible, you will still need to set pass rules for IPv6 ports in your firewall in order for Lighthouse receiving incoming IPv6 traffic. One benefit of using IPv6, is that your router no longer needs to perform NAT on IPv6 packets, and so removes one processing step from the routing process, yay.

If you want to check if your node is listening on IPv6, you can run:

netstat -ntlp6

Here the flags represent:

  • n - Numeric ports
  • t - show only TCP
  • l - show only listening sockets
  • p - show the program that opened the port
  • 6 - IPv6

Which should show listening IPv6 TCP sockets, which by default should show port 9000 when Lighthouse is running (and you have a configured IPv6 network).

Prerequisites

Lighthouse fully supports IPv6. In order for you to start using it today (assuming latest version of Lighthouse), you need to:

  1. Make sure your network/ISP supports IPv6 and your network is correctly set up.
  2. Either not specify a --listen-address in Lighthouse or listen on both IPv4 and IPv6 via --listen-address 0.0.0.0 --listen-address ::
  3. Set up firewall rules to permit inbound IPv6 traffic. See our Lighthouse NAT post for an in-depth guide.

You can verify if you have a globally routable IPv6 address via looking at all your IPv6 addresses:

ip -6 addr

And example output is:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000
    inet6 ::1/128 scope host noprefixroute
       valid_lft forever preferred_lft forever
2: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
    inet6 2400:0005:5302:5005::9000/128 scope global dynamic noprefixroute
       valid_lft 5245sec preferred_lft 2545sec
    inet6 2400:0005:5302:3d05:3167:7c7c:e741:6c38/64 scope global temporary dynamic
       valid_lft 86165sec preferred_lft 14165sec
    inet6 2401:d002:1602:3d05:4557:b513:196f:17f7/64 scope global dynamic mngtmpaddr noprefixroute
       valid_lft 86165sec preferred_lft 14165sec
    inet6 fe80::77c5:69c4:218d:b4ef/64 scope link noprefixroute
       valid_lft forever preferred_lft forever

This output shows three globally routable addresses. You can identify them via the word global but also that they start with a 2 or a 3. Addresses that start with fe80 as can be seen here are called link-local addresses and these are not sufficient for Lighthouse to work on IPv6. We are assuming your router/network has assigned globally routable addresses to your Lighthouse node.

Is It Working?

If you've got Lighthouse running, listening on IPv6 and set up firewall rules in your router, you can check to make sure if IPv6 is functioning correctly via the following methods (these are highlighted in more detail in the lighthouse nat blog post):

  1. Check the NAT HTTP API endpoint (assuming the --http flag has been set in Lighthouse): $ curl localhost:5052/lighthouse/nat If the IPv6 fields return true, then congratulations, your Lighthouse node is configured correctly for IPv6. (It may take some time on startup for these to turn true).
  2. Check the Network dashboard in Lighthouse metrics.
  3. Sift through logs to check for IPv6 connections. This is a much more tedious option, but you can grep the Lighthouse logs, typically found at .lighthouse/<network>/beacon/logs/beacon.log. Search for Connection established and look for IPv6 connections (or search for them directly). i.e $ grep "Connection established" beacon.log. You may find that your Lighthouse node is creating outbound IPv6 connections but not receiving any incoming connections. In this case, the first two points will likely show incorrect NAT configuration. This typically means that your firewall has not been configured to allow IPv6 traffic into the discovery (UDP 9000) and/or libp2p (TCP 9000, UDP 9001) ports.

That's It

This is all that's needed and the more nodes that set up their networks to support IPv6, the smoother the transition will be for new IPv6 nodes joining the network.

Help out and support IPv6! :)

Share