Giving every IPv6 address a name

TL;DR

You can use IPv6address.has-a.name as a domain name for any of your containers or VMs. The required format is 1234-5678-9abc-def0-1234-5678-9abc-def0.has-a.name . This is already a valid name and points to the IPv6 address 1234:5678:9abc:def0:1234:5678:9abc:def0 .

Introduction

Imagine the following: you have a container or virtual machine running with IPv6 and you want to give somebody access to it.

IPv6 being IPv6, it is very easy to give someone access. However, you might also want to use HTTPS. First, because HTTP does not look good in browsers anymore. Secondly, because it is more secure. And thirdly, because contributing to more encrypted traffic is a good thing for the Internet.

But you cannot get a certicate that you need for HTTPS without a name.

Developing a tool to map IPv6 addresses to names

At the last Hack4Glarus we were brainstorming and testing solutions on how to solve this problem. How can we give any IPv6 address a name? At the Hackathon our participants invited a coolstateful solution that is now even reachable at weneedaname .

After the hackathon our team was continuing to brainstorm on how to solve this problem, but in a stateless way.

Knot to the rescue

Eventually we rediscovered a software that we have been running for a while already: KnotDNS . We use it to synthesize reverse DNS records for all IPv6 addresses in our networks. That's why you can do a reverse lookup of ANY IPv6 address in the 2a0a:e5c0::/29 network and you will get a reply that results for instance in the name 2a0a-e5c3-cafe-cace-0000-0000-0000-0000.loves.ipv6.at.ungleich.ch .

Also the opposite works, so looking up above name, results in finding the IPv6 address 2a0a:e5c3:cafe:cace:: .

With has-a.name, we took it one step further: Instead of limiting the lookups to our own network, you can use this name for any IPv6 address.

Let's for instance take google's IPv6 address 2a00:1450:4009:811::200e. If google did not yet point google.com to it, google could use 2a00-1450-4009-0811-0000-0000-0000-200e.has-a.name as an alternative domain name. Obviously not that practical for google, but not everybody is google.

has-a.name is a service for anyone building IPv6 applications

The reason why we introduce the has-a.name service is to allow anyone quick prototyping with IPv6. Anyone can have an IPv6 network. Either via a VPN (our claim is it works anywhere with IPv6VPN.ch or on your IPv6 only VM . With IPv6 you can quickly bootstrap your service and show it to anyone in the world.

With has-a.name you can now also use SSL certificates on any IPv6 address.

If you want to discuss the has-a.name service, we invite you to join the IPv6.Chat .