6

In IPv4, if I want to send a magic packet to a workstation in another VLAN, I enable directed broadcasts in the remote VLAN and send it to the VLAN's broadcast address. This works great.

In IPv6, I can use FF02::1 to send a WoL frame to workstations inside the same VLAN, but without broadcasts, how would I send it to a workstation in a different VLAN?

Avery Abbott
  • 1,793
  • 9
  • 15
  • Has anyone done anything with UDP forwarding? Maybe you could take a packet directed to the FF02::1 address and forward it out all of the router interfaces? It's not the cleanest solution, but since a magic packet is only a few bytes, it wouldn't waste too much bandwidth. I'm thinking that or a dedicated WoL repeater device per subnet which, again, isn't ideal. – Avery Abbott Apr 19 '14 at 17:33
  • If you're talking about Cisco's `ip helper-address`, it only supports IPv4. Have you ever successfully performed a WOL event with IPv6 (even on the same subnet)? I can't make WOL over IPv6 work with my computers; however, WOL over IPv4 and WOL over raw ethernet work just fine. If you can't make WOL over IPv6 work on the same subnet, this is really an academic discussion. – Mike Pennington Apr 19 '14 at 19:47
  • I haven't actually had the pleasure yet. I'm in the process of an IPv4 WoL implementation on an all-IPv4 network to be used for windows updates, virus scans, etc. Next FY, we're going to start on an IPv6 migration, starting with our DMZ servers and moving back. – Avery Abbott Apr 19 '14 at 20:54
  • 1
    In case you're interested, I built a [python script (posted to github)](https://github.com/mpenning/wakeonlan) which sends IPv6 WOL packets... – Mike Pennington Apr 19 '14 at 22:34

3 Answers3

4

On any router or firewall where you can put in static ARP or ND entries you might try to bind an address to MAC ff:ff:ff:ff:ff:ff and then send the Wake-on-LAN packet to that address. If the router/firewall sends the packet onto the ethernet segment with destination ff:ff:ff:ff:ff:ff then you'll have a broadcast packet...

Sander Steffann
  • 6,670
  • 22
  • 33
  • 1
    So explicitly, you're saying remap a unicast IPv6 address to a broadcast mac-address for each subnet... right? Presumably you wouldn't actually use this unicast address anywhere. – Mike Pennington Apr 20 '14 at 10:06
  • Right. I have done this on my Juniper SSG5 firewall for IPv4. I never tried it for IPv6 but I see no reason why it wouldn't work. The address has to be unused for anything else. You can even make this work through IPv4 NAT by forwarding just one protocol or port to that 'special' internal address. With IPv6 you'll have plenty of addresses so finding an unused one shouldn't be difficult :) – Sander Steffann Apr 20 '14 at 10:12
  • This appears viable in IOS 12.4(21a), I see a broadcast mac entry in `sh ipv6 neighbors` when I configure `ipv6 neighbor 2001::1 FastEthernet0/0 ffff.ffff.ffff` in my lab; of course `Fa0/0` is configured in that ipv6 subnet as well. – Mike Pennington Apr 20 '14 at 10:17
  • Then you could presumably set up an ACL to limit access to this address and restrict who can send these broadcast messages. I'm marking this as the answer because this seems plausible. – Avery Abbott Apr 21 '14 at 01:18
1

There are no subnet directed broadcasts in IPv6 because there are no broadcasts in IPv6 at all.

One option is to send the packet directly to the IPv6 address of the host (which you of course will have to know in advance, just like the MAC address) and hope that the switch still remembers which port the host is connected to. This seems quite iffy to me and is probably not going to be reliable in all environments.

Long-term the workstations should probably be waking themselves up on a schedule, or not sleeping at all.

Michael Hampton
  • 478
  • 2
  • 11
  • Default timers for ARP cache timeout and MAC address table timeout are both 5 minutes; this won't help for a 3AM wake-up call and I'm not going to try to set them for several days long. In a network with ~1300 workstations spread over a MAN, configuring BIOS-level wake-up events is not a legitimate option, and with a "green" employer, neither is not sleeping. I know there are no IPv6 broadcasts, but there are "All Nodes" multicast messages (address ff02::1) and there are still ethernet broadcast frames (ffff.ffff.ffff). – Avery Abbott Apr 19 '14 at 17:07
  • Exactly. There are no good options that I have ever heard of. Let's also remember that WoL was designed for single LANs (hence the name); it was never really intended to cross subnets though people did figure out ways to do that anyway. – Michael Hampton Apr 19 '14 at 17:08
  • Not sure you need to worry too much about the switch remembering the port. Default behavior for most switches is to flood all ports if a MAC is not known. If you reboot a switch you'll get connectivity back before ARP caches timeout. Packets will flood until the target responds and the switch re-learns which port the MAC is on. Sending to the unicast IPv6 address should work. – Lee Ballard Aug 02 '15 at 02:24
0

WOL has nothing to do with any IP version. The magic packet is send to an Ethernet broadcast address which is the same for IPv4, IPv6 and other protocols.

  • 4
    Yes, but in IPv4 you could use directed broadcast to trigger that remotely. I have no idea how to do that in IPv6. Good question! – Sander Steffann Apr 19 '14 at 08:23
  • I will not post answers before the first coffee. ;-) I'll guess with a Linux based router you might be able to set something up using ip6tables. –  Apr 19 '14 at 09:20