For administrators who manage devices running ChromeOS on an IPv6 network.
If you connect Chrome devices to a network that uses IPv6, you should complete a few steps to ensure full compatibility.
Step 1: Configure your network to use SLAAC
Configure your network to use the stateless address autoconfiguration (SLAAC) protocol instead of the Dynamic Host Configuration Protocol version 6 (DHCPv6).
IPv4 and IPv6 protocols manage IP addresses differently. Devices running Chrome OS, such as Chromebooks, take full advantage of the IPv6 feature that allows hosts to allocate multiple IP addresses. Chrome devices use multiple IPv6 addresses, so that each embedded container (Android) and VM (Linux) has its own publicly routable IPv6 address. Most DHCPv6 implementations don’t support multiple IPv6 addresses per host. Therefore, DHCPv6 cannot be used with Chrome devices. You must use SLAAC instead.
Chrome OS uses the SLAAC protocol to allocate IPv6 addresses on wireless and wired networks. IPv6 lets the host allocate multiple publicly routable IPv6 addresses. Chrome OS uses this feature for:
- Containers—Android and Linux support have their own dedicated public IPv6 addresses. They do not use network address translation. IPv6 is intended to provide end-to-end connectivity between hosts.
- Privacy—Android and Chrome OS use RFC 4941 privacy addresses so that websites cannot track Chrome devices outside the user's control by remembering their IPv6 addresses.
- Legacy support—Android needs to allocate extra IPv6 addresses to implement 464XLAT, a feature that helps legacy apps and services run on IPv6-only networks.
You should not rely exclusively on DHCPv6 for IPv6 address assignment for any devices. For more details, see Host Address Availability Recommendations.
Step 2: Configure DNS to use RDNSS
Configure your IPv6 router to use Recursive DNS Server (RDNSS). If your network also uses IPv4, you can use DHCPv4 in addition to RDNSS.
Chrome OS supports 2 ways to configure Domain Name System (DNS) resolution on IPv6 networks:
- Recursive DNS Server (RDNSS) options
- Dynamic Host Configuration Protocol v4 (DHCPv4)
We recommend that you configure your DNS through RDNSS. When you use RDNSS, the DNS server list is included inside the IPv6 router advertisement packets. When you change DNS settings in your IPv6 router, those changes immediately propagate to your Chrome devices.
Note: RDNSS is a newer protocol, so it might not be fully supported in some legacy environments.
If your network uses both IPv4 and IPv6, your Chrome devices first try to use RDNSS. If a Chrome device doesn’t detect RDNSS information inside your IPv6 router advertisement messages, it makes a DHCPv4 request to try to obtain your network's DNS configuration.
Step 3: Assign a unique prefix for every VPN host
If you use VPN, configure your VPN client software to allocate a dedicated /64 prefix for each client connection.
Assigning a unique prefix for every host is useful in some cases. Network administrators can have additional control over IPv6 address allocation, for example, to make it easier to track a Chrome device's access to online resources. Chrome devices immediately support the RFC 8273 standard, which allocates a dedicated /64 prefix for every host on the network. You don’t need to perform additional configuration on the Chrome device.
On VPN gateways that support IPv6, you should allocate a dedicated /64 prefix for each client connection, to support Google Play and Linux on Chrome OS. Larger prefixes, such as /60 or /56, are also supported. If the VPN gateway only offers a single /128 address to a Chrome device client, IPv6 connectivity might be limited or unavailable.