For the purpose of experimenting and learning I want to construct what might as well just be an impossible configuration. However, I've been browsing these forums for the past 2 days and found lots of "Almost just like that..."-topics. The most recent topic I tried to struggle through was this one:http://www.tunnelbroker.net/forums/index.php?topic=873.45
At some page, a whole bunch of netsh lines are given, supposedly to configure a Tunnelserver in a LAN-routed enviroment. Well, I tried just too much, and I've just reset to previous snapshots enough till I get a really clear sollution specifically taylored to my situation. I've been at it for hours and days, but I'm probably missing something. At one point I got my tunnel presenting routable adresses to the VM's but I have not been able to reproduce the Netsh-mess I made in that case.
Let me explain:
- I'm behind a NAT/Internet Gateway Device (popurlarly refferred to as a router, but it's one of those consumer all-in-one devices el-cheapo)
- My LAN uses 192.168.1.0/24 with 1Gbit local network, routed and switched.
- All clients use DHCP *.100 to *.200
- My workstation has a fixed/static IPv4-adres assigned to the VMWare Bridge adapter: 192.168.1.11
- I have setup a small domain environment in VMWare Workstation 8, on a rather powerfull workstation.
- In VMWare I have a Team with 2x Windows 2008 R2 64bit servers and 2x Windows 7 Enterprise 64bit clients (maybe I put some more in when this works in basic)
The VMWare Team has it's own LAN-segment in VMWare. 3 VM's are only connected to this seperate virtual LAN and outside connectivity is made possible by RRAS.
I believe one would call my setup a NAT-in-NAT-configuration.
Server 1> \\H1T-DC1 has 2 virtual NICs : ETH0:192.168.1.11->RAS-Server->ETH1:10.10.0.1 /16 (I have big plans as you can see
-jk: just wanted to use this range so I could experiment with even more complex setups)
The 4 VM's are in a AD domain called H1T.local. so the participants are:
H1T-DC1 (2008 R2 w/ RRAS)
H1T-DC2 (2008 R2)
H1T-CL1 (Win 7)
H1T-CL2 (Win 7)
(adding more clients later)
Which al receive DHCP-adresses from a scope: from 10.10.0.10 to 10.10.0.210
Now you have a fair impression of what my setup looks like. This I tried and I can reproduce to work:
- I can setup any linux box with radvd in notime and have fully functional /64's from my routed /48; However, this is NOT what I intend to repeat.
I need to obtain my MCITP Enterprise Admin certifications in the next couple of months so "I have to think Microsoft" so to speak.
- I can get my tunnel setup at any client in my routed LAN at any one host. However: I wish to deploy /64 subnets and hosts from my /48.
- I know the basics of configuring services like ADDS, RRAS, DNS and DHCP with Windows 2008, this excercise should provide me with more in-depth understanding/hands on experience.
My IPv6 Tunnel: 2001:470:1f14:1dd6::1
My IPv6 Endpoint: 2001:470:1f14:1dd6::2
My routed /64: 2001:470:1f15:1dd6::
My routed /48: 2001:470:787c::
3 /64's I will be using as needed:
For starters I want my H1T-DC1 to be equipped with the tunnel and the other 3 hosts in one routed /64 from my routed /48. I would like a real routed environment, so the clients behind my Tunnel can get DNS-configured at some point in time.Later on I wish to experiment with DirectAccess and remote clients, so I would probably need to be able to deploy more /64's to provide IPv6-connectivity to the DirectAccess-clients. But this is a whole other experiment, I will try to setup later.
Please help me with a step by step instruction on how to proceed as for configuring the routed IPv6 addresses in such a manner that hosts on my side of the tunnel appear with fully routable addresses. I want to keep the IPv6 part of my network in VMWare for now, but if for some reason it's better to setup my host computer with the tunnel, I'm prepared to do so. I like the idea of keeping every host with IPv6-connectivity within my artificial environment for now, security wise.