Hello,
I just want to show how to set up a HE IPv6-tunnel when using dial-up internet with pppd and dynamic IPv4 tunnel endpoints.
I am using Ubuntu karmic koala / 9.10, but this should also apply to newer versions and also to debian versions.
First sign up, get a tunnel and assign a routed /48.
Create a file
/etc/ppp/ip-up.d/he-ipv6-tunnel, chmod a+x, and edit the file:
#!/bin/sh
# This sets up the tunnel...
# ---------- change the IPv4 tunnel endpoint ----------
USERID="d6d7b958e23c8cd8b8046bd5af2f9999" # your UserID (not your account name!)
MD5PASS="be46c9000959f8aaf05b655491eea37b" # your password as MD5, create with: echo -n 'yourpassword' | md5sum
GTUNID="99999" # your global tunnel ID
/usr/bin/wget --no-check-certificate -q -O - https://ipv4.tunnelbroker.net/ipv4_end.php\?ipv4b=$IPLOCAL\&pass=$MD5PASS\&user_id=$USERID\&tunnel_id=$GTUNID
# for debugging purposes, you may add: >> /tmp/debug-he-ipv6-tunnel
# if no debugging is needed, you may change '-O -' to '-O /dev/null'
# --------- enable Tunnel ---------
SERVER_IPv4_ENDPOINT=216.66.80.30 # fill in the server IPv4 endpoint
CLIENT_IPv6_ENDPOINT=2001:470:xxxx:xxxx::2/64 # fill in your client IPv6 endpoint
#modprobe ipv6 # usually not needed any more, today
ip tunnel add he-ipv6 mode sit remote $SERVER_IPv4_ENDPOINT local $IPLOCAL ttl 255
ip link set he-ipv6 up
ip addr add $CLIENT_IPv6_ENDPOINT dev he-ipv6
ip route add ::/0 dev he-ipv6
ip -f inet6 addr
# If you assigned a /48 net, please edit /etc/network interfaces for assigning adresses
Create a file
/etc/ppp/ip-down.d/he-ipv6-tunnel, chmod a+x, and edit the file:
#!/bin/sh
# This destroys the tunnel after the IPv4 link has gone down...
# (This is really needed in order to)
ip route del ::/0 dev he-ipv6
ip tunnel del he-ipv6
Now edit
/etc/network/interfaces and add IPv6 adresses out ouf your /48 to your network devices:
# this is for IPv4:
auto eth0
#iface eth0 inet dhcp # I don't use DHCP for my LAN
iface eth0 inet static
address 192.168.178.10
netmask 255.255.255.0
broadcast 192.168.178.255
# and this is new for IPv6:
iface eth0 inet6 static
address 2001:470:xxxx::1
mask 64
And finally install radvd (apt-get install radvd) and edit /etc/radvd.conf:
interface eth0
{
AdvSendAdvert on;
# IgnoreIfMissing on;
# These settings cause advertisements to be sent every 3-10 seconds. This
# range is good for 6to4 with a dynamic IPv4 address, but can be greatly
# increased when not using 6to4 prefixes.
#
#MinRtrAdvInterval 3;
#MaxRtrAdvInterval 10;
MinRtrAdvInterval 3;
MaxRtrAdvInterval 60;
AdvDefaultPreference low;
# Disable Mobile IPv6 support
AdvHomeAgentFlag off;
# Advertise a /64 out of your /48
prefix 2001:470:xxxx::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr off;
};
};
And now restart radvd (/etc/init.d/radvd restart) and restart your ppp link (kill -HUP `pidof pppd`).
Restart your client machines IPv6 (or reboot them), they should get an IPv6 adress out the /64 that is advertised by radvd.
You can check with ifconfig (or ipconfig on Windows XP).
Now test this: ping6 ipv6.google.com
That's it!
And remember that the IPv4 firewall on your router does not do IPv6 firewalling!
I am using Shorewall (IPv4) and Shorewall6 (IPv6) for this.
Maybe I could show how to set up Shorewall6 another day (if there is demand).
Many regards,
and many thanks to Hurricane Electric for providing the tunnelbroker service!
claas
