Differences between version 59 and predecessor to the previous major change of 6to4.
Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History
| Newer page: | version 59 | Last edited on Saturday, April 5, 2008 4:58:29 pm | by JohnMcPherson | Revert |
| Older page: | version 57 | Last edited on Wednesday, March 7, 2007 12:42:49 am | by NickClifford | Revert |
@@ -1,6 +1,6 @@
!!!What is 6to4
-6to4 addressing is a type of ipv6
address created by your IPv4 address. It allows you to set up tunnels over the [IPv4] Internet automatically.
+6to4 addressing is a type of [IPv6]
address created by your IPv4 address. It allows you to set up tunnels over the [IPv4] Internet automatically.
The range for this is 2002:<first two bytes of an ipv4 address>:<second two bytes of an ipv4 address>::/16.
This gives you a /48 to play around with, great if you have to put up with [NAT], now all the boxes behind your firewall will have realworld [IPv6] addresses at no extra cost!
@@ -27,9 +27,9 @@
To figure out your 6to4 address based on your IPv4 address:
<pre>
printf "2002:%02x%02x:%02x%02x::1\n" `echo $IPV4ADDR | tr . ' '`
</pre>
-Where $IPV4ADDR is your IPv4 address. Eg, if your IPv4 address is 192..2.3
, then:
+Where $IPV4ADDR is your IPv4 address. Eg, if your IPv4 address is 192..2.23
, then:
<pre>
printf "2002:%02x%02x:%02x%02x::1\n" `echo 192.0.2.23 | tr . ' '`
2002:c000:0217::1
</pre>
@@ -50,9 +50,9 @@
ip -6 addr add __''your-6to4-address''__/16 dev tun6to4
</pre>
So for our example IP above:
<pre>
- ip tunnel add tun6to4 mode sit remote any local 192..2.3
+ ip tunnel add tun6to4 mode sit remote any local 192..2.23
ip link set dev tun6to4 mtu 1472 up
ip -6 addr add 2002:c000:0217::1/16 dev tun6to4
</pre>
If you don't have the 6bone configured, run the following two commands:
@@ -139,29 +139,27 @@
!!Testing
Use the __ping6__ program. (On Debian, you need to install the iputils-ping package to get the ipv6 version of ping).
-If this webserver (Hoiho)
has its
6to4 set up correctly
, you should be able to do:
+The WLUG server
has 6to4 set up, so
you should be able to do:
<pre>
- $ ping6 2002:cb61
:a32
::1
- PING 2002:cb61
:a32
::1(2002:cb61
:a32
::1) from ::1 :
56 data bytes
- 64 bytes from 2002:cb61
:a32
::1: icmp_seq=1 ttl=64
time=.203 ms
- 64 bytes from 2002:cb61
:a32
::1: icmp_seq=2 ttl=64
time=.077 ms
- 64 bytes from 2002:cb61
:a32
::1: icmp_seq=3 ttl=64
time=.080 ms
+ $ ping6 2002:3cea
:4272
::1
+ PING 2002:3cea
:4272
::1(2002:3cea
:4272
::1) 56 data bytes
+ 64 bytes from 2002:3cea
:4272
::1: icmp_seq=1 ttl=53
time=.203 ms
+ 64 bytes from 2002:3cea
:4272
::1: icmp_seq=2 ttl=53
time=.077 ms
+ 64 bytes from 2002:3cea
:4272
::1: icmp_seq=3 ttl=53
time=.080 ms
</pre>
!!Using 6to4 addresses on your internal network
First you need to configure radvd. Zebra is not recommended as it cannot handle dynamic 6to4 address advertising (as radvd can) and also has a bug where it will write out a configuration to it's file that is invalid and then die when it tries to reload it again.
Your config file should look something like:
-
<pre>
-
interface eth0
{
- !
AdvSendAdvert on;
+ ~
AdvSendAdvert on;
prefix fec0::/64
{
};
@@ -177,13 +175,13 @@
{
Base6to4Interface lo:1;
};
};
-
</pre>
+
You can omit any of the prefix stanza's you don't like.
-In the config above the timers have been turned down in anticipation that you are advertising a 6to4 address generated from a dynamic IP on ppp0. Note that if you do this you __must__ turn down the retransmit time on the unsolicited announcements. In particular ensure that ''!
MaxRtrAdvInterval'' and ''!
AdvPreferredLifetime'' are less than ''!
AdvValidLifetime''. If you don't understand why this is important then you can just go with what is shown above.
+In the config above the timers have been turned down in anticipation that you are advertising a 6to4 address generated from a dynamic IP on ppp0. Note that if you do this you __must__ turn down the retransmit time on the unsolicited announcements. In particular ensure that ''~
MaxRtrAdvInterval'' and ''~
AdvPreferredLifetime'' are less than ''~
AdvValidLifetime''. If you don't understand why this is important then you can just go with what is shown above.
You also need at least one SIT tunnel with a "remote any local any". It doesn't need an ipv6 (or ipv4) address associated with it. This is used for transpanret deencapsulation of IPv6 packets that are forwarded to your internal network.
If you've done all this, it should just work. In practise, it requires some tinkering.
