Penguin

Configuring the metanet with ipv6.

After much discussion and debate we have decided that giving the MetaNet IPv6 addresses isn't such a trivial task. Basically the only types of addresses that work with the structure of MetaNet are Global Unicast Addresses (defined in RFC:2373 and RFC:2374) ie. (Real-World) IP addresses. The RFC:1918 equivalent IPv6 addreses are designed for "site" use only and previous experience (OSPF) has taught us that treating the MetaNet as a single site does not work very well. The problem now becomes how to obtain Global Unicast Addresses that we can use on MetaNet. For now the solution that we have come up with is that each MetaNet user who wants to participate in MetaNetIPv6 testing needs to obtain for themselves a /48 allocation from www.freenet6.net. This will then be routed using bgp+ over the MetaNet.

Most members of the MetaNet run DebianLinux or RedHat Linux. If you run something else, the commands might be a little different, but the feeling will be the same. Feel free to update the page.

Requirements

  • IPv6 Capable Linux Box see IPv6Setup
  • Working Knowledge of IPv6

Getting Yourself a 6bone /48 from Freenet6

Visit http://www.freenet6.net/4105/register.asp and create an account for yourself. It is recommended that you use your metanet site name as your userid for freenet6 as they use it to setup your AAAA record.

Installing the Freenet6 client

Debian

apt-get install freenet6 /etc/init.d/freenet6 stop

Red Hat

Download and install a suitable RPM from http://www.freenet6.net/4105/download.shtml.

Configuring the Freenet6 client.

Check your inbox. Hopefuly you have received an email containing your Freenet6 username and password. Remeber them, you'll need them in a second.
Edit the file /etc/freenet6/tspc.conf (Debian), /usr/local/tsp/bin/tspc.conf (Red Hat) so that it looks the this example tspc.conf Substitute your username and password from above in the appropriate places and fill in the correct value for the if_prefix line (i'll use eth0 for the rest of the documentation, but you probably want to choose something more sensible).
Save the file and exit.

Starting your tunnel

If you do not have IPv6 compiled into your kernel, you probably want to

modprobe ipv6

before

Debian

/etc/init.d/freenet6 start

Red Hat

/etc/init.d/freenet start

You should see something similar to the following

victor:/etc/freenet6# /etc/init.d/freenet6 start Setting up freenet6 IPv6 tunnel (wan1): 3ffe:b80:3:935d::2/128

The IP address shown is your tunnel endpoint. Check eth0 and you should see something similar to this

victor:/etc/freenet6# ifconfig eth0 eth0 Link encap:Ethernet HWaddr 00:05:1C:10:41:C8

inet addr:10.1.12.254 Bcast:10.1.12.255 Mask:255.255.255.0 inet6 addr: fe80::205:1cff:fe10:41c8/10 Scope:Link inet6 addr: 3ffe:b80:1f16:1::1/64 Scope:Global

First are your standard IPv4 address(es) followed by your IPv6 addresses. Ignore the first address (it is a special link-local address used for configuration) the second address is what we are concerned with. It has global scope and is routable from anywhere on the 6bone! This address has been allocated from your /48 and you can see that the freenet scripts have been clever and have placed your internal network on a further subnet inside this to give an IP address with a /64 netmask. So for example the /48 shown in the example is 3ffe:b80:1f16 and the subnet is 1.

Configure 6to4 addressing (optional)

See 6to4

Check your connectivity

ping6 2001:458:20:100::1 traceroute6 2001:458:20:100::1

Note - Debian packages ping6/traceroute6 as iputils-ping and iputils-tracepath.

Configuring zebra for your local network

Now you need to give your internal machines IPv6 addresses. This can be easily accomplised using zebra add the lines to your zebra.conf

interface eth0

ipv6 nd send-ra ipv6 nd prefix-advertisement your allocation from above

So for my eth0 shown above my zebra.conf has

interface eth0

ipv6 nd send-ra ipv6 nd prefix-advertisement 3ffe:b80:1f16:0001::/64

This will cause zebra to do router announcements on eth0 for your internal ranges. Any machine on that network will hear the router announcements and will automatically assign itself an IP address out of that range.

Make sure your client machines have ipv6 enabled see IPv6Setup for more information on this.

NOTE that you probably don't want to use Zebra. Use radvd instead, zebra is rather broken. See the notes in 6to4 for setting up radvd.

Some things to consider

  • The IP addresses that you now have on your gateway and client machines ARE world-routable. You may want to firewall them. See IP6Tables.
  • The IP address of your wan1 interface is not in your /48 it is your tunnel endpoint
  • You will have very high latency (600ms) talking to any real-world or 6bone hosts as your packets traverse the tunnel.

Configure zebra to do ipv6 peering over the metanet

  • First, upgrade Etud, the old version has a bug where you can't assign IPv6 addresses to the wan0 interface. Oops.1?
  • IPv6 peering is configurable via the metanet maintenance pages. I assume you're already peering IPv4, so go to www.tla/maint/ and look at the

IPv6 equivalents of 'IP Allocations' and 'Router Maintenance'

You will need in your bgpd.conf
neighbor 3ffe:b80:1f6b:cafe::fd84 remote-as 64900 # Hydrogen

address-family ipv6 network your-ipv6-network-here neighbor 3ffe:b80:1f6b:cafe::fd84 activate exit-address-family

Congratulate yourself and randomly ping people on the metanet.

1?: Etud was echoing packets that the kernel sent back to itself. This had the problem that the kernel would say "Is anyone using this address" and then would hear that yes, someone is using it (itself!) so it would stop using it. Doh.

Configure DNS


CategoryNetworking