Re: Experience setting up IPv6 via 6to4 for Debian networks

To: Rob Leslie <rob@mars.org>
Cc: debian-ipv6@lists.debian.org
Subject: Re: Experience setting up IPv6 via 6to4 for Debian networks
From: Fabio Massimo Di Nitto <fabbione@fabbione.net>
Date: Thu, 10 Apr 2003 10:16:11 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.4.53.0304100957370.13198@trider-g7.ext.fabbione.net>
In-reply-to: <[🔎] 8B83FE17-6B21-11D7-B472-000393817488@mars.org>
References: <[🔎] 8B83FE17-6B21-11D7-B472-000393817488@mars.org>

Hi Rob,
	nice work. I am actually preparing a package that will handle 6to4
but it will not be ready in a very short time (i have to fix a few bugs in
pkg real-life first).

Just a few notes.

The setup you describe here works only if you have a static ip. With ppp
connections can be a problem since you have to rebuild the setup each
time, and for this reason we are using a different approach other than
using /etc/network/interfaces.

There has been a discussion a short time ago that site-local ipv6
addresses will be deprecated (but sorry I can't remember the references)

For the local interfaces you can use:

iface eth0 inet6 static
	address
	netmask
	gateway

man 5 interfaces

Regards
Fabio


On Wed, 9 Apr 2003, Rob Leslie wrote:

> Hi all,
>
> I recently managed to get IPv6 and global addressing via 6to4 working
> nicely on all my Debian machines and networks. I thought I'd share how
> I did it because it's a little different from existing documentation,
> though pretty simple and the practical advice may help others who are
> still struggling. I also welcome feedback in case I have overlooked
> anything.
>
> First of all to get IPv6 support ready in the kernel, I simply added
> the line 'ipv6' to each machine's /etc/modules. I'm using the various
> kernel-image-2.4* packages.
>
> Next, I designated one host having a global IPv4 address on each of my
> IPv4-separated networks to be a 6to4 gateway. For each 6to4 gateway, I
> computed a 6to4 address based on the host's global IPv4 address using
> the instructions found here:
>
>      http://people.debian.org/~csmall/ipv6/setup624.html
>
> For example, the 6to4 address for 209.126.142.251 became
> 2002:d17e:8efb::1. For convenience I will refer to these below as
> $ADDR_IPV4 and $ADDR_6TO4 respectively.
>
> Then, for each 6to4 gateway I configured the tunnel interface using the
> /etc/network/interfaces mechanism by adding the following stanza:
>
>      # IPv6 6to4 tunnel interface
>      auto stf
>      iface stf inet6 v4tunnel
>              address $ADDR_6TO4
>              netmask 16
>              endpoint any local $ADDR_IPV4 ttl 64
>              up ip -6 route add 2000::/3 via ::192.88.99.1 dev stf
> metric 1
>              down ip -6 route flush dev stf
>
> (The $ADDR_6TO4 and $ADDR_IPV4 should be replaced with their respective
> literal addresses.) N.B. the 'iproute' package is required for the 'ip'
> command.
>
> There are a couple of interesting things to note about this. The
> 'endpoint' line is a bit of a hack to add some additional necessary
> options to the 'ip tunnel' command run by 'ifup'. The other thing to
> note is the default route destination: 192.88.99.1 is the official 6to4
> Relay anycast address sanctioned by RFC 3068 to reach the nearest 6to4
> Relay Router.
>
> After bringing the tunnel interface up ('ifup stf' or reboot) this is
> sufficient for global IPv6 connectivity on each 6to4 gateway.
>
> Next, to establish IPv6 connectivity on the internal networks behind
> each gateway, I installed the 'radvd' package on the 6to4
> gateway/router machines. I assigned a global network prefix to each
> network based on the gateway's 6to4 address. For example, I assigned
> 2002:d17e:8efb:1::/64 to the network behind 2002:d17e:8efb::1. I also
> assigned a unique site-local network prefix to each network, for
> example fec0:0:0:1::/64. In the following example I refer to these as
> $GLOBAL_PREFIX and $SITE_PREFIX respectively. (The use of a
> $SITE_PREFIX is optional.)
>
> In the following example $INTERNAL_IFACE is the name of the internal
> network interface (e.g. eth1). I configured 'radvd' on each 6to4
> gateway/router machine in /etc/radvd.conf as follows:
>
>      interface $INTERNAL_IFACE
>      {
>          AdvSendAdvert on;
>
>          prefix $SITE_PREFIX
>          {
>          };
>
>          prefix $GLOBAL_PREFIX
>          {
>          };
>      };
>
> I didn't find it necessary to add any other options; the defaults work.
>
> After 'radvd' is reloaded with this configuration, the internal
> IPv6-enabled machines behind the gateway automatically receive their
> global and site-local IPv6 addresses.
>
> Unfortunately 'radvd' doesn't seem to advertise to itself; each host
> running 'radvd' doesn't automatically obtain global/site-local IPv6
> addresses for its own internal interface. To fix this, I added some
> additional lines to /etc/network/interfaces for the internal interface
> stanza on each router/gateway:
>
>      # iface $INTERNAL_IFACE inet static
>              # address 10.0.0.1
>              # ... etc. IPv4 configuration
>              up ip -6 addr add $SITE_PREFIX::1/64 dev $INTERNAL_IFACE
>              up ip -6 addr add $GLOBAL_PREFIX::1/64 dev $INTERNAL_IFACE
>              down ip -6 addr del $GLOBAL_PREFIX::1/64 dev $INTERNAL_IFACE
>              down ip -6 addr del $SITE_PREFIX::1/64 dev $INTERNAL_IFACE
>
> For example in one of my cases I've assigned fec0:0:0:1::1 as the
> site-local address and 2002:d17e:8efb:1::1 as the global address for
> the internal interface. (N.B. I've twisted my $*_PREFIX notation here a
> little to add the host identifier while keeping the net mask.)
>
> This is also somewhat of a hack because I'm not aware of a way to
> configure an interface simultaneously as 'inet' and 'inet6' using this
> file's syntax. If your internal network is 100% IPv6, you can probably
> just use an 'inet6' stanza for the internal interface.
>
> To make site-local addresses work across network boundaries, it's
> necessary to add some static routes. (If you aren't bothering with
> site-local addresses, you can ignore this part.) I did this by adding
> more statements to the 6to4 tunnel interface stanza of
> /etc/network/interfaces:
>
>              up ip -6 route add $SITE_PREFIX via ::$ADDR_IPV4
>              down ip -6 route del $SITE_PREFIX via ::$ADDR_IPV4
>
> These should complement the prefix for the network connected to the
> router. For example, the router with site-local address fec0:0:0:1::1
> adds routes to reach fec0:0:0:2::/64 (via fec0:0:0:2::1's IPv4-mapped
> address), and vice versa.
>
> That's it! All machines now have full, global and site-local IPv6
> connectivity.
>
> Summary:
>
>    All machines:
>        Debian packages
>            kernel-image-2.4*
>            iproute
>        Configuration
>            Add 'ipv6' to /etc/modules
>
>    6to4 gateway machines (machines with global IPv4 addresses):
>        Configuration
>            Add 6to4 tunnel stanza to /etc/network/interfaces
>
>    Router machines (6to4 gateways for internal networks):
>        Debian packages
>            radvd
>        Configuration
>            Configure /etc/radvd.conf with IPv6 network prefixes
>            Configure /etc/network/interfaces with internal IPv6 addresses
>            Add static routes for site-local networks to
> /etc/network/interfaces
>
> Cheers,
>
>

-- 
Our mission: make IPv6 the default IP protocol
"We are on a mission from God" - Elwood Blues

http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp00004.html

Reply to:

Follow-Ups:
- Re: Experience setting up IPv6 via 6to4 for Debian networks
  - From: "Jeremy T. Bouse" <jbouse@debian.org>
- Re: Experience setting up IPv6 via 6to4 for Debian networks
  - From: Noah Meyerhans <noahm@debian.org>

References:
- Experience setting up IPv6 via 6to4 for Debian networks
  - From: Rob Leslie <rob@mars.org>

Prev by Date: Experience setting up IPv6 via 6to4 for Debian networks
Next by Date: proftpd
Previous by thread: Experience setting up IPv6 via 6to4 for Debian networks
Next by thread: Re: Experience setting up IPv6 via 6to4 for Debian networks
Index(es):
- Date
- Thread