RE: Quick 'n' Easy IPv6 for Debian

To: "'John Goerzen'" <jgoerzen@complete.org>, "'Trent Lloyd'" <lathiat@sixlabs.org>, <debian-ipv6@lists.debian.org>
Subject: RE: Quick 'n' Easy IPv6 for Debian
From: "Jeroen Massar" <jeroen@unfix.org>
Date: Tue, 20 Jan 2004 14:32:07 +0100
Message-id: <[🔎] 005501c3df59$cd280020$210d640a@unfix.org>
In-reply-to: <[🔎] 20040120010850.GB1307@sixlabs.org>

-----BEGIN PGP SIGNED MESSAGE-----

John Goerzen [mailto:jgoerzen@complete.org] wrote:

> On Tue, Jan 20, 2004 at 01:06:19AM +0100, Jeroen Massar wrote:
> > > iface sit1 inet6 v4tunnel
> > >         address 2002:a14:1e28::2
> > >         netmask 16
> > <SNIP>
> > > iface eth0 inet6 static
> > >         address 2002:a14:1e28::1
> > >         netmask 64
> > 
> > Thus you are using one /64 but are splitting it over 2 
> interfaces? :)
> 
> eth0 is for your internal network (if you have a router.)

I know what you mean, but in your example you are using the
same prefix for more than one link, which simply is not correct.

> > And you are also putting the complete 2002::/16 on the sitl interface.
> 
> I am not sure about the whole /16 thing.  A lot of the examples suggest
> using it, but frankly I am baffled as to why.  However, it seems to
> work.  Are you saying it should be a /48?

The reason it works is because 'more specifics' are put in your routing
table, thus you get, in order of match:

2002:a14:1e28::1/128 eth0
2002:a14:1e28::2/128 eth0
2002:a14:1e28::/64   eth0
2002::/16            sitl (traffic is send by the device to others)
::/0                 sitl gw anycast-6to4

I would suggest using a /48 on sitl as that endpoint terminates
your own 6to4 /48, this also avoids sending you /48's traffic onto
the internet, though that won't happen because 6to4 is kinda smart
fortunatly. One should be using a /64 though as that is the length
for links, see the piece below.

> If you could give a diff to the text, I'd be glad to apply 
> it; I'm still
> a newbie at this and wanted to help out other people in the same boat.

Btw in examples use 192.0.2.0/24 as that prefix is the IPv4 documentation prefix.

"Network plan"
Public Internet IPv4:  192.0.2.1/28
Private Internet IPv4: 192.0.2.250/28
sitl IPv6 prefix: 2002:c000:201::/64
eth0 IPv6 prefix: 2002:c000:201:1::/64

/etc/network/interfaces:
8<--------------------
iface sit1 inet6 v4tunnel
        address 2002:c000:201::1
        netmask 64
        endpoint any
        local 192.0.2.1
        up ip -6 route add 2000::/3 via ::192.88.99.1 dev sit1
        down ip -6 route flush dev sit1
        up /etc/network/ipv6rules.sh

iface eth0 inet6 static
        address 2002:c000:201:1::1
        netmask 64
- -------------------->8

/etc/radvd.conf:
8<--------------------
interface eth0
{
   AdvSendAdvert on;
   prefix 2002:c000:201:1::1/64
   {
   };
};
- -------------------->8

I removed the "AdvLinkMTU" from the command above as the interfaces
themselves will figure out that part. PathMTU discovery will take
care of the rest. If you really want to force it, set it to 1280 as
that is th MTU that tunnels use and will be the most common MTU
you will find at the moment.

Btw "performace" -> "performance" on the last line ;)
And indeed, 6to4 is great to get one going quickly, debugging
it is kind of a hell though as one simply can't know where packets
will travel to/from. Btw one can for instance see using the LG at
http://www.level3.com/LookingGlass/ where there are anycast instances.
Check the same from your home. I currently know of 3 of them:
Finland @ Song Networks
Finland @ FUnet
Switzerland @ Switch

See http://www.kfu.com/~nsayer/6to4/ for some non-anycast versions.

Trent Lloyd [mailto:lathiat@sixlabs.org] wrote:

> > Next to that if you want a reverse DNS delegation for 6to4
> > you have to contact hostmaster@ep.net, note that this is
> > for ip6.int, for ip6.arpa there are no reverses, yet and
> > probably never will be.
> 
> Cheers for that, thats one piece of information ive never been able to
> find, everyone tells me its VERY difficult/not possible/there is no
> official way.

It is not official, as ip6.arpa is the official reverse tree.
ep.net manages the ip6.int tree though and they can provide you
with a reverse delegation if and probably only if you are also
registered to be the owner of the IP (-block).

Christoph Moench-Tegeder [mailto:cmt@burggraben.net] wrote:

> > Next to that if you want a reverse DNS delegation for 6to4
> > you have to contact hostmaster@ep.net, note that this is
> > for ip6.int, for ip6.arpa there are no reverses, yet and
> > probably never will be.
> 
> This might be true for ep.net, but RIPE uses ip6.arpa and ip6.int:
> http://www.ripe.net/reverse/ipv6.html
> ftp://ftp.ripe.net/rfc/bcp/bcp49.txt

You misunderstood me, for RIR (thus ARIN/RIPE/LACNIC/APNIC) prefixes
there is indeed both ip6.int and ip6.arpa available. But for 6to4
one can only get a ip6.int delegation, no ip6.arpa. The same as
with the 6bone prefixes btw, but that is a political issue which
is the reason why nobody is even trying to bother in setting up
a ip6.arpa tree for 6to4. If one wants reverse support they should
simply be getting themselves a real RIR allocation.

Greets,
 Jeroen

-----BEGIN PGP SIGNATURE-----
Version: Unfix PGP for Outlook Alpha 13 Int.
Comment: Jeroen Massar / http://unfix.org/~jeroen

iQA/AwUBQA0t1ymqKFIzPnwjEQJN1gCfUIXCxsRQRG4g1HSuEoyg13ei0pUAn2W5
ylSNwDr40dy9d5j6gq3T9he+
=BCPh
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: Quick 'n' Easy IPv6 for Debian
  - From: John Goerzen <jgoerzen@complete.org>
- More Quick 'n' Easy IPv6 for Debian, Wireless
  - From: Marc Singer <elf@buici.com>
- Re: Quick 'n' Easy IPv6 for Debian
  - From: Christoph Moench-Tegeder <cmt@burggraben.net>

References:
- Re: Quick 'n' Easy IPv6 for Debian
  - From: Trent Lloyd <lathiat@sixlabs.org>

Prev by Date: Re: Quick 'n' Easy IPv6 for Debian
Next by Date: Re: Quick 'n' Easy IPv6 for Debian
Previous by thread: Re: Quick 'n' Easy IPv6 for Debian
Next by thread: Re: Quick 'n' Easy IPv6 for Debian
Index(es):
- Date
- Thread