Re: More Quick 'n' Easy IPv6 for Debian, Wireless

To: Jeroen Massar <jeroen@unfix.org>
Cc: 'John Goerzen' <jgoerzen@complete.org>, debian-ipv6@lists.debian.org
Subject: Re: More Quick 'n' Easy IPv6 for Debian, Wireless
From: Marc Singer <elf@buici.com>
Date: Tue, 20 Jan 2004 12:09:46 -0800
Message-id: <[🔎] 20040120200946.GB22471@buici.com>
In-reply-to: <[🔎] 00d501c3df8e$1ca96740$210d640a@unfix.org>
References: <[🔎] 20040120192318.GA10822@complete.org> <[🔎] 00d501c3df8e$1ca96740$210d640a@unfix.org>

On Tue, Jan 20, 2004 at 08:46:33PM +0100, Jeroen Massar wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> John Goerzen [mailto:jgoerzen@complete.org] wrote:
> 
> > On Tue, Jan 20, 2004 at 10:46:52AM -0800, Marc Singer wrote:
> > > What I'm not finding is how to get this working where there are hosts
> > > behind NAT'ing routers.  In this case, a wireless AP that provides
> > > limited configurability and no ipv6 support.  Using the already
> > 
> > If you can configure it to let protocol 41 (ipv6) through, you may be
> > able to make things work.  (I have been able to do that going 
> > through a Shorewall IPV4-only NAT box.)
> 
> Setting up a box to have one internal IP as the "DMZ" helps too.
> Most of the boxes allow it, but some do not.

It has that, but then it means that I can have only one wireless
device connected to the 6bone.

> > However, you may not be able to do that on your AP.  You may 
> > need a more powerful router.
> 
> Please don't call these things routers ;)

Chuckle.  This thing is really hokey.  I've ordered another one that
promises to have more routing capabilities.

> > Well, that depends on what you're trying to do.  If you're trying to
> > join the global IPv6 network, that won't help.  However, AFAIK, you'll
> > run into the same issues with IPSec.
> 
> Why not? Routing IPv6 over a tunnel... is routing IPv6 over a tunnel,
> doesn't matter if it goes over IPSec or whatever ;)
> Using tinc for tunneling IPv6 into networks that are even firewalled
> away is even a well used method for this.

So, it works because the 6to4 addresses really route at the /48 level
and I can allocate heaps of /64's knowing that all of them will make
their way back to my router.

Now, let me see if this makes sense.  My plan has been to construct a
short 6to4 tunnel over IPSECv4 between the wireless node and my ipv6
router.  ipv6 packets will make a short hop over the wireless link
before heading out to the net through the router's 6to4 tunnel.  Given
that there is an IPSECv4 tunnel from the wireless node to the router,
I could setup a 6to4 tunnel on the wireless host that points to
::192.88.99.1, but there isn't really a benefit here.  Routing ought
to work, but it means setting up another another tunnel just to save a
couple of packet processing steps in the router.

Cheers.

Reply to:

Follow-Ups:
- RE: More Quick 'n' Easy IPv6 for Debian, Wireless
  - From: "Jeroen Massar" <jeroen@unfix.org>

References:
- Re: More Quick 'n' Easy IPv6 for Debian, Wireless
  - From: John Goerzen <jgoerzen@complete.org>
- RE: More Quick 'n' Easy IPv6 for Debian, Wireless
  - From: "Jeroen Massar" <jeroen@unfix.org>

Prev by Date: Re: More Quick 'n' Easy IPv6 for Debian, Wireless
Next by Date: Re: Quick 'n' Easy IPv6 for Debian
Previous by thread: RE: More Quick 'n' Easy IPv6 for Debian, Wireless
Next by thread: RE: More Quick 'n' Easy IPv6 for Debian, Wireless
Index(es):
- Date
- Thread