1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
|
v1.5 1st Sep 2003, Pekka Savola <pekkas@netcore.fi>
HOW TO SET UP IPV6 WITH 6TO4
----------------------------
6TO4 IN SHORT
-------------
6to4 is a method of creating automatic IPv6 tunnels. You can connect to
IPv6 Internet very easily without a need for a manually configured tunnel.
For every globally unique IPv4 address, there exists a mapping for a
subnettable /48 network (2^16 for subnetting, 2^64 bits for hosts).
Return route can sometimes be non-optimal, leading to higher round-trip times.
See below for references and more information.
ASSUMPTIONS
-----------
1. You're running Red Hat Linux 7.1 or later.
This is required for correct IPv6 by default settings, and IPv6 being
enabled as a kernel module by default.
2. Your initscripts >= 6.02, for 6to4 support.
3. You have a static, globally unique IPv4 address. This is not an absolute
requirement, but the only scenario discussed here.
4. Protocol 41 (IPv6-in-IPv4) is not being filtered in any IPv4 firewall.
5. 'iproute' package is installed. This is used by default for a lot
more powerful tunneling capabilities.
Note: even though 6to4 was supported with earlier releases of Red Hat Linux,
below it is assumed that the initscripts package version this
document comes with is used.
INFORMATION NEEDED
------------------
Nothing :-).
If you want to select a specific relay (rather than automatically
selecting the closest one), you can define it with IPV6TO4_RELAY
using the list below:
http://www.kfu.com/~nsayer/6to4/
SETTING UP THE 6TO4 CONFIGURATION
---------------------------------
Now, set up the configuration as follows:
1. Enable IPv6 and set 6to4 pseudo-interface as default gateway in
/etc/sysconfig/network:
echo "IPV6_DEFAULTDEV=tun6to4">> /etc/sysconfig/network
2. Edit your outbound (Internet) interface configuration. This can be
e.g. ippp0, ppp0, eth0, or the like. Here, eth1 is used.
/etc/sysconfig/network-scripts/ifcfg-eth0:
---
DEVICE=eth0
BOOTPROTO=static
ONBOOT=yes
IPADDR=xx.yy.zz.ww [Globally unique IPv4 address]
NETMASK=aa.bb.cc.dd [IPv4 settings up to this point]
IPV6INIT=yes
IPV6TO4INIT=yes
---
Note: [i]ppp - interfaces need to be called in /etc/ppp/ip-up|down.local;
if you are not using local files by yourself, this can easily be done with:
cd /etc/ppp
ln -s ip-up.ipv6to4 ip-up.local
ln -s ip-down.ipv6to4 ip-down.local
USING 6TO4
----------
6to4 automatic tunneling is brought up when the interface is brought up.
You will see your 6to4 address prefix in device tun6to4 when done:
inet6 addr: 2002:c15e:a001::1/16 Scope:Global
Note that 'c15e:a001' is the hexadecimal representation of dotted-quad IPv4
address (IPADDR= above), here '193.94.160.1'.
NOTE: iproute tools give more reliable data, try e.g. '/sbin/ip addr ls'.
PROVIDING IPV6 TO YOUR LAN
--------------------------
If you want to provide IPv6 for your LAN (e.g. connected on eth1)
using your Linux system as a router, this can be done rather easily with 6to4.
You will need to enable IPv6 forwarding (IPV6FORWARDING=yes in
/etc/sysconfig/network) and install a router advertisement daemon. One such,
'radvd' is available in the distribution.
You must configure the prefix your IPv4 maps to (see tun6to4 above) in
/etc/radvd.conf or use certain automatic hooks. This is not covered here
in detail; see radvd.conf(5) and /etc/sysconfig/network-scripts/ifup-ipv6
for details.
Usually the following is enough:
1. Make sure that radvd package is installed.
2. Configure radvd as outlined in radvd.conf(5); the file could
be something like:
interface eth1
{
AdvSendAdvert on;
MinRtrAdvInterval 3;
MaxRtrAdvInterval 10;
prefix 0:0:0:1::/64
{
Base6to4Interface eth0;
AdvPreferredLifetime 120;
AdvValidLifetime 300;
};
};
3. Make sure radvd starts at boot and start it now:
/sbin/chkconfig radvd on
/sbin/service radvd start
4. Make the initscripts signal radvd to recalculate the prefix when it
changes:
/etc/sysconfig/network-scripts/ifcfg-eth0:
IPV6_CONTROL_RADVD=yes
5. Configure the associated routes to other 6to4 subnets to point at
your LAN interfaces; this can be done automatically with
IPV6TO4_ROUTING variable; please refer sysconfig.txt for details.
In the particular example, above, this would be like:
/etc/sysconfig/network-scripts/ifcfg-eth0:
IPV6TO4_ROUTING="eth1-:1::0/64"
However, please note that no global address is configured on the
interface, just a route!
MORE INFORMATION
----------------
http://www.bieringer.de/linux/IPv6/IPv6-HOWTO/IPv6-HOWTO.html is a good
source of IPv6 related Linux-information.
ftp://ftp.isi.edu/in-notes/rfc3056.txt ("Connection of IPv6 Domains via IPv4
Clouds") is the RFC about 6to4.
ftp://ftp.isi.edu/in-notes/rfc3068.txt ("An Anycast Prefix for 6to4 Relay
Routers") is the RFC about finding a close 6to4 relay automatically.
http://www.ietf.org/internet-drafts/draft-savola-v6ops-6to4-security-02.txt
("Security Considerations and Enhancements for 6to4") explains some
security considerations in 6to4.
|
