Ok I'm all signed up for a tunnel and have run the pptp software to configure a link to test it out... ok that worked.
Now I want to push ipv6 round my network... err, yes?
Ok we've got a Linux box and 3 windows machines with some wifi and a couple of switches...
CableModem<-->eth0-LinuxBox-eth1<-->wifiAP<-->VistaLaptop(*2)/XpDesktop
I'd like to terminate the tunnel on the linux box then just have everything else use that route when wanting to talk ipv6.
Now I understand how this is done with IPv4. We just run NAT (iptables) and DHCP and away we go...
That also gives us a nice fire wall so that incoming traffic just gets blocked at the Linux box... ok super standard boring stuff there :)
I don't want to have public IP on the internal machines (do I?) or I have to run firewalls on each machine (now that would be silly?)
I also don't want all my IPv4 traffic heading off via the TunnelBroker (the pptp tunnel seemed to do that automatically and I lost access to things inside my firewall, but I suspect that's just cause I missed something in the pptp set up to not route ipv4 traffic?) (Of course I also don't want to over burden the TunnelBroker! :) )
So, what do I need to install and where?
What do I need to read next?
Cheers Don
Here's how I have mine set up
I have a FreeBSD machine outside of my firewall that I have my tunnel terminated on. That's connected to my firewall which supports IPv6 filtering. My firewall is doing Router Advertisements on all interfaces, which provides my hosts with a IP address and a default route. I've put a script in AD that adds my IPv6 DNS servers and turns off Teredo
Does that help?
Quote from: cholzhauer on August 04, 2010, 05:03:00 AM
Here's how I have mine set up
I have a FreeBSD machine outside of my firewall that I have my tunnel terminated on. That's connected to my firewall which supports IPv6 filtering. My firewall is doing Router Advertisements on all interfaces, which provides my hosts with a IP address and a default route. I've put a script in AD that adds my IPv6 DNS servers and turns off Teredo
Does that help?
Half helps...
I'm not running an Active Directory. I don't have anything outside my firewall... the HFC modem is plugged into the back of the nix box and have the public v4 address on it. There's no mention of IPv6 filtering in my ClarkConnect3.2 set up (Centos4). I don't know enough about IP to know how to set up router Advertisements. I'd like to see the script that sorts out teredo and the dns.
I can see I've got quite a bit to learn here :)
Cheers Don
OK, thats a start
First, the script is just a basic windows command line CMD script. (this is from memory)
netsh int ipv6 set teredo disabled
netsh int ipv6 add dns server "dnsserver" "interface"
netsh int ipv6 set privacy disabled
..
You get the idea
For RA, Cent OS should be able to do that for you..check out /etc/radvd.conf and google for more info on that. If I read it correctly, your Cent OS box is hosting the tunnel, so you should be able to run RA on that like I mentioned.
If you want more options, you'll have to look into DHCPv6 (available in the newest branch of the DNS server)