• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

All signed up... now what? Linux --> Windows --> Application....

Started by thinkdesignprint, August 03, 2010, 08:42:28 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

thinkdesignprint

August 03, 2010, 08:42:28 PM
Ok I'm all signed up for a tunnel and have run the pptp software to configure a link to test it out...  ok that worked.

Now I want to push ipv6 round my network... err, yes?

Ok we've got a Linux box and 3 windows machines with some wifi and a couple of switches...

Code Select
CableModem<-->eth0-LinuxBox-eth1<-->wifiAP<-->VistaLaptop(*2)/XpDesktop

I'd like to terminate the tunnel on the linux box then just have everything else use that route when wanting to talk ipv6.

Now I understand how this is done with IPv4.  We just run NAT (iptables) and DHCP and away we go...

That also gives us a nice fire wall so that incoming traffic just gets blocked at the Linux box... ok super standard boring stuff there :)

I don't want to have public IP on the internal machines (do I?) or I have to run firewalls on each machine (now that would be silly?)

I also don't want all my IPv4 traffic heading off via the TunnelBroker (the pptp tunnel seemed to do that automatically and I lost access to things inside my firewall, but I suspect that's just cause I missed something in the pptp set up to not route ipv4 traffic?)  (Of course I also don't want to over burden the TunnelBroker! :) )

So, what do I need to install and where?

What do I need to read next?

Cheers Don

cholzhauer

#1
August 04, 2010, 05:03:00 AM
Here's how I have mine set up

I have a FreeBSD machine outside of my firewall that I have my tunnel terminated on.  That's connected to my firewall which supports IPv6 filtering.  My firewall is doing Router Advertisements on all interfaces, which provides my hosts with a IP address and a default route.  I've put a script in AD that adds my IPv6 DNS servers and turns off Teredo

Does that help?

thinkdesignprint

#2
August 04, 2010, 03:42:30 PM
Quote from: cholzhauer on August 04, 2010, 05:03:00 AM
Here's how I have mine set up

I have a FreeBSD machine outside of my firewall that I have my tunnel terminated on.  That's connected to my firewall which supports IPv6 filtering.  My firewall is doing Router Advertisements on all interfaces, which provides my hosts with a IP address and a default route.  I've put a script in AD that adds my IPv6 DNS servers and turns off Teredo

Does that help?

Half helps...

I'm not running an Active Directory.  I don't have anything outside my firewall... the HFC modem is plugged into the back of the nix box and have the public v4 address on it.  There's no mention of IPv6 filtering in my ClarkConnect3.2 set up (Centos4).  I don't know enough about IP to know how to set up router Advertisements.  I'd like to see the script that sorts out teredo and the dns.

I can see I've got quite a bit to learn here :)

Cheers Don

cholzhauer

#3
August 04, 2010, 04:20:48 PM
OK, thats a start

First, the script is just a basic windows command line CMD script.  (this is from memory)

Code Select

netsh int ipv6 set teredo disabled
netsh int ipv6 add dns server "dnsserver" "interface"
netsh int ipv6 set privacy disabled
..


You get the idea

For RA, Cent OS should be able to do that for you..check out /etc/radvd.conf and google for more info on that.  If I read it correctly, your Cent OS box is hosting the tunnel, so you should be able to run RA on that like I mentioned.

If you want more options, you'll have to look into DHCPv6 (available in the newest branch of the DNS server)


Print
Go Up Pages1
User actions