Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Pages: [1] 2

Author Topic: Questions about Configuring a tunnel under Linux  (Read 16053 times)

freese60

  • Newbie
  • *
  • Posts: 3
Questions about Configuring a tunnel under Linux
« on: December 02, 2008, 06:33:59 AM »

Hello from Hamburg, Germany,

i just tried to set up a tunnel concerning several of the here suggested solutions, but it didnī t work. I use Debian Etch here and the solution I found and that works is as follows (for permanent setup via -interfaces-):

# Hurricane Electric Tunnel aufbauen
auto he-ipv6
iface he-ipv6 inet6 v4tunnel
     endpoint $ipv4a
     address  2001:0470:xxxx:xxxx::2
     netmask  64
     mtu 1480
     up ip -6 route add 2000::/3 dev he-ipv6

(xxxx means your nummers)



You can test the tunnel via  http://www.kame.net, the easiest way to see if a ipv6 tunnel works. If the turtle on the screen moves, then you got ipv6 working.

« Last Edit: August 05, 2010, 08:49:52 AM by broquea »
Logged

miggy

  • Newbie
  • *
  • Posts: 1
Questions about Configuring a tunnel under Linux
« Reply #1 on: August 01, 2009, 01:50:25 PM »

On Debian Lenny just now here's what I needed in /etc/network/interfaces:

Code: [Select]
auto he-ipv6
iface he-ipv6 inet6 v4tunnel
        endpoint   <Server IPv4 address>
        local      <Client IPv4 address>
        ttl        255
        address    <Client IPv6 address>
        netmask    64
        mtu        1480

The bits in <> use the same labels as the current he.net 'Tunnel Details' pages.
Logged

jrowens

  • Newbie
  • *
  • Posts: 13
Questions about Configuring a tunnel under Linux
« Reply #2 on: August 20, 2009, 11:36:50 PM »

Here's what I have in a Fedora system, in /etc/sysconfig/network-scripts/ifcfg-sit1 (there are three files with this name, hardlinked to each other).
Code: [Select]
# Hurricane Electric V6V4 tunnel
NAME="Hurricane Electric SIT"
DEVICE=sit1
ONBOOT=yes
USERCTL=yes
BOOTPROTO=none
PEERDNS=no

IPV6INIT=yes
IPV6_AUTOTUNNEL=yes
IPV6ADDR="$ipv6b/64"
# IPV6ADDR_SECONDARIES=""
IPV6_MTU=1280
IPV6_ROUTER=yes
IPV6_AUTOCONF=no

IPV6_CONTROL_RADVD=yes
IPV6TUNNELIPV4=$ipv4a
IPV6TUNNELIPV4LOCAL=$ipv4b

PHYSDEV=eth0
TYPE=sit
DEVICETYPE=sit
NM_CONTROLLED=no
You might want to turn off USERCTL, and tinker with the MTU; mine's at the minimum.  IPV6_AUTOTUNNEL and IPV6_AUTOCONF are mysteries to me, but it works with those values.  I'm not sure if PHYSDEV is necessary, but if it is, it's the interface with $ipv4b on it.  TYPE and DEVICETYPE are probably redundant, but I'm not sure which one is really needed.  You could try letting NetworkManager control it with NM_CONTROLLED, but if you do, you're on your own.

IPV6ADDR_SECONDARIES could be filled with extra addresses from your routed /64 and /48, if you want your routing Linux box to be able to use those addresses.  Maybe.

And of course, in your /etc/sysconfig/network file, you should have "IPV6_DEFAULTDEV=sit1".  If you like, you can also include "IPV6_DEFAULTGW=$ipv6a".

Edit: Minor typo in env variable name.
« Last Edit: September 04, 2009, 10:48:42 PM by jrowens »
Logged

jg

  • Newbie
  • *
  • Posts: 1
Questions about Configuring a tunnel under Linux
« Reply #3 on: September 01, 2009, 01:05:38 PM »


The bits in <> use the same labels as the current he.net 'Tunnel Details' pages; and note that cutting and pasting addresses from the page which include the /64 at the end isn't helpful  ;)

I added lines for up and down (Ubuntu Koala alpha):

Code: [Select]
auto he-ipv6
iface he-ipv6 inet6 v4tunnel
        endpoint   <Server IPv4 address>
        local      <Client IPv4 address>
        ttl        255
        address    <Client IPv6 address>
        netmask    64
        mtu        1480
up ip -6 route add default dev he-ipv6
down ip -6 route del default dev he-ipv6
Logged

xdaxdb

  • Newbie
  • *
  • Posts: 4
Questions about Configuring a tunnel under Linux
« Reply #4 on: January 17, 2010, 06:35:50 AM »

I am trying to make my tunnel configuration persistent, as in it will still be there when my system reboots. I used the code generated by the example configuration tool:
Code: [Select]
modprobe ipv6
ip tunnel add he-ipv6 mode sit remote 66.220.18.42 local x.x.x.x ttl 255
ip link set he-ipv6 up
ip addr add x:x:x:x::2/64 dev he-ipv6
ip route add ::/0 dev he-ipv6
ip -f inet6 addr

What would be the proper way to make this configuration persistent/permanent?

I am using Linux, CentOS 5.4

Thanks
Logged

adsllc

  • Newbie
  • *
  • Posts: 1
Questions about Configuring a tunnel under Linux
« Reply #5 on: February 11, 2010, 10:01:15 PM »

When I followed all the instructions I could find on a Fedora 12 host, it would work just fine - until I tried to use that host as a router to get the rest of my network connected.

Having the sit1 address with a /64 prefix caused packets to bounce back and forth between he.net and my router instead of getting passed to my workstation.  Using a /126 prefix instead fixed that problem.  Here's what I'm using:

/etc/sysconfig/network-scripts/ifcfg-eth0
Code: [Select]
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=none
HWADDR=xx:xx:xx:xx:xx:xx
NETMASK=255.255.255.0
IPADDR=$ipv4b
GATEWAY=xxx.xxx.xxx.xxx
TYPE=Ethernet
USERCTL=no
PEERDNS=yes

IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6ADDR=[a static ipv6 address]/64

/etc/sysconfig/network-scripts/ifcfg-sit1
Code: [Select]
# Hurricane Electric V6V4 tunnel
NAME="Hurricane Electric SIT"
DEVICE=sit1
ONBOOT=yes
USERCTL=no
BOOTPROTO=none
PEERDNS=no

IPV6INIT=yes
IPV6_AUTOTUNNEL=yes
IPV6ADDR="$ipv6b/126"
IPV6_ROUTER=yes
IPV6_AUTOCONF=no

IPV6_CONTROL_RADVD=yes
IPV6TUNNELIPV4=$ipv4a
IPV6TUNNELIPV4LOCAL=$ipv4b

PHYSDEV=eth0
TYPE=sit
DEVICETYPE=sit
NM_CONTROLLED=no

IPV6_DEFAULTGW=$ipv6a
IPV6_DEFAUTLDEV=sit1

/etc/sysconfig/network
Code: [Select]
NETWORKING=yes
HOSTNAME=host.domain.com

NETWORKING_IPV6=yes
IPV6_ROUTER=yes
IPV6FORWARDING=yes

/etc/radvd.conf
Code: [Select]
interface eth0
{
        AdvSendAdvert on;
        MinRtrAdvInterval 30;
        MaxRtrAdvInterval 100;
        prefix 2001:x:x:x::/64
        {
               AdvOnLink on;
               AdvAutonomous on;
               AdvRouterAddr off;
        };
};

On a related note, adding "Family=inet6" to DAEMON_OPTIONS in /etc/mail/sendmail.mc was all I needed to get sendmail listening on IPv6.
Logged

jimb

  • Hero Member
  • *****
  • Posts: 805
  • ^^^ Warped picture
Questions about Configuring a tunnel under Linux
« Reply #6 on: February 12, 2010, 09:13:51 AM »

 ???

What were you using on your LAN?  I hope it was the routed /64, and not the HE tunnel address...

I don't see why Linux would ever behave the way you described.  I've never had it happen on Gentoo or Ubuntu boxes I run.

The only way I see this happening is if you tried to use your "Client IPv6 Address" on both the tunnel interface and your LAN interface.
« Last Edit: February 12, 2010, 09:15:37 AM by jimb »
Logged

emilvals

  • Newbie
  • *
  • Posts: 9
Questions about Configuring a tunnel under Linux
« Reply #7 on: February 13, 2010, 09:16:33 AM »

Hello, I used the following to get IPv6 working on my CentOS 5.4 and it worked great.

ifconfig sit0 up
ifconfig sit0 inet6 tunnel ::216.66.80.26
ifconfig sit1 up
ifconfig sit1 inet6 add 2001:470:1f08:9b9::2/64
route -A inet6 add ::/0 dev sit1


Now I want to add few IP's from my /48 subnet, do I add it to the sit0 or sit1?
ifconfig sit0 inet6 IP:NUMBER
or
ifconfig sit1 inet6 IP:NUMBER

?

Thank you.
Logged

snarked

  • Hero Member
  • *****
  • Posts: 778
Questions about Configuring a tunnel under Linux
« Reply #8 on: February 13, 2010, 11:02:05 AM »

Neither.  You add it to your OTHER interfaces - like eth0.
Logged

jimb

  • Hero Member
  • *****
  • Posts: 805
  • ^^^ Warped picture
Questions about Configuring a tunnel under Linux
« Reply #9 on: February 13, 2010, 05:28:30 PM »

Also, don't try to use the whole /48.  Split it into /64s.
Logged

phipac

  • Newbie
  • *
  • Posts: 25
Questions about Configuring a tunnel under Linux
« Reply #10 on: March 17, 2010, 10:55:45 AM »

Centos 5.4

OK now that I have the firewall issue figured out, I need to make my Centos configuration persistent.  I have been successful at using both the ip and the ifconfig suggestions for setting up the tunnels (the ip route seems a lot cleaner, tho), and then adding a static IPv6 address to eth0.  I can get everything to work that way.  Unfortunately, neither survive a reboot or a 'service network restart'.  I have spent the last three weeks (no joke) reading every post I could possibly find on this subject, and have tried just about every suggestion for creating device scripts.  Every script has something a little different, and nothing seems to be working.  I understand IPv6, but admittedly am something of a Linux newbie (I found it very easy to get IPv6 working 100% on my Windows network).  I must be missing something, or maybe I just want it to be simpler than is possible.  Does anyone truly have a script that works for getting a persistent tunnel on Centos 5.4?  Thanks!

Phil
Logged

jimb

  • Hero Member
  • *****
  • Posts: 805
  • ^^^ Warped picture
Questions about Configuring a tunnel under Linux
« Reply #11 on: March 17, 2010, 03:02:04 PM »

You'll need to set up ifup-sit and ifup-ipv6 files w/ proper config variables in them.  Should be documented in /usr/share/doc/initscripts-<version>.

Logged

ourkopu

  • Newbie
  • *
  • Posts: 7
  • ....no wonder!!
Questions about Configuring a tunnel under Linux
« Reply #12 on: April 06, 2010, 03:19:07 PM »

I have taken the long way of ensuring that "my tunnel" is maintained after a "reboot" or "service network restart". This is by putting the tunnel configuration into a script in /bin (to use after a manual restart of the network service) and hardlinking it to /etc/init.d (for system reboots).

Basically, the script configures the tunnel using sit0 and sit1 as devices and then adds routed /64 addresses to eth0 and eth1. RADVD is then used to announce the routed /64 addresses to the LAN clients for distribution.
Logged

jimb

  • Hero Member
  • *****
  • Posts: 805
  • ^^^ Warped picture
Questions about Configuring a tunnel under Linux
« Reply #13 on: April 06, 2010, 05:05:02 PM »

I have taken the long way of ensuring that "my tunnel" is maintained after a "reboot" or "service network restart". This is by putting the tunnel configuration into a script in /bin (to use after a manual restart of the network service) and hardlinking it to /etc/init.d (for system reboots).

Basically, the script configures the tunnel using sit0 and sit1 as devices and then adds routed /64 addresses to eth0 and eth1. RADVD is then used to announce the routed /64 addresses to the LAN clients for distribution.

Yep.  No harm in writing your own init.d scripts.  Or as most people do, copying one and replacing the start) stop) clauses with your own code.  :P
Logged

ago

  • Newbie
  • *
  • Posts: 1
Questions about Configuring a tunnel under Linux
« Reply #14 on: May 20, 2010, 07:04:34 AM »

Hi, I created an utility to setup the tunnel and update the endpoint (in case of a dynamic ip). You can download the script here:

http://deve.loping.net/projects/he-update/

I hope it is useful to someone :)

 - Axel
Logged
Pages: [1] 2