• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Main Menu

DD-WRT v24 preSP2 + IPv6

Started by netrixtardis, September 15, 2010, 07:07:16 PM

Previous topic - Next topic

netrixtardis

So, I've been reading and searching on info to setup my WRT54GL v1.1 to do IPv6.
I've already gone through the trouble of installing dd-wrt v24 preSP2-nokaid-nohot-nostor (SVN revision 15200M NEWD Eko), installed the ip6tables kernel modules, ip6tables, ping6 and traceroute6 iputils ipks, and setup my jffs2 mount.

With the configuration below, I am able to ping/traceroute ipv6 hosts from the router.  I am unable to get routing inside my LAN.  my Linux workstation is unable to receive an IPv6 IP from my router, nor am i unable to get to IPv6 hosts thru the tunnel.  As I am still trying to understand it all, I'm not sure what I'm missing nor why it's not working.  any help would be appreciated =)

configurations:

radvd.conf

interface br0 {
  MinRtrAdvInterval 3;
  MaxRtrAdvInterval 10;
  AdvLinkMTU 1480;
  AdvSendAdvert on;
  prefix 2001:470:1f0f:766::/64 {
    AdvOnLink on;
    AdvAutonomous on;
    AdvValidLifetime 86400;
    AdvPreferredLifetime 86400;
    Base6to4Interface vlan1;
    AdvRouterAddr on;
  };
};


startup script:

#!/bin/sh
insmod ipv6
insmod sit
sleep 5

# My IPv4 addres
WANIP=$(ip -4 addr show dev vlan1 | awk '/inet / {print $2}' | cut -d/ -f1)

# Routed /64 (without /64)
MYROUTED="2001:470:1f0f:766::"

# Client IPv6 Address
MYTUNNELIP="2001:470:1f0e:766::2"

# Server IPv6 Address
HETUNNELIP="2001:470:1f0e:766::1"

# Tunnelbroken.com info
GTUNID=<removed as it's account info>
USERID=<removed as it's account info>
MD5PASSWD=<removed as it's account info>

/usb/sbin/iptables -I INPUT2 -s 66.220.2.74 -p icmp -j ACCEPT
/usb/bin/wget "https://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=$WANIP&pass=$MD5PASSWD&user_id=$USERID&tunnel_id=$GTUNID"

ip tunnel add he-ipv6 mode sit remote 216.218.224.42 local $WANIP ttl 255
ip link set he-ipv6 up
ip -6 addr add $MYTUNNELIP/64 dev he-ipv6
ip -6 route add ::/0 dev he-ipv6
ip -6 addr add $MYROUTED/64 dev he-ipv6
ip -6 addr add $MYROUTED/64 dev br0
ip route add 2000::/3 dev he-ipv6

echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
radvd -C /tmp/radvd.conf


firewall script:

#!/bin/sh
export IP6TABLES_LIB_DIR=/jffs/usr/lib/iptables
PATH="$PATH":/jffs/usr/sbin

for i in $(ls -1 /jffs/lib/modules/`uname -r`);
do
insmod /jffs/lib/modules/`uname -r`/$i
done

ip6tables -F
ip6tables -A FORWARD -p tcp -i he-ipv6 --syn -m multiport --dports ftp-data,ftp,ssh,smtp,http,https,ntp,domain -j ACCEPT
ip6tables -A FORWARD -p tcp -i he-ipv6 --syn -j DROP
ip6tables -A FORWARD -p udp -i he-ipv6 -m multiport --dports ntp,domain -j ACCEPT
ip6tables -A FORWARD -p udp -i he-ipv6 -j DROP




cholzhauer

You say that none of your hosts are receiving an address via RA?

I haven't used this setup much, but everything looks ok...

netrixtardis

My linux host would be assigned a 2002:::: IP - which to me sounds like it's not what i'm trying to configure on the LAN.

trying to ping6 ipv6.google.com did not work as the host was unable to resolve the hostname to IPv6 IP.
This however works from the router itself.  So, I'm guessing I've established my IPv6 tunnel.  but it's only at the router.

cholzhauer

yeah, 2002:: isnt what you want.  how are you assigning dns?  RA wont do that for you (normally)

netrixtardis

Well, honestly as far as I can tell, I have not configured D6NS yet.  Tho, the linux how should not be getting a 2002:::: IP.  So even then trying to ping6 an IP that is resolved on the router, it still doesn't ping [times out]. 

I must be missing something.

cholzhauer

It sounds like RA isn't working, because 2002:: is 6to4 (or 6in4, one of the two)

I wonder if it's because of this line


Base6to4Interface vlan1;