• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Main Menu

Two tunnels?

Started by sysadmininc, June 19, 2008, 09:23:03 AM

Previous topic - Next topic

sysadmininc

I'm not sure how I'd go about this.

I have two ip addresses 71.x.x.194 and 71.x.x.195. x.195 is for a server directly connected to the internet, the x.194 is a NAT device of which one on a 192.168.x network will be running an ipv6 tunnel.

I already have a tunnel setup to the x.195 machine and it works fine. Is it possible to get another tunnel for use on the x.194 machine? I assume I can't use the same subnet since this is a point 2 point tunnel, if I'm not mistaken?

Any advice would be appreciated.

piojan

Quote from: sysadmininc on June 19, 2008, 09:23:03 AM
the x.194 is a NAT device of which one on a 192.168.x network will be running an ipv6 tunnel
If you are planing to have you secound ipv6 tunnel setup on a device behined nat (192.168...) then you would have to consider redirecting protocol 41 on the device that does the NAT (x.194)

Just wondering - wouldn't it be easert to use the ipv6 subnet for all the host insted of having two tunnels.

sysadmininc

Quote from: piojan on June 19, 2008, 09:30:23 AM

Just wondering - wouldn't it be easert to use the ipv6 subnet for all the host insted of having two tunnels.

How would I go about achieving that since I only have one endpoint IP address.

Maybe it's not possible with my layout.

Cable comes in from ISP into a switch. Port 1 goes directly to a server 71.x.x.195
port 2 goes to a 4 port internet router which is assigned 71.x.x.194
Behind the router is a second server which is 192.168.x.1

I have a tunnel setup with 71.x.x.195 as the end point.

Maybe I am missing something, which is quite possible.

piojan

Quote from: sysadmininc on June 19, 2008, 09:46:30 AM
Quote from: piojan on June 19, 2008, 09:30:23 AM

Just wondering - wouldn't it be easert to use the ipv6 subnet for all the host insted of having two tunnels.

How would I go about achieving that since I only have one endpoint IP address.

You could get a ipv6 /48 subnet. I am not sure if you get an additional /64 automaticly apart from the p2p /64.

Quote from: sysadmininc on June 19, 2008, 09:46:30 AM
Maybe it's not possible with my layout.

Cable comes in from ISP into a switch. Port 1 goes directly to a server 71.x.x.195
port 2 goes to a 4 port internet router which is assigned 71.x.x.194
Behind the router is a second server which is 192.168.x.1

I have a tunnel setup with 71.x.x.195 as the end point.

Maybe I am missing something, which is quite possible.
Generaly speaking the ipv6 conectivity need to be brought to the 192.168.0.0/16 net.
There are a few options. Some sugestions.
1. Add an additional network card to the 71.x.x.195 and connect it straight to the intranet switch that server 192.168.0.0/16 net.
2. Get the ipv6 connectivity by using the 71.x.x.194 device
  a) end the tunnel on it if it is something like linux, cisco etc.
  b) pass protocol 41 to one of the devices in the 192.168.0.0/16 net that will be you end part of the second tunnel - not all cheap router allow this
  c) use other means of passing this router - like ipv6 over udp (unfortunately wont go with HE).

sysadmininc

The main problems is that it would require cross connecting the two boxes and I don't want to do that. They're separate for a good reason. I guess I can just sign up for a second account with HE for the 2nd box, but I'd hate to do that because it's more to manage and I'm not sure if it's frowned upon.

broquea

#5
More than 1 account isn't frowned upon, especially since we haven't finished the multiple tunnels under a single account (soon! just have other things to get done, unrelated to tunnelbroker.net, for the company).

Every tunnel comes with 2 automatically allocated /64 blocks. One for the point-to-point (the tunnel itself) and the other is statically routed to the end-user's side of the tunnel, so they can use RADVD under *NIX, or whatever RA is provided for on their routing platform. The /48, ideally, would be best suited for people that have several LANs attached to a routing device and need to provide IPv6 connectivity by breaking out a /64 per LAN.

sysadmininc

Once multiple tunnels per account is added, would we be able to merge the two (or more) accounts together?

I don't have a router so this would be my best option.

Thanks,
Nigel

broquea

Quote from: sysadmininc on June 20, 2008, 10:46:44 AM
Once multiple tunnels per account is added, would we be able to merge the two (or more) accounts together?

I don't have a router so this would be my best option.

Thanks,
Nigel
That is the plan.