• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

[SOLVED] Tunnel on Ubuntu Gateway

Started by fuzeman, December 03, 2010, 12:15:19 AM

Previous topic - Next topic

fuzeman

I've been trying to get this running for ages and thought it would be better just to ask how/if I can setup a Tunnel on my Home Gateway.

My Interface Setup:

br0       Link encap:Ethernet  HWaddr 00:1b:21:6c:03:c3
         inet addr:172.25.0.1  Bcast:172.25.255.255  Mask:255.255.0.0
         inet6 addr: fe80::21b:21ff:fe6c:3c3/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:117900 errors:0 dropped:0 overruns:0 frame:0
         TX packets:133093 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:14680002 (14.6 MB)  TX bytes:123081237 (123.0 MB)

eth0      Link encap:Ethernet  HWaddr 1c:6f:65:31:80:5d
         inet addr:192.168.0.50  Bcast:192.168.0.255  Mask:255.255.255.0
         inet6 addr: fe80::1e6f:65ff:fe31:805d/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:156268 errors:0 dropped:0 overruns:0 frame:0
         TX packets:146799 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:75279972 (75.2 MB)  TX bytes:34101991 (34.1 MB)
         Interrupt:31 Base address:0xa000

eth1      Link encap:Ethernet  HWaddr 00:1b:21:6c:03:c3
         inet6 addr: fe80::21b:21ff:fe6c:3c3/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:150306 errors:0 dropped:0 overruns:0 frame:0
         TX packets:188980 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:100
         RX bytes:22658823 (22.6 MB)  TX bytes:192000948 (192.0 MB)
         Memory:fb8c0000-fb8e0000

lo        Link encap:Local Loopback
         inet addr:127.0.0.1  Mask:255.0.0.0
         inet6 addr: ::1/128 Scope:Host
         UP LOOPBACK RUNNING  MTU:16436  Metric:1
         RX packets:40340 errors:0 dropped:0 overruns:0 frame:0
         TX packets:40340 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:25127129 (25.1 MB)  TX bytes:25127129 (25.1 MB)



NOTE: br0 is my Local Network Interface (Bridged to eth0 to allow Virtual Machines on the network).
eth0 is my Internet Address coming off another router with a All Ports Forwarded to 192.168.0.50 (The Gateway Address).

How/Can I setup a Tunnel from Tunnelbroker.net on this network?

EDIT:
After a few reboots and reconfiguring it again i've got it going, I think I might of been mixing up Routed /64 with something else.

deags

i have ubuntu as well.

root@1:/etc# cat /etc/radvd.conf
interface br0 {
        AdvSendAdvert on;
        AdvManagedFlag on;
        MinRtrAdvInterval 5;
        MaxRtrAdvInterval 10;

        prefix  2001:470:xxxx:56::/64 {
                AdvOnLink on;
                AdvAutonomous on;
                AdvRouterAddr on;
        };
};


root@1:/etc/network# cat interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
auto eth1 eth3
iface eth0 inet dhcp

auto br0
iface br0 inet static
bridge_ports eth1 eth3
address 192.168.1.1
netmask 255.255.0.0
broadcast 192.168.255.255
gateway 192.168.1.1
bridge_fd 1
bridge_stp off
iface br0 inet6 static
       address 2001:470:xxxx:56::1
       netmask 64

auto br0:0
iface br0:0 inet static
address 192.168.0.1
netmask 255.255.0.0
broadcast 192.168.255.255
gateway 192.168.0.1
iface br0:0 inet6 static
       address 2001:470:xxxx:57::1
       netmask 64


auto he-ipv6
iface he-ipv6 inet6 v4tunnel
        endpoint   72.52.104.74
        local      60.xxx.xxx.xxx
        ttl        255
        address    2001:470:xxxx:yyy::2
        netmask    64
        mtu     1472


ip -6 route add 2000::/3 dev he-ipv6 metric 1

Don't forget to firewall.

ip6tables -t filter -P FORWARD DROP
ip6tables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
ip6tables -A FORWARD -s 2001:470:xxxx::/48 -j ACCEPT
ip6tables -A FORWARD -p ipv6-icmp -j ACCEPT




60.xxx.xxx.xxx  =  Client IPv4 address

2001:470:xxxx:yyy::2  =  Client IPv6 address

2001:470:xxxx::/48  =  Routed /48 (this isn't necessary if you want to use Routed /64)

2001:470:xxxx:56::1  =  /64

cholzhauer

What commands have you tried so far?  Is your router passing protocol 41 traffic to you?

fuzeman

Thanks for the replies, Should of added more detail to my post. I've setup the tunnel on my Gateway works fine:

root@gw2:/etc# ping6 ipv6.google.com
PING ipv6.google.com(2a00:1450:8006::63) 56 data bytes
64 bytes from 2a00:1450:8006::63: icmp_seq=1 ttl=55 time=320 ms
64 bytes from 2a00:1450:8006::63: icmp_seq=2 ttl=55 time=296 ms
64 bytes from 2a00:1450:8006::63: icmp_seq=3 ttl=55 time=295 ms
64 bytes from 2a00:1450:8006::63: icmp_seq=4 ttl=55 time=305 ms
64 bytes from 2a00:1450:8006::63: icmp_seq=5 ttl=55 time=298 ms
^C
--- ipv6.google.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4004ms
rtt min/avg/max/mdev = 295.170/303.202/320.332/9.378 ms


The DHCP Clients are even getting a IP Address, It's just when you try to ping an IPv6 address on the Client computer it doesn't work it just times out:


Pinging ipv6.l.google.com [2a00:1450:8006::63] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 2a00:1450:8006::63:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),


ip6tables:

root@gw2:/etc# ip6tables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all      anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     ipv6-icmp    anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination


Any Ideas?

cholzhauer

are you also doing RA?  if not you will need to in order for your clients to get a default route