Raspberry PI How-To.

peebles · January 09, 2013, 08:20:04 AM

Hi Folks,

I've just written a How-to "Setting up a Raspberry Pi as an IPv6 Gateway using Hurricane Electric. Before I put it on my blog proper, (It's currently resident on my home network). Could you have a quick look at it (if you have the time) and tell me if I've missed something obvious.

Any kind of opinion (good or bad) appreciated. It's based on previous work on my main website.

http://www.linuxhome.co.uk/?p=274

It's 3 pages.
1) Setting up the tunnel
2) Setting up a stateful firewall
3) Setting up DNSMasq to advertise the default IPv6 route and handle DNS (If needed).

Thanks in advance,

Billy

nickbeee · January 09, 2013, 05:59:24 PM

Nice detailed article.

You may want to consider using DHCPv6 to hand out IPv6 DNS servers to the clients - HE has 2001:470:20::2 and Google public DNS has IPv6 servers. You set the other stateful configuration flag in the RA's and then the hosts should be able to get their IPv6 DNS servers from DHCPv6.

Make sure your Pi and the corresponding switch port on the main router have negotiated a full-duplex connection otherwise you will see serious throughput problems. You can check this with one of the IPv6 speedtest sites such as ipv6-test.com or ipv6-speedtest.net

I've used this method with Cisco IOS, NetBSD and OpenBSD. I really must order a Pi, pity it only has one nic though as it limits its use as a router.

kasperd · January 10, 2013, 12:41:58 AM

Quote from: peebles on January 09, 2013, 08:20:04 AMtell me if I've missed something obvious.

You misspelled "their website".

The example configuration for the tunnel interface is incorrect. You are assigning an address from the routed /64 instead of the tunnel /64.

peebles · January 10, 2013, 01:57:31 AM

Well spotted kasperd, just amended it. ::)

nickbeee, I'll look into that in the next day or so and amend. I'll test the speed and the duplex and post the results tonight (just for general interest).

Thanks Guys,

Billy

nickbeee · January 10, 2013, 06:45:10 AM

Quote from: kasperd on January 10, 2013, 12:41:58 AM
The example configuration for the tunnel interface is incorrect. You are assigning an address from the routed /64 instead of the tunnel /64.

I read it as 2001:DB8:8:7aa::1/64 dev eth0 for the LAN interface and address 2001:DB8:7:7aa::2 for the tunnel (on page 1).

kasperd · January 10, 2013, 10:01:07 AM

Quote from: peebles on January 10, 2013, 01:57:31 AMjust amended it.

I see the addresses were fixed, but "their website" is still not spelt correctly.

Quote from: nickbeee on January 10, 2013, 06:45:10 AMI read it as 2001:DB8:8:7aa::1/64 dev eth0 for the LAN interface and address 2001:DB8:7:7aa::2 for the tunnel (on page 1).

The table in the start of the article looked correct. But further down in the actual configuration it was incorrect (but that has been fixed).

nickbeee · January 10, 2013, 11:00:03 AM

Quote from: kasperd
Quote from: nickbeee on January 10, 2013, 06:45:10 AMI read it as 2001:DB8:8:7aa::1/64 dev eth0 for the LAN interface and address 2001:DB8:7:7aa::2 for the tunnel (on page 1).
The table in the start of the article looked correct. But further down in the actual configuration it was incorrect (but that has been fixed).

Our viewing times may have differed ;)

However, the important point has been made that it is a common mistake that people make trying to allocate the tunnel and the LAN side to the same /64. Fortunately most of us learn from this and go on to advise others of the same. :)

peebles · January 10, 2013, 01:21:39 PM

Amended with the following.

Tunnel Details follow :
Client IPv6 Endpoint 2001:DB8:7:7aa::2 (From the top of page one)

# IPv6 via Hurricane Electric Tunnel
auto he-ipv6
iface he-ipv6 inet6 v4tunnel
address 2001:DB8:7:7aa::1
netmask 64
endpoint 216.66.80.26
gateway 2001:DB8:7:7aa::2
ttl 255

Look ok now.

2001:DB8:8:7aa::/64 (My address range)
2001:DB8:8:7aa::1 (IP address of the ethernet interface)

Looks ok now.

Pffff :)

Will post a speed test tomorrow and add the rest of the suggested settings.

Much appreciated,

Billy

peebles · January 10, 2013, 02:17:03 PM

peebles · January 14, 2013, 08:55:16 AM

Hi nickbeee

QuoteYou may want to consider using DHCPv6 to hand out IPv6 DNS servers to the clients - HE has 2001:470:20::2 and Google public DNS has IPv6 servers. You set the other stateful configuration flag in the RA's and then the hosts should be able to get their IPv6 DNS servers from DHCPv6.

I read the dnsmasq man page and it was quite easy to do, so I changed the dnsmasq.conf file to do the above.

QuoteMake sure your Pi and the corresponding switch port on the main router have negotiated a full-duplex connection otherwise you will see serious throughput problems. You can check this with one of the IPv6 speedtest sites such as ipv6-test.com or ipv6-speedtest.net

Checked duplex using ethtool and it seemed ok (see below), I also tested the speed using [url]www.thinkbroadband.com/ipv6/speed-test.html/url].

Code Select

Settings for eth0:
	Supported ports: [ TP MII ]
	Supported link modes:   10baseT/Half 10baseT/Full 
	                        100baseT/Half 100baseT/Full 
	Supported pause frame use: No
	Supports auto-negotiation: Yes
	Advertised link modes:  10baseT/Half 10baseT/Full 
	                        100baseT/Half 100baseT/Full 
	Advertised pause frame use: Symmetric Receive-only
	Advertised auto-negotiation: Yes
	Link partner advertised link modes:  10baseT/Half 10baseT/Full 
	                                     100baseT/Half 100baseT/Full 
	Link partner advertised pause frame use: Symmetric Receive-only
	Link partner advertised auto-negotiation: Yes
	Speed: 100Mb/s
	Duplex: Full
	Port: MII
	PHYAD: 1
	Transceiver: internal
	Auto-negotiation: on
	Supports Wake-on: g
	Wake-on: d
	Current message level: 0x00000007 (7)
			       drv probe link
	Link detected: yes

If you can think of anything else that you think might need added/amended then please let me know.

Thanks for the help and suggestions,

Billy

nickbeee · January 14, 2013, 10:16:16 AM

That's quite a useful howto. As i've just ordered a 'Pi today I shall be investigating this particularly the dnsmasq config. I'm thinking of using mine to create an IPv6-capable 3G -> Wifi HostSpot. I just need to figure out if the Linux version supplied will support my Huwei 3G dongle.

Cheers,

peebles · January 22, 2013, 08:01:51 AM

I've been having a bit of trouble with my IPv6 tunnel routing through my Raspberry Pi, I've managed to work out what the problem was and added it to the instructions.

My Hurricane Electric Tunnel is set to 1480 (which should be the correct size for PPPoA "ADSL2+") so everything should be fine you would think (and it has been up until a few days ago)

My router rebooted (power cut) and as far as I understand it, my router negotiates it's MTU with my ISP and comes up with 1492 bytes. At this point my tunnel drops almost everything that tries to go through it.

So, to cut a long story short I've changed the MTU from 1480 to 1472 on both sides of the tunnel and everything is working fine now.

Added the following to the instructions.

Quote# The MTU set on my router "negotiated via my ISP" is
# 1492. So 1492 - 20 = 1472.
# If your routers MTU is 1500, then you can just leave
# the following line out, as it will default to 1480.
mtu 1472

I was wondering if I should now advertise the new MTU via my DHCPv6 Setup? and update the documentation?

Any suggestions/advice appreciated.

Cheers,

Billy

iav · September 16, 2017, 06:54:07 PM

Actual article link http://www.dickson.me.uk/2013/03/15/setting-up-a-raspberry-pi-as-an-ipv6-gateway-using-hurricane-electric/

News:

Raspberry PI How-To.