• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Main Menu

Gentoo IPv6 Setup

Started by mindlesstux, November 23, 2008, 07:03:28 AM

Previous topic - Next topic

mindlesstux

Finally sat down and setup gentoo to load the tunnel on bootup instead of me having to use a script each time.

You will need to emerge iproute2

/etc/conf.d/net

# using IProute2 method, makes it easier :)
modules=( "iproute2" )

...

iptunnel_he6="mode sit remote 216.66.80.26 local 81.2.189.182 ttl 255 dev eth0"
depend_he6="net.eth0"
config_he6=( "2001:470:1f08:697::2/64" )
routes_he6=( "default via 2001:470:1f08:697::1 dev he6" )


I trimmed out how to setup eth0 and other non relevant lines.  See /etc/conf.d/net.example and look for iproute2 if you need help on those interfaces.

You also will want to "ln -s net.lo net.he6" in /etc/init.d/, and also add it to bootup

jimb

#1
Here's my setup, very similar to mindlesstux's:

/etc/conf.d/net (make sure you have iproute2 installed [emerge iproute2], since this config depends on it):

# Ethernet config
# Add our IPv4 address and HE assigned IPv6 address
config_eth0=(
  "192.168.0.4/24"
  "2001:db8:beef::1/64"
)
routes_eth0=( "default via 192.168.0.1" )

# Hurricane Electric ipv6 6in4 tunnel config

# make sure our ethernet interface is up first
RC_NEED_he6="net.eth0"

# tunnel setup
iptunnel_he6=(
  "mode sit remote 72.52.104.74 local 192.168.0.4 ttl 255 dev eth0"
)
# set the MTU
mtu_he6="1280"
# set the IPv6 address for our side of the tunnel interface
config_he6=( "2001:db8:1234:567::2/64" )
# add the default route for IPv6 traffic through the tunnel
routes_he6=( "default via 2001:db8:1234:567::1 dev he6" )


To make the interface come up during boot:

ln -s /etc/init.d/net.lo /etc/init.d/net.he6
rc-update add net.he6 default


Output of various commands after setup:

{root@gtoobox/pts/3}~# ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:50:da:53:65:64  
         inet addr:192.168.0.4  Bcast:192.168.0.255  Mask:255.255.255.0
         inet6 addr: 2001:db8:beef::1/64 Scope:Global
         inet6 addr: fe80::250:daff:fe53:6564/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:19184246 errors:0 dropped:0 overruns:0 frame:0
         TX packets:31357595 errors:0 dropped:0 overruns:0 carrier:4
         collisions:0 txqueuelen:1000
         RX bytes:2250820247 (2.0 GiB)  TX bytes:3264704922 (3.0 GiB)
         Interrupt:3 Base address:0x300

he6       Link encap:IPv6-in-IPv4  
         inet6 addr: 2001:db8:1234:567::2/64 Scope:Global
         inet6 addr: fe80::c0a8:4/128 Scope:Link
         UP POINTOPOINT RUNNING NOARP  MTU:1280  Metric:1
         RX packets:162 errors:0 dropped:0 overruns:0 frame:0
         TX packets:146 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:88515 (86.4 KiB)  TX bytes:19424 (18.9 KiB)


{root@gtoobox/pts/3}~# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
   link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
   link/ether 00:50:da:53:65:64 brd ff:ff:ff:ff:ff:ff
3: sit0: <NOARP> mtu 1480 qdisc noop state DOWN
   link/sit 0.0.0.0 brd 0.0.0.0
5: he6@eth0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1280 qdisc noqueue state UNKNOWN
   link/sit 192.168.0.4 peer 72.52.104.74


{root@gtoobox/pts/3}~# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
   link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
   inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
   inet6 ::1/128 scope host
      valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
   link/ether 00:50:da:53:65:64 brd ff:ff:ff:ff:ff:ff
   inet 192.168.0.4/24 brd 192.168.0.255 scope global eth0
   inet6 2001:db8:beef::1/64 scope global
      valid_lft forever preferred_lft forever
   inet6 fe80::250:daff:fe53:6564/64 scope link
      valid_lft forever preferred_lft forever
3: sit0: <NOARP> mtu 1480 qdisc noop state DOWN
   link/sit 0.0.0.0 brd 0.0.0.0
5: he6@eth0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1280 qdisc noqueue state UNKNOWN
   link/sit 192.168.0.4 peer 72.52.104.74
   inet6 2001:db8:1234:567::2/64 scope global
      valid_lft forever preferred_lft forever
   inet6 fe80::c0a8:4/128 scope link
      valid_lft forever preferred_lft forever


{root@gtoobox/pts/3}~# ip tunnel show
sit0: ipv6/ip  remote any  local any  ttl 64  nopmtudisc
he6: ipv6/ip  remote 72.52.104.74  local 192.168.0.4  dev eth0  ttl 255


{root@gtoobox/pts/3}~# netstat -6 -rn
Kernel IPv6 routing table
Destination                    Next Hop                   Flag Met Ref Use If
::1/128                        ::                         Un   0   1    24 lo
2001:db8:1234:567::/128        ::                         Un   0   1     0 lo
2001:db8:1234:567::2/128       ::                         Un   0   1     2 lo
2001:db8:1234:567::/64         ::                         Un   256 0     1 he6
2001:db8:beef::/128            ::                         Un   0   1     0 lo
2001:db8:beef::1/128           ::                         Un   0   1 23679 lo
2001:db8:beef::/64             ::                         U    256 0     0 eth0
fe80::/128                     ::                         Un   0   1     0 lo
fe80::c0a8:4/128               ::                         Un   0   1     0 lo
fe80::250:daff:fe53:6564/128   ::                         Un   0   1 68233 lo
fe80::/64                      ::                         U    256 0     0 eth0
fe80::/64                      ::                         Un   256 0     0 he6
ff00::/8                       ::                         U    256 0     0 eth0
ff00::/8                       ::                         U    256 0     0 he6
::/0                           2001:db8:1234:567::1       UG   1000 0   156 he6
::/0                           ::                         !n   -1  1   343 lo


{root@gtoobox/pts/3}~# ip -6 route show
2001:db8:1234:567::/64 via :: dev he6  proto kernel  metric 256  mtu 1280 advmss 1220 hoplimit 4294967295
2001:db8:beef::/64 dev eth0  proto kernel  metric 256  mtu 1280 advmss 1220 hoplimit 4294967295
fe80::/64 dev eth0  proto kernel  metric 256  mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 via :: dev he6  proto kernel  metric 256  mtu 1280 advmss 1220 hoplimit 4294967295
ff00::/8 dev eth0  metric 256  mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev he6  metric 256  mtu 1280 advmss 1220 hoplimit 4294967295
default via 2001:db8:1234:567::1 dev he6  metric 1000  mtu 1280 advmss 1220 hoplimit 4294967295



I also have radvd running to allow hosts on my LAN to automatically configure IPv6 addresses and get their IPv6 default gateways, etc.  Here's the conf for that:

interface eth0
{
       AdvSendAdvert on;
       AdvLinkMTU 1280;
       MaxRtrAdvInterval 300;
       # advertise subnet 0 of our /48
       prefix 2001:db8:beef::/64
       {
               AdvOnLink on;
               AdvAutonomous on;
       };
};


That needs to be added for startup too:

rc-update add radvd default


The gentoo radvd startup script automatically does the "sysctl -w net.ipv6.conf.all.forwarding=1" thing to enable forwarding, but if you're not using radvd, you'll want to add the line "net.ipv6.conf.all.forwarding = 1" to your /etc/sysctl.conf file.

Of course, you'll also want to configure the ip6tables firewall so that your gateway and LAN aren't wide open to the internet, but that's a bit beyond the scope of what I wanted to share here.

(EDIT: Addresses anonymzied for paranoia :) )

aase

Thanks for the infos, got it running now. Additionally, to update the he
tunnel endpoint, I have the following script
/etc/ppp/ip-up.d/95-update-he-tunnel-endpoint.sh that is executed each time
the ppp0 (with a new/changed dynamic ipv4 address) comes up (numbers in script
are not real):


#!/bin/sh

USER_ID='c85df26db6fc0e9de6e089421c2f0dbf'

TUNNEL_ID='12345'

URL='https://ipv4.tunnelbroker.net/ipv4_end.php'

PASS_MD5='da7175077c01a23ade5956b8a2bba90'

# wait for dns to come up
sleep 20

wget --spider --no-check-certificate
"${URL}?ipv4b=AUTO&pass=${PASS_MD5}&user_id=${USER_ID}&tunnel_id=${TUNNEL_ID}"


The sleep 20 is because I have a locally running nameserver as resolver, that
restarts after ppp0 restarts, and I have to wait for it, to resolve the above
url to retreive.

aase

Here is howto get IPv6 over IPv4 with Gentoo and tunnelbroker.net and dynamic IPv4 address from provider, including a ppp-up script for updating when dynamic IPv5 address changes:

http://www.fernmeldung.de/ipv6-with-gentoo-and-he-tunnel.html