Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: Linux box behind dd-wrt  (Read 6476 times)

phma

  • Newbie
  • *
  • Posts: 5
Linux box behind dd-wrt
« on: December 28, 2009, 08:28:10 AM »

I have a Linux box behind a Linksys router runnind DD-WRT 24-sp2, which is supposed to have ipv6 working. I've succeeded in getting it to have a he-ipv6 device, but no address. I Should I try to get the tunnel working from the Linux box instead of the router? If so, how can I get the tunnel to go through the router?
Logged

cholzhauer

  • Hero Member
  • *****
  • Posts: 2724
Re: Linux box behind dd-wrt
« Reply #1 on: December 28, 2009, 08:31:17 AM »

Have you ever had this tunnel working before?  (On another machine, router, ect)

If you want to use the linux machine to host your end of the tunnel, you can, just make sure you change your tunnel endpoint with HE (if using a different Public IP) and make sure your firewall is passing Proto41 traffic to your device.
Logged

phma

  • Newbie
  • *
  • Posts: 5
Re: Linux box behind dd-wrt
« Reply #2 on: December 28, 2009, 10:32:07 PM »

Have you ever had this tunnel working before?  (On another machine, router, ect)
No. I recently switched routers and have tried to get it up before, but with no success.
Quote
If you want to use the linux machine to host your end of the tunnel, you can, just make sure you change your tunnel endpoint with HE (if using a different Public IP) and make sure your firewall is passing Proto41 traffic to your device.
I changed the endpoint when I switched routers, as that resulted in the IP changing. How do I make the router pass Proto41 traffic?

I have successfully gotten a friend's tunnel up; she is using a Linux box as a firewall. I have Miredo, so I can connect to her box on IPv6, but I haven't set her up with radvd yet. I'd like to get my tunnel up first and radvd working.
Logged

cholzhauer

  • Hero Member
  • *****
  • Posts: 2724
Re: Linux box behind dd-wrt
« Reply #3 on: December 29, 2009, 05:50:42 AM »

Quote
How do I make the router pass Proto41 traffic?

Depends on the firewall...are you just using the linksys for a firewall?

Have you taken a look at this site?  http://www.dd-wrt.com/wiki/index.php/IPv6
Logged

phma

  • Newbie
  • *
  • Posts: 5
Re: Linux box behind dd-wrt
« Reply #4 on: December 29, 2009, 07:37:43 AM »

Yes. It didn't work. There's no indication how to forward protocol 41 to the Linux box.

Here's my startup script:
insmod ipv6
sleep 5
WANIP=$(ip -4 addr show dev vlan1 | awk '/inet / {print $2}' | cut -d/ -f1)
MY_TUNNEL_ADDR="2001:470:7:42::2"
MY_ROUTED_ADDR="2001:470:8:42::1"
echo "External IP:" $WANIP > /jffs/startup.debug
if [ -n $WANIP ]
then
echo "configuring tunnel" >> /jffs/startup.debug

# The following commands are straight from HE's website
ip tunnel add he-ipv6 mode sit remote 216.66.22.2 local $WANIP ttl 255
ip link set he-ipv6 up
ip addr add $MY_TUNNEL_ADDR/64 dev he-ipv6
ip route add ::/0 dev he-ipv6

# These commands aren't on HE's website, but they're necessary for the tunnel to work
ip -6 addr add $MY_ROUTED_ADDR/64 dev he-ipv6
ip -6 addr add $MY_ROUTED_ADDR/64 dev br0
ip route add 2000::/3 dev he-ipv6

echo "starting radvd" >> /jffs/startup.debug
radvd -C /jffs/radvd.conf &
fi

I don't have a radvd.conf, or any other file in /jffs/. I did turn jffs on. ifconfig says this for the he-ipv6 device:
he-ipv6   Link encap:UNSPEC  HWaddr 47-47-C6-64-00-00-00-00-00-00-00-00-00-00-00-00
          UP POINTOPOINT RUNNING NOARP  MTU:1480  Metric:1
          RX packets:1 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:64 (64.0 B)  TX bytes:0 (0.0 B)

Attempting to copy a file to /jffs results in no error, but no file in /jffs. Any idea why?
Logged

jimb

  • Hero Member
  • *****
  • Posts: 805
  • ^^^ Warped picture
Re: Linux box behind dd-wrt
« Reply #5 on: December 29, 2009, 10:19:30 AM »

You shouldn't need to add the routed /64 to the he-ipv6 interface.  That's probably confusing the hell out of the routing process.  Only add it on the LAN interface.
Logged