Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: Beginner Help - Tunnel behind NAT  (Read 14836 times)

starcastle

  • Newbie
  • *
  • Posts: 10
Beginner Help - Tunnel behind NAT
« on: April 16, 2008, 07:26:13 AM »

I am VERY new at this.

I am currently using an IPv6 service that uses a client to setup the tunnel to a server behind a NAT.

Can this be accomplished as well.  I am not knowledgable enough to figure it out.

I am using Linux (SUSe).

Thanks for any help!

Peter Woodall
Logged

broquea

  • Sr. Network Engineer, HE.NET AS6939
  • Administrator
  • Hero Member
  • *****
  • Posts: 1702
Re: Beginner Help - Tunnel behind NAT
« Reply #1 on: April 16, 2008, 09:11:04 AM »

Well assuming the NAT passes protocol 41 (ipv6), our examples should work. We do have a note on some of our configs that reads:

*NOTE* When behind a firewall appliance that passes protocol41, instead of using the IPv4 endpoint you provided to our broker, use the IPv4 address you get from your appliance's DHCP service.

[Edit] - Sorry, you were using Suse, I skipped that. You should use either the "Linux-net-tools" or "Linux-route2" examples. I've tested both behind a few NAT appliances and they work.
« Last Edit: April 16, 2008, 09:22:18 AM by broquea »
Logged

starcastle

  • Newbie
  • *
  • Posts: 10
Re: Beginner Help - Tunnel behind NAT
« Reply #2 on: April 16, 2008, 09:18:01 AM »

I am using a SUSe Linux desktop with a Fixed IPv4 address.  The NAT can be configured to pass protocol 41.

Would I provide the 'external' IP address for the NAT as the IPv4 end point for the tunnel?

Logged

broquea

  • Sr. Network Engineer, HE.NET AS6939
  • Administrator
  • Hero Member
  • *****
  • Posts: 1702
Re: Beginner Help - Tunnel behind NAT
« Reply #3 on: April 16, 2008, 09:21:30 AM »

I am using a SUSe Linux desktop with a Fixed IPv4 address.  The NAT can be configured to pass protocol 41.

Would I provide the 'external' IP address for the NAT as the IPv4 end point for the tunnel?



Yes the broker needs your real routable IPv4 endpoint, and using the "Linux-route2" example will require the internal, non-routable IP your NAT appliance DHCPs to your machine. Using the "Linux-net-tools" example doesn't require that you specify that internal IPv4 address.
Logged

starcastle

  • Newbie
  • *
  • Posts: 10
Re: Beginner Help - Tunnel behind NAT
« Reply #4 on: April 16, 2008, 09:54:37 AM »

Thanks for your help!

One last question.  I am assuming I have to provied a route from the 'outside' to my linux box for protocol 41 otherwise this wont work?  I'm not using dhcp in this case.

The 'downside' of my existing client based tunnel setup is I never had to learn the 'details' on what was happening, therefore all the questions.
Logged

broquea

  • Sr. Network Engineer, HE.NET AS6939
  • Administrator
  • Hero Member
  • *****
  • Posts: 1702
Re: Beginner Help - Tunnel behind NAT
« Reply #5 on: April 16, 2008, 11:19:04 AM »

Well if you had another tunnel up and running behind NAT, most likely the NAT appliance already passes protocol 41. If the Suse box is not behind NAT, and has the routable IPv4 address configured on it, then you would use that with the "Linux-route2" example.
Logged