• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

[SPLIT] Re: Configuring a tunnel under Linux + RADVD

Started by stefanihe, February 15, 2008, 02:38:46 PM

Previous topic - Next topic

stefanihe

Now if I want to try to use radvd, what additional  ifconfig   or ip commands should i use, and what would an example /etc/radvd.conf look like?

#cat /etc/radvd.conf
interface eth1
{
    AdvSendAdvert on;
    prefix $ipv6b-variation
    {
        AdvOnLink on;
        AdvAutonomous on;
    };
};

markdrago

My working /etc/radvd.conf file is included below. eth0 is my internal nic.

interface eth0
{
    AdvSendAdvert on;

    MinRtrAdvInterval 3;
    MaxRtrAdvInterval 10;

    prefix <ipv6 subnet>/64
    {
        AdvOnLink on;
        AdvAutonomous on;
        AdvRouterAddr off;
    };
};

kriteknetworks

Quote from: Mark Drago on February 17, 2008, 05:31:27 PM
    prefix <ipv6 subnet>/64

Since (I'm assuming) you're allocated a /64, why wouldn't you subnet a /96 for your primary lan?
This is a question I'm pondering as I'm accustomed to a /48 allocation and subnet on /64.
I'm aware its Good Practice (and possibly in an RFC?) to subnet on /64 but wouldn't a /96 allocation be more efficient use?

stefanihe

what i find is that i cannot simpy use the basic example at the beginning of the thread, with $ipv6a and
$ipv6b as defined.  thus i used $ipv6b-variation  in my example radvd.conf.

for the PtP endpoint, should i use  ipv6addr/64 ?

for the radvd.conf,  use of an e.g.  /96 is fine, but from the RNETLINK err msgs i got, i learned that i need to assign an addr to my internal nic (eth1)  and use the same subnet for the radvd.conf,   ?no?  and then make sure that the  routing is set up right. .. correct?  that is what i'm not quite getting.   i had this working with a BT tunnel (but they halted their service), but HE's set up is a bit different.


atistar

Quote from: kriteknetworks on February 17, 2008, 07:29:45 PM
Since (I'm assuming) you're allocated a /64, why wouldn't you subnet a /96 for your primary lan?
This is a question I'm pondering as I'm accustomed to a /48 allocation and subnet on /64.
I'm aware its Good Practice (and possibly in an RFC?) to subnet on /64 but wouldn't a /96 allocation be more efficient use?

From what I understand, autoconfiguration requires a /64 because of the EUI-64 identifier format.  So, you need at least 64 bits for the host part.

If you want to subnet using /96s you need manual configuration or dhcpv6.

Again, this is just as far as I understand from my own reading/experimenting.

stefanihe

i've still not succeeded in getting radvd/and the tunnel to work together properly.

there is no problem brining up the tunnel with the configs example from HE.
if i take my /48 allocation, and  take that block and only use  a /64 from it i can add the appropriate addr to my internal NIC and use that also for my radvd  -- and local clients pick up the service  in that i see them take on their inet6 addr and add a route automatically.  nevertheless the router itself is not forwarding (despite configuring sysctl ) .

i'm at a loss -   with my BT setup, i had the tunnel plus router working.   here i can get the router to the ipv6 world and i can have a client see the router itself but thats where it ends.


kriteknetworks

Can you show a traceroute6 from a lan box to an outside IPv6 address?

stefanihe

I have no problem getting from my tunnel endpoint to the v6-world.   I also have no problem starting up a radvd and seeing clients pick up new addresses.  The clients can ping6 my tunnel endpoint, but they next hop never works.  Obviously i'm missing some detail on the routes.

With the other tunnel broker,  they defined the p-t-p endpoints as   /128 and allocated me /64  which i then used in radvd.conf   Should I bring up the sit interfaces with mask /128 ?  I have not been doing so.


kriteknetworks

HE uses a /64 for tunnel endpoints, so you'd use xxx/64 in your tunnel init.
Do you have ipv6 forwarding enabled?

sysctl -w net.ipv6.conf.all.forwarding=1

eonesixfour

For the more paranoid not wanting to expose your MAC address and being uniquely identified worst then cookies do I suggest not using autoconf, although you still use radvd for configuring the default routing. I tried dhcpv6, but I couldn't work out how to limit how long an address was valid before jumping to another at next boot or ....

Below is my radvd config:


interface eth0 {
        AdvSendAdvert on;
        MinRtrAdvInterval 3;
        MaxRtrAdvInterval 10;
};


From there you just need a script to add/remove IPs on each machine, I used PHP but I'm guessing a bash script wouldn't be too hard:


#!/usr/bin/php -q
<?
$iface = 'eth0';
$ip = $subnet = '2001:xxxx:yyyy:zzzz';
for($i = 0; $i <= 3; $i++)
$ip .= ':'.sprintf('%x', rand(1, 65536));
$do = trim(`ifconfig $iface|grep $subnet`);
if($do != '')
{
list($crud, $crud, $oldip, $crud) = explode(' ', $do, 4);
$del = "/sbin/ip -6 addr del $oldip dev $iface";
echo $del."\n";
$do = `$del`;
}
$add = "/sbin/ip -6 addr add $ip/64 dev $iface";
echo $add."\n";
$do = `$add`;