Difference between revisions of "IPv6-in-IPv4 Tunnel: Setup 6to4 tunnel"
Onnowpurbo (talk | contribs) (New page: 9.4. Setup of 6to4 tunnels Pay attention that the support of 6to4 tunnels currently lacks on vanilla kernel series 2.2.x (see systemcheck/kernel for more information). Also note that that...) |
Onnowpurbo (talk | contribs) |
||
| Line 1: | Line 1: | ||
| − | + | Pay attention that the support of 6to4 tunnels currently lacks on vanilla kernel series 2.2.x (see systemcheck/kernel for more information). Also note that that the prefix length for a 6to4 address is 16 because of from network point of view, all other 6to4 enabled hosts are on the same layer 2. | |
| − | + | ==9.4.1. Add a 6to4 tunnel== | |
| − | 9.4.1. Add a 6to4 tunnel | ||
First, you have to calculate your 6to4 prefix using your local assigned global routable IPv4 address (if your host has no global routable IPv4 address, in special cases NAT on border gateways is possible): | First, you have to calculate your 6to4 prefix using your local assigned global routable IPv4 address (if your host has no global routable IPv4 address, in special cases NAT on border gateways is possible): | ||
| Line 8: | Line 7: | ||
Assuming your IPv4 address is | Assuming your IPv4 address is | ||
| − | 1.2.3.4 | + | 1.2.3.4 |
the generated 6to4 prefix will be | the generated 6to4 prefix will be | ||
| − | 2002:0102:0304:: | + | 2002:0102:0304:: |
Local 6to4 gateways should (but it's not a must, you can choose an arbitrary suffix with local-scope, if you feel better) always assigned the suffix “::1”, therefore your local 6to4 address will be | Local 6to4 gateways should (but it's not a must, you can choose an arbitrary suffix with local-scope, if you feel better) always assigned the suffix “::1”, therefore your local 6to4 address will be | ||
| − | 2002:0102:0304::1 | + | 2002:0102:0304::1 |
Use e.g. following for automatic generation: | Use e.g. following for automatic generation: | ||
| − | ipv4="1.2.3.4"; printf "2002:%02x%02x:%02x%02x::1" `echo $ipv4 | tr "." " "` | + | ipv4="1.2.3.4"; printf "2002:%02x%02x:%02x%02x::1" `echo $ipv4 | tr "." " "` |
There are two ways possible to setup 6to4 tunneling now. | There are two ways possible to setup 6to4 tunneling now. | ||
| − | 9.4.1.1. Using "ip" and a dedicated tunnel device | + | |
| + | ===9.4.1.1. Using "ip" and a dedicated tunnel device=== | ||
This is now the recommended way (a TTL must be specified because the default value is 0). | This is now the recommended way (a TTL must be specified because the default value is 0). | ||
| Line 29: | Line 29: | ||
Create a new tunnel device | Create a new tunnel device | ||
| − | # /sbin/ip tunnel add tun6to4 mode sit ttl <ttldefault> remote any local | + | # /sbin/ip tunnel add tun6to4 mode sit ttl <ttldefault> remote any local <localipv4address> |
| − | |||
Bring interface up | Bring interface up | ||
| − | # /sbin/ip link set dev tun6to4 up | + | # /sbin/ip link set dev tun6to4 up |
Add local 6to4 address to interface (note: prefix length 16 is important!) | Add local 6to4 address to interface (note: prefix length 16 is important!) | ||
| − | # /sbin/ip -6 addr add <local6to4address>/16 dev tun6to4 | + | # /sbin/ip -6 addr add <local6to4address>/16 dev tun6to4 |
Add (default) route to the global IPv6 network using the all-6to4-routers IPv4 anycast address | Add (default) route to the global IPv6 network using the all-6to4-routers IPv4 anycast address | ||
| − | # /sbin/ip -6 route add 2000::/3 via ::192.88.99.1 dev tun6to4 metric 1 | + | # /sbin/ip -6 route add 2000::/3 via ::192.88.99.1 dev tun6to4 metric 1 |
It was reported that some versions of “ip” (e.g. SuSE Linux 9.0) don't support IPv4-compatible IPv6 addresses for gateways, in this case the related IPv6 address has to be used: | It was reported that some versions of “ip” (e.g. SuSE Linux 9.0) don't support IPv4-compatible IPv6 addresses for gateways, in this case the related IPv6 address has to be used: | ||
| − | # /sbin/ip -6 route add 2000::/3 via 2002:c058:6301::1 dev tun6to4 metric 1 | + | # /sbin/ip -6 route add 2000::/3 via 2002:c058:6301::1 dev tun6to4 metric 1 |
| − | 9.4.1.2. Using "ifconfig" and "route" and generic tunnel device “sit0” (deprecated) | + | ===9.4.1.2. Using "ifconfig" and "route" and generic tunnel device “sit0” (deprecated)=== |
This is now deprecated because using the generic tunnel device sit0 doesn't let specify filtering per device. | This is now deprecated because using the generic tunnel device sit0 doesn't let specify filtering per device. | ||
| Line 54: | Line 53: | ||
Bring generic tunnel interface sit0 up | Bring generic tunnel interface sit0 up | ||
| − | # /sbin/ifconfig sit0 up | + | # /sbin/ifconfig sit0 up |
Add local 6to4 address to interface | Add local 6to4 address to interface | ||
| − | # /sbin/ifconfig sit0 add <local6to4address>/16 | + | # /sbin/ifconfig sit0 add <local6to4address>/16 |
Add (default) route to the global IPv6 network using the all-6to4-relays IPv4 anycast address | Add (default) route to the global IPv6 network using the all-6to4-relays IPv4 anycast address | ||
| − | # /sbin/route -A inet6 add 2000::/3 gw ::192.88.99.1 dev sit0 | + | # /sbin/route -A inet6 add 2000::/3 gw ::192.88.99.1 dev sit0 |
| + | |||
| + | ==9.4.2. Remove a 6to4 tunnel== | ||
| − | + | ===9.4.2.1. Using "ip" and a dedicated tunnel device=== | |
| − | 9.4.2.1. Using "ip" and a dedicated tunnel device | ||
Remove all routes through this dedicated tunnel device | Remove all routes through this dedicated tunnel device | ||
| − | # /sbin/ip -6 route flush dev tun6to4 | + | # /sbin/ip -6 route flush dev tun6to4 |
Shut down interface | Shut down interface | ||
| − | # /sbin/ip link set dev tun6to4 down | + | # /sbin/ip link set dev tun6to4 down |
Remove created tunnel device | Remove created tunnel device | ||
| − | # /sbin/ip tunnel del tun6to4 | + | # /sbin/ip tunnel del tun6to4 |
9.4.2.2. Using “ifconfig” and “route” and generic tunnel device “sit0” (deprecated) | 9.4.2.2. Using “ifconfig” and “route” and generic tunnel device “sit0” (deprecated) | ||
| Line 83: | Line 83: | ||
Remove (default) route through the 6to4 tunnel interface | Remove (default) route through the 6to4 tunnel interface | ||
| − | # /sbin/route -A inet6 del 2000::/3 gw ::192.88.99.1 dev sit0 | + | # /sbin/route -A inet6 del 2000::/3 gw ::192.88.99.1 dev sit0 |
Remove local 6to4 address to interface | Remove local 6to4 address to interface | ||
| − | # /sbin/ifconfig sit0 del <local6to4address>/16 | + | # /sbin/ifconfig sit0 del <local6to4address>/16 |
Shut down generic tunnel device (take care about this, perhaps it's still in use...) | Shut down generic tunnel device (take care about this, perhaps it's still in use...) | ||
| − | # /sbin/ifconfig sit0 down | + | # /sbin/ifconfig sit0 down |
Revision as of 08:04, 27 June 2013
Pay attention that the support of 6to4 tunnels currently lacks on vanilla kernel series 2.2.x (see systemcheck/kernel for more information). Also note that that the prefix length for a 6to4 address is 16 because of from network point of view, all other 6to4 enabled hosts are on the same layer 2.
9.4.1. Add a 6to4 tunnel
First, you have to calculate your 6to4 prefix using your local assigned global routable IPv4 address (if your host has no global routable IPv4 address, in special cases NAT on border gateways is possible):
Assuming your IPv4 address is
1.2.3.4
the generated 6to4 prefix will be
2002:0102:0304::
Local 6to4 gateways should (but it's not a must, you can choose an arbitrary suffix with local-scope, if you feel better) always assigned the suffix “::1”, therefore your local 6to4 address will be
2002:0102:0304::1
Use e.g. following for automatic generation:
ipv4="1.2.3.4"; printf "2002:%02x%02x:%02x%02x::1" `echo $ipv4 | tr "." " "`
There are two ways possible to setup 6to4 tunneling now.
9.4.1.1. Using "ip" and a dedicated tunnel device
This is now the recommended way (a TTL must be specified because the default value is 0).
Create a new tunnel device
# /sbin/ip tunnel add tun6to4 mode sit ttl <ttldefault> remote any local <localipv4address>
Bring interface up
# /sbin/ip link set dev tun6to4 up
Add local 6to4 address to interface (note: prefix length 16 is important!)
# /sbin/ip -6 addr add <local6to4address>/16 dev tun6to4
Add (default) route to the global IPv6 network using the all-6to4-routers IPv4 anycast address
# /sbin/ip -6 route add 2000::/3 via ::192.88.99.1 dev tun6to4 metric 1
It was reported that some versions of “ip” (e.g. SuSE Linux 9.0) don't support IPv4-compatible IPv6 addresses for gateways, in this case the related IPv6 address has to be used:
# /sbin/ip -6 route add 2000::/3 via 2002:c058:6301::1 dev tun6to4 metric 1
9.4.1.2. Using "ifconfig" and "route" and generic tunnel device “sit0” (deprecated)
This is now deprecated because using the generic tunnel device sit0 doesn't let specify filtering per device.
Bring generic tunnel interface sit0 up
# /sbin/ifconfig sit0 up
Add local 6to4 address to interface
# /sbin/ifconfig sit0 add <local6to4address>/16
Add (default) route to the global IPv6 network using the all-6to4-relays IPv4 anycast address
# /sbin/route -A inet6 add 2000::/3 gw ::192.88.99.1 dev sit0
9.4.2. Remove a 6to4 tunnel
9.4.2.1. Using "ip" and a dedicated tunnel device
Remove all routes through this dedicated tunnel device
# /sbin/ip -6 route flush dev tun6to4
Shut down interface
# /sbin/ip link set dev tun6to4 down
Remove created tunnel device
# /sbin/ip tunnel del tun6to4
9.4.2.2. Using “ifconfig” and “route” and generic tunnel device “sit0” (deprecated)
Remove (default) route through the 6to4 tunnel interface
# /sbin/route -A inet6 del 2000::/3 gw ::192.88.99.1 dev sit0
Remove local 6to4 address to interface
# /sbin/ifconfig sit0 del <local6to4address>/16
Shut down generic tunnel device (take care about this, perhaps it's still in use...)
# /sbin/ifconfig sit0 down