IPv6 and 6in4 tunnels
I’ve begun studying IPv6 in-depth recently; It’s quite interesting. I setup my own tunnel for my home network, as my ISP does not support IPv6 yet. Hurricane Electric has some great resources, and they’ll also give you a tunnel and a /64 (18 million trillion IPv6 addresses!)
Here are the steps that worked for me; a prerequisite in my steps is a router with tomatousb firmware running a variant of linux 2.6 kernel (2.4 doesn’t support IPv6) (ddwrt should be similar) so that you can create a static 6in4 tunnel. The option is generally available on the router under General –> IPv6.
- Signup for an account @ Hurricane Electric’s http://www.tunnelbroker.net/ Once signed up, create a new Regular Tunnel:
- Put in your IPv4 address (will automatically be detected for you) and choose a tunnel server close to your geographic location. They do a decent job of recommending something close; but you be the judge of what’s closest to you…. Hurricane Electric does a really nice job checking to see if you already have a tunnel available; and that the necessary steps are already done on your router (You have to allow ICMP echo replies on your router for this to work… )
- Ok. now you have your tunnel. There are a couple key pieces of information you’ll want to get familiar with at this point: (luckily Hurricane provides you a little info, I’ll clarify in the green highlighted portion )
Server IPv4 Address – This is the IPv4 endpoint of your Tunnel Server. This will align to the IPv4 Tunnel Endpoint on your router.
Client IPv6 Address (Endpoint) – This is the IPv6 address that identifies your side of the tunnel. It will be what is homed on your endpoint device. We utilize a /64 for this because of RFC 3627. This will align to the Tunnel Client IPv6 Address on your router.Routed /64 Prefix – We automatically assign a /64 to your account and route it via: ipv6 route [routed64] [clientV6Endpoint] This allows your endpoint device to operate as the router for this netblock and allows you to utilize DHCPv6 or RADVD to hand out IP’s from this allocation to your internal network. If you have more than one network segment please consider utilizing the /48 above. This aligns to the assigned/routed prefix field on your router.
DNS Resolver – These are recursive caching name servers that you can use through your tunnel either over IPv6 or IPv4. They will also allow you to access Google’s websites along with other organizations who have white-listed the servers as part of their IPv6 participation programs. The IPv6 nameserver should be put in the Static DNS field on your router.
- With all that explained, this is how you would configure this, in a router running tomatousb with the Basic –> IPv6 Page:
A couple of additional notes, also mentioned in the linksysinfo page below: I left Tunnel MTU and TTL as default; Hurricane suggests 1480. Try 0 for default, and if it doesn’t work, then try 1480, 1280 for PPPoE, etc…
- Ok, you *should* be all setup. Now from a IPv6 capable client, you should be able to confirm your IPv6 address aligns with the /64 routed prefix, and then is a random address beyond that (EUI-64, maybe in a later post) On a Windows box, I checked from the command line using ipconfig. I did foolwith Network and Internet, Network Connections, and reordered File and Printer/Client for Microsoft Networks as IPv6 first, as opposed to IPv4…
- Now, to test your IPv6 connectivity from a browser. I thoroughly recommend http://test-ipv6.com Your output will vary, and don’t be discouraged if it doesn’t work from the start; it took a little playing to get a clean bill of health:
IPv6 is the future; it may not happen overnight, but I suggest not putting off learning it, and creating a tunnel is a great way to do so. Forget NAT, broadcasts; the times, they are a changin’!
My thanks to the below links, http://tomatousb.org/forum/t-347819 and http://www.linksysinfo.org/index.php?threads/setting-up-ipv6-for-he-tunnelbroker.35297/ for clearing up some of the lower-level details.
Finally, here’s a good image of different types of deployments of IPv6 , courtesy of ntt: