Linode.com Forum

[rocekiller]

I just installed IPv6 on my gentoo Linode, using HE's provided IPv6 tunnel service. I've seen some interest on IPv6 in some of the other posts, so I decided to write a small guide for setting up IPv6, on your gentoo Linode. Well, here's how I did it.

1. Use flags and rc.conf

First you'll have to add ipv6 to your use flags, if you haven't already. You can do that with ufed. An excelent USE flags editor.
Code: # emerge app-portage/ufed
# ufed
Or just by adding ipv6 to the USE line in /etc/make.conf.

Next you should edit your /etc/rc.conf. Find the line containing:
Code: PROTOCOLS="1 2"
And change it so it reads:
Code: PROTOCOLS="1 2 10"

2. Register for a tunnel

Go to http://tunnelbroker.net and signup for a tunnel. After confirming your email, login with your user and password. Choose Tunnel Details and write down the following information:

Server IPv4 address
Client IPv6 address

3. Setting up the interfaces

You'll have to use both sit0 and sit1, don't worry if you can't see sit1, it will appear after sit0 has been setup.

Change dir to /etc/init.d/, and make two symlinks: net.sit0 and net.sit1 which both points to net.eth0.
Code: # cd /etc/init.d
# ln -s net.eth0 net.sit0
# ln -s net.eth0 net.sit1


Next edit /etc/conf.d/net and add the following lines: (Remember to replace <Server IPv4 address> and <Client IPv6 address> with the values from Step 2.)
Code: iface_sit0="inet6 tunnel ::<Server IPv4 address>"
iface_sit1="inet6 add <Client IPv6 address>"
routes_sit1="::/0 -A inet6 dev sit1"


4. Starting the tunnel
You're almost ready to go, just enter the following commands:
Code: # /etc/init.d/net.sit0 start
# /etc/init.d/net.sit1 start

And you should be up and running, to test the connection try:
Code: # ping6 www.kame.net

NB: You might have to recompile some packages with ipv6 support if you don't have the ping6 command.

5. Making the tunnel start on boot
If you want the tunnel to start automatically if the node reboots, type the following:
Code: # rc-update add net.sit0 default
# rc-update add net.sit1 default


I hope this guide can be of use to somebody. Feel free to comment if you find any errors or mistakes.

[tierra]

rocekiller wrote: Change dir to /etc/init.d/, and make two symlinks: net.sit0 and net.sit1 which both points to net.eth0.
Code: # cd /etc/init.d
# ln -s net.sit0 net.eth0
# ln -s net.sit1 net.eth0


You have those backwards...

Code: # cd /etc/init.d
# ln -s net.eth0 net.sit0
# ln -s net.eth0 net.sit1

Other than that, I'm still waiting on tunnel approval, then I should know if it worked. As far as directions go, that's really strait forward, quick and easy setup, thanks.

[rocekiller]

I never seem to remember if it's taget or link_name first, thanks.

I'm still not quite sure if you need to wait for the tunnel to be aproved. The last few times I have set up a tunnel, it seems to work right away. But I'm not really sure.

[tierra]

rocekiller wrote: I'm still not quite sure if you need to wait for the tunnel to be aproved. The last few times I have set up a tunnel, it seems to work right away. But I'm not really sure.

Well, I actually kinda hope not since if it is, something else is wrong...

Code:  * Bringing sit0 up...
64.71.128.83: Resolver Error 0 (no error)                                 [ !! ]

[caker]

rocekiller wrote: I never seem to remember if it's taget or link_name first, thanks.
I used to have the same problem, but now I just compare it to a "cp src dst" and that helps me remember the symlink syntax. HTH

-Chris

[rocekiller]

tierra wrote: rocekiller wrote: I'm still not quite sure if you need to wait for the tunnel to be aproved. The last few times I have set up a tunnel, it seems to work right away. But I'm not really sure.

Well, I actually kinda hope not since if it is, something else is wrong...

Code:  * Bringing sit0 up...
64.71.128.83: Resolver Error 0 (no error)                                 [ !! ]

I might be wrong. It usually takes < 24h to get your tunnel activated. Looking forward to your result.

caker wrote: I used to have the same problem, but now I just compare it to a "cp src dst" and that helps me remember the symlink syntax. HTH
Good idear, I'll try that, thanks.

[tierra]

Heh, yeah, my account is already approved, that was pretty fast. It turned out something was still wrong. I found out that it was because I had used the IPv4 format address here:

Code: iface_sit0="inet6 tunnel 64.71.128.83"

instead of this:

Code: iface_sit0="inet6 tunnel ::64.71.128.83"

in /etc/conf.d/net

It all works now =).

[tierra]

Nevermind, I was under the quick impression that it was working, but I'm not getting out.

HE Server:
Code: # ping6 2001:470:1f01:ffff::56
PING 2001:470:1f01:ffff::56(2001:470:1f01:ffff::56) 56 data bytes
--- 2001:470:1f01:ffff::56 ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 6026ms

Local Address:
Code: # ping6 2001:470:1f01:ffff::57
PING 2001:470:1f01:ffff::57(2001:470:1f01:ffff::57) 56 data bytes
--- 2001:470:1f01:ffff::57 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3034ms
rtt min/avg/max/mdev = 0.113/0.119/0.130/0.006 ms

Kame:
Code: # ping6 www.kame.net
PING www.kame.net(orange.kame.net) 56 data bytes
--- www.kame.net ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4032ms

And localhost:
Code: # ping6 ::1
--- ::1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1020ms
rtt min/avg/max/mdev = 0.112/0.120/0.128/0.008 ms

ifconfig:
Code: sit0      Link encap:IPv6-in-IPv4
          inet6 addr: ::67.18.176.56/96 Scope:Compat
          inet6 addr: ::127.0.0.1/96 Scope:Unknown
          UP RUNNING NOARP  MTU:1480  Metric:1
          RX packets:214 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:14256 (13.9 Kb)  TX bytes:0 (0.0 b)

sit1      Link encap:IPv6-in-IPv4
          inet6 addr: fe80::4312:b038/64 Scope:Link
          inet6 addr: 2001:470:1f01:ffff::57/127 Scope:Global
          UP POINTOPOINT RUNNING NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:208 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:17168 (16.7 Kb)

I'm not that experienced with IPv6 networking, but my routing tables look like everything is there and setup.

You might also want to link to https://tunnelbroker.net/ instead of http://tunnelbroker.net/ since they don't handle switching over secure.

[tierra]

Guess I should mention now that it's working.

I did an upgrade to the new 2.4.27-linode36-3um kernel, which I don't think had anything to do with it, but in the process of reboot, I believe it just finally got the chance to put in the new routes.

[dmuench]

Great guide, it finally gave me an excuse to play around with ipv6.

One note I'd add - if you currently depend on an iptables firewall like shorewall, don't expect that it will work for ipv6 as well. I installed 6wall (unfortunately this isn't in portage) for my ipv6 firewalling needs.