IPv6

From LinodeWiki

Contents 1 What? 2 How? 3 The "right way" to set up your tunnel 3.1 Debian 3.2 Ubuntu 3.3 Fedora Core 6 3.4 Gentoo 4 6to4 4.1 CentOS

[edit] What?

If you follow this tutorial, your Linode should be able to communicate over the internet with IPv6 (the new version of IP addresses).

[edit] How?

• Verify that your node is pingable from outside addresses. If not, change your firewall to allow ipv6.he.net to ping your server.
• Sign up with Hurricane Electric's Tunnel Broker. There are many other tunnel brokers you can choose from, but because HE colocates some of Linode's servers this document will refer to them. Enter all of your contact information when prompted, and enter the primary IP address of your node when asked.
• Login to the HE Tunnel Broker.
• Click on the Example Configs link in the left hand column.
• Select either Linux-route2 or Linux-net-tools. If the ip command is installed on your server, then you should choose route2, otherwise choose Linux-net-tools.
• Click on "Show Config".
• If you are using route2, pretend that the modprobe ipv6 command is not listed. IPv6 support is compiled into the Linode kernels.
• Run the commands listed at your Linode's console.
• You should now be connected through the internet via IPv6! Test the connection by typing ping6 server . If you don't know of any servers, use irc6.oftc.net. The ping6 utility might not be on your node, you will have to find a package in your distribution to install it.
• If the ping fails with messages like Operation not permitted, then a firewall might be blocking the traffic to HE's tunnel.
• If the ping is successful, you are now connected and people can connect to you via your new IPv6 address! Start publishing your IPv6 records in DNS (via AAAA records).

[edit] The "right way" to set up your tunnel

[edit] Debian

Add the following to /etc/network/interfaces, replacing bolded details.

       iface hetunnel inet6 v4tunnel
               address HESupplied-ClientIPv6address
               netmask 64
               endpoint HESupplied-ServerIPv4address
               local localIPv4address # needed if you have more than one v4 address
               up ip route add ::/0 dev hetunnel
               up ip tunnel change hetunnel ttl 64

[edit] Ubuntu

The configuration is the same as for Debian, but the network will fail to start because ifup tries to load ipv6 as a module and fails due to it being builtin. This is possibly due to a bug in modprobe.

Workaround:

# mv /sbin/modprobe /sbin/modprobe.orig

Create a /sbin/modprobe script:

#!/bin/bash
/sbin/modprobe.orig "$@"
ret=$?

if [ "$1" == "-Q" ] ; then
        exit 0
fi

exit $ret

[edit] Fedora Core 6

Add the following to /etc/sysconfig/network

       NETWORKING_IPV6=yes
       IPV6_DEFAULTDEV=sit1

And create /etc/sysconfig/network-scripts/ifcfg-sit1 containing

       DEVICE=sit1
       BOOTPROTO=none
       ONBOOT=yes
       IPV6INIT=yes
       IPV6TUNNELIPV4=HESupplied-ServerIPv4address
       IPV6ADDR=HESupplied-ClientIPv6address

You can now reboot, or start the interface manually

       # ifup sit1

If all worked correctly you should see interface config similar to

       # ifconfig  sit1
       sit1      Link encap:IPv6-in-IPv4  
                 inet6 addr: HESupplied-ClientIPv6Address/64 Scope:Global
                 inet6 addr: fe80::NNNN:NNNN/64 Scope:Link
                 UP POINTOPOINT RUNNING NOARP  MTU:1480  Metric:1
                 RX packets:100 errors:0 dropped:0 overruns:0 frame:0
                 TX packets:116 errors:0 dropped:0 overruns:0 carrier:0
                 collisions:0 txqueuelen:0 
                 RX bytes:9496 (9.2 KiB)  TX bytes:14776 (14.4 KiB)

And be able to ping a IPv6 enabled site such as www.kame.net

       # ping6 -n www.kame.net
       PING www.kame.net(2001:200:0:8002:203:47ff:fea5:3085) 56 data bytes
       64 bytes from 2001:200:0:8002:203:47ff:fea5:3085: icmp_seq=0 ttl=53 time=192 ms
       64 bytes from 2001:200:0:8002:203:47ff:fea5:3085: icmp_seq=1 ttl=53 time=197 ms
       64 bytes from 2001:200:0:8002:203:47ff:fea5:3085: icmp_seq=2 ttl=53 time=193 ms

[edit] Gentoo

Add the following to /etc/conf.d/net, replacing the bolded details.

       modules_hetunnel=("iptunnel")
       depend_hetunnel() {
               need net.eth0
       }
       iptunnel_hetunnel="mode sit remote HESupplied-ServerIPv4address local local-IPv4address ttl 255"
       config_hetunnel=("HESupplied-ClientIPv6address")
       routes_hetunnel=("::/0 dev hetunnel")

[edit] 6to4

There is another, automatic gateway between the IPv4 and IPv6 worlds called 6to4. This works by using an anycast address, 192.88.99.1, which automatically routes to the "closest" 6to4 router. IPv6 addresses are assigned based upon your IPv4 address; for instance, 207.142.131.202 would become 2002:CF8E:83CA::/48.

Setup is almost entirely automatic.

[edit] CentOS

/etc/sysconfig/network

       NETWORKING_IPV6=yes
       IPV6_DEFAULTDEV="tun6to4"

/etc/sysconfig/network-scripts/ifcfg-eth0

       IPV6INIT="yes"
       IPV6TO4INIT="yes"
       IPV6TO4_RELAY="192.88.99.1"

Restart your networking (/etc/init.d/network restart) and then take a look at your ifconfig. You can then try "ping6 ipv6.chat.freenode.net" (or another host of choice) to test your connectivity.