[Gllug] IPv6 and firewalls

Daniel P. Berrange dan at berrange.com
Wed Aug 12 10:59:17 UTC 2009 

On Wed, Aug 12, 2009 at 11:12:20AM +0100, Peter Childs wrote:
> Can I be really stupid, and ask how do I create an IP6 Lan using
> Linux? It seams that you can tell linux to connect to an IPv6 Lan but
> how do I create such a thing.
> 
> I suspect I need to update my DNS and DHCP (all running inside the
> LAN) but how? Until setting up a IPv6 subnet is easy nobody is going
> to to use it. I also guess I need to set the firewall/router to
> convert between IPv4/6

Setting up a LAN with IPv6 is pretty trivial. Pick a machine as your
router, configure its LAN side NIC with an IPV6 address from your
allocated range. Install radvd and edit /etc/radvd.conf and list your
allocated IPv6 address range against the interface on the LAN, and then
start radvd. This daemon advertises routes & the prefix, so pretty much
any modern OS plugging into your LAN will automagically get an IPv6
address no config required for the clients. Ignore DHCPv6 - radvd is
all most people will need.

The fun bit is actually connecting your LAN to the interweb at large,
since its unlikely your ISP will be providing IPv6 directly. This means
you normally have to setup some kind of tunnel. There are a quite a few
different options & providers of IPv6 tunnels, who'll also give you an
officially allocated /48 sub-net for your LAN use. I won't go into them
all myself - its better just to read an online howto. I used a Linksys
WRT54GL for my home IPv6 enabled network - there's a good guide here
which shows 6 different options for getting connected to the IPv6 
interweb

 http://nuwiki.openwrt.org/oldwiki/IPv6_howto#setup.ipv6.connectivity

Setting up IPv6 really isn't anywhere near as hard as everyone makes
it out to be. If you've got enough skill / knowledge to configure 
IPv4 routers & the like, then you should not have any trouble getting
a IPv6 network up & running.

Daniel
-- 
|: http://berrange.com/     -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://freshmeat.net/~danielpb/    -o-   http://gtk-vnc.sourceforge.net :|
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20090812/41de6fca/attachment.pgp>
-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug

More information about the GLLUG mailing list