[Wolves] It's the end of the internet as we know it

Ron Wellsted ron at wellsted.org.uk
Sat Feb 5 16:31:42 UTC 2011

Hash: SHA1

On 04/02/11 21:31, Adam Sweet wrote:

> Yes it is, I finally got around to setting up my tunnel last weekend but
> hit a problem, possibly due to firewall rules and protocol 41:
> https://www.sixxs.net/faq/connectivity/?faq=firewalled
> The tunnel comes up but I can't ping6 anything and I'm not sure how to
> address my local subnet. So yes please :)
What tunnel type do you have?  If you are having problems with protocol
41, it sounds like you are using a 6in4 static or heartbeat.  The AYIYA
tunnels are the easiest to get setup (certainly with ADSL/NAT).

Do you have a sixxs interface listed with ifconfig? it should have a
Global address starting with 2a01: and probably ending with a :2.  Try
ping6 that address (it sould respond within 50-70 microseconds.  If that
worked OK, try changing the last :2 to :1 (the other end of the tunnel),
mine responds in about 30 milliseconds.

Once you have had the tunnel active for 1 week, you should have
sufficient credit with sixxs to be able to request a subnet.  Once the
subnet has been approved, you need to configure the network interface on
the system that is the endpoint to be a router and to give it a fixed
IPv6 address  (N.B. I have used the IPv6 Documentation prefix of
2001:DB8::/32 in the examples below,  Using them in real life will
result in fail).

eg add to /etc/network/interfaces (on Ubuntu/Debian):
iface eth0 inet6 static
	address 2001:0DB8::1
	netmask 64

The next step is to configure radvd on the network.  Install radvd and
edit /etc/radvd.conf to advertise the subnet address and route out to
the network (like DHCP):

interface eth0
	AdvSendAdvert on;
	MinRtrAdvInterval 3;
	MaxRtrAdvInterval 10;
	prefix 2001:0DB8::/64
		AdvOnLink on;
		AdvAutonomous on;
		AdvRouterAddr on;
	RDNSS 2001:0DB8::1
		AdvRDNSSPreference 8;
		AdvRDNSSOpen off;
		AdvRDNSSLifetime 30;

Don't forget to configure the system to forward IPv6

In /etc/sysctl.conf:

and to enable without a reboot,
echo 1> /proc/sys/net/ipv6/conf/all/forwarding

As a check:
cat /proc/sys/net/ipv6/conf/all/forwarding

Once this is done, everything else that can use IPv6 should do so (N.B.
daemons such as apache, postfix, postgresql etc, will need to be
restarted and additional configuration maybe required).

- -- 
Ron Wellsted
ron at wellsted.org.uk http://www.wellsted.org.uk
N 52.567623, W 2.136111 Linux Counter No. 202120
Ekiga: 645022
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/


More information about the Wolves mailing list