Introduction
FreeNet6 provides people who have static IPv4 addresses with a convenient way to connect to the 6Bone
, a worldwide IPv6-only network; by using an IPv6-over-IPv4 tunnel. My
case is slightly different though - my computer is on a large
255.255.0.0 network, and I'm assigned a static 172.16.x.y address, and
all my connections have to travel to and from the Internet via the
gateway server, a computer running GNU/Linux and having a globally
static IPv4 address.
My aim was to get a global, static IPv6 address which directly
references my computer inside the LAN, and thus become a static member
on the 6bone.
I succeeded.
Synopsis
The below howto is what I wrote down while I set up the FreeNet6
tunnel. FreeNet6's website does not explicitly mention a step-by-step
procedure that a person in my situation should use - it just points the
user to an old webpage that has the instructions for an old version of
FreeNet6's software. I have created this howto for their latest
software version.
I hope it helps.
Prologue
I connect to the Internet via a NAT. I have a private static IP
address (say) 172.16.10.20, my gateway is (say) 172.16.0.1, and the
gateway's globally static IP address is (say) 200.1.100.2.
I use galeon and connect to KAME . I see a turtle that isn't swimming :-(. In other words, the connection I made to KAME was IPv4-only.
Step 1: The Kernel
I first made my own kernel. I couldn't get make xconfig to work for
the latest beta kernel at the time (2.5.53) (Reason: xconfig relies on
QT in 2.5.x!) , so I used the latest stable kernel (2.4.20) instead.
To enable IPv6, I had to say yes to the first option in Code
Maturity Level Options. The IPv6 protocol comes under the subheading
"Networking Options". I also had to choose a driver for my network card
under "Network Device Support". I also enabled iptables here.
About Kernels and Images
In a few minutes, I had a new kernel image installed. Let me take
this opportunity to plug for Debian GNU/Linux - it's make-kpkg option is fantastic - creating a new kernel required just three commands::
make xconfig
make-kpkg kernel_image --revision=xxx
dpkg -i ../linux-2.4.20xxx.deb
Step 2: Moving On
Booting into the new kernel, I used the command:
ifconfig | grep inet6
to get the output as automagically assigned IPv6 addresses:
inet6 addr: fe80::200:21ff:feaa:bbcc/10 Scope:Link [eth0]
inet6 addr: ::1/128 Scope:Host [lo]
You will notice that the inet6 address my eth0 has been assigned is
a mangled 64-bit version of my 48-bit MAC address (00:00:21:AA:BB:CC).
This has been done using an IETF specification for conversion of 48- to
64-bit MAC addresses, and then appending it to an fe80:: prefix.
Step 3: FreeNet Begins Its Role
I then proceeded to download the freenet6 Linux source
tar -zxvf freenet6-0.9.7.tgz
The README file included asked me to run the lines:
make all target=linux
make install target=linux installdir=$INSTALLDIR
I warn you that this may overwrite your /etc/radvd.conf - make a backup of it first.
I recommend $INSTALLDIR==/usr/local/tsp as the default tspc.conf that comes with the source, contains that as default (i.e. the line tsp_dir=/usr/local/tsp). In any case, I will assume it to be true for now.
Step 4: More FreeNet6
I now had the freenet6 package ready. (Note: Debian users are
advised that after an apt-get install freenet6, you may have to
manually write your radvd.conf. In my case, I still don't have a
radvd.conf on my box.)
On recommendation from freenet6.net, I then visited this site
The new freenet6 kit contains a configuration file (/usr/local/tsp/bin/tspc.conf) and an executable (/usr/local/tsp/bin/tspc).
In short, the page told me to modify /usr/local/tspc/bin/tspc.conf, and specifically change the following lines to the right values:
username=xxxxx
passwd=yyyyy
client_v4=<your gateway's public IPv4 address>
Both the username and password can be received from freenet6.net by
filling a form there; you can also achieve anonymous logins by default.
Step 5: Getting TSPC Up
I then ran:
/usr/local/tsp/bin/tspc -vf /usr/local/tsp/bin/tspc.conf
and got the output:
tspc - Tunnel Server Protocol Client
Loading configuration file
Connecting to server
Send request
Process response from server
TSP_HOST_TYPE host
TSP_TUNNEL_INTERFACE sit1
TSP_HOME_INTERFACE
TSP_CLIENT_ADDRESS_IPV4 200.1.100.2
TSP_CLIENT_ADDRESS_IPV6 3ffe:abcd:0001:dcba:0000:0000:0000:0002
TSP_SERVER_ADDRESS_IPV4 206.123.31.114
TSP_SERVER_ADDRESS_IPV6 3ffe:abcd:0001:dcba:0000:0000:0000:0001
TSP_TUNNEL_PREFIXLEN 128
TSP_VERBOSE 1
TSP_HOME_DIR /usr/local/tsp
--- Start of configuration script. ---
Script: linux.sh
sit1 setup
Setting up link to 206.123.31.114
This host is: 3ffe:abcd:0001:dcba:0000:0000:0000:0002/128
Adding default route
--- End of configuration script. ---
Closing, exit status: 0
Exiting with return code : 0 (0 = no error)
which you should too, if everything goes well.
Step 6: A Little Fine-Tuning
Note that the command:
ifconfig
suddenly showed a THIRD device: sit1 (the IPv4 tunnel
for the locally generated and locally bound IPv6 packets). The rest of
the steps are very easy. Here is the general idea:
eth0 has the v6 address fe80::200:21ff:feaa:bbcc
sit1 is the tunnel connecting you to the glorious v6 Internet. The tunnel has the (permanently static! globally accessible! free!) address
3ffe:abcd:0001:dcba:0000:0000:0000:0002
Now all that is left is to route all outgoing packets from lo/eth0
to sit1, and all incoming packets from sit1 to lo/eth0. I used the tool
ip6tables (a v6 version of iptables) to do this.
This was done with the commands:
sudo ip6tables -I OUTPUT -s fe80::200:21ff:feaa:bbcc -d 3ffe:abcd:1:dcba::2
sudo ip6tables -t filter -I INPUT -d fe80::200:21ff:feaa:bbcc -s 3ffe:abcd:1:dcba::2
for outgoing and incoming packets respectively.
Step 7: A Little Testing
Let's test it out!
- I ping6 www.kame.net.
- I access www.kame.net with an IPv6-enabled web browser. A dancing turtle is visible - IPv6 communication has occurred!
... and that's it!
Notes
A simple sequel for dialup users. I don't know if you are assigned
globally static IP addresses during the course of you dialing up. If
so, things become much simpler - no ip6tables is involved.... I think.
If not, you just have to find your gateway's IP address out, and use
your local IP as the equivalent of 172.16.10.20, and do the whole
process above. By my reckoning, it should work.
Try it out, and correct me if I am wrong.
