Jump to content
Redhatter

Who here runs IPv6?

Recommended Posts

I have been looking into setting up an IPv6 connection for some time. My outbound router (Cisco ASA) fully supports IPv6 and I was looking forward to iiNet offering IPv6 and would have used a native connection as soon as it was available. Unfortunately my new apartment (4 floors up from my old one) and due to the usual Telstra Wholesale wankery has a phone line on a RIM meaning IInet and Internode can't provide service without using Telstra equipment. The only real viable option is surprise surprise use Bigpond ?#*!.

 

Like Redhatter I run servers over my ADSL connection and had business connections with IInet giving me several publicly routeable static ip's. I have no doubt Telstra is going to be a long way behind in any IPv6 rollout. In the mean time it might be a good time to get my internal network running entirely over IPv6 and using the ASA to do the translation back to IPv4.

 

At work we have started investigations into what is required to support IPv6, our operations team is looking at what is needed from an infrastructure level. They are putting in sexy new load-balancing and SSL endpoint hardware at the moment that has full IPv6 support. The biggest problem from our point of view right now is with ISP's providing support, is a bit of a chicken and egg situation.

Share this post


Link to post
Share on other sites

Just thought I'd post this... I've just set up a single-machine IPv6 tunnel here so that I can access the machines on my home network directly.

 

These instructions are for Gentoo Linux, but 99% is applicable to other platforms.

 

Setting up a tunnel via AARNet tunnel broker

 

1. Install the gateway6 client. It's available for multiple OSes. Or if you run Gentoo:

 

The ** can be omitted if it's keyworded for your architecture (I run MIPS; where it isn't). Adding it to package.keywords simply means it'll use the latest version available, rather than the latest stable.

 

# echo 'net-misc/gateway6 **' >> /etc/portage/package.keywords
# emerge gateway6

2. Create a new account on the AARNet tunnel broker.

 

You only need a valid email address.

 

3. Configure the client as per the settings in the email they send you:

 

From: ipv6broker@aarnet.edu.au
Subject: Account Creation on the Gateway6
Reply-To: ipv6broker@aarnet.edu.au
To: me@vk4msl.yi.org
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfert-Encoding: quoted-printable
X-Virus-Checked: Checked by ClamAV on atomos.dmz.longlandclan.yi.org

User account information to be used on the Gateway6:
User id: xxxxxxxx
Password: xxxxxxxx
Email address: me@vk4msl.yi.org

Use these values with TSP client to get IPv6 connectivity.

<To cut and paste to gw6c.conf>
#
userid=xxxxxxxx
passwd=xxxxxxxx
#
<End cut and paste>

4. Edit /etc/gateway6/gw6c.conf:

 

########################## BASIC CONFIGURATION ################################

#
# User Identification and Password:
#   Specify your user name and password as provided by your ISP or Freenet6.
#   If you plan to connect anonymously, leave these values empty.
#   NOTE: Change auth_method option if you are using a username/password.
#
#   userid=<your_userid>
#   passwd=<your_password>
#
# Place the settings AARNet tell you here
userid=xxxxxxxx
passwd=xxxxxxxx

#
# Gateway6 Server:
#   Specify a Gateway6 server name or IP address (provided by your ISP or 
#   Freenet6). An optional port number can be added; the default port number 
#   is 3653.
#  
#   Examples:
#	 server=hostname # FQDN
#	 server=A.B.C.D  # IPv4 address
#	 server=[X:X::X:X] # IPv6 address
#	 server=hostname:port_number  
#	 server=A.B.C.D:port_number
#	 server=[X:X::X:X]:port_number
#
#   Freenet6 account holders should enter broker.freenet6.net, otherwise use
#   anon.freenet6.net. Your ISP may provide you with a different server name. 
#
#server=anon.freenet6.net # ← Comment this out as I have done
#server=broker.freenet6.net
server=broker.aarnet.net.au # ← add in AARNet's broker server

#
# Authentication Method:
#
#  auth_method=<{anonymous}|{any|passdss-3des-1|digest-md5|plain}>
#
#   anonymous:	  Sends no username or password
#
#   any:			The most secure method will be used. 
#   passdss-3des-1: The password is sent encrypted.
#   digest-md5:	 The password is sent encrypted.
#   plain:		  Both username and password are sent as plain text.
#
# Recommended values:
#   - any:		  If you are authenticating a username / password.
#   - anonymous:	If you are connecting anonymously.
#
#auth_method=anonymous # ← Comment this out as I have done here
auth_method=any # ← Or you can use digest-md5.

If you just want a single host, you won't need to configure anything further.

 

5. Start your daemons

 

# /etc/init.d/gw6c start

You should now have IPv6 support, if you reload this thread, my avatar should show a green v6 instead of a red v4.

Share this post


Link to post
Share on other sites

Heh I noticed your v6 avatar. Is that accomplished with an Apache virtual host? And where did you add the aaaa record? I use dyndns for v4 DNS, not sure if they do v6 will have a look one day.

Share this post


Link to post
Share on other sites

It's a combination of mod_rewrite, a dual-stack web host, and a PHP script.

 

The host has both A and AAAA records. So the one you see will depend on what your site's preference is, but at time of writing, I note most web browsers will at least try IPv6 in preference to IPv4 if they can see a route.

 

mod_rewrite makes it look like a plain file to the web (including this forum).

 

The PHP script takes original image, looks at the REMOTE_ADDR environment variable to determine if you are an IPv4 or IPv6 host, then uses the GD libraries and FreeType to draw the appropriate text. Crude, but works.

 

I might see about coding some stats on here to see just how much of Atomic are living in this century rather than 1984.

Share this post


Link to post
Share on other sites

I've always liked that fact that I'm quite good at remembering IP addresses.....that's all going out thew windows with IPv6!

Share this post


Link to post
Share on other sites

Reminds me, we gotta have IPv6 complaint Internet modem/router sometime in future at work.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×