Gentoo IPv6 guide
tunnel service
1. Use flags and rc.conf
First you'll have to add ipv6 to your use flags, if you haven't already. You can do that with ufed. An excelent USE flags editor.
# emerge app-portage/ufed
# ufed
Or just by adding ipv6 to the USE line in /etc/make.conf.
Next you should edit your /etc/rc.conf. Find the line containing:
PROTOCOLS="1 2"
And change it so it reads:
PROTOCOLS="1 2 10"
2. Register for a tunnel
Go to http://tunnelbroker.net
Server IPv4 address
Client IPv6 address
3. Setting up the interfaces
You'll have to use both sit0 and sit1, don't worry if you can't see sit1, it will appear after sit0 has been setup.
Change dir to /etc/init.d/, and make two symlinks: net.sit0 and net.sit1 which both points to net.eth0.
# cd /etc/init.d
# ln -s net.eth0 net.sit0
# ln -s net.eth0 net.sit1
Next edit /etc/conf.d/net and add the following lines: (Remember to replace and with the values from Step 2.)
iface_sit0="inet6 tunnel ::<server ipv4="" address="">"
iface_sit1="inet6 add <client ipv6="" address="">"
routes_sit1="::/0 -A inet6 dev sit1"</client></server>
4. Starting the tunnel
You're almost ready to go, just enter the following commands:
# /etc/init.d/net.sit0 start
# /etc/init.d/net.sit1 start
And you should be up and running, to test the connection try:
# ping6 www.kame.net
NB: You might have to recompile some packages with ipv6 support if you don't have the ping6 command.
5. Making the tunnel start on boot
If you want the tunnel to start automatically if the node reboots, type the following:
# rc-update add net.sit0 default
# rc-update add net.sit1 default
I hope this guide can be of use to somebody. Feel free to comment if you find any errors or mistakes.
9 Replies
@rocekiller:
Change dir to /etc/init.d/, and make two symlinks: net.sit0 and net.sit1 which both points to net.eth0.
# cd /etc/init.d # ln -s net.sit0 net.eth0 # ln -s net.sit1 net.eth0
You have those backwards…
# cd /etc/init.d
# ln -s net.eth0 net.sit0
# ln -s net.eth0 net.sit1
Other than that, I'm still waiting on tunnel approval, then I should know if it worked. As far as directions go, that's really strait forward, quick and easy setup, thanks.
I'm still not quite sure if you need to wait for the tunnel to be aproved. The last few times I have set up a tunnel, it seems to work right away. But I'm not really sure.
@rocekiller:
I'm still not quite sure if you need to wait for the tunnel to be aproved. The last few times I have set up a tunnel, it seems to work right away. But I'm not really sure.
Well, I actually kinda hope not since if it is, something else is wrong…
* Bringing sit0 up...
64.71.128.83: Resolver Error 0 (no error) [ !! ]
caker
Linode Staff
@rocekiller:
I never seem to remember if it's taget or link_name first, thanks.
I used to have the same problem, but now I just compare it to a "cp src dst" and that helps me remember the symlink syntax. HTH
-Chris
@tierra:
@rocekiller:I'm still not quite sure if you need to wait for the tunnel to be aproved. The last few times I have set up a tunnel, it seems to work right away. But I'm not really sure.
Well, I actually kinda hope not since if it is, something else is wrong…
* Bringing sit0 up... 64.71.128.83: Resolver Error 0 (no error) [ !! ]
I might be wrong. It usually takes < 24h to get your tunnel activated. Looking forward to your result.
@caker:
I used to have the same problem, but now I just compare it to a "cp src dst" and that helps me remember the symlink syntax. HTH
Good idear, I'll try that, thanks.
iface_sit0="inet6 tunnel 64.71.128.83"
instead of this:
iface_sit0="inet6 tunnel ::64.71.128.83"
in /etc/conf.d/net
It all works now =).
HE Server:
# ping6 2001:470:1f01:ffff::56
PING 2001:470:1f01:ffff::56(2001:470:1f01:ffff::56) 56 data bytes
--- 2001:470:1f01:ffff::56 ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 6026ms
Local Address:
# ping6 2001:470:1f01:ffff::57
PING 2001:470:1f01:ffff::57(2001:470:1f01:ffff::57) 56 data bytes
--- 2001:470:1f01:ffff::57 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3034ms
rtt min/avg/max/mdev = 0.113/0.119/0.130/0.006 ms
Kame:
# ping6 www.kame.net
PING www.kame.net(orange.kame.net) 56 data bytes
--- www.kame.net ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4032ms
And localhost:
# ping6 ::1
--- ::1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1020ms
rtt min/avg/max/mdev = 0.112/0.120/0.128/0.008 ms
ifconfig:
sit0 Link encap:IPv6-in-IPv4
inet6 addr: ::67.18.176.56/96 Scope:Compat
inet6 addr: ::127.0.0.1/96 Scope:Unknown
UP RUNNING NOARP MTU:1480 Metric:1
RX packets:214 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:14256 (13.9 Kb) TX bytes:0 (0.0 b)
sit1 Link encap:IPv6-in-IPv4
inet6 addr: fe80::4312:b038/64 Scope:Link
inet6 addr: 2001:470:1f01:ffff::57/127 Scope:Global
UP POINTOPOINT RUNNING NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:208 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:17168 (16.7 Kb)
I'm not that experienced with IPv6 networking, but my routing tables look like everything is there and setup.
You might also want to link to
I did an upgrade to the new 2.4.27-linode36-3um kernel, which I don't think had anything to do with it, but in the process of reboot, I believe it just finally got the chance to put in the new routes.
One note I'd add - if you currently depend on an iptables firewall like shorewall, don't expect that it will work for ipv6 as well. I installed 6wall (unfortunately this isn't in portage) for my ipv6 firewalling needs.