Difference between revisions of "Bering-uClibc 4.x - User Guide - IPv6 Networking - External Network Connections"
(→SixXS) |
Davidmbrooke (Talk | contribs) (Added notes about SixXS IPv6 recursive DNS cache service, and general tidy-up of SixXS section) |
||
Line 15: | Line 15: | ||
==Tunnel from IPv6 Tunnelbroker== | ==Tunnel from IPv6 Tunnelbroker== | ||
===SixXS=== | ===SixXS=== | ||
− | If you use [http://www.sixxs.net/ SixXS] as your IPv6 tunnelbroker, you | + | ====AICCU Package==== |
+ | If you use [http://www.sixxs.net/ SixXS] as your IPv6 tunnelbroker, you will probably want to install the <code class="filename">aiccu.lrp</code> Package, which provides AICCU, the Automatic IPv6 Connectivity Client Utility. | ||
AICCU makes it easy for users to get IPv6 connectivity. After having requested an account, tunnel and optionally a subnet, AICCU can be used to automatically configure the tunnel. AICCU supports TIC (Tunnel Information & Control protocol), which it uses for retrieving the tunnel configuration information, AYIYA, which allows tunnels to be created even behind firewalls and NAT's. | AICCU makes it easy for users to get IPv6 connectivity. After having requested an account, tunnel and optionally a subnet, AICCU can be used to automatically configure the tunnel. AICCU supports TIC (Tunnel Information & Control protocol), which it uses for retrieving the tunnel configuration information, AYIYA, which allows tunnels to be created even behind firewalls and NAT's. | ||
Line 32: | Line 33: | ||
* Check for error messages in <code class="filename">/var/log/syslog</code> | * Check for error messages in <code class="filename">/var/log/syslog</code> | ||
* If all is well, you should have a new network interface called "<tt>sixxs</tt>" which is effectively the IPv6 equivalent of your external IPv4 interface (e.g. <tt>eth0</tt> or <tt>ppp0</tt>). | * If all is well, you should have a new network interface called "<tt>sixxs</tt>" which is effectively the IPv6 equivalent of your external IPv4 interface (e.g. <tt>eth0</tt> or <tt>ppp0</tt>). | ||
− | * In the event of problems you may find the "<tt>test</tt>" mode of the "<tt>aiccu</tt>" command useful. | + | * In the event of problems you may find the "<tt>test</tt>" mode of the "<tt>aiccu</tt>" command useful for diagnosis. |
− | Although AICCU supports tunnels via non-static | + | ====Workaround for Fast-Changing Public IPv4 Addresses==== |
− | A workaround is to add the script below, named as <code class="filename">0aiccu</code>, to <code class=filename">/etc/ppp/ip-up-d</code>. It restarts <code class="filename">aiccu</code> after ppp has | + | Although AICCU supports tunnels via non-static IPv4 addresses, we have found that tunnels via DSL-providers (like T-DSL connections in Germany), that change the IP address in an 24-hour-interval, do not work reliably. |
+ | A workaround is to add the script below, named as <code class="filename">0aiccu</code>, to <code class=filename">/etc/ppp/ip-up-d</code>. It restarts <code class="filename">aiccu</code> after ppp has re-established the pppoe connection. | ||
#!/bin/sh | #!/bin/sh | ||
Line 46: | Line 48: | ||
done | done | ||
/etc/init.d/aiccu start | /etc/init.d/aiccu start | ||
+ | |||
+ | ====IPv6 DNS Servers==== | ||
+ | Most IPv4 DNS servers will happily serve out IPv6 "AAAA" address records, so normally it is adequate to use IPv4 for DNS even when using IPv6 for other protocols. However, in case some sites only provide full IPv6 DNS services over IPv6 it can be useful to include some IPv6 DNS servers, usually alongside IPv4 DNS servers. | ||
+ | |||
+ | SixXS provide a recursive DNS cache service over IPv6 as detailed [http://www.sixxs.net/tools/dnscache/ on the SixXS website]. | ||
+ | |||
+ | '''Note:''' As per the warning on the SixXS site, the AICCU utility needs to resolve the IPv4 address of <tt>tic.sixxs.net</tt> at startup, which will not be possible if your only DNS servers are only accessible via the AICCU tunnel (unless you have a static, public IPv4 address and a static tunnel). | ||
+ | |||
+ | There are three separate DNS cache servers, one for each continent: | ||
+ | * <tt>nscache.eu.sixxs.net</tt> - Europe | ||
+ | * <tt>nscache.us.sixxs.net</tt> - United States | ||
+ | * <tt>nscache.ap.sixxs.net</tt> - Asia Pacific | ||
+ | An entry for the IPv6 address(es) of the relevant local resolver (found using e.g. <tt>dig AAAA nscache.eu.sixxs.net</tt> can either be added directly to <code class="filename">/etc/resolv.conf</code> or, if you are using the <tt>dhcpcd</tt> Package, it can be added to <code class="filename>/etc/resolv.conf.head</code> so that it is included at the start of the automatically-generated <code class="filename">/etc/dhcpc/resolv.conf</code> which is then typically referenced by the <tt>dnsmasq</tt> Package as described on [[Bering-uClibc 4.x - User Guide - IPv4 Networking - Configure Dnsmasq#Using dnsmasq with dhcpcd|the dnsmasq page]]. | ||
+ | An example of suitable contents for <code class="filename>/etc/resolv.conf.head</code> for a system located in Europe might be: | ||
+ | nameserver 2001:14b8:0:3007::6 | ||
+ | nameserver 2001:7b8:3:4f:202:b3ff:fe46:bec | ||
+ | Note that file <code class="filename>/etc/resolv.conf.head</code> is not backed up as part of the <tt>dhcpcd</tt> Package so this file needs to be added to <code claass="filename">/var/lib/lrpkg/local.local</code> (and you need to have Package <code class="filename">local.lrp</code> installed). | ||
+ | |||
===Hurricane Electric=== | ===Hurricane Electric=== |
Revision as of 15:54, 29 January 2011
IPv6 Networking - External Network Connections | ||
---|---|---|
Bering-uClibc 4.x - User Guide | Next |
Contents
Native IPv6
TODO
Tunnel from IPv6 Tunnelbroker
SixXS
AICCU Package
If you use SixXS as your IPv6 tunnelbroker, you will probably want to install the aiccu.lrp
Package, which provides AICCU, the Automatic IPv6 Connectivity Client Utility.
AICCU makes it easy for users to get IPv6 connectivity. After having requested an account, tunnel and optionally a subnet, AICCU can be used to automatically configure the tunnel. AICCU supports TIC (Tunnel Information & Control protocol), which it uses for retrieving the tunnel configuration information, AYIYA, which allows tunnels to be created even behind firewalls and NAT's.
The procedure to configure Bering-uClibc 4.x is as follows:
- Make sure you have the tun kernel Module loaded. Note that this relies on the crc32 kernel Module, which should be automatically loaded in most setups anyway.
- Configure Shorewall to accept the SixXS tunnel traffic. Add the following to
/etc/shorewall/rules
:
SixXS(ACCEPT) fw net
- Install the
aiccu.lrp
Package and configure it using lrcfg.- Specify your own username and password.
- Specify the relevant protocol and server. For example:
protocol tic server tic.sixxs.net
- Start the aiccu daemon:
svi aiccu start
- Check for error messages in
/var/log/syslog
- If all is well, you should have a new network interface called "sixxs" which is effectively the IPv6 equivalent of your external IPv4 interface (e.g. eth0 or ppp0).
- In the event of problems you may find the "test" mode of the "aiccu" command useful for diagnosis.
Workaround for Fast-Changing Public IPv4 Addresses
Although AICCU supports tunnels via non-static IPv4 addresses, we have found that tunnels via DSL-providers (like T-DSL connections in Germany), that change the IP address in an 24-hour-interval, do not work reliably.
A workaround is to add the script below, named as 0aiccu
, to /etc/ppp/ip-up-d
. It restarts aiccu
after ppp has re-established the pppoe connection.
#!/bin/sh if pidof aiccu then /etc/init.d/aiccu stop fi while pidof aiccu ; do sleep 15; pidof aiccu; done /etc/init.d/aiccu start
IPv6 DNS Servers
Most IPv4 DNS servers will happily serve out IPv6 "AAAA" address records, so normally it is adequate to use IPv4 for DNS even when using IPv6 for other protocols. However, in case some sites only provide full IPv6 DNS services over IPv6 it can be useful to include some IPv6 DNS servers, usually alongside IPv4 DNS servers.
SixXS provide a recursive DNS cache service over IPv6 as detailed on the SixXS website.
Note: As per the warning on the SixXS site, the AICCU utility needs to resolve the IPv4 address of tic.sixxs.net at startup, which will not be possible if your only DNS servers are only accessible via the AICCU tunnel (unless you have a static, public IPv4 address and a static tunnel).
There are three separate DNS cache servers, one for each continent:
- nscache.eu.sixxs.net - Europe
- nscache.us.sixxs.net - United States
- nscache.ap.sixxs.net - Asia Pacific
An entry for the IPv6 address(es) of the relevant local resolver (found using e.g. dig AAAA nscache.eu.sixxs.net can either be added directly to /etc/resolv.conf
or, if you are using the dhcpcd Package, it can be added to /etc/resolv.conf.head
so that it is included at the start of the automatically-generated /etc/dhcpc/resolv.conf
which is then typically referenced by the dnsmasq Package as described on the dnsmasq page.
An example of suitable contents for /etc/resolv.conf.head
for a system located in Europe might be:
nameserver 2001:14b8:0:3007::6 nameserver 2001:7b8:3:4f:202:b3ff:fe46:bec
Note that file /etc/resolv.conf.head
is not backed up as part of the dhcpcd Package so this file needs to be added to /var/lib/lrpkg/local.local
(and you need to have Package local.lrp
installed).
Hurricane Electric
TODO
Up | Next |