{"id":80,"date":"2013-03-14T14:05:56","date_gmt":"2013-03-14T13:05:56","guid":{"rendered":"https:\/\/overdespotiet.dk\/blog\/?p=80"},"modified":"2024-06-19T13:35:45","modified_gmt":"2024-06-19T11:35:45","slug":"howto-get-ipv6-in-your-home","status":"publish","type":"post","link":"https:\/\/overdespotiet.dk\/blog\/?p=80","title":{"rendered":"HOWTO: Get IPv6 in your home"},"content":{"rendered":"

Since IPv6 Day<\/a> when I registered for a SixXS<\/a> handle, I’ve wanted to jump on the IPv6 wagon at home. My setup is a DSL line with Telenor as my ISP. Almost needless to say, Telenor does not do native IPv6, so another route had to be taken – as noted above, SixXS seems a good choice, since they have made arrangements with several transit providers\/colo’s\/ISPs to provide PoP’s<\/a> (point of presence) whereto mortal users, such as myself, can tunnel IPv6 traffic. Now, SixXS already provide a near foolproof FAQ<\/a> to get IPv6 set up, so I’ll focus on the steps where I chose wrong and experienced some hiccups.<\/p>\n

My first wrong choice<\/h2>\n

SixXS gives you three choices of tunnel type: AYIYA, Heartbeat and static. Since I have a (DHCP) static IP at home, I figured a static tunnel would do. It wouldn’t. The reason is that for this to work, the router have to forward IP protocol 41<\/a> packets, which the Telenor-provided Zyxel 2602 router does not. So that’s 15 credits lost on a tunnel type change to AYIYA…<\/p>\n

AYIYA setup<\/h2>\n

The AYIYA tunnel type requires the AICCU utility<\/a> to be installed on the tunnel endpoint. Since I have an UPS’ed 24\/7 linux box in the basement, I figured this was a good choice and it being a Debian box, it was just a matter of issuing a<\/p>\n

sudo apt-get install aiccu<\/pre>\n
after which I needed to insert my SixXS handle and password in \/etc\/aiccu.conf<\/code>. After which… nothing happened… I tried fiddling with the parameters, messing with the ipv6 interface manually, adding routes etc. Nothing…<\/p>\n
My second mistake<\/h2>\n
Having had nightmares about dropped ipv6 packets I woke up to find the tunnel up and pinging, as well as a fair latency. My mistake was to assume that the tunnel reprovisioning was instant, I guess…<\/p>\n
\"T118434<\/a>
T118434 latency<\/p><\/div>\n
And happily:<\/p>\n
localhost:~# ping6 -n -c 4 ipv6.google.com\r\nPING ipv6.google.com(2a00:1450:4010:c04::63) 56 data bytes\r\n64 bytes from 2a00:1450:4010:c04::63: icmp_seq=1 ttl=54 time=52.6 ms\r\n64 bytes from 2a00:1450:4010:c04::63: icmp_seq=2 ttl=54 time=53.0 ms<\/pre>\n
Firewalling IPv6<\/h2>\n
Just as with IPv4 one will need to firewall traffic on IPv6, and even more so since every IPv6 enabled computer\/device\/thingy is effectively globally available, due to the lack of NAT’ing! For now I’ve gone with a custom modified version of the stateful example found here<\/a> on my linux endpoint, but have a Microtik 450G<\/a> on order to act as a “real” firewall (when I get around to setting up a router that allows me to terminate proto 41 traffic).<\/p>\n
Distributing IPv6 on the LAN<\/h2>\n
Now my linux box is IPv6 – just give it a try:<\/p>\n
somewhere:~$ dig bystrup.net AAAA\r\n...\r\n;; ANSWER SECTION:\r\nbystrup.net.            14400   IN      AAAA    2001:16d8:dd00:1cd::2<\/pre>\n
and<\/p>\n
somewhere:~$ ping6 bystrup.net\r\nconnect: Network is unreachable<\/pre>\n
(OK, so the external host I tried this from isn’t IPv6 enabled yet…) To enable IPv6 on the rest of my LAN, an IPv6 subnet is needed – luckily I have that from SixXS as default (it’s a \/64 subnet, which should be just fine for most people, but SixXS will provide a \/48 subnet on request). The next step is “DHCP for IPv6”<\/em> which is handled by the Router Advertisement Daemon<\/a>. It’s easily available on Debian as sudo apt-get install radvd<\/code>. Once installed, edit \/etc\/radvd.conf<\/code> as follows:<\/p>\n
interface eth0 { \r\n    ...\r\n};<\/pre>\n
Alas, this is still on the TODO list, since I simply couldn’t get it to work with the default \/64 routed subnet from SixXS. Relevant links to explore are Installing a subnet<\/a> and How do I give connectivity to other hosts on my subnet<\/a> in the SixXS FAQ<\/p>\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
Since IPv6 Day when I registered for a SixXS handle, I’ve wanted to jump on the IPv6 wagon at home. My setup is a DSL line with Telenor as my ISP. Almost needless to say, Telenor does not do native … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[19,18],"tags":[25,23,24,27,26],"class_list":["post-80","post","type-post","status-publish","format-standard","hentry","category-ipv6","category-networking","tag-ayiya","tag-ipv6-2","tag-sixxs","tag-subnet","tag-tunnel"],"_links":{"self":[{"href":"https:\/\/overdespotiet.dk\/blog\/index.php?rest_route=\/wp\/v2\/posts\/80","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/overdespotiet.dk\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/overdespotiet.dk\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/overdespotiet.dk\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/overdespotiet.dk\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=80"}],"version-history":[{"count":19,"href":"https:\/\/overdespotiet.dk\/blog\/index.php?rest_route=\/wp\/v2\/posts\/80\/revisions"}],"predecessor-version":[{"id":247,"href":"https:\/\/overdespotiet.dk\/blog\/index.php?rest_route=\/wp\/v2\/posts\/80\/revisions\/247"}],"wp:attachment":[{"href":"https:\/\/overdespotiet.dk\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=80"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/overdespotiet.dk\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=80"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/overdespotiet.dk\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=80"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}