Google

Net Neutrality Canada - Neutrality.ca
Save the Net

We recently got a nice chunk of IPv6 space (real production space, not an experimental prefix) from the nice folks at Hexago, so I thought I'd share the initial experiences and a bit of a how-to guide for people getting started with IPv6.

First of all, Hexago makes it trivially easy to actually get IPv6 addresses, which was my biggest concern. (My ISP doesn't offer IPv6 directly yet.) Hexago's tunnel broker is only 10ms away from my IPv4 address, so it might as well be directly connected anyway. So, here's how you get your netblock:

  1. Sign up for a free account at Freenet6. (Of course, you can use any other IPv6 tunnel broker service or get IPv6 directly from your ISP if you prefer, but this is how I did it.)
  2. Download the TSP client for your operating system, or compile it from source. Ideally your IPv6 router system should have a routable IPv4 address. It doesn't have to be static. If you are going through some sort of NAT, you will need to run Linux, FreeBSD or Windows for your IPv6 router, so that you can use the UDP encapsulation. Hexago has a lot of docs on the TSP client, so read them.
  3. Configure the tsp config file. If you only want IPv6 for the system TSP runs on, then set up 'host' mode. If you want a chunk of IPv6 space to play with (duh), then you want 'router' mode and a prefixlen of 48. This will get you a full enterprise-sized 48-bit netblock. If you specify a DNS server name or IP, Hexago will also delegate all the reverse DNS lookups for your full IPv6 network to that server.
  4. Start up the tunnel client. I found it crashes sometimes, and also will exit if anything disturbs the UDP socket connection. Your mileage may vary, of course. I originally thought I would solve this by running it under daemontools or runit, but TSP doesn't have a switch to run in the foreground easily. I ended up writing a small watchdog script for it, which I start from rc.local:

#!/bin/sh while : do PID=$(ps ax|grep /bin/tspc|grep -v grep|awk '{print $1}') if [[ -z "$PID" ]; then cd /var/log /usr/local/tsp/bin/tspc -f /usr/local/tsp/bin/tspc.conf fi sleep 120 done

This just ensures that the IPv6 block stays routable.

Now you have the address space, so configure your systems to use it. It should be simple with most modern operating systems. FreeBSD and NetBSD support IPv6 natively: just enable it in rc.conf. I believe most Linux distros also come with full IPv6 support now. Read your OS documentation to see how to enable it and configure your interface addresses. On FreeBSD and NetBSD, you can just add an alias in rc.conf. You don't need to assign an address to the TSP router: it will automatically get 2001:xxx:xxxx::1 from the tunnel broker. You should give addresses from this 64-bit prefix to your other systems.

I recommend assigning a static address to any servers, of course, and letting workstations get stateless autoconfiguration addresses. This involves setting up a router advertisement daemon (radvd) and a router solicitation daemon (rtsold). On your TSP router, get and install radvd. It's in the FreeBSD ports collection, and also (I think) in NetBSD's pkgsrc, and I have been told also in Debian Linux's APT repository. FreeBSD also comes with another router advertising daemon (rtadvd) but I haven't used it.

Here is the config file I use with radvd:

interface dc0 { AdvSendAdvert on; MinRtrAdvInterval 120; MaxRtrAdvInterval 600; AdvHomeAgentFlag off; prefix 2001:5c0:9084::/64 { AdvOnLink on; AdvAutonomous off; AdvRouterAddr off; AdvPreferredLifetime 0; }; };

Now, I have turned off stateless autoconfiguration by setting AdvAutonomous off and AdvPreferredLifetime to 0. You will want to leave these on if you want workstations to get dynamic addresses.

On the client side, you need a router solicitation daemon. In the Unix world, this is rtsold. It should need no configuration aside from maybe what interface(s) to use. Once radvd and rtsold are talking, your hosts should be able to ping6 back and forth with their IPv6 addresses, and you should be able to ping6 to an Internet host, like www.pixin.net or www.kame.net. Even if you're using static addressing, I still suggest running the routing daemons; it makes it easier to move stuff around.

Windows XP also supports IPv6. First, you have to install the protocol: Open Control Panel, Network Connections, and right click your network adapter. Choose Properties, then Install the Protocol called "Microsoft TCP/IP version 6". If you left AdvAutonomous enabled, you can probably stop here; your workstation should have acquired a dynamic IPv6 address and figured out the network topology. Try to ping6 to your other boxes and some Internet hosts to test.

To give Windows a static IP, you need the command shell:

C:\> netsh interface ipv6 add address "Local Area Connection" 2001:xxx:xxxx::5 store=persistent

See this article for more: http://www.microsoft.com/technet/community/columns/cableguy/cg0902.mspx

I found that using both dynamic and static IPv6 addresses caused connectivity problems with Windows. Turning off the AdvAutonomous and just using static addressing with router discovery works well.

So, now you should have a functional IPv6 network with a big chunk of address space to play with. Have fun!