Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 13807 Details for
Bug 23353
New Documentation: IPv6 HowTo
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Edited version of the original document
ipv6.xml (text/xml), 19.29 KB, created by
Jorge Paulo (RETIRED)
on 2003-06-24 17:36:53 UTC
(
hide
)
Description:
Edited version of the original document
Filename:
MIME Type:
Creator:
Jorge Paulo (RETIRED)
Created:
2003-06-24 17:36:53 UTC
Size:
19.29 KB
patch
obsolete
><?xml version='1.0' encoding="UTF-8"?> ><!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> > ><guide link="/doc/en/ipv6.xml"> > ><title>Gentoo IPv6 Router Guide</title> ><author title="Developer"> ><mail link="latexer@gentoo.org"> >Peter Johanson ></mail> ></author> ><author title="Editor"> ><mail link="peesh@gentoo.org"> >Jorge Paulo ></mail> ></author> > ><abstract>This guide shows how to setup IPv6 on a Gentoo system. This includes establishing a tunnel with a tunnel broker, some basic DNS configuration and configuring clients to use the system to connect to IPv6 addresses.</abstract> > ><version>1.0</version> ><date>09 June 2003</date> > ><chapter> > ><title>Kernel Setup</title> > ><section> ><title>Basic Kernel Configuration</title> ><body> ><p>Any of the 2.4 series' kernels available in Gentoo will easily support IPv6 connections. Additionally, both gentoo-sources and pfeifer sources optionally have the USAGI patches applied. The USAGI patchset is not required, but it is in active development and implements many elements of IPv6 not present in the kernel otherwise. To use the USAGI patchset, make sure you have 'usagi' in your USE variables when emerging either of these sources.</p> > ><pre caption="Emerging a kernel"> ># <c>USE="usagi" emerge gentoo-sources</c> >or ># <c>USE="usagi" emerge pfeifer-sources</c> ></pre> > ><p>Now we are ready to enter the kernel source directory and begin our actual kernel configuration</p> ><pre caption="Configuring the Linux Kernel"> ># <c>cd /usr/src/linux</c> ># <c>make menuconfig</c> ></pre> ><note>This assumes the symlink <path>/usr/src/linux</path> points to the sources you will be using</note> ><note>Make sure you have support for EXPERIMENTAL options enabled in your kernel config</note> ><pre caption = "'make menuconfig' options"> >Networking options ---> > <*> IP: tunneling > ... > <*> The IPv6 protocol (EXPERIMENTAL) ---> > ><codenote>The IPv6 options beneath this one can be useful for many other applications,</codenote> ><codenote>but should not be needed for a basic setup</codenote> ></pre> ></body> ></section> > ><section> ><title>Testing IPv6 Support</title> ><body> ><p>After enabling the recommended options, recompile your kernel and reboot into your new IPv6-enabled kernel. If IPv6 is working, the loopback device should show an IPv6 address.</p> ><pre> ># <c>ifconfig lo >lo Link encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > inet6 addr: ::1/128 Scope:Host > <codenote>The above line shows things are working</codenote> > UP LOOPBACK RUNNING MTU:16436 Metric:1 > RX packets:6 errors:0 dropped:0 overruns:0 frame:0 > TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:456 (456.0 b) TX bytes:456 (456.0 b)</c> ></pre> > ></body> ></section> > ></chapter> ><chapter> > ><title>Tunnel Configuration</title> > ><section> ><title>Basic Configuration</title> ><body> ><p>Most ISPs still do not offer any native IPv6 connections. To get around this limitation, there are several "tunnel brokers" around the globe that offer free IPv6 tunnels. This will allow you to tunnel all your IPv6 connections through an IPv4 connection.</p> ><table> ><tr><th>Broker</th><th>Location</th></tr> ><tr><ti><uri link="http://tunnelbroker.net">Hurricane Electric</uri></ti><ti>US/Canada</ti></tr> ><tr><ti><uri link="http://www.freenet6.net">Freenet6</uri></ti><ti>US</ti></tr> ><tr><ti><uri link="http://ipng.org.uk">IPnG</uri></ti><ti>UK</ti></tr> ><tr><ti><uri link="http://tb.ipv6.btexact.com">BTExact</uri></ti><ti>Europe</ti></tr> ></table> > ><p>Below are two examples for setting up a tunnel with two popular North American tunnels, Hurricane Electric and Freenet6.</p> ></body> ></section> > ><section> ><title>Hurricane Electric</title> ><body> ><p>Hurricane Electric (HE for short) offers free IPv6 tunnels and allocates a /64 block of addresses for you. It also allows configuration of reverse DNS. Getting a tunnel from HE is as easy as going to <uri>www.tunnelbroker.net</uri> and filling out a one page form.</p> ><note>Registration includes listing information like your address and phone number.</note> ><warn>Tunnels from HE take 24 hours to be activated. This is in order to curb abuse of the service</warn> ><p>After you have a tunnel approved and have a /64 block allocated, you can configure your Gentoo box. HE provides sample configurations based on ifconfig and the iproute utilities. The following two examples assume you have the following configuration:</p> ><table> ><tr><ti>Local IPv4 Address</ti><ti>68.36.91.195</ti></tr> ><tr><ti>HE IPv4 Address</ti><ti>64.71.128.82</ti></tr> ><tr><ti>Local IPv6 tunnel Address</ti><ti>2001:470:1F00:FFFF::189</ti></tr> ><tr><ti>IPv6 Block</ti><ti>2001:470:1F00:296::/64</ti></tr> ></table> > ><p>Using the net-utils and ifconfig, you would do the following</p> ><pre caption="Configuration with ifconfig"> ># <c>ifconfig sit0 up</c> ># <c>ifconfig sit0 inet6 tunnel ::64.71.128.82 </c> ><codenote>Add a tunnel to the HE IPv4 address</codenote> ># <c>ifconfig sit1 up</c> ># <c>ifconfig sit1 inet6 add 2001:470:1F00:FFFF::189/127</c> ># <c>route -A inet6 add ::/0 dev sit1</c> ><codenote>Route all IPv6 traffic through the 'sit1' device</codenote> ></pre> > ><p>Using the iproute package and the 'ip' command, you would do the following</p> ><pre caption="Configuration with ip"> ># <c>ip tunnel add sixbone mode sit remote 64.71.128.82 local 68.36.91.195 ttl 255</c> ><codenote>Create a tunnel between the local IPv4 and HE's remote IPv4 address</codenote> ># <c>ip link set sixbone up</c> ># <c>ip addr add 2001:470:1F00:FFFF::189/127 dev sixbone</c> ><codenote>Bring the tunnel up, and assign the IPv6 address to it</codenote> ># <c>ip route add ::/0 dev sixbone</c> ><codenote>Route all IPv6 address through our 'sixbone' tunnel device</codenote> ></pre> ></body> ></section> > ><section> ><title>Freenet6</title> ><body> ><p><uri link="www.freenet6.net">Freenet6</uri> is another free tunnel broker. Registration only requires a username and a valid email address. They have chosen to turn the tunnel management into a client/server setup and have created the 'tspc' client. The client is available in portage but still masked pending more testing. To install it do</p> ><pre> ># <c>USE="~x86" emerge freenet6</c> ></pre> ><p>Now you need to configure freenet6 by editing <path>/etc/freenet6/tspc.conf</path>. You should only have to edit the <path>userid</path> and <path>passwd</path> fields to match those assigned from Freenet6. Below is a complete sample config file.</p> ><pre caption="tspc.conf example"> ><c>tsp_version=1.0.1 >tsp_dir=/etc/freenet6 >auth_method=any >client_v4=auto >userid=anonymous >passwd= >template=gentoo >server=tsps1.freenet6.net >retry_delay=0 >if_tunnel=sit3</c> ></pre> ></body> ></section> > ><section> ><title>Testing your connection</title> ><body> ><p>Now that your tunnel is configured, you can test your connection. The easiest way to do this is to use the ping6 utility and try to ping an IPv6 host.</p> ><pre> ># <c>emerge iputils</c> ># <c>ping6 www.kame.net >PING www.kame.net(orange.kame.net) 56 data bytes >64 bytes from orange.kame.net: icmp_seq=1 ttl=52 time=290 ms >64 bytes from orange.kame.net: icmp_seq=2 ttl=52 time=277 ms >64 bytes from orange.kame.net: icmp_seq=3 ttl=52 time=280 ms >64 bytes from orange.kame.net: icmp_seq=4 ttl=52 time=279 ms >64 bytes from orange.kame.net: icmp_seq=5 ttl=52 time=277 ms > >--- www.kame.net ping statistics --- >5 packets transmitted, 5 received, 0% packet loss, time 4038ms >rtt min/avg/max/mdev = 277.040/281.041/290.046/4.699 ms</c> ></pre> ></body> ></section> > ></chapter> ><chapter> > ><title>IPv6 Support in Applications</title> > ><section> ><title>Re-emerging packages</title> ><body> ><p>Unless you had USE="ipv6" in your /etc/make.conf previously, you probably need to re-emerge a bunch of packages to compile in IPv6 support for them. To get a list of all the installed packages which leverage the 'ipv6' USE variable, you can run the below line.</p> ><pre caption="Candidates for re-emerging"> ># <c>emerge -epv world | grep ipv6 | sed "s:^.*\] ::; s:-[0-9]\+.*::" | cut -d' ' -f1</c> ></pre> ><p>To easily re-emerge some selected packages, do</p> ><pre caption="Candidates for re-emerging"> ># <c>emerge -epv world | grep ipv6 | sed "s:^.*\] ::; s:-[0-9]\+.*::" | \ >> cut -d' ' -f1 > packages</c> ></pre> ><p>Next, edit the 'packages' file to remove any packages you don't want to recompile at this time. Then simply run</p> ><pre> ># <c>emerge `cat packages`</c> ></pre> ></body> ></section> > ><section> ><title>IPv6 Specific Packages</title> ><body> ><p>There are a few packages which specifically deal with IPv6 items. Most of these are located in <path>/usr/portage/net-misc</path>.</p> ><table> ><tr><th>Package</th><th>Description</th></tr> ><tr><ti>net-misc/ipv6calc</ti><ti>Converts an IPv6 address to a compressed format</ti></tr> ><tr><ti>net-misc/nc6</ti><ti>netcat version that supports IPv6 and IPv4</ti></tr> ><tr><ti>dev-perl/Socket6</ti><ti>IPv6 related part of the C socket.h defines and structure manipulators</ti></tr> ></table> ></body> ></section> > ></chapter> ><chapter> > ><title>DNS setup</title> > ><section> ><title>IPv6 and DNS</title> ><body> ><p>Just as DNS for IPv4 uses A records, DNS for IPv6 uses AAAA records. (This is because IPv4 is an address space of 2^32 while IPv6 is an address space of 2^128). For reverse DNS, the INT standards is the most supported. ARPA is the latest format but is not in as much widespread use as INT. Support for the INT format will be described here.</p> ></body> ></section> > ><section> ><title>BIND configuration</title> ><body> ><p>Recent versions of BIND include excellent IPv6 support. This section will assume you have at least minimal knowledge about the configuration and use of BIND. We will assume you are not running bind in a chroot. If you are, simply append the chroot prefix to most of the paths in the following section.</p> ><p>First you need to add entries for both forward and reverse DNS zone files in <path>/etc/bind/named.conf</path></p> ><pre caption="named.conf entries"> ><c>zone "ipv6-rules.com" IN { > type master; > file "pri/ipv6-rules.com"; >}; ><codenote>This will provide the forward DNS for the domain 'ipv6-rules.com'</codenote> >zone "6.9.2.0.0.0.f.1.0.7.4.0.1.0.0.2.ip6.int" { > type master; > file "pri/rev-ipv6-rules.com.int"; >}; ><codenote>This format for reverse DNS is "bitwise." It's done by taking the IPv6 prefix,</codenote> ><codenote>reversing the order of the numbers and putting a period between each number</codenote></c> ></pre> ><p>Now we must created those zone files and add entries for all of our hosts</p> > ><pre caption="pri/ipv6-rules.com"> ><c> >$TTL 2h >@ IN SOA ipv6-rules.com. webmaster.ipv6-rules.com. ( > 2003052501 ; Serial > 28800 ; Refresh > 14400 ; Retry > 3600000 ; Expire > 86400 ) ; Minimum > NS ns1.ipv6-rules.com > > IN AAAA 2001:470:1f00:296::1 ; address for ipv6-rules.com >host1 IN AAAA 2001:470:1f00:296::2 ; address for host1.ipv6-rules.com >host2 IN AAAA 2001:470:1f00:296::3:3 ; address for host2.ipv6-rules.com ></c> ></pre> ><pre caption="pri/rev-ipv6-rules.com.int"> ><c> >$TTL 3d ; Default TTL (bind 8 needs this, bind 9 ignores it) >@ IN SOA ipv6-rules.com. webmaster.ipv6-rules.com. ( > 2003052501 ; Serial number (YYYYMMdd) > 24h ; Refresh time > 30m ; Retry time > 2d ; Expire time > 3d ) ; Default TTL > IN NS ns1.ipv6-rules.com. >; IPv6 PTR entries >$ORIGIN 6.9.2.0.0.0.f.1.0.7.4.0.1.0.0.2.ip6.int. > >1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR ipv6-rules.com. >2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR host1.ipv6-rules.com. >3.0.0.0.3.0.0.0.0.0.0.0.0.0.0.0 IN PTR host2.ipv6-rules.com. ></c></pre> ></body> ></section> > ><section> ><title>DJBDNS configuration</title> ><body> ><p>There are currently some third-party patches to DJBDNS available at <uri link="http://www.fefe.de/dns/">www.fefe.de/dns/</uri> that allow it to do IPv6 nameserving. DJBDNS can be installed with these patches by emerging it with "ipv6" in your USE variables.</p> ><warn>Not all record types are support yet with these patches. In particular, NS and MX records are not supported.</warn> ><pre> ># <c>USE="ipv6" emerge djbdns</c> ></pre> ><p>The initial installation can be handled by doing and then following the instructions.</p> ><pre> ># <c>tinydns-setup</c> ></pre> ><p>Assuming we've installed <i>tinydns</i> into <path>/var/tinydns</path>, we can now edit <path>/va/tinydns/root/data</path>. This file will contain all the data needed to get tinydns handling DNS for your IPv6 delegation.</p> ><pre caption="sample data file"> ><c>.ipv6-rules.com:192.168.0.1:a:259200 ><codenote>*.ipv6-rules.com is authoritatively handled by 192.168.0.1</codenote> >.6.9.2.0.0.0.f.1.0.7.4.0.1.0.0.2.ip6.int:192.168.0.1:a ><codenote>Authoritative reverse DNS for 2001:470:1f00:296::/64</codenote> >6host1.ipv6-rules.com:200104701f0002960000000000000001:86400 >6host2.ipv6-rules.com:200104701f0002960000000000000002:86400 ><codenote>Specify the IPs for host1 and host2</codenote> >3www.ipv6-rules.com:200104701f0002960000000000000002:86400 ><codenote>Point www to host1</codenote></c> ></pre> ><p> Lines prefixed with a <i>6</i> will have both an AAAA and a PTR record created. Those prefixed with a <i>3</i> will only have an AAAA record created. Besides manually editing the <path>data</path> file, you can use the scripts <i>add-host6</i> and <i>add-alias6</i> to add new entries. After changes are made to the <path>data</path> file, you simply need to run <i>make</i> from <path>/var/tinydns/root</path>. This will create <path>/var/tinydns/root/data.cfb</path>, which tinydns will use as its source of information for DNS requests.</p> ></body> ></section> > ></chapter> ><chapter> > ><title>IPv6 Router</title> > ><section> ><title>Configure routing</title> ><body> ><p>Further configuration is required if we want to use our system as a router for other clients wishing to connect to the outside world with IPv6. We need to enable forwarding of IPv6 packets. We can do this in one of two ways.</p> ><pre caption="Enabling forwarding"> ># <c>echo 1 > /proc/sys/net/ipv6/conf/all/forwarding</c> >or ># <c>sysctl -w net.ipv6.conf.all.forwarding</c> ></pre> ><warn>The radvd init script enables forwarding, making the next step unnecessary.</warn> ><p>To enable forwarding at boot, you'll need to edit <path>/etc/sysctl.conf</path> and add the following line</p> ><pre caption="sysctl.conf addition"> ><c>net.ipv6.conf.default.forwarding=1</c> ></pre> ><p>Traffic should now be forwarded from this box through the tunnel we've established with our broker.</p> ><p>To assign IPv6 addresses to clients, the IPv6 specification allows for both stateless and stateful IP assignment. Stateless assignment uses a process called Router Advertisement and allows clients to obtain an IP and a default route by simply bringing an interface up. It is called "stateless" because there is no record of IPs assigned and the host they are assigned to. Stateful assignment is handled by DHCPv6. It is "stateful" because the server keeps a state of the clients who've requested IPs and received them.</p> ></body> ></section> > ><section> ><title>Stateless Configuration</title> ><body> ><p>Stateless configuration is easily accomplished using the Router Advertisement Daemon, or radvd.</p> ><pre caption="Configuring radvd"> ># <c>emerge radvd</c> ></pre> ><p>After having emerged radvd, we need to create <path>/etc/radvd/radvd.conf</path> that contains information about what IP block to assign IPs from. Here is a sample <path>radvd.conf</path> file using the prefix we've been assigned from our tunnel broker.</p> ><pre caption="Sample radvd.conf"> ><c>interface eth0 >{ > AdvSendAdvert on; > <codenote>Send advertisement messages to other hosts</codenote> > AdvLinkMTU 1280; > MaxRtrAdvInterval 300; > prefix 2001:470:1F00:296::/64 > <codenote>The group of IPs we have at our disposal</codenote> > { > AdvOnLink on; > AdvAutonomous on; > }; >};</c> ></pre> ><p>Further information is available in <c>man radvd.conf</c>. We can now start radvd and set it to start at boot</p> ><pre> ># <c>/etc/init.d/radvd start</c> ># <c>rc-update add radvd default</c> ></pre> ></body> ></section> > ><section> ><title>Stateful Configuration</title> ><body> ><p>If you'd like to use stateful configuration, you'll need to install and configure dhcpv6</p> ><pre> ># <c>emerge dhcpv6</c> ></pre> ><p>Next we must configure the DHCPv6 server by editing <path>/etc/dhcp6s.conf</path>.</p> ><pre caption="Sample dhcp6s.conf"> ><c>prefer-life-time 10000; >valid-life-time 20000; >renew-time 5000; >rebind-time 8000; >interface eth1 { > link AAA { > allow unicast; > send unicast; > allow rapid-commit; > send server-preference 5; > renew-time 1000; > rebind-time 2400; > prefer-life-time 2000; > valid-life-time 3000; > range 2001:470:1f00:296::10 to 2001:470:1f00:296::110/64; > prefix 2001:470:1f00:296::/64; > }; >};</c> ></pre> ><p>We can now start dhcp6s, and configure it to start at boot</p> ><pre> ># <c>/etc/init.d/dhcp6s start</c> ># <c>rc-update add dhcp6s default</c> ></pre> ></body> ></section> ></chapter> > ><chapter> ><title>IPv6 Clients</title> ><section> ><title>Using radvd</title> ><body> ><p>Clients behind this router should now be able to connect to the rest of the net via IPv6. If using radvd, configuring hosts should be as easy as bringing the interface up. (This is probably already done by your net.ethX init scripts).</p> ><pre> ># <c>ifconfig eth0 up</c> ># <c>ifconfig eth0 >eth0 Link encap:Ethernet HWaddr 00:09:6B:06:B7:B4 > inet6 addr: fe80::209:6bff:fe06:b7b4/64 Scope:Link > inet6 addr: 2001:470:1f00:296:209:6bff:fe06:b7b4 Scope:Global > BROADCAST MULTICAST MTU:1500 Metric:1 > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:4 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:100 > RX bytes:0 (0.0 b) TX bytes:828 (828.0 b) > Interrupt:11 Base address:0x8400 Memory:d0204000-d0204038</c> ></pre> ></body> ></section> > ><section> ><title>using DHCPv6</title> ><body> ><p>If your router is set up to use DHCPv6, your clients will also need to have the dhcpv6 package installed. After having done this, you need to configure your client by editing <path>/etc/dhcp6c.conf</path>.</p> ><pre caption="Sample dhcp6c.conf"> ><c>interface eth0 { > send rapid-commit; > request prefix-delegation; > request domain-name-servers; > request temp-address; > iaid 11111; > renew-time 11000; > rebind-time 21000; >};</c> ></pre> ><p>Further work is currently in progress to add better IPv6 support to the network init scripts. If you'd like to know the status of this and/or help out, email <mail link="latexer@gentoo.org">latexer@gentoo.org</mail>.</p> ></body> ></section> > ></chapter> ><chapter> ><title>Other Resources</title> ><body> ><p>There are many excellent resources online pertaining to IPv6.</p> ><table> ><tr><th>Websites</th><th>Resources</th></tr> ><tr><ti><uri link="http://www.ipv6.org/">www.ipv6.org</uri></ti><ti>General IPv6 Information</ti></tr> ><tr><ti><uri link="http://www.linux-ipv6.org/">www.linux-ipv6.org/</uri></ti><ti>USAGI Project</ti></tr> ><tr><ti><uri link="http://www.deepspace6.net/">www.deepspace6.net</uri></ti><ti>Linux/IPv6 site</ti></tr> ><tr><ti><uri link="http://www.hs247.com/">www.hs247.com</uri></ti><ti>All things IPv6</ti></tr> ><tr><ti><uri link="http://www.ipv6-net.org/">www.ipv6-net.org</uri></ti><ti>German IPv6 site</ti></tr> ><tr><ti><uri link="http://www.kame.net/">www.kame.net</uri></ti><ti>*BSD implementation</ti></tr> ></table> ><p>On IRC, you can try <i>#gentoo-ipv6</i> or <i>#ipv6</i> on <uri link="www.freenode.net">Freenode</uri>. You can connect to the Freenode servers using an IPv6 enabled client by connecting to <b>irc.ipv6.freenode.net</b></p> ></body> ></chapter> > > ></guide>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=13807">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 23353
:
13750
|
13807
|
14038
|
14298
