Difference between revisions of "IPv6 on FreeBSD 6.2"

From Secure Computing Wiki
Jump to: navigation, search
m (Reverted edits by Esubiguxoc (talk) to last revision by 209.240.66.157)
 
(One intermediate revision by one other user not shown)
(No difference)

Latest revision as of 17:37, 26 November 2010

After seeing the recommendation from ARIN that everyone adopt IPv6 [1], I decided to see what it would take to implement it on my network here.

The following are the steps I took to implement IPv6. Your mileage may vary.

Obtain IPv6 Address Block

The first thing I did was contact my ISP to see if they supported IPv6 natively on their network. Fortunately, the did. If you don't have an ISP that does, you can check out http://www.tunnelbroker.net. Last I checked, they support IPv6 over IPv4 tunneling and will even delegate reverse DNS to your servers!

Route IPv6 Address Block

The second hurdle I needed to jump was getting my address block routed to my systems. Unfortunately, I am stuck with a low-end DSL router, and, as such, it does not support the newest Internet Protocol addresses. The solution was to utilize a gif tunnel between my FreeBSD 6.2 gateway and my ISP's Cisco router. Note: I don't know what my ISP did with the router on their end to setup the tunnel.

On my end of the tunnel, I needed to perform the following series of commands:

  1. Create a gif interface.
  2. Setup tunnel endpoints.
  3. Assign IPv6 address to interface.
  4. Add route to routing table.
  5. Modify /etc/rc.conf to keep settings on reboot.

These commands look like the following:

ifconfig gif0 create
ifconfig gif0 tunnel $ip4my_end $ip4ISP_end
ifconfig gif0 inet6 $ip6my_end
route add -inet6 default $ip6ISP_end

You should, at this point, be able to test your connection by using the ping6 command to ping your ISP's IPv6 address:

-> ping6 fe80:4980:1::5
PING6(56=40+8+8 bytes) fe80:4980:1::6 --> fe80:4980:1::5
16 bytes from fe80:4980:1::5, icmp_seq=0 hlim=64 time=39.349 ms
16 bytes from fe80:4980:1::5, icmp_seq=1 hlim=64 time=39.338 ms
16 bytes from fe80:4980:1::5, icmp_seq=2 hlim=64 time=39.327 ms
16 bytes from fe80:4980:1::5, icmp_seq=3 hlim=64 time=39.816 ms
16 bytes from fe80:4980:1::5, icmp_seq=4 hlim=64 time=39.301 ms
^C
--- fe80:4980:1::5 ping6 statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 39.301/39.426/39.816/0.196 ms

CONGRATULATIONS! If you can ping across your tunnel, you're almost there! Now, we need to save these settings in /etc/rc.conf so that the gif tunnel is brought back up upon (re)boot. Add the following lines to your /etc/rc.conf file to reflect our configuration above:

## IPv6 Settings
ipv6_enable="YES"
ipv6_gateway_enable="YES"
rtadvd_enable="YES"
gif_interfaces="gif0"
gifconfig_gif0="209.240.66.156 216.250.189.140"
ipv6_ifconfig_gif0="2001:4980:1::6/126"
ipv6_defaultrouter="2001:4980:1::5"
ipv6_ifconfig_fxp0="2001:4980:1:111::145/64"
ipv6_ifconfig_fxp0_alias0="2001:4980:1:111::1/128"

cloned_interfaces="bridge0"
ifconfig_bridge0="addm fxp0 addm fxp1 up"

IPv6 DHCP Server

  • The DHCP6 Server page has a step-by-step guide for installing and configuring the /usr/ports/net/dhcp6 port as a server on FreeBSD 6.2.
  • The DHCP6 Client page has a step-by-step guide for installing and configuring the /usr/ports/net/dhcp6 port as a client on FreeBSD 6.2.

Forward & Reverse DNS

For DNS, see IPv6 DNS