IPv6 on FreeBSD 6.2

From Secure Computing Wiki
Revision as of 18:54, 23 November 2010 by Esubiguxoc (Talk | contribs)

Jump to: navigation, search



After seeing the recommendation from ARIN that everyone adopt IPv6 [1], I decided to see what it would take to implement it on my network here.

The following are the steps I took to implement IPv6. Your mileage may vary.

Obtain IPv6 Address Block

The first thing I did was contact my ISP to see if they supported IPv6 natively on their network. Fortunately, the did. If you don't have an ISP that does, you can check out http://www.tunnelbroker.net. Last I checked, they support IPv6 over IPv4 tunneling and will even delegate reverse DNS to your servers!

Route IPv6 Address Block

The second hurdle I needed to jump was getting my address block routed to my systems. Unfortunately, I am stuck with a low-end DSL router, and, as such, it does not support the newest Internet Protocol addresses. The solution was to utilize a gif tunnel between my FreeBSD 6.2 gateway and my ISP's Cisco router. <i>Note: I don't know what my ISP did with the router on their end to setup the tunnel.</i><p>On my end of the tunnel, I needed to perform the following series of commands:</p> <ol> <li>Create a gif interface.</li> <li>Setup tunnel endpoints.</li> <li>Assign IPv6 address to interface.</li> <li>Add route to routing table.</li> <li>Modify /etc/rc.conf to keep settings on reboot.</li> </ol> These commands look like the following: <pre>ifconfig gif0 create ifconfig gif0 tunnel $ip4my_end $ip4ISP_end ifconfig gif0 inet6 $ip6my_end route add -inet6 default $ip6ISP_end</pre>

You should, at this point, be able to test your connection by using the ping6 command to ping your ISP's IPv6 address: <pre> -> ping6 fe80:4980:1::5 PING6(56=40+8+8 bytes) fe80:4980:1::6 --> fe80:4980:1::5 16 bytes from fe80:4980:1::5, icmp_seq=0 hlim=64 time=39.349 ms 16 bytes from fe80:4980:1::5, icmp_seq=1 hlim=64 time=39.338 ms 16 bytes from fe80:4980:1::5, icmp_seq=2 hlim=64 time=39.327 ms 16 bytes from fe80:4980:1::5, icmp_seq=3 hlim=64 time=39.816 ms 16 bytes from fe80:4980:1::5, icmp_seq=4 hlim=64 time=39.301 ms ^C --- fe80:4980:1::5 ping6 statistics --- 5 packets transmitted, 5 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 39.301/39.426/39.816/0.196 ms </pre>

CONGRATULATIONS! If you can ping across your tunnel, you're almost there! Now, we need to save these settings in /etc/rc.conf so that the gif tunnel is brought back up upon (re)boot. Add the following lines to your /etc/rc.conf file to reflect our configuration above: <pre>

    1. IPv6 Settings

ipv6_enable="YES" ipv6_gateway_enable="YES" rtadvd_enable="YES" gif_interfaces="gif0" gifconfig_gif0="" ipv6_ifconfig_gif0="2001:4980:1::6/126" ipv6_defaultrouter="2001:4980:1::5" ipv6_ifconfig_fxp0="2001:4980:1:111::145/64" ipv6_ifconfig_fxp0_alias0="2001:4980:1:111::1/128"

cloned_interfaces="bridge0" ifconfig_bridge0="addm fxp0 addm fxp1 up" </pre>

IPv6 DHCP Server

  • The DHCP6 Server page has a step-by-step guide for installing and configuring the /usr/ports/net/dhcp6 port as a server on FreeBSD 6.2.
  • The DHCP6 Client page has a step-by-step guide for installing and configuring the /usr/ports/net/dhcp6 port as a client on FreeBSD 6.2.

Forward & Reverse DNS

For DNS, see IPv6 DNS