A quick hands-on how to create IPv6 conenctivity at your home.
First we have to install additional packages to enable IPv6 on the box. So first: opkg update, then:
Those are basic packages needed for OpenWrt to support IPv6. The typical test if everything went smoothly is using ifconfig command:
BEFORE:
root@OpenWrt:~# ifconfig
br-lan Link encap:Ethernet HWaddr 00:23:69:2F:3C:47 inet addr:192.168.147.9 Bcast:192.168.147.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:128232 errors:0 dropped:0 overruns:0 frame:0 TX packets:169 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:18876755 (18.0 MiB) TX bytes:13494 (13.1 KiB) AFTER:
root@OpenWrt:~# ifconfig
br-lan Link encap:Ethernet HWaddr 00:23:69:2F:3C:47 inet addr:192.168.147.9 Bcast:192.168.147.255 Mask:255.255.255.0 inet6 addr: fe80::223:69ff:fe2f:3c47/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:128963 errors:0 dropped:0 overruns:0 frame:0 TX packets:586 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:19210054 (18.3 MiB) TX bytes:53923 (52.6 KiB) The address starting with fe80:: says that a "link-scope" address was assigned. You can ignore it. You just have IPv6 on your OpenWRT box. Step one done.
SixxS tunnel
Let's make a break. We successfully configured IPv6 connectivity on OpenWRT box. Now it is time to get real IPv6 or even whole subnet. Here I will describe how to do this with SixxS provider. SixxS is so called tunnel broker. They provide you tunnels (IPv6 in IPv4 encapsulation) to give you connectivity. They can also provide you whole IPv6 subnet. So you need to:
So first we have to add some kernel modules (Kernel support for the TUN/TAP tunneling device): opkg install kmod-tun. The logread
should say something like: "Oct 6 16:02:43 OpenWrt user.info kernel:
Universal TUN/TAP device driver 1.5 (C)1999-2002 Maxim Krasnyansky". If
yes, you have tun interface.
AICCU configuration I will demonstrate most difficult condition for end-user: having OpenWRT behind firewall in private IPv6 network that has NAT connectivity to IPv4 Internet via DSL line with dynamic public IPv4 IP address. For such setup, we need special tunnel configuration software. Tunnel brokers provide usually their own implementation. Here is the one provided by SixxS: opkg install aiccu: root@OpenWrt:/etc/init.d# opkg install aiccu
Installing aiccu (20070115-3) to root... Downloading http://downloads.openwrt.org/backfire/10.03/brcm-2.4/packages/aiccu_20070115-3_brcm-2.4.ipk. Installing libpthread (0.9.30.1-42) to root... Downloading http://downloads.openwrt.org/backfire/10.03/brcm-2.4/packages/libpthread_0.9.30.1-42_brcm-2.4.ipk. Installing librt (0.9.30.1-42) to root... Downloading http://downloads.openwrt.org/backfire/10.03/brcm-2.4/packages/librt_0.9.30.1-42_brcm-2.4.ipk. Installing ntpclient (2007_365-4) to root... Downloading http://downloads.openwrt.org/backfire/10.03/brcm-2.4/packages/ntpclient_2007_365-4_brcm-2.4.ipk. Installing kmod-sit (2.4.37.9-1) to root... Downloading http://downloads.openwrt.org/backfire/10.03/brcm-2.4/packages/kmod-sit_2.4.37.9-1_brcm-2.4.ipk. Configuring librt. Configuring ntpclient. Configuring libpthread. Configuring kmod-sit. Warning: loading sit will taint the kernel: no license See http://www.tux.org/lkml/#export-tainted for information about tainted modules Configuring aiccu. Now we should edit vi /etc/config/aiccu. Just fill the blanks (SixxS handle and password, tunel ID, etc.). For reference, please use aiccu.conf from your windows directory. You probably have this, as I assume, you played first with setting IPv6 on your local Windows machine. When ready, please enable aiccu, by typing: /etc/init.d/aiccu enable. Then restart to ensure that your tunnel is up and running after reboot. Testing is easy. We should be able to do following test: root@OpenWrt:~# ping6 sixxs.net PING sixxs.net (2001:1af8:1:f006::6): 56 data bytes 64 bytes from 2001:1af8:1:f006::6: seq=0 ttl=59 time=74.476 ms Here is working example of my home OpenWRT box: config aiccu option username 'ABCD-SIXXS' option password '********' option protocol 'tic' option server 'tic.sixxs.net' option interface 'sixxs' option tunnel_id 'T123456' option requiretls '0' option defaultroute '1' option nat '1' option heartbeat '1' RADVd Final step... Now we want that our OpenWRT box would advertise our subnet prefix on local network. This is done by installing and configuring Radvd daemon. So, we invoke opkg install radvd. Then we enable it:
cd /etc/init.d/
./radvd enable
Now edit file vi /etc/config/radvd to enable radv advertisement (change all 1 to 0 in lines that states option ignore). Also please specify your IPv6 prefix. Here is what I did for example (this is only part of the file):
config prefix
option interface 'lan' # If not specified, a non-link-local prefix of the interface is used option prefix '4000::/64' option AdvOnLink 1 option AdvAutonomous 1 option AdvRouterAddr 0 option ignore 0 After starting radvd with /etc/init.d/radvd start or restarting router, we get in client machine (please note that connection to IPv6 router goes via local scope link): If you can get similar effect, you are set with RADVd. Please note that on IPv6 (I'm not very strict about that...) there are no "private address space" like 192.168.146.x, so do not experiment on live connected system.
Last but not least. Using radv is enough to auto-configure hosts in your local network. However router won't configure itself. So you have to manually add IP address to your router box. Just edit vi /etc/config/network. Just add option ip6addr '2001:1234:5678::1/64' under 'lan'. The postfix of ::1 is ideal for router. Please note that adding ::1 to interface that connects to our lan has only one purpose - to allow create correct routing table on OpenWRT box. In fact this address is necessary, that following bold line appear: root@OpenWrt:~# ip -f inet6 route 2001:1234:5678::/64 dev br-lan metric 256 mtu 1500 advmss 1440 2001:6a0:200:1f1::/64 dev sixxs metric 256 mtu 1280 advmss 1220 fe80::/64 dev eth0 metric 256 mtu 1500 advmss 1440 fe80::/64 dev eth0.0 metric 256 mtu 1500 advmss 1440 fe80::/64 dev br-lan metric 256 mtu 1500 advmss 1440 fe80::/64 dev eth0.1 metric 256 mtu 1500 advmss 1440 fe80::/64 dev wl0 metric 256 mtu 1500 advmss 1440 fe80::/64 dev sixxs metric 256 mtu 1280 advmss 1220 ff00::/8 dev eth0 metric 256 mtu 1500 advmss 1440 ff00::/8 dev eth0.0 metric 256 mtu 1500 advmss 1440 ff00::/8 dev br-lan metric 256 mtu 1500 advmss 1440 ff00::/8 dev eth0.1 metric 256 mtu 1500 advmss 1440 ff00::/8 dev wl0 metric 256 mtu 1500 advmss 1440 ff00::/8 dev sixxs metric 256 mtu 1280 advmss 1220 default via 2001:5678:90:1f1::1 dev sixxs metric 1024 mtu 1280 advmss 1220 That all folks ;) Remark... If you experience the problem with frequent disconnecting of sixxs tunel, please try add the following to your firewall: iptables -t raw -A PREROUTING --proto 41 -j NOTRACK If it will not work, here is my solution for SixxS disconnection problem: http://bartprokop.blogspot.com/2010/11/sixxs-keep-alive.html |