Sie sind auf Seite 1von 6

03/07/12

The IPv6 Portal


6to4 is an IP v 4 tunnel-based transition mechanism defined in RF C -3056. It w as designed to allow different IP v 6 domains communicate w ith other IP v 6 domains through IP v 4 clouds w ithout explicit IP v 4 tunnels. 6to4 encapsulates IP v 6 packets into IP v 4 ones, similar to the 6in4 tunnels, but the main difference betw een both methods is that in 6in4 it is necessary to establish an explicit tunnel on both ends of the tunnel: at the host and at the serv er sides. U sually this configuration is done by means of external tools like the Tunnel Broker defined in RF C -3053 w ho is in charge of configuring the tunnel on the serv er side (router) and sending a configuration script in order to let the user configure the tunnel on the host side. With 6to4 there is no need to establish the tunnel on the serv er side, so the only configuration is done on the host side. The 6to4 router (serv er side) w ill accept all the 6to4-encapsultated packets coming from any host. A 6in4 router (serv er side) only accepts 6in4-encapsulated packets of activ e tunnels. A s consequence, w ith 6in4 tunnels all the outgoing traffic and incoming traffic follow alw ay s the same path betw een the host and the serv er side (both ends of the tunnel). H ow ev er, as illustrated in the figure, w ith 6to4 the outgoing traffic (from the host point of v iew ) is sent alw ay s to the same 6to4 router, but the incoming traffic might be receiv ed from different 6to4 router/relay s depending on w hich 6to4 relay is the nearest one to the IP v 6 netw ork that the 6to4 host is w illing to contact.

A nother important difference w ith other transition mechanisms is that the 6to4 IP v 6 prefix is deriv ed from the IP v 4 address, so the routers/hosts using this mechanism hav e a /48 IP v 6 prefix to built an IP v 6 netw ork. F or this reason, one essential requirement is that the 6to4 host/router needs to hav e a globally addressable IP v 4 address to 6to4 w orks, so it cannot be located behind a N A T box, unless the N A T box (w hich w ill hav e the globally addressable IP v 4 address) supports protocol 41 packets being forw arded to a host behind it. This mechanism, know n as "F orw arding P rotocol 41 in N A T Boxes" lets y ou configure IP v 6 tunnels to y our host/router using a priv ate IP v 4 address. A ccording to the proto-41 forw arding mechanism the N A T box forw ards outgoing IP v 6 packets (protocol 41) encapsulated into IP v 4 ones and it puts an entry for them in the N A T table in order to forw ard the incoming IP v 6 encapsulated packets tow ards the proper host located in the priv ate IP v 4 LA N . A more complete document is av ailable here. There are many 6to4 serv er/relay located in the Internet, most of them hav e their ow n unicast IP v 4 address. H ow ev er many of them can be reached by using the any cast IP v 4 address 192.88.99.1 w hich has been standardized in RF C 3068 to be used as univ ersal 6to4 relay router locator. The any cast address has the property that prov ides y ou the nearest serv er in terms of netw ork proximity .

Public 6to4 relays


S ome operating sy stems use automatically a preconfigured 6to4 relay , w hich might not be the best in terms of netw ork proximity depending on the location of the user. F or this reason, find below a list of public 6to4 relay s located all around

$ipv6tf_re sis: '1024' the w orld =

$PHPSESSID = '28a10af79516c032c7e f438992c64595' 6to4.ipv 6.aarnet.net.au (A ustralia)


6to4.ipv 6.uni-leipzig.de (G ermany ) 6to4.ipv 6.fh-regensburg.de (G ermany ) kddilab.6to4.jp (Japan) $ipv6tf_re s = '1024' 6to4.ipng.nl (N etherlands) 6to4.ipng.unix.za.net (S outh A frica) 6to4.autotrans.consulintel.com (S pain) 6to4.ipv 6.ascc.net (Taiw an) skby s-00-00.6to4.xs26.net (S lov akia) $PHPSESSID = '28a10af79516c032c7e f438992c64595'

$HO6to4.ipv 6.bt.com (U nited Kindom) STNAME = 'ns1.e uro6ix .com '


6to4.ipv 6.microsoft.com (U S A , Redmon) $SHELL = '/bin/bash' ipv 6-lab-gw .cisco.com (U S A , S an Jose) 6to4.ipv 6.org (M icrosoft) $TER M = 'x te rm ' 192.88.99.1 (A '1000' $HISTSIZE = ny cast address)

$SSH_C LIENT = '::ffff:10.0.0.5 2719 22' 6to4 host configuration guides $Q TDIR = '/usr/lib/qt-3.1'
Below y ou can find different w ay s to get IP v 6 connectiv ity by using 6to4 tunnels for the commonest operating sy stems. S ome of them '/de be already $SSH_TTY = could v/pts/1' configured by default, but may be not in the optimal w ay . The configuration examples are show n w ith the any cast IP v 4 address for 6to4 relay s. S uch address is alw ay s v alid and it w ill prov ide the nearest 6to4 $USER = 'root' relay in terms of netw ork proximity . H ow ev er y ou can change such address by one of the serv ers show n in the abov e list if y ou notice any trouble w ith the any cast routes/connection. Windows XP /Windows 2 0 0 3 You should ty pe the follow ing command from the sy stem sy mbol w indow : netsh int ipv= 6to4 set relay 192.88.99.1 enabled 1440 $MAIL 6 '/var/spool/m ail/root' A lternativ ely , y'/hom use another 6to4 relay by replacing the IP v 4 address, by using any of the existing relay s, as in the $PW D = ou can e /www/ipv6tf_v3/logs' example below : netsh int ipv 6 6to4 set relay 6to4.autotrans.consulintel.com enabled 1440 Windows 2 0 0 0

$LS_C O LO R S = 'no=00:fi=00:di=00;34:ln=00;36:pi=40;33:so=00;35:bd=40;33;01:cd=40;33;01:or=01;05;37;41:m i=01;05;37;41:e x =00;32:*.cm d=00;32:*.e x e =00;32:*.com =00;32:*.bt $USER NAME = 'root'

$PATH = '/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R 6/bin'

$INPUTR C = '/e tc/inputrc'

$LANG = 'e s_ES.UTF-8'

The 6to4cfg.exe command automates 6to4 configuration. It automatically discov ers y our globally routable IP v 4 address $SHLVL a '2' and creates = 6to4 prefix. Will either perform the configuration directly , or it can w rite out a configuration script that y ou can inspect $BASH_ENV and'/root/.bashrc' = run later. You should = 'root' $LO GNAME ty pe the follow ing command from the sy stem sy mbol w indow : 6to4cfg -R = '::ffff:10.0.0.5 2719 ::ffff:10.0.0.3 22' $SSH_C O NNEC TIO N 192.88.99.1 A lternativ ely , ou can use another 6to4 relay by $LESSO PEN = y'|/usr/bin/le sspipe .sh %s'replacing the IP v 4 address as in the follow ing example: 6to4cfg -R = '1' $G_BR O KEN_FILENAMES 6to4.autotrans.consulintel.com M ore details can be show n here. $_ = '/sbin/initlog' Linux/Solar is

$HO ME = '/root'

$HTTP_HO ST ty pe the follow ing commands from the shell: You should = 'www.ipv6tf.org' $HTTP_C O NNEC TIO N =tun6to4p-alive ' ttl 80 remote any local DIR_P U BLIC _IP v 4 ip tunnel add 'k e e mode sit $HTTP_USERip link set dev tun6to4 up _AGENT = 'Mozilla/5.0 (W indows NT 6.1; W O W 64) Apple W e bKit/536.11 (KHTML, lik e Ge ck o) C hrom e /20.0.1132.47 Safari/536.11'
ip -6 addr add 2002:XXYY:ZZU U ::1/16 dev tun6to4 ip -6 EPT = 'te x t/htm ::192.88.99.1 dev htm l+x m l,application/x m l;q=0.9,*/*;q=0.8' $HTTP_AC Croute add 2000::/3 v ia l,application/xtun6to4 metric 1 N ote that = 'http://www.ipv6tf.org/inde x .php?page _IP v 4 (the public ctivity/6to4' $HTTP_R EFER ERXXYY:ZZU U is the hexadecimal notation for DIR_P U BLIC=using/conne IP v 4 address) as follow s:

$HTTP_AC C EPT_ENC O DING _IP v 4 = 60.172.21.22 -> DIR_P U BLIC 'gzip,de flate ,sdch' =

60 -> 3C 172 -> A C

21 -> 15 $HTTP_AC C EPT_LANGUAGE 'pt-BR ,pt;q=0.8,e n-US;q=0.6,e n;q=0.4,e s-419;q=0.2,e s;q=0.2' 22 -> DE =

$HTTP_AC C EPT_C HAR SET

'ISO -8859-1,utf-8;q=0.7,*;q=0.3'

www.ipv6tf.org/print_url.php

1/6

03/07/12
60.172.21.22 -> XXYY:ZZU U = 3C A C :15DE = example:

The IPv6 Portal


'ISO -8859-1,utf-8;q=0.7,*;q=0.3' $HTTP_Clternativ ely , y'ipv6tf_reanother 6to4PHPSESSID=28a10af79516c032c7e f438992c64595' A O O KIE = ou can use s=1024; relay by replacing the IP v 4 address of the last command as in the follow ing $PATH = '/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R 6/bin'
ip -6 route add 2000::/3 v ia 6to4.autotrans.consulintel.com dev tun6to4 metric 1 *BSD

$SER VER _SIGNATUR E = ''

$SER VER _SO FTW AR E = 'Apache '


M $SER VERake sure y ou 'www.ipv6tf.org' _NAME = hav e at least one stf(4) interface configured into y our kernel: pseudo-dev = '213.172.48.141' $SER VER _ADDR ice stf 1 # 6to4 IP v 6 ov er IP v 4 encapsulation By default = '80' $SER VER _PO R T this is not enabled. P lease consult some appropriate documents on kernel configuration and compilation. You should = ty pe the follow ing commands from the shell: $R EMO TE_ADDR also'189.22.21.206' ifconfig stf0 inet6 2002:XXYY:ZZU U ::1 prefixlen $DO C UMENT_R O O T = '/hom e /www/ipv6tf_v3' 16 alias route add -inet6 default 2002:c058:6301::1

$SER VER _ADMIN = 'we bm aste r@consulinte l.e s'


DIR_P U BLIC '53294' $R EMO TE_PO R T = _IP v 4 = 60.172.21.22 ->

$SC R IPT_FILENAME = '/hom e /www/ipv6tf_v3/print_url.php'


60 -> 3C 172 -> A C 21 -> 15 22 -> DE

N ote that XXYY:ZZU U is the hexadecimal notation for DIR_P U BLIC _IP v 4 (the public IP v 4 address) as follow s:

$GATEW AY_INTER FAC E = 'C GI/1.1' $SER VER _PR O TO C O L = 'HTTP/1.1'

60.172.21.22 'GET' $R EQ UEST_METHO D = -> XXYY:ZZU U = 3C A C :15DE

$Q UER Y_STRO S = '' M ac ING $R EQ UEST_URhas really good support for IP v 6, including 6to4. Depending on the v ersion of the operating sy stem the procedure M ac O S I = '/print_url.php' $SC R IPT_NAME = '/print_url.php' $PHP_SELF = '/print_url.php'
could be different but in all the cases it can be configured w ith only a few steps. Detailed information to configure 6to4 in M ac O S can be found here.

6to4 relay '/hom e /www/ipv6tf_v3/print_url.php' $PATH_TR ANSLATED =configuration guides


$argv = C 3056 A ccording to RF'Array'there are tw o w ay s a router could support the 6to4 transition mechanism.
The$argc called 6to4 Router and the second 6to4 Relay Router. first is = '0' 1) 6to4 Router: A n IP v 6 router supporting a 6to4 pseudo-interface. It is normally the border router betw een an IP v 6 site and a w ide-area IP v 4 netw ork. F or example, think in an isolated IP v 6 cloud. This cloud could use 6to4 addresses and get connected to other IP v 6 nodes through the 6to4 router. 2) 6to4 Relay Router: A 6to4 router configured to support transit routing betw een 6to4 addresses and nativ e IP v 6 addresses. The main difference w ith the 6to4 Router is that the Relay router is connected to the nativ e IP v 6 w orld. O r w hat is the same, they announce the 2002::/16 prefix to their routing peers. N ote that an isolated host could be configured as 6to4 router just to obtain IP v 6 connectiv ity (this is called a 6to4 router/host). This configuration is automatic in many operating sy stems, and in practice, in means that w hen a host has IP v 6 enabled and a public IP v 4 address, if it supports 6to4, it w ill gain automatic access to IP v 6 ev en if the IS P doesn't prov ide the serv ice. The 6to4 addresses use the prefix 2002::/16 F or the automatic configuration of the 6to4 hosts in order to reach a 6to4 relay , the 6to4 relay s need to use an any cast address, w hich is 192.88.99.1. M ore info on this in RF C 3068. Below y ou can find instructions for configuring a 6to4 Relay in sev eral ty pes of routers. C isco This info prov ides the steps required in order to configure y our C isco box as a 6to4 Relay . In order to proceed, y ou need to hav e a public IP v 4 address on that router, y our ow n IP v 6 prefix (prov ided by y our RIR) and IP v 6 transit. A nd of course, the router need to hav e an IO S supporting IP v 6 (including 6to4 support). Details of the example configuration The examples below assume that the public IP v 4 address in the WA N interface of the router is 192.1.2.3. You should replace that w ith the right information for y our ow n case, same w ith other data used in the examples. A lso, y ou need to understand how to calculate the 6to4 IP v 6 address for y our router. This is done using the IP v 4 address and the IP v 6 6to4 prefix. The 6to4 prefix 2002::/16 is taking the first 16 bits. Then the bits 17 to 48 are the nibble notation for y our IP v 4 address. S o in our example it w ill be: 192 1= 2= 3= = c0 01 02 03

S o consequently : 2002:c001:0203::/48 We w ill use the first address of the prefix for the WA N interface, so 2002:c001:0203::1/128 A lso, the any cast address for 6to4 is: 192.88.99.1 F ollow ing the same example as abov e, in IP v 6 w ill be: 2002:c058:6301::/128 F or our example using a Loopback, w e use 192.3.2.3, w hich in IP v 6 w ill be 2002:0c03:0203::/128 We show below tw o options for the 6to4 Relay . O ne for the basic configuration and the other one for using the any cast address for 6to4. You just need to configure one of them (A or B). A ) E xample configuration of a basic 6to4 Relay This relay w ill only be reachable for hosts or routers w ith a manual configuration pointing to it. A 1) E nable IP v 6 in the router ipv 6 unicast-routing A 2) E thernet0/0 interface configuration (obv iously y ou can use another interface) interface E thernet0/0 description 6to4 Relay S erv ice ip address 192.1.2.3 255.255.255.0 A 3) tunnel 6to4 v irtual interface interface Tunnel2002 description 6to4 Relay Interface no ip address no ip redirects ipv 6 address 2002:c001:0203::1/128 tunnel source E thernet0/0 tunnel mode ipv 6ip 6to4 A 4) 6to4 prefix route ipv 6 route 2002::/16 Tunnel2002 B) E xample configuration of a 6to4 Relay w ith any cast support B1) E nable IP v 6 in the router ipv 6 unicast-routing B2) We use the loopback (recommended), but y ou could use an E thernet Interface or any other one interface Loopback0 description 6to4 A ny cast Relay S erv ice ip address 192.88.99.1 255.255.255.0 secondary ip address 192.3.2.3 255.255.255.255 ipv 6 address 2002:c003:0203::1/128 ipv 6 mtu 1480 no ipv 6 mfib fast N ote: When using IP v 4 any cast addresses is recommended to configure explicitly the BG P /O S P F ID w ith a unicast address, otherw ise, the router may take by default the any cast address as the ID. B3) tunel 6to4 v irtual interface

www.ipv6tf.org/print_url.php

2/6

03/07/12
interface Tunnel2002 description any cast 6to4 Relay Interface no ip address no ip redirects ipv 6 address 2002:C 058:6301::/128 any cast ipv 6 unnumbered Loopback0 no ipv 6 mfib fast tunnel source Loopback0 tunnel mode ipv 6ip 6to4 tunnel path-mtu-discov ery C ) C onfiguration for a public Relay

The IPv6 Portal

If y ou choose the any cast option (B), then y ou can also make the relay public v ia the follow ing steps. C 1) You need to announce the 2002::/16 prefix usually v ia BG P . The example below w ill help y ou. You should add this to the normal unicast IP v 6 configuration and replace the right information for y our ow n case. router bgp my A S N no bgp default ipv 4-unicast bgp log-neighbor-changes neighbor remotepeer_IP v 6_address remote-as remoteA S N neighbor remotepeer_IP v 6_address description P eer to remoteIS P address-family ipv 6 neighbor remotepeer_IP v 6_address activ ate neighbor remotepeer_IP v 6_address route-map remoteIS P _in in neighbor remotepeer_IP v 6_address route-map remoteIS P _out out netw ork my _IP v 6_prefix netw ork 2002::/16 exit-address-family ipv 6 route 2002::/16 N ull0 ipv 6 prefix-list 6to4_prefix seq 5 permit 2002::/16 route-map remoteIS P _out permit 10 match ipv 6 address prefix-list 6to4_prefix N ote: O f course, y ou need to replace some of the parameters w ith y our specific data, such as my A S N , remotepeer_IP v 6, my _IP v 6_prefix, remoteA S N , remoteIS P , remoteIS P _in and remoteIS P _out. C 2) A dditionally y ou need to configure the announce of the 6to4 any cast prefix, 192.88.99.0/24, to y our neighbor IS P s. D) C onfiguration for a P riv ate Relay A lternativ ely , if y ou only w ant to offer the relay to y our ow n customers, y ou need to announce the 192.88.99.0/24 prefix only to them. Then y ou w ill need to use example A ) and use something adapted to y our ow n netw ork/routing protocol. F or example, if y ou are using O S P F as y our IG P , y ou w ill add something such as: router ospf 1 log-adjacency -changes auto-cost reference-bandw idth 10000 netw ork 192.88.99.0 0.0.0.255 area 0 Linux This info prov ides the steps required in order to configure y our Linux box as a 6to4 Relay . In order to proceed, y ou need to hav e a public IP v 4 address on that box, y our ow n IP v 6 prefix (prov ided by y our RIR) and IP v 6 transit. The Linux box (recommended 2.6.x or higher v ersion) need to hav e IP v 6 support and IP v 6 routing enabled. Details of the example configuration The examples below assume that the public IP v 4 address in the WA N interface of the Linux is 192.1.2.3. You should replace that w ith the right information for y our ow n case, same w ith other data used in the example. A lso, y ou need to understand how to calculate the 6to4 IP v 6 address for y our router. This is done using the IP v 4 address and the IP v 6 6to4 prefix. The 6to4 prefix 2002::/16 is taking the first (high order) 16 bits. Then the bits 17 to 48 are the nibble notation of y our IP v 4 address. S o in our example it w ill be: 192 1= 2= 3= = c0 01 02 03

S o consequently : 2002:c001:0203::/48 We w ill use the first address of the prefix for the WA N interface, so 2002:c001:0203::1/128 A lso, the any cast address for 6to4 is: 192.88.99.1 In the text below , both, the generic commands and example data is used. A ) C onfigure 6to4 tunneling using "ip" and a dedicated tunnel dev ice C reate a new tunnel dev ice (a TTL must be specified because the default v alue is 0): # /sbin/ip tunnel add tun6to4 mode sit ttl <ttldefault> remote any local <localipv 4address> # /sbin/ip tunnel add tun6to4 mode sit ttl 80 remote any local 192.1.2.3 Bring the interface up # /sbin/ip link set dev tun6to4 up A dd local 6to4 address to interface (note: prefix length 16 is v ery important!) # /sbin/ip -6 addr add <local6to4address>/16 dev tun6to4 # /sbin/ip -6 addr add 2002:c001:0203::1/16 dev tun6to4 B) Display existing tunnels # /sbin/ip -6 tunnel show [<dev ice>] E xample: # /sbin/ip -6 tunnel show sit0: ipv 6/ip remote any local any ttl 64 nopmtudisc sit1: ipv 6/ip remote 195.226.187.50 local any ttl 64 C ) Display routes to tunnels # /sbin/route -A inet6 E xample (output is filtered to display only tunnels through v irtual interface sit0): # /sbin/route -A inet6 | grep "\Wsit0\W* $ " ::/96 :: U 256 2 0 sit0 2002::/16 :: U A 256 0 0 sit0 2000::/3 ::193.113.58.75 U G 1 0 0 sit0 fe80::/10 :: U A 256 0 0 sit0 ff00::/8 :: U A 256 0 0 sit0 D) C onfigure 6to4 prefix route A s hav e been seen on step C ) there should be a route for the 2002::/16 prefix through the 6to4 tunnel interface. If it this route doesn't exist, then: # /sbin/ip -6 route add 2002::/16 dev tun6to4 metric 1 E ) C onfigure IP v 6 connectiv ity Because w e are configuring a 6to4 relay it should hav e IP v 6 connectiv ity (either nativ e or v ia a tunnel) through an IP v 6 gatew ay (for our example w e use 2001:7f9:1::1 as G W address). A fter hav ing configured an IP v 6 address on the corresponding interface, the default route should be configured: If our IP v 6 interface is interface eth0: To configure the IP v 6 address: # /sbin/ip -6 addr add 2001:7f9:1::2/64 dev eth0 To add a default route: # /sbin/ip -6 route add 2000::/3 v ia 2001:7f9:1::1 dev eth0 metric 1 F ) C onfigure prefix adv ertisements

www.ipv6tf.org/print_url.php

3/6

03/07/12
This w ould allow nativ e IP v 6 nodes to reach 6to4 nodes (2002::/16 addresses). Regarding the IP v 4 reachability of the Relay there are tw o options:

The IPv6 Portal


S omew here on the Relay netw ork, the dev ice in charge of announcing prefixes (ty pically a BG P router) should announce 2002::/16 prefix to its IP v 6 peerings.

1) C onfigure the 6to4 any cast IP v 4 address (192.88.99.1) and announce the any cast prefix (192.88.99.0/24) to y our IP v 4 peerings. 2) U se another public IP v 4 address. If 1) is chosen 6to4 hosts w ill be able to find it automatically , w ith no need for any manual configuration. In case of choosing 2) some kind of adv ertisement of the IP v 4 address is needed (usually a F Q DN -F ully Q ualified Domain N ame) in order to allow others to configure our relay . This w ill allow 6to4 nodes (2002::/16 addresses) to reach nativ e IP v 6 nodes through our relay . G ) M aking y our configuration persistent In order to make y our configuration persistent a script could be used to be executed at boot time. The idea is to hav e an script that executes all the commands y ou need to configure ev ery thing as desired. A n example follow s, it takes as argument the local host public IP v 4 address: #!/bin/sh IP V 4=$ 1 P A RTS =`echo $ IP V 4 | tr . ' '` P RE F IX48=`printf "2002:% 02x% 02x:% 02x% 02x" $ P A RTS ` S TF _IF ="stf0" S TF _N E T6="$ P RE F IX48":0000 S TF _IP 6="$ S TF _N E T6"::1 ip tunnel add tun6to4 mode sit ttl 64 remote any local $ IP V 4 ip link set dev tun6to4 up ip -6 addr add $ S TF _IP 6/16 dev tun6to4 ip -6 addr add 2001:7f9:1::2/64 dev eth0 ip -6 route add 2000::/3 v ia 2001:7f9:1::1 dev eth0 metric 1 A lso depending on the implementation some configuration could be done in the sy stem's netw ork information files. - Red H at Distributions: A dd IP V 6TO 4IN IT=y es to /etc/sy sconfig/netw ork-scripts/ifcfg-if for the interface w ith the local IP v 4 address and add IP V 6_DE F A U LTDE V =tun6to4 to /etc/sy sconfig/netw ork. You also should configure the default IP v 6 route if needed. C onfiguration examples may v ary for other Linux distributions. A nnex A : Remov e a 6to4 tunnel using "ip" and a dedicated tunnel dev ice Remov e all routes through this dedicated tunnel dev ice # /sbin/ip -6 route flush dev tun6to4 S hut dow n interface # /sbin/ip link set dev tun6to4 dow n Remov e created tunnel dev ice # /sbin/ip tunnel del tun6to4 BSD This info prov ides the steps required in order to configure y our BS D box as a 6to4 Relay . In order to proceed, y ou need to hav e a public IP v 4 address on that box, y our ow n IP v 6 prefix (prov ided by y our RIR) and IP v 6 transit. The BS D box need to support stf pseudo-interface, F reeBS D 5.4 or higher v ersion is recommended, for F reeBS D 4.9 y ou need to recompile the kernel adding "pseudo-dev ice stf". N etBS D 1.5 supports stf pseudo-interface compiling the kernel. A lso need to hav e IP v 6 support and IP v 6 routing enabled. Details of the example configuration The example below is assuming that the public IP v 4 address in the WA N interface of the BS D is 192.1.2.3. You should replace that w ith the right information for y our ow n case, same w ith other data used in the example. A lso, y ou need to understand how to calculate the 6to4 IP v 6 address for y our router. This is done using the IP v 4 address and the IP v 6 6to4 prefix. The 6to4 prefix 2002::/16 is taking the first (high order) 16 bits. Then the bits 17 to 48 are the nibble notation of the IP v 4 address. S o in our example it w ill be: 192 1= 2= 3= = c0 01 02 03

S o consequently : 2002:c001:0203::/48 We w ill use the first address of the prefix for the WA N interface, so 2002:c001:0203::1/128 A lso, the any cast address for 6to4 is: 192.88.99.1 In the text below , both, the generic commands and example data is used. A ) C onfigure 6to4 tunneling C reate a stf interface (in case it doesn't exist): # ifconfig stf create By default the stf interface is not enabled. A dd local 6to4 address to interface (note: prefix length 16 is v ery important!) # ifconfig stf0 inet6 6to4addr prefixlen 16 # ifconfig stf0 inet6 2002:c001:0203::1 prefixlen 16 B) C onfigure IP v 6 connectiv ity Because w e are configuring a 6to4 relay it should hav e IP v 6 connectiv ity (either nativ e or v ia a tunnel) through an IP v 6 gatew ay (for our example w e use 2001:7f9:1::1 as G W address). A fter hav ing configured an IP v 6 address on the corresponding interface, the default route should be configured: If our IP v 6 interface is interface ne0: To configure the IP v 6 address: # ifconfig ne0 inet6 alias 2001:7f9:1::2 To add a default route: # route add -inet6 default 2001:7f9:1::1 C ) C onfigure prefix adv ertisements S omew here on the Relay netw ork, the dev ice in charge of announcing prefixes (ty pically a BG P router) should announce 2002::/16 prefix to its IP v 6 peerings. This w ould allow nativ e IP v 6 nodes to reach 6to4 nodes (2002::/16 addresses). Regarding the IP v 4 reachability of the Relay there are tw o options: 1) C onfigure the 6to4 any cast IP v 4 address (192.88.99.1) and announce the any cast prefix (192.88.99.0/24) to the site IP v 4 peerings. 2) U se another public IP v 4 address. If 1) is chosen 6to4 hosts w ill be able to find it automatically , w ith no need for any manual configuration. In case of choosing 2) some kind of adv ertisement of the IP v 4 address is needed (usually a F Q DN -F ully Q ualified Domain N ame) in order to allow others to configure our relay . This w ill allow 6to4 nodes (2002::/16 addresses) to reach nativ e IP v 6 nodes through our relay . D) M aking y our configuration persistent

www.ipv6tf.org/print_url.php

4/6

03/07/12
A n example follow s, it takes as argument the local host public IP v 4 address: #!/bin/sh IP V 4=$ 1 P A RTS =`echo $ IP V 4 | tr . ' '` P RE F IX48=`printf "2002:% 02x% 02x:% 02x% 02x" $ P A RTS ` S TF _IF ="stf0" S TF _N E T6="$ P RE F IX48":0000 S TF _IP 6="$ S TF _N E T6"::1 ifconfig $ S TF _IF inet6 $ S TF _IP 6 prefixlen 16 alias ifconfig ne0 inet6 alias 2001:7f9:1::2 route add -inet6 default 2001:7f9:1::1 F or F reeBS D: S et in /etc/rc.conf: stf_interface_ipv 4addr="public_v 4addr" ipv 6_defaultrouter="2001:7f9:1::1" C onfiguration examples may v ary for other BS D distributions. A nnex A : Remov e a 6to4 tunnel using "ip" and a dedicated tunnel dev ice Remov e a 6to4 interface address # ifconfig stf0 inet6 -alias 2002:c001:0203::1 Remov e 6to4 prefix route F irst w e can see the route table w ith: # netstat -rn

The IPv6 Portal


In order to make y our configuration persistent a script could be used to be executed at boot time. The idea is to hav e a script that executes all the commands y ou need to configure ev ery thing as desired.

N ow w e can delete the route entry for 2002::/16 prefix v ia <gatew ay _IP v 6> w ith: # route delete -inet6 2002::/16 <gatew ay _IP v 6> Windows This info prov ides the steps required in order to configure y our Window s box as a 6to4 Relay . It is most probably useful also for configuring a Window s V ista and Window s Longhorn (Window s S erv er 2008). In order to proceed, y ou need to hav e a public IP v 4 address on that box, y our ow n IP v 6 prefix (prov ided by y our RIR) and IP v 6 transit. The Window s box (all av ailable S erv ice P acks installed) needs to hav e IP v 6 support and IP v 6 routing enabled. Details of the example configuration The examples below are assuming that the public IP v 4 address in the WA N interface of the Linux is 192.1.2.3. You should replace that w ith the right information for y our ow n case, same w ith other data used in the examples. A lso, y ou need to understand how to calculate the 6to4 IP v 6 address for y our router. This is done using the IP v 4 address and the IP v 6 6to4 prefix. The 6to4 prefix 2002::/16 is taking the first (high order) 16 bits. Then the bits 17 to 48 are the nibble notation for y our IP v 4 address. S o in our example it w ill be: 192 1= 2= 3= = c0 01 02 03

S o consequently : 2002:c001:0203::/48 We w ill use the first address of the prefix for the WA N interface, so 2002:c001:0203::1/128 A lso, the any cast address for 6to4 is: 192.88.99.1 N ote that the interface number in the examples below , is only an example (3), and in y our sy stem, may hav e a different number, y ou can also use the interface names enclosed in "" instead of the interface numbers. A ) A utomatic configuration M ake sure that the 6to4 relay computer has a public address assigned to its Internet interface and has not receiv ed a Router A dv ertisement message from either an IP v 6 router on an attached subnet or an IS A TA P router. In that case, the 6to4 component automatically creates an interface (named 6to4 P seudo-Interface), adds a 2002::/16 route to the routing table that uses the 6to4 interface, and adds a default route that points to a 6to4 relay router on the IP v 4 Internet. It configures an IP v 6 address in the form 2002:xx:y y ::xx:y y w here xx:y y are the IP v 4 public address 32 bits. F ollow ing our example it w ill get: 2002:c001:0203::c001:0203 To see information about the pseudo-interface use: c:\>netsh interface ipv 6 show address Interface 3: 6to4 Tunneling P seudo-Interface A ddr Ty pe DA D S tate V alid Life P ref. Life A ddress O ther P referred infinite infinite 2002:c001:0203::c001:0203

B) E nable the 6to4 serv ice You can do this w ith the follow ing command: C :\>netsh interface ipv 6 6to4 set state enabled C ) E nable forw arding on the 6to4 interface You can do this w ith the follow ing command: C :\>netsh interface ipv 6 set interface 3 forw arding=enabled D) C onfigure IP v 6 routes To see the configured routes: c:\>netsh interface ipv 6 show routes Q uery ing activ e state... P ublish Ty pe y es y es M et P refix Idx G atew ay /Interface N ame 3 2002:c000:0210::c001:0203 6to4 Tunneling P seudo-Interface

M anual 1101 ::/0

M anual 1001 2002::/16 3

E ) C onfigure IP v 6 connectiv ity A s hav e been seen abov e, the 6to4 component automatically configures a 6to4 Relay as the default route for the IP v 6 traffic. We hav e to change this default route tow ards an IP v 6 gatew ay . Because w e are configuring a 6to4 relay it should hav e IP v 6 connectiv ity (either nativ e or v ia a tunnel) through an IP v 6 gatew ay (for our example w e use 2001:7f9:1::1 as G W address). A fter hav ing configured an IP v 6 address on the corresponding interface, the default route should be configured: A ssuming that our WA N IP v 6 interface is interface 5. To configure the IP v 6 address: c:\>netsh interface ipv 6 add address interface=5 address=2001:7f9:1::2 To add a default route: C :\>netsh interface ipv 6 add route ::/0 5 2001:7f9:1::1 publish=y es F ) C onfigure prefix adv ertisements S omew here on the Relay netw ork, the dev ice in charge of announcing prefixes (ty pically a BG P router) should announce 2002::/16 prefix to its IP v 6 peerings. This w ould allow nativ e IP v 6 nodes to reach 6to4 nodes (2002::/16 addresses).

www.ipv6tf.org/print_url.php

5/6

03/07/12
Regarding the IP v 4 reachability of the Relay there are tw o options:

The IPv6 Portal


1) C onfigure the 6to4 any cast IP v 4 address (192.88.99.1) and announce the any cast prefix (192.88.99.0/24) to the site IP v 4 peerings. 2) U se another public IP v 4 address. If 1) is chosen 6to4 hosts w ill be able to find it automatically , w ith no need for any manual configuration. In case of choosing 2) some kind of adv ertisement of the IP v 4 address is needed (usually a F Q DN -F ully Q ualified Domain N ame) in order to allow others to configure our relay . This w ill allow 6to4 nodes (2002::/16 addresses) to reach nativ e IP v 6 nodes through our relay . G ) M aking the configuration persistent Ty pically Window s w ill make the configuration persistent by default, but it may v ary across different compilation v ersions. S o if y ou w ant to make sure about that, just add the follow ing to each netsh command line: store=persistent A nnex: Remov e 6to4 configuration Disable the 6to4 serv ice C :\>netsh interface ipv 6 6to4 set state disabled Disable forw arding on the 6to4 interface C :\>netsh interface ipv 6 set interface 3 forw arding=disabled

www.ipv6tf.org/print_url.php

6/6