From owner-freebsd-questions@FreeBSD.ORG  Mon Jul 21 10:22:27 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 341D21065677
	for <freebsd-questions@freebsd.org>;
	Mon, 21 Jul 2008 10:22:27 +0000 (UTC)
	(envelope-from m.seaman@infracaninophile.co.uk)
Received: from smtp.infracaninophile.co.uk (gate6.infracaninophile.co.uk
	[IPv6:2001:8b0:151:1::1])
	by mx1.freebsd.org (Postfix) with ESMTP id 87E178FC12
	for <freebsd-questions@freebsd.org>;
	Mon, 21 Jul 2008 10:22:26 +0000 (UTC)
	(envelope-from m.seaman@infracaninophile.co.uk)
Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [IPv6:::1])
	(authenticated bits=0)
	by smtp.infracaninophile.co.uk (8.14.2/8.14.2) with ESMTP id
	m6LAMADZ037621; Mon, 21 Jul 2008 11:22:13 +0100 (BST)
	(envelope-from m.seaman@infracaninophile.co.uk)
X-DKIM: Sendmail DKIM Filter v2.6.0 smtp.infracaninophile.co.uk m6LAMADZ037621
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
	d=infracaninophile.co.uk; s=200708; t=1216635736; bh=aOH1rX6YTUxWGE
	zrW6I/q/1tozRc5R/v9+xv/Bd5vE4=; h=Message-ID:Date:From:MIME-Version:
	To:CC:Subject:References:In-Reply-To:Content-Type:Cc:Content-Type:
	Date:From:In-Reply-To:Message-ID:Mime-Version:References:To; z=Mes
	sage-ID:=20<48846345.4060601@infracaninophile.co.uk>|Date:=20Mon,=2
	021=20Jul=202008=2011:21:57=20+0100|From:=20Matthew=20Seaman=20<m.s
	eaman@infracaninophile.co.uk>|Organization:=20Infracaninophile|User
	-Agent:=20Thunderbird=202.0.0.14=20(X11/20080607)|MIME-Version:=201
	.0|To:=20Hashimoto=20<hsmtkk@gmail.com>|CC:=20freebsd-questions@fre
	ebsd.org|Subject:=20Re:=20config=20as=20an=20exit=20of=20"IPv6=20ov
	er=20IPv4=20tunnel"|References:=20<6bae2c430807210220r467fb25dj29b0
	185e1595b282@mail.gmail.com>|In-Reply-To:=20<6bae2c430807210220r467
	fb25dj29b0185e1595b282@mail.gmail.com>|X-Enigmail-Version:=200.95.6
	|Content-Type:=20multipart/signed=3B=20micalg=3Dpgp-sha256=3B=0D=0A
	=20protocol=3D"application/pgp-signature"=3B=0D=0A=20boundary=3D"--
	----------enig5C890658DB76CD6DF7694714"; b=k86tlHUSF/00Wd9olZyEIwhs
	ZXScu7SzVxniTNYbctzXjfCi4QJATKw/UHti0/aCcHpxX0lT3PADf7WR4JEtfIFt42E
	yUQlOs3T93Z5oWu+Y5Xe4b8y6yAjSPalIDGnLv6n5KlfR99gS+3uLnwvL+mpefjAnDU
	lvaC9GEAwBEhY=
Message-ID: <48846345.4060601@infracaninophile.co.uk>
Date: Mon, 21 Jul 2008 11:21:57 +0100
From: Matthew Seaman <m.seaman@infracaninophile.co.uk>
Organization: Infracaninophile
User-Agent: Thunderbird 2.0.0.14 (X11/20080607)
MIME-Version: 1.0
To: Hashimoto <hsmtkk@gmail.com>
References: <6bae2c430807210220r467fb25dj29b0185e1595b282@mail.gmail.com>
In-Reply-To: <6bae2c430807210220r467fb25dj29b0185e1595b282@mail.gmail.com>
X-Enigmail-Version: 0.95.6
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature";
	boundary="------------enig5C890658DB76CD6DF7694714"
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0
	(smtp.infracaninophile.co.uk [IPv6:::1]);
	Mon, 21 Jul 2008 11:22:16 +0100 (BST)
X-Virus-Scanned: ClamAV 0.93.1/7765/Mon Jul 21 05:29:55 2008 on
	happy-idiot-talk.infracaninophile.co.uk
X-Virus-Status: Clean
X-Spam-Status: No, score=-3.0 required=5.0 tests=AWL,BAYES_00,DKIM_SIGNED,
	DKIM_VERIFIED,NO_RELAYS autolearn=ham version=3.2.5
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
	happy-idiot-talk.infracaninophile.co.uk
Cc: freebsd-questions@freebsd.org
Subject: Re: config as an exit of "IPv6 over IPv4 tunnel"
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Jul 2008 10:22:27 -0000

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig5C890658DB76CD6DF7694714
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: quoted-printable

Hashimoto wrote:
> Can I configure FreeBSD as an exit of "IPv6 over IPv4 tunnel"?
>=20
> Let me explain it in detail.
> Both hostA and hostB have global IPv4 address.
> And hostA has global IPv6 address.
> I have installed FreeBSD 7.0 on both hostA and hostB.
> Then, I want to config "IPv6 over IPv4 tunnel" from hostB to hostA.
> Is it possible?
>=20

Yes, absolutely.  I have a similar configuration for my IPv6 connectivity=
=2E
There are some alternatives (stf(4), faith(4)), but this is based I what
I have.

This is mostly in terms of what you'ld add to /etc/rc.conf on HostB --
HostA will be similar, but addresses will be reversed in the obvious
places.

i) Create a gif(4) interface and configure the endpoints:

gif_interfaces=3D"gif0"
gifconfig_gif0=3D"hostB-ipv4-number hostA-ipv4-number"

ii) Enable IPv6 on HostB -- I'm assuming you've assigned a /64=20
net block to HostB (perhaps a tad excessive, but pretty much the
default for an allocation of a chunk of IPv6 address space.) Adjust
the prefixlen to suit.

ipv6_enable=3D"YES"
ipv6_defaultrouter=3D"-interface gif0"
ipv6_default_interface=3D"gif0"
ipv6_ifconfig_gif0=3D"1234:5678:9abc:def0::1 prefixlen 64"

iii) Settings on HostA are slightly different -- HostA has to be a
router, and it only wants to route the HostB block via the gif(4)
tunnel:

ipv6_enable=3D"YES"
ipv6_defaultrouter=3D"hostA-ipv6-gateway-address"
ipv6_gateway_enable=3D"YES"

ipv6_static_routes=3D"hostB"
ipv6_route_hostB=3D"1234:5678:9abc:def0:: -prefixlen 64 -interface gif0"

iv) That should be everything you need to get point to point connectivity=
=20
working.  Note: it's pretty easy now to make HostB an IPv6 router and
assign IPv6 addresses to anything on the same local subnet as HostB.
In fact, you can use rtadvd(8) on HostB to make that automatic:

ipv6_network_interfaces=3D"auto"
ipv6_prefix_em0=3D"1234:5678:9acb:def0"
rtadvd_enable=3D"YES"
rtadvd_interfaces=3D"em0"

Then just run rtsol(8) on all the other machines that will use HostB as
their IPv6 gateway.

	Cheers,

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
                                                  Kent, CT11 9PW


--------------enig5C890658DB76CD6DF7694714
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEAREIAAYFAkiEY1IACgkQ8Mjk52CukIx45wCfXD7ICwkYjcELvE/pbsHwUVyH
cOMAnRmg5HuQ5T++aEqRNd446ydWotdg
=/A3P
-----END PGP SIGNATURE-----

--------------enig5C890658DB76CD6DF7694714--