From owner-freebsd-doc Sun Apr 7 19: 8:31 2002 Delivered-To: freebsd-doc@freebsd.org Received: from quack.kfu.com (adsl-67-113-12-90.dsl.snfc21.pacbell.net [67.113.12.90]) by hub.freebsd.org (Postfix) with ESMTP id 4838437B405 for ; Sun, 7 Apr 2002 19:08:27 -0700 (PDT) Received: from morpheus.kfu.com (morpheus.kfu.com [3ffe:1200:301b:1:2d0:b7ff:fe3f:bdd0]) by quack.kfu.com (8.11.6/8.11.6) with ESMTP id g3828KZ76811 (using TLSv1/SSLv3 with cipher EDH-RSA-DES-CBC3-SHA (168 bits) verified OK) for ; Sun, 7 Apr 2002 19:08:26 -0700 (PDT) (envelope-from nsayer@quack.kfu.com) Received: from quack.kfu.com (nospam@localhost [::1]) by morpheus.kfu.com (8.11.6/8.11.6) with ESMTP id g3828K762576 for ; Sun, 7 Apr 2002 19:08:20 -0700 (PDT) (envelope-from nsayer@quack.kfu.com) Message-ID: <3CB0FB94.3060308@quack.kfu.com> Date: Sun, 07 Apr 2002 19:08:20 -0700 From: Nick Sayer User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.9) Gecko/20020312 X-Accept-Language: en, en-US, en-GB MIME-Version: 1.0 To: freebsd-doc@freebsd.org Subject: suggestion: handbook 17.14: Basic IPv6 setup using 6to4 Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-doc@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I nominate this block of text: Anyone with a single static IPv4 address can set up a machine to act as an IPv6 router using 6to4. With such a setup, it is possible for up to 65,536 networks of 2^64 machines to be given globally reachable IPv6 addresses reached through such a gateway. All one needs to do is add a few short lines to rc.conf. [insert a short primer on IPv6 here] 6to4 is a special transition mechanism to make it easier for isolated LANs running IPv6 to be able to reach each other. All users of 6to4 can communicate with each other without doing anything special other than setting up a 6to4 router at each location. 6to4 works by making special "magic" IPv6 prefixes. These prefixes consist of a 16 bit constant, which is 2002::/16 followed by the 32 bit IPv4 address of the 6to4 router for that node. By including that in the prefix, it is immediately clear how to route the replies back to their origin - you simply encapsulate the replies in IPv4 packets addressed to the IPv4 address in the prefix. For example, if a network had a 6to4 router at 10.0.0.1 (it wouldn't, since that address is not routable on IPv4, but bear with me), then its coresponding 6to4 prefix would be 2002:a00:1::/48. If it had a host at 2002:a00:1::1, then traffic addressed to that machine would be encapsulated in packets addressed to 10.0.0.1, which would get them to the 6to4 router. Q.E.D. The one wrinkle is that 6to4 does not describe how 6to4 equipped hosts can reach non-6to4 IPv6 destinations. Fortunately, RFC 3068 addresses this. To make a long story short, 6to4 nodes need only set their default route to the special address 2002:c058:6301:: and the traffic will get to any globally routable IPv6 address regardless of whether or not it is in 6to4 space. On the machine designated as the 6to4 router, you will need to set up stf0, which will be the interface used to send out the IPv6-in-IPv4 encapsulated packets. You'll need to add the following to your kernel configuration file, if it's not already there: options INET6 pseudo-device stf 1 Having done that, you can add the following lines to your rc.conf file: ipv6_enable="YES" ipv6_network_interfaces="auto" ipv6_gateway_enable="YES" ipv6_prefix_nn0="2002:xxxx:xxxx:0" # see below stf_interface_ipv4addr="xxx.xxx.xxx.xxx" # Put your IPv4 address here ipv6_defaultrouter="2002:c058:6301::" The ipv6_prefix line should have "nn0" changed to the name of your Ethernet card (additional lines can be added if you are serving multiple networks). The xxxx:xxxx should be changed to the hexidecimal representation of the same IPv4 address that is in the stf_interface_ipv4addr line. Having done that (and rebooted), you should find that you can reach IPv6 hosts from the 6to4 router. If you have hosts connected to the LAN which you'd like to use IPv6 as well, your next step is to configure them. This is easier. Put this in rc.conf: ipv6_enable="YES" That's all (well, they will also need "options INET6" in their kernel config). They will use IPv6 router discovery to find the 6to4 router and get all the information they need. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message