World IPv6 Day - How to run 6to4 on FreeBSD

As you know, or should know, today (or tomorrow, depending on the timezone) is World IPv6 Day. What this means in practice is that a lot of top-tier IT businesses will make their web sites available via both IPv6 and IPv4, at least for a day. If you want to join in testing but your ISP is following the rest of the herd and isn't doing anything with IPv6, you can use various methods to tunnel your IPv6 traffic over IPv4.


The 6to4 protocol is a "transitional" protocol which wraps IPv6 packets into raw IP packets (not TCP or UDP), and is very useful if you want to host your own IPv6 web site or another service over IPv6, but you don't have native IPv6 access. You can also sensibly use it only with static IPv4 addresses.

In FreeBSD, 6to4 is remarkably easy to setup. You basically need these lines in /etc/rc.conf:

ipv6_enable="YES"
ipv6_network_interface="em0"
ipv6_defaultrouter="2002:c058:6301::"
stf_interface_ipv4addr="xx.xx.xx.xx"

The two things you need to change in this template are the network interface and your public, static IPv4 address which will be used for the tunnel. This address will also determine your (static) IPv6 address, as 6to4 is designed to "wrap" the entire IPv4 address space into a tiny segment of the IPv6 address space, so every static IPv4 address has a unique 6to4 IPv6 representation. Do not change the ipv6_defaultrouter setting as it is a special anycast address used to find a dynamic 6to4 relay router.

Note that if you use firewalls, you will need some special rules to allow this tunneling. You will need to pass IPv4 traffic of "type ipv6" (i.e. IPv4 protocol 41), and pay special attention to the traffic from the "stf" interface which will be created for the tunnel.

After a reboot to correctly reinitialize the network configuration, you should be able to issue a command like: "ping6 www.freebsd.org" and observe some actual IPv6 traffic.

Unfortunately, if a 6to4 relay router is not relatively near to your network, this kind of tunneling will be very slow - this is usually the case. If you get bad 6to4 tunneling performance, you could complain to your ISP to implement a local 6to4 relay!

For users with dynamic IPv4 addresses (i.e. residential, "dial-up", etc.), some solutions can be implemented using the services of:

 Have fun, and search for the awesome KAME dancing turtle!


#1 Re: World IPv6 Day - How to run 6to4 on FreeBSD

Added on 2011-06-08T09:25 by Phil

Quick, concise post, but one commend - my understanding is that "automatic" 6to4, in particular with unmanaged tunnels, is considered one of the reason IPv6 deployment has proven so hard. The idea was nice, but it's just not reliable enough.

In addition, the 6to4 range, 2002::/16, is de-prefered when sorting DNS responses in comparison to IPv4 - so if you or the server have a 6to4 address, you'll probably end up using IPv4.

My advice: get a managed tunnel from Hurricane Electric.

#2 Re: World IPv6 Day - How to run 6to4 on FreeBSD

Added on 2011-06-08T18:00 by FAndrey

Unfortunately Freenet6 port very old. http://www.freebsd.org/cgi/query-pr.cgi?pr=156897 and not autostart after boot.

#3 Re: World IPv6 Day - How to run 6to4 on FreeBSD

Added on 2011-06-09T11:16 by Peter

Note that it's "ipv6_network_interfaces" not "ipv6_network_interface". Other than that, thanks for the article.

#4 Re: World IPv6 Day - How to run 6to4 on FreeBSD

Added on 2011-06-09T21:07 by duff

"In addition, the 6to4 range, 2002::/16, is de-prefered when sorting DNS responses in comparison to IPv4 - so if you or the server have a 6to4 address, you'll probably end up using IPv4."

That is a very well hidden piece of information. It actually isn't, but my search approach must have been flawed so I missed it. I wrote a little startup script to assign an stf address after my cable got its DHCP lease. It worked great, except that pretty much nothing wanted to route via ipv6. I lost interest after a few days, mainly because I realized that not having ipv6 functionality doesn't affect me in any way, and probably won't for years to come.

Getting it to work over my home network was something else that gave me fits, and I never did get it properly figured out. There are dozens of "tutorials" out there that make it sound like a two minute thing...they all seriously lack detail, say pretty much the exact same thing, and don't work for me.

When my ISP starts allocating IPv6 addresses, I'll get back at it. As it stands now, this isn't even in the pre planning stage, and they continue to buy and issue modems that don't support the stack. Widespread IPv6 looks to be a long ways off.

#5 Re: World IPv6 Day - How to run 6to4 on FreeBSD

Added on 2011-06-10T01:05 by Ivan Voras

Actually, I have run a dual-stack service (semi-successfuly, but that's another story) and I got lots of connection via IPv6, so apparently it's *not* so de-preferred that some clients can't find it.

#6 Re: World IPv6 Day - How to run 6to4 on FreeBSD

Added on 2011-06-10T07:42 by ggl

I've head issues with this that led to a kernel panic and fs errors upon reboot. On 8.0 I believe.

Comments !

blogroll

social