Easy IPv6 connections with miredo
Posted by Steve on Mon 1 Dec 2008 at 19:36
Many services are starting to become available over IPv6, including this site, but the majority of home users cannot access them. If you'd like to see the IPv6 internet chances are it won't be difficult for you though.
One of the most common ways of gaining IPv6 access is via 6to4. This works beautifully if you have a static IP address. The setup is pretty simple too:
The setup described there is simple enough to automate, and you can add the following to /etc/init.d/ipv6 if you have a suitable system:
#!/bin/sh
#
# Auto-configure IPv6 support for the current host via
# 6to4 tunnels
#
# Steve
# --
#
#
# The local addresses
#
ipv4=$(ifconfig eth0 | grep "inet addr" | awk '{print $2}' | awk -F: '{print $2
}')
#
# The IPv6 address we generate
#
ipv6="$(printf "2002:%02x%02x:%02x%02x::1" `echo $ipv4 | tr "." " "`)"
#
# Make sure we get an argument we recognise
#
if [ -z "$1" ]; then
echo "$0 [show|status|start|stop|test]"
exit
fi
case "$1" in
show)
echo "IPv4: $ipv4"
echo "IPv6: $ipv6"
;;
start)
echo "Starting .."
/sbin/ip tunnel add tun6to4 mode sit ttl 30 remote any local $ipv4
/sbin/ip link set dev tun6to4 up
/sbin/ip -6 addr add $ipv6/16 dev tun6to4
/sbin/ip -6 route add 2000::/3 via ::192.88.99.1 dev tun6to4 metric 1
/sbin/ip -6 route add 2000::/3 via 2002:c058:6301::1 dev tun6to4 metric 1
;;
stop)
echo "Stopping .."
/sbin/ip -6 route flush dev tun6to4
/sbin/ip link set dev tun6to4 down
/sbin/ip tunnel del tun6to4
;;
test)
echo "Testing .."
ping6 -c 4 $ipv6
;;
status)
if ( ip link |grep tun6to4 2>/dev/null >/dev/null ) ; then
echo "ipv6 seems to be up"
else
echo "ipv6 seems to be down"
fi
;;
*)
echo "$0 [show|status|start|stop|test]"
;;
esac
But this solution, as well as requiring a static IP address is more complex than it needs to be. It should be possible to easily gain access to the IPv6 internet and thats what the miredo package offers.
miredo is a Unix daemon program which mostly implements the Teredo: Tunneling IPv6 over UDP through NAT Internet proposed standard (RFC 4380) - in short it turns your home connection into an IPv6 client.
To get started install the package:
gold:~# apt-get install miredo
Once you've done that wait a few seconds and you should find that you'll have a new tap device:
gold:~# /sbin/ifconfig br0 Link encap:Ethernet HWaddr 00:1c:25:36:5f:f2 ... ... eth0 Link encap:Ethernet HWaddr 00:1c:25:36:5f:f2 ... ... teredo Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 ...
Here you can see the tunnel end-point, and we can test it out easily enough:
skx@gold:~$ ping6 -c 3 www.debian-administration.org PING www.debian-administration.org(2002:5910:a162::1) 56 data bytes 64 bytes from 2002:5910:a162::1: icmp_seq=1 ttl=56 time=169 ms 64 bytes from 2002:5910:a162::1: icmp_seq=2 ttl=56 time=167 ms 64 bytes from 2002:5910:a162::1: icmp_seq=3 ttl=56 time=167 ms --- www.debian-administration.org ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2010ms rtt min/avg/max/mdev = 167.446/168.201/169.509/1.042 ms
Now for fun you can point your web browser at http://ipv6.google.com or any other IPv6 enabled website.
apt-get install miredo
Package name is mirEDo
Nice article.
[ Parent | Reply to this comment ]
[ Send Message | View Steve's Scratchpad | View Weblogs ]
Thanks, I've fixed this now.
[ Parent | Reply to this comment ]
I suggest AYIYA instead, if proto-41 or 6to4 aren't options for you. AYIYA is a lot more lightweight and reliable. http://madduck.net/docs/ipv6 documents how to do it with Debian.
[ Parent | Reply to this comment ]
[ Send Message | View Steve's Scratchpad | View Weblogs ]
I've found it to be pretty stable setup I've not had any outage in the few weeks it has been running.
But AYIYA looks interesting, so thanks for bringing it up.
[ Parent | Reply to this comment ]
I found this blog post and the date is 2006 !!!
http://cquispe.blogspot.com/2006/09/conectadonos-ipv6-via-adsl-co n-teredo.html
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
[ Send Message | View Weblogs ]
I have set up Miredo which works great with many websites, including DA. However, most of the time, I cannot access my Linode using IPv6:
$ ping6 -c3 2001:470:1f06:ccf::2 PING 2001:470:1f06:ccf::2(2001:470:1f06:ccf::2) 56 data bytes --- 2001:470:1f06:ccf::2 ping statistics --- 3 packets transmitted, 0 received, 100% packet loss, time 2001ms
My Linode uses a tunnelbroker.net's tunnel, as recommended on Linode wiki
Sometimes, however, I can ping6 my Linode, and browse my website using IPv6, but it stops after a while, until I ping my Miredo address from the Linode again...
What could explain this behaviour?
Cheers,
Julien
[ Parent | Reply to this comment ]
[ Send Message | View Steve's Scratchpad | View Weblogs ]
Hard to say, I'd guess running a traceroute would show whether the problem was with the tunnel or linode. Perhaps contact the linode support people too?
[ Parent | Reply to this comment ]
[ Send Message | View Weblogs ]
I will contact Linode and tunnelbroker's support, but would like to try and understand on which side the problem is.
From home to linode when not working:
$ traceroute6 2001:470:1f06:ccf::2 traceroute to 2001:470:1f06:ccf::2 (2001:470:1f06:ccf::2), 30 hops max, 80 byte packets 1 2001:0:53aa:64c:2c29:6807:a37d:37e2 (2001:0:53aa:64c:2c29:6807:a37d:37e2) 0.066 ms !H 0.060 ms !H 0.059 ms !H
From Linode to home:
$ traceroute6 2001:0:53aa:64c:2c29:6807:a37d:37e2 traceroute to 2001:0:53aa:64c:2c29:6807:a37d:37e2 (2001:0:53aa:64c:2c29:6807:a37d:37e2), 30 hops max, 40 byte packets 1 JulienV-1.tunnel.tserv4.nyc4.ipv6.he.net (2001:470:1f06:ccf::1) 17.205 ms 19.652 ms 22.253 ms 2 gige-g3-8.core1.nyc4.he.net (2001:470:0:5d::1) 23.290 ms 23.270 ms 23.272 ms 3 10gigabitethernet1-2.core1.lon1.he.net (2001:470:0:3e::2) 91.743 ms 91.868 ms 91.846 ms 4 10gigabitethernet1-1.core1.ams1.he.net (2001:470:0:3f::2) 99.611 ms 99.681 ms 99.659 ms 5 amsix-501.xe-0-0-0.jun1.kelvin.network.bit.nl (2001:7f8:1::a501:2859:2) 100.223 ms 100.351 ms 100.330 ms 6 teredo.bit.nl (2001:7b8:3:27:87:251:43:68) 100.347 ms 80.329 ms 95.304 ms 7 2001:0:53aa:64c:2c29:6807:a37d:37e2 (2001:0:53aa:64c:2c29:6807:a37d:37e2) 375.204 ms 379.675 ms 382.140 ms
And then from home to Linode when working (ie just after the previous traceroute6):
$ traceroute6 2001:470:1f06:ccf::2 traceroute to 2001:470:1f06:ccf::2 (2001:470:1f06:ccf::2), 30 hops max, 80 byte packets 1 teredo.bit.nl (2001:7b8:3:27:87:251:43:68) 298.818 ms 298.804 ms 298.789 ms 2 teredo-gw.jun1.kelvin.network.bit.nl (2001:7b8:3:27::2) 349.530 ms 349.522 ms 349.510 ms 3 linx.he.net (2001:7f8:4::1b1b:1) 371.854 ms 371.847 ms 371.835 ms 4 10gigabitethernet2-3.core1.nyc4.he.net (2001:470:0:3e::1) 491.051 ms 491.041 ms 491.029 ms 5 1g-bge0.tserv4.nyc4.ipv6.he.net (2001:470:0:5d::2) 349.111 ms 346.930 ms 344.158 ms 6 nix.kirya.net (2001:470:1f06:ccf::2) 351.527 ms 140.178 ms 142.217 ms
Does it help someone?
Cheers,
Julien
[ Parent | Reply to this comment ]
Cheers,
Julien
[ Parent | Reply to this comment ]
[ Send Message | View Weblogs ]
Thanks for the hint. I always looked for an easy way to get IPv6 connectivity and miredo seems to be it.
I'll integrate it into my router setup pretty soon.
[ Parent | Reply to this comment ]