6in4 Tunnel

May 16, 2010 · Print This Article

Thanks to company like Hurricane Electric or SixXS it is very easy to connect to IPv6 Internet backbone even if your ISP does not provide native access to IPv6. Those companies provide free access to their tunnel brokers. A tunnel broker is a dual homed router connected to IPv4 Internet backbone on one side and to IPv6 backbone on the other side. The concept is quite simple, you have access to the IPv4 world and you want to access the IPv6 world. You just need to build a 6in4 tunnel from your DSL router or from your PC or actually from whatever IPv4/IPv6 capable you want to the tunnel broker on the IPv4 side and you’ll encapsulate your IPv6 traffic into that tunnel. The broker will decapsulate your IPv6 packets and send them to the IPv6 Internet backbone. The tunnel broker will also advertise your IPv6 range to the backbone in order to allow the traffic to flow back to your 6in4 tunnel.

6in4 is a tunneling protocol acting in the same way as GRE but it is only used to transport IPv6 packets over IPv4 network. 6in4 is the IPv4 protocol 41. 6in4 tunneling is also referred to as proto-41 static because it requires static configuration… But as we will see, with good API, it does not necessarily need manual reconfiguration even with dynamic IP on a DSL line.

First you need to register to one tunnel broker provider. For the exemple I’ve chosen Hurricane Electric’s tunnel broker but other providers work similarly.

The you have to configure your 6in4 tunnel. On BSD system (here Mac OS X) you can use the following script :

#!/bin/bash
LOCAL_IF=en1
LOCAL_IP=`ifconfig $LOCAL_IF | grep "inet " | awk -F" " '{ print $2 }'`
LOCAL_IPV6=2001:db8::2
REMOTE_IP=216.66.80.26
REMOTE_IPV6=2001:db8::1
TUNNEL_IF=gif0

ifconfig $TUNNEL_IF tunnel $LOCAL_IP $REMOTE_IP
ifconfig $TUNNEL_IF inet6 $LOCAL_IPV6 $REMOTE_IPV6 prefixlen 128
route -n add -inet6 default $REMOTE_IPV6

Then if you have a dynamic public IP you may want to use the following script as a cron job to check whether your IP has changed and eventually update the tunnel broker.

#!/bin/bash
OLD_IPv4=/tmp/ipv4
CURRENT_IPv4=`curl -s http://demo.exp-networks.be/tools/ip.php`
UPDATE="TRUE"
USERID="xxx"
PASSWORD="xxx"
TUN="123"

if [ -f $OLD_IPv4 ];
then
  if [ "$CURRENT_IPv4" = "`cat $OLD_IPv4`" ];
  then
    UPDATE="FALSE"
  fi
fi

if [ "$UPDATE" = "TRUE" ];
then
  echo $CURRENT_IPv4 > $OLD_IPv4
  curl --insecure -s \
  "https://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=AUTO&pass=$PASSWORD&user_id=$USER&tunnel_id=$TUN"
fi

Where USERID has to be replaced by the user id found on the main page of HE’s tunnel broker; PASSWORD is an md5 hash of your password; and TUN is the global tunnel id found on your tunnel details’ page.

When done, you are ready to enter in the IPv6 world. And maybe starts the HE IPv6 certification and get your badge…
IPv6 Certification Badge for krik

Written by Christophe Lemaire · Filed Under Networking, Systems 
Tagged:

Comments

Got something to say?