IPv6 with Tunnlebroker and Ubuntu 8.04.x
September 6 04:03 PM
I’ve setup IPv6 on my 512MB VPS at Slicehost, using Hurricane Electric’s free Tunnelbroker service. I’m running Ubuntu 8.04.1, and the setup was pretty straight forward.
First register for a Tunnelbroker account, and create a new tunnel by clicking “Create Regular Tunnel” on the left side of the page. You’ll need to enter the IP of your server and chose the closest tunnel server. I pinged the different servers, and found the Chicago server is very close to my host, with 7 - 8 ms ping times. I run another host in a different Slicehost data center and it seems the Ashburn server is closer in that case.
I didn’t bother allocating the routed /48 since I only have one system. I /64 should be plenty. :)
After you’ve entered your tunnel endpoint IP and hit “Submit” you can click “Tunnel Details” to find the necessary info for configuring your end. I added something like this to my /etc/network/interfaces:
auto he-ipv6
iface he-ipv6 inet6 v4tunnel
address 2001:470:1f10:14f::2 # Client IPv6 address
netmask 64
endpoint 208.77.188.166 # Server IPv6 address
local 208.75.85.208 # Client IPv4 address
gateway 2001:470:1f10:14f::1 # Server IPv6 address
ttl 64Please note, any time your editing network settings on a remote host, be sure you have an alternate means of accessing that host should things go wrong. With Slicehost they provide a very nice web based serial console that’s saved me from many mistakes.
Now bring your tunnel up and test it:
$ sudo ifup he-ipv6 $ ping6 ipv6.google.com
Hopefully you’re now up and running! If not make sure you’ve input all the IPs correctly, and make sure the ipv6 module is loaded by running:
$ modprobe ipv6
If everything’s working you could call it a day and assign an AAAA record to your “Client IPv6” address. Instead I wanted to have another IP setup for my services rather than running everything on the tunnel end point. This also lets me add more IPs in the future. It’s just a little more work to set that up, and the first step is figuring out your interfaces IPv6 address.
You need to combine the network address with the MAC address of the interface you are using. I ran this:
$ ifconfig eth0 | grep Scope:Link
inet6 addr: fe80::4240:d0ff:fe4b:55d0/64 Scope:LinkNow take the last 4 groups of the inet6 addr and combine them with the “Routed /64” address provided by Tunnelbroker (on the “Tunnel Details” page used in the last example). The result should look something like this:
2001:470:1f10:14f:4240:d0ff:fe4b:55d0
Again edit /etc/network/interfaces and add something like:
iface eth0 inet6 static address 2001:470:1f10:14f:4240:d0ff:fe4b:55d0 netmask 64 ttl 64
Then restart networking to bring up the IP:
$ sudo /etc/init.d/networking restart
Last, you may wish to add an AAAA record for your host to make it easier to access over IPv6. If you’re using Slicehost you just use the DNS tab of the SliceManger to add that record type to your host. The host serving this page is IPv6 accessible:
$ host plek.org plek.org has address 208.75.85.208 plek.org has IPv6 address 2001:470:1f10:14f:4240:d0ff:fe4b:55d0
You’ll probably have to restart services like apache to have them listen on your new IPv6 address. Then you should be set! Now your server can connect to IPv6 hosts, and your system and is acessable over IPv6!
Be aware that some non-zero percentage of users have miss-configured IPv6 and just don’t realize it because so few hosts are IPv6 accessible. If you enable IPv6 on your main site, these users will see a long delay as they fail to connect to your IPv6 address and fall back to the IPv4 address. This is why Google only enables IPv6 on http://ipv6.google.com and not any of their main sites. I’ve run into this my self when miss-configuring IPv6 on my home network.
I hop this was helpful for someone, and let me know if you have any questions.
0 comments
