# ipv4-in-ipv6 tunnel

## andyknownasabu

Hi everybody,

has anyone managed to get an ipv4-in-ipv6 tunnel working?

I searched the web but found nothing (particularly no cut'n'paste code for my own experiments). Any hints/ideas/links?

Thanks in advance!

----------

## soroh6

You need to enable IP Tunelling in your kernel.

Then, assuming your ISP doesn't have an IPv6 tunnel, you'll need to signup for an IPv4->IPv6 tunnel.

I recommend FreeNet6. http://www.freenet6.net/

There are ebuilds in portage (net-misc/freenet6).

I don't remember exactly how to set it up, as I haven't used it in awhile.. but I do remember it was a pain, and a majority of the time it wouldn't come up at boot, and I had to do some funky things (like ifconfig sit0 up, sit1 up, blah blah.. a pain).

But it did work. I could connect to irc.ipv6.freenode.net, and resolve/connect to IPv6 websites.

Hope this helps.

----------

## andyknownasabu

 *soroh6 wrote:*   

> You need to enable IP Tunelling in your kernel.
> 
> Then, assuming your ISP doesn't have an IPv6 tunnel, you'll need to signup for an IPv4->IPv6 tunnel.
> 
> I recommend FreeNet6. http://www.freenet6.net/
> ...

 

Yes, thank you - another step towards a hopefully working tunnel. I'm compiling the kernel with IP Tunnelling right at the moment ;)

The good thing is that I can use a working ipv6 infrastructure within my network.

Do you remember which command line {tools|commands} are neccessary to enable and configure the tunnel? Only inserting the tunnelling module won't do the job, will it?

----------

## xces

 *andyknownasabu wrote:*   

> Do you remember which command line {tools|commands} are neccessary to enable and configure the tunnel? Only inserting the tunnelling module won't do the job, will it?

 

You will also need iproute2. Just take a look at the docs.

----------

## BloX

andyknownasabu wrote:

 *Quote:*   

> has anyone managed to get an ipv4-in-ipv6 tunnel working?

 

I think what you mean is an ipv6-in-ipv4 tunnel (you want to get connection to the 6BONE over your IPv4 internet connection right? so you pack ipv6-packets in ipv4...)

I actually managed it but it wasn't as easy as I thought. I didn't want to use freenet6 because canada is a bit too far away from Germany. So I subscribed at www.sixxs.net.

If you want to I can post a detailed list of the things I did so far (I don't have the temper to do it NOW :P).

However I couldn't test my setup on a Gentoo-Box, but on this Knoppix box on which I'hacking here it works fine shouldn't be different on Gentoo.

Greets,

                BloX

----------

## xces

 *BloX wrote:*   

> If you want to I can post a detailed list of the things I did so far (I don't have the temper to do it NOW ).

 

Yesssss, I'd be happy if you would describe your setup. I'm also interested how the thing with the credits at sixxs.net works...

----------

## BloX

Ok, then let's go!

To get an IPv6-tunnel from sixxs.net will need several days because they check a lot on their own and do not automize everything.

First of all you need an 6BONE-Handle. So go to http://eng.hexago.com/6bone/registry/ and create one as described here http://eng.hexago.com/6bone/registry/newusers.shtml . That won't be too difficult as you can get a lot of help by clicking on the "Objects and attributes description" (it took me some minutes to get to know how to handle this site). Don't forget to type in your eMail-adress (as I did the first time :)). 

As soon as you have your 6BONE-handle go to http://www.sixxs.net/signup/ and type in your 6BONE/NIC-handle for Signup Reason simply write something like "Want to experiment with Linux and IPv6". You will be contacted by eMail that your account request will be handled etc.

After several hours you will get an "user approved" eMail passing you over your login-data. Go to the SixXS-page and log in the first time.  Browse around a bit and make yourself comfortable with it (I know it's very weird). on http://www.sixxs.net/faq/account/?faq=credits you can get information about the credit-system they'll have. I think you will understand it now.

Go to your home-area and request a tunnel (can't request a subnet because lack of credits :(). You will get informed about the Request and the approve again by eMail.

As you have the tunnel approve download the heartbeat-tool at http://www.sixxs.net/tools/heartbeat/, compile it and edit the heartbeat.con as described in the howto (can be found in the package). You probably have to change the ipv4_interface option to "ppp0" in addtion.

Now you have to built up the tunnel (as described here:  http://www.sixxs.net/faq/connectivity/?faq=ossetup&os=linux ) with the following command set:

```

# ip tunnel add sixxs mode sit local [Your IPv4 Endpoint] remote [POP IPv4 Endpoint]

# ip link set sixxs up

# ip link set mtu 1280 dev sixxs

# ip tunnel change sixxs ttl 64

# ip -6 addr add [Your IPv6 Endpoint]/[Prefix Length] dev sixxs

# ip -6 ro add default via [Our IPv6 endpoint] dev sixxs

```

I will write an rc-script for that soon (perhaps i'm going to pack it with the heartbeat-tool in an ebuild). Now you have to start the heartbeat-tool with

```

heartbeat-client <configfile>

```

And you should have an IPv6-connection check it out by going to e.g. www.kame.net if the turtle is animated then you are connected to the 6BONE or simply do an

```
ping6 www.kame.net
```

Hope it works!

Please, send me a message if you have further questions and when everything worked out.

Greets,

BloX

----------

## Clou

Thank's BloX for the excellent work. I have one problem:

 *BloX wrote:*   

> 
> 
> ```
> # ip -6 ro add default via [Our IPv6 endpoint] dev sixxs
> 
> ...

 

I get the error

```
ip -6 ro add default via  2001:6f8:900:ff::1  dev sixxs

RTNETLINK answers: No route to host

```

After I started the heartbeat-Client when I try to ping www.kame.net it says:

```
PING www.kame.net(orange.kame.net) 56 data bytes

From ip6-localhost icmp_seq=1 Destination unreachable: Address unreachable

From ip6-localhost icmp_seq=2 Destination unreachable: Address unreachable
```

Anyone any idea?

----------

## BloX

 *Clou wrote:*   

> 
> 
> I get the error
> 
> ```
> ...

 

For me here the set of commands I posted works fine.

Perhaps it's because of the kernelversion you are using. Because here http://www.sixxs.net/faq/connectivity/?faq=ossetup&os=linux they say:

```

Route your IPv6 traffic via the SixXS POP:

# ip -6 ro add default via [Our IPv6 endpoint] dev sixxs

Note that on Linux <2.4.20 one needs to use 2000::/3, the reason for this is explained in the linux-net archives. 

```

So when you are using kernelversion < 2.4.20 then your command of choice should be

```

# ip -6 ro add default via 2000::/3 dev sixxs

```

Hope it works!

Greets,

____BloX

----------

## Clou

Perhaps it doesn't work because I'm behind a NAT Router...?

----------

## BloX

 *Clou wrote:*   

> Perhaps it doesn't work because I'm behind a NAT Router...?

 

So did you changed

 *Quote:*   

> 
> 
> # heartbeat.conf
> 
> # ...
> ...

 ??

Does the error allready come up when you set up the tunnel or when you start the heartbeat-client?

Greets,

____BloX

----------

## Clou

 *BloX wrote:*   

>  *Clou wrote:*   Perhaps it doesn't work because I'm behind a NAT Router...? 
> 
> So did you changed
> 
>  *Quote:*   
> ...

 

Yes, I changed that. The error already comes up when I set up the tunnel. There is some discussion on NAT on the sixxs forum:

https://noc.sixxs.net/forum/?msg=setup-136214

And I really think it's a NAT Problem. I will go on trying.

Greets,

Clou

Edit: I tried some tcpdumping: I don't see any activity on eth0 before I start heartbeat client. After I start that, I see some activity, but I am not sure if there is a tunnel set up. Where should I see if a tunnel is correctly set up, i.e. that there really is a connection to the tunnel endpoint?

btw: My router is a SMC 7204 BRB Barricade.

----------

## Clou

Yes! I got it to work! 

I forgot to add the prefixleng to my IPv6. Adding that fixed it!

Cheers

Clou

----------

