v1.4 10th Jan 2002, Pekka Savola HOW TO SET UP AN IPV6 TUNNEL ---------------------------- ASSUMPTIONS ----------- 1. You're running Red Hat Linux 7.1 or later. This is required for correct IPv6 by default settings, and IPv6 being enabled as a kernel module by default. You also need recent enough initscripts, provided in RHL71. 2. You have a static, globally unique IPv4 address. 3. Protocol 41 (IPv6-in-IPv4) is not being filtered in any IPv4 firewall. 4. 'iproute' package is installed. This is used by default for a lot more powerful tunneling capabilities. INFORMATION NEEDED ------------------ You need to know: 1. The IPv4 address of your tunnel end point 2. The IPv6 address used in your tunnel The other end needs to know the same things about your setup. NOTE: It is also possible to set up unnumbered tunnels (no global IPv6 addresses). You must get these from a party (tunnel broker) who's assigning IPv6 tunnels. See: http://www.bieringer.de/linux/IPv6/IPv6-HOWTO/IPv6-HOWTO-1.html#joinIPv6backbone Example from http://old.freenet6.net: --- This script will create a tunnel between this computer and the Freenet6 server (tunnels server) Your IPv6 address (your tunnel end point) is 3ffe:b00:c18:1fff:0:0:0:7f5 We establish a tunnel to the Freenet6 server at 3ffe:b00:c18:1fff:0:0:0:7f4 Your IPv4 address is : 193.xxx.yyy.zzz The IPv4 address of the Freenet6 server is : 206.123.31.102 --- With this information, a tunnel can be set up: SETTING UP THE TUNNEL CONFIGURATION ----------------------------------- Now, set up the configuration as follows: 1. Enable IPv6 and set tunnel as default gateway in /etc/sysconfig/network: echo "IPV6_DEFAULTDEV=sit1">> /etc/sysconfig/network 2. Create /etc/sysconfig/network-scripts/ifcfg-sit1, with the following: --- DEVICE=sit1 BOOTPROTO=none ONBOOT=yes IPV6INIT=yes IPV6TUNNELIPV4=206.123.31.102 IPV6ADDR=3ffe:b00:c18:1fff:0:0:0:7f5/128 --- NOTE: You must use _sit1_ (or sit2,...). sit0 cannot be used, this is a special device. NOTE: Some tunnel endpoints might require a different kind of prefix length; for example, Cisco's usually favour /126. Using /0 creates a default route through that interface. NOTE: If you're not directly connected to the Internet, you may want to use ONBOOT=no instead. TUNNELING --------- Tunnel can be brought up and down with: ifup sit1 ifdown sit1 NOTE: In initscripts < 6.02 (ie. IPV6_TUNNELMODE=NBMA), even though sit1 is used, 'ip' sees the tunnel as sit0. This is due to an "interesting" implementation of tunneling -- else multiple tunnels couldn't be used extensibly. NOTE: iproute tools give more reliable data, try e.g. '/sbin/ip addr ls'. MORE INFORMATION ---------------- http://www.bieringer.de/linux/IPv6/IPv6-HOWTO/IPv6-HOWTO.html is a good source of IPv6 related Linux-information.