Network/IPv6/OpenWRT
From Hackerspace Brussels
This is there for historic reason: The_Gate took the tunnel job since 2010-11-12
First, we install a few packages on the target.
root@OpenWrt:~# opkg update Downloading http://downloads.openwrt.org/kamikaze/8.09.1/brcm47xx/packages/Packages.gz Connecting to downloads.openwrt.org (78.24.191.177:80) Packages.gz 100% |****************************************************************************************************************| 143k --:--:-- ETA Inflating http://downloads.openwrt.org/kamikaze/8.09.1/brcm47xx/packages/Packages.gz Updated list of available packages in /var/opkg-lists/snapshots root@OpenWrt:~# opkg install radvd aiccu ############################################ # I forgot to save the output of opkg !! # # opkg installed a lot of needed packages # ############################################ root@OpenWrt:~#
opkg installs following dependencies:
- ntpclient.
- libpthread.
- kmod-tun.
- librt.
- kmod-sit.
- kmod-ipv6.
aiccu requires an accurate clock, we modify /etc/config/system to add the timezone
config system
option hostname OpenWrt
option 'zonename' 'Europe/Brussels'
option 'timezone' 'CET-1CEST,M3.5.0,M10.5.0/3'
Then fill the file /etc/config/aiccu with your credentials
config aiccu
option username '*****SIXXS'
option password '********'
# option protocol 'ayiya'
option server ''
option interface 'sixxs'
option tunnel_id 'T*****'
option requiretls ''
option defaultroute '1'
option nat '1'
option heartbeat '1'
Start aiccu
/etc/init.d/aiccu start
At this point, the tunnel should be up and running, let's check it:
root@OpenWrt:~# ifconfig sixxs
sixxs Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet6 addr: 2001:6f8:202:425::2/64 Scope:Global
inet6 addr: fe80::4f8:202:425:2/64 Scope:Link
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1280 Metric:1
RX packets:132204 errors:0 dropped:0 overruns:0 frame:0
TX packets:119389 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:80971719 (77.2 MiB) TX bytes:24670262 (23.5 MiB)
root@OpenWrt:~#
Ping an outside host to make sure we have connectivity
root@OpenWrt:~# ping6 www.kame.net PING www.kame.net (2001:200:0:8002:203:47ff:fea5:3085): 56 data bytes 64 bytes from 2001:200:0:8002:203:47ff:fea5:3085: seq=0 ttl=45 time=351.700 ms 64 bytes from 2001:200:0:8002:203:47ff:fea5:3085: seq=1 ttl=45 time=358.453 ms 64 bytes from 2001:200:0:8002:203:47ff:fea5:3085: seq=2 ttl=45 time=358.417 ms ^C --- www.kame.net ping statistics --- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max = 351.700/356.190/358.453 ms root@OpenWrt:~#
Now the tunnel is working. Activate aiccu to start automatically at boot
root@OpenWrt:~# /etc/init.d/aiccu enable root@OpenWrt:~#
Let's work on the subnets. SixXS allocated us 2001:6f8:147f::/48 to play with. We have two different networks: one for the space itself, the other is for the WOL mininet in the datenklo. We will set up both. First, we need to give a v6 address to the router interfaces. The file /etc/config/network will contain this:
config 'switch' 'eth0'
option 'vlan0' '1 2 3 4 5*'
option 'vlan1' '0 5'
config 'interface' 'loopback'
option 'ifname' 'lo'
option 'proto' 'static'
option 'ipaddr' '127.0.0.1'
option 'netmask' '255.0.0.0'
config 'interface' 'lan'
option 'type' 'bridge'
option 'ifname' 'eth0.0'
option 'proto' 'static'
option 'netmask' '255.255.255.0'
option 'ipaddr' '172.16.1.1'
option 'defaultroute' '0'
option 'peerdns' '0'
option 'ip6addr' '2001:6f8:147f::1/64'
config 'interface' 'wan'
option 'ifname' 'eth0.1'
option 'proto' 'static'
option 'ipaddr' '192.168.42.13'
option 'netmask' '255.255.255.0'
option 'gateway' '192.168.42.1'
option 'defaultroute' '0'
option 'peerdns' '0'
option 'dns' '192.168.42.1'
option 'ip6addr' '2001:6f8:147f:42::1/64'
Setup radvd: radvd will announce our prefix in the LAN. This will automatically set up all clients. This is the content of /etc/config/radvd
############ WAN ##############
config interface
option interface 'wan'
option AdvSendAdvert 1
option AdvManagedFlag 0
option AdvOtherConfigFlag 0
option ignore 0
config prefix
option interface 'wan'
# If not specified, a non-link-local prefix of the interface is used
option prefix '2001:6f8:147f:42::/64'
option AdvOnLink 1
option AdvAutonomous 1
option AdvRouterAddr 0
option ignore 0
config rdnss
option interface 'wan'
# If not specified, the link-local address of the interface is used
option addr ''
option ignore 1
############# LAN ##############
config interface
option interface 'lan'
option AdvSendAdvert 1
option AdvManagedFlag 0
option AdvOtherConfigFlag 0
option ignore 0
config prefix
option interface 'lan'
# If not specified, a non-link-local prefix of the interface is used
option prefix '2001:6f8:147f::/64'
option AdvOnLink 1
option AdvAutonomous 1
option AdvRouterAddr 0
option ignore 0
config rdnss
option interface 'lan'
# If not specified, the link-local address of the interface is used
option addr ''
option ignore 1
Enable IPv6 packet forwarding: this is disabled by default in openwrt. uncomment the following line in /etc/sysctl.conf:
net.ipv6.conf.all.forwarding=1
Apply the settings:
root@OpenWrt:~# sysctl -p /etc/sysctl.conf root@OpenWrt:~#
Start radvd: a few seconds after starting radvd, your clients should have a working v6 address.
root@OpenWrt:~# /etc/init.d/radvd start root@OpenWrt:~#
Check your local host: it should now have a v6 address:
kaapio:~# ifconfig wlan0
wlan0 Link encap:Ethernet HWaddr 00:22:69:07:01:01
inet adr:192.168.42.60 Bcast:192.168.42.255 Masque:255.255.255.0
adr inet6: 2001:6f8:147f:42:222:69ff:fe07:0101/64 Scope:Global
adr inet6: fe80::222:69ff:fe07:0101/64 Scope:Lien
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:50138 errors:0 dropped:0 overruns:0 frame:0
TX packets:13994 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:1000
RX bytes:6126361 (5.8 MiB) TX bytes:6210004 (5.9 MiB)
kaapio:~#
Ping a machine somewhere on the internet:
kaapio:~# ping6 -n -c 4 www.kame.net PING www.kame.net(2001:200:0:8002:203:47ff:fea5:3085) 56 data bytes 64 bytes from 2001:200:0:8002:203:47ff:fea5:3085: icmp_seq=1 ttl=44 time=302 ms 64 bytes from 2001:200:0:8002:203:47ff:fea5:3085: icmp_seq=2 ttl=44 time=304 ms 64 bytes from 2001:200:0:8002:203:47ff:fea5:3085: icmp_seq=3 ttl=44 time=307 ms 64 bytes from 2001:200:0:8002:203:47ff:fea5:3085: icmp_seq=4 ttl=44 time=313 ms --- www.kame.net ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3004ms rtt min/avg/max/mdev = 302.535/306.714/313.126/4.083 ms kaapio:~# traceproute6 -n www.kame.net traceproute to www.kame.net (2001:200:0:8002:203:47ff:fea5:3085), 30 hops max, 80 byte packets 1 2001:6f8:147f:42::1 7.978 ms 9.602 ms 9.877 ms 2 2001:6f8:202:425::1 67.224 ms 69.910 ms 72.608 ms 3 2001:6f8:200:1003::1 76.122 ms 80.705 ms 83.300 ms 4 2001:6f8:200:7::1 85.180 ms 89.166 ms 98.795 ms 5 2001:6f8:1:2:87:86:71:164 99.592 ms * * 6 2001:6f8:1:0:87:86:77:46 108.513 ms * * 7 2001:6f8:1:0:87:86:77:120 112.265 ms 71.835 ms 69.757 ms 8 2001:6f8:1:0:87:86:77:111 139.790 ms 140.252 ms 138.524 ms 9 2001:6f8:1:0:87:86:77:105 138.470 ms 142.582 ms 141.662 ms 10 2001:458:26:2::200 138.105 ms * * 11 2001:48b0:bb00:800e::400e 134.407 ms * * 12 2001:48b0:bb00:8019::4008 210.934 ms 214.531 ms 212.966 ms 13 2001:48b0:bb00:8008::71 309.494 ms 308.187 ms 308.929 ms 14 2001:240:bb00:9001::7d 306.473 ms 307.103 ms 307.216 ms 15 2001:240:bb01:31::15 310.587 ms 310.655 ms 307.933 ms 16 2001:200:0:fe00::9c4:11 310.285 ms 312.830 ms 312.253 ms 17 2001:200:0:1802:20c:dbff:fe1f:7200 310.312 ms 313.358 ms 314.626 ms 18 2001:200:0:11::66 314.509 ms 315.357 ms 315.695 ms 19 2001:200:0:12::74 322.833 ms 321.272 ms 323.973 ms 20 2001:200:0:4803:212:e2ff:fe28:1ca2 314.781 ms * * 21 2001:200:0:8002:203:47ff:fea5:3085 318.935 ms 321.036 ms 314.877 ms kaapio:~#
You now have working IPv6. Make radvd start at boot:
root@OpenWrt:~# /etc/init.d/radvd enable root@OpenWrt:~#
Reboot the router and ping6/traceproute6 again to make sure everything works as expected
