Ipv6 con broker he.net
Creacion tunnel Ipv6
Creamos el tunnel desde la interfaz de HE https://tunnelbroker.net/
/etc/conf.d/net
#Tunnel IPv6 HE con tunnel de Paris iptunnel_he6="mode sit remote 216.66.84.42 local 79.148.255.205 ttl 64 dev ppp0" depend_he6="net.ppp0" config_he6="2001:470:1F12:5F2::2/64" routes_he6="default via 2001:470:1F12:5F2::1 dev he6" mtu_he6="1280"
Añadimos el arranque automatico del tunnel
cd /etc/init.d ln -s net.lo net.he6 rc-update add net.he6 default
Revisamos que tenemos conectividad IPv6
ping6 -c 3 -n www.google.com PING www.google.com(2a00:1450:4006:804::2004) 56 data bytes 64 bytes from 2a00:1450:4006:804::2004: icmp_seq=1 ttl=53 time=46.6 ms 64 bytes from 2a00:1450:4006:804::2004: icmp_seq=2 ttl=53 time=47.2 ms 64 bytes from 2a00:1450:4006:804::2004: icmp_seq=3 ttl=53 time=47.1 ms --- www.google.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2041ms rtt min/avg/max/mdev = 46.693/47.021/47.248/0.296 ms
Red Interna
Le damos una IP estatica al servidor en /etc/conf.d/net
config_br0="2001:470:ca84::be9a/64"
Comprobamos el ping ping6 -c 3 2001:470:ca84::be9a
PING 2001:470:ca84::be9a(2001:470:ca84::be9a) 56 data bytes 64 bytes from 2001:470:ca84::be9a: icmp_seq=1 ttl=64 time=0.129 ms 64 bytes from 2001:470:ca84::be9a: icmp_seq=2 ttl=64 time=0.090 ms 64 bytes from 2001:470:ca84::be9a: icmp_seq=3 ttl=64 time=0.090 ms --- 2001:470:ca84::be9a ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2000ms rtt min/avg/max/mdev = 0.090/0.103/0.129/0.018 ms
Servidor DNS
Le indicamos a nuestro servidor DNS que escuche por la interfaz IPv6, en el ficheros named.conf
listen-on-v6 { ::1; 2001:470:ca84::be9a; };
En el resolv.conf añadimos nuestro servidor
nameserver 2001:470:ca84::be9a
Añadimos el registro AAAA en nuestro dominio
dig axfr luniel.com ; <<>> DiG 9.10.2-P4 <<>> axfr luniel.com ;; global options: +cmd luniel.com. 600 IN SOA vega.luniel.com. hostmaster.luniel.com. 284 43200 3600 1209600 3600 luniel.com. 600 IN NS vega.luniel.com. luniel.com. 600 IN AAAA 2001:470:ca84::be9a vega.luniel.com. 600 IN AAAA 2001:470:ca84::be9a www.luniel.com. 600 IN CNAME vega.luniel.com. luniel.com. 600 IN SOA vega.luniel.com. hostmaster.luniel.com. 284 43200 3600 1209600 3600 ;; Query time: 1 msec ;; SERVER: 2001:470:ca84::be9a#53(2001:470:ca84::be9a) ;; WHEN: Tue Jan 05 13:37:51 CET 2016 ;; XFR size: 20 records (messages 1, bytes 514)
Comprmabos la resolución de nombre
ping6 -c 3 -n vega.luniel.com PING vega.luniel.com(2001:470:ca84::be9a) 56 data bytes 64 bytes from 2001:470:ca84::be9a: icmp_seq=1 ttl=64 time=0.103 ms 64 bytes from 2001:470:ca84::be9a: icmp_seq=2 ttl=64 time=0.090 ms 64 bytes from 2001:470:ca84::be9a: icmp_seq=3 ttl=64 time=0.091 ms --- vega.luniel.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1998ms rtt min/avg/max/mdev = 0.090/0.094/0.103/0.012 ms
Configuramos la zona inversa
zone "4.8.a.c.0.7.4.0.1.0.0.2.ip6.arpa" IN {
type master;
file "ca84.0470.2001";
allow-update { red-local; };
};
Fichero ca84.0470.2001
cat ca84.0470.2001
$ORIGIN .
$TTL 600 ; 10 minutes
4.8.a.c.0.7.4.0.1.0.0.2.ip6.arpa IN SOA vega.luniel.com. hostmaster.luniel.com. (
284 ; serial
43200 ; refresh (12 hours)
3600 ; retry (1 hour)
1209600 ; expire (2 weeks)
3600 ; minimum (1 hour)
)
NS vega.luniel.com.
$ORIGIN 4.8.a.c.0.7.4.0.1.0.0.2.ip6.arpa.
a.9.e.b.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR vega.luniel.com.
Verificamos que la zone inversa es correcta
dig axfr 4.8.a.c.0.7.4.0.1.0.0.2.ip6.arpa ; <<>> DiG 9.10.2-P4 <<>> axfr 4.8.a.c.0.7.4.0.1.0.0.2.ip6.arpa ;; global options: +cmd 4.8.a.c.0.7.4.0.1.0.0.2.ip6.arpa. 600 IN SOA vega.luniel.com. hostmaster.luniel.com. 284 43200 3600 1209600 3600 4.8.a.c.0.7.4.0.1.0.0.2.ip6.arpa. 600 IN NS vega.luniel.com. a.9.e.b.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.8.a.c.0.7.4.0.1.0.0.2.ip6.arpa. 600 IN PTR vega.luniel.com. 4.8.a.c.0.7.4.0.1.0.0.2.ip6.arpa. 600 IN SOA vega.luniel.com. hostmaster.luniel.com. 284 43200 3600 1209600 3600 ;; Query time: 0 msec ;; SERVER: 2001:470:ca84::be9a#53(2001:470:ca84::be9a) ;; WHEN: Tue Jan 05 13:40:28 CET 2016 ;; XFR size: 4 records (messages 1, bytes 227)
Comprobamos la resolución inversa
dig -x 2001:470:ca84::be9a +short vega.luniel.com.
Radvd
Utilizamos el router admertisement for IPv6 /etc/radvd.conf
interface br0
{
## (Send advertisement messages to other hosts)
AdvSendAdvert on;
## (Fragmentation is bad(tm))
AdvLinkMTU 1280;
MaxRtrAdvInterval 300;
AdvManagedFlag on;
AdvOtherConfigFlag on;
## (IPv6 subnet prefix we've been assigned by our PoP)
prefix 2001:470:ca84::/64
{
AdvAutonomous off;
};
};
Y le arrancamos
rc-update add radvd default /etc/init.d/radvd start * Enabling IPv6 forwarding ... [ ok ] [Jan 05 14:04:10] radvd (22643): config file, /etc/radvd.conf, syntax ok * Starting IPv6 Router Advertisement Daemon ... [ ok ]
Dibbler
El servidor Dibbler, permite asignar las direcciones IP de forma dinámica.
emerge -av net-misc/dibbler
Editamos el fichero /etc/dibbler/server.conf
script "/data/apps/scripts/dibbler-notify.sh"
log-level 8
log-mode full
preference 0
ddns-protocol any
ddns-timeout 1000
fqdn-ddns-address 2001:470:ca84::be9a
iface "br0" {
// also ranges can be defines, instead of exact values
t1 1800
t2 2700
prefered-lifetime 3600
valid-lifetime 7200
class {
pool 2001:470:ca84::2880:1-2001:470:ca84::2880:ff
}
next-hop 2001:470:ca84::be9a
option dns-server 2001:470:ca84::be9a
option domain luniel.com
option time-zone CET
}
Referencias
- Tunnel broker IPv6 Hurricane Electric
- Hurricane Electric Forum
- Hurricane Electric Video Presentations
- IPv6 router guide
- DHCPv6: Stateful Address Autoconfiguration on Linux (Part 1: radvd)
- IPv6 autoconfiguration with Dibbler (DHCPv6) and radvd
- Dibbler – a portable DHCPv6 User’s guide
--Daniel Simao (Talk) 13:13 3 ene 2016 (CET)
