IPv6 over IPv4 with Gentoo and tunnelbroker.net and dynamic IPv4 address from provider

Gentoo all built April 2011

As of 2011-04-22

You have to register at http://www.tunnelbroker.net. In the following we assume, You have the following data received from Hurricane Electric Tunnelbroker:

User ID1234567890
Tunnel ID12345
routed /64 net2001:471:2f0b:2958::/64This IPv6 range will be accessible from the internet
tunnel /64 net2001:471:2f0a:2958::/64This IPv6 range is uesed only for the server and client endpoint of the IPc6-over-IPv4 tunnel, so only 2 addresses of this net are used.
HE-Server IPv6 address2001:471:2f0a:2958::1/64HE server side endpoint of the IPv6 over IPv4 tunnel IPv6 address
Your IPv6 address2001:471:2f0a:2958::2/64Your side endpoint of the IPv6 over IPv4 tunnel IPv6 address
HE-Server IPv4 address216.66.50.30HE server side endpoint of the IPv6 over IPv4 tunnel IPv4 address
Your IPv4 addressdynamic/unknownYour side endpoint of the IPv6 over IPv4 tunnel IPv4 address that changes at least every 24 h

Be sure You have iproute2 installed. Assuming Your Gentoo host is a router with two network interfaces, eth1 for WAN(DSL/ppp) and eth0 for LAN (192.168.1.0/24 and 2001:471:2f0b:2958::/64), make a config like this in /etc/conf.de/net:


config_eth0=( "192.168.1.1/24" "2001:471:2f0b:2958::1/64" )

config_eth1=( null )

config_ppp0=( "ppp" )
link_ppp0="eth1" 
plugins_ppp0=( "pppoe" )
username_ppp0='myaccount'
password_ppp0='mypassword'
pppd_ppp0=(
            "noauth"
            "defaultroute"
            "holdoff 3"
            "child-timeout 60"
            "lcp-echo-interval 15"
            "lcp-echo-failure 3"
            noaccomp noccp nobsdcomp nodeflate nopcomp novj novjccomp
)

depend_ppp0() {
     need net.eth1
}

modules_he6="iproute2";

# the local ip address of the tunnel gets updated to the local ppp0 ip address in ppp0-ip-up-script
# local ip ist just dummy entry
iptunnel_he6="mode sit remote 216.66.50.30 local 192.168.222.222 ttl 255";

# do not know if this is really needed
mtu_he6=1280;

#Client IPv6 address
config_he6=( "2001:471:2f0a:2958::2/64" );

routes_he6=( "default via 2001:471:2f0a:2958::1 dev he6" );

Then, make the following file /etc/ppp/ip-up.d/95-update-he-tunnel-endpoint.sh:


#!/bin/sh

# $4 = ppp local IP address

PPP_DEV=$1

PPP_LOCAL_IP=$4

USER_ID='1234567890'

TUNNEL_ID='12345'

URL='https://ipv4.tunnelbroker.net/ipv4_end.php'

PASS_MD5='bc97b1d1e9b89c2a15b108fef1dbad8e'

# wait for dns to come up
sleep 20

wget --spider --no-check-certificate "${URL}?ipv4b=AUTO&pass=${PASS_MD5}&user_id=${USER_ID}&tunnel_id=${TUNNEL_ID}"
logger "tunnel endpoint ipv4 address updated"

logger "Updating he6 tunnel local endpoint to $PPP_DEV IP $PPP_LOCAL_IP"
ip tunnel change he6 local $PPP_LOCAL_IP dev $PPP_DEV

Make symbolic link net.he6, adjust firewall etc. and test if ping6 tunnelbroker.net succeeds.

For automatically giving all the clients in your LAN IPv6, emerge the IPv6 Router Advertisement Daemon radvd and write the following in /etc/radvd.conf:


interface eth0
{
    AdvSendAdvert on;
    AdvLinkMTU 1280;
    MaxRtrAdvInterval 300;

    prefix 2001:471:1f0b:2958::/64 
    {
        AdvOnLink on;
        AdvAutonomous on;
    };

};