|
Taille: 1084
Commentaire: faire un tunnel 6to4 c'est pas *toute* la configuration IPv6...
|
Taille: 5509
Commentaire: et hop, une méthode automatique pour IP dynamique ! :)
|
| Texte supprimé. | Texte ajouté. |
| Ligne 3: | Ligne 3: |
| == Liaison 6to4 == | == Liaison 6to4 automatique sur liaison dynamique == * Fichier `/etc/init.d/6to4` (à rendre exécutable) : {{{ #! /bin/sh # # 6to4 Script to configure a 6to4 "tunnel" device # # Written by Daniel Lawson <daniel@meta.net.nz> PATH=/sbin:/bin:/usr/sbin:/usr/bin test -f $DAEMON || exit 0 # Source configuration file . /etc/default/6to4 start_6to4_tunnel() { # GET EXTIF IP Address PPPIP=`ip -4 addr list $EXTIF | grep inet | awk '{ print $2'}` # From IanKumlien: # If you get a /netmask-bits suffix, then change the PPPIP line to: # PPPIP=`ip -4 addr list $EXTIF | grep inet | awk '{ print $2 }' | cut -d/ -f1` echo $PPPIP # Set up the tunnel ip tunnel add ${IF} mode sit remote any local $PPPIP ttl 255 ip link set dev ${IF} mtu 1472 up } start_routes() { # Route outgoing 6to4 via the tunnel ip -6 route add 2002::/16 dev ${IF} # If this is your only IPv6 connection, add some more routes as well: if [ ${ONLYCONN} == "yes" ]; then # This line seems necessary, but I've never found documented # anywhere. Try without if you can. ip -6 route add ::/96 dev ${IF} metric 1 # Add a route toe the 6to4 Anycast address? ip -6 route add 2000::/3 via ::${GWADDR} dev tun6to4 metric 1 fi } start_local_network() { # Add a 6to4 Address to ${INTIF} if [ -n ${INTIF} ]; then ip -6 addr add $(printf "2002:%02x%02x:%02x%02x::1/64" $(echo ${PPPIP} | tr '.' ' ')) dev ${INTIF} fi } stop_local_network() { if [ -n ${INTIF} ]; then # GET the *old* tunnel ip OLDIP=`ip -6 addr list dev ${IF} | grep inet6 | cut -d ":" -f 3 | cut -d '/' -f 1` # Remove the route via ${INTIF} ip -6 route del $(printf "2002:%02x%02x:%02x%02x::/64" $(echo ${OLDIP} | tr '.' ' ')) dev ${INTIF} # Remove the 6to4 IP assigned to ${INTIF} ip -6 addr del $(printf "2002:%02x%02x:%02x%02x::1/64" $(echo ${OLDIP} | tr '.' ' ')) dev ${INTIF} fi } stop_routes() { ip -6 route del 2002::/16 dev ${IF} if [ ${ONLYCONN} == "yes" ]; then ip -6 route del ::/96 dev ${IF} metric 1 ip -6 route del 2000::/3 via ::${GWADDR} dev ${IF} metric 1 fi } stop_6to4_tunnel() { ip -6 route flush dev ${IF} ip link set dev ${IF} down ip tunnel del ${IF} } restart_6to4_ad () { [ "yes" == "${RADVD}" ] && killall -1 radvd } case "$1" in start) echo -n "Setting up 6to4 IPv6 tunnel ($IF): " start_6to4_tunnel start_routes start_local_network restart_6to4_ad ;; stop) echo -n "Shutting down 6to4 IPv6 tunnel ($IF): " stop_local_network stop_routes stop_6to4_tunnel restart_6to4_ad ;; restart|force-reload) echo -n "Resetting 6to4 IPv6 tunnel ($IF): " stop_local_network stop_routes stop_6to4_tunnel start_6to4_tunnel start_routes start_local_network restart_6to4_ad ;; *) echo "Usage: $0 {start|stop|restart|force-reload}" >&2 exit 1 ;; esac exit 0 }}} * Fichier `/etc/default/6to4` : {{{ # Defaults for 6to4 initscript # sourced by /etc/init.d/6to4 # installed at /etc/default/6to4 by the maintainer scripts # # This is a POSIX shell fragment # # What is the name of your tunnel interface? IF=tun6to4 # What is the name of your external (real-world) interface? EXTIF=ppp0 # What is the name of your internal (rfc1918) interface? # If you do not wish to use this feature, then leave this blank. # If your internal hosts have real-world addresses themselves, then this # set of scripts currently wont help you. INTIF=eth1 # Do you use radvd for dynamic IPv6 addressing within your network? RADVD=yes # IS this your only IPv6 connection? If you have a freenet6, or some other # form of IPv6 connection, then set the following to no. If you are sure # that this is your only IPv6 connection, set it to yes. ONLYCONN=yes # If this is your only IPv6 connection, you need a gateway to forward # your 6to4 packets onto the 6bone. You should find a gateway that is # as close to you as possible! # Helsinki or somewhere similar GWADDR=192.88.99.1 # AARNET in australia #GWADDR=192.231.212.5 }}} * Fichier `/etc/ppp/ip-up.d/ipv6-6to4-up` (à rendre exécutable) : {{{ #!/bin/sh /etc/init.d/6to4 stop /etc/init.d/6to4 start }}} * Fichier `/etc/ppp/ip-down.d/ipv6-6to4-down` (à rendre exécutable) : {{{ #!/bin/sh /etc/init.d/6to4 stop }}} == Liaison 6to4 « à la main » == |
Quelques exemples en attendant une vraie doc'...
Liaison 6to4 automatique sur liaison dynamique
Fichier /etc/init.d/6to4 (à rendre exécutable) :
# # 6to4 Script to configure a 6to4 "tunnel" device # # Written by Daniel Lawson <daniel@meta.net.nz> PATH=/sbin:/bin:/usr/sbin:/usr/bin test -f $DAEMON || exit 0 # Source configuration file . /etc/default/6to4 start_6to4_tunnel() { # GET EXTIF IP Address PPPIP=`ip -4 addr list $EXTIF | grep inet | awk '{ print $2'}` # From IanKumlien: # If you get a /netmask-bits suffix, then change the PPPIP line to: # PPPIP=`ip -4 addr list $EXTIF | grep inet | awk '{ print $2 }' | cut -d/ -f1` echo $PPPIP # Set up the tunnel ip tunnel add ${IF} mode sit remote any local $PPPIP ttl 255 ip link set dev ${IF} mtu 1472 up } start_routes() { # Route outgoing 6to4 via the tunnel ip -6 route add 2002::/16 dev ${IF} # If this is your only IPv6 connection, add some more routes as well: if [ ${ONLYCONN} == "yes" ]; then # This line seems necessary, but I've never found documented # anywhere. Try without if you can. ip -6 route add ::/96 dev ${IF} metric 1 # Add a route toe the 6to4 Anycast address? ip -6 route add 2000::/3 via ::${GWADDR} dev tun6to4 metric 1 fi } start_local_network() { # Add a 6to4 Address to ${INTIF} if [ -n ${INTIF} ]; then ip -6 addr add $(printf "2002:%02x%02x:%02x%02x::1/64" $(echo ${PPPIP} | tr '.' ' ')) dev ${INTIF} fi } stop_local_network() { if [ -n ${INTIF} ]; then # GET the *old* tunnel ip OLDIP=`ip -6 addr list dev ${IF} | grep inet6 | cut -d ":" -f 3 | cut -d '/' -f 1` # Remove the route via ${INTIF} ip -6 route del $(printf "2002:%02x%02x:%02x%02x::/64" $(echo ${OLDIP} | tr '.' ' ')) dev ${INTIF} # Remove the 6to4 IP assigned to ${INTIF} ip -6 addr del $(printf "2002:%02x%02x:%02x%02x::1/64" $(echo ${OLDIP} | tr '.' ' ')) dev ${INTIF} fi } stop_routes() { ip -6 route del 2002::/16 dev ${IF} if [ ${ONLYCONN} == "yes" ]; then ip -6 route del ::/96 dev ${IF} metric 1 ip -6 route del 2000::/3 via ::${GWADDR} dev ${IF} metric 1 fi } stop_6to4_tunnel() { ip -6 route flush dev ${IF} ip link set dev ${IF} down ip tunnel del ${IF} } restart_6to4_ad () { [ "yes" == "${RADVD}" ] && killall -1 radvd } case "$1" in start) echo -n "Setting up 6to4 IPv6 tunnel ($IF): " start_6to4_tunnel start_routes start_local_network restart_6to4_ad ;; stop) echo -n "Shutting down 6to4 IPv6 tunnel ($IF): " stop_local_network stop_routes stop_6to4_tunnel restart_6to4_ad ;; restart|force-reload) echo -n "Resetting 6to4 IPv6 tunnel ($IF): " stop_local_network stop_routes stop_6to4_tunnel start_6to4_tunnel start_routes start_local_network restart_6to4_ad ;; *) echo "Usage: $0 {start|stop|restart|force-reload}" >&2 exit 1 ;; esac exit 0Fichier /etc/default/6to4 :
# Defaults for 6to4 initscript # sourced by /etc/init.d/6to4 # installed at /etc/default/6to4 by the maintainer scripts # # This is a POSIX shell fragment # # What is the name of your tunnel interface? IF=tun6to4 # What is the name of your external (real-world) interface? EXTIF=ppp0 # What is the name of your internal (rfc1918) interface? # If you do not wish to use this feature, then leave this blank. # If your internal hosts have real-world addresses themselves, then this # set of scripts currently wont help you. INTIF=eth1 # Do you use radvd for dynamic IPv6 addressing within your network? RADVD=yes # IS this your only IPv6 connection? If you have a freenet6, or some other # form of IPv6 connection, then set the following to no. If you are sure # that this is your only IPv6 connection, set it to yes. ONLYCONN=yes # If this is your only IPv6 connection, you need a gateway to forward # your 6to4 packets onto the 6bone. You should find a gateway that is # as close to you as possible! # Helsinki or somewhere similar GWADDR=192.88.99.1 # AARNET in australia #GWADDR=192.231.212.5
Fichier /etc/ppp/ip-up.d/ipv6-6to4-up (à rendre exécutable) :
/etc/init.d/6to4 stop /etc/init.d/6to4 start
Fichier /etc/ppp/ip-down.d/ipv6-6to4-down (à rendre exécutable) :
/etc/init.d/6to4 stop
Liaison 6to4 « à la main »
Exemple de configuration au BAP :
auto tun6to4
iface tun6to4 inet6 v4tunnel
address 2002:d2f5:3dce:feed::1
netmask 64
endpoint any
local 210.245.61.206
ttl 64
up ip -6 route add 2000::/3 via ::192.88.99.1 dev tun6to4
up sysctl -w net.ipv6.conf.all.forwarding=1
up sysctl -w net.ipv6.conf.all.autoconf=0
up sysctl -w net.ipv6.conf.all.accept_ra=0
up sysctl -w net.ipv6.conf.all.accept_redirects=0
up sysctl -w net.ipv6.conf.all.router_solicitations=0
down ip -6 route flush dev tun6to4On remarquera que la partie 6to4 de l'adresse IPv6 (d2f5:3dce) correspond à l'adresse IPv4 locale (210.245.61.206). C'est impératif si on veut que les réponses reviennent vers cette adresse IPv4.
Pour calculer l'adresse IPv6 on peut utiliser la commande suivante qui se trouve dans le paquet éponyme :
$ ipv6calc -I ipv4addr -O ipv6addr -A conv6to4 210.245.61.206 2002:d2f5:3dce::