June 2011 Archives

ipv6@home part 2

| No Comments | No TrackBacks
In part 1 I got IPv6 to work to my router. The story continues with how I got IPv6 to work for my other computers.

According to http://ipv6.internode.on.net/access/adsl/ I can use a DHCPv6 client to receive a Prefix Delegation, ie some IPv6 address space that I can use on my other subnets. And according to http://klub.com.pl/dhcpv6/, the dibbler-client package (version 0.7.3) includes support for generating radvd.conf configuration files.

So I incanted 'sudo aptitude install dibbler-client'. After answering some debconf questions I had a look at the /etc/dibbler/client/conf file. I found I needed to comment out the 'ia' statement, and uncomment the 'stateless' statement, and add a 'pd' statement to request prefix delegation.

Now dibbler-client was generating /etc/dibbler/radvd.conf. The radvd.conf file is to configure the router advertising daemon, which is needed to make clients on my wireless network know what IPv6 addresses to use.

However the /var/log/dibbler/dibbler-client.log file was complaining, saying IPv6 forwarding disabled, so prefix operation will apply to this (ppp0/51) interface only. And indeed the radvd.conf file only had the ppp0 interface configured. This is odd. I looked at the dibbler source code. It is checking the value of /proc/sys/net/ipv6/conf/all/forwarding, which is 0. But I thought I'd corrected this because I have /etc/sysctl.conf setting net.ipv6.conf.all.forwarding=1. But I guess I was wrong. Running /etc/init.d/procps restart to update the /proc variables got me past that.

Of course after that I stumbled again. The stateless address auto configuration protocol (http://www.ietf.org/rfc/rfc4862.txt) says that routers can't receive addresses via this protocol. And Linux conforms that the protocol, unless you tell it otherwise. According to a debian-ipv6 post there is a linux kernel patch to let the kernel accept Router Advertisements if you set an interface accept_ra sysctl variable to 2. I found that patch, it's mention on LKML here, and you can see it in the kernel git web here. But this patch isn't included in the 2.6.32 kernel in Debian Squeeze, the release I'm running on my router. Later in that same debian-ipv6 mailing list post. Bernard Schmidt said the patch got into the 2.6.37 kernel. But he also said that there is another way of achieving the same thing in a 2.6.32 kernel.

That way is to set net.ipv6.conf.ppp0.forwarding=0. Surprisingly this tricks the kernel into accepting router advertisements, and still doing forwarding (as it's the net.ipv6.conf.all.forwarding variable that is checked for that, the forwarding variables on the interfaces are apparently ignored). I setup a /etc/ppp/ipv6-up.d/accept_ra script to do that automatically for me.

So once I'd fixed that, dibbler started correctly generating a /etc/dibbler/radvd.conf file that included prefix's for all of my ethernet interfaces. Hurrah! Strangely though the prefixes on all the different ethernet interfaces were the same, which seems... incorrect. So I used the dibbler generated radvd.conf file only to tell me what the prefixes were, and wrote my own /etc/radvd.conf file.

And after doing all that, http://www.test-ipv6.com/ tells me my IPv6 connection from my laptop is working. Me for the win!
So now I have IPv6 working at home.

ipv6@home part 1

| No Comments | No TrackBacks
10 years ago I was involved in a university project working with transition technologies for IPv6. And this year I finally got around to getting IPv6 at home, thanks to internode providing it to their ADSL customers.

I thought I'd document what I had to do. Internode makes it fairly easy. You simple configure your ppp software to authentication with a username ending in @ipv6.internode.on.net, instead of @internode.on.net.

However I found that with the linux ppp software I was using (pppoe 3.8-3 and ppp 2.4.5-4 in Debian Squeeze) I had to also add '+ipv6' to /etc/ppp/options. Naturally I setup some firewall rules, and as I was already using shorewall, I decided to use shorewall6.

So far, so good. From my router I'm able to ping6 mirror.internode.on.net. Of course I probably also want to use IPv6 from my other computers, that are behind the router. That will have to wait for part 2.

email etiquette

| No Comments | No TrackBacks

I wish some of my colleagues would read the above. The people I'm referring to are the least likely to be following my blog though.