How to setup tunnel broker via Hurricane Electric

From FedoraProject

Jump to: navigation, search

Contents

Introduction

This page details the process for setting up a tunnel broker for IPv6 using Hurricane Electric. While any tunnel broker will work, for this example we are going to use http://www.tunnelbroker.net/ by Hurricane Electric.

Instructions

  1. Go to http://www.tunnelbroker.net/register.php and fill out the form to create a new account.
  2. Login to your account and click on Create Regular Tunnel.
  3. Enter your public IPv4 address in the IPv4 Endpoint field. To find this address, visit http://www.whatismyip.com (Note: You can change your endpoint address later any time if your address is not 100% static). Select the tunnel server closest to you and click on the Create Tunnel button.
  4. You will be given multiple example scripts to set up the tunnel on your end or you can use the script provided below. (Select OS: linux-route2)
  5. Click on Main Page to find a list of your tunnels at the end. You can modify your tunnel, allocate your own /48 or set up rDNS delegation by clicking on the tunnel.
  6. Feel free to enable forwarding on your tunnel machine and assign addresses from your own /64 or /48 to the machines on your network to provide IPv6 connectivity to your own network.

Example tunnel script

  1. Go to the configuration page of your tunnel (Main Page => Click on your tunnel) to find the settings needed to fill into the sample script below to replace the places where the word CHANGE!!! appears.
    cat << EOF > /usr/local/bin/ipv6-tunnel.sh
    #!/bin/sh
    
    LOCAL=CHANGE!!!                     # Client IPv4 address
    ADDR=CHANGE!!!                      # Client IPv6 address
    REMOTE=CHANGE!!!                    # Server IPv4 address
    
    ip tunnel del he-ipv6 > /dev/null 2>&1
    
    ip tunnel add he-ipv6 mode sit remote ${REMOTE} local ${LOCAL} ttl 255
    ip link set he-ipv6 up
    
    ip addr add ${ADDR} dev he-ipv6
    ip route add ::/0 dev he-ipv6
    EOF
    
  2. Ensure the script is executable
    chmod ugo+x /usr/local/bin/ipv6-tunnel.sh
  3. Finally, simply run the script to bring up the IPv6 tunnel.

Network configuration file

The tunnel can also be configured like any other physical interface. Once this is done, the tunnel can be started and stopped via the ifup and ifdown commands, and the interface can be configured to start on boot. To do so, use the settings from the script above to create the file, /etc/sysconfig/network-scripts/ifcfg-he-ipv6, as follows:

DEVICE=he-ipv6
TYPE=sit
BOOTPROTO=none
ONBOOT=yes                         # set to "no" if you prefer to start the tunnel manually
IPV6INIT=yes
IPV6TUNNELIPV4=CHANGE!!!           # Server IPv4 address
IPV6ADDR=CHANGE!!!                 # Client IPv6 address

Also, add the following to /etc/sysconfig/network:

IPV6_DEFAULTDEV=he-ipv6

This ensures that IPv6 traffic is sent via the tunnel interface.

To bring up the interface, run ifup he-ipv6. To bring the interface down, run ifdown he-ipv6.