Introduction
This page details the process for setting up an IPv6 tunnel using Hurricane Electric. While any tunnel broker will work, for this example we are going to use http://www.tunnelbroker.net/ by Hurricane Electric.
Instructions
- Go to http://www.tunnelbroker.net/register.php and fill out the form to create a new account.
- Login to your account and click on Create Regular Tunnel.
- Enter your public IPv4 address in the IPv4 Endpoint field. To find this address, visit http://www.whatismyip.com (Note: You can change your endpoint address later any time if your address is not 100% static). Select the tunnel server closest to you and click on the Create Tunnel button.
- You will be given multiple example scripts to set up the tunnel on your end. However, it's recommended that you configure the connection using the nmcli command provided below if you use the default method of managing your network connections (NetworkManager). Alternatively, you can use the script provided below. (Select OS: linux-route2)
- Click on Main Page to find a list of your tunnels at the end. You can modify your tunnel, allocate your own /48 or set up rDNS delegation by clicking on the tunnel.
- Feel free to enable forwarding on your tunnel machine and assign addresses from your own /64 or /48 to the machines on your network to provide IPv6 connectivity to your own network.
NetworkManager connection
Go to the configuration page of your tunnel (Main Page => Click on your tunnel) to find the settings needed to fill into the sample command below to replace the places where the words are CAPITALIZED.
# nmcli connection add type ip-tunnel con-name sit1 ifname sit1 mode sit \ remote SERVER_IPV4_ADDRESS -- ipv4.method disabled ipv6.method manual \ ipv6.address CLIENT_IPV6_ADDRESS ipv6.gateway SERVER_IPV6_ADDRESS \ ip-tunnel.ttl 64
Afterwards, you can control the tunnel using nmcli
. Unfortunately, it won't be visible in any of the interactive tools (nmtui or nm-connection-editor) (See bug #1391424).
The main advantage of this method is that the connection will be managed by NetworkManager and brought up automatically upon reboot without any further configuration.
Example tunnel script
- Go to the configuration page of your tunnel (Main Page => Click on your tunnel) to find the settings needed to fill into the sample script below to replace the places where the word CHANGE!!! appears.
cat << EOF > /usr/local/bin/ipv6-tunnel.sh #!/bin/sh LOCAL=CHANGE!!! # Client IPv4 address ADDR=CHANGE!!! # Client IPv6 address REMOTE=CHANGE!!! # Server IPv4 address ip tunnel del he-ipv6 > /dev/null 2>&1 ip tunnel add he-ipv6 mode sit remote ${REMOTE} local ${LOCAL} ttl 255 ip link set he-ipv6 up ip addr add ${ADDR} dev he-ipv6 ip route add ::/0 dev he-ipv6 EOF
- Ensure the script is executable
chmod ugo+x /usr/local/bin/ipv6-tunnel.sh
- Finally, simply run the script to bring up the IPv6 tunnel.
Network configuration file
The tunnel can also be configured like any other physical interface. Once this is done, the tunnel can be started and stopped via the ifup
and ifdown
commands, and the interface can be configured to start on boot. To do so, use the settings from the script above to create the file, /etc/sysconfig/network-scripts/ifcfg-he-ipv6
, as follows:
DEVICE=he-ipv6 TYPE=sit BOOTPROTO=none ONBOOT=yes # set to "no" if you prefer to start the tunnel manually IPV6INIT=yes IPV6TUNNELIPV4=CHANGE!!! # Server IPv4 address IPV6ADDR=CHANGE!!! # Client IPv6 address
Also, add the following to /etc/sysconfig/network
:
IPV6_DEFAULTDEV=he-ipv6
This ensures that IPv6 traffic is sent via the tunnel interface.
To bring up the interface, run ifup he-ipv6
. To bring the interface down, run ifdown he-ipv6
.