1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
|
<html>
<head>
<title>
May 31, 2005 hf6to4 8
</title>
<style type="text/css">
<!--
body { margin-left:4%; }
H1, H2, H3, H4, H5 {
color: maroon; padding: 4pt; margin-left: -4%;
border: solid; border-width: thin; width: 100%;
background: rgb(204,204,255)
}
-->
</style>
</head>
<body bgcolor="#FFFFFF" text="#000000">
<h3>
NAME
</h3>
<b>hf6to4</b>
- setup automatic 6to4 IPv6 tunnelling
<h3>
SYNOPSIS
</h3>
<b>hf6to4</b>
[<b>-</b><b></b><b>vn</b>]
<i></i><i>command</i>
<h3>
DESCRIPTION
</h3>
The
<b>hf6to4</b>
script can be used to setup IPv6 on your home machine and
network for exploring IPv6 without any registrations. 6to4 is a
mechanism by which your IPv6 address(es) are derived from an assigned
IPv4 address, and which involves automatic tunnelling to one or more
remove 6to4 relay routers, which will then forward your v6 packets on the 6bone.
Replies are routed back to you over IPv4 via (possibly) other
6to4 relay routers. As such, IPv6-in-IPv4-encapsulated
packets are accepted from all v4-hosts. See
<a href="../html4/stf.html">stf(4)</a>
for security discussion.
<p>
From your (single) IPv4 address, you get a whole IPv6 /48 network,
which allows you to split your network in 2^16 subnets, with 2^64
hosts each. You need to setup routing for your internal network
properly, help is provided for setting up the border router here.
<p>
This script takes the burden to calculate your IPv6 address from
existing IPv4 address and runs the commands to setup (and tear down)
automatic 6to4 IPv6 tunnelling. In a separate step, router
advertisement for the inside network can be started and stopped.
<p>
Possible options are:
<dl compact>
<p><dt><b>-</b><b></b><b>n</b><dd>
Do not. Only print the commands that would be run, but do not execute
them.
<p><dt><b>-</b><b></b><b>v</b><dd>
Verbose operation. Print the commands that are about to be run, before
running them. Displays some additional information.
<p><dt><b>-</b><b></b><b>h</b><dd>
Show usage.
</dl>
<p>
Possible commands are:
<dl compact>
<p><dt><b></b><b>start</b><dd>
Same as
<b></b><b>stf-start</b>.
<p><dt><b></b><b>stop</b><dd>
Same as
<b></b><b>stf-stop</b>.
<p><dt><b></b><b>stf-start</b><dd>
Configure 6to4 IPv6. The
<a href="../html4/stf.html">stf(4)</a>
interface is configured, and a default route to a remote 6to4
gateway is established. In addition, the internal
network interface is assigned an address.
<p><dt><b></b><b>stf-stop</b><dd>
Stops 6to4 IPv6. All addresses are removed from the
<a href="../html4/stf.html">stf(4)</a>
device, and the default route is removed. If
<b></b><b>in_if</b>
is set, the 6to4 addresses are removed from that interface too.
<p><dt><b></b><b>rtadvd-start</b><dd>
Starts router advertizement and IPv6 packet forwarding,
turning the machine into a IPv6 router.
Clients just need to be told to accept router advertizements, i.e.
the
`net.inet6.ip6.accept_rtadv'
sysctl needs to be set to
`1'.
On NetBSD, you can arrange that by setting
``ip6mode=autohost''
in
<code></code><code>/etc/rc.conf</code>.
<p><dt><b></b><b>rtadvd-stop</b><dd>
Stops router advertizement and IPv6 packet forwarding.
<a href="../html8/rtadvd.html">rtadvd(8)</a>
is stopped.
</dl>
<h3>
REQUIREMENTS
</h3>
Besides IPv4 connectivity, you need support for IPv6 and the
<a href="../html4/stf.html">stf(4)</a>
device in your kernel. While the GENERIC
NetBSD
1.5 kernel does support IPv6, it does not contain support for the
<a href="../html4/stf.html">stf(4)</a>
device.
<p>
Make sure you have the following options in your kernel config file:
<dl compact><dt><dd>
<code>
<pre>
options INET # IP + ICMP + TCP + UDP
options INET6 # IPV6
pseudo-device stf 1 # 6to4 IPv6 over IPv4 encapsulation
</pre>
</code>
</dl>
<p>
In systems that run past-1.5,
you will have to explicitly create an
<a href="../html4/stf.html">stf(4)</a>
device after compiling it in the kernel. You do this by running
the following command before calling the
<b>hf6to4</b>
script:
<dl compact><dt><dd>
<code>
<pre>
ifconfig stf0 create
</pre>
</code>
</dl>
As an alternative, you can also put the following lines into
<code></code><code>/etc/rc.conf</code>:
<dl compact><dt><dd>
<code>
<pre>
net_interfaces="stf0"
ifconfig_stf0="create"
</pre>
</code>
</dl>
<p>
See also the comment on setting up IPv6-clients
`behind'
your 6to4 router for the
<b></b><b>rtadvd-start</b>
command!
<h3>
CONFIGURATION
</h3>
The
<b>hf6to4</b>
script reads its configuration from a config file named
<code></code><code>hf6to4.conf</code>.
The
<code></code><code>hf6to4.conf</code>
file is in
<a href="../html1/sh.html">sh(1)</a>
syntax, and contains several
variables that can be tuned to adjust your setup. Default values
should work for use on a modem/DSL dialup.
<dl compact>
<p><dt><b></b><b>out_if</b><dd>
The outbound interface that has a valid IPv4 address
assigned, that can be used to derive the IPv6
addresses from. Usually
``ppp0''
for a modem setup, or your ethernet interface if you have
IPv4 connectivity via LAN. This
can't be empty, and is assigned the IPv6 address
2002:x:x:v6_net:hostbits6, see below.
<p><dt><b></b><b>in_if</b><dd>
The inside interface. If non-empty, this interface is
assigned the IPv6 address
2002:x:x:v6_innernet:hostbits6, see below.
This is only useful on machines that
have more than one network interfaces, e.g. with a modem and a
local ethernet.
<p><dt><b></b><b>v6_net</b><dd>
The subnet address you want to use on the address of
your outbound interface. Defaults to
``1''.
<p><dt><b></b><b>v6_innernet</b><dd>
The subnet address you want to use on the address of
your inbound interface. Defaults to
``2''.
<p><dt><b></b><b>hostbits6</b><dd>
The lower 64 bits of both the inbound and outbound interface's
addresses.
<p><dt><b></b><b>peer</b><dd>
Name of the remote 6to4 server that'll take our
IPv6-in-IPv4 encapsulated packets and route them on
via IPv6. A special value of
``6to4-anycast''
can be used for the anycast service defined in RFC 3068.
Other possible values are given in the example config file.
<p><dt><b></b><b>remoteadr4,</b><b> remoteadr6</b><dd>
If the
<b></b><b>peer</b>
variable is set to the relay router's name, DNS lookups for A and AAAA
records will be made to
determine its IPv4 and IPv6 address. To avoid these lookups, the variables
<b></b><b>remoteadr4</b>
and
<b></b><b>remoteadr6</b>
can be set to strings containing the numerical IPv4 and IPv6 numbers
directly.
</dl>
<h3>
EXAMPLES
</h3>
The
<b>hf6to4</b>
script can be run automatically by
<a href="../html8/pppd.html">pppd(8)</a>
when a connection is made. For this, put the following into
<code></code><code>/etc/ppp/ip-up</code>:
<dl compact><dt><dd>
<code>
<pre>
( /usr/pkg/sbin/hf6to4 stf-stop
/usr/pkg/sbin/hf6to4 stf-start
/usr/pkg/sbin/hf6to4 rtadvd-stop
/usr/pkg/sbin/hf6to4 rtadvd-start ) &
</pre>
</code>
</dl>
<p>
To shut down properly, put this into
<code></code><code>/etc/ppp/ip-down</code>:
<dl compact><dt><dd>
<code>
<pre>
/usr/pkg/sbin/hf6to4 stf-stop
/usr/pkg/sbin/hf6to4 rtadvd-stop
</pre>
</code>
</dl>
<h3>
SEE ALSO
</h3>
<a href="../html4/stf.html">stf(4)</a>,
``6to4 IPv6 Explained''
at
<code></code><code>http://www.feyrer.de/NetBSD/6to4.html</code>,
NetBSD
IPv6 Documentation at
<code></code><code>http://www.netbsd.org/docs/network/ipv6/</code>,
RFC 3068.
<h3>
HISTORY
</h3>
The
<b>hf6to4</b>
utility and manpage were written by
Hubert Feyrer <hubert@feyrer.de>.
<p>
The utility was initially written in perl and called
``6to4''
but later rewritten as shell script and renamed to a name different
than the protocol it configures to emphasize the difference
between the protocol (6to4) and the implementation (hf6to4).
<p>
The older (perl) version is also shipped by Apple with versions
10.3 and 10.4 (and probably newer) of their MacOS X operating system.
<h3>
BUGS
</h3>
On systems running past-1.5, the
``ifconfig stf0 create''
should be run automatically.
<p>
Might be good to use /etc/rc.d/rtadvd for rtadvd handling.
</font></body>
</html>
|
