Skip to end of metadata
Go to start of metadata

All you need is a Linux or BSD box configured as a router, for instance Quagga or BIRD.

As someone who is building little compact flash and USB flash based BSD boxes for various tasks, I can quite happily say its entirely possible to build diskless based Linux/BSD routers which are upgraded about as easy as upgrading a Cisco router (ie, copy over new image, run "save-config" script, reboot.) Its been that way for quite some time.

If there's interest I'll hack up a FreeBSD nanobsd image with ipv6 support, a routing daemon (whatever people think is good enough) and whatever other stuff is "enough" to act as a 6to4 gateway.
You too can build diskless core2duo software routers for USD $1k.

Nathan Ward has packaged up a FreeBSD image that runs on Soekris boxes which incorporates 6to4 and Teredo. A binary TUI release can be downloaded from Nathan's website, as well as a nice article by Geoff Huston.

Reverse 6to4 delegation can be requested at: https://6to4.nro.net, please check the instructions at https://6to4.nro.net/6to4_reverse/non_2002/index.html.

If you announce a 6to4 prefix, make sure to add your ASN to the list of ISPs currently announcing a 6to4 prefix.

Jordi's AfriNIC posting

This info provides the steps required in order to configure your BSD box as a 6to4 Relay.

In order to proceed, you need to have a public IPv4 address on that box, your own IPv6 prefix (provided by AfriNIC in this case) and IPv6 transit.

The BSD box need to support stf pseudo-interface, FreeBSD 5.4 or higher version is recommended, for FreeBSD 4.9 you need to recompile the kernel adding "pseudo-device stf". NetBSD 1.5 supports stf pseudo-interface compiling the kernel. Also need to have IPv6 support and IPv6 routing enabled.

If you need help in order to acquire your IPv6 prefix from AfriNIC, let us know and we can help even with the request form.

Similarly, we are able to help in making sure you have the right configuration for IPv6 in your BSD and you can get IPv6 transit (native or tunneling) either from your upstream, or alternatively, if that's not possible, we will be able to provide free IPv6 transit to third party networks.

Regards,

Jordi

Running a 6to4 relay on Linux

Tested on 2.6.24-19-generic (ubuntu hardy).

Create this bash script

Remember that you need to update access lists for the network the 6to4 relay is on. Allow 192.88.99.1 into the network. As it sends packets from 2002:: you need to allow spoofed outgoing packets.

IMPORTANT NOTE

If you are running a Linux based 6to4 relay you should consider applying this patch.

Create an stf interface

In case it doesn't exist, create an stf interface.
Run these commands in a terminal:

By default the stf interface is not enabled.

Add local 6to4 address to interface (note: prefix length 16 is very important!)

Configure IPv6 connectivity

Because we are configuring a 6to4 relay it should have IPv6 connectivity (either native or via a tunnel) through an IPv6 gateway (for our example we use 2001:7f9:1::1 as GW address). After having configured an IPv6 address on the corresponding interface, the default route should be configured:

If our IPv6 interface is interface ne0:

To configure the IPv6 address:

To add a default route:

Configure prefix advertisements

Somewhere on the Relay network, the device in charge of announcing prefixes (typically a BGP router) should announce 2002::/16 prefix to its IPv6 peerings.

This would allow native IPv6 nodes to reach 6to4 nodes (2002::/16 addresses).

Regarding the IPv4 reachability of the Relay there are two options:

  1. Configure the 6to4 anycast IPv4 address (192.88.99.1) and announce the anycast prefix (192.88.99.0/24) to the site IPv4 peerings.
  2. :6to4 hosts will be able to find it automatically, with no need for any manual configuration.
  3. Use another public IPv4 address.
  4. :Some kind of advertisement of the IPv4 address is needed (usually a FQDN-Fully Qualified Domain Name) in order to allow others to configure our relay.

This will allow 6to4 nodes (2002::/16 addresses) to reach native IPv6 nodes through our relay.

Making your configuration persistent

In order to make your configuration persistent, a script could be used that is executed at boot time. The idea is to have a script that executes all the commands needed to configure everything as desired.

This example for Linux takes the local host public IPv4 address as an argument:

For FreeBSD add this to /etc/rc.conf:

Configuration examples may vary for other BSD distributions.

Remove a 6to4 tunnel using "ip" and a dedicated tunnel device

Remove a 6to4 interface address

Remove 6to4 prefix route

First we can see the route table with:

Now we can delete the route entry for 2002::/16 prefix via <gateway_IPv6> with:

  • No labels