Configuring FreeBSD for IPv6
Richard Grace <[email protected]>
Introduction
IPv6 or IPng as it is sometimes known, is intended to offer a greater
flexibility of networking over the current IP addressing scheme (known as
IPv4). As well as a larger range of addressable space, IPv6 also provides,
many enhancements to IPv4 including IPsec, which provides data encryption
at the packet level, and improved support for Quality of Service (QoS)
and traffic management.
For further reading, please refer to http://www.ipv6.org/
Kame have been developing a free IPv6 implementation for the *BSD
platform, with regular updates as well as stable and official
releases, over the past year. To obtain the latest information
regarding supported platforms, refer to the Kame web site at http://www.kame.net/
Connecting to the 6bone
The 6bone (IPv6 Backbone) is a testbed for the deployment of IPv6
networking and currently runs as a network of tunnels over the current
IPv4 internetworking infrastructure. To obtain IPv6 network addresses
for use in the testing and development of IPv6 networking, you will
need to connect to the 6bone. Please refer to http://www.6bone.net/ for more
information about the 6bone and how to connect. Connection can be as
simple as asking your nearest PTLA for experimental address space.
Here is my 6bone connection information as an example:
Network Allocaton: 3ffe:8001:0005::/48
Tunnel Remote end: 3ffe:8000:ffff:1005::100/64 203.5.119.58
Tunnel Local end: 3ffe:8000:ffff:1005::101/64 203.6.241.1
To apply for commercial IPv6 network address space, you will need
to refer to http://www.apnic.net/drafts/ipv6/ .
Configuration
I have installed the Kame IPv6 kit on a FreeBSD test machine with the
following specifications:
- Cyrix 686 PR233MX
- 64 Mb RAM
- 1.2 Gb disk
- Dual RTL8029 PCI ethernet
- FreeBSD RELEASE-3.3
- kame-19991213-freebsd33-stable kit
The following steps outline the installation of FreeBSD and how to apply the
Kame IPv6 kit successfully, how to configure your FreeBSD machine to be a
router, and configure a tunnel to connect to the 6bone.
-
Install FreeBSD RELEASE in a minimal configuration:
- binaries
- source (only the kernel and top-level sources are required)
- man pages (if required)
- ports (if required)
- see df(1) output below for a sample filesystem layout
-
Follow instructions to unpack and apply KAME STABLE kit. The
rest of this article will assume that the Kame kit is installed in
a directory called $SOMEWHERE/kame/. I chose to install the Kame
kit under the /usr/kame directory, but of course you may install
it anywhere you like.
- see file $SOMEWHERE/kame/INSTALL for basic installation instructions.
- see file $SOMEWHERE/kame/freebsd3/INSTALL for specific instructions.
- see file $SOMEWHERE/kame/USAGE for information regarding utilities.
- see file $SOMEWHERE/kame/README for other info.
-
You will need to modify your /etc/rc file to start the IPv6
networking. This must be done in /etc/rc rather than a script in
/usr/local/etc/rc.d as the networking must be started before any
local packages. The most appropriate place in /etc/rc for the
IPv6 startup is directly after the other networking startup. This is around
line 260 of the /etc/rc file.
-
Configure /usr/local/v6/etc/rc.net6 for the local network
interfaces. In this file, you can choose for your machine to be
an IPv6 router, an IPv6 multicast router, and the interfaces to
configure. This is equivalent to setting the same options for
IPv4 in the /etc/rc.conf file.
-
Configure /usr/local/v6/etc/rc.net6 and /usr/local/v6/etc/rtadvd.conf
to advertise our network prefix over the local network interfaces.
If your machine is going to be an IPv6 router, you will need to set
'ip6router=YES' at the top of the /usr/local/v6/etc/rc.net6 file, and
enable rtadvd.
See files below for examples on how to configure your machine.
-
If your machine is going to be a gateway to the 6bone, you
should set 'ip6router=YES' at the top of the file, and configure
the interfaces for the network prefix you have been allocated. Use
'gifconfig' to configure the gif0 generic interface for tunneling.
See configuration file 'routes6.sh' below.See gifconfig(8) man
page for more details.
-
Use 'ifconfig' to assign IPv6 addresses to the gif0 interface.
See configuration file 'routes6.sh' below.
See ifconfig(8) man page for more details.
-
Assign a default route for IPv6. This is the other end of the
tunnel.See configuration file 'routes6.sh' below. See route(8)
man page for more details.
-
To install the IPv6 ports, simply 'cd' to the port you wish to
make, and run 'make install' at the command prompt. The Kame IPv6
ports are located under $SOMEWHERE/kame/freebsd3/ports/.
Appendix A - System Configuration
Output from df(1)
Filesystem 1K-blocks Used Avail Capacity Mounted on
/dev/wd0s1a 31743 26173 3031 90% /
/dev/wd0s1d 496111 333616 122807 73% /usr
/dev/wd0s1e 511855 231654 239253 49% /usr/local
/dev/wd0s1f 99183 11503 79746 13% /var
/dev/wd0s1g 63503 38510 19913 66% /home
procfs 4 4 0 100% /proc
Output from ifconfig(1) for IPv4 addresses
In this example, tun0 is a ppp link to an ISP, and ed0 and ed1 are two
local ethernets.
ed0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 203.6.241.130 netmask 0xffffffc0 broadcast 203.6.241.191
ed1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 203.6.241.200 netmask 0xffffffc0 broadcast 203.6.241.255
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
inet 203.6.241.1 --> 203.5.119.58 netmask 0xffffffc0
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
Appendix B - IPv6 Configuration Files
/etc/rc
# This line runs the IPv6 network initialization.
# insert it after the IPv4 network has been started.
[ -f /usr/local/v6/etc/rc.net6 ] && sh /usr/local/v6/etc/rc.net6
/usr/local/v6/etc/rc.net6
#! /bin/sh
#
# Note! These are only the settings you need to change!
#
# Set this machine to be an IPv6 router
ip6router=YES
# Set the following interface prefixes for advertisement
iface="ed0 ed1"
prefix_ed0="3ffe:8001:0005:0ed0"
prefix_ed1="3ffe:8001:0005:0ed1"
...
# rtadvd
# This should enabled with a great care.
# You may want to fine-tune /usr/local/v6/etc/rtadvd.conf.
[ -x $rtadvd ] && $rtadvd $iface
...
/usr/local/v6/etc/rtadvd.conf
#
# common definitions.
#
default:\
:chlim#64:raflags#0:rltime#1800:rtime#30000:retrans#1000:\
:pinfoflags#192:vltime#3600000:pltime#3600000:mtu#1500:
ether:\
:mtu#1500:tc=default:
ppp:\
:mtu#1500:maxinterval#20:mininterval#10:tc=default:
#
# interfaces.
#
ed0:\
:addrs#1:addr="3ffe:8001:0005:0ed0::":prefixlen#64:tc=ether:
ed1:\
:addrs#1:addr="3ffe:8001:0005:0ed1::":prefixlen#64:tc=ether:
/usr/local/v6/etc/rc.d/routes6.sh
#!/bin/sh
# Set up the IPv4 part of the tunnel...
/usr/local/v6/sbin/gifconfig gif0 203.6.241.1 203.5.119.58
# Now configure the gif0 device with the IPv6 details
/usr/local/v6/sbin/ifconfig gif0 inet6 \
3ffe:8000:ffff:1005::101 3ffe:8000:ffff:1005::100 prefixlen 64
# And add a default route for IPv6 connections...
/usr/local/v6/sbin/route add -inet6 default 3ffe:8000:ffff:1005::100
|