Differences between revisions 27 and 28
Revision 27 as of 2010-02-14 09:48:27
Size: 6944
Editor: ?BernhardWiedemann
Comment: 6to4 prefix-length is /48 not /64 (this is why it leaves 16+64 bits to users)
Revision 28 as of 2010-05-04 09:20:47
Size: 7295
Editor: ?MarcPignat
Comment: Added disabling ipv6 in squeeze
Deletions are marked like this. Additions are marked like this.
Line 105: Line 105:
=== In squeeze ===
 * Disable ipv6 in kernel : ''echo net.ipv6.conf.all.disable_ipv6=1 > /etc/sysctl.d/disableipv6.conf'' will disable ipv6 at next reboot.
   * fetchmail will stop sending dns AAAA queries.
 * In exim4:
   * put ''disable_ipv6 = true'' into your exim configuration file
   * run ''update-exim4.conf''
   * then restart exim4

Debian IPv6 Project

The purpose of the project is to provide a central place to find out about IP version 6 in Debian. All computers that talk on the Internet use a communications protocol called IP (Internet Protocol) and they all use version 4 of this protocol.

Fully IPv6 support is a ReleaseGoals for Squeeze. Please see ReleaseGoals/FullIPv6Support for more details.

Native IPv6

If you already have native connectivity, Debian should pick it up automatically from router advertisments, and generate addresses for you. You can also use the "static" method in /etc/network/interfaces to set up addresses manually. PPP users may have to add +ipv6 to /etc/ppp/options, as not all PPP RAS servers advertise IPv6 support, even if they will negotiate it upon request.

If you have both native IPv6 and IPv4 (a dual-stacked host), you may still want to use 6to4 addresses as well as your native addresses; IPv6 specifies address selection rules that ensure that native hosts will use your native IPv6 connectivity, but 6to4 hosts will use your 6to4 connectivity (removing public relay routers, and reducing the number of points of failure in your setup).

IPv6 6to4 Configuration

You may not know this, but if you have a public IPv4 address you already have IPv6 addresses reserved. There is a transitional system called 6to4 (sometimes written stf or 6 to 4) that maps any IPv4 address an entire subnet of IPv6 addresses. You can use it to assign a single address to your system, or as the prefix for your local IPv6 network. You can also use the method for making a private IPv6 network by using a private IPv4 (RFC 1918) address instead of the deprecated "site-local" fec0::/10 addresses.

To configure 6to4, you need to calculate an IPv6 address, based on your existing IPv4 address. You can do so using the shell. In this example the IPv4 address is 192.0.2.3, you'll replace that with your actual public internet address. The ::1 on the end says this is machine address 1 in subnet 0. You have 16 bits of network and 64 bits of host addresses available.

$ printf "2002:%02x%02x:%02x%02x::1\n" 192 0 2 3
2002:c000:0203::1

or use ipv6calc which gives you the prefix

$ ipv6calc --quiet --action conv6to4 192.0.2.3
2002:c000:203::

Now edit /etc/network/interfaces, and add a stanza like this using a dedicated tunnel device named tun6to4 (or whatever you wish to call it):

auto tun6to4
iface tun6to4 inet6 v4tunnel
        address 2002:c000:0203::1
        netmask 16
        gateway ::192.88.99.1
        endpoint any
        local 192.0.2.3 #fits address

Or using the deprecated sit0 interface:

auto sit0
iface sit0 inet6 static
        address 2002:c000:0203::1
        netmask 16
        gateway ::192.88.99.1

The 192.88.99.1 address is a special anycast address that points to the nearest 6to4 router. Assuming that your nearest 6to4 router work, all you should need to do is ifup tun6to4 (or sit0) and enjoy your new IPv6 connectivity!

Experienced IPv6 users will wonder why the netmask for sit0 is /16, not /48; by setting the netmask to /16, you instruct your system to send packets directly to the IPv4 address of other 6to4 users; if it was /48, you'd send packets via the nearest relay router, increasing latency.

The sit0 example may result in a responses with an IPv4 address that doesn't match the 6to4 address on a multihomed host. Also the generic tunnel device sit0 doesn't let you specify filtering per device.

See also:

Setting up a 6to4 relay router using Debian

If you have a dual-stacked host (one with both IPv4 and IPv6 native connectivity), you may wish to offer a relay router for the rest of your network. A relay router also helps with connectivity for IPv6-only hosts on your network; rather than relying on a public 6to4 relay router to communicate with 6to4 hosts, your router can encapsulate IPv6 into IPv4.

There are two ways to do this; one is to have the relay on a normal address, which you share with your clients. The other is to add 192.88.99.1/24 to your IPv4 addresses and routing, so that clients that use 6to4 will pick up your relay router automatically. If you run a relay router on an address other than 192.88.99.1, you will need to change the gateway on your clients to match.

A relay router should already be configured to forward IPv6 packets natively for its clients; you then add a sit0 interface without a gateway for the 6to4 relay. In /etc/network/interfaces, this looks like:

auto sit0
iface sit0 inet6 static
        address 2002:c000:0203::1
        netmask 16

Note that this is almost identical to a plain 6to4 setup; the only difference is that as you already have native connectivity, you do not need to use a relay router to act as your gateway.

IPv6 Tunnel Configuration

An IPv6 tunnel can be configured using /etc/network/interfaces on Debian (woody, sid and up):

Add to /etc/network/interfaces:

auto 6in4
iface 6in4 inet6 v4tunnel
  address [Your IPv6 Endpoint]
  netmask [Prefix Length]
  endpoint [PoP IPv4 Endpoint]
  gateway [PoP IPv6 Endpoint]
  ttl 64
  up ip link set mtu 1280 dev $IFACE

Now you can use ifup(8) and ifdown(8) to control your tunnel. What's even better about it, is that the tunnel is set up at boot time, because in /etc/init.d/networking, "ifup -a" is called, which brings up all interfaces from /etc/network/interfaces configured with the "auto" option.

Automated Tunnel Configuration

Try the 'aiccu', for SixXS or 'tspc', for Hexago package to automate most of the tunnel configuration.

Manual Tunnel Configuration

Hurricane Electric operates a free tunnel broker, with simple web based registration and forums. Examples for Debian using ifconfig or ip commands available.

How to turn off IPv6

In squeeze

  • Disable ipv6 in kernel : echo net.ipv6.conf.all.disable_ipv6=1 > /etc/sysctl.d/disableipv6.conf will disable ipv6 at next reboot.

    • fetchmail will stop sending dns AAAA queries.
  • In exim4:
    • put disable_ipv6 = true into your exim configuration file

    • run update-exim4.conf

    • then restart exim4

Swisscom DSL with the latest netopia router will not work with Lenny out of the box. For example ssh only works the -4 option despite

Are there really dirty hacks as in [http://osdir.com/ml/debian-user-german-debian/2009-07/msg00516.html] needed?

See Also