260 lines
8.2 KiB
Groff
260 lines
8.2 KiB
Groff
.\" $NetBSD: hf6to4.8,v 1.5 2007/10/07 12:59:14 kano Exp $
|
|
.\"
|
|
.\" Copyright (c) 2000-2005 Hubert Feyrer <hubert@feyrer.de>.
|
|
.\" All rights reserved.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\" 3. All advertising materials mentioning features or use of this software
|
|
.\" must display the following acknowledgement:
|
|
.\" This product includes software developed by Hubert Feyrer for
|
|
.\" the NetBSD Project.
|
|
.\" 4. The name of the author may not be used to endorse or promote products
|
|
.\" derived from this software without specific prior written permission.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|
.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
.\"
|
|
.Dd May 31, 2005
|
|
.Dt hf6to4 8
|
|
.Os
|
|
.Sh NAME
|
|
.Nm hf6to4
|
|
.Nd setup automatic 6to4 IPv6 tunnelling
|
|
.Sh SYNOPSIS
|
|
.Nm
|
|
.Op Fl vn
|
|
.Ar command
|
|
.Sh DESCRIPTION
|
|
The
|
|
.Nm
|
|
script can be used to setup IPv6 on your home machine and
|
|
network for exploring IPv6 without any registrations. 6to4 is a
|
|
mechanism by which your IPv6 address(es) are derived from an assigned
|
|
IPv4 address, and which involves automatic tunnelling to one or more
|
|
remove 6to4 relay routers, which will then forward your v6 packets on the 6bone.
|
|
Replies are routed back to you over IPv4 via (possibly) other
|
|
6to4 relay routers. As such, IPv6-in-IPv4-encapsulated
|
|
packets are accepted from all v4-hosts. See
|
|
.Xr stf 4
|
|
for security discussion.
|
|
.Pp
|
|
From your (single) IPv4 address, you get a whole IPv6 /48 network,
|
|
which allows you to split your network in 2^16 subnets, with 2^64
|
|
hosts each. You need to setup routing for your internal network
|
|
properly, help is provided for setting up the border router here.
|
|
.Pp
|
|
This script takes the burden to calculate your IPv6 address from
|
|
existing IPv4 address and runs the commands to setup (and tear down)
|
|
automatic 6to4 IPv6 tunnelling. In a separate step, router
|
|
advertisement for the inside network can be started and stopped.
|
|
.Pp
|
|
Possible options are:
|
|
.Bl -tag -width xxx
|
|
.It Fl n
|
|
Do not. Only print the commands that would be run, but do not execute
|
|
them.
|
|
.It Fl v
|
|
Verbose operation. Print the commands that are about to be run, before
|
|
running them. Displays some additional information.
|
|
.It Fl h
|
|
Show usage.
|
|
.El
|
|
.Pp
|
|
Possible commands are:
|
|
.Bl -tag -width rtadvd-start
|
|
.It Sy start
|
|
Same as
|
|
.Sy stf-start .
|
|
.It Sy stop
|
|
Same as
|
|
.Sy stf-stop .
|
|
.It Sy stf-start
|
|
Configure 6to4 IPv6. The
|
|
.Xr stf 4
|
|
interface is configured, and a default route to a remote 6to4
|
|
gateway is established. In addition, the internal
|
|
network interface is assigned an address.
|
|
.It Sy stf-stop
|
|
Stops 6to4 IPv6. All addresses are removed from the
|
|
.Xr stf 4
|
|
device, and the default route is removed. If
|
|
.Sy in_if
|
|
is set, the 6to4 addresses are removed from that interface too.
|
|
.It Sy rtadvd-start
|
|
Starts router advertizement and IPv6 packet forwarding,
|
|
turning the machine into a IPv6 router.
|
|
Clients just need to be told to accept router advertizements, i.e.
|
|
the
|
|
.Sq net.inet6.ip6.accept_rtadv
|
|
sysctl needs to be set to
|
|
.Sq 1 .
|
|
On NetBSD, you can arrange that by setting
|
|
.Dq ip6mode=autohost
|
|
in
|
|
.Pa /etc/rc.conf .
|
|
.It Sy rtadvd-stop
|
|
Stops router advertizement and IPv6 packet forwarding.
|
|
.Xr rtadvd 8
|
|
is stopped.
|
|
.El
|
|
.Sh REQUIREMENTS
|
|
Besides IPv4 connectivity, you need support for IPv6 and the
|
|
.Xr stf 4
|
|
device in your kernel. While the GENERIC
|
|
.Nx
|
|
1.5 kernel does support IPv6, it does not contain support for the
|
|
.Xr stf 4
|
|
device.
|
|
.Pp
|
|
Make sure you have the following options in your kernel config file:
|
|
.Bd -literal -offset
|
|
options INET # IP + ICMP + TCP + UDP
|
|
options INET6 # IPV6
|
|
pseudo-device stf 1 # 6to4 IPv6 over IPv4 encapsulation
|
|
.Ed
|
|
.Pp
|
|
In systems that run past-1.5,
|
|
you will have to explicitly create an
|
|
.Xr stf 4
|
|
device after compiling it in the kernel. You do this by running
|
|
the following command before calling the
|
|
.Nm
|
|
script:
|
|
.Bd -literal -offset
|
|
ifconfig stf0 create
|
|
.Ed
|
|
As an alternative, you can also put the following lines into
|
|
.Pa /etc/rc.conf :
|
|
.Bd -literal -offset
|
|
net_interfaces="stf0"
|
|
ifconfig_stf0="create"
|
|
.Ed
|
|
.Pp
|
|
See also the comment on setting up IPv6-clients
|
|
.Sq behind
|
|
your 6to4 router for the
|
|
.Sy rtadvd-start
|
|
command!
|
|
.Sh CONFIGURATION
|
|
The
|
|
.Nm
|
|
script reads its configuration from a config file named
|
|
.Pa hf6to4.conf .
|
|
The
|
|
.Pa hf6to4.conf
|
|
file is in
|
|
.Xr sh 1
|
|
syntax, and contains several
|
|
variables that can be tuned to adjust your setup. Default values
|
|
should work for use on a modem/DSL dialup.
|
|
.Bl -tag -width rtadvd-stop
|
|
.It Sy out_if
|
|
The outbound interface that has a valid IPv4 address
|
|
assigned, that can be used to derive the IPv6
|
|
addresses from. Usually
|
|
.Dq ppp0
|
|
for a modem setup, or your ethernet interface if you have
|
|
IPv4 connectivity via LAN. This
|
|
can't be empty, and is assigned the IPv6 address
|
|
2002:x:x:v6_net:hostbits6, see below.
|
|
.It Sy in_if
|
|
The inside interface. If non-empty, this interface is
|
|
assigned the IPv6 address
|
|
2002:x:x:v6_innernet:hostbits6, see below.
|
|
This is only useful on machines that
|
|
have more than one network interfaces, e.g. with a modem and a
|
|
local ethernet.
|
|
.It Sy v6_net
|
|
The subnet address you want to use on the address of
|
|
your outbound interface. Defaults to
|
|
.Dq 1 .
|
|
.It Sy v6_innernet
|
|
The subnet address you want to use on the address of
|
|
your inbound interface. Defaults to
|
|
.Dq 2 .
|
|
.It Sy hostbits6
|
|
The lower 64 bits of both the inbound and outbound interface's
|
|
addresses.
|
|
.It Sy peer
|
|
Name of the remote 6to4 server that'll take our
|
|
IPv6-in-IPv4 encapsulated packets and route them on
|
|
via IPv6. A special value of
|
|
.Dq 6to4-anycast
|
|
can be used for the anycast service defined in RFC 3068.
|
|
Other possible values are given in the example config file.
|
|
.It Sy remoteadr4, remoteadr6
|
|
If the
|
|
.Sy peer
|
|
variable is set to the relay router's name, DNS lookups for A and AAAA
|
|
records will be made to
|
|
determine its IPv4 and IPv6 address. To avoid these lookups, the variables
|
|
.Sy remoteadr4
|
|
and
|
|
.Sy remoteadr6
|
|
can be set to strings containing the numerical IPv4 and IPv6 numbers
|
|
directly.
|
|
.El
|
|
.Sh EXAMPLES
|
|
The
|
|
.Nm
|
|
script can be run automatically by
|
|
.Xr pppd 8
|
|
when a connection is made. For this, put the following into
|
|
.Pa /etc/ppp/ip-up :
|
|
.Bd -literal -offset
|
|
( /usr/pkg/sbin/hf6to4 stf-stop
|
|
/usr/pkg/sbin/hf6to4 stf-start
|
|
/usr/pkg/sbin/hf6to4 rtadvd-stop
|
|
/usr/pkg/sbin/hf6to4 rtadvd-start ) &
|
|
.Ed
|
|
.Pp
|
|
To shut down properly, put this into
|
|
.Pa /etc/ppp/ip-down :
|
|
.Bd -literal -offset
|
|
/usr/pkg/sbin/hf6to4 stf-stop
|
|
/usr/pkg/sbin/hf6to4 rtadvd-stop
|
|
.Ed
|
|
.Sh SEE ALSO
|
|
.Xr stf 4 ,
|
|
.Dq 6to4 IPv6 Explained
|
|
at
|
|
.Pa http://www.feyrer.de/NetBSD/6to4.html ,
|
|
.Nx
|
|
IPv6 Documentation at
|
|
.Pa http://www.netbsd.org/docs/network/ipv6/ ,
|
|
RFC 3068.
|
|
.Sh HISTORY
|
|
The
|
|
.Nm
|
|
utility and manpage were written by
|
|
Hubert Feyrer <hubert@feyrer.de>.
|
|
.Pp
|
|
The utility was initially written in perl and called
|
|
.Dq 6to4
|
|
but later rewritten as shell script and renamed to a name different
|
|
than the protocol it configures to emphasize the difference
|
|
between the protocol (6to4) and the implementation (hf6to4).
|
|
.Pp
|
|
The older (perl) version is also shipped by Apple with versions
|
|
10.3 and 10.4 (and probably newer) of their MacOS X operating system.
|
|
.Sh BUGS
|
|
On systems running past-1.5, the
|
|
.Dq ifconfig stf0 create
|
|
should be run automatically.
|
|
.Pp
|
|
Might be good to use /etc/rc.d/rtadvd for rtadvd handling.
|