Context Navigation

using Sakura 6rd
6rd on Ubuntu 10.04 lucid

using Sakura 6rd

IPv6アドレスの算出

# printf "2001:e41:%02x%02x:%02x%02x::1\n" 59 106 69 124
2001:e41:3b6a:457c::1

/etc/network/interfaces ファイルの編集

# vi /etc/network/interfaces   (以下を追加)
auto tun6rd
iface tun6rd inet6 v4tunnel
        address 2001:e41:3b6a:457c::1
        netmask 32
        local 59.106.69.124
        endpoint any
        gateway ::61.211.224.125
        ttl 64
        up ip tunnel 6rd dev tun6rd 6rd-prefix 2001:e41::/32
        up ip link set mtu 1280 dev tun6rd

設定反映を確認

# ifconfig tun6rd
tun6rd    Link encap:IPv6-in-IPv4
          inet6アドレス: ::59.106.69.124/128 範囲:Compat
          inet6アドレス: 2001:e41:3b6a:457c::1/32 範囲:グローバル
          UP RUNNING NOARP  MTU:1280  メトリック:1
          RXパケット:0 エラー:0 損失:0 オーバラン:0 フレーム:0
          TXパケット:0 エラー:0 損失:0 オーバラン:0 キャリア:0
          衝突(Collisions):0 TXキュー長:0
          RXバイト:0 (0.0 B)  TXバイト:0 (0.0 B)

# ip tunnel show
sit0: ipv6/ip  remote any  local any  ttl 64  nopmtudisc 6rd-prefix 2002::/16
tun6rd: ipv6/ip  remote any  local 59.106.69.124  ttl 64  6rd-prefix 2001:e41::/32

# ip -6 route show | grep default
default via ::61.211.224.125 dev tun6rd  metric 1024  mtu 1280 advmss 1220 hoplimit 0

6rd on Ubuntu 10.04 lucid

re-enable IPv6

see wiki:TipAndDoc/network/ipv6#lucid

$ sudo vim /etc/sysctl.conf

etc/ufw/sysctl.conf

 #net/ipv4/tcp_fin_timeout=30
 #net/ipv4/tcp_keepalive_intvl=1800
-#disable ipv6
-net.ipv6.conf.all.disable_ipv6 = 1
-net.ipv6.conf.default.disable_ipv6 = 1
-net.ipv6.conf.lo.disable_ipv6 = 1

$ sudo vim /etc/ufw/sysctl.conf

etc/sysctl.conf

 #net.ipv6.conf.all.forwarding=1
-#disable ipv6
-net.ipv6.conf.all.disable_ipv6 = 1
-net.ipv6.conf.default.disable_ipv6 = 1
-net.ipv6.conf.lo.disable_ipv6 = 1
 ###################################################################
 # Additional settings - these settings can improve the network
 # security of the host and prevent against some network attacks

backport maverick kernel

$ sudo aptitude install linux-headers-generic-lts-backport-maverick linux-image-generic-lts-backport-maverick

  linux-headers-2.6.35-23{a} linux-headers-2.6.35-23-generic{a}
  linux-headers-generic-lts-backport-maverick linux-image-2.6.35-23-generic
  linux-image-generic-lts-backport-maverick

backport maverick iproute

$ sudo aptitude install -R python-software-properties

  python-software-properties unattended-upgrades{a}

$ sudo add-apt-repository ppa:nathan-launchpad/iproute-lucid-ppa

Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv 0ABF9419A50E06EF0E31A901F798C386A6A6010B
gpg: requesting key A6A6010B from hkp server keyserver.ubuntu.com
gpg: key A6A6010B: public key "Launchpad iproute-ppa" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)

$ sudo aptitude update

$ sudo aptitude install iproute

  iproute

(snip)

Get:1 http://ppa.launchpad.net/nathan-launchpad/iproute-lucid-ppa/ubuntu/ lucid/main iproute 20100519-2~lucid~ppa1 [425kB]

another way

from さくらVPSのUbuntu 10.04でさくらの6rd（トライアル）を使う | Facebook
- $ sudo cp /etc/apt/sources.list /etc/apt/sources.list.d/maverick.list
- $ sudo sed -i s#lucid#maverick#g /etc/apt/sources.list.d/maverick.list
- $ sudo vim /etc/apt/preferences.d/iproute-pin-600
```
Explanation: Do not install from maverick
Package: *
Pin: release n=maverick
Pin-Priority: -1

Explanation: Install iproute from maverick
Package: iproute
Pin: release n=maverick
Pin-Priority: 600
```
- これらに追加して、以下の設定が必要

/etc/apt/apt.conf.d/01ubuntu

etc/apt/apt.conf.d/01ubuntu


1	1	APT
2	2	{
	3	Default-Release "lucid";
3	4	};

これがないと、全てのパッケージがmaverickにupgradeされてしまう

$ aptitude -s safe-upgrade

(snip)

  ureadahead usbutils util-linux uuid-runtime vim vim-common vim-runtime vim-tiny w3m wget whiptail x11-common xfsprogs xkb-data zlib1g
The following packages are RECOMMENDED but will NOT be installed:
  byobu dbus libglib2.0-data libjson-xs-perl libpaper-utils shared-mime-info ttf-liberation x-ttcidfont-conf
293 packages upgraded, 26 newly installed, 9 to remove and 5 not upgraded.
Need to get 231MB of archives. After unpacking 120MB will be used.

逆に、/etc/apt/apt.conf.d/01ubuntu によってmaverickのiprouteが候補に出なくなることがある。その場合は以下のコマンドで導入される(
```
sudo aptitude install -t maverick iproute
```
- APT Pinning 周りはman等の説明通りに動かないので調査中…

apply settings

printf "2001:e41:%02x%02x:%02x%02x::1\n" 59 106 180 123
```
2001:e41:3b6a:b47b::1
```

ping6で以下のようなエラーが起きる場合はip6tables/ufwの設定を見直すとよい
```
ping: sendmsg: Operation not permitted
```
- see also IPv6: Can't ping anything - "Operation not permitted" - Server Fault

$ sudo vim /etc/default/ufw

etc/default/ufw

 # Set to yes to apply rules to support IPv6 (no means only IPv6 on loopback
 # accepted). You will need to 'disable' and then 'enable' the firewall for
 # the changes to take affect.
 IPV6=no
+IPV6=yes
 # Set the default input policy to ACCEPT, ACCEPT_NO_TRACK, DROP, or REJECT.
 # ACCEPT enables connection tracking for NEW inbound packets on the INPUT

$ sudo vim /etc/network/interfaces

Index: /etc/network/interfaces
===================================================================
--- /etc/network/interfaces     (revision 532)
+++ /etc/network/interfaces     (revision 533)
@@ -16,3 +16,14 @@
     # dns-* options are implemented by the resolvconf package, if installed
     dns-nameservers 210.188.224.10
     dns-search sakura.ne.jp
+
+auto tun6rd
+iface tun6rd inet6 v4tunnel
+   address 2001:e41:3b6a:b47b::1
+   netmask 32
+   local 59.106.180.123
+   endpoint any
+   gateway ::61.211.224.125
+   ttl 64
+   up ip tunnel 6rd dev tun6rd 6rd-prefix 2001:e41::/32
+   up ip link set mtu 1280 dev tun6rd

check IPv6 access

$ wget http://www.word-ac.net/ -q -O - | grep connect

You are connecting with <strong style="color: green;">IPv6</strong>.

Last modified 14 years ago Last modified on Apr 19, 2011 5:20:07 PM

Download in other formats:

Plain Text