Changes between Version 1 and Version 2 of TipAndDoc/service/sakura/ipv6


Ignore:
Timestamp:
Mar 2, 2011 12:03:43 AM (13 years ago)
Author:
mitty
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • TipAndDoc/service/sakura/ipv6

    v1 v2  
    11[[PageOutline]] 
    22 
     3 = using Sakura 6rd = 
    34 * [http://research.sakura.ad.jp/6rd-trial/ さくらの6rd(トライアル) « さくらインターネット研究所] 
    45  * [http://research.sakura.ad.jp/6rd-trial/6rd-trial-ubuntu1010/ 6rd設定方法(Ubuntu10.10編) « さくらインターネット研究所] 
     
    4142  > default via ::61.211.224.125 dev tun6rd  metric 1024  mtu 1280 advmss 1220 hoplimit 0 
    4243  > }}} 
     44 
     45 * howto on 10.04 [http://www.litech.org/6rd/ Linux 6RD HOWTO] 
     46 
     47 == re-enable IPv6 == 
     48 * see wiki:TipAndDoc/network/ipv6#lucid 
     49 
     50 * $ sudo vim /etc/sysctl.conf 
     51{{{ 
     52Index: /etc/ufw/sysctl.conf 
     53=================================================================== 
     54--- /etc/ufw/sysctl.conf        (revision 530) 
     55+++ /etc/ufw/sysctl.conf        (revision 531) 
     56@@ -30,8 +30,3 @@ 
     57 
     58 #net/ipv4/tcp_fin_timeout=30 
     59 #net/ipv4/tcp_keepalive_intvl=1800 
     60- 
     61-#disable ipv6 
     62-net.ipv6.conf.all.disable_ipv6 = 1 
     63-net.ipv6.conf.default.disable_ipv6 = 1 
     64-net.ipv6.conf.lo.disable_ipv6 = 1 
     65}}} 
     66 * $ sudo vim /etc/ufw/sysctl.conf 
     67{{{ 
     68Index: /etc/sysctl.conf 
     69=================================================================== 
     70--- /etc/sysctl.conf    (revision 530) 
     71+++ /etc/sysctl.conf    (revision 531) 
     72@@ -32,11 +32,6 @@ 
     73 #net.ipv6.conf.all.forwarding=1 
     74 
     75 
     76-#disable ipv6 
     77-net.ipv6.conf.all.disable_ipv6 = 1 
     78-net.ipv6.conf.default.disable_ipv6 = 1 
     79-net.ipv6.conf.lo.disable_ipv6 = 1 
     80- 
     81 ################################################################### 
     82 # Additional settings - these settings can improve the network 
     83 # security of the host and prevent against some network attacks 
     84}}} 
     85 
     86 == backport maverick kernel == 
     87 * $ sudo aptitude install linux-headers-generic-lts-backport-maverick linux-image-generic-lts-backport-maverick 
     88{{{ 
     89  linux-headers-2.6.35-23{a} linux-headers-2.6.35-23-generic{a} 
     90  linux-headers-generic-lts-backport-maverick linux-image-2.6.35-23-generic 
     91  linux-image-generic-lts-backport-maverick 
     92}}} 
     93 
     94 == backport maverick iproute == 
     95 * $ sudo aptitude install -R python-software-properties 
     96{{{ 
     97  python-software-properties unattended-upgrades{a} 
     98}}} 
     99 
     100 * $ sudo add-apt-repository ppa:nathan-launchpad/iproute-lucid-ppa 
     101{{{ 
     102Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv 0ABF9419A50E06EF0E31A901F798C386A6A6010B 
     103gpg: requesting key A6A6010B from hkp server keyserver.ubuntu.com 
     104gpg: key A6A6010B: public key "Launchpad iproute-ppa" imported 
     105gpg: Total number processed: 1 
     106gpg:               imported: 1  (RSA: 1) 
     107}}} 
     108 
     109 * $ sudo aptitude update 
     110 * $ sudo aptitude install iproute 
     111{{{ 
     112  iproute 
     113}}} 
     114 
     115 == apply settings == 
     116 * printf "2001:e41:%02x%02x:%02x%02x::1\n" 59 106 180 123 
     117{{{ 
     1182001:e41:3b6a:b47b::1 
     119}}} 
     120 
     121 * $ sudo vim /etc/network/interfaces 
     122{{{ 
     123Index: /etc/default/ufw 
     124=================================================================== 
     125--- /etc/default/ufw    (revision 532) 
     126+++ /etc/default/ufw    (revision 533) 
     127@@ -4,7 +4,7 @@ 
     128 # Set to yes to apply rules to support IPv6 (no means only IPv6 on loopback 
     129 # accepted). You will need to 'disable' and then 'enable' the firewall for 
     130 # the changes to take affect. 
     131-IPV6=no 
     132+IPV6=yes 
     133 
     134 # Set the default input policy to ACCEPT, ACCEPT_NO_TRACK, DROP, or REJECT. 
     135 # ACCEPT enables connection tracking for NEW inbound packets on the INPUT 
     136Index: /etc/network/interfaces 
     137}}} 
     138 * $ sudo vim /etc/default/ufw 
     139{{{ 
     140=================================================================== 
     141--- /etc/network/interfaces     (revision 532) 
     142+++ /etc/network/interfaces     (revision 533) 
     143@@ -16,3 +16,14 @@ 
     144         # dns-* options are implemented by the resolvconf package, if installed 
     145         dns-nameservers 210.188.224.10 
     146         dns-search sakura.ne.jp 
     147+ 
     148+auto tun6rd 
     149+iface tun6rd inet6 v4tunnel 
     150+       address 2001:e41:3b6a:b47b::1 
     151+       netmask 32 
     152+       local 59.106.180.123 
     153+       endpoint any 
     154+       gateway ::61.211.224.125 
     155+       ttl 64 
     156+       up ip tunnel 6rd dev tun6rd 6rd-prefix 2001:e41::/32 
     157+       up ip link set mtu 1280 dev tun6rd 
     158}}}