[[PageOutline]] = using Sakura 6rd = * [http://research.sakura.ad.jp/6rd-trial/ さくらの6rd(トライアル) « さくらインターネット研究所] * [http://research.sakura.ad.jp/6rd-trial/6rd-trial-ubuntu1010/ 6rd設定方法(Ubuntu10.10編) « さくらインターネット研究所] > 1. IPv6アドレスの算出 > {{{ > # printf "2001:e41:%02x%02x:%02x%02x::1\n" 59 106 69 124 > 2001:e41:3b6a:457c::1 > }}} > 1. /etc/network/interfaces ファイルの編集 > {{{ > # vi /etc/network/interfaces (以下を追加) > auto tun6rd > iface tun6rd inet6 v4tunnel > address 2001:e41:3b6a:457c::1 > netmask 32 > local 59.106.69.124 > endpoint any > gateway ::61.211.224.125 > ttl 64 > up ip tunnel 6rd dev tun6rd 6rd-prefix 2001:e41::/32 > up ip link set mtu 1280 dev tun6rd > }}} > 1. 設定反映を確認 > {{{ > # ifconfig tun6rd > tun6rd Link encap:IPv6-in-IPv4 > inet6アドレス: ::59.106.69.124/128 範囲:Compat > inet6アドレス: 2001:e41:3b6a:457c::1/32 範囲:グローバル > UP RUNNING NOARP MTU:1280 メトリック:1 > RXパケット:0 エラー:0 損失:0 オーバラン:0 フレーム:0 > TXパケット:0 エラー:0 損失:0 オーバラン:0 キャリア:0 > 衝突(Collisions):0 TXキュー長:0 > RXバイト:0 (0.0 B) TXバイト:0 (0.0 B) > > # ip tunnel show > sit0: ipv6/ip remote any local any ttl 64 nopmtudisc 6rd-prefix 2002::/16 > tun6rd: ipv6/ip remote any local 59.106.69.124 ttl 64 6rd-prefix 2001:e41::/32 > > # ip -6 route show | grep default > default via ::61.211.224.125 dev tun6rd metric 1024 mtu 1280 advmss 1220 hoplimit 0 > }}} = 6rd on Ubuntu 10.04 lucid = * howto on 10.04 [http://www.litech.org/6rd/ Linux 6RD HOWTO] * [http://www.facebook.com/note.php?note_id=166938346689258 さくらVPSのUbuntu 10.04でさくらの6rd(トライアル)を使う | Facebook] == re-enable IPv6 == * see wiki:TipAndDoc/network/ipv6#lucid * $ sudo vim /etc/sysctl.conf {{{#!diff Index: /etc/ufw/sysctl.conf =================================================================== --- /etc/ufw/sysctl.conf (revision 530) +++ /etc/ufw/sysctl.conf (revision 531) @@ -30,8 +30,3 @@ #net/ipv4/tcp_fin_timeout=30 #net/ipv4/tcp_keepalive_intvl=1800 - -#disable ipv6 -net.ipv6.conf.all.disable_ipv6 = 1 -net.ipv6.conf.default.disable_ipv6 = 1 -net.ipv6.conf.lo.disable_ipv6 = 1 }}} * $ sudo vim /etc/ufw/sysctl.conf {{{#!diff Index: /etc/sysctl.conf =================================================================== --- /etc/sysctl.conf (revision 530) +++ /etc/sysctl.conf (revision 531) @@ -32,11 +32,6 @@ #net.ipv6.conf.all.forwarding=1 -#disable ipv6 -net.ipv6.conf.all.disable_ipv6 = 1 -net.ipv6.conf.default.disable_ipv6 = 1 -net.ipv6.conf.lo.disable_ipv6 = 1 - ################################################################### # Additional settings - these settings can improve the network # security of the host and prevent against some network attacks }}} == backport maverick kernel == * $ sudo aptitude install linux-headers-generic-lts-backport-maverick linux-image-generic-lts-backport-maverick {{{ linux-headers-2.6.35-23{a} linux-headers-2.6.35-23-generic{a} linux-headers-generic-lts-backport-maverick linux-image-2.6.35-23-generic linux-image-generic-lts-backport-maverick }}} == backport maverick iproute == * $ sudo aptitude install -R python-software-properties {{{ python-software-properties unattended-upgrades{a} }}} * $ sudo add-apt-repository ppa:nathan-launchpad/iproute-lucid-ppa {{{ Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv 0ABF9419A50E06EF0E31A901F798C386A6A6010B gpg: requesting key A6A6010B from hkp server keyserver.ubuntu.com gpg: key A6A6010B: public key "Launchpad iproute-ppa" imported gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1) }}} * $ sudo aptitude update * $ sudo aptitude install iproute {{{ iproute (snip) Get:1 http://ppa.launchpad.net/nathan-launchpad/iproute-lucid-ppa/ubuntu/ lucid/main iproute 20100519-2~lucid~ppa1 [425kB] }}} === another way === * from [http://www.facebook.com/note.php?note_id=166938346689258 さくらVPSのUbuntu 10.04でさくらの6rd(トライアル)を使う | Facebook] * $ sudo cp /etc/apt/sources.list /etc/apt/sources.list.d/maverick.list * $ sudo sed -i s#lucid#maverick#g /etc/apt/sources.list.d/maverick.list * $ sudo vim /etc/apt/preferences.d/iproute-pin-600 > {{{ > Explanation: Do not install from maverick > Package: * > Pin: release n=maverick > Pin-Priority: -1 > > Explanation: Install iproute from maverick > Package: iproute > Pin: release n=maverick > Pin-Priority: 600 > }}} * これらに追加して、以下の設定が必要 * /etc/apt/apt.conf.d/01ubuntu {{{#!diff Index: /etc/apt/apt.conf.d/01ubuntu =================================================================== --- /etc/apt/apt.conf.d/01ubuntu (revision 534) +++ /etc/apt/apt.conf.d/01ubuntu (revision 535) @@ -1,3 +1,4 @@ APT { + Default-Release "lucid"; }; }}} * これがないと、全てのパッケージがmaverickにupgradeされてしまう * $ aptitude -s safe-upgrade {{{ (snip) ureadahead usbutils util-linux uuid-runtime vim vim-common vim-runtime vim-tiny w3m wget whiptail x11-common xfsprogs xkb-data zlib1g The following packages are RECOMMENDED but will NOT be installed: byobu dbus libglib2.0-data libjson-xs-perl libpaper-utils shared-mime-info ttf-liberation x-ttcidfont-conf 293 packages upgraded, 26 newly installed, 9 to remove and 5 not upgraded. Need to get 231MB of archives. After unpacking 120MB will be used. }}} * 逆に、/etc/apt/apt.conf.d/01ubuntu によってmaverickのiprouteが候補に出なくなることがある。その場合は以下のコマンドで導入される( {{{ sudo aptitude install -t maverick iproute }}} * APT Pinning 周りはman等の説明通りに動かないので調査中… == apply settings == * printf "2001:e41:%02x%02x:%02x%02x::1\n" 59 106 180 123 {{{ 2001:e41:3b6a:b47b::1 }}} * ping6で以下のようなエラーが起きる場合はip6tables/ufwの設定を見直すとよい {{{ ping: sendmsg: Operation not permitted }}} * see also [http://serverfault.com/questions/125618/ipv6-cant-ping-anything-operation-not-permitted IPv6: Can't ping anything - "Operation not permitted" - Server Fault] * $ sudo vim /etc/default/ufw {{{#!diff Index: /etc/default/ufw =================================================================== --- /etc/default/ufw (revision 532) +++ /etc/default/ufw (revision 533) @@ -4,7 +4,7 @@ # Set to yes to apply rules to support IPv6 (no means only IPv6 on loopback # accepted). You will need to 'disable' and then 'enable' the firewall for # the changes to take affect. -IPV6=no +IPV6=yes # Set the default input policy to ACCEPT, ACCEPT_NO_TRACK, DROP, or REJECT. # ACCEPT enables connection tracking for NEW inbound packets on the INPUT }}} * $ sudo vim /etc/network/interfaces {{{#!diff Index: /etc/network/interfaces =================================================================== --- /etc/network/interfaces (revision 532) +++ /etc/network/interfaces (revision 533) @@ -16,3 +16,14 @@ # dns-* options are implemented by the resolvconf package, if installed dns-nameservers 210.188.224.10 dns-search sakura.ne.jp + +auto tun6rd +iface tun6rd inet6 v4tunnel + address 2001:e41:3b6a:b47b::1 + netmask 32 + local 59.106.180.123 + endpoint any + gateway ::61.211.224.125 + ttl 64 + up ip tunnel 6rd dev tun6rd 6rd-prefix 2001:e41::/32 + up ip link set mtu 1280 dev tun6rd }}} == check IPv6 access == * $ wget http://www.word-ac.net/ -q -O - | grep connect {{{ You are connecting with IPv6. }}}