[afripv6-discuss] Configuring a 6to4 Relay in BSD

JORDI PALET MARTINEZ jordi.palet at consulintel.es
Fri Jun 8 16:27:04 SAST 2007 

This info provides the steps required in order to configure your BSD box as
a 6to4 Relay.

In order to proceed, you need to have a public IPv4 address on that box,
your own IPv6 prefix (provided by AfriNIC in this case) and IPv6 transit.

The BSD box need to support stf pseudo-interface, FreeBSD 5.4 or higher
version is recommended, for FreeBSD 4.9 you need to recompile the kernel
adding "pseudo-device stf". NetBSD 1.5 supports stf pseudo-interface
compiling the kernel. Also need to have IPv6 support and IPv6 routing
enabled.

If you need help in order to acquire your IPv6 prefix from AfriNIC, let us
know and we can help even with the request form.

Similarly, we are able to help in making sure you have the right
configuration for IPv6 in your BSD and you can get IPv6 transit (native or
tunneling) either from your upstream, or alternatively, if that's not
possible, we will be able to provide free IPv6 transit to third party
networks.

Regards,
Jordi


Details of the example configuration
=====================================

The example below is assuming that the public IPv4 address in the WAN
interface of the BSD is 192.1.2.3. You should replace that with the right
information for your own case, same with other data used in the example.

Also, you need to understand how to calculate the 6to4 IPv6 address for your
router. This is done using the IPv4 address and the IPv6 6to4 prefix.

The 6to4 prefix 2002::/16 is taking the first (high order) 16 bits. Then the
bits 17 to 48 are the nibble notation of the IPv4 address. So in our example
it will be:

192 = c0
1 = 01
2 = 02
3 = 03

So consequently:
2002:c001:0203::/48

We will use the first address of the prefix for the WAN interface, so
2002:c001:0203::1/128

Also, the anycast address for 6to4 is: 192.88.99.1

In the text below, both, the generic commands and example data is used.


A) Configure 6to4 tunneling
============================

Create an stf interface (in case it doesn't exist):

    # ifconfig stf create

    By default the stf interface is not enabled.
 
Add local 6to4 address to interface (note: prefix length 16 is very
important!)

    # ifconfig stf0 inet6 6to4addr prefixlen 16

    # ifconfig stf0 inet6 2002:c001:0203::1 prefixlen 16


B) Configure IPv6 connectivity
================================

Because we are configuring a 6to4 relay it should have IPv6 connectivity
(either native or via a tunnel) through an IPv6 gateway (for our example we
use 2001:7f9:1::1 as GW address). After having configured an IPv6 address on
the corresponding interface, the default route should be configured:

If our IPv6 interface is interface ne0:

To configure the IPv6 address:

  # ifconfig ne0 inet6 alias 2001:7f9:1::2

To add a default route:

  # route add -inet6 default 2001:7f9:1::1


C) Configure prefix advertisements
===================================
  
Somewhere on the Relay network, the device in charge of announcing prefixes
(typically a BGP router) should announce 2002::/16 prefix to its IPv6
peerings.

This would allow native IPv6 nodes to reach 6to4 nodes (2002::/16
addresses).

Regarding the IPv4 reachability of the Relay there are two options:

1) Configure the 6to4 anycast IPv4 address (192.88.99.1) and announce the
anycast prefix (192.88.99.0/24) to the site IPv4 peerings.

2) Use another public IPv4 address.

If 1) is chosen 6to4 hosts will be able to find it automatically, with no
need for any manual configuration.

In case of choosing 2) some kind of advertisement of the IPv4 address is
needed (usually a FQDN-Fully Qualified Domain Name) in order to allow others
to configure our relay.

This will allow 6to4 nodes (2002::/16 addresses) to reach native IPv6 nodes
through our relay.


D) Making your configuration persistent
========================================

In order to make your configuration persistent a script could be used to be
executed at boot time. The idea is to have an script that executes all the
commands you need to configure everything as desired.

An example follows, it takes as argument the local host public IPv4
address:

   #!/bin/sh

   IPV4=$1
   PARTS=`echo $IPV4 | tr . ' '`
   PREFIX48=`printf "2002:%02x%02x:%02x%02x" $PARTS`

   STF_IF="stf0"
   STF_NET6="$PREFIX48":0000
   STF_IP6="$STF_NET6"::1

   ifconfig $STF_IF inet6 $STF_IP6 prefixlen 16 alias

   ifconfig ne0 inet6 alias 2001:7f9:1::2
   route add -inet6 default 2001:7f9:1::1

For FreeBSD:

  Set in /etc/rc.conf:

  stf_interface_ipv4addr="public_v4addr"

  ipv6_defaultrouter="2001:7f9:1::1"

Configuration examples may vary for other BSD distributions.


Annex A: Remove a 6to4 tunnel using "ip" and a dedicated tunnel device
=======================================================================

Remove a 6to4 interface address

  # ifconfig stf0 inet6 -alias 2002:c001:0203::1

Remove 6to4 prefix route
  
 First we can see the route table with:

  # netstat -rn

 Now we can delete the route entry for 2002::/16 prefix via <gateway_IPv6>
with:

  # route delete -inet6 2002::/16 <gateway_IPv6>







**********************************************
The IPv6 Portal: http://www.ipv6tf.org

Bye 6Bone. Hi, IPv6 !
http://www.ipv6day.org

This electronic message contains information which may be privileged or confidential. The information is intended to be for the use of the individual(s) named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, including attached files, is prohibited.

More information about the afripv6-discuss mailing list