IPv6 in every home: Your own IPv6 broker server (6in4)

IPv6 is sweeping across the planet, in many countries, IPv6 support is already native to your ISP, if you do not have IPv6 yet, but you want to have it, you can do it using this instruction.

What is important - we will let the traffic through our own rented server, and not through some broker who is not clear.

To begin, you will need a server that has an IPv6 connection, I will use the DigitalOcean server for $ 5 with the latest version of Ubuntu OS.
')

We configure server

Note! Some of the software can not be installed, it is marked as optional, it should be installed only if you have a dynamic IP and you want to automatically configure access when updating IP

After receiving the server, you need to update the available packages on it:

sudo apt-get update -y sudo apt-get upgrade -y 

Install git, sipcalc, apache and php (the last 2 are optional)

 sudo apt-get -y git sipcalc 

If you do not plan to auto-configure when changing the IP address, you can skip this command.

 sudo apt-get -y apache2 php libapache2-mod-php php-mcrypt 

Now it's time to download a script that will help configure the tunnel github.com/sskaje/6in4

 git clone https://github.com/sskaje/6in4.git 

 cd 6in4 

Copy the script to / bin for our usual call

 sudo cp ./bin/6to4 /bin/6to4 

We give the right to run

 sudo chmod +x /bin/6to4 

Copy the settings file

 sudo cp ./etc/config.ini /etc/config.ini 

Edit the file with the settings

 ifconfig | grep 'inet6 addr:' $ ifconfig | grep 'inet6 addr:' inet6 addr: fe80::000:000:000:000/64 Scope:Link inet6 addr: 2a03:000:0:000::00:0000/64 Scope:Global 

We need the one with the Global note:

inet6 addr: 2a03: 000: 0: 000 :: 00: 0000/64 Scope: Global

Open the file with the settings for editing:

 sudo nano /etc/config.ini 

Remove the ";" at the lines:
IPV6_NETWORK =
IPV6_CIDR =
and indicate:

 IPV6_NETWORK=2a03:000:0:000:: IPV6_CIDR=48 

Click CNTRL + x, save and go to add a network:

 sudo 6to4 add 1 8.8.8.8 

where 8.8.8.8 is your external IP, you can recognize it, for example, here .
In response, you will get something like this:

 Please set up tunnel on your machine with following parameters: Server IPv4 Address: 99.99.9.9 Server IPv6 Address: 2a03:000:0:000::1/64 Client IPv4 Address: 88.8.88.8 Client IPv6 Address: 2a03:000:0:000::2/64 Routed /64: 2a03:g0e0:00g0:3402::/64 

It now remains to register these settings in your router

The example below is setting up Apple Airport:



Other routers are configured in the same way.

Configure server routing

Now let's go back to the server and configure the routing from the virtual IPv6 interface to the main one:

 sudo ip6tables -t nat -A POSTROUTING -s 22a03:g0e0:00g0:3402::/64 -o eth0 -j MASQUERADE 

2a03: g0e0: 00g0: 3402 :: / 64 - this is your Routed / 64 or any IP that comes to any of your devices from the router after saving the settings

Allow traffic forward:

 sudo sysctl -w net.ipv6.conf.all.forwarding=1 

Can check

After that, save the settings on the router, restart the router. You should have earned IPv6. IPv6 addresses will come to the connected devices.

You can check IPv6 operation here - ipv6.google.com or ipv6-test.com

Please note - if you change the IP address (external), you will lose IPv6, access updates after changing the address will be discussed in the next article (or you can use the instructions from the github.com/sskaje/6in4 repository)

After setting up IPv6, you need to be vigilant - all your devices inside your home network will receive a public IPv6 address! if you are not sure about the security of devices, enable blocking of incoming ipv6 connections on your router.



PS Telegram / Youtube / Google servers work over IPv6 like many others. You can verify this by running ping6 google.com