Setting IPv6 or IPv6 to the masses

UPDATE: Since all this was written for a long time, the meaning of using scripts is greatly lost, it remains for the sake of history.
Everything can and probably better set up through inadyn.
The configuration file syntax is like this:

dyndns_system ipv6tb@he.net
username es1125cc87b23bfe1f3ba8923ca7f2ee
password PASS-WORD
alias 10220
')
Habrahabr already has IPv6 configuration articles, for example, here and here . and here
I myself recommend reading version6 , there are examples of why this is necessary.

I decided to make the process of raising the tunnel more versatile and automated ...
For this, I wrote two simple scripts, but ... let's take it in order.

I use Hurricane Electric as a tunnel broker.

Hurricane Electric allows you to create up to 5 tunnels and
able to automatically generate ready-made examples of commands for raising the tunnel on different operating systems
Allows by URL to update your IPv4 address. ( example )
It has its DNS server.

If I had a direct static ip, I probably would not write scripts, but would just pick up the interfaces and rejoice.
But alas, like most people, I have a direct dynamic ip and there is no possibility to buy direct static (the provider does not sell them), which means there are two more tasks.

1) When replacing IPv4, it will be necessary to update IPv4 and at the end of the lifted tunnel
2) When replacing IPv4, it is necessary to inform the broker about its change.

Well, another task is to make raising the tunnel and updating in case of changing IPv4 universal for different linux systems, and then different configurations of network settings in different systems - I get tired.

I left comments in the script specifically in ENG.

The first script creates or removes the IPv6 tunnel. (use start / stop commands)

Information for filling in variables can be obtained after creating a tunnel with a broker on your page .

----------------- Description-variables-for-ipv6tunnel -------------------------- --------------------------------

#Name Tunnel - The name of your tunnel. Maybe any.
HE_IPv6 = "he-ipv6"

#Server IPv4 address: - IP address of the tunnel server.
IPV4_S = "216.66.80.90"

#Client IPv6 address: - The IPv6 address of your end of the tunnel.
IPV6_C = "2001: 470: aaaa: ccc :: 2/64"

# Interface with direct ip
INT_WAN = "ppp0"

----------------- start-script-ipv6tunnel ---------------------------- --------------------------------------------

 #!/bin/bash # Create 6in4 tunnel endpoint script # for use with http://www.tunnelbroker.com (Hurricane Electric) # C 2010 icCE aka TuLiss (tuliss@gmail.com) # Distributed under the terms of the GNU General Public License v3 #Name Tunnel HE_IPv6="he-ipv6" #Server IPv4 address: IPV4_S="" #Client IPv6 address: IPV6_C="" #Interface Wan INT_WAN="ppp0" #Tunel ttl TUN_TTL="255" DESC="6in4" #WAN IP WAN_IP=$(ip addr show $INT_WAN | awk '/inet/ {print $2}') case "$1" in start) echo "Starting $DESC tunnel" ifconfig $HE_IPv6 &>/dev/null if [ $? -eq 0 ]; then echo "Tunnel $HE_IPv6 already exists" exit 1 fi ip tunnel add $HE_IPv6 mode sit remote $IPV4_S local $WAN_IP ttl $TUN_TTL ip link set $HE_IPv6 up ip addr add $IPV6_C dev $HE_IPv6 ip route add ::/0 dev $HE_IPv6 ;; stop) echo "Stopping $DESC tunnel" ifconfig $HE_IPv6 &>/dev/null if [ $? -ne 0 ]; then echo "Tunnel $HE_IPv6 does not exist" exit 1 fi ip link set $HE_IPv6 down ip tunnel del $HE_IPv6 ;; *) echo "Usage: $0 {start|stop}" >&2 exit 1 esac exit 0 
 

#!/bin/bash # Create 6in4 tunnel endpoint script # for use with http://www.tunnelbroker.com (Hurricane Electric) # C 2010 icCE aka TuLiss (tuliss@gmail.com) # Distributed under the terms of the GNU General Public License v3 #Name Tunnel HE_IPv6="he-ipv6" #Server IPv4 address: IPV4_S="" #Client IPv6 address: IPV6_C="" #Interface Wan INT_WAN="ppp0" #Tunel ttl TUN_TTL="255" DESC="6in4" #WAN IP WAN_IP=$(ip addr show $INT_WAN | awk '/inet/ {print $2}') case "$1" in start) echo "Starting $DESC tunnel" ifconfig $HE_IPv6 &>/dev/null if [ $? -eq 0 ]; then echo "Tunnel $HE_IPv6 already exists" exit 1 fi ip tunnel add $HE_IPv6 mode sit remote $IPV4_S local $WAN_IP ttl $TUN_TTL ip link set $HE_IPv6 up ip addr add $IPV6_C dev $HE_IPv6 ip route add ::/0 dev $HE_IPv6 ;; stop) echo "Stopping $DESC tunnel" ifconfig $HE_IPv6 &>/dev/null if [ $? -ne 0 ]; then echo "Tunnel $HE_IPv6 does not exist" exit 1 fi ip link set $HE_IPv6 down ip tunnel del $HE_IPv6 ;; *) echo "Usage: $0 {start|stop}" >&2 exit 1 esac exit 0

----------------- end-script-ipv6tunnel ---------------------------- --------------------------------------------

The second script that allows you to transfer a new IPv4 address to the broker and update it at the end of your tunnel.

----------------- Description-variables-for-ipv6update -------------------------- --------------------------------

IPV4ADDR - since we have a dynamic ip, we leave AUTO

MD5PASS - your password, which is used when entering your broker page as md5.
To convert the password to md5 run the command:
echo -n 'yourpassword' | md5sum, the resulting value will be your password in md5.

USERID - user ID, do not confuse it with the user login to access the broker website. ID is a long sequence of numbers and letters, you can see it on the page, immediately after <Name:>

GTUNID - Tunnel ID, listed on the Tuning page in the “Global Tunnel ID” field

INT_WAN - Interface with direct ip.

#Name Tunnel - The name of your tunnel. Maybe any. Must match the name in the first script.
HE_IPv6 = "he-ipv6"

----------------- start-script-ipv6update ---------------------------- -------------------------------------------

 #!/bin/bash # 6in4 tunnel endpoint update script # for use with http://www.tunnelbroker.com (Hurricane Electric) # C 2010 icCE aka TuLiss (tuliss@gmail.com) # Distributed under the terms of the GNU General Public License v3 #IPV4ADDR WHERE: # * set ipv4b='AUTO' if you want to set the variable to the requesting client's IP address. # * set ipv4b='your_public_ipv4_address' if you want to manully provide the address. IPV4ADDR="AUTO" #The MD5 Hash of your password # * Try echo -n 'yourpassword' | md5sum if you need to produce the MD5 Hash of your password MD5PASS="" #The UserID from the main page of the tunnelbroker (not your username) USERID="" #The Global Tunnel ID from the tunnel_details page GTUNID="" #Name IPV6 tunnel HE_IPv6="he-ipv6" #Interface Wan INT_WAN="ppp0" WAN_IP=$(ip addr show $INT_WAN | awk '/inet/ {print $2}') output=$(curl -ksSm30 "https://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=$IPV4ADDR&pass=$MD5PASS&user_id=$USERID&tunnel_id=$GTUNID") if [ "$output" == "That IPv4 endpoint is already in use." ]; then echo "That IPv4 endpoint is already in use. $WAN_IP" elif [ "$output" == "Your tunnel endpoint has been updated to: $WAN_IP" ]; then ip tunnel change $HE_IPv6 local $WAN_IP echo "$output" else echo "Houston, We've Got a Problem!" fi 
 

#!/bin/bash # 6in4 tunnel endpoint update script # for use with http://www.tunnelbroker.com (Hurricane Electric) # C 2010 icCE aka TuLiss (tuliss@gmail.com) # Distributed under the terms of the GNU General Public License v3 #IPV4ADDR WHERE: # * set ipv4b='AUTO' if you want to set the variable to the requesting client's IP address. # * set ipv4b='your_public_ipv4_address' if you want to manully provide the address. IPV4ADDR="AUTO" #The MD5 Hash of your password # * Try echo -n 'yourpassword' | md5sum if you need to produce the MD5 Hash of your password MD5PASS="" #The UserID from the main page of the tunnelbroker (not your username) USERID="" #The Global Tunnel ID from the tunnel_details page GTUNID="" #Name IPV6 tunnel HE_IPv6="he-ipv6" #Interface Wan INT_WAN="ppp0" WAN_IP=$(ip addr show $INT_WAN | awk '/inet/ {print $2}') output=$(curl -ksSm30 "https://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=$IPV4ADDR&pass=$MD5PASS&user_id=$USERID&tunnel_id=$GTUNID") if [ "$output" == "That IPv4 endpoint is already in use." ]; then echo "That IPv4 endpoint is already in use. $WAN_IP" elif [ "$output" == "Your tunnel endpoint has been updated to: $WAN_IP" ]; then ip tunnel change $HE_IPv6 local $WAN_IP echo "$output" else echo "Houston, We've Got a Problem!" fi

----------------- end-script-ipv6update ---------------------------- -------------------------------------------

Save the scripts and make them executable.

Run the first script:
# ./ipv6tunnel start

If all is well, we will see:
Starting 6in4 tunnel.

ifconfig we look whether the he-ipv6 tunnel appeared.

he-ipv6 Link encap: IPv6-in-IPv4
inet6 addr: fe80 :: xxxx: yyyy / 128 Range: Reference
inet6 addr: 2001: 470: aaaa: ccc :: 2/64 Range: Common

Now update IPv4 by running the second script.
# ./ipv6update
Your tunnel endpoint has been updated to: your_IP

If IPv4 has not changed then we get:
That IPv4 endpoint is already in use. your_IP

We try to make ping.

ping6 ipv6.google.com or ping6 freebsd.org

You should get the answer:

PING ipv6.google.com (2a00: 1450: 8001 :: 63) 56 data bytes
64 bytes from 2a00: 1450: 8001 :: 63: icmp_seq = 1 ttl = 55 time = 74.2 ms
64 bytes from 2a00: 1450: 8001 :: 63: icmp_seq = 2 ttl = 55 time = 73.1 ms

Now the ipv6tunnel script can be added to the download, and ipv6update can be added to cron and rejoiced.
From myself I will say that it is more correct to write a script that will monitor changes of ip addresses and launch ipv6update.

>>>>>>>>>>>>>>>>>>>> Bonus <<<<<<<<<<<<<<<<<<<<<<

Distribution of IPv6 to the local network.

By default, the Hurricane Electric tunnel broker provides us with two / 64 subnet masks: one is used for communication between your router and the broker's tunnel server, and the second (with an address different in one in the middle, it is highlighted in bold color) is used for computers in your local network, and is called in the web interface "Routed / 64".

For the sake of simplicity of examples, suppose that your Routed-subnet was 2001: 470: aaab: ccc :: / 64, and the interface to which the local network is connected is eth1. Also take into account that the firewall is turned off.

We enable IPv6 routing, for this we find in /etc/sysctl.conf,

net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.default.forwarding = 1

if there are none, then we prescribe with our hands.

Next, load the sysctl settings from the /etc/sysctl.conf file

# sysctl -p

The IPv6 address from the subnet that is being distributed to the locale must also be assigned to the network interface of the router itself. You can choose any address, for example, for routers, the address with :: 1 is often used. Do not confuse the issued segment for the local network with the segment for communication between the tunnel and the broker.

ip addr add 2001: 470: aaab: ccc :: 1/64 dev eth1

Now we will configure the client computer.

Add eth0 IPv6 to the interface, let it be :: 2

ip addr add 2001: 470: aaab: ccc :: 2/64 dev eth0

Add a default route for the IPv6 network.

ip -6 ro add :: / 0 via 2001: 470: aaab: ccc :: 1 dev eth0

We try to make a ping gateway, and then any service on the Internet.

You can see the IPv6 routing table as follows:

route -A inet6 -n or ip -6 ro sh

For Windows 7, it will suffice to specify addresses in the network connection settings <Internet Protocol version 6>

You can also check the operation of IPv6 by visiting the HART website

To simplify the procedure for issuing IPv6 on a local network, you can use radvd or dhcpv6.
There is enough material on the Internet on their settings.

If you have questions, you can ask them on the channel # ipv6-ru (Click here, no additional clients should be set up)
Special thanks to all on the channel # gentoo-ru