.\" $NetBSD: hf6to4.8,v 1.5 2007/10/07 12:59:14 kano Exp $ .\" .\" Copyright (c) 2000-2005 Hubert Feyrer . .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. All advertising materials mentioning features or use of this software .\" must display the following acknowledgement: .\" This product includes software developed by Hubert Feyrer for .\" the NetBSD Project. .\" 4. The name of the author may not be used to endorse or promote products .\" derived from this software without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" .Dd May 31, 2005 .Dt hf6to4 8 .Os .Sh NAME .Nm hf6to4 .Nd setup automatic 6to4 IPv6 tunnelling .Sh SYNOPSIS .Nm .Op Fl vn .Ar command .Sh DESCRIPTION The .Nm script can be used to setup IPv6 on your home machine and network for exploring IPv6 without any registrations. 6to4 is a mechanism by which your IPv6 address(es) are derived from an assigned IPv4 address, and which involves automatic tunnelling to one or more remove 6to4 relay routers, which will then forward your v6 packets on the 6bone. Replies are routed back to you over IPv4 via (possibly) other 6to4 relay routers. As such, IPv6-in-IPv4-encapsulated packets are accepted from all v4-hosts. See .Xr stf 4 for security discussion. .Pp From your (single) IPv4 address, you get a whole IPv6 /48 network, which allows you to split your network in 2^16 subnets, with 2^64 hosts each. You need to setup routing for your internal network properly, help is provided for setting up the border router here. .Pp This script takes the burden to calculate your IPv6 address from existing IPv4 address and runs the commands to setup (and tear down) automatic 6to4 IPv6 tunnelling. In a separate step, router advertisement for the inside network can be started and stopped. .Pp Possible options are: .Bl -tag -width xxx .It Fl n Do not. Only print the commands that would be run, but do not execute them. .It Fl v Verbose operation. Print the commands that are about to be run, before running them. Displays some additional information. .It Fl h Show usage. .El .Pp Possible commands are: .Bl -tag -width rtadvd-start .It Sy start Same as .Sy stf-start . .It Sy stop Same as .Sy stf-stop . .It Sy stf-start Configure 6to4 IPv6. The .Xr stf 4 interface is configured, and a default route to a remote 6to4 gateway is established. In addition, the internal network interface is assigned an address. .It Sy stf-stop Stops 6to4 IPv6. All addresses are removed from the .Xr stf 4 device, and the default route is removed. If .Sy in_if is set, the 6to4 addresses are removed from that interface too. .It Sy rtadvd-start Starts router advertizement and IPv6 packet forwarding, turning the machine into a IPv6 router. Clients just need to be told to accept router advertizements, i.e. the .Sq net.inet6.ip6.accept_rtadv sysctl needs to be set to .Sq 1 . On NetBSD, you can arrange that by setting .Dq ip6mode=autohost in .Pa /etc/rc.conf . .It Sy rtadvd-stop Stops router advertizement and IPv6 packet forwarding. .Xr rtadvd 8 is stopped. .El .Sh REQUIREMENTS Besides IPv4 connectivity, you need support for IPv6 and the .Xr stf 4 device in your kernel. While the GENERIC .Nx 1.5 kernel does support IPv6, it does not contain support for the .Xr stf 4 device. .Pp Make sure you have the following options in your kernel config file: .Bd -literal -offset options INET # IP + ICMP + TCP + UDP options INET6 # IPV6 pseudo-device stf 1 # 6to4 IPv6 over IPv4 encapsulation .Ed .Pp In systems that run past-1.5, you will have to explicitly create an .Xr stf 4 device after compiling it in the kernel. You do this by running the following command before calling the .Nm script: .Bd -literal -offset ifconfig stf0 create .Ed As an alternative, you can also put the following lines into .Pa /etc/rc.conf : .Bd -literal -offset net_interfaces="stf0" ifconfig_stf0="create" .Ed .Pp See also the comment on setting up IPv6-clients .Sq behind your 6to4 router for the .Sy rtadvd-start command! .Sh CONFIGURATION The .Nm script reads its configuration from a config file named .Pa hf6to4.conf . The .Pa hf6to4.conf file is in .Xr sh 1 syntax, and contains several variables that can be tuned to adjust your setup. Default values should work for use on a modem/DSL dialup. .Bl -tag -width rtadvd-stop .It Sy out_if The outbound interface that has a valid IPv4 address assigned, that can be used to derive the IPv6 addresses from. Usually .Dq ppp0 for a modem setup, or your ethernet interface if you have IPv4 connectivity via LAN. This can't be empty, and is assigned the IPv6 address 2002:x:x:v6_net:hostbits6, see below. .It Sy in_if The inside interface. If non-empty, this interface is assigned the IPv6 address 2002:x:x:v6_innernet:hostbits6, see below. This is only useful on machines that have more than one network interfaces, e.g. with a modem and a local ethernet. .It Sy v6_net The subnet address you want to use on the address of your outbound interface. Defaults to .Dq 1 . .It Sy v6_innernet The subnet address you want to use on the address of your inbound interface. Defaults to .Dq 2 . .It Sy hostbits6 The lower 64 bits of both the inbound and outbound interface's addresses. .It Sy peer Name of the remote 6to4 server that'll take our IPv6-in-IPv4 encapsulated packets and route them on via IPv6. A special value of .Dq 6to4-anycast can be used for the anycast service defined in RFC 3068. Other possible values are given in the example config file. .It Sy remoteadr4, remoteadr6 If the .Sy peer variable is set to the relay router's name, DNS lookups for A and AAAA records will be made to determine its IPv4 and IPv6 address. To avoid these lookups, the variables .Sy remoteadr4 and .Sy remoteadr6 can be set to strings containing the numerical IPv4 and IPv6 numbers directly. .El .Sh EXAMPLES The .Nm script can be run automatically by .Xr pppd 8 when a connection is made. For this, put the following into .Pa /etc/ppp/ip-up : .Bd -literal -offset ( /usr/pkg/sbin/hf6to4 stf-stop /usr/pkg/sbin/hf6to4 stf-start /usr/pkg/sbin/hf6to4 rtadvd-stop /usr/pkg/sbin/hf6to4 rtadvd-start ) & .Ed .Pp To shut down properly, put this into .Pa /etc/ppp/ip-down : .Bd -literal -offset /usr/pkg/sbin/hf6to4 stf-stop /usr/pkg/sbin/hf6to4 rtadvd-stop .Ed .Sh SEE ALSO .Xr stf 4 , .Dq 6to4 IPv6 Explained at .Pa http://www.feyrer.de/NetBSD/6to4.html , .Nx IPv6 Documentation at .Pa http://www.netbsd.org/docs/network/ipv6/ , RFC 3068. .Sh HISTORY The .Nm utility and manpage were written by Hubert Feyrer . .Pp The utility was initially written in perl and called .Dq 6to4 but later rewritten as shell script and renamed to a name different than the protocol it configures to emphasize the difference between the protocol (6to4) and the implementation (hf6to4). .Pp The older (perl) version is also shipped by Apple with versions 10.3 and 10.4 (and probably newer) of their MacOS X operating system. .Sh BUGS On systems running past-1.5, the .Dq ifconfig stf0 create should be run automatically. .Pp Might be good to use /etc/rc.d/rtadvd for rtadvd handling.