IPv6 Test Lab Part 2

Contributed by dwc on 2007-07-03 from the backman-to-the-future dept.

Will Backman writes:

"In Part 1, I described the creation of a small internal IPv6 network...Now that we had the basics figured out, it was time to connect to the IPv6 Internet..."

Read on for Will's Full Story

(Comments are closed)

Comments

By David Chisnall (82.7.199.50) on 2007-07-03 22:02

Can someone explain why 6to4 is disabled in the OpenBSD version of Kame? I've heard that it is a security hole, but the same arguments advanced to explain this seem to apply for accepting any IP packet that has come through a router (i.e. you have to trust the router that it is no allowing people on the other side to spoof IPs). This would make IPv6 deployment a lot easier.
Comments
1. By Anonymous Coward (128.171.90.200) on 2007-07-04 00:55
  
  > Can someone explain why 6to4 is disabled in the OpenBSD version of Kame? I've heard that it is a security hole, but the same arguments advanced to explain this seem to apply for accepting any IP packet that has come through a router (i.e. you have to trust the router that it is no allowing people on the other side to spoof IPs). This would make IPv6 deployment a lot easier.
  
  Have a look at RFC 3964
By Anonymous Coward (71.182.176.225) on 2007-07-03 23:02

Is it possible to have the OpenBSD box intelligently route traffic through the tunnel or through the link normally depending on whether or not the resulting DNS lookup is an IPv6 or IPv4 address?

Such as if I go to http://www.sixxs.net/misc/coolstuff/ I connect via the tunnel but if I go to say google.com the openbsd box see it's an IPv4 address and NATs the traffic using 6to4 (I think?) so I don't have to use http://ipv6gate.sixxs.net/?
Comments
1. By Anonymous Coward (137.78.212.149) on 2007-07-03 23:23
  
  > Is it possible to have the OpenBSD box intelligently route traffic through the tunnel or through the link normally depending on whether or not the resulting DNS lookup is an IPv6 or IPv4 address?
  
  The router would have nothing to do with this, in this guys setup he did ipv6 ONLY, if you do it normally the client can resolve both ipv4 and ipv6 and connect to which ever works, the router shouldn't have to do anything.
By Venture37 (venture37) venture37<A>hotmail.com on 2007-07-04 10:07 www.geeklan.co.uk

Configure the WAN interface as usual, create a tunnel, assign a LAN IPv6 gateway address and site local DNS address, allow IPv6 forwarding, enable the router advertising daemon, enable the BIND named, and presto: you can visit seven web sites. :)

hehehe, good one! :)
Comments
1. By Coward (198.62.124.245) on 2007-07-05 15:22
  
  > Configure the WAN interface as usual, create a tunnel, assign a LAN IPv6 gateway address and site local DNS address, allow IPv6 forwarding, enable the router advertising daemon, enable the BIND named, and presto: you can visit seven web sites. :)
  >
  >
  >
  > hehehe, good one! :)
  
  And free porn! http://www.ipv6experiment.com/

Latest Articles

Tue, Apr 23
- 05:25 pfctl(8) and systat(8) to display fragment reassembly statistics (0)
Thu, Apr 18
- 05:05 Coming soon to a -current system near you: parallel raw IP input (0)
Wed, Apr 17
- 05:33 In -current, default write format for tar(1) changed to "pax" (11)
Wed, Apr 10
- 18:50 OpenSMTPD 7.5.0p0 Released (2)
Tue, Apr 09
- 04:49 20 years since "and we're just starting": undeadly.org turns 20 (2024-04-09) (13)
Fri, Apr 05
- 06:16 OpenBSD 7.5 released (3)
Thu, Mar 28
- 18:18 LibreSSL 3.8.4 and 3.9.1 released (0)
Tue, Mar 12
- 06:53 OpenSSH 9.7/9.7p1 released! (0)
Mon, Mar 11
- 11:28 Game of Trees 0.97 released (0)

Credits

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]