X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=examples%2Fipv6-network.mdwn;h=c9dedea1fcfcdc376ffe7b969d4cc69d6b0a450f;hb=0330e0ec59f1223bffc5c507dc358b791ec5caea;hp=707bd5b83c4548aca54daa59c5c9f8e53ecfa4e8;hpb=92c1ef34e1f369278a63eb7ffd0d4cd72ebfbeeb;p=wiki diff --git a/examples/ipv6-network.mdwn b/examples/ipv6-network.mdwn index 707bd5b..c9dedea 100644 --- a/examples/ipv6-network.mdwn +++ b/examples/ipv6-network.mdwn @@ -25,75 +25,82 @@ This document is to highlight an example setup for using tinc to create an IPv6 ### Configuration Files -1. On Debian/Ubuntu systems, an entry in "/etc/network/interfaces" can be used to statically assign the ::1 address for the local LAN. Example: - iface eth1 inet6 static - address 2001:db8:beef::1::1 - netmask 64 - mtu 1280 - On non Debian/Ubuntu systems, a line can be put in a boot script, such as "ip -6 addr add 2001:db8:beef:1::1/64 dev eth1". +1. On Debian/Ubuntu systems, an entry in `/etc/network/interfaces` can be used to statically assign the ::1 address for the local LAN. Example: +
+iface eth1 inet6 static +address 2001:db8:beef::1::1 +netmask 64 +mtu 1280 ++On non Debian/Ubuntu systems, a line can be put in a boot script, such as `ip -6 addr add 2001:db8:beef:1::1/64 dev eth1`. -2. IPv6 forwarding needs to be enabled: put "echo "1" >/proc/sys/net/ipv6/conf/all/forwarding" in a boot script, or "net.ipv6.conf.all.forwarding = 1" in "/etc/sysctl.conf". +2. IPv6 forwarding needs to be enabled: put `echo "1" >/proc/sys/net/ipv6/conf/all/forwarding` in a boot script, or `net.ipv6.conf.all.forwarding = 1` in `/etc/sysctl.conf`. 3. This setup uses tinc's "switch" mode: subnets are not assigned in the host files; only Address (for ConnectTo targets only) and the key are required in host files. -4. It is assumed that the config files go into something like "/etc/tinc/link" and "/etc/tinc/nets.boot" has an entry for "link". The following table can be used to guide configuration of routers: - * "routera" configuration for tinc (the master router): - >cat tinc.conf - Name = routera - Mode = switch - Interface = vpn6 - - >cat tinc-up - #!/bin/sh - #Enable tinc - ip -6 link set $INTERFACE up mtu 1280 txqueuelen 1000 - ip -6 addr add 2001:db8:beef::1/64 dev $INTERFACE - ip -6 route add 2001:db8:beef::/48 dev $INTERFACE - #Static routing table - ip -6 route add 2001:db8:beef:2::/64 via 2001:db8:beef::2 - ip -6 route add 2001:db8:beef:3::/64 via 2001:db8:beef::3 - ip -6 route add 2001:db8:beef:4::/64 via 2001:db8:beef::4 - - >cat tinc-down - #!/bin/sh - #Static routing table - ip -6 route del 2001:db8:beef:2::/64 via 2001:db8:beef:::2 - ip -6 route del 2001:db8:beef:3::/64 via 2001:db8:beef:::3 - ip -6 route del 2001:db8:beef:4::/64 via 2001:db8:beef:::4 - #Disable tinc - ip -6 route del 2001:db8:beef::/48 dev $INTERFACE - ip -6 addr del 2001:db8:beef::1/64 dev $INTERFACE - ip -6 link set $INTERFACE down - - * "routerb" configuration for tinc (the other non-master routers will be like this one): - >cat tinc.conf - Name=routerb - Mode = switch - ConnectTo = routera - Interface = vpn6 - - >cat tinc-up - #!/bin/sh - ip -6 link set $INTERFACE up mtu 1280 - ip -6 addr add 2001:db8:beef::2/64 dev $INTERFACE - ip -6 route add default via 2001:db8:beef::1 - - >cat tinc-down - #!/bin/sh - ip -6 route del default via 2001:db8:beef::1 - ip -6 addr del 2001:db8:beef::2/64 dev $INTERFACE - ip -6 link set $INTERFACE down +4. It is assumed that the config files go into something like `/etc/tinc/link` and `/etc/tinc/nets.boot` has an entry for "link". The following table can be used to guide configuration of routers. -5. You can use [radvd](http://www.litech.org/radvd/) or [Quagga](http://www.quagga.net/) to perform [stateless address autoconfiguration](http://www.ietf.org/rfc/rfc2462.txt) on your LAN. This is an example zebra.conf for LAN autoconfiguration (don't forget to enable the zebra daemon): - ipv6 forwarding - ! - interface eth1 - no ipv6 nd suppress-ra - ipv6 address 2001:db8:beef:1::1/64 - ipv6 nd prefix 2001:db8:beef:1::/64 - ipv6 nd ra-interval 10 - ! - interface vpn6 - ! - interface lo +The "routera" configuration for tinc (the master router): ++>cat tinc.conf +Name = routera +Mode = switch +Interface = vpn6 + +>cat tinc-up +#!/bin/sh +#Enable tinc +ip -6 link set $INTERFACE up mtu 1280 txqueuelen 1000 +ip -6 addr add 2001:db8:beef::1/64 dev $INTERFACE +ip -6 route add 2001:db8:beef::/48 dev $INTERFACE +#Static routing table +ip -6 route add 2001:db8:beef:2::/64 via 2001:db8:beef::2 +ip -6 route add 2001:db8:beef:3::/64 via 2001:db8:beef::3 +ip -6 route add 2001:db8:beef:4::/64 via 2001:db8:beef::4 + +>cat tinc-down +#!/bin/sh +#Static routing table +ip -6 route del 2001:db8:beef:2::/64 via 2001:db8:beef:::2 +ip -6 route del 2001:db8:beef:3::/64 via 2001:db8:beef:::3 +ip -6 route del 2001:db8:beef:4::/64 via 2001:db8:beef:::4 +#Disable tinc +ip -6 route del 2001:db8:beef::/48 dev $INTERFACE +ip -6 addr del 2001:db8:beef::1/64 dev $INTERFACE +ip -6 link set $INTERFACE down ++The "routerb" configuration for tinc (the other non-master routers will be like this one): ++>cat tinc.conf +Name=routerb +Mode = switch +ConnectTo = routera +Interface = vpn6 +>cat tinc-up +#!/bin/sh +ip -6 link set $INTERFACE up mtu 1280 +ip -6 addr add 2001:db8:beef::2/64 dev $INTERFACE +ip -6 route add default via 2001:db8:beef::1 + +>cat tinc-down +#!/bin/sh +ip -6 route del default via 2001:db8:beef::1 +ip -6 addr del 2001:db8:beef::2/64 dev $INTERFACE +ip -6 link set $INTERFACE down ++ +5. You can use [radvd](http://www.litech.org/radvd/) or [Quagga](http://www.quagga.net/) to perform [stateless address autoconfiguration](http://www.ietf.org/rfc/rfc2462.txt) on your LAN. This is an example zebra.conf for LAN autoconfiguration (don't forget to enable the zebra daemon): ++ipv6 forwarding +! +interface eth1 +no ipv6 nd suppress-ra +ipv6 address 2001:db8:beef:1::1/64 +ipv6 nd prefix 2001:db8:beef:1::/64 +ipv6 nd ra-interval 10 +! +interface vpn6 +! +interface lo +