X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=examples%2Fipv6-network.mdwn;h=c9dedea1fcfcdc376ffe7b969d4cc69d6b0a450f;hb=61e7aac92e9bb548176af1ed254c77d7e724e18b;hp=653dc11ede4bc200353e61d755c6347736fd2d09;hpb=bf3343ca2d0c70750e5e3e04cccc229457a49eb5;p=wiki diff --git a/examples/ipv6-network.mdwn b/examples/ipv6-network.mdwn index 653dc11..c9dedea 100644 --- a/examples/ipv6-network.mdwn +++ b/examples/ipv6-network.mdwn @@ -25,75 +25,82 @@ This document is to highlight an example setup for using tinc to create an IPv6 ### Configuration Files -1. On Debian/Ubuntu systems, an entry in "/etc/network/interfaces" can be used to statically assign the ::1 address for the local LAN. Example: -> iface eth1 inet6 static -> address 2001:db8:beef::1::1 -> netmask 64 -> mtu 1280 - On non Debian/Ubuntu systems, a line can be put in a boot script, such as "ip -6 addr add 2001:db8:beef:1::1/64 dev eth1". +1. On Debian/Ubuntu systems, an entry in `/etc/network/interfaces` can be used to statically assign the ::1 address for the local LAN. Example: +
+iface eth1 inet6 static +address 2001:db8:beef::1::1 +netmask 64 +mtu 1280 ++On non Debian/Ubuntu systems, a line can be put in a boot script, such as `ip -6 addr add 2001:db8:beef:1::1/64 dev eth1`. -2. IPv6 forwarding needs to be enabled: put "echo "1" >/proc/sys/net/ipv6/conf/all/forwarding" in a boot script, or "net.ipv6.conf.all.forwarding = 1" in "/etc/sysctl.conf". +2. IPv6 forwarding needs to be enabled: put `echo "1" >/proc/sys/net/ipv6/conf/all/forwarding` in a boot script, or `net.ipv6.conf.all.forwarding = 1` in `/etc/sysctl.conf`. 3. This setup uses tinc's "switch" mode: subnets are not assigned in the host files; only Address (for ConnectTo targets only) and the key are required in host files. -4. It is assumed that the config files go into something like "/etc/tinc/link" and "/etc/tinc/nets.boot" has an entry for "link". The following table can be used to guide configuration of routers: - * "routera" configuration for tinc (the master router): -> >cat tinc.conf -> Name = routera -> Mode = switch -> Interface = vpn6 -> -> >cat tinc-up -> #!/bin/sh -> #Enable tinc -> ip -6 link set $INTERFACE up mtu 1280 txqueuelen 1000 -> ip -6 addr add 2001:db8:beef::1/64 dev $INTERFACE -> ip -6 route add 2001:db8:beef::/48 dev $INTERFACE -> #Static routing table -> ip -6 route add 2001:db8:beef:2::/64 via 2001:db8:beef::2 -> ip -6 route add 2001:db8:beef:3::/64 via 2001:db8:beef::3 -> ip -6 route add 2001:db8:beef:4::/64 via 2001:db8:beef::4 -> -> >cat tinc-down -> #!/bin/sh -> #Static routing table -> ip -6 route del 2001:db8:beef:2::/64 via 2001:db8:beef:::2 -> ip -6 route del 2001:db8:beef:3::/64 via 2001:db8:beef:::3 -> ip -6 route del 2001:db8:beef:4::/64 via 2001:db8:beef:::4 -> #Disable tinc -> ip -6 route del 2001:db8:beef::/48 dev $INTERFACE -> ip -6 addr del 2001:db8:beef::1/64 dev $INTERFACE -> ip -6 link set $INTERFACE down -> - * "routerb" configuration for tinc (the other non-master routers will be like this one): -> >cat tinc.conf -> Name=routerb -> Mode = switch -> ConnectTo = routera -> Interface = vpn6 -> -> >cat tinc-up -> #!/bin/sh -> ip -6 link set $INTERFACE up mtu 1280 -> ip -6 addr add 2001:db8:beef::2/64 dev $INTERFACE -> ip -6 route add default via 2001:db8:beef::1 -> -> >cat tinc-down -> #!/bin/sh -> ip -6 route del default via 2001:db8:beef::1 -> ip -6 addr del 2001:db8:beef::2/64 dev $INTERFACE -> ip -6 link set $INTERFACE down +4. It is assumed that the config files go into something like `/etc/tinc/link` and `/etc/tinc/nets.boot` has an entry for "link". The following table can be used to guide configuration of routers. -5. You can use [radvd](http://www.litech.org/radvd/) or [Quagga](http://www.quagga.net/) to perform [stateless address autoconfiguration](http://www.ietf.org/rfc/rfc2462.txt) on your LAN. This is an example zebra.conf for LAN autoconfiguration (don't forget to enable the zebra daemon): -> ipv6 forwarding -> ! -> interface eth1 -> no ipv6 nd suppress-ra -> ipv6 address 2001:db8:beef:1::1/64 -> ipv6 nd prefix 2001:db8:beef:1::/64 -> ipv6 nd ra-interval 10 -> ! -> interface vpn6 -> ! -> interface lo +The "routera" configuration for tinc (the master router): ++>cat tinc.conf +Name = routera +Mode = switch +Interface = vpn6 + +>cat tinc-up +#!/bin/sh +#Enable tinc +ip -6 link set $INTERFACE up mtu 1280 txqueuelen 1000 +ip -6 addr add 2001:db8:beef::1/64 dev $INTERFACE +ip -6 route add 2001:db8:beef::/48 dev $INTERFACE +#Static routing table +ip -6 route add 2001:db8:beef:2::/64 via 2001:db8:beef::2 +ip -6 route add 2001:db8:beef:3::/64 via 2001:db8:beef::3 +ip -6 route add 2001:db8:beef:4::/64 via 2001:db8:beef::4 + +>cat tinc-down +#!/bin/sh +#Static routing table +ip -6 route del 2001:db8:beef:2::/64 via 2001:db8:beef:::2 +ip -6 route del 2001:db8:beef:3::/64 via 2001:db8:beef:::3 +ip -6 route del 2001:db8:beef:4::/64 via 2001:db8:beef:::4 +#Disable tinc +ip -6 route del 2001:db8:beef::/48 dev $INTERFACE +ip -6 addr del 2001:db8:beef::1/64 dev $INTERFACE +ip -6 link set $INTERFACE down ++The "routerb" configuration for tinc (the other non-master routers will be like this one): ++>cat tinc.conf +Name=routerb +Mode = switch +ConnectTo = routera +Interface = vpn6 +>cat tinc-up +#!/bin/sh +ip -6 link set $INTERFACE up mtu 1280 +ip -6 addr add 2001:db8:beef::2/64 dev $INTERFACE +ip -6 route add default via 2001:db8:beef::1 + +>cat tinc-down +#!/bin/sh +ip -6 route del default via 2001:db8:beef::1 +ip -6 addr del 2001:db8:beef::2/64 dev $INTERFACE +ip -6 link set $INTERFACE down ++ +5. You can use [radvd](http://www.litech.org/radvd/) or [Quagga](http://www.quagga.net/) to perform [stateless address autoconfiguration](http://www.ietf.org/rfc/rfc2462.txt) on your LAN. This is an example zebra.conf for LAN autoconfiguration (don't forget to enable the zebra daemon): ++ipv6 forwarding +! +interface eth1 +no ipv6 nd suppress-ra +ipv6 address 2001:db8:beef:1::1/64 +ipv6 nd prefix 2001:db8:beef:1::/64 +ipv6 nd ra-interval 10 +! +interface vpn6 +! +interface lo +