Happy IPv6 Day!
Michael Dale
traceroute6 to ns3.dalegroup.net (2001:470:1:41:a800:ff:fe59:ad77) from 2001:44b8:73f3:30a0:223:6cff:fe87:d1b0, 64 hops max, 12 byte packets
1 2001:44b8:73f3:30a0:21f:12ff:fe54:8509 3.690 ms 1.642 ms 2.421 ms
2 loop0.lns6.syd7.internode.on.net 27.485 ms 29.693 ms 38.001 ms
3 gi1-1.cor2.syd7.internode.on.net 27.176 ms 39.971 ms 30.690 ms
4 gi6-0-0-109.bdr1.syd7.internode.on.net 31.136 ms 36.664 ms 36.492 ms
5 pos2-0.bdr1.sjc2.internode.on.net 184.883 ms 193.264 ms 207.775 ms
6 paix.ipv6.he.net 185.041 ms 188.728 ms 185.915 ms
7 10gigabitethernet1-2.core1.fmt1.he.net 213.857 ms 210.641 ms 414.330 ms
8 2001:470:1:89::2 186.451 ms 191.536 ms 190.687 ms
9 ns3.dalegroup.net 209.534 ms 221.058 ms 212.807 ms
Native IPv6 over PPPoE with Internode and a Juniper SSG5
Michael Dale
Internode released a trial of native IPv6 over ADSL a few months back, so anyone with an ADSL account with them can try it.
So one of my clients has an SSG5 and an internode connection so I thought I'd set it up.
So the setup:
The very first step is to enable IPv6 on the SSG5, this requires you to run the following command and then restart/reboot the device:
Once done you should now have access to all the IPv6 functions in the WebUI.
The next step is to modify your PPPoE connection settings.
set pppoe name "Internode" username "username@ipv6.internode.on.net" password "encryptedpassword"
set pppoe name "Internode" ppp ipv6cp ipcp
Now you need to enable IPv6 on the interface that the PPPoE connection is setup on.
set interface "ethernet0/0" ipv6 mode "host"
set interface "ethernet0/0" ipv6 enable
set interface ethernet0/0 ipv6 ra accept
unset interface ethernet0/0 ipv6 nd nud
So the above should be enough for you to get the /64 on the PPPoE interface.
Internode is currently handing out a /60 for use in your network (via DHCPv6), so lets now set that up.
set interface ethernet0/0 dhcp6 client
set interface ethernet0/0 dhcp6 client options rapid-commit
set interface ethernet0/0 dhcp6 client options request pd
set interface ethernet0/0 dhcp6 client pd ra-interface bgroup0
set interface ethernet0/0 dhcp6 client enable
In the above "bgroup0" is my LAN interface.
Now let's get IPv6 running on "bgroup0"
set interface "bgroup0" ipv6 mode "router"
set interface "bgroup0" ipv6 ip 2001:44b8:7763:baa0::1/64
set interface "bgroup0" ipv6 enable
set interface bgroup0 ipv6 ra link-address
set interface bgroup0 ipv6 ra transmit
unset interface bgroup0 ipv6 nd nud
In the above the IPv6 address there is my first /64 out of the /60, I've manually set it to a :1 address but you can use whatever it's default auto assigned address is.
Now you might want to hand out internodes IPv6 DNS server addresses to your LAN
set interface bgroup0 dhcp6 server
set interface bgroup0 dhcp6 server options dns dns1 2001:44b8:1::6
set interface bgroup0 dhcp6 server options dns dns2 2001:44b8:2::6
set interface bgroup0 dhcp6 server enable
Now we need to setup the default IPv6 route, as the one that is added by default is incorrect.
set route ::/0 interface ethernet0/0 gateway ::
And finally the IPv6 policy to allow traffic out (yay no NAT).
set policy id 12 from "Trust" to "Untrust" "Any-IPv6" "Any-IPv6" "ANY" permit log
That should be all you need to do to get IPv6 working on your network.
There is more information over at the internode site if needed.
And here is a traceroute from a computer on the LAN
C:\Users\Administrator>tracert -6 ipv6.google.com
Tracing route to ipv6.l.google.com [2001:4860:c004::68]
over a maximum of 30 hops:
1 1 ms <1 ms <1 ms 2001:44b8:7763:baa0::1
2 37 ms 37 ms 37 ms loop0.lns6.syd7.internode.on.net [2001:44b8:b070::4]
3 37 ms 37 ms 37 ms gi1-1.cor2.syd7.internode.on.net [2001:44b8:b070:5::1]
4 37 ms * 37 ms gi6-0-0-146.bdr1.syd6.internode.on.net [2001:44b8:b060:146::1]
5 37 ms 37 ms 37 ms 2001:4860:1:1:0:1283:0:2
6 38 ms 38 ms 39 ms 2001:4860::1:0:9f8
7 184 ms 295 ms 174 ms 2001:4860::1:0:165
8 175 ms 175 ms 175 ms 2001:4860::1:0:890
9 181 ms 176 ms 182 ms 2001:4860::29
10 185 ms 176 ms 244 ms tx-in-x68.1e100.net [2001:4860:c004::68]
Trace complete.
IPv6
Michael Dale
I spent a bit of time last night getting more of my network IPv6 ready.
EDIT: And now my IPv6 tunnel is completely broken :( I've email aarnet and hopefully it will be working soon!
Bluetrait 2 development update
Michael Dale
Just a quick development update.
The following is a list of the major changes that have happened since Code Example 1:
There are a couple of things that need doing before I can upgrade this site to Bluetrait 2:
The cron support is pretty cool and really easy to use. It will be used in future to handle update notifications, session garbage collection and "monthly database maintenance".
On another note this site is now accessible via IPv6 (2001:388:c021::20), which has already seen traffic!
I finally got an IPv6 tunnel going on my Netscreen SSG 5. So I thought I'd post the relevant configuration details here.IPv6 tunnel through IPv4 with a Netscreen
Michael Dale
I've done some basic IPv6 stuff in the past, which only involved a single IPv6 address and a connection to aarnet. I was going to look into setting up a tunnel on my router (a m0n0wall box) so that I had both a IPv4 address and a IPv6 address but it didn't support IPv6 stuff.IPv6 again!
Michael Dale
I have setup an IPv6 tunnel through AARNETIPv6 tunnel
Michael Dale
When I installed FreeBSD onto my server it setup an IPv6 address, funky I thought although I'm never going to use it. Anyway my Mac is also built on BSD and it too has an IPv6 address. So I tried a normal ping but it only supports IPv4 so I tried typing ping6 and it worked! Cool!IPv6 connectivity
Michael Dale