Entertainment by tolecnal September 1, 2007
So you want to set up IPv6 on your Debian box? Sick and tired of the fact that you can’t test the new stage of Internet addressing because your ISP simply just doesn’t offer IPv6 connectivity yet? Well, fear not, because here is your solution. Getting IPv6 up and running might sound rather daunting, involving quite a few steps and rather complicated configurations? Well, let me be the first to tell you that this just isn’t the case. You will actually find it rather surprising just how easy it is to set up, and how little time you’ll be spending doing it. Once you’re done, you’ll be wondering why you didn’t do it sooner.
Now to explain a bit of the technical stuff first, what’s the difference between IPv4 and IPv6. Well, the main difference is that IPv6 offers a larger addressing space than the one available in IPv4. Let’s make a small comparison shall we. In IPv4 we use 32 bit addresses, which means that we have 4,294,967,296 unique addresses at our disposal. Sounds like a lot doesn’t it? Well, yes and no. In the grand scheme of things, we’re a planet of about 6.6 billion human beings. And with IPv4 we almost got 4.3 billion unique addresses. Now, you don’t have to be a rocket scientist to understand that IPv4 just doesn’t have enough addresses available. We don’t even have enough IP addresses to cover the amount of people we have on earth. And with the multitude of homes and business who all have computers, just aching to get online, well they just won’t all get an unique IP address for themselves. This is why we have had to resort to NAT, which is a technique that we use to use a single host as a point out to the internet. This in effect means that we have one server acting as the gateway to the internet, who has a public IP address and sets up the clients behind it with a private IP address and then in effect translates all the requests made internally so that they can be sent out to the internet. This works, and has worked for quite some time, but imposes a few limitations here and there. I won’t go into details what sort of limitations they are, as they are beyond the scope of this howto.
Now what’s the big deal about IPv6 you might ask? Well, compared to IPv4 we have an absolutely enormous address space to work with. Instead of the 32 bits address space that IPv4 uses, IPv6 uses a 128 bit address space. Now what does that mean in numbers? It means that we have 2^128 address, or put another way 3.4×10^38 or last but not least 340,282,366,920,938,463,463,374,607,431,768,211,456 unique addresses. Which in effect means that you, me, the girl next door, your neighbour, Bruce down the street, your mum and dad and everyone else has not only one unique IP address to play with, but thousands. Which mean that we won’t run out of public IP addresses, as we’ve done with IPv4. Now that we’ve got all the boring technical details out of the way, I’m guessing that you’re aching to get on with trying out IPv6 for yourself, so let’s move on.
Most of us have don’t get IPv6 through our ISP’s, so we have to use what is defined as a tunnel broker. Now what is a tunnel broker? It is a company that has IPv6 enabled equipment connected to the internet, and gives you the opportunity to connect to the IPv6 part of the internet through their equipment in pretty much the same way you do with your ISP’s. So what you have to do, is sign up with a tunnel broker to be assigned an IPv6 address/subnet. For me, I ended up using the service of SixXs, who has tunnel brokers in strategic points all across Europe. It is important that your tunnel broker is geographically close to you, so that your tunnel doesn’t suffer from high latency. Some tunnel brokers even penalize tunnels with low latency, and discontinue them, which is also the case with SixXs. This is not usually a problem though, as you’re bound to find a tunnel broker near you.
After you’ve signed up, you are given a user name and password to access your tunnel. To establish your tunnel is pretty straightforward, all you need to do is install a small program which initiates the tunnel and sets up the appropriate interface. But of course, as with most Debian packages this program has some dependencies, so let’s get these sorted first.
apt-get install iputils-ping iputils-tracepath iproute debconf lsb-base awk \ libgnutls-dev build-essential
This installs the required utilities needed by aiccu. As some of you may point out, there are packages available from both unstable and from backports.org, but I don’t recommend fiddling with unstable sources and when I tested, the backports.org package was broken. I ended up using the source for aiccu. So let’s get that installed.
wget https://noc.sixxs.net/archive/sixxs/aiccu/unix/aiccu_current.tar.gz tar zxf aiccu_current.tar.gz cd aiccu make make install
That’s it, aiccu should now be installed and ready for use. Now go check that e-mail you received for your IPv6 tunnel. You need the user name and password you use to login to SixXs’s site, as well and the tunnel ID. The information here goes into /etc/aiccu.conf.
# AICCU Configuration username XXXX-SIXXX password qwertyZXCVB ipv6_interface sixxs tunnel_id TXXXXX verbose false daemonize true automatic true requiretls false
Of course, make sure you insert your SixXs’ user name and password, and the tunnel ID of your tunnel. If everything has gone according to plan, you should now be ready to test your IPv6 tunnel.
/etc/init.d/aiccu start luna:~# ping6 irc.ipv6.efnet.net PING irc.ipv6.efnet.net(irc.ipv6.he.net) 56 data bytes 64 bytes from irc.ipv6.he.net: icmp_seq=1 ttl=57 time=217 ms 64 bytes from irc.ipv6.he.net: icmp_seq=2 ttl=57 time=222 ms 64 bytes from irc.ipv6.he.net: icmp_seq=3 ttl=57 time=215 ms 64 bytes from irc.ipv6.he.net: icmp_seq=4 ttl=57 time=214 ms
If you get a reply, you should be set and your IPv6 tunnel is ready for use. If it doesn’t work, then you have to retrace your steps and make sure you’ve used the correct user name and password and tunnel ID. Also note that you should keep this tunnel open for as long as possible, preferably all the time, as some tunnel brokers terminate non used and less frequently used tunnels. Good luck, and happy IPv6′ing! 🙂