AddThis Social Bookmark Button

Print

Connecting to the IPv6 Internet

by Ibrahim Haddad
01/22/2004

In a previous article published on LinuxDevCenter.com, we introduced the IPv6 protocol and demonstrated how to support IPv6 on you Linux machine. This article goes a bit further into demonstrating how to connect your Linux machine to the IPv6 Internet (also known as the 6bone) using the Freenet6 Tunnel Server Protocol (TSP).

The IPv6 Internet

The IPv6 Internet was established in 1996 as a test network for IPv6. At the beginning, most of the backbone was established using tunnels over the current IPv4 Internet, making it appear as a virtual IPv6 network. Currently, the IPv6 Internet is made of both IPv6 native links and tunneled links over the IPv4 Internet.

The initial goal of the IPv6 Internet was to provide an experimental worldwide network for testing standards and IPv6 implementations. Years after its creation, the IPv6 Internet has changed its focus in a new direction: testing of transition and operational procedures. For many years to come, IPv4 and IPv6 will co-exist before a complete migration to IPv6 takes place. For this reason, the IETF has developed a number of co-existence and transition techniques that should be applied to help adopters migrate toward a full IPv6 deployment. In this context, the IPv6 Internet is playing a major role as a test IPv6 backbone for transitional mechanisms and operational procedures.

Related Reading

IPv6 Essentials
By Silvia Hagen

Connecting to the IPv6 Internet

To connect to the IPv6 Internet, you need a provider that offers the service. Quite a few ISPs offer IPv6 connectivity depending on where you live. If you cannot find one directly or if your current provider does not offer the service, then the easiest and cheapest solution to connect to the IPv6 Internet is to create a tunnel to a provider or a site that is willing to offer you the transit service (sometimes for free). Hexago (a spin-off of Viagénie) started the Freenet6 initiative to help people experiment and deploy IPv6. Freenet6 offers a free and automated tunnel service that can connect any individual or organization to the IPv6 Internet.

For the purpose of clarity, we will first cover the concept of tunneling, discuss which Freenet6 connection model is best for you, and follow a step-by-step tutorial on how to set up the connection.

Tunneling

The IETF has standardized tunneling as the transitional method to deploy IPv6, in coexistence with IPv4. A tunnel encapsulates IPv6 packets over IPv4. As a result, IPv6 hosts will be able to establish a link to the IPv6 Internet through an IPv4 connection. An IPv6-over-IPv4 tunnel is established with both endpoints configuring the IPv4 and the IPv6 address of the other endpoint. When one of the endpoints changes its IPv4 address, both endpoints of the tunnel need to change their configuration accordingly. This is especially cumbersome when the IPv4 node has a dialup connection or if it changes addresses often.

Freenet6 Tunnel Server Protocol provides an IPv6-over-IPv4 tunneling implementation that overcomes this problem: each time the tunnel client changes its IPv4 address, for instance at boot time if the host is configured for a DHCP service, the TSP client sends updated and authenticated information to the server, so the tunnel remains active without any reconfiguration.

Freenet6 Tunnel Server Protocol (TSP)

As previously mentioned, the Freenet6 service was the first public tunnel server service, and the most used in the world to delegate automatically one single IPv6 address to any host already connected to an IPv4 network over configured tunnels.

Freenet6's TSP is based on a client/server approach. It uses a protocol where a client requests one single IPv6 address or a full IPv6 prefix from a tunnel server. TSP is modeled after the tunnel broker (RFC 3053) where an IPv6-over-IPv4 tunnel is established between a node and the tunnel broker. However, Freenet6 is an enhanced version, where the node is using a tunnel-setup protocol to negotiate the establishment of the tunnel with the server. The client node, in this case, may be a host or a router.

Learning Lab TigerLinux/Unix System Administration Certification -- Would you like to polish your system administration skills online and receive credit from the University of Illinois? Learn how to administer Linux/Unix systems and gain real experience with a root access account. The four-course series covers the Unix file system, networking, Unix services, and scripting. It's all at the O'Reilly Learning Lab.

The TSP server of Freenet6 provides not only tunnels but also a large address space to any user of the service. The address space provided is a /48 network, giving 2^16 subnets, each of which may have up to 264 nodes -- more addresses than the entire current IPv4 Internet address space. This address space is assigned to the user of the service to enable any user, university, or organization to have the freedom of an abundance of addresses for servers and services that were not easy to do with NAT in IPv4.

How the Tunnel Is Established

Here are the steps that take place when establishing a tunnel session using the Freenet6 TSP:

  • The IPv6 host, which has a connection to the Internet, initiates a request to the tunnel server by starting the TSP client program. This client will request a tunnel according to the specifications inside the TSP configuration file on the host machine.

  • The TSP server processes the request and assigns either a single IPv6 address or a full IPv6 prefix to the requester (depending on the type of request).

  • The TSP server will then establish the IPv6-over-IPv4 tunnel according to the information sent in the request.

  • The client will receive the tunnel configuration information from the tunnel server and will configure its tunnel interface as well as its default IPv6 routes.

  • The IPv6 host (the client machine) now has full IPv6 connectivity.

Freenet6 has a detailed description on how TSP works.

Freenet6 TSP Connection Models

TSP supports two connection models.

In the Single Host Connection Model, as shown in Figure 1, only a single host is connected to the IPv6 Internet using the Freenet6 service.

Single Host Connection Model
Figure 1. Connecting a single machine.

In the Multiple Hosts Connection Model, as shown in Figure 2, you can connect a full network to the IPv6 Internet using the Freenet6 service. What differs from the first scenario is the need for a machine to act as an IPv6 router, which will be providing router advertisement for the hosts on your network to auto-configure themselves for IPv6.

Multiple Hosts Connection Model
Figure 2. Connecting a full network.

Freenet6 TSP Requirements

Your Linux host should meet some basic requirements to be able to use the Freenet6 TSP service:

  • Support for IPv6. The host must support IPv6. We covered this topic in the previous article.

  • A Public IPv4 Address. Tunnel servers do not accept private addresses. Your Linux host must have a public IPv4 address.

  • Root Access. You need to have root access to install and configure the Freenet6 TSP client program.

  • Enabled TSP Ports on Firewall/Router. If your Linux host is behind a firewall, firewalls and routers on the client side must allow protocol number 41 and TCP port 4343 between Freenet6 and the end-user network to allow IPv6 connectivity from Freenet6.

  • A NAT-Free Environment. If an end-user is behind a NAT gateway, it is not possible to get IPv6-over-IPv4 traffic from any tunnel server, except when the NAT gateway handles static NAT addressing. The network administrator could map one Internet unicast globally unique IP address to the end-user Linux host behind the NAT. This means the local network administrator will control and authorize this special configuration for end-users. Please note that Freenet6 is working on a NAT traversal technique that will be available in the near future. It will enable the establishment of a tunnel over NAT without any modification of the NAT gateway. This will be of benefit for those of us who would like to connect to the IPv6 Internet but are inside a NAT environment.

Pages: 1, 2

Next Pagearrow