Jan 242012
 

After sorting out tunneling on my computer, there came time to setup my router too. Idea is not to configure each client with separate tunnel but to have one tunnel on router and all computers connecting to it should use it transparently. Hurricane Electric gives /64 prefix and that ought to be enough.

As a router I will use my trusty DD-WRT. Exact version used in this example is DD-WRT v24-sp2 (12/08/11) std-nokaid (SVN revision 17990M NEWD-2 Eko). Your mileage may vary depending on version of your choosing.

Obvious first step is to enable IPv6. It is easy enough to do. Under Administration -> Management find IPv6 support and enable IPv6 and Radvd. Radvd is configured as simple as it can be:

interface br0
{
   AdvSendAdvert on;
   prefix 2001:db8:9:10ee::/64
   {
   };
};

Notice that prefix is same text “Routed /64” under your tunnel details.

Unfortunately this will not do. There is need for small script:

insmod ipv6

SERVER_IPV4_ADDRESS="216.66.22.2"
SERVER_IPV6_ADDRESS="2001:db8:8:10ee::1"
CLIENT_IPV4_ADDRESS=$(ip -4 addr show dev eth0 | awk '/inet / {print $2}' | cut -d/ -f1)
CLIENT_IPV6_ADDRESS="2001:db8:8:10ee::2"
ROUTED_IPV6_ADDRESS="2001:db8:9:10ee::1"

if [ -n $CLIENT_IPV4_ADDRESS ]
then
    ip tunnel add he-ipv6 mode sit remote $SERVER_IPV4_ADDRESS local $CLIENT_IPV4_ADDRESS ttl 255
    ip link set he-ipv6 up
    ip addr add $CLIENT_IPV6_ADDRESS/64 dev he-ipv6
    ip route add ::/0 dev he-ipv6
    ip -6 addr add $ROUTED_IPV6_ADDRESS/64 dev br0
    kill $(ps | awk '/radvd / { print $1}')
    radvd -C /tmp/radvd.conf
    wget "http://ipv4.tunnelbroker.net/ipv4_end.php?ip=AUTO&pass=9fc4d3d26b6ba921226c53e6c664c1ab0&apikey=tb4f139f1c342fgbd4.44123289860&tid=5511235463"
fi

Script sets some variables, brings interface up, adds some routes and restarts radvd daemon in order to pickup latest settings. Last line is needed only for users with dynamic IP (full explanation can be got once you load page in browser). This script needs to be saved with Save Firewall (under Administration -> Commands).

Once router gets restarted you will notice that all clients get IPv6 address alongside IPv4 (they have to support IPv6, of course). Easiest way to check it to run ping -6 ipv6.google.com. Or load it or one of many IPv6 test pages.

Windows 7 works just beautifully with IPv6.

P.S. In case you are wondering where I pulled those IPv6 addresses from, here is what Hurricane Electric gave me:

IPv6 Tunnel Endpoints
    Server IPv4 Address: 216.66.22.2
    Server IPv6 Address: 2001:db8:8:10ee::1/64
    Client IPv4 Address: 174.78.144.123
    Client IPv6 Address: 2001:db8:8:10ee::2/64

Routed IPv6 Prefixes
    Routed /64:          2001:db8:9:10ee::/64

  3 Responses to “IPv6 in your local network via DD-WRT”

Comments (3)
  1. Thanks for the scripts. I see that last line with the wget info. Seems your username and password are there for your tunnel.

    How do we change that for our own tunnel?

    I don’t yet have the tunnel running. I do have the script in radvd included. Shouldn’t i get addresses on the lan at least?

    thanks!

  2. Hello,
    Tried your directions including changing the required info, but I think my network is either just setup too odd or something as it didn’t work.

    In fact, after I added the firewall script and hit save firewall, then reboot.. as soon as the router was rebooting, my Dish Joey box lost picture and wasn’t able to establish a connection to the Dish Hopper main unit (which is weird as that uses the MoCA connection via the coax cable between the units… I only have the ethernet plugged into the Hopper unit for on demand/block buster stuff).

    Needless to say, it didn’t work for my setup and I had to undo the changes (and as soon as I did and hit reboot on the router, the Joey re-synced with the Hopper and I got the picture/audio back)

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>