![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
For a long time I wanted to play with IPv6, but I never liked any of the tunnels I saw. This evening I started wondering if my Cisco 837 ADSL router cannot handle some form of tunnel.
A short time later and:
How to do it: I configured a 6to4 tunnel on the router:
Of course the 6to4 ip (the one on Tunnel0) is derived from my ipv4 ip. Which changes now and again. So I uploaded to the flash of my router the following file:
This is a TCL script that will get the current external ip (from Dialer1) and give the correct IPv6 ips to the right interfaces.
And with alias exec updateipv6 tclsh flash:update-ipv6.tcl I can quickly login and adapt the addresses myself.
The router handles IPv6 autoconfiguration on the inside, so my machine now says:
A short time later and:
router#ping ipv6.google.com
Translating "ipv6.google.com"...domain server (195.238.2.21) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:4860:0:1001::68, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 276/278/284 ms
How to do it: I configured a 6to4 tunnel on the router:
ipv6 unicast-routing
ipv6 cef
! enable ipv6
ipv6 inspect name MyIPv6Inspection tcp
ipv6 inspect name MyIPv6Inspection udp
ipv6 inspect name MyIPv6Inspection ftp
ipv6 inspect name MyIPv6Inspection icmp
! let's have a firewall
interface Tunnel1
no ip address
no ip redirects
ipv6 address 2002:51F0:CCA5::1/128
ipv6 enable
ipv6 traffic-filter ipv6ip in
ipv6 inspect MyIPv6Inspection out
tunnel source Dialer1
tunnel mode ipv6ip 6to4
interface Ethernet0
ipv6 address 2002:51F0:CCA5:DEAD::1/128
ipv6 enable
ipv6 route 2002::/16 Tunnel1
ipv6 route ::/0 2002:C058:6301::
ipv6 access-list ipv6ip
deny ipv6 any any
Of course the 6to4 ip (the one on Tunnel0) is derived from my ipv4 ip. Which changes now and again. So I uploaded to the flash of my router the following file:
proc doconf { section setting} {
if { [ catch { ios_config $section $setting } errmsg ] } { error "configuration of $section $setting failed"; }
}
set ipaddr [exec "show ip interface Dialer1 | i Internet address"]
regexp {is ([0-9.]*)/} $ipaddr match ip
regexp {([0-9]*).([0-9]*).([0-9]*).([0-9]*)} $ip match a b c d
set newipv6 [format "2002:%2x%2x:%2x%2x::1" $a $b $c $d]
set newintipv6 [format "2002:%2x%2x:%2x%2x:dead::1" $a $b $c $d]
doconf "interface Dialer1" "no ipv6 address"
doconf "interface Dialer1" "ipv6 address $newipv6/128"
doconf "interface Ethernet0" "no ipv6 address"
doconf "interface Ethernet0" "ipv6 address $newintipv6/64"
This is a TCL script that will get the current external ip (from Dialer1) and give the correct IPv6 ips to the right interfaces.
And with alias exec updateipv6 tclsh flash:update-ipv6.tcl I can quickly login and adapt the addresses myself.
The router handles IPv6 autoconfiguration on the inside, so my machine now says:
# ip addr show dev wlan0 scope global
4: wlan0:
