How to add 6in4?

hyper_ch · November 16, 2021, 5:04pm

I would like to add ipv6 as my current provider doesn’t provide it naturally. So I found this guide:

https://doc.turris.cz/doc/cs/howto/ipv6tunnel#ziskani_tunelu_od_henet

However it does not seem to work.

I did add the following:

/etc/config/network

config interface 'wan6in4'
        option proto '6in4'
        option mtu '1480'
        opton 'peeraddr' '216.66.80.98'
        option 'ip6addr' '2001:470:25:xxx::2/64'
        option 'ip6prefix' '2001:470:26:xxx::/64'
        # The following parameters are only necessary if Turris has a dynamic IPv4 address
        option 'tunnelid' 'xxx'
        option 'username' 'xxx'
        option 'password' 'xxx'

I tried with ip6addr and without. The reason is because of the example config given by Tunnelbroker/HE.

/etc/config/firewall

config rule
        option name 'wan6in4'
        option family 'ipv4'
        option src 'wan'
        option src_ip '216.66.80.98'            #Server IPv4 address
        option proto '41'
        option target 'ACCEPT'

Example configs by Tunnelbroker/HE:

opkg update
opkg install 6in4

uci set network.henet=interface
uci set network.henet.proto=6in4
uci set network.henet.peeraddr=216.66.80.98
uci set network.henet.ip6addr='2001:470:25:xxx::2/64'
uci set network.henet.ip6prefix='2001:470:26:xxx::/64'
uci set network.henet.tunnelid=xxx
uci set network.henet.username=xxx
uci set network.henet.password='UPDATE_KEY_OR_PASSWORD'
uci commit network

uci set firewall.@zone[1].network='wan henet'
uci commit firewall

/etc/init.d/network restart
/etc/init.d/firewall reload

However it’s not working. Any suggestions?

zajdee · November 17, 2021, 8:20am

Did you replace the example values of peeraddr, ip6addr and ip6prefix by the ones provided by your 6in4 service?
What’s the 6in4 service? Is it Tunnelbroker.net?
Do you have your own public IPv4 address on the Turris?
Do you have this public IPv4 address configured on the side of the 6in4 service?

hyper_ch · November 17, 2021, 8:37am

In my examples above are the values provided by Tunnelbroker. As you can see, I did also post the example configuration provided by Tunnelbroker.

and ips are accordingly configured.

With the above configurations, I get this

ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 532
    link/ether d8:58:d7:00:1d:a8 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 532
    link/ether d8:58:d7:00:1d:a6 brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 532
    link/ether d8:58:d7:00:1d:a7 brd ff:ff:ff:ff:ff:ff
5: lan0@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP mode DEFAULT group default qlen 1000
    link/ether d8:58:d7:00:1d:a6 brd ff:ff:ff:ff:ff:ff
6: lan1@eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master br-lan state LOWERLAYERDOWN mode DEFAULT group default qlen 1000
    link/ether d8:58:d7:00:1d:a6 brd ff:ff:ff:ff:ff:ff
7: lan2@eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master br-lan state LOWERLAYERDOWN mode DEFAULT group default qlen 1000
    link/ether d8:58:d7:00:1d:a6 brd ff:ff:ff:ff:ff:ff
8: lan3@eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master br-lan state LOWERLAYERDOWN mode DEFAULT group default qlen 1000
    link/ether d8:58:d7:00:1d:a6 brd ff:ff:ff:ff:ff:ff
9: lan4@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP mode DEFAULT group default qlen 1000
    link/ether d8:58:d7:00:1d:a8 brd ff:ff:ff:ff:ff:ff
10: ip6tnl0@NONE: <NOARP> mtu 1452 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/tunnel6 :: brd ::
11: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/sit 0.0.0.0 brd 0.0.0.0
12: ifb0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 32
    link/ether fe:e1:8f:d0:7a:f9 brd ff:ff:ff:ff:ff:ff
13: ifb1: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 32
    link/ether 92:b1:55:c6:e3:9b brd ff:ff:ff:ff:ff:ff
14: gre0@NONE: <NOARP> mtu 1476 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/gre 0.0.0.0 brd 0.0.0.0
15: gretap0@NONE: <BROADCAST,MULTICAST> mtu 1462 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
16: erspan0@NONE: <BROADCAST,MULTICAST> mtu 1450 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
24: br-guest_turris: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether 06:f0:21:23:28:cf brd ff:ff:ff:ff:ff:ff
25: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether d8:58:d7:00:1d:a6 brd ff:ff:ff:ff:ff:ff
26: eth2.10@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether d8:58:d7:00:1d:a7 brd ff:ff:ff:ff:ff:ff
27: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP mode DEFAULT group default qlen 1000
    link/ether 04:f0:21:24:27:60 brd ff:ff:ff:ff:ff:ff
28: wlan1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP mode DEFAULT group default qlen 1000
    link/ether 04:f0:21:23:28:cf brd ff:ff:ff:ff:ff:ff
29: guest_turris_1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-guest_turris state UP mode DEFAULT group default qlen 1000
    link/ether 06:f0:21:23:28:cf brd ff:ff:ff:ff:ff:ff

Ondrej_Caletka · November 17, 2021, 9:17am

Please post output of ifstatus wan6in4. It should contain a clue why the configuration does not work. I don’t see any problem in it.

hyper_ch · November 17, 2021, 9:30am

ifstatus wan6in4
{
        "up": false,
        "pending": false,
        "available": true,
        "autostart": false,
        "dynamic": false,
        "proto": "6in4",
        "data": {

        },
        "errors": [
                {
                        "subsystem": "6in4",
                        "code": "MISSING_ADDRESS"
                }
        ]
}

Ondrej_Caletka · November 17, 2021, 9:41am

Hmm, according to the source code of /lib/netifd/proto/6in4.sh, this error means that the variable peeraddr is empty. Which is not, in your example. So check for typing errors. Maybe try to delete the config section and retype it again.

        [ -z "$peeraddr" ] && {
                proto_notify_error "$cfg" "MISSING_ADDRESS"
                proto_block_restart "$cfg"
                return
        }

Ondrej_Caletka · November 17, 2021, 9:48am

See it! opton instead of option!

hyper_ch · November 17, 2021, 11:06am

D’oh… damn it, thanks for the help. Now it works:

root@turris:~# ping6 hetzner.de
PING hetzner.de(2a01:4f8:0:5176::3) 56 data bytes
64 bytes from 2a01:4f8:0:5176::3: icmp_seq=1 ttl=56 time=22.5 ms
64 bytes from 2a01:4f8:0:5176::3: icmp_seq=2 ttl=56 time=22.1 ms

root@turris:~# ping hetzner.de
PING hetzner.de (88.198.255.177) 56(84) bytes of data.
64 bytes from static.88.198.255.177.clients.your-server.de (88.198.255.177): icmp_req=1 ttl=55 time=16.4 ms
64 bytes from static.88.198.255.177.clients.your-server.de (88.198.255.177): icmp_req=2 ttl=55 time=16.3 ms

system · November 20, 2021, 11:07am

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.