IPv6 setup Hurricane Electric Tunnel Broker

From DD-WRT Wiki

(Difference between revisions)
Jump to: navigation, search
Revision as of 07:34, 22 February 2011 (edit)
Markus (Talk | contribs)
m (Reverted edits by Mofunzone (Talk); changed back to last version by Ac1115)
← Previous diff
Revision as of 00:42, 17 June 2011 (edit) (undo)
Ac1115 (Talk | contribs)
(Script - changed to latest version of script)
Next diff →
Line 17: Line 17:
==Script== ==Script==
- + <nowiki>
- #v1.0 Jan 1, 2011 +#v1.1 June 16, 2011
- #***************************+#***************************
- #Settings start here+#Settings start here
- #***************************+#***************************
- #basic connection settings+#basic connection settings
- SERVER_IP4_ADDR="enter ip here"+SERVER_IP4_ADDR="enter ip here"
- CLIENT_IPV6_ADDR="enter ip here"+CLIENT_IPV6_ADDR="enter ip here"
- ROUTED_64_ADDR="enter ip here"+ROUTED_64_ADDR="enter ip here"
- #account info to auto update endpoint+#account info to auto update endpoint
- USERID="enter the long hex code - NOT text username"+USERID="enter the long hex code - NOT text username"
- PASSWD="plain text password"+PASSWD="plain text password"
- TUNNELID="your numeric GLOBAL tunnel id"+TUNNELID="your numeric tunnel id"
- #####Optional/Advanced Settings######+#####Optional/Advanced Settings######
- #logging settings (set to /dev/null for no logging)+
- STARTUP_SCRIPT_LOG_FILE="/tmp/ipv6.log"+
- CRON_STATUS_LOG_FILE="/tmp/lastHEUpdate.log"+
- #Generated files paths+#WAN IP Source settings
- CRON_JOB_FILE="/tmp/report.sh"+#Set below to 1 to use internal NVRAM wan address instead of fetching it from a site
- RADVD_CONFIG="/tmp/radvd.conf"+USE_NVRAM_WAN_ADDR_INSTEAD=0
 +WAN_IP_SOURCE_ADDR="http://automation.whatismyip.com/n09230945.asp"
- #***************************+#logging settings (set to /dev/null for no logging)
- #Settings end here+STARTUP_SCRIPT_LOG_FILE="/tmp/ipv6.log"
- #***************************+CRON_STATUS_LOG_FILE="/tmp/lastHEUpdate.log"
- echo "HE IPv6 Script started" >> $STARTUP_SCRIPT_LOG_FILE+#Generated files paths
 +CRON_JOB_FILE="/tmp/report.sh"
 +RADVD_CONFIG="/tmp/radvd.conf"
- insmod ipv6+#***************************
- sleep 10+#Settings end here
 +#***************************
- #get a hash of the plaintext password+echo "HE IPv6 Script started" >> $STARTUP_SCRIPT_LOG_FILE
- MD5PASSWD=`echo -n $PASSWD | md5sum | sed -e 's/ -//g'`+
- echo "" >> $STARTUP_SCRIPT_LOG_FILE+
- #cut out the "/64" if user typed it in+insmod ipv6
- ROUTED_64_ADDR=`echo $ROUTED_64_ADDR|cut -f1 -d/`+sleep 10
- SERVER_IP4_ADDR=`echo $SERVER_IP4_ADDR|cut -f1 -d/`+
- CLIENT_IPV6_ADDR=`echo $CLIENT_IPV6_ADDR|cut -f1 -d/`+
- echo "User added addresses cleaned/checked" >> $STARTUP_SCRIPT_LOG_FILE+
- #update HE endpoint+#get a hash of the plaintext password
- echo -e wget -q "\042http://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=AUTO&pass=$MD5PASSWD&user_id=$USERID&tunnel_id=$TUNNELID\042" -O $CRON_STATUS_LOG_FILE >$CRON_JOB_FILE+MD5PASSWD=`echo -n $PASSWD | md5sum | sed -e 's/ -//g'`
- chmod +x $CRON_JOB_FILE+echo "" >> $STARTUP_SCRIPT_LOG_FILE
- echo "Cron script created, sending endpoint update request to HE" >> $STARTUP_SCRIPT_LOG_FILE+
- wget -q "http://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=AUTO&pass=$MD5PASSWD&user_id=$USERID&tunnel_id=$TUNNELID" -O $STARTUP_SCRIPT_LOG_FILE+
- #get wan ip for our own use+#cut out the "/64" if user typed it in
- WANIP=`wget http://whatismyip.com/automation/n09230945.asp -O - 2>/dev/null`+ROUTED_64_ADDR=`echo $ROUTED_64_ADDR|cut -f1 -d/`
- echo "External IP detected as:" $WANIP >> $STARTUP_SCRIPT_LOG_FILE+SERVER_IP4_ADDR=`echo $SERVER_IP4_ADDR|cut -f1 -d/`
- if [ -n $WANIP ]+CLIENT_IPV6_ADDR=`echo $CLIENT_IPV6_ADDR|cut -f1 -d/`
- then+echo "User added addresses cleaned/checked" >> $STARTUP_SCRIPT_LOG_FILE
- echo "configuring tunnel" >> $STARTUP_SCRIPT_LOG_FILE+
- # The following commands are straight from HE's website+#update HE endpoint
- modprobe ipv6+echo -e wget -q "\042http://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=AUTO&pass=$MD5PASSWD&user_id=$USERID&tunnel_id=$TUNNELID\042" -O $CRON_STATUS_LOG_FILE >$CRON_JOB_FILE
- ip tunnel add he-ipv6 mode sit remote $SERVER_IP4_ADDR local $WANIP ttl 255+chmod +x $CRON_JOB_FILE
- ip link set he-ipv6 up+echo "Cron script created, sending endpoint update request to HE" >> $STARTUP_SCRIPT_LOG_FILE
- ip addr add $CLIENT_IPV6_ADDR/64 dev he-ipv6+wget -q "http://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=AUTO&pass=$MD5PASSWD&user_id=$USERID&tunnel_id=$TUNNELID" -O $STARTUP_SCRIPT_LOG_FILE
- ip route add ::/0 dev he-ipv6+
- ip -f inet6 addr+
- TEMP_ADDR=`echo $ROUTED_64_ADDR'1'`+
- # These commands aren't on HE's website, but they're necessary for the tunnel to work+#get wan ip for our own use
- ip -6 addr add $TEMP_ADDR/64 dev br0+if [ $USE_NVRAM_WAN_ADDR_INSTEAD -eq 1 ]
- ip route add 2000::/3 dev he-ipv6+then
 + echo "Fetching WAN IP from NVRAM" >> $STARTUP_SCRIPT_LOG_FILE
 + WANIP=$(nvram get wan_ipaddr);
 +else
 + echo "Fetching WAN IP from External Site: " $WAN_IP_SOURCE_ADDR >> $STARTUP_SCRIPT_LOG_FILE
 + WANIP=`wget $WAN_IP_SOURCE_ADDR -O - 2>/dev/null`
 +fi
- #Enable IPv6 forwarding+echo "External IP detected as:" $WANIP >> $STARTUP_SCRIPT_LOG_FILE
- echo 1 > /proc/sys/net/ipv6/conf/all/forwarding+if [ -n $WANIP ]
 +then
 +echo "configuring tunnel" >> $STARTUP_SCRIPT_LOG_FILE
- # make sure to accept proto-41+# The following commands are straight from HE's website
- iptables -I INPUT 2 -p ipv6 -i vlan1 -j ACCEPT+modprobe ipv6
 +ip tunnel add he-ipv6 mode sit remote $SERVER_IP4_ADDR local $WANIP ttl 255
 +ip link set he-ipv6 up
 +ip addr add $CLIENT_IPV6_ADDR/64 dev he-ipv6
 +ip route add ::/0 dev he-ipv6
 +ip -f inet6 addr
 +TEMP_ADDR=`echo $ROUTED_64_ADDR'1'`
- #make sure to not NAT proto-41+# These commands aren't on HE's website, but they're necessary for the tunnel to work
- iptables -t nat -A POSTROUTING --proto ! 41 -o eth0 -j MASQUERADE+ip -6 addr add $TEMP_ADDR/64 dev br0
- echo "creating radvd conf" >> $STARTUP_SCRIPT_LOG_FILE+ip route add 2000::/3 dev he-ipv6
- #creating radvd.conf+#Enable IPv6 forwarding
- echo "#generated by startup script" > $RADVD_CONFIG+echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
- echo "interface br0 {" >> $RADVD_CONFIG+
- echo "AdvSendAdvert on;" >> $RADVD_CONFIG+
- echo "prefix "$ROUTED_64_ADDR"/64 {" >> $RADVD_CONFIG+
- echo "AdvOnLink on;" >> $RADVD_CONFIG+
- echo "AdvAutonomous on;" >> $RADVD_CONFIG+
- echo "AdvRouterAddr on;" >> $RADVD_CONFIG+
- echo "};" >> $RADVD_CONFIG+
- echo "};" >> $RADVD_CONFIG+
- echo "starting radvd" >> $STARTUP_SCRIPT_LOG_FILE+# make sure to accept proto-41
- radvd -C $RADVD_CONFIG &+iptables -I INPUT 2 -p ipv6 -i vlan1 -j ACCEPT
- fi+
 +#make sure to not NAT proto-41
 +iptables -t nat -A POSTROUTING --proto ! 41 -o eth0 -j MASQUERADE
 +echo "creating radvd conf" >> $STARTUP_SCRIPT_LOG_FILE
 +
 +#creating radvd.conf
 +echo "#generated by startup script" > $RADVD_CONFIG
 +echo "interface br0 {" >> $RADVD_CONFIG
 +echo "AdvSendAdvert on;" >> $RADVD_CONFIG
 +echo "prefix "$ROUTED_64_ADDR"/64 {" >> $RADVD_CONFIG
 +echo "AdvOnLink on;" >> $RADVD_CONFIG
 +echo "AdvAutonomous on;" >> $RADVD_CONFIG
 +echo "AdvRouterAddr on;" >> $RADVD_CONFIG
 +echo "};" >> $RADVD_CONFIG
 +echo "};" >> $RADVD_CONFIG
 +
 +echo "starting radvd" >> $STARTUP_SCRIPT_LOG_FILE
 +radvd -C $RADVD_CONFIG &
 +fi
 +</nowiki>
==Install Steps== ==Install Steps==

Revision as of 00:42, 17 June 2011

Contents

About

This will...
Set up HE's tunnel broker service.
Automatically finds your wan ip at boot using whatismyip.com
Automatically updates HE's endpoint on boot
Generates a radvd.conf on boot, and applies it automatically
Generates a executable file that can be used with cron to keep HE's endpoint up-to-date if you have a dynamic IP


My setup for reference.
Optimum Online Cable ISP
WRT610Nv2
v24-sp2 (Aug 12, 2010)
build 14929

You should have an account and tunnel created on the website. This post will not cover that. Install steps are below the script. This script will only work with /64 tunnels/addresses. Don't use it if you're using /48

Script

#v1.1 June 16, 2011 
#***************************
#Settings start here
#***************************
 
#basic connection settings
SERVER_IP4_ADDR="enter ip here"
CLIENT_IPV6_ADDR="enter ip here"
ROUTED_64_ADDR="enter ip here"
 
#account info to auto update endpoint
USERID="enter the long hex code - NOT text username"
PASSWD="plain text password"
TUNNELID="your numeric tunnel id"
  
#####Optional/Advanced Settings######
 
#WAN IP Source settings
#Set below to 1 to use  internal NVRAM wan address instead of fetching it from a site
USE_NVRAM_WAN_ADDR_INSTEAD=0
WAN_IP_SOURCE_ADDR="http://automation.whatismyip.com/n09230945.asp"
 
#logging settings (set to /dev/null for no logging)
STARTUP_SCRIPT_LOG_FILE="/tmp/ipv6.log"
CRON_STATUS_LOG_FILE="/tmp/lastHEUpdate.log"
 
#Generated files paths
CRON_JOB_FILE="/tmp/report.sh"
RADVD_CONFIG="/tmp/radvd.conf"
 
#***************************
#Settings end here
#***************************
 
echo "HE IPv6 Script started" >> $STARTUP_SCRIPT_LOG_FILE
 
insmod ipv6
sleep 10
 
#get a hash of the plaintext password
MD5PASSWD=`echo -n $PASSWD | md5sum | sed -e 's/  -//g'`
echo "" >> $STARTUP_SCRIPT_LOG_FILE
 
#cut out the "/64" if user typed it in
ROUTED_64_ADDR=`echo $ROUTED_64_ADDR|cut -f1 -d/`
SERVER_IP4_ADDR=`echo $SERVER_IP4_ADDR|cut -f1 -d/`
CLIENT_IPV6_ADDR=`echo $CLIENT_IPV6_ADDR|cut -f1 -d/`
echo "User added addresses cleaned/checked" >> $STARTUP_SCRIPT_LOG_FILE
 
#update HE endpoint
echo -e wget -q "\042http://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=AUTO&pass=$MD5PASSWD&user_id=$USERID&tunnel_id=$TUNNELID\042" -O $CRON_STATUS_LOG_FILE  >$CRON_JOB_FILE
chmod +x $CRON_JOB_FILE
echo "Cron script created, sending endpoint update request to HE" >> $STARTUP_SCRIPT_LOG_FILE
wget -q "http://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=AUTO&pass=$MD5PASSWD&user_id=$USERID&tunnel_id=$TUNNELID" -O $STARTUP_SCRIPT_LOG_FILE
 
#get wan ip for our own use
if [ $USE_NVRAM_WAN_ADDR_INSTEAD -eq 1 ]
then
  echo "Fetching WAN IP from NVRAM" >> $STARTUP_SCRIPT_LOG_FILE
  WANIP=$(nvram get wan_ipaddr); 
else
  echo "Fetching WAN IP from External Site: " $WAN_IP_SOURCE_ADDR >> $STARTUP_SCRIPT_LOG_FILE
  WANIP=`wget $WAN_IP_SOURCE_ADDR -O - 2>/dev/null`
fi
 
echo "External IP detected as:" $WANIP >> $STARTUP_SCRIPT_LOG_FILE
if [ -n $WANIP ]
then
echo "configuring tunnel" >> $STARTUP_SCRIPT_LOG_FILE
 
# The following commands are straight from HE's website
modprobe ipv6
ip tunnel add he-ipv6 mode sit remote $SERVER_IP4_ADDR local $WANIP ttl 255
ip link set he-ipv6 up
ip addr add $CLIENT_IPV6_ADDR/64 dev he-ipv6
ip route add ::/0 dev he-ipv6
ip -f inet6 addr
TEMP_ADDR=`echo $ROUTED_64_ADDR'1'`
 
# These commands aren't on HE's website, but they're necessary for the tunnel to work
ip -6 addr add $TEMP_ADDR/64 dev br0
ip route add 2000::/3 dev he-ipv6
 
#Enable IPv6 forwarding
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
 
# make sure to accept proto-41
iptables -I INPUT 2 -p ipv6 -i vlan1 -j ACCEPT
 
#make sure to not NAT proto-41
iptables -t nat -A POSTROUTING --proto ! 41 -o eth0 -j MASQUERADE
echo "creating radvd conf" >> $STARTUP_SCRIPT_LOG_FILE
 
#creating radvd.conf
echo "#generated by startup script" > $RADVD_CONFIG
echo "interface br0 {" >> $RADVD_CONFIG
echo "AdvSendAdvert on;" >> $RADVD_CONFIG
echo "prefix "$ROUTED_64_ADDR"/64 {" >> $RADVD_CONFIG
echo "AdvOnLink on;" >> $RADVD_CONFIG
echo "AdvAutonomous on;" >> $RADVD_CONFIG
echo "AdvRouterAddr on;" >> $RADVD_CONFIG
echo "};" >> $RADVD_CONFIG
echo "};" >> $RADVD_CONFIG
 
echo "starting radvd" >> $STARTUP_SCRIPT_LOG_FILE
radvd -C $RADVD_CONFIG &
fi

Install Steps

Installation steps:

  • Change the settings in the beginning of the above script to your settings.
  • Copy personalized script into Administration > Commands. Save as startup script
  • Go into Administration > Management
  • enable IPv6 and radvd. Leave the config box empty
  • (Optional) enable cron and enter this into "Additional Cron Jobs"

Code:

* 4 * * * root /tmp/report.sh

The above line will auto update the endpoint daily at 4am. Change to personal taste

  • Apply settings, wait for reboot


See Also

Test the setup with e.g.:
http://ipv6.google.com
http://aaaa.test-ipv6.com/

Forum link:
http://www.dd-wrt.com/phpBB2/viewtopic.php?t=81060

Example of Basic Connection settings syntax

SERVER_IP4_ADDR="0.0.0.0"
CLIENT_IPV6_ADDR="0000:000:0000:000::0"
ROUTED_64_ADDR="0000:000:0000:000::0"