IPv6 setup Hurricane Electric Tunnel Broker

From DD-WRT Wiki

(Difference between revisions)
Jump to: navigation, search
Revision as of 23:45, 3 January 2011 (edit)
Ac1115 (Talk | contribs)
m (About)
← Previous diff		 Revision as of 07:26, 22 February 2011 (edit) (undo)
Mofunzone (Talk | contribs)
(Script)
Next diff →
Line 16: Line 16:
You should have an account and tunnel created on the website. This post will not cover that. Install steps are below the script. This script will only work with /64 tunnels/addresses. Don't use it if you're using /48 You should have an account and tunnel created on the website. This post will not cover that. Install steps are below the script. This script will only work with /64 tunnels/addresses. Don't use it if you're using /48
-==Script==+###############################################################################
 +# v1.1 Jan 23, 2011 DAVE_SPAM VERSION (original by ac1115)
 +# HURRICANE ELECTRIC IPv6 TUNNEL SCRIPT
 +#******************************************************************************
 +# USE THE LATEST VERSION OF DD-WRT, ie 15962
 +# see: ftp://dd-wrt.com/others/eko/BrainSlayer-V24-preSP2/12-24-10-r15962/
 +# tested with DD-WRT 15962 voip version on WRT610nv2 with PPPoE WAN connection
 +#
 +#
 +#
 +#******************************************************************************
 +#Settings start here
 +#******************************************************************************
- #v1.0 Jan 1, 2011 +#### basic connection settings FROM http://www.tunnelbroker.net/tunnel_detail.php?tunnelid=NNNNNN
- #***************************+SERVER_IP4_ADDR="enter ip here"
- #Settings start here+CLIENT_IPV6_ADDR="enter ip here"
- #***************************+ROUTED_64_ADDR="enter ip here"
- + 
- #basic connection settings+#### account info to auto update endpoint FROM http://www.tunnelbroker.net/main.php
- SERVER_IP4_ADDR="enter ip here"+USERID="enter the long hex code - NOT text username"
- CLIENT_IPV6_ADDR="enter ip here"+PASSWD="plain text password"
- ROUTED_64_ADDR="enter ip here"+TUNNELID="your numeric GLOBAL tunnel id"
- +
- #account info to auto update endpoint+
- USERID="enter the long hex code - NOT text username"+
- PASSWD="plain text password"+
- TUNNELID="your numeric GLOBAL tunnel id"+
- #####Optional/Advanced Settings######+#####Optional/Advanced Settings######
- #logging settings (set to /dev/null for no logging)+#logging settings (set to /dev/null for no logging)
- STARTUP_SCRIPT_LOG_FILE="/tmp/ipv6.log"+STARTUP_SCRIPT_LOG_FILE="/tmp/ipv6.log"
- CRON_STATUS_LOG_FILE="/tmp/lastHEUpdate.log"+CRON_STATUS_LOG_FILE="/tmp/ipv6_lastHEUpdate.log"
- + 
- #Generated files paths+#Generated files paths
- CRON_JOB_FILE="/tmp/report.sh"+CRON_JOB_FILE="/tmp/ipv6_reload.sh"
- RADVD_CONFIG="/tmp/radvd.conf"+SCRIPT_FILE="/tmp/ipv6_run.sh"
- +RADVD_CONFIG="/tmp/radvd.conf"
- #***************************+ 
- #Settings end here+#******************************************************************************
- #***************************+#Settings end here
- +#******************************************************************************
- echo "HE IPv6 Script started" >> $STARTUP_SCRIPT_LOG_FILE+ 
- +echo "HE IPv6 Script started" > $STARTUP_SCRIPT_LOG_FILE
- insmod ipv6+date >> $STARTUP_SCRIPT_LOG_FILE
- sleep 10+ 
- +insmod ipv6
- #get a hash of the plaintext password+#maybe needs to be incresed for slow boxes.
- MD5PASSWD=`echo -n $PASSWD | md5sum | sed -e 's/ -//g'`+sleep 1.5
- echo "" >> $STARTUP_SCRIPT_LOG_FILE+ 
- +#get a hash of the plaintext password
- #cut out the "/64" if user typed it in+MD5PASSWD=`echo -n $PASSWD | md5sum | sed -e 's/ -//g'`
- ROUTED_64_ADDR=`echo $ROUTED_64_ADDR|cut -f1 -d/`+echo "" >> $STARTUP_SCRIPT_LOG_FILE
- SERVER_IP4_ADDR=`echo $SERVER_IP4_ADDR|cut -f1 -d/`+ 
- CLIENT_IPV6_ADDR=`echo $CLIENT_IPV6_ADDR|cut -f1 -d/`+#cut out the "/64" if user typed it in
- echo "User added addresses cleaned/checked" >> $STARTUP_SCRIPT_LOG_FILE+ROUTED_64_ADDR=`echo $ROUTED_64_ADDR|cut -f1 -d/`
- +SERVER_IP4_ADDR=`echo $SERVER_IP4_ADDR|cut -f1 -d/`
- #update HE endpoint+CLIENT_IPV6_ADDR=`echo $CLIENT_IPV6_ADDR|cut -f1 -d/`
- echo -e wget -q "\042http://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=AUTO&pass=$MD5PASSWD&user_id=$USERID&tunnel_id=$TUNNELID\042" -O $CRON_STATUS_LOG_FILE >$CRON_JOB_FILE+echo "User added addresses cleaned/checked" >> $STARTUP_SCRIPT_LOG_FILE
- chmod +x $CRON_JOB_FILE+ 
- echo "Cron script created, sending endpoint update request to HE" >> $STARTUP_SCRIPT_LOG_FILE+#do HE update
- wget -q "http://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=AUTO&pass=$MD5PASSWD&user_id=$USERID&tunnel_id=$TUNNELID" -O $STARTUP_SCRIPT_LOG_FILE+echo "Do HE Update" >> $STARTUP_SCRIPT_LOG_FILE
- +wget -q "http://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=AUTO&pass=$MD5PASSWD&user_id=$USERID&tunnel_id=$TUNNELID" -O - >> $STARTUP_SCRIPT_LOG_FILE
- #get wan ip for our own use+ 
- WANIP=`wget http://whatismyip.com/automation/n09230945.asp -O - 2>/dev/null`+#get wan ip for our own use from internal variable
- echo "External IP detected as:" $WANIP >> $STARTUP_SCRIPT_LOG_FILE+WANIP=$(nvram get wan_ipaddr);
- if [ -n $WANIP ]+echo " External IP detected as:" $WANIP >> $STARTUP_SCRIPT_LOG_FILE
- then+echo " External IP detected as:" $WANIP
- echo "configuring tunnel" >> $STARTUP_SCRIPT_LOG_FILE+ 
- +if [ -n $WANIP ]
- # The following commands are straight from HE's website+then
- modprobe ipv6+echo "configuring tunnel" >> $STARTUP_SCRIPT_LOG_FILE
- ip tunnel add he-ipv6 mode sit remote $SERVER_IP4_ADDR local $WANIP ttl 255+echo "configuring tunnel"
- ip link set he-ipv6 up+ 
- ip addr add $CLIENT_IPV6_ADDR/64 dev he-ipv6+### create/update tunnel code
- ip route add ::/0 dev he-ipv6+#fixes ioctl: No buffer space available ERROR
- ip -f inet6 addr+ip tunnel del he-ipv6
- TEMP_ADDR=`echo $ROUTED_64_ADDR'1'`+# The following commands are from HE's website
- +ip tunnel add he-ipv6 mode sit remote $SERVER_IP4_ADDR local $WANIP ttl 255
- # These commands aren't on HE's website, but they're necessary for the tunnel to work+ip link set he-ipv6 up
- ip -6 addr add $TEMP_ADDR/64 dev br0+ip addr add $CLIENT_IPV6_ADDR/64 dev he-ipv6
- ip route add 2000::/3 dev he-ipv6+ip route add ::/0 dev he-ipv6
- +ip -f inet6 addr
- #Enable IPv6 forwarding+TEMP_ADDR=`echo $ROUTED_64_ADDR'1'`
- echo 1 > /proc/sys/net/ipv6/conf/all/forwarding+# These commands aren't on HE's website, but they're necessary for the tunnel to work
- +ip -6 addr add $TEMP_ADDR/64 dev br0
- # make sure to accept proto-41+ip route add 2000::/3 dev he-ipv6
- iptables -I INPUT 2 -p ipv6 -i vlan1 -j ACCEPT+ 
- +#Enable IPv6 forwarding
- #make sure to not NAT proto-41+echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
- iptables -t nat -A POSTROUTING --proto ! 41 -o eth0 -j MASQUERADE+ 
- echo "creating radvd conf" >> $STARTUP_SCRIPT_LOG_FILE+# make sure to accept proto-41
- +iptables -I INPUT 2 -p ipv6 -i vlan1 -j ACCEPT
- #creating radvd.conf+ 
- echo "#generated by startup script" > $RADVD_CONFIG+#make sure to not NAT proto-41
- echo "interface br0 {" >> $RADVD_CONFIG+iptables -t nat -A POSTROUTING --proto ! 41 -o eth0 -j MASQUERADE
- echo "AdvSendAdvert on;" >> $RADVD_CONFIG+echo "creating radvd conf" >> $STARTUP_SCRIPT_LOG_FILE
- echo "prefix "$ROUTED_64_ADDR"/64 {" >> $RADVD_CONFIG+ 
- echo "AdvOnLink on;" >> $RADVD_CONFIG+#creating radvd.conf
- echo "AdvAutonomous on;" >> $RADVD_CONFIG+echo "#generated by startup script" > $RADVD_CONFIG
- echo "AdvRouterAddr on;" >> $RADVD_CONFIG+echo "interface br0 {" >> $RADVD_CONFIG
- echo "};" >> $RADVD_CONFIG+echo "AdvSendAdvert on;" >> $RADVD_CONFIG
- echo "};" >> $RADVD_CONFIG+echo "prefix "$ROUTED_64_ADDR"/64 {" >> $RADVD_CONFIG
- +echo "AdvOnLink on;" >> $RADVD_CONFIG
- echo "starting radvd" >> $STARTUP_SCRIPT_LOG_FILE+echo "AdvAutonomous on;" >> $RADVD_CONFIG
- radvd -C $RADVD_CONFIG &+echo "AdvRouterAddr on;" >> $RADVD_CONFIG
- fi+echo "};" >> $RADVD_CONFIG
 +echo "};" >> $RADVD_CONFIG
 + 
 +#kill old versions of radvd
 +echo "killing any old versions of radvd" >> $STARTUP_SCRIPT_LOG_FILE
 +kill -s 9 $(cat /var/run/radvd.pid)
 +sleep 1
 + 
 +echo "starting radvd" >> $STARTUP_SCRIPT_LOG_FILE
 +radvd -C $RADVD_CONFIG &
 + 
 + 
 +#create cron script to run this all later
 +# take this file from memory and put it into shell script file, so cron job can run it.
 +echo "nvram get rc_startup > $SCRIPT_FILE" >$CRON_JOB_FILE
 +echo "chmod +x $SCRIPT_FILE" >>$CRON_JOB_FILE
 +echo "$SCRIPT_FILE" >> $CRON_JOB_FILE
 +chmod +x $CRON_JOB_FILE
 +echo "Cron script created" >> $STARTUP_SCRIPT_LOG_FILE
 + 
 + 
 +echo "HE IPv6 Script finished" >> $STARTUP_SCRIPT_LOG_FILE
 +fi
==Install Steps== ==Install Steps==

Revision as of 07:26, 22 February 2011

About

This will...
Set up HE's tunnel broker service.
Automatically finds your wan ip at boot using whatismyip.com
Automatically updates HE's endpoint on boot
Generates a radvd.conf on boot, and applies it automatically
Generates a executable file that can be used with cron to keep HE's endpoint up-to-date if you have a dynamic IP


My setup for reference.
Optimum Online Cable ISP
WRT610Nv2
v24-sp2 (Aug 12, 2010)
build 14929

You should have an account and tunnel created on the website. This post will not cover that. Install steps are below the script. This script will only work with /64 tunnels/addresses. Don't use it if you're using /48

  2. v1.1 Jan 23, 2011 DAVE_SPAM VERSION (original by ac1115)
  3. HURRICANE ELECTRIC IPv6 TUNNEL SCRIPT
  4. USE THE LATEST VERSION OF DD-WRT, ie 15962
  5. see: ftp://dd-wrt.com/others/eko/BrainSlayer-V24-preSP2/12-24-10-r15962/
  6. tested with DD-WRT 15962 voip version on WRT610nv2 with PPPoE WAN connection
  10. Settings start here
        1. basic connection settings FROM http://www.tunnelbroker.net/tunnel_detail.php?tunnelid=NNNNNN

SERVER_IP4_ADDR="enter ip here" CLIENT_IPV6_ADDR="enter ip here" ROUTED_64_ADDR="enter ip here"

        1. account info to auto update endpoint FROM http://www.tunnelbroker.net/main.php

USERID="enter the long hex code - NOT text username" PASSWD="plain text password" TUNNELID="your numeric GLOBAL tunnel id"

          1. Optional/Advanced Settings######
  2. logging settings (set to /dev/null for no logging)

STARTUP_SCRIPT_LOG_FILE="/tmp/ipv6.log" CRON_STATUS_LOG_FILE="/tmp/ipv6_lastHEUpdate.log"

  1. Generated files paths

CRON_JOB_FILE="/tmp/ipv6_reload.sh" SCRIPT_FILE="/tmp/ipv6_run.sh" RADVD_CONFIG="/tmp/radvd.conf"

  2. Settings end here

echo "HE IPv6 Script started" > $STARTUP_SCRIPT_LOG_FILE date >> $STARTUP_SCRIPT_LOG_FILE

insmod ipv6

  1. maybe needs to be incresed for slow boxes.

sleep 1.5

  1. get a hash of the plaintext password

MD5PASSWD=`echo -n $PASSWD | md5sum | sed -e 's/ -//g'` echo "" >> $STARTUP_SCRIPT_LOG_FILE

  1. cut out the "/64" if user typed it in

ROUTED_64_ADDR=`echo $ROUTED_64_ADDR|cut -f1 -d/` SERVER_IP4_ADDR=`echo $SERVER_IP4_ADDR|cut -f1 -d/` CLIENT_IPV6_ADDR=`echo $CLIENT_IPV6_ADDR|cut -f1 -d/` echo "User added addresses cleaned/checked" >> $STARTUP_SCRIPT_LOG_FILE

  1. do HE update

echo "Do HE Update" >> $STARTUP_SCRIPT_LOG_FILE wget -q "http://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=AUTO&pass=$MD5PASSWD&user_id=$USERID&tunnel_id=$TUNNELID" -O - >> $STARTUP_SCRIPT_LOG_FILE

  1. get wan ip for our own use from internal variable

WANIP=$(nvram get wan_ipaddr); echo " External IP detected as:" $WANIP >> $STARTUP_SCRIPT_LOG_FILE echo " External IP detected as:" $WANIP

if [ -n $WANIP ] then echo "configuring tunnel" >> $STARTUP_SCRIPT_LOG_FILE echo "configuring tunnel"

      1. create/update tunnel code
  2. fixes ioctl: No buffer space available ERROR

ip tunnel del he-ipv6

  1. The following commands are from HE's website

ip tunnel add he-ipv6 mode sit remote $SERVER_IP4_ADDR local $WANIP ttl 255 ip link set he-ipv6 up ip addr add $CLIENT_IPV6_ADDR/64 dev he-ipv6 ip route add ::/0 dev he-ipv6 ip -f inet6 addr TEMP_ADDR=`echo $ROUTED_64_ADDR'1'`

  1. These commands aren't on HE's website, but they're necessary for the tunnel to work

ip -6 addr add $TEMP_ADDR/64 dev br0 ip route add 2000::/3 dev he-ipv6

  1. Enable IPv6 forwarding

echo 1 > /proc/sys/net/ipv6/conf/all/forwarding

  1. make sure to accept proto-41

iptables -I INPUT 2 -p ipv6 -i vlan1 -j ACCEPT

  1. make sure to not NAT proto-41

iptables -t nat -A POSTROUTING --proto ! 41 -o eth0 -j MASQUERADE echo "creating radvd conf" >> $STARTUP_SCRIPT_LOG_FILE

  1. creating radvd.conf

echo "#generated by startup script" > $RADVD_CONFIG echo "interface br0 {" >> $RADVD_CONFIG echo "AdvSendAdvert on;" >> $RADVD_CONFIG echo "prefix "$ROUTED_64_ADDR"/64 {" >> $RADVD_CONFIG echo "AdvOnLink on;" >> $RADVD_CONFIG echo "AdvAutonomous on;" >> $RADVD_CONFIG echo "AdvRouterAddr on;" >> $RADVD_CONFIG echo "};" >> $RADVD_CONFIG echo "};" >> $RADVD_CONFIG

  1. kill old versions of radvd

echo "killing any old versions of radvd" >> $STARTUP_SCRIPT_LOG_FILE kill -s 9 $(cat /var/run/radvd.pid) sleep 1

echo "starting radvd" >> $STARTUP_SCRIPT_LOG_FILE radvd -C $RADVD_CONFIG &


  1. create cron script to run this all later
  2. take this file from memory and put it into shell script file, so cron job can run it.

echo "nvram get rc_startup > $SCRIPT_FILE" >$CRON_JOB_FILE echo "chmod +x $SCRIPT_FILE" >>$CRON_JOB_FILE echo "$SCRIPT_FILE" >> $CRON_JOB_FILE chmod +x $CRON_JOB_FILE echo "Cron script created" >> $STARTUP_SCRIPT_LOG_FILE


echo "HE IPv6 Script finished" >> $STARTUP_SCRIPT_LOG_FILE fi

Install Steps

Installation steps:

  • Change the settings in the beginning of the above script to your settings.
  • Copy personalized script into Administration > Commands. Save as startup script
  • Go into Administration > Management
  • enable IPv6 and radvd. Leave the config box empty
  • (Optional) enable cron and enter this into "Additional Cron Jobs"

Code: 

* 4 * * * root /tmp/report.sh

The above line will auto update the endpoint daily at 4am. Change to personal taste

  • Apply settings, wait for reboot


See Also

Test the setup with e.g.:
http://ipv6.google.com
http://aaaa.test-ipv6.com/

Forum link:
http://www.dd-wrt.com/phpBB2/viewtopic.php?t=81060

Example of Basic Connection settings syntax 

SERVER_IP4_ADDR="0.0.0.0"
CLIENT_IPV6_ADDR="0000:000:0000:000::0"
ROUTED_64_ADDR="0000:000:0000:000::0"
Retrieved from "http://wiki.dd-wrt.com/wiki/index.php/IPv6_setup_Hurricane_Electric_Tunnel_Broker"