Just getting into the world of IPV6. I don’t have any native connectivity so I’m evaluating the 6in4 tunnel facilities provided by Hurricane Electric in the US and Sixxs in Europe.
I needed quick solution to get IPV6 access up and running at a remote location. I’d got myself tunnel connectivity and a routed /64 network from HE, but no Cisco router. My final solution, after some trial and error used a spare PC with NetBSD installed to provide the routing and firewalling. The idea of routing all the traffic over one LAN interface was taken from the Router-On-A-STick concept for inter-vlan routing I learned whilst studying my CCNA.
Tunnel connectivity is routed over a 6in4 tunnel to HE. The existing Linksys router, a WRT54GS2 was blocking IP protocol 41, which is the 6in4 tunnel traffic. This was re-flashed with DD-WRT firmware to allow protocol 41 to pass (this turned out to be well worth the effort as it makes the WRT extremely configurable) .
I configured the tunnel link as per the instructions on the Tunnel Broker page, using NetBSD’s gif interface The only adjustment was using my LAN ipv4 address (behind NAT) instead of my public ipv4. On the IPV6 LAN side, I assigned the routed /64 assigned by the Tunnel Broker and configured this interface for router advertisements – this allows the IPV6 hosts on the lan to discover the router and assign themselves an address using EUI-64.
Most important: The IPV6 LAN has public routed addresses – not firewalled NAT RFC1918 addresses that the IPV4 side has. This meant configuring a firewall on the NetBSD router where gif0 is the external interface and vr0 is the internal interface. I used the PF firewall, part of the base NetBSD system, for this.
So far this is being evaluated to access IPV6 services in the internet. Speed is good on the cable internet connection, it seems fairly close to the IPV4 speeds. I’m using OSX and Windows XP hosts.