-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
>>>>> Navjot Kukreja writes:
Navjot> I guess the problem statement is not clear enough. An IPv4 NAT
system
Navjot> exists. I want my IPv6 hosts to access the internet(IPv4 internet
and IPv6
Navjot> internet) and the only internet connectivity i have(at this stage)
is from
Navjot> behind that NAT. I own a globally routable IPv6 address prefix(48
bit), so i
Navjot> can allocate IPv6 addresses if required. The problem being that the
router
Navjot> itself is inaccessible to me at this stage, I do not have access to
any
Navjot> machines with globally routable IPv4 addresses. 6to4 tunneling even
refuses
Navjot> to start seeing that the assigned IPv4 address is of the 172.x.x.x
series,
Navjot> so 6to4 tunneling in its original form is not an option for me as
it can't
Navjot> work from behind a NAT.
Yup, 6to4 doesn't work behind NAT :(
Navjot> Also, I'm aware of how 6to4 works, but I'm talking about the 6to4
Navjot> implementation in the kernel. once its enabled from
/etc/sysconfig/network,
Navjot> it will try to assign a 6to4 address based on the basis of the
assigned IPv4
Navjot> address. Since it doesn't find one, it fails to bring up the 6to4
interface.
Navjot> therefore it won't work from behind a NAT. Also, it can't be used to
Navjot> transport IPv6 packets over an IPv4 LAN(because the source and the
Navjot> destination don't have globally routable IPv4 addresses, so it
refuses to
Navjot> assign IPv6 addresses based on the internal IPv4 address)
Okay did you tried on any IPv6 box what you mentioned above. Or you're just
talking
conceptually. If you tried, please report what OS (with its version) you're
using.
Navjot> Also, 6to4 implementation doesn't give control over the
Navjot> tunnel broker(which is essential as i want to establish my
Navjot> own tunnel).
For boxen behind NAT, IPv6-over-UDP-over-IPv4 style tunnels are
recommended, go6.net offers such tunnels. You'll need a freenet6[0] IPv6
tunnelling client. I've packaged freenet6 for Fedora[1], and Ubuntu
(Gutsy and Hardy). If you need SELinux policies for freeenet6, I've
them as well. Run freenet6 on a box behind NAT, and designate that box
as your IPv6 router. And also start a 6to4 interface on that box, with
an IPv6 address based on the currently assigned local address. After
this no need to start radvd to advertise IPv6 prefix you received from
freenet6, since you're going to use 6to4 tunnels inside your LAN, so
you need to manually add on each and every IPv6 box of your LAN,
default IPv6 route via 6to4 address of your IPv6 router, and finally
enable IPv6 forwarding on your IPv6 router.
And, please no more top-posting[2].
References:
[0] - http://go6.net/4105/description.asp?product_id=169&category_id=276
[1] - http://wahjava.wordpress.com/2007/11/13/freenet6-on-fedora-7/
[2] - http://en.wikipedia.org/wiki/Posting_style#Top-posting
HTH
- --
Ashish Shukla आशीष शुक्ल http://wahjava.wordpress.com/
·-- ·- ···· ·--- ·- ···- ·- ·--·-· --· -- ·- ·· ·-·· ·-·-·- -·-· --- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIBvYUHy+EEHYuXnQRApovAKCd6WRb7AdTzcUdKHF9OS0zceqo/wCfRYmR
PAJ8NdGSiO9el1xdXXhgAeY=
=zgxS
-----END PGP SIGNATURE-----
_______________________________________________
ilugd mailinglist -- ilugd@lists.linux-delhi.org
http://frodo.hserus.net/mailman/listinfo/ilugd
Next Event: http://freed.in - February 22-24, 2008
Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi
http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
