Re: Automatic 6to4 for network-manager
On 11/18/2009 12:17 PM, Graham Beneke wrote: Benoit Boissinot wrote: You mean, behind a NAT, using the public IP of the gateway? How does your computer get the proto41 packets back? Did you put yourself in DMZ (that's the way I usually it), or is there another trick? The 6to4 interface could come up and it might even move some traffic but there is no way it can work globally since your 6to4 address is based on your v4 address and won't be unique. It probably even violates the RFC - I don't recall. Ah, in that case i misunderstood this type of 6to4 tunnel. I have a fixed ipv6 subnet. I forward and DNAT all sit traffic from the NAT device to the tunnel endpoint. So this will not be universally usable, you need cooperation of your DNAT device. Your original statement stands as it is, as my situation is probably not something NM has to handle at all. M4 ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Automatic 6to4 for network-manager
Benoit Boissinot wrote: Good idea, just remember to make it difficult to enable ipv6 connection sharing with a 6to4 address, Vista is already messing with that too much (we regularly see windows computers advertizing their 6to4 prefix in our network, so they hijack all the traffic from other computer). That sounds like an automatically configured router-advertisment. I agree that we don't want that by default but it could be included in the 'Shared with other computers' method. We'll explore that later though. You mean, behind a NAT, using the public IP of the gateway? How does your computer get the proto41 packets back? Did you put yourself in DMZ (that's the way I usually it), or is there another trick? The 6to4 interface could come up and it might even move some traffic but there is no way it can work globally since your 6to4 address is based on your v4 address and won't be unique. It probably even violates the RFC - I don't recall. -- Graham Beneke E-Mail/MSN/Jabber: gra...@apolix.co.za Skype: grbeneke VoIP: +27-87-550-1010Cell: +27-82-432-1873 ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Automatic 6to4 for network-manager
On Wed, Nov 18, 2009 at 9:12 AM, Martijn Lievaart wrote: > On 11/18/2009 09:09 AM, Graham Beneke wrote: >> >> Dan Williams wrote: >> >>> >>> Yeah, looks pretty simple. I wonder if it would be enough to have a >>> checkbox on the IPv6 config page for adding the 6to4 tunnel or >>> something. >>> >> >> I was thinking of an additional option in the 'method' dropdown along >> the lines of "Automatic, 6to4". Good idea, just remember to make it difficult to enable ipv6 connection sharing with a 6to4 address, Vista is already messing with that too much (we regularly see windows computers advertizing their 6to4 prefix in our network, so they hijack all the traffic from other computer). >> >> We'll need some extra logic that prevents the 6to4 interface from being >> created when the v4 interface is within RFC1918 space. Would there be >> any other specific restrictions? >> > > I run a 6to4 tunnel on an RFC1914 address. I was pretty surprised it worked, > but it does. You mean, behind a NAT, using the public IP of the gateway? How does your computer get the proto41 packets back? Did you put yourself in DMZ (that's the way I usually it), or is there another trick? regards ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Automatic 6to4 for network-manager
On 11/18/2009 09:09 AM, Graham Beneke wrote: Dan Williams wrote: Yeah, looks pretty simple. I wonder if it would be enough to have a checkbox on the IPv6 config page for adding the 6to4 tunnel or something. I was thinking of an additional option in the 'method' dropdown along the lines of "Automatic, 6to4". We'll need some extra logic that prevents the 6to4 interface from being created when the v4 interface is within RFC1918 space. Would there be any other specific restrictions? I run a 6to4 tunnel on an RFC1914 address. I was pretty surprised it worked, but it does. M4 ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Automatic 6to4 for network-manager
Dan Williams wrote: > Yeah, looks pretty simple. I wonder if it would be enough to have a > checkbox on the IPv6 config page for adding the 6to4 tunnel or > something. I was thinking of an additional option in the 'method' dropdown along the lines of "Automatic, 6to4". We'll need some extra logic that prevents the 6to4 interface from being created when the v4 interface is within RFC1918 space. Would there be any other specific restrictions? I notice that the DSL connection box has no 'IPv6 Settings' tab. How difficult would it be to add that and only provide transition methods? -- Graham Beneke Apolix Internet Services E-Mail/MSN/Jabber: gra...@apolix.co.za Skype: grbeneke VoIP: 087-750-5696 Cell: 082-432-1873 http://www.apolix.co.za/ ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Automatic 6to4 for network-manager
On Tue, 2009-11-17 at 23:35 +0200, Graham Beneke wrote: > Dan Williams wrote: > > So the first steps are to figure out what settings are actually needed > > for 6to4. That basically means figuring out the configuration and > > values that existing tools require. Fedora has some scripts that do > > this that might be a guide, and I'm sure other distros automate this > > too. > > The reason why I thought to start with 6to4 is that its zero config :-) > > The v6 interface IP is simply the v4 address converted into hex and > mapped into a particular IPv6 prefix and the gateway is always the same > (anycast) IPv4 address. Yeah, looks pretty simple. I wonder if it would be enough to have a checkbox on the IPv6 config page for adding the 6to4 tunnel or something. Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Automatic 6to4 for network-manager
On Tue, Nov 17, 2009 at 10:02 PM, Dan Williams wrote: > On Mon, 2009-11-16 at 11:42 +0200, Graham Beneke wrote: >> Does anyone have any thoughts or comments on building IPv6 transition >> functionality into NM ? > > So the first steps are to figure out what settings are actually needed > for 6to4. That basically means figuring out the configuration and > values that existing tools require. Fedora has some scripts that do > this that might be a guide, and I'm sure other distros automate this > too. > The script I use does the following (I think I found it in openwrt wiki): IP=1.2.3.4 # anycast: RELAY6TO4=192.88.99.1 V6PREFIX=$(printf '2002:%02x%02x:%02x%02x' $(echo $IP | tr . ' ')) ip tunnel add tun6to4 mode sit ttl 255 remote any local $IP ip link set tun6to4 mtu 1280 ip link set tun6to4 up ip -6 route add 2000::/3 via ::$RELAY6TO4 dev tun6to4 ip addr add $V6PREFIX::1/16 dev tun6to4 So quite simple. regards, Benoit ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Automatic 6to4 for network-manager
On Tue, 17 Nov 2009, Dan Williams wrote: > > Does nm-connection-editor have an "export" and "import" function? That's > > what > > I use system-config-network-tui for. So I don't have to hunt down and backup > > various /etc/sysconfig files and do complicated restored. I just run > > system-config-network-tui > backup and run that file back into > > system-config-network-tui > > to restore. > > Not for normal connections. I didn't even know they had import or > export function in -tui. Good point though. Does it just stuff the > files into tarball or something? Yup, using system-config-network-cmd It gives output like this: DeviceList.Ethernet.eth0.Type=Ethernet DeviceList.Ethernet.eth0.Netmask=255.255.255.224 DeviceList.Ethernet.eth0.BootProto=none DeviceList.Ethernet.eth0.Device=eth0 DeviceList.Ethernet.eth0.OnBoot=true DeviceList.Ethernet.eth0.IP=193.110.157.194 DeviceList.Ethernet.eth0.DeviceId=eth0 DeviceList.Ethernet.eth0.AllowUser=false DeviceList.Ethernet.eth0.Gateway=193.110.157.222 ProfileList.default.ActiveDevices.1=eth0 ProfileList.default.HostsList.1.Comment= ProfileList.default.HostsList.1.IP=127.0.0.1 ProfileList.default.HostsList.1.Hostname=localhost.localdomain ProfileList.default.HostsList.1.AliasList.1=localhost [...] It walks all the involved scripts and grabs all the settings from them. To restore (import), use system-config-network-cmd -i We use this on our appliances when users create a system backup. But as I said, it does not support all variables from the sysconfig/networking-scripts/ files. Paul ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Automatic 6to4 for network-manager
On Tue, 2009-11-17 at 16:43 -0500, Paul Wouters wrote: > On Tue, 17 Nov 2009, Dan Williams wrote: > > >> Sure. just if the user changes it, I hope the corresponding ifcfg files are > >> updated as well so other tools don't break. Current release of > >> system-config-network-tui is already broken on RHEL for not supporting the > >> various ipv6 options the initscripts support. I'd rather not make it worse. > > > > Yup, the ifcfg-rh plugin should already do that for connections > > supported by NetworkManager. system-config-network is not being > > actively developed anymore with new features; effort is being directed > > into nm-connection-editor instead. > > Does nm-connection-editor have an "export" and "import" function? That's what > I use system-config-network-tui for. So I don't have to hunt down and backup > various /etc/sysconfig files and do complicated restored. I just run > system-config-network-tui > backup and run that file back into > system-config-network-tui > to restore. Not for normal connections. I didn't even know they had import or export function in -tui. Good point though. Does it just stuff the files into tarball or something? Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Automatic 6to4 for network-manager
On Tue, 17 Nov 2009, Dan Williams wrote: Sure. just if the user changes it, I hope the corresponding ifcfg files are updated as well so other tools don't break. Current release of system-config-network-tui is already broken on RHEL for not supporting the various ipv6 options the initscripts support. I'd rather not make it worse. Yup, the ifcfg-rh plugin should already do that for connections supported by NetworkManager. system-config-network is not being actively developed anymore with new features; effort is being directed into nm-connection-editor instead. Does nm-connection-editor have an "export" and "import" function? That's what I use system-config-network-tui for. So I don't have to hunt down and backup various /etc/sysconfig files and do complicated restored. I just run system-config-network-tui > backup and run that file back into system-config-network-tui to restore. Paul ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Automatic 6to4 for network-manager
Dan Williams wrote: > So the first steps are to figure out what settings are actually needed > for 6to4. That basically means figuring out the configuration and > values that existing tools require. Fedora has some scripts that do > this that might be a guide, and I'm sure other distros automate this > too. The reason why I thought to start with 6to4 is that its zero config :-) The v6 interface IP is simply the v4 address converted into hex and mapped into a particular IPv6 prefix and the gateway is always the same (anycast) IPv4 address. There is a corner case of old 6to4 gateways that haven't been setup on the anycast IP but I think that those are scare. -- Graham Beneke Apolix Internet Services E-Mail/MSN/Jabber: gra...@apolix.co.za Skype: grbeneke VoIP: 087-750-5696 Cell: 082-432-1873 http://www.apolix.co.za/ ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Automatic 6to4 for network-manager
On Tue, 2009-11-17 at 23:26 +0200, Graham Beneke wrote: > Paul Wouters wrote: > > Note that at least fedora already has a mechanism for that via the > > initscripts. > > Could someone point me to the src for these scripts? They're installed into /etc/sysconfig/network-scripts (ifup-ipv6, ifdown-ipv6, and network-functions-ipv6). I'm not aware of an exploded RCS tree or anything for them, but you could unpack the 'initscripts' Fedora RPM with rpm2cpio if you like. Dan > > So networkmanager should only offer to up/down those settings/interfaces. > > How does a user enable this? In many implementations that I've seen this > is a system wide setting. This is fine for a server but I am having big > problems with mobile devices that connect to multiple networks each > supporting a different transition mechanism. ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Automatic 6to4 for network-manager
On Tue, 2009-11-17 at 16:16 -0500, Paul Wouters wrote: > On Tue, 17 Nov 2009, Dan Williams wrote: > > >> Note that at least fedora already has a mechanism for that via the > >> initscripts. > >> So networkmanager should only offer to up/down those settings/interfaces. > > > > I'd rather support that natively. > > I'd rather all my tools like system-config-network-tui still work when nm is > being used. We are working towards that. Eventually ifup/ifdown will poke NM to do the right thing for connections that are controlled by NM. > > NM should automatically interpret and handle whatever ifcfg files there > > are for 6to4, but the support should be native so that other distros can > > benefit as well. > > Sure. just if the user changes it, I hope the corresponding ifcfg files are > updated as well so other tools don't break. Current release of > system-config-network-tui is already broken on RHEL for not supporting the > various ipv6 options the initscripts support. I'd rather not make it worse. Yup, the ifcfg-rh plugin should already do that for connections supported by NetworkManager. system-config-network is not being actively developed anymore with new features; effort is being directed into nm-connection-editor instead. Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Automatic 6to4 for network-manager
Paul Wouters wrote: > Note that at least fedora already has a mechanism for that via the > initscripts. Could someone point me to the src for these scripts? > So networkmanager should only offer to up/down those settings/interfaces. How does a user enable this? In many implementations that I've seen this is a system wide setting. This is fine for a server but I am having big problems with mobile devices that connect to multiple networks each supporting a different transition mechanism. -- Graham Beneke Apolix Internet Services E-Mail/MSN/Jabber: gra...@apolix.co.za Skype: grbeneke VoIP: 087-750-5696 Cell: 082-432-1873 http://www.apolix.co.za/ ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Automatic 6to4 for network-manager
On Tue, 17 Nov 2009, Dan Williams wrote: Note that at least fedora already has a mechanism for that via the initscripts. So networkmanager should only offer to up/down those settings/interfaces. I'd rather support that natively. I'd rather all my tools like system-config-network-tui still work when nm is being used. NM should automatically interpret and handle whatever ifcfg files there are for 6to4, but the support should be native so that other distros can benefit as well. Sure. just if the user changes it, I hope the corresponding ifcfg files are updated as well so other tools don't break. Current release of system-config-network-tui is already broken on RHEL for not supporting the various ipv6 options the initscripts support. I'd rather not make it worse. Paul ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Automatic 6to4 for network-manager
On Mon, 2009-11-16 at 11:42 +0200, Graham Beneke wrote: > I am wanting to provide an option under the IPv6 settings methods that > will automatically configure 6to4 transition interface if a user wants > it and a suitable IPv4 connection exists. > > I also want to build functionality for other transition mechanisms but > lets start small ;-) > > I've cloned the git repository for both the deamon and the applet but I > am a little unsure where I should be looking to begin working on my patches. > > Does anyone have any thoughts or comments on building IPv6 transition > functionality into NM ? So the first steps are to figure out what settings are actually needed for 6to4. That basically means figuring out the configuration and values that existing tools require. Fedora has some scripts that do this that might be a guide, and I'm sure other distros automate this too. After you've come up with a list, we get to create a new NMSetting subclass that holds these values and can validate the settings that a user provides. Then we write the code in NM to set up the 6to4 tunnel based on those settings. Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Automatic 6to4 for network-manager
On Mon, 2009-11-16 at 09:27 -0500, Paul Wouters wrote: > On Mon, 16 Nov 2009, Graham Beneke wrote: > > > I am wanting to provide an option under the IPv6 settings methods that will > > automatically configure 6to4 transition interface if a user wants it and a > > suitable IPv4 connection exists. > > > Does anyone have any thoughts or comments on building IPv6 transition > > functionality into NM ? > > Note that at least fedora already has a mechanism for that via the > initscripts. > So networkmanager should only offer to up/down those settings/interfaces. I'd rather support that natively. The whole point of doing it natively is to get better integration, better error reporting, and less duct-tape-and-bubble-gum gluing together of random scripts and variable substitutions littered all over the system. NM should automatically interpret and handle whatever ifcfg files there are for 6to4, but the support should be native so that other distros can benefit as well. Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Automatic 6to4 for network-manager
On Mon, 16 Nov 2009, Graham Beneke wrote: I am wanting to provide an option under the IPv6 settings methods that will automatically configure 6to4 transition interface if a user wants it and a suitable IPv4 connection exists. Does anyone have any thoughts or comments on building IPv6 transition functionality into NM ? Note that at least fedora already has a mechanism for that via the initscripts. So networkmanager should only offer to up/down those settings/interfaces. Paul ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
