Comcast IPv6 on OpenWrt

From Kyle's Wiki
Jump to: navigation, search

Comcast is running IPv6 Trials, see [1].

You don't have to use their custom image, the only thing special about it is their web interface add on.

Contents

Needs

On openwrt you need a few extra packages to get a Comcast IPv6 tunnel running:

  • ip
  • kmod-sit
  • radvd

You can install these if you didn't make a custom image:

opkg update
opkg install ip kmod-sit radvd

Configuration

The first thing you will need is an init script to control it (call it /etc/init.d/comcast-ipv6):

#!/bin/sh /etc/rc.common

START=42
STOP=88

WANIF=eth0.1
LANIF=br-lan

SIXRDTUNIF=6rdtun
SIXRDTUNMTU=1280
SIXRDTUNTTL=64

WANIP=`ip -4 addr show dev $WANIF | awk '/inet / {print $2}' | cut -d/ -f 1`
WANIPSPACED=`echo $WANIP | tr . ' '`

ISP6RDPREFIX='2001:55c'
ISP6RDPREFIXLEN='32'
ISP6RDBR=69.252.80.66

LOCAL6PREFIX=`printf "$ISP6RDPREFIX:%02x%02x:%02x%02x" $WANIPSPACED`
LOCAL6PREFIXLEN=64

start() {
        # Setup the tunnel interface
        ip tunnel add $SIXRDTUNIF mode sit ttl $SIXRDTUNTTL remote any local $WANIP

        # Set the MTU
        ip link set $SIXRDTUNIF mtu $SIXRDTUNMTU                                  

        # Bring up the tunnel interface
        ip link set $SIXRDTUNIF up              

        # Set the tunnel interface IPv6 address
        ip -6 addr add $LOCAL6PREFIX:0::1/$ISP6RDPREFIXLEN dev $SIXRDTUNIF

        # Set the LAN interface IPv6 address
        ip -6 addr add $LOCAL6PREFIX:1::1/$LOCAL6PREFIXLEN dev $LANIF     

        # Set the default IPv6 route to the ISP's IPv4/IPv6 boarder router
        ip -6 route add 2000::/3 via ::$ISP6RDBR dev $SIXRDTUNIF          

        # Enable IPv6 Forwarding
        sysctl -w net.ipv6.conf.all.forwarding=1 > /dev/null
}                                                                         

stop() {
        ip tunnel del $SIXRDTUNIF
        ip -6 addr del $LOCAL6PREFIX:1::1/$LOCAL6PREFIXLEN dev $LANIF
}

Now enable it:

/etc/init.d/comcast-ipv6 enable

And try starting it:

/etc/init.d/comcast-ipv6 start

You should have a tunnel in ifconfig:

6rdtun    Link encap:IPv6-in-IPv4  
          inet6 addr: 2001:55c:4c78:7f72::1/32 Scope:Global
          inet6 addr: ::76.120.127.114/128 Scope:Compat
          UP RUNNING NOARP  MTU:1280  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

Radvd

Radvd is a program to advertise that your router has ipv6 capabilities to the rest of your computers on your lan.

Here is my /etc/config/radvd:

config interface
        option interface        'lan'
        option AdvSendAdvert    1
        option AdvManagedFlag   0
        option AdvOtherConfigFlag 0
        option ignore           0

config prefix
        option interface        'lan'
        # If not specified, a non-link-local prefix of the interface is used
        option prefix           ''
        option AdvOnLink        1
        option AdvAutonomous    1
        option AdvRouterAddr    0
        option ignore           0

config rdnss
        option interface        'lan'
        # If not specified, the link-local address of the interface is used
        option addr             ''
        option ignore           0

Again enable it and turn it on:

/etc/init.d/radvd enable
/etc/init.d/radvd start

Firewall

TBD

Testing

First on the router, verify your connectivity:

ping6 ipv6.google.com

Now on your client, your ifconfig should look somewhat like this:

eth0      Link encap:Ethernet  HWaddr 00:26:b9:01:f7:46  
          inet addr:10.0.2.242  Bcast:10.0.2.255  Mask:255.255.255.0
          inet6 addr: 2001:55c:4c78:7f72:226:b9ff:fe01:f746/64 Scope:Global
          inet6 addr: fe80::226:b9ff:fe01:f746/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1953172 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2151712 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:679623830 (679.6 MB)  TX bytes:985853705 (985.8 MB)
          Interrupt:17 

Notice the ipv6 line. You can look at your route table with the ip -6 route command:

2001:55c:4c78:7f72::/64 dev eth0  proto kernel  metric 256  expires 86016sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth0  proto kernel  metric 256  mtu 1500 advmss 1440 hoplimit 4294967295
default via fe80::8886:46ff:feb1:8d03 dev eth0  proto kernel  metric 1024  expires 1416sec mtu 1500 advmss 1440 hoplimit 64

To verify, try another ping on your client computer:

ping6 ipv6.google.com
Personal tools
Namespaces

Variants
Actions
Efforts
Toolbox
Meta