IPv6



  • I want to make my netork be able to reach IPv6 network over the Internet.

    I can setup my server to use IPv6, but how I can setup pfSense?
    I tried to use ngnet (https://tb.ngnet.it. I setup a tunnel. I have this information:

    | Tunnel Info |
    | Server IPv4 Address | ...**** |
    | Server IPv6 Address | :::::**** |
    | Server IPv6 Link Local Addr | :::**** |
    | Client IPv4 Address | ...* |
    | Client IPv6 Address | :::::**** |
    | Client IPv6 Link Local Addr | :::**** |

    And the site generate this script fot FreeBSD:

    #!/bin/sh
    gif_ifaces=`ifconfig -a|grep -w gif[0-9]*|grep -v UP| grep -v inet6 | awk -F":" '{print $1}'`
    gif_iface=`echo $gif_ifaces|awk '{print \$1'}`
    if [ -z $gif_iface ]; then
    echo "No gif interfaces available."
    echo "Tunnel can't be configured"
    exit
    fi
    ifconfig $gif_iface create
    ifconfig $gif_iface tunnel ClientIPv4Address ServerIPv4Address >> /tmp/tb.log
    ifconfig $gif_iface inet6 ClientIPv6Address  ServerIPv6Address prefixlen 128 metric 1 >> /tmp/tb.log
    route add -inet6 :: -prefixlen 0 -interface $gif_iface
    echo "ClientIPv6Address $gif_iface" >> /tmp/tb.gif
    
    

    Thanks for help!



  • We have a tunnel endpoint option I think, never used it.

    If you want to use the script, stick it in /usr/local/etc/rc.d and make sure to chmod a+x it.



  • @sullrich:

    We have a tunnel endpoint option I think, never used it.

    If you want to use the script, stick it in /usr/local/etc/rc.d and make sure to chmod a+x it.

    I saw the endpoint option, but if i put only the ipv4 address threre, IPv6 is not running… There is something wrong?

    I think that the best solution is to use the script, but i have a dinamic IPv4 so how i can modify the script to run every time the IPv4 change? and get automatically the IPv4 address?

    Thanks!



  • @Emab:

    I saw the endpoint option, but if i put only the ipv4 address threre, IPv6 is ono running… There is something wrong?

    I really don't know.  I honestly have never used ipv6.

    @Emab:

    I think that the best solution is to use the script, but i have a dinamic IPv4 so how i can modify the script to run every time the IPv4 change? and get automatically the IPv4 address?
    Thanks!

    This gets a LOT more involved but you could try launching your script from /etc/rc.newwanip



  • @sullrich:

    @Emab:

    I saw the endpoint option, but if i put only the ipv4 address threre, IPv6 is ono running… There is something wrong?

    I really don't know.  I honestly have never used ipv6.

    Ok…

    @sullrich:

    @Emab:

    I think that the best solution is to use the script, but i have a dinamic IPv4 so how i can modify the script to run every time the IPv4 change? and get automatically the IPv4 address?
    Thanks!

    This gets a LOT more involved but you could try launching your script from /etc/rc.newwanip

    Ok, I can try this, but how can I edit the script to get automatically my IPv4 address?



  • Look at /etc/rc.newwanip



  • @sullrich:

    Look at /etc/rc.newwanip

    Ok, if I undestrand correctly I have to put the script here… it's correct?



  • No, you need to read /etc/rc.newwanip and hook you're script in appropriately.



  • @sullrich:

    No, you need to read /etc/rc.newwanip and hook you're script in appropriately.

    Ok… I'll check tomorrow.... now it's to late for me...

    Thank you!



  • If I run this script:

    #!/bin/sh
    gif_ifaces=`ifconfig -a|grep -w gif[0-9]*|grep -v UP| grep -v inet6 | awk -F":" '{print $1}'`
    gif_iface=`echo $gif_ifaces|awk '{print \$1'}`
    if [ -z $gif_iface ]; then
    echo "No gif interfaces available."
    echo "Tunnel can't be configured"
    exit
    fi
    ifconfig $gif_iface create
    ifconfig $gif_iface tunnel ClientIPv4Address ServerIPv4Address >> /tmp/tb.log
    ifconfig $gif_iface inet6 ClientIPv6Address  ServerIPv6Address prefixlen 128 metric 1 >> /tmp/tb.log
    route add -inet6 :: -prefixlen 0 -interface $gif_iface
    echo "ClientIPv6Address $gif_iface" >> /tmp/tb.gif
    
    

    it do any permanent change?
    or it's enought to reboot the system to lost these changes?



  • I'm trying to run the above script…
    but I need some help...

    The script want a GIF interface... what I can do?



  • Ok…how I'm able to run the script and I have IPv6 connectivity on the pfSense PC.

    What is the best rule, for security reasons, to allow IPv6 traffic?


Log in to reply