How I got my iMac onto IPv6 through HE Tunnel Broker's PPTP VPN.
1) Follow the PPTP VPN tunnel steps in HE's walkthrough to setup the tunnel.
2) Make sure 'VPN is Endpoint' is checked on HE's Tunnel page.
3) Configure the following script (ipv6script) to match HE's tunnel settings. Chmod 755 it when done.
#!/bin/bash
#######################################################################
# Update the HE (Hurricane Electric) ipv6-tunnel
#######################################################################
# Interface to use: en1 = Airport, en0 = Ethernet
MYIF="en0"
# leave as is
IPCACHE="/Library/Caches/ipv6scriptIP"
# Your Tunnel settings start here
# 1. get HEUSER hash from the website, "UserID". On main tunnel page.
# 2. get HEPASS hash: echo -n (Your HE Login Password)|md5
# 3. get HETUNNEL from the website, "Global Tunnel ID"
# 4. HETUNEND is "Server IPv4 address:"
# 5. HEYOUR6END is "Client IPv6 address:" without the trailing /64
# 6. HETHEIR6END is "Server IPv6 address:" without the trailing /64
# 7. HEPREFIX is the basic /64 allocation. Maybe /48 if you opt'd for that.
# 8. NEW_IP is "Client IPv4 address:"
# 9. HEMY64IP is an address from "Routed /64:". Easiest is to add a "1" to the end of the pool address. Remove the trailing /64.
# 10. LOCAL_IP is the same as NEW_IP. We're faking the 'dynamic' IP lookup code since we're in a tunnel.
# 11. Lastly, I redid the tunnel teardown/startup routine to match Mac OS 10.6's syntax - the original commands caused errors. Also set the sysctl values so your machine will forward IPv6 through the tunnel from other machines.
HEUSER=
HEPASS=
HETUNNEL=
HETUNEND=
HEYOUR6END=
HETHEIR6END=
HEPREFIX=64
NEW_IP=
LOCAL_IP=
HEMY64IP=2001:0123:123b:1234::1
#######################################################################
# Config end
#######################################################################
# sometimes this script will get executed twice at the same time, not good, so:
if [ -f $IPCACHE.lock ] ; then
echo A copy already running!
exit 0
else
touch $IPCACHE.lock
fi
# This is faster if your router sets a dyndns entry:
#NEW_IP=`dig mycomp.myvnc.com|grep "^mycomp"| grep -Eo "\<[[:digit:]]{1,3}(\.[[:digit:]]{1,3}){3}\>"`
#NEW_IP=`curl -s "http://www.networksecuritytoolkit.org/nst/cgi-bin/ip.cgi"`
# Wait for the network...
while [ ! -n "$NEW_IP" ]
do
sleep 10
#NEW_IP=`dig mycomp.myvnc.com|grep "^mycomp"| grep -Eo "\<[[:digit:]]{1,3}(\.[[:digit:]]{1,3}){3}\>"`
NEW_IP=`curl -s "http://www.networksecuritytoolkit.org/nst/cgi-bin/ip.cgi"`
done
OLD_IP=`cat $IPCACHE`
if [ "$NEW_IP" = "$OLD_IP" ] ; then
CURCONF=`ifconfig |grep $HETUNEND`
if [ -n "$CURCONF" ] ; then
echo Nothing to do
rm $IPCACHE.lock
exit 0
fi
fi
echo -n $NEW_IP > $IPCACHE
# if you need to use your public ip address, use LOCAL_IP=$NEW_IP instead
#LOCAL_IP=75.149.149.225
# let's delete a pre-existing gif0, ignore any errors
ifconfig gif0 deletetunnel
ifconfig gif0 down
ifconfig gif0 inet6 delete $HEYOUR6END
ifconfig en0 inet6 delete $HEMY64IP
route delete -inet6 default -interface gif0
# update the tunnel
#curl -k -s "https://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=$NEW_IP&pass=$HEPASS&user_id=$HEUSER&tunnel_id=$HETUNNEL"
#echo " "
sleep 1
sysctl -w net.inet6.ip6.forwarding=1
sysctl -w net.inet6.ip6.redirect=1
ifconfig gif0 tunnel $LOCAL_IP $HETUNEND
ifconfig gif0 inet6 $HEYOUR6END $HETHEIR6END prefixlen /$HEPREFIX
route -n add -inet6 default $HETHEIR6END
ifconfig en0 inet6 $HEMY64IP/64 alias
rm $IPCACHE.lock
exit 0
4) Setup the following .plist (net.pugio.myipv6script) in /Library/LaunchDaemons to run the script. Make sure it points to wherever you saved the 'ipv6script' file.
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>net.pugio.myipv6script</string>
<key>ProgramArguments</key>
<array>
<string>/Users/balfour/Documents/ipv6script</string>
</array>
<key>RunAtLoad</key>
<true/>
<key>WatchPaths</key>
<array>
<string>/Library/Preferences/SystemConfiguration/com.apple.network.identification.plist</string>
</array>
</dict>
</plist>
5) And set it to run with "sudo launchctl load /Library/LaunchDaemons/net.pugio.myipv6script.plist"
6) Restart (to be safe) and fire up the VPN (sometimes it takes a minute). In Terminal "ping6 ipv6.google.com" and you should get a reply.
7) Other machines can now do IPv6 and use this Mac as a gateway. You'll set the client computer's IPv6 on its primary network connection.
8) Make up an IPv6 address for the client computer from your /64 pool (HEMY64IP) like 2001:0123:123b:1234::2. Their gateway/router should be the same as the IPv6 (HEMY64IP) of your Mac, 2001:0123:123b:1234::1. Prefix/subnet is /64.
Original info from pugio.net and the HE forums. My advice, if the IPv6 networking you're doing seems to fancy it is. Restart to wipe everything back to start and do it again, simpler.
No comments:
Post a Comment