ipv6 at home, part 3: gogonet tunnels, freenet6

This blog post is part of a series on ipv6. In part 1, I provided an overview of ipv6 and looked at Teredo, the technology built into Windows Vista; in part 2, I looked at AYIYA tunnels through aiccu, using sixxs net as a tunnel broker. Part 2.5 is a collection of useful ipv6 tidbits, and this part 3 gets back to the original plan: Exploring ipv6 connectivity options – in this case, the tunnel offered by gogo6 (formerly Hexago) at go6.net. gogonet.

Tunnel overview

freenet6, the tunnel service offered by gogo6, uses TSP (Tunnel Setup Protocol) to determine the best tunnel type. It offers IPv6-in-IPv4 tunnels in Native mode (direct connection to a public ipv4 address, no NAT), IPv6-in-IPv4 tunnels in NAT traversal mode (also called IPv6-in-UDP-is-IPv4; this is what you’ll most likely use), and even IPv4-in-IPv6 tunnels (using DSTM, used to reach ipv4 resources if you have an ipv6 address but no ipv4 address – not a very likely scenario at this point in time).

The tunnel service is delivered through gateway6, an incredibly intuitive and easy-to-use client. Both anonymous and authenticated tunnels are available. An anonymous tunnel will provide ipv6 access for the machine the gateway6 client is installed on; an authenticated tunnel gives you a routable /56 network to hand out to the rest of your network.

Setting up an anonymous tunnel

Install the gateway6 client; launch it; leave everything at default; hit “Connect”.

Test your connection by browsing to ipv6.google.com.

In this mode, your assigned ipv6 address will change as your ipv4 address changes.

I should spruce this paragraph up by adding a screen shot of the gateway6 client with all default settings, but it feels gratuitous. This method of connection is hands-down the easiest way to get ipv6 connectivity that you are likely to find.

Setting up an authenticated tunnel

Sign up with go6.net. freenet6. This is separate from the gogonet account you need to even download the client.

Install the gateway6 client.

Change the “Gateway6 address” to be “authenticated.freenet6.net”.

Set the client to “Connect using the following credentials”, and enter your user name and password with go6.net.

On the off-chance that a tunnel endpoint would default to clear-text authentication, you can go to the “Advanced” tab and change your Tunnel Authentication Method to either PASS DSS 3DES1 or Digest MD5.

Hit “Connect” and test your connection by browsing to ipv6.google.com.

In this mode, your assigned ipv6 address will remain static, even if your ipv4 address changes.

Setting up routing to the rest of your network

go6.net will assign a /56 prefix to you on an authenticated tunnel, if you request it.

The simplest way to set this up is:

On the “Advanced” tab, check “Enable Routing Advertisements”. Choose the LAN interface that will serve the ipv6 prefix to the rest of your network. Leave the prefix length at /64.

Hit Connect, and check the “Status” tab – you’ll see your assigned /56 prefix. Of which you are currently using the first /64 – if you have further subnets, you can start assigning more /64s and routing them to the machine that runs the gateway6 client.

Advanced options – running on a router, reverse DNS delegation

Through changing the gw6c.conf file, you can use the gateway6 client to request configuration for a router; and you can request delegation of your ipv6 prefix to your own name server for RDNS (PTR) resolution.

RDNS delegation is set up by simply changing the “dns_server=” entry.

You can run the gateway6 client as a “proxy”, in which mode it will request configuration information for a router. This is described in the gogonet forums. You’d want to set the requested prefix length to /56, not /48 – otherwise, no changes should be necessary.

The provided template outputs configuration for a Cisco router. You can take the relevant information out of the Cisco config file and use it with a Juniper device, or DLink, Apple, any router that supports 6-in-4 (protocol 41) tunnels. You could also write your own template script to output the information in the format your router requires – it’s a simple batch file.

Final thoughts

If you want ipv6 connectivity, and you do not intend to gain it through your router, gogonet should be your first stop. The gateway6 client shows that gaining ipv6 connectivity, and setting up routing to everything else in your network, does not have to be complicated, or involve lengthy command-line sessions.

If you want to terminate your tunnel on a router, give Hurricane Electric a look. Their tunnel setup does not require a client running on a PC – on the other hand, that means it won’t present the router configuration commands to you on a silver platter, either. Consider also that freenet6 has a somewhat patchy record when it comes to reliably handing out your delegated prefix: In the past, prefix numbers would change, and that messes with your router setup and your RDNS.

I had, when I first started writing this series, deliberately placed go6.net behind Teredo and SixXS: I knew it was going to be far easier to set up than those other two, and wanted to progress from “complicated” to “easy” as the series went on. I had not counted on getting stuck quite so hard on routing with the SixXS aiccu setup. In hindsight, covering the easiest method first might have been cleverer.

Advertisements

22 thoughts on “ipv6 at home, part 3: gogonet tunnels, freenet6

  1. Hey I wrote a blog on my personal site about accessing all of Google’s service via IPv6 by using Hurricane Electric’s DNS resolver.. Here’s a snip:

    “For a while only select networks can access Google’s IPv6 services like search, mail, docs, etc over IPv6. However, I discovered you can point a caching name server (or individual clients) to Hurricane Electric’s public IPv6 name server. That address is: 2001:470:20::2 Awesome! ++good!

    So how do you do it from a Bind Caching-only name server side?

    1. open the named.conf file for editing

    2. then add these lines to the “options” area

    forwarders { 2001:470:20::2; };
    forward first; #this means the server will go to the forwarder first, then if it fails it will try itself”

  2. Thanks for the BIND tip, that’ll be useful for those who run their own name servers! If it’s clients only, passing the HE DNS server out via DHCPv6 (or configuring it statically) works great, too – see part 2.5.

  3. right… my bad.. I like your blog, it’s good to get more positive and useful info for IPv6 in the home..

    You should do one about using one of the new SOHO routers with the automatic 6to4 setups (Linksys 610, Apple, etc)

  4. I love your blog, Jeremy, because it’s more “what can ipv6 really do for me”, and less “ohnoes ipv4 is running out, everybody be afraid!”.

    I agree with you, I should do a part about home routers. The trouble is I don’t have one of those, so I can mention they exist, but not really do more than that. Unless Linksys or Apple want to give me a “review sample” – hah fat chance :).

    Part 4 was planned to be about my favorite setup and the one I actually run – a Juniper router with HE tunnel. 1.5 years later, I’m actually getting round to writing that. Yeah, I should’ve done this the other way around, no question about that …

  5. hey dude.. You always have great posts on IPv6, which is the IN think in networking today. Your post is really helpful for a layman like me to build my own network.

    You were mentioning about connecting to IPv6 without a router and using the website go6.net. Even the instructions given by you are so clear it surely would be of great help to me… Joel

  6. Hi,

    Is there any chance to update the teredo connectivity section to get it to work under windows 7.

    There are so many obstacles that I just can’t get it to work. Mostly due to minor changes in the way windows 7 works. Even simple things like how to renew the ipv6 teredo connection I have not been able to do.

    To the casual networker this is very hard to sift through and find answers

  7. Hello.I have an account with Tunnelbroker and I want to connect through its servers but I am a totally beginner with this,well I used some VPN services,but I don’t know how to use this service.I have the Hexaco client,but I couldn’t connect through it.Is it possible?If it is,would you be so kind to make a tutorial step by step(for Tunnelbroker service) for noobs like me?

    P.S.I use Windows XP SP1,a PPPOE broadband connection through fiber optics and have no router.

    Thank you.

    1. tunnelbroker.net is a really good service – if your Windows machine is on a public IP, or you have an IPv6-capable router at home. You say you have “no router” – check by opening a command line and typing “ipconfig”. If your address is in the RFC1918 private ranges – that is, the 192.168.0.0/16 range, or the 172.16.0.0/12 range or the 10.0.0.0/8 range – then there is some form of router in play – that is, your traffic is NATed – and tunnelbroker.net won’t be the right choice for you.

      The hexago client is for use with gogo6, who run freenet6. I am not aware that it works with tunnelbroker.net. The tunnelbroker.net forums have good walkthroughs for setting up a tunnel with a Windows machine, using nothing but Windows-native commands. It works well: As long as your machine is directly connected to the Internet. Which, personally, I find a scary idea.

  8. Hi all,
    somebody know how assign a name to the Ipv6 interface create with gw6c?
    I configed gw6c.conf file and set up the tunnel but I would access to the interface with a specific name using it in the browser, is it possible?

    Thanks

    1. sorry, meant to reply to you

      Yeah, edit these lines:

      if_tunnel_v6v4=sit1
      if_tunnel_v6udpv4=tun
      if_tunnel_v4v6=sit0

      sit1, tun and sit0 are the defaults.

  9. Done, there’s a Win7 section in part 1 now. Note the steps are identical to Vista. I have added a troubleshooting section, too, which should come in handy.

  10. I can attest to the ease in setting up the anonymous tunnel which anyone, even without a ton of computer programming or networking service can get set up. Thank you for the step by step process without too much of the technical jargon.

  11. hello there! is there any possible way of running a php server under ipv6 using gogo6/freenet6 service? i always got sandbox error when i try to uploaod something using flash on my current website xD. if there is, can u please guide me? i am using HomeWeb of the gogoclient Utility, thank you in advance πŸ™‚

    1. I have no idea about Homeweb. Certainly, you can run a PHP-driven web site on ipv6: All you need is a web server, such as apache, that is v6-enabled and handles PHP. Think of IPv6 as just “improved plumbing” for your applications. The hard part about IPv6 is actually not so much getting the plumbing in place, but finding applications that have been updated to use the new-fangled plumbing, and dealing with those that haven’t been or never will be.

  12. I set an unsupported OS msg when I install either the gogo6 32bit or 64 bit client [v6.0] on Win7 starter. Do I need to create a gogo6 login ? [I downloaded the client without creating a login]

    1. That’s an interaction between your OS and the client, it has nothing to do with logins. I’d contact gogo6 and ask about support for Windows 7 Starter. Very likely, the client has only been tested with editions from Windows 7 Home onwards. Now that Starter is available worldwide on netbooks, the creators of the gogo6 software may be interested in making it work on that edition.

      1. My mistake I downloaded gw6c 6.0 32 bit for windows from a gogo download page I found that bypassed their requiement to create a login πŸ˜‰ that is an older client than gogo client 1.0 for windows 32 bit which I downloaded from elsewhere, the later worked first time – intial impressions are very good

  13. @robert: Glad to hear it’s working. The current version is 1.2. The login requirement to be able to get to the download page is really not that evil πŸ™‚

  14. Why do I have the same IPv6 address in both clients?… I Enable Routing Advertisements on both clients (pc’s), but I still have the same IPv6 address on both pcs

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s