From Mandriva Community Wiki

Security Warning: If you set up an ipv6 tunnel, all your computers will become reachable from the Internet, so you should really set up an ipv6 firewall on the tunnel endpoint !

Contents [hide] 1 Mandriva Configuration 1.1 Does my Mandriva support Ipv6 ? 1.2 Configuration 1.2.1 Autoconfiguration 1.2.2 Static Address 1.2.3 Ipv6 over Ipv4 Tunnel 1.2.4 Automatic Tunnel 1.2.5 Gateway and co 1.2.6 radvd 1.2.7 Mobile Ipv6 1.3 The Real life ? 1.4 Getting an Ipv6 address/subnet 2 Tested Software 2.1 Configuration tools 2.2 Server 2.3 Client 2.3.1 Irc 2.3.2 Web browser ( or assimilated ) 2.3.3 Ftp 2.3.4 Jabber 2.3.5 Games 2.3.6 Mail 2.3.7 Multimedia 2.3.8 Other 2.4 Languages binding 2.5 How to test 2.6 Somes links

[edit] Mandriva Configuration

[edit] Does my Mandriva support Ipv6 ?

If you are running cooker the reply is yes. Mandriva has ipv6 support since 9.2, maybe earlier. To be precise, let's look at your configuration:

[nanardon@virgo ~]$ /sbin/ifconfig
eth0      Lien encap:Ethernet  HWaddr 00:60:97:19:C7:1E
          inet adr:192.168.76.1  Bcast:192.168.76.255  Masque:255.255.255.0
          adr inet6: 3ffe:80ee:35a1:4c00::1/64 Scope:Global
          adr inet6: fe80::260:97ff:fe19:c71e/64 Scope:Lien
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:136676069 errors:13 dropped:0 overruns:77 frame:13
          TX packets:144928103 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 lg file transmission:1000
          RX bytes:4203114893 (4008.4 Mb)  TX bytes:1403573408 (1338.5 Mb)
          Interruption:5 Adresse de base:0xa800

lo        Lien encap:Boucle locale
          inet adr:127.0.0.1  Masque:255.0.0.0
          adr inet6: ::1/128 Scope:Hôte
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:189250800 errors:0 dropped:0 overruns:0 frame:0
          TX packets:189250800 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 lg file transmission:0
          RX bytes:2531593641 (2414.3 Mb)  TX bytes:2531593641 (2414.3 Mb)

If you're able to find a line beginning with "adr inet6", this means you have an ipv6 stack working on your computer and ready to use. But this does not mean you have access to an ipv6 network. If you do not have any inet6 address, you probably need to load the ipv6 module into your kernel.

Some explanations about the address :

lo ::1/128

This address is the address of the host itself, equivalent to 127.0.0.1 on ipv4.

eth0 fe80::260:97ff:fe19:c71e/64

All addresses begining with fe80: are local subnet only, these will never be used to go on the net, and are used for host discovery purposes. Ipv6 has a concept of scope, and these addresses are "local", no router will forward them.

eth0 3ffe:80ee:35a1:4c00::1/64

This address is one of my real ipv6 addresses, I can use it to be contacted, and to contact someone else.

Currently there are only 3 prefixes usable for internet connection:

1. 3ffe:: 6Bone test address
2. 2001:: Normals IPV6 address
3. 2002:: Ipv4 to Ipv6 address

For more information about ipv6, see the good Ipv6 Howto.

[edit] Configuration

As drakconnect is not yet fully ipv6 aware, we'll have to set up the computer manually. Fortunately, the initscripts support ipv6.

[edit] Autoconfiguration

The most simple, nothing to do, just set up radvd on your gateway to announce the route and prefix on your subnet.

[edit] Static Address

In your /etc/sysconfig/network-scripts/ifcfg-INTERFACE:

IPV6INIT=yes
IPV6ADDR=3ffe:80ee:35a1:4c00::1/64

Simple isn't it? As you can see, the subnet mask is included in the address.

[edit] Ipv6 over Ipv4 Tunnel

In your /etc/sysconfig/network-scripts/ifcfg-sit<NUMBER>

DEVICE=sit1
BOOTPROTO=none
ONBOOT=yes
IPV6INIT=yes
IPV6TUNNELIPV4=1.2.3.4
IPV6ADDR=3ffe:80ee:35a1::1/128

Do not use sit0 !

• IPV6TUNNELIPV4 is your ipv4 end point tunnel, this value is given by your Ipv6 provider
• IPV6ADDR is your Ipv6 address

That's all. You have to do the same thing on the other end point tunnel if you want to connect two hosts using ipv6 over ipv4. This requires fixed ipv4 addresses on both sides of the tunnel. Take care to not filter *protocol 41*.

[edit] Automatic Tunnel

Even without any gateway address you can connect using a 6to4 tunnel.

This is easy and works without problem on 10.2. However, some providers may cause problems.

Note that you need one public and reachable ipv4 address.

First, add these lines to /etc/sysconfig/network

NETWORKING_IPV6=yes
IPV6_DEFAULTDEV=tun6to4

Then, in the interface connected to the internet ( eth2 in my case, so in /etc/sysconfig/network-scripts/ifcfg-eth2 ), add these lines :

IPV6INIT=yes
IPV6TO4INIT=yes

Then, restart the network, and you should be able to connect to an ipv6 computer. More information on http://www.wlug.org.nz/6to4

This setting will add to your interface an address with ::1 suffix. You can use other suffices for your local subnet having an ipv4 private address. Set your computer to act as a gateway, configure your internal network card with the same ipv6, and finally assign other suffices to your other computer (see radvd and/or Static Address sections.

[edit] Gateway and co

If you're using autoconfiguration skip this step: it is only required if you have a special configuration, so surely on your gateway.

In your /etc/sysconfig/network

NETWORKING_IPV6=yes
IPV6FORWARDING=yes
#IPV6_DEFAULTGW<tt>
IPV6_DEFAULTDEV</tt>sit1

• NETWORKING_IPV6 Do we want Ipv6? (Normally the default is yes but I had to force it on one of my computers)
• IPV6FORWARDING Should we enable ip forwarding for ipv6 ?
• IPV6_DEFAULTGW The ip address of the gateway, if needed (it is not in my case)
• IPV6_DEFAULTDEV The outgoing device for the default route

[edit] radvd

Radvd is a daemon to announce the Ipv6 prefix, netmask and default route on the subnet. After setting up the daemon, on one of your hosts - normally your gateway - all hosts on the subnet will automatically get an address without any kind of confirmation.

To setup radvd, edit your /etc/radvd.conf:

interface eth0
{
    AdvSendAdvert on;
    prefix 3ffe:80ee:35a1:4c00::/64
    {
        AdvOnLink on;
        AdvAutonomous on;
        AdvRouterAddr on;
    };
};

This is the basic configuration:

• interface eth0 where is this subnet
• AdvSendAdvert on enables announces
• prefix 3ffe:80ee:35a1:4c00::/64 The prefix to announce: the maximum prefix length is 64, else auto configuration will not work. You can use auto detection of the prefix with the option Base6to4Interface.
• AdvRouterAddr on Announce the default route.

For the rest, man radvd.conf (aka RTFM) :)

You can also use zebra or another routing daemon, if you prefer.

[edit] Mobile Ipv6

Mobile ipv6 is a system allowing transparent roaming on ipv6. You can find more information on http://www.mobile-ipv6.org/

There is no support in the upstream kernel for Mobile ipv6 at the moment. Userspace tools are not packaged either.

[edit] The Real life ?

At this point you should have ipv6 working on your computers, to test:

• ping6 IPV6
• /usr/sbin/traceroute6 IPV6

Now you can set up your favorite application to use ipv6. You'll surely first jump on bind, because remembering all Ipv6 is a bit complex.

The Ipv6 support depends on the application, you'll find:

• applications that do not need specific support: cowsay :), network applications called by xinetd or through ssh (rsync, cvs),
• applications working out of the box (ssh),
• application supporting ipv6 if explicitly asked (icecast),
• applications supporting Ipv6 partially (sometimes the connection works, but it does not understand ipv6 acl for example),
• applications that do not support Ipv6 (nc).

For the last cases, patches are welcome. You may find some information on the web ( http://gsyc.escet.urjc.es/~eva/IPv6-web/ipv6.html ).

[edit] Getting an Ipv6 address/subnet

Many sites provide an Ipv6 tunnel for testing purposes. Putting up a list is outside the goal of this page explaining the Ipv6 rules. I can only encourage you to look for documentation on the net. Seek "ipv6 tunnel broker" on google.

[edit] Tested Software

[edit] Configuration tools

By configuration tools, I mean components that you need to have a working Ipv6 stack on your Mandriva. So dhcp by example goes here.

Software	Status	Comments
dhcp/dhcpd	Not supported	see dhcp6
dhcp6	Supported
drakconnect	Not supported	6to4 tunnel is supported ( check box in advanced )
initscripts	Supported
net-tools	Supported
iproute2	Supported
radvd	Supported

[edit] Server

Software	Status	Comments
apache	Supported
bind	Supported
cyrus-imapd	Supported
dovecot	Supported	Requires to imap_listen = [::]
exim	Supported
icecast	Supported	Need an explicit bind directive in conf
openssh	Supported
postfix	Supported	Need "inet_protocols = all" in cf
postgresql	Supported
ppp	Supported	since 2.4.3-6mdk
privoxy	Not Supported
proftpd	Supported	Tested via xinetd, since 1.2.10-11mdk
pure-ftpd	Supported
rsync	Supported	Via xinetd, understand IP in authorized lists
squid	Not Supported
vsftpd	Supported	Requires a explicit directive
xinetd	Not Supported	Use xinetd-ipv6
xinetd-ipv6	Supported	Set v6only = yes as global setting, each service should have flags = IPv6, xinetd is an alternative link

[edit] Client

[edit] Irc

Software	Status	Comments
bitchx	Supported
emacs-erc	Supported
gaim	Supported
kopete	Supported	Configuration needs to be forced on ipv6 channel
irssi	Supported
epic4	Supported
xchat	Supported
weechat	Supported

[edit] Web browser ( or assimilated )

Software	Status	Comments
amaya	Not supported
curl	Supported
dillo	Not supported
galeon	Supported
konqueror ( kiohttp )	Supported
links	Not supported
lynx	Supported
mozilla-firefox	Supported
wget	Supported	since 1.10-1mdk
w3m	Supported

[edit] Ftp

Software	Status	Comments
ftp-kerberos5	Not supported
galeon	Supported
konqueror (kioftp)	Supported
gftp	Supported
lftp	Supported
lukemftp	Supported
ncftp	Supported	since 3.1.9-3mdk
yafc	Not supported

[edit] Jabber

Software	Status	Comments
gaim	Supported
gajim	Not supported	http://trac.gajim.org/ticket/1969
gabber		Cannot be tested
gossip	Supported
kopete	Supported
psi	Not supported
mcabber
freetalk

[edit] Games

Software	Status	Comments
armagetron	Not supported
bzflag	Not supported
civil	Not supported
crackattack	Supported	Since 1.1.14-3mdk
freeciv	Not supported
frozen-bubble	Not supported
monkey-bubble	Not supported
tetrinet	Supported
wesnoth	Not supported

[edit] Mail

Software	Status	Comments
evolution	Supported
kmail ( kio-imap )	Supported
mozilla-thunderbird	Supported
mutt	Supported
sylpheed

[edit] Multimedia

Software	Status	Comments
amarok	Not supported	Weird, should be confirmed
beep-media-player	Mostly supported	Patched for vorbis/mp3 stream since 0.9.7.1-0.20050815cvs2mdk
mpg123	Not supported
mpg321	Not supported
mplayer	Supported
ogg123	Supported
rhythmbox	Supported
totem	Supported
xine	Supported
xmms	Supported	since 1.2.10-17mdk
vlc	Supported
zinf	Supported

[edit] Other

Software	Status	Comments
nc	Not Supported	See nc6
nc6	Supported
mtr	Supported
nmap	Supported	Must be run with -6
pgaccess	Not Supported	Maybe this is due to a lack of support in tcl
pgadmin3	Not Supported
psql	Supported
rsh	Not supported
rsync	Supported
ssh	Supported
telnet	Supported

[edit] Languages binding

The languages were only tested by fetching the kame webpage.

Software	Status	Comments
python	Supported
ruby	Supported

[edit] How to test

Testing ipv6 clients is quite easy, here are some URLs :

• mp3 stream : http://stream.ipv6.frequence3.net:19000/frequence3
• ogg stream : http://[2001:630:d0:f200::83]:8000/surge-live-mid.ogg
• video stream : http://[2001:610:0:800a:b192:87:5:82]/info/geo_u.asx
• web page : http://www.kame.net/ you will see an animated turtle if you are using ipv6
• ftp : ftp://ftp.ipv6.uni-muenster.de/
• irc : irc://irc.ipv6.freenode.net/

You can also start a server ( apache, pure-ftpd, etc ) and connect your client to ::1 if you don't have ipv6 connectivity.

[edit] Somes links

• http://www.bieringer.de/linux/IPv6/
• http://people.debian.org/~csmall/ipv6/
• http://linux.yyz.us/ipv6-fc2-howto.html
• http://www.gentoo.org/doc/en/ipv6.xml
• http://www.kame.net/
• http://livre.point6.net/index.php/Accueil
• http://www.netbsd.org//Documentation/network/ipv6/
• http://www.sixxs.net/faq/ipv6/?faq=coolthings