IPv6 tunneling with Hurricane Electrics (HE)

I’ve been looking around for a possible way to connect to the IPv6 internet for some time now and given the fact my provider didn’t allow me to run IPv6 natively I had to find an alternative solution. Hurricane Electrics (HE) provides (for free) five configurable IPv4-to-IPv6 tunnels together with a free DNS service and an interesting certification program.

certificate_badge

Hurricane Electrics IPv6 Certification

Willing to test the latest revision of the Internet Protocol on your Debian, Ubuntu, Fedora machines? Here’s how:

1. Register yourself at Hurricane Electrics by visiting tunnelbroker.net.

2. Create a new tunnel and make sure to use your public IP address as your IPv4 Endpoint.

3. Write down the relevant details of your tunnel, specifically:

  1. Server IPv6 Address: 2001:470:1f0a:a6f::1 /64
  2. Server IPv4 Address: 216.66.84.46 (this actually depends on which server did you choose on the previous step)
  3. Client IPv6 Address: 2001:470:1f0a:a6f::2/64

4. Create a little script that will update your IPv4 tunnel endpoint every time your internet IP changes. (this step is not needed if you have an internet connection with a static IP):

tunnel_broker

Your Tunnel configuration details at tunnelbroker.net


5. Create the networking configuration files on your computer:

Debian / Ubuntu, on the /etc/network/interfaces file:

Fedora, on the  /etc/sysconfig/network-scripts/ifcfg-he-ipv6 file:

and on the /etc/sysconfig/network file, add:

You can then set up a little /sbin/ifup-pre-local script to update the IPv4 tunnel endpoint when your dynamic IP changes or simply add the script on the /etc/cron.daily directory and have it executed when you turn up your computer.

ipv6_test

A sample image taken from ipv6-test.com.

6. Change the DNS servers on /etc/resolv.conf:

OpenDNS:

Google DNS:

7. Restart your network and enjoy IPv6!

8. If you want to know more about IPv6 take some time for the HE Certification program, you will learn a lot and eventually win a sponsored t-shirt, I just finished mine :-)

EDIT: Be aware of the fact that as soon as the tunnel is up, your computer will be exposed to to the internet without any kind of firewall (the tunnel sets up a direct connection to the internet, even bypassing your router’s firewall), you can secure your machine by using ip6tables. Thanks Michael Zanetti for pointing this out!

Share on Google+5Tweet about this on TwitterShare on Facebook0Share on LinkedIn0Digg thisShare on Reddit0Share on StumbleUpon0Email this to someone