Server Configuration to Tunnel Broker

Your IP address is 38.107.191.115

INTRODUCTION

This page documents the configuration of a Linux Server (Mandriva 2010) and Windows XP Pro clients for establishing an ipv4 tunnel to a tunnel broker and providing ipv6 capability to the Local Area Network (LAN).

• I have registered for ipv6 addresses at an IPv6 Tunnel Broker (cache) and have been allocated the "Routed IPv6 Prefixes" of 2001:470:d:420::/64 and 2001:470:f083::/48.
• Because I currently have a dynamic address assignment from my ISP, I have configured a script to update my ip address to my tunnel broker account.
• I've also configured a script to enable ipv6 connections on my server and LAN by establishing a 6to4 tunnel (sit device) to the tunnel broker.
• I've installed RADVD to advertise prefix 2001:470:d:420:1::1/64 on the server internal (eth1) interface so clients on this interface is allocated ipv6 addresses.
• Service Pack 3 for Windows XP Pro is installed so that the "Microsoft TCP/IP version 6" protocol can be used to enable ipv6 capability on the LAN clients.

SERVER

The server's OS is 2010 Powerpack (yep,...downloaded an ISO image through bittorent from http://www.kickasstorrents.com/applications/

Shorewall6

Install shorewall6 and configure with the following;

Zone ID    	Parent zone    	Zone type    		Comment

fw 				Firewall system
net 				ipv6
loc			 	ipv6

Interface Zone Name     Broadcast Address     Options

sit1 	  net 	        Automatic 	      tcpflags,forward=1,nosmurfs
eth0 	  loc 	        Automatic 	      tcpflags,forward=1,nosmurfs
eth1 	  loc 	        Automatic 	      tcpflags,forward=1,nosmurfs

Source zone    	Destination zone    	Policy    	Syslog level

net 		Firewall 		ACCEPT 		info
Firewall 	net 			ACCEPT 		None
loc 		Firewall 		ACCEPT 		None
Firewall 	loc 			ACCEPT 		info
loc 		net 			ACCEPT 		info
net 		loc 			ACCEPT 		info
net 		Any 			DROP 		None
Any 		Any 			REJECT 		info

LAN CLIENT

---