Archive for novembre, 2010

IPv6 mining exploitation (digging tunnels) [en]

mardi, novembre 23rd, 2010

IPv6 in IPv4

This is the most common situation: you want your IPv6 connectivity on your road warrior through your VPN:

Debian/Ubuntu:

router: /etc/network/interfaces

auto tunv6
iface tunv6 inet6 v4tunnel
address 2001:cafe:babe:1::1
netmask 64
endpoint 192.168.255.10
local 192.168.255.1
ttl 64

road warrior: /etc/network/interfaces

auto tunv6
iface tunv6 inet6 v4tunnel
address 2001:cafe:babe:1::2
netmask 64
gateway 2001:cafe:babe:1::1
endpoint 192.168.255.1
local 192.168.255.10
ttl 64

Shell commands:

Machine A:

ip tunnel add v6tun mode sit remote 192.168.255.10 local 192.168.255.1 ttl 63
ip link set v6tun up mtu 1280
ip addr add 2001:cafe:babe:1::1/96 dev v6tun

Machine B:

ip tunnel add v6tun mode sit remote 192.168.255.1 local 192.168.255.10 ttl 63
ip link set v6tun up mtu 1280
ip addr add 2001:cafe:babe:1::2/96 dev v6tun

IPv4 in IPv6

The weirdest and most interesting one: suppose you have equipment that is not IPv6 compatible, yet you want to connect them through a v6-only link between the two endpoints

Machine A:

ip -6 tunnel add v4tun mode ipip6 local 2a00:ffde:4567:edde::4987 remote 2001:473:fece:cafe::5179
ip addr add 192.168.99.1/24 dev v4tun
ip link set dev v4tun up

Machine B:

ip -6 tunnel add v4tun mode ipip6 remote 2a00:ffde:4567:edde::4987 local 2001:473:fece:cafe::5179
ip addr add 192.168.99.2/24 dev v4tun
ip link set dev v4tun up

Sources:

http://linux-hacks.blogspot.com/2008/02/howto-ipv6-ipv6-tunnel-and-ip4-ipv6.html

(Work in progress: this page will be syncronized with this one)