Using Cisco DDNS update method to update remote tunnel IP
Shadow Hawkins on Monday, 11 July 2011 14:21:35
Hi there,
I am running an ipv6ip tunnel from the Tunnel1 interface to Hurricane Electric tunnelbroker terminated on a cisco 1921.
I have my Internet connectivity from a local provider but it is based on a dynamic IP address that changes whenever my interface flaps (once or twice a week). The internet connected interface is a dialer interface that has associated multiple DDNS updates to execute whenever the IP changes.
These, for those unfamiliar, allow the retrieval of an URL and the requests enbeds the IP address and both Hurricane Electric and DyDNS allow the update of both the remote tunnel and IP address of an A record.
As a result I enjoy stable v4/v6 connectivity.
I am wondering if SixXS has an URL I can use as target to update the remote end of the tunnel. I have read all AICCU and AYIYA but it does not appear to help in my case.
Any hints?
Thank you
Fabio
Using Cisco DDNS update method to update remote tunnel IP
Jeroen Massar on Monday, 11 July 2011 16:19:35
"DynDNS" alike updates would be too slow and packets would get lost; next to the fact that there is another very important point that will not be taken in consideration: when your host goes offline and does not update the address the next person using the IP address you previously used will still be receiving tunneled packets and then they will file an abuse report etc, which means work for us.
The heartbeat protocol is openly documented and a TCL client for Cisco is available, use that instead.
But, as you claim it works, why bother setting up another tunnel?
Using Cisco DDNS update method to update remote tunnel IP
Carmen Sandiego on Monday, 11 July 2011 16:43:15 The heartbeat protocol is openly documented and a TCL client for Cisco is available, use that instead. Indeed, Oliver Walters' implementation on http://www.sixxs.net/archive/sixxs/heartbeat/heartbeat.sh proves it won't take much effort to implement it in tcl :)
Using Cisco DDNS update method to update remote tunnel IP
Carmen Sandiego on Monday, 11 July 2011 16:26:17
I guess you're talking about this https://ipv4.tunnelbroker.net/ipv4_end.php url?
SixXS relays more on AICCU which is more clever in this stuff but of course is not available for appliances.
On the other hand heartbeat tunnels are behaving mostly the same way - they are dynamically configured static tunnels after all, so I believe it won't take much effort to implement similar feature.
p.s. i think this topic should rather go to feature requests :)
Using Cisco DDNS update method to update remote tunnel IP
Jeroen Massar on Monday, 11 July 2011 20:11:03
"appliances": AVM Fritz!Box, Draytek, Motorola, Astaro, pfSense, Monowall, are just a few which have TIC/heartbeat or even AYIYA support.
Using Cisco DDNS update method to update remote tunnel IP
Carmen Sandiego on Tuesday, 12 July 2011 13:38:09
Ok, I withdraw my comment about appliances %) (though I can hardly call a platform where I can install linux as an appliance, but it is another story)
Using Cisco DDNS update method to update remote tunnel IP
Jeroen Massar on Tuesday, 12 July 2011 15:18:01
Most "appliances" are just that: Linux boxes
Even if you can't always get to it, that is generally the case.
There are of course a couple of vendors that have still their own OSs but they are dwindling.
A perfect example is of course Juniper which gives you JunOS which is a heavily modified FreeBSD. Mac OS X is also just another BSD for that matter ;)
Using Cisco DDNS update method to update remote tunnel IP
Shadow Hawkins on Wednesday, 13 July 2011 11:03:55
Hello there,
sorry for the long time between asking the question and reading the thread, my REAL work and family (not necessarily in that order) kept me from replying.
1. agree it should go in feature request.
2. Cisco runs Cisco IOS (Internetworking Operating System) and does not support any of those protocols nor TCL (or any other) scripting
3. URL remot IP update for a tunnel requires a few seconds and it is executed by the router as soon as the link/protocol status goes up/up
4. True in case my IP changes and somebody elses would get my old one, he would be receiving traffic directed to my tunnel. Pinging my ipv6 address would solve this (lack of a reply=tunnel down)
5. If it works with HE why try? Because it can be done and also to experiment multihoming solutions.
Cheers
Fabio
Using Cisco DDNS update method to update remote tunnel IP
Jeroen Massar on Wednesday, 13 July 2011 11:12:50 2. Cisco runs Cisco IOS (Internetworking Operating System) and does not support any of those protocols nor TCL (or any other) scripting
I know what IOS is, I also knows it supports TCL Scripting (see the link for the PDF guide on it) and that Jakob Pfeiffer was nice enough to write a TCL version of heartbeat for it: SixXS Wiki: Heartbeat for Cisco IOS
3. URL remot IP update for a tunnel requires a few seconds and it is executed by the router as soon as the link/protocol status goes up/up
But it never signals that the host is down, it only signals that the IP changes, not that it went away.
4. True in case my IP changes and somebody elses would get my old one, he would be receiving traffic directed to my tunnel. Pinging my ipv6 address would solve this (lack of a reply=tunnel down)
Does not resolve it, as we are not going to ping your endpoint every 30 seconds to see if it is still there or not. I am also very sure that people would be unhappy if we disabled their tunnel in those cases.
5. If it works with HE why try? Because it can be done and also to experiment multihoming solutions.
Then I would say, get multiple connections from them, as you can't route packets with wrong sources over SixXS PoPs.
Using Cisco DDNS update method to update remote tunnel IP
Shadow Hawkins on Thursday, 14 July 2011 13:33:45
Thank you Jeroen,
a day in which you learn something it is not wasted. I did not know about the TCL scripting on IOS and about the existance of the HearthBeat for Cisco IOS.
Cheers
Fabio
Posting is only allowed when you are logged in. |