setting up a local tunnel broker
Shadow Hawkins on Wednesday, 11 March 2009 20:08:39
Hi,
as many of you, I have a SixXS subnet that is tunneled with aiccu to a machine on our LAN.
On our LAN we have a number of virtual machines created. They are ephemeral so they need to
autoconfigure their IP6 address. They are also NAT:ed by the virtual machine monitor that runs them.
My question is - how do I set them up so that they get IP6 addresses from my SixXS subnet?
I can't simply set up a proto-41 tunnel, because they are NATed.
Do I have to setup a local tunnel broker for the subnet I have from SixXS? That would let the virtual machines use aiccu to connect to our subnet. But how do I do that? I noticed on the wiki page that I should advertize the tunnelbroker in a DNS TXT record for _aiccu, but I also need a server that can speak the TIC protocol. Any suggestions?
Or, is there perhaps an easier way that does not involve having to set up a tunnel broker?
Thanks for any ideas about how to go about with this...
Cheers,
Lars Rasmusson
setting up a local tunnel broker
Jeroen Massar on Wednesday, 11 March 2009 20:42:35 I can't simply set up a proto-41 tunnel, because they are NATed.
Can you show a network diagram of how things are connected? Most likely, even though you are NATting them on IPv4 you can do native IPv6 between them.
in a DNS TXT record for _aiccu
Due to too many DNS issues (and it thus timing out, being slow, breaking) the fetching of possible servers from DNS is going the way of the dodo soon; it will be replaced with an http based mechanism though.
But first, new sixxsd so that we primarily fix some stability issues, then the new aiccu can use some of the new cool features that are in there too for diagnosing issues that are then left.
setting up a local tunnel broker
Shadow Hawkins on Wednesday, 11 March 2009 21:33:16
Ok, I'll try.
(I didn't dare make any ASCII art, because there was no Preview button.)
SixXS PoP
- connected to
Our Gateway
- connected to
the LAN
- connected to
the Tunnel end point machine that forwards ipv6
and announces the subnet to the LAN
- connected to
one (or more) machine that can speak IPv6 with the tunnel end point and
thus to the rest of the world
- connected to
one (or more) machine that is running VirtualBox
(VirtualBox creates virtual machines that have NATed IPv4 addresses on the 10.x.x.x net)
- containg
one (or more) virtual machine with NATed address 10.0.2.x
Hope this makes some sense.
Thanks,
/Lars
setting up a local tunnel broker
Shadow Hawkins on Wednesday, 11 March 2009 21:06:21
Hmm, the editor ate my indentation... well all our physical machines are on the same LAN.
setting up a local tunnel broker
Jeroen Massar on Wednesday, 11 March 2009 21:34:11
When they are on the same LAN, just RA them and presto.
Btw, the [ code ] block can be used for getting ASCII stuff working fine.
setting up a local tunnel broker
Shadow Hawkins on Thursday, 12 March 2009 09:20:08
Yes, but the virtual machines are not on the same LAN, so to speak. They are NATed, and and the virtual machine monitor works as a router that only lets through the IPv4 and ICMP packets.
setting up a local tunnel broker
Carmen Sandiego on Saturday, 04 April 2009 18:59:02
well, you can either change your VM monitor to forward IPv6 packets to your tunnel create or modify one of your machines on the VLAN to act as a Router Advertiser and then have it forward the packets by tunnelling to your real LAN.
hope that helps
setting up a local tunnel broker
Shadow Hawkins on Friday, 13 March 2009 13:19:20
You could create a proto-41 tunnel between the machine that is running the virtual machines and the virtual machines themselves, and then make sure those addresses are routed to it properly.
You could also create an ipv4 vpn (I use OpenVPN) between your virtual machines and the computer the tunnel is on, then create a proto-41 tunnel over the vpn interface.
Posting is only allowed when you are logged in. |