I’m up and running with IPv6

I don’t know why, but I got a bee in my bonnet today and decided to setup IPv6. As it turned out, I already had the necessary hardware (an Apple Time Machine which is also a full featured AirPort Extreme Base Station) and only needed a tunnel broker. After some googling, I came up with a list of several and decided to try one out.

The first one I tried was SixXS. After going through the sign-up and email verification, I was left waiting for validation of my data. Humpf. Not so fun. After waiting all of maybe two minutes, I decided to try another.

I rang up a friend from work to find out who he uses. He recommended Hurricane Electric so I gave them a try. All I can say is I was amazed how quickly and easily I got an account setup, and got my tunnel information. They even allow up to four tunnels on the account, which means I could set one up at my brother’s house as well.

The difficulties came in three areas.

  1. Getting the Time Capsule configured
  2. Getting my ADSL router to route packets to the Time Capsule
  3. Updating my WPAD files so that IPv6 traffic would not use my proxy

Configuring the Time Capsule

Hurricane provided me with the following information to setup my IPv6 tunnel with.

Server IPv4 address: 216.66.80.26
Server IPv6 address: 2001:470:1f08:71d::1/64
Client IPv4 address: 87.198.128.166
Client IPv6 address: 2001:470:1f08:71d::2/64
[Client] Routed /64: 2001:470:1f09:71d::/64

In AirPort Utility, I went into manual mode for the Time Capsule, selected Tunnel mode on the IPv6 page (Advanced > IPv6), and pasted the info in, including manually setting the LAN Prefix Length. (In case you were wondering, my firmware version 7.3.2, the /64 prefix is automatically stripped once Update is clicked).


Once the Time Capsule restarted, I looked at my network settings on my MacBook Pro, and found that I now had an IPv6 address that was in the LAN IPv6 range. I tried ping6 ipv6.google.com, but it didn’t work. After lots of troubleshooting, I realized that I could ping only the Local IPv6 address of the Time Capsule, but not the Removte IPv6 address. That made me think router.

Configuring the router

Honestly, this was a piece of cake once I figured out where all the settings were. Basically, I had to disable the firewall on the router and then set it to forward all packets to the Time Capsule (I set it as the default server). Once I had those two things, I was able to ping6 ipv6.google.com, but was unable to pull up http://ipv6.google.com/ in my browser.

Configuring WPAD

To make my life easier, I have WPAD (Web Proxy Autodiscovery Protocol) setup on my local network so that the Auto-detect proxy settings for this network works in Firefox. I use Squid for my proxy on separate Linux server, but unfortunately the version I use (3.0STABLE1 on Ubuntu 8.04) doesn’t support IPv6. (The newer 3.1 release apparently does, but I’m not in the mood to spend lots of time compiling a new binary today.) I did some googling and found that I could make a single minor change to my wpad.dat file to get things working.

The basic change was to add a dnsResolve() check that was then compared against anything with a “:” in it. IPv6 addresses have colons ‘:’ in them, but IPv4 addresses don’t. If an IPv6 address is found, the proxy gets skipped. (I’ll save Squid 3.1 for another rainy day).

Here’s the final version of my wpad.dat.

function FindProxyForURL(url, host) {
if (host == "localhost" || host == "127.0.0.1") { return "DIRECT"; }
if (isPlainHostName(host)) { return "DIRECT"; }
if (shExpMatch(host, "*.local")) { return "DIRECT"; }

// route ipv6 directly
if (shExpMatch(dnsResolve(host), "*:*")) { return "DIRECT"; }

return "PROXY 172.18.0.8:3128; DIRECT";
}

function LocalFindProxyForURL(url, host)
{
FindProxyForURL(url, host);
}

That is pretty much it. Overall the process was much simpler than I expected. Hopefully this helps someone else get their IPv6 running as well!