Sunday, 30 January 2011

PC Troubles

Hi all, sorry this week's post is not the anticipated Cross-Compile guide, this is due to the fact that I am having some PC problems at home which I am still trying to resolve. I've just had to RMA a brand new motherboard that arrived DOA.

I have already started writing the post, I just need to get the time with a non-broken computer to do so.

Sunday, 23 January 2011

DD-WRT IPv6 to Your Local Network

Last time I showed you how to get a dynamic tunnel from SixXs to a DD-WRT router. This time, we're going to get Router Advertisment going, the simplest way to distribute a routed subnet to your network. Router Advertisment only works with /64 prefixes, so if you have a larger one just pad out the extra with anything, just make sure you use the same prefix throughout.

The first thing you'll need to do is enable IPv6 forwarding and set up an address for your prefix on the local network. Although the latter is technically not required, it makes more sense than setting it as a route when you come to try fix any problems later. Run these two commands and add to startup, replacing with addresses that apply to you:

ip -6 addr add 2001:0DB8::1/64 dev br0
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding

I should have mentioned in the last post that I am using the Big DD-WRT pack, which includes some basic IPv6 support, including the Router Advertisement Daemon, RADVD. This can be enabled from the web interface, and the configuration specified there too. Your configuration will look like the one below. I'm not sure what the comment character is, so you may need to remove them.

interface br0 {
AdvSendAdvert on; // Send adverts
AdvLinkMTU 1280; // Default tunnel MTU, stop fragmentation
MinRtrAdvInterval 3;
MaxRtrAdvInterval 10;
prefix 2001:0DB8::/64 { // replace with your prefix
AdvOnLink on; // this prefix is on the local link
AdvAutonomous on; // generate
AdvRouterAddr on;
};
};

Even though the options are in the browser user interface, radvd does not start automatically. To start it, run

radvd -C /tmp/radvd.conf

As with aiccu, it's probably a good idea to add this line to your startup script. Any IPv6 enabled machines should pick up and IPv6 address or two, and you should also see the router's link-local address in your default gateway list. That's it, you should be able to ping6 from any of your ipv6 enabled machines, and begin browsing via IPv6. Some sites (such as Google) will not server AAAA records over IPv4 DNS queries. We'll detail how to get that working later on.

Seeing as this is a short post, I'll let you in to some options you can add to DNSmasq to make your network run a bit more smoothly, especially if you don't want to remember IPv6 addresses.

Firstly, set up a local domain name, something like 'home.local' and set that up as the domain name in the web interface. Enable the 'Local DNS' setting. Local machines acquiring an IPv4 address via DHCP will be automatically added to DNS. Of course, this doesn't help for IPv6.

As generated IPv6 addresses when using RA don't change (unless they are Temporary Addresses), you can maunually add records to be served using the 'Additional DNSMasq Options'. Here's an example:

address=/pc1/pc1.home.local/2001:0DB8::5555

Well that should keep you going for a little longer. Next time, setting up a cross compile environment. There are some shortcomings in DD-WRT that we'll need to sort out ourselves. Namely DHCPv6 to distribute nameserver addresses, ip6tables for stateful firewalling, and ping6 as it's one of the search terms the gets referred here, so I assume there's a need for it. I may also post my binaries for each at a later date.

Sunday, 16 January 2011

DD-WRT IPv6 Support

Right, I suppose I started writing some technical content!

Recently, I purchased a Netgear WNR3500L router, basically because it is marketed as an open source router. The main features that make it particularly useful are its relatively large flash size, a USB port, and 64MB RAM, which make it more than good enough to run a few extra applications. This seemed like a good choice, as support for IPv6 in routers (including custom firmware) is limited, and there is some patchy documentation on getting everything working. I started off by flashing it to DD-WRT, a free custom firmware with basic IPv6 support.

My current ISP does not currently have support for native IPv6, so I need to use either 6to4 or a tunnel broker. As 6to4 is way down on the priority list, I headed over to SixXs and requested a tunnel. Signing up and requesting tunnels and subnets from them requires manual approval by staff, so some people may prefer to use Hurricane Electric instead.

While leaving the requests to go though, it's a good idea to start preparing the router. Basic set up was pretty simple, from here the fun begins. You need some space in which to install extra applications. This can either be in free space on the internal flash, or on an external USB stick (or even in RAM). I took the USB stick approach. You'll need to format it to a filesystem supported by the router. FAT32 is fine, but it's better to use ext2 (some packages need symbolic links). Once it's formatted, enable USB support through the Web UI, and set up automatic mounting, and plug it in. Also make sure to enable Jffs2 support, even if you're not going to use it, as the ipkg command will complain otherwise.

Most of the rest of this setup needs to be done via ssh. Make sure the USB stick is mounted to your chosen mount point. I chose /opt. To actually use the tunnel we need aiccu, which automatically sets up dynamic tunnels (I wont cover static tunnels here). To install it, issue the following command:

ipkg -d /opt install http://downloads.openwrt.org/kamikaze/8.09.2/brcm47xx/packages/aiccu_20070115-2.1_mipsel.ipk

Now to configure it. Assuming you've had your account and tunnel requests accepted, you should have a username and password. The DD-WRT includes 'vi', a popular text editor (Again, I'll assume you know how to use it). Open /opt/etc/config/aiccu and clear it. It needs to look something like this:

username ABCD-SIXXS # SixXs username
password ******** # SixXs password
protocol tic
server tic.sixxs.net
ipv6_interface sixxs
tunnel_id T***** # SixXs tunnel ID
verbose false
daemonize true
requiretls true # optional
defaultroute true


Now just get it up and running by issuing this command:

aiccu start /opt/etc/config/aiccu

That's it, you should now have tunnelled IPv6 connectivity to your DD-WRT router. Try using and online ping6 utility to ping it. I'm sure you'll also want to start the tunnel on boot; so from the web interface, modify the startup script to contain the line you just executed.

Now having IPv6 end at your router is not massively helpful, so my next post will be about how to configure router advertisement and distribute a routed subnet to your local network.

Until next time,
Andee out.

Monday, 10 January 2011

New Blog

Evening all, welcome to this, my new blog. This blog will contain only posts of a technical nature, following the development of this blog system and any other projects I take on, including those as a member of Canterbury Hackspace, an organisation founded by myself and naxxfish to promote and aid innovation by creating a pool of resources and knowledge. More information at canterbury.hackspace.org.uk

Now, I did start writing a totally new blog system in C and FCGI. This seemed like a good idea at the time to keep server resource use down. But as with a lot of my projects, I lost interest as there are plenty of free alternatives I can use without having to run them on my own server. This leaves it free to host my SVN repositories, my IP PBX and be my always-on shell server.