Getting IPv6 Using Freenet6 on Debian
IPv6 is the successor to our current internet protocol, IPv4. It offers many new features, including vastly increased address space--128 bits vs. IPv4's measly 32 bits--easier autoconfiguration and better support for encryption, just to name a few. The Debian project has done a good job of making its distribution IPv6-ready. In this article, you'll learn how to setup a IPv6-over-IPv4 tunnel using the free Freenet6 tunnel service. Note that I'm assuming you're using Debian testing (woody) or unstable (sid) and understand how to install packages through apt. I'm also assuming you know a little bit about IPv6, such as what an address looks like.
Before beginning the tunnel, you'll need a publicly addressable IPv4 address on the machine you're using. Your kernel also must support IPv6; Debian's default kernels do support IPv6. If you're not sure if your kernel does support it, check for a /proc/sys/net/ipv6 directory. Also see if the output of ifconfig contains any IPv6 addresses, something like fe80::24f:49ff:fe07:2552 Make sure your firewall isn't blocking IPv6 tunnel packets, IP protocol 41 (ipv6) must not be blocked in either direction.
Once you've confirmed all of this, start the tunnel by installing the Freenet6 client software with apt. The Debian package is called Freenet6 and is available in both testing and unstable versions. Once it's installed, Freenet6 automatically gets a IPv6 address for you based on your existing IPv4 address; no configuration is required. That's right, everything will work right out of the box on most systems simply by installing Freenet6.
Note that this IPv6 address is tied to your IPv4 address, if the IPv4 address changes so does your IPv6 address. Fortunately, if you've used the standard Debian systems for your internet connection, such as the PPP packages and the included dhcp clients, Debian will automatically get a new IPv6 address for you if your IPv4 address changes.
To test your IPv6 connection, try pinging something with the ping6 program. If you find that you don't have ping6, install it with the iputils-ping package. Some hosts to try pinging include www.6bone.net and www.kame.net. If the pings aren't working, double-check that your firewall isn't blocking IPv6 packets. If the pings do work, next try connecting to www.kame.net with Lynx, Mozilla or Konqueror. These browsers have IPv6 support in Debian testing. If everything is still working correctly, there will be a "dancing kame" at the top of the page and a little message at the bottom. If it still says you're using IPv4, and the ping6 test worked fine, double-check that you're using the latest version of the browser.
Congratulations! You're on the next generation internet! If you have a network behind a Linux router, you can also provide IPv6 for the machines behind it using Freenet6 and the radvd. How to do it will be explained in an upcoming issue of Linux Journal.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Firefox 46.0 Released
- Ubuntu Online Summit
- Devuan Beta Release
- The Qt Company's Qt Start-Up
- May 2016 Issue of Linux Journal
- The US Government and Open-Source Software
- The Death of RoboVM
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- New Container Image Standard Promises More Portable Apps
- Open-Source Project Secretly Funded by CIA
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide