[6bone] link local for tunnel endpoints

Todd T. Fries todd@fries.net
Fri, 7 Nov 2003 07:26:08 -0600 

I use this successfully with my OpenBSD links.  As pointed out to me
several years back by itojun, this is quite fun to setup a v6 tunnel
when the remote tunnel end is running route6d:

- ifconfig gif0 tunnel <local v4 address> <remote v4 address>

- ifconfig fxp0 inet6 <global v6 address>

- route6d

- ping6 www.kame.net ;-)


route6d automatically assigns the link-local address presuming the remote
route6d is advertising via the tunnel.

I admit I haven't tried zebra, and need to really try quagga, but I've been
encouraged to use that as route6d has some rather brainded exit() clauses,
causing headaches for machines .. (my headaches were for a machine with
interfaces that went up and down a lot) ..

And in the end, nothing prevents you from manually assigning the link-local.

Some tunnel providers, he.net for example, require you to assign your tunnel
global v6 IP's, as they ping them to verify you are `still up'.  Other
tunnel providers, freenet6.net for example, are perfectly happy with you
ignoring the tunnel global v6 IP's and simply using link-local.

The real constraint (as explained in other emails) is the requirement that
both ends must have a global v6 address on _some_ interfaces, not necessarily
the tunnel.
-- 
Todd Fries .. todd@fries.net


Free Daemon Consulting, LLC                    VOIP: 1.636.410.0632
http://FreeDaemonConsulting.com                Land: 1.405.810.2918
"..in support of free software solutions."   Mobile: 1.405.203.6124

Key fingerprint: 37E7 D3EB 74D0 8D66 A68D  B866 0326 204E 3F42 004A
            Key: http://todd.fries.net/pgp.txt

Penned by Dan Reeder on Sun, Oct 26, 2003 at 10:49:56PM +1000, we have:
| Hey guys
| in light of the recent spirited discussions regarding ptp subnets, I was
| wondering whether anyone has used or is using the link local addressing for
| the endpoints. (I'm not too sure whether it is still called link local in
| this case, as it is quite different from typical MAC-based addressing)
| 
| here's an example of my tunnel:
| 
| ip tunnel add sixbone mode sit remote 203.149.69.35 local 202.173.147.67
| ip link set sixbone up
| ip tunnel change sixbone ttl 255
| ip link set mtu 1472 dev sixbone
| route add -A inet6 ::/0 gw fe80::cb95:4523 dev sixbone
| 
| fe80::cb95:4523 is just the remote ip converted to hex and set with a link
| local prefix.
| 
| Now because my local router and the remote router also have valid 2001::
| global addressing (on mine for the /64 on another interface, on the remote
| for other purposes), so traceroutes back and forth are going through just
| fine. I realise that every device needs a globally reachable ip set on it
| somewhere, even on a loopback interface, to be reachable.
| But are there any operational down sides or gotchas that would prove this
| type of addressing to be unsafe or impractical for use?
| 
| thanks
| Dan Reeder
| 
| 
| _______________________________________________
| 6bone mailing list
| 6bone@mailman.isi.edu
| http://mailman.isi.edu/mailman/listinfo/6bone