Hi,

Just got my first routerboard and I would like to use it for HE IPv6 tunnelling. I’ve found various tutorials and examples so don’t think I’ll have too much trouble getting a tunnel up and running but have one issue which is that my public ip is dynamic. It hardly ever changes but I need to allow for it as if not I’ll typically lose remote access just when I need it.

I found a good example of how to handle this elsewhere in the forum (http://forum.mikrotik.com/t/6to4-tunnel-with-tunnelbroker-com/33877/1) but my issue is that the routerboard won’t have an interface on the public internet - it’s going to be in a DMZ connecting out through my ASA. The ASA will process my ddns updates on the tunnelbroker.net side of things as well as no-ip and gandi (for IPv4 glue) but I have no idea how to get the routerboard to detect and update the tunnel configuration if my public IP changes.

Any pointers on how I might achieve this? As I said this is my first time using a routerboard so please be nice.

Why not just use the routerboard as my gateway device? It’s useful for me to work with the ASA as I often encounter them at work. By putting the routerboard in my DMZ with a second interface connected back in to the asa as an outside zone I hope to be able to simulate a native IPv6 connection so far as the ASA is concerned. I plan to use the allocated /64 for the hop between ASA->RB and then the /48 for my internal network zone. I think this will all work but there’s only one way to find out.

Just discovered this. I don’t think it’ll be a problem if there’s a way to perform a dns lookup via a script.

dig @resolver1.opendns.com myip.opendns.com

Awesome..

Create and periodically run a script. You could run it whenever your WAN-connections goes down, too, of course.
/system script
add name=HE_tunnel_update policy=
ftp,read,write,policy,test,winbox,sniff,sensitive,api
source=“:local HEtunnelid "123456"\r
\n:local HEuserid "myusername"\r
\n:local HEpass "mypassword"\r
\n\r
\n# don’t change anything below this line\r
\n:local HEupdatehost "ipv4.tunnelbroker.net"\r
\n:local outputfile ("HE-".$HEtunnelid.".txt")\r
\n:local UpdateUrl ("https://".$HEupdatehost."/nic/update?username="
.$HEuserid."&password=".$HEpass."&hostname=".$HEtunnelid)\r
\n\r
\n# ----\r
\n\r
\n:log info ("Updating IPv4 endpoint address of IPv6 tunnel " . $HEtunn
elid . "…")\r
\n# 6.0rc11: https has not been implemented yet!\r
\n\r
\n/tool fetch mode=https host=($HEupdatehost) url=($UpdateUrl) dst-path=
($outputfile)\r
\n\r
\n:log info ("6to4 broker says: " . [/file get ($outputfile) contents])
\r
\n/file remove ($outputfile)\r
\n”

/system scheduler
add interval=10m name=6to4-notification on-event=HE_tunnel_update policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api start-date=mar/08/2013 start-time=19:00:00The script in plain text:
:local HEtunnelid “123456”
:local HEuserid “myusername”
:local HEpass “mypassword”

don’t change anything below this line

:local HEupdatehost “ipv4.tunnelbroker.net”
:local outputfile (“HE-”.$HEtunnelid.“.txt”)
:local UpdateUrl (“https://”.$HEupdatehost.“/nic/update?username=”.$HEuserid.“&password=”.$HEpass.“&hostname=”.$HEtunnelid)

----

:log info ("Updating IPv4 endpoint address of IPv6 tunnel " . $HEtunnelid . “…”)

6.0rc11: https has not been implemented yet!

/tool fetch mode=https host=($HEupdatehost) url=($UpdateUrl) dst-path=($outputfile)

:log info ("6to4 broker says: " . [/file get ($outputfile) contents])
/file remove ($outputfile)