I just wanted to share some experiences regarding the usage of IPv6 on my R450G router. Please excuse any technical errors, since I am farely new to Mikrotik and to using IPv6.
I registered lately an account at http://www.tunnelbroker.com, a website offering free 6to4 tunnels. The service is operated by Hurricane Electric, which claims to be the largest IPv6 traffic provider. Of course the goal of the free offering is to attrack paying customers. But at least it is a standardized mechanism, which does not require obscure client software like http://www.sixxs.net does.
With a few clicks one can get a working 6to4 tunnel with its own /64 or /48 (routable!!!) IPv6 network prefix. The website also provides some basic commands to get an 6to4 tunnel working on the Mikrotik plattform.
Code: Select all
/interface 6to4 add comment="Hurricane Electric IPv6 Tunnel Broker" disabled=no local-address=78.53.216.104 mtu=1280 name=sixbone remote-address=216.66.80.30
/ipv6 route add comment="" disabled=no distance=1 dst-address=2000::/3 gateway=2001:470:1f0a:9bc::1 scope=30 target-scope=10
/ipv6 address add address=2001:470:1f0a:9bc::2/64 advertise=yes disabled=no eui-64=no interface=sixbone
Code: Select all
/ipv6 address add address=2001:470:9909:1:20c:42ff:fe52:941/64 advertise=yes comment="" disabled=no eui-64=yes interface=ether2-local
This does look just perfect for automation. Since the webpage does not require https, the fetch tool of the Mikrotik OS does the job. So to get IPv6 working after each ADSL reconnect, I wrote myself a little script. I based it partially on the DynDNS Update Script, which I found in the wiki.Please use the format https://ipv4.tunnelbroker.net/ipv4_end. ... id=$GTUNID
Where:
$IPV4ADDR = The new IPv4 Endpoint (AUTO to use the requesting client's IP address)
$MD5PASS = The MD5 Hash of your password
$USERID = The UserID from the main page of the tunnelbroker (not your username)
$GTUNID = The Global Tunnel ID from the tunnel_details page
Code: Select all
# 6in4 tunnel endpoint update script
# for use with tunnelbroker.com (Hurricane Electric)
# by r@n
# Define User Variables
# Change to the IPv4 interface, which is to be used as tunnel endpoint
:global pubinterface "Alice"
# User ID for tunnelbroker.com (NOT USERNAME!!!)
:global userid "?????????????????"
# Password for tunnelbroker.com as MD5 hash
# Note: Use a generator which does not add a newline to your password!
# This one works fine for me: http://www.miraclesalad.com/webtools/md5.php
:global md5passwd "????????????????"
# Globally unique ID for your tunnel within the tunnelbroker.com plattform
:global gtunnelid "?????"
# DO NOT CHANGE THIS SCRIPT BELOW THIS LINE !!!
# Grab the current IP address on that interface.
:global pubip [ /ip address get [/ip address find interface=$pubinterface ] address ]
# Trim public IP (assumes the subnetmask is larger than 9 bits)
:local tmp ([:len $pubip] - 3)
:set pubip [pick $pubip 0 $tmp]
# Remember last public IP (set at the end of this script, but remains in memory)
:global lastheip
:if ([ :typeof $lastheip ] = nil ) do={ :global lastheip "0" }
:if ($pubip != $lastheip) do={
:log info "HE: Updating 6in4 tunnel ..."
# Update local endpoint IP address on remote site
:global host "ipv4.tunnelbroker.net"
:global url "http://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=$pubip&pass=$md5passwd&user_id=$userid&tunnel_id=$gtunnelid"
/tool fetch url=$url host=$host
# Update local endpoint IP address in local configuration
/interface 6to4 set sixbone disabled=yes
/interface 6to4 set sixbone disabled=no local-address=[:toip $pubip]
# Advertise IPv6 once more
:local tmp2 [/ipv6 address find address="2001:470:9909:1:20c:42ff:fe52:941/64"]
/ipv6 address set $tmp2 advertise=no
/ipv6 address set $tmp2 advertise=yes
# Refresh default route
/ipv6 route remove [/ipv6 route find dst-address="2000::/3"]
/ipv6 route add comment="" disabled=no distance=1 dst-address=2000::/3 gateway=2001:470:1f0a:9bc::1 scope=30 target-scope=10
:log info "Update tunnel endpoint complete. $url"
:set lastheip $pubip
} else={
:log info "HE: No tunnel update needed."
}
1.) I have to advertise my routable IPv6 network prefix again by disabling and re-enabling it on the interface linked to my PC. Otherwise my win7 box won't notice the public IPv6 addresses on that link. (Auto-discovery)
2.) I have to delete and re-add the default IPv6 route again. Without this hack, I am not able to reach any IPv6 address besides my Mikrotik router.
Does anybody have a clue what I may be doing wrong here?
I would also like to hear about your encounters with the "new" internet protocoll. Does somebody here operate a larger IPv6 network?
Greetings from Germany,
Rabbit@Net
--------------------------
Now IPv6 enabled (sort of)