IPv6 home networking with OpenWrt

A couple of days ago, I got a new internet service provider, which provided a router capable of routing OR bridging, which means I can get a public IP address for my OpenWrt router. So, of course I had to set up my OpenWrt router as an IPv6 router, with an IPv6 tunnel so I could get to use all those cool IPv6 services out there on the big internet.

This was easier than I thought it would be, so I documented it all for everybody else to use. Enjoy.

Note: I am using a router running OpenWrt 10.03 (backfire), and I have a /64 subnet, provided by Hurricane Electric. This howto will reflect that.
First, log in to your router using SSH or TELNET and install some programs:

opkg install kmod-ipv6 radvd ip kmod-sit kmod-ip6tables ip6tables

Now we need to set up a IPv6 tunnel. First go to Hurricane Electrics tunnel settings site. Open the file /etc/init.d/he_ipv6 and fill in the necessary fields below:

#!/bin/sh /etc/rc.common

SERVER_v4=Server IPv4 address
SERVER_v6=Server IPv6 address
CLIENT_v4=Client IPv4 address
CLIENT_v6=Client IPv6 address
ROUTED_64=Routed /64:

start() {
  ip tunnel add henet mode sit remote $SERVER_v4 local $CLIENT_v4 ttl 255
  ip link set henet up
  ip -6 addr add $CLIENT_v6/64 dev henet
  ip -6 ro add default via $SERVER_v6 dev henet

  ip -6 addr add $ROUTED_64/64 dev br-lan
stop() {
  ip link set henet down
  ip tunnel del henet
  ip -6 addr delete $ROUTED_64/64 dev br-lan
restart() {

Don't forget to make it executable:

chmod +x /etc/init.d/he_ipv6

Now we should try testing the script. Run it, and then try pinging bredsaal.dk and an IPv6 address:

/etc/init.d/he_ipv6 start
ping6 -c4 bredsaal.dk ping6 -c4 2607:f2f8:6500::2

Actually, if everything works, you don't need to ping the IPv6 address, but if you can ping that address and not bredsaal.dk, the DNS you are using cannot resolve IPv6 addresses.

Alright, if everything worked, go on! If not, check that the script is correctly configured and try again.

Okay, make the script run on boot:

/etc/init.d/he_ipv6 enable

You should be all set. Now we only need to configure radvd - the Router Advertising Daemon!

Open the file /etc/config/radvdin your favourite editor, and make it look like this, of course with your own subnet.

config interface
  option interface          'lan'
  option AdvSendAdvert      1
  option AdvManagedFlag     0
  option AdvOtherConfigFlag 0
  option ignore             0

config prefix  
  option interface      'lan'  
  option prefix         '2001:0470:b00b:babe::/64' # or whatever your /64 is  
  option AdvOnLink      1  
  option AdvAutonomous  1  
  option AdvRouterAddr  1  
  option ignore         0

config rdnss  
  option interface 'lan'  
  option addr      ''  
  option ignore    1

Restart radvd:

/etc/init.d/radvd restart

Your computer should now get an IPv6 address, and you should be able to connect to the outside world from your computer, using IPv6. Remember, that the outside world can also connect to your computer over IPv6 now, so go set up that IPv6 firewall.

Did it work for you? Do you have any questions, comments or anything else? Write a comment below. :-)

Written by Jannich Brendle man 24 januar 2011 In How to

tags: ipv6OpenWrtpostaweek2011

Related posts