IPv6 tunneling

Daniel Jared Dominguez danjared at laptop.org
Sat Jul 21 17:48:32 EDT 2007


>From [Community-news] OLPC News 2007-07-21:
> Lilian Walter got IPv4 and IPv6 dual stack ping and finger working.
> Lilian is researching on how to implement Teredo tunneling (Teredo
> tunneling is a protocol designed to grant IPv6 connectivity to nodes
> that are located behind IPv6-unaware NAT devices); this involves Ipv6
> features such as router solicitation/advertisement and DNS AAAA
> packets.

I thought about doing this after Michail suggested it a while ago but
then realized that there are several problems with Teredo.

Teredo only allows one host per NAT to tunnel IPv6 at a time. I believe
this may actually be a problem with the Teredo specification, although I
haven't looked at Teredo recently. And if you try using one Teredo
client as a router for other clients, you'll need an address space
assigned to each such Teredo client, which is a problem in itself (not
to mention that you'd almost certainly have to run BGP and probably have
problems that would require you to use eBGP multihop, if that will even
work in this case). I think we want to stay away from anything this
complicated; besides, speaking BGP 4+ as just a single-homed router
currently will take at least 32MiB of RAM.

Right now the best option is to use SixXS (as David Woodhouse has
suggested) or use OpenVPN to create tunnels to tubes.laptop.org. If
we're looking at OpenVPN, I have some scripts that I modified for the
purpose at
<http://dev.laptop.org/~danjared/olpc-tunnel-broker-scripts.tar.bz2>,
although I did not get a chance to test them and do not think that
anyone else has in the month and a half since I worked on this.

I'm in the process of doing a hardware/software upgrade to OLPC's IPv6
upstream router and hope to have something soon that can handle the load
we'll be putting on it, which I believe the current router cannot. (It'd
be nice if someone like Cisco would donate a router to OLPC/SIPB for the
purpose, since currently SIPB is depending on a repurposed machine.) We
should also be looking at getting address space from ARIN or whomever.

--Jared




More information about the Devel mailing list