ismak-20030618.log

@jose_n it is my great honor to introduce Ismael Briones of InkaTel, located in Espana. he is one of the organizers of infosec. @jose_n he is a technical information engineer, the webmaster for infosec, and has been working on www.elmundo.es and www.inkatel.com, his own server. @jose_n and an all around very nice guy. @jose_n his talk today is "Playing with IPv6 at home (ADSL/CABLE)" @jose_n you can follow along in his notes at http://www.inkatel.com/new/textos/infosec/2003/ipv6-infosec2003.pdf @jose_n and now, i'll pass the microphne to ismak @ismak hello all @ismak ok, you can download the original document from http://www.inkatel.com/new/textos/infosec/2003/ @ismak in pdf and html format @ismak i want to remember you translations in #resdes and questions in #qc @ismak ok? @ismak ok, lets go @ismak In order to allow all the people to "play" with IPv6 i decide to develop an easy introduction of how to use IPv6 at home with our ADSL or CABLE internet connection @ismak The linux kernel (2.4.x version) support IPv6, and is easy to configure, but we need some special tunnels to use IPv6 with the actual IPv4 model. For this reason we are going to use the http://www.freenet6.netFreenet6 project. @ismak I - IPv6-ready kernel. Enable IPv6 in the kernel @ismak We can start checking for IPv6 support in the current running kernel. To check if our running kernel support IPv6 we have to look into /proc/net/ and look if there is a file named if_inet6. If this file doesn't exists the IPv6 module isn't loaded. We can try to load the module with the command modprobe IPv6. If we receive the message modprobe: Can't locate module IPv6, the IPv6 module isn't compiled, so we have to recompile the kernel t @ismak hans: sorry you have to access to /new/textos/ @ismak http://www.inkatel.com/new/textos/ @ismak We can use the native IPv6 kernel iomplemetation of the linux kernel or try the http://www.linux-ipv6.org/USAGI patches (in this document i am going to use the linux kernel implentation, but i recommend you to use the USAGI patches. I wanted to describe the installation of the USAGI patches, but i didn't have got enought time, sorry) You should use kernel series 2.4.x or above (in this example i use 2.4.20), because the IPv6 support in @ismak and enable the following options: @ismak Loadable module support ---> @ismak [*] Enable loadable module support @ismak [ ] Set version information on all module symbols @ismak [*] Kernel module loader @ismak Note: I have to uncheck the second option, because when i tried to insert @ismak the module i get unresolved Symbol errors. To avoid these errors @ismak unset the "Set version information on all module symbols" @ismak i cant have enought time to see what wass the problem, sorry @ismak Networking options ---> @ismak <M> The IPv6 protocol (EXPERIMENTAL) @ismak Note: You can select it as a module or directly compiled inside the kernel @ismak Save the changes and compile the kernel: @ismak make dep, make bzImage, make modules, make modules_install @ismak Install the new kernel, add a line to lilo.conf, install lilo and reboot (all of you know how to make this ;-) ) The next time we reboot we will have an IPv6-ready kernel (if we have compiled IPv6 as module we have to insert this in the kernel: modprobe IPv6). To check if our intefaces have an IPv6 direction associated, we can use the command ifconfig -a (This tool may be able to support IPv6, we will going to see it in the next subsecti @ismak net-tools and iproute @ismak The net-tools package includes tools like ifconfig and route, which will help us to configure IPv6 on an interface. First of all, we have to check if the net-tools package we have installed support IPv6. We have to look the output of ifconfig -? or route -? and look for something like inet6 or IPv6: @ismak /sbin/ifconfig -? 2>& 1|grep -qw 'inet6' && echo "utility 'ifconfig' is IPv6-ready" @ismak If we don't see the message utility 'ifconfig' is IPv6-ready the net-tools package doesn't support IPv6. We need to upgrade to a more recent version. @ismak We can see the IPv6 address of our network interfaces: @ismak eth0 Link encap:Ethernet HWaddr 00:05:1C:06:1D:6A @ismak ..... @ismak inet6 addr: fe80::205:1cff:fe06:1d6a/10 Scope:Link @ismak ..... @ismak This is first time we use IPv6 and we can see the link local address of our network interface (eth0). These are special addresses and if we use this address as destination the packet would never pass through a router. These addresses are used to communications like: @ismak * anyone else here on this link @ismak * looking for special addresses, like routers @ismak These addresses begin with: @ismak fe8x @ismak fe9x @ismak feax @ismak febx @ismak but actually only the first range is in use (fe8x). @ismak The host part of the address is computed by converting the MAC address of an interface (if available), with the http://standards.ieee.org/regauth/oui/tutorials/EUI64.htmlEUI-64 method, to a unique IPv6 address. If no MAC address is available for this device (virtual devices), something else (the IPv4 address or the MAC address of a physical interface) is used instead. So in our example: @ismak fe80::205:1cff:fe06:1d6a/10 @ismak the value: @ismak 205:1cff:fe06:1d6a @ismak is the host part and computed from the NIC's MAC address: @ismak 00:05:1C:06:1D:6A @ismak Now we only have this IPv6 address in this network interface. When we setup our tunnel with Freenet6, we will have a global address provided by the Freenet6 server (in our case it will be a 6bone test addresses. It will begin with 3ffe prefix). @ismak -- a little time to the translation @ismak we can use iproute too, like you can see in the pdf document( i am going to star with the Freenet6 Project) @ismak we dont have enought time and the iproute chapter isnt too much important @ismak II - Freenet6 Project @ismak Now we have to configure our tunnel with Freenet6 to use IPv6 over IPv4 @ismak In the web page of this project (http://www.freenet6.net) you can read something about the project @ismak freenet6 provide us with configured tunnels to use @ismak IPv6 in coexistence with IPv4 by encapsulating IPv6 packets over IPv4 @ismak If our ISP doesn't provide us with IPv6, we have to use a "third party provider", like Freenet6 that allow to create configured tunnels to use IPv6 over IPv4. @ismak freenet6 use a model based on a client/server @ismak a protocol is used to request a single IPv6 address to a full IPv6 prefix from a client to a tunnel server. We can use Freenet6 as an anonymous user or as an authenticated user: @ismak an anonymous users will not have a static IPv6 assigned to them @ismak the address will change when we run again the TSP client @ismak so if we want to have our own single address and a /48 IPv6 prefix everytime we tun the client we have to create our account in the web form http://www.freenet6.net/cgi-bin/new_account.pl @ismak enter an userid and an email address (to receive the password that Freenet6 will randomly be generated). @ismak Configuring Freenet6 @ismak First, we have to download the TSP client from http://www.freenet6.net. Then compile and install it. @ismak Now we are going to configure the tspc.conf file. @ismak When we install the tsp client, we have a tspc.conf file. We have to modufy some prameters: @ismak client_v4=OUR_REAL_IPv4_IP @ismak Here we have to put the real ip of our ADSL/CABLE internet connection. @ismak We need to specify the logical interface name that will be used to establish the configured tunnel (IPv6 over IPv4). @ismak Under any Linux platform including the USAGI stack: @ismak if_tunnel=sit1 @ismak Add our userid and password to create the tunnel as authenticated user: @ismak userid=USERID @ismak passwd=PASSWORD @ismak To configure our system and our interface, TSP client will run a configuration script, depending on the OS. By default, when we install the TSP client it detect the system and select this parameter: @ismak template=linux @ismak If template is set to checktunnel (template=checktunnel) only displays the values passed to the template. @ismak The next variables describes parameters to use in order to request /48 or /64 IPv6 prefixes to the server. Before requesting an IPv6 prefix, it is mandatory to have valid userid and password in the server. @ismak If we want to use our computer as an IPv6 router, we have to informs the template to enable the ipv6_forwarding on your computer: @ismak host_type=router @ismak with this command the tscp client will enable the ipv6_forwarding in our computer. @ismak We can request a /48 or a /64 IPv6 prefixes to the server. The /48 is recommanded for large site with multiple subnets while the /64 is for network with only one subnet. We will select this with the following parameter: @ismak prefixlen=64 @ismak or @ismak prefixlen=48 @ismak If we want all IPv6 nodes connected on the same subnet will be able to autoconfigure their IPv6 addresses by themselves, we have to enable automatically Router Advertisement on a network interface of the computer. With this option, one /64 of the prefix gotten will be advertised on a network interface. The syntax is: @ismak if_prefix=eth0 @ismak NOTE: We have to have the radvd binary installe in our system. (Debian GNU/Linux users: apt-get install radvd) @ismak And finally the dns_server parameter. This parameter is used to specify the DNS servers that should be used for reverse DNS delagation of the prefix allocated. Only if we have a dns server: @ismak dns_server=NAME_NAMESERVER1:NAME_NAMESERVER2 @ismak NOTE: Never use an ip address as a DNS server name. @ismak we can put one or two nameservers @ismak its the matter @ismak You can see more options in the tscp.conf man page.http://www.freenet6.net/tspc.conf.shtmltscp.conf(5) @ismak I have to modify thing in the template used by the TSP client (in my case the file template/linux.sh): @ismak Search te text "Default route" and Add the line: @ismak ExecNoCheck $route -A inet6 del 2000::/3 2>/dev/null # delete old 2000::/3 route @ismak after the line: @ismak ExecNoCheck $route -A inet6 del ::/0 2>/dev/null # delete old default route @ismak If we don't delete the old 2000::/3 route, if we relaunch the TSP client, it will fail when it try to add this route again. @ismak Other made changes are about Router Advertisement: @ismak First, create a user to execute radvd. @ismak (for security reasons, by this way radvd will not be executed as root @ismak Then update the line: @ismak Exec $rtadvd -u radvd -C $rtadvdconfigfile @ismak to @ismak Exec $rtadvd -u radvd -p /var/run/radvd/radvd.pid -C $rtadvdconfigfile @ismak We need to create the directory /var/run/radvd/ and chmod this to the user radvd. @ismak Run tspc @ismak Once we have installed the client and make the changes to the confige file, we can run tspc: @ismak PATH_TO_FREENET/bin/tspc -vf PATH_TO_CONF_FILE/tspc.conf @ismak If nothing happen and all has work well, now we will have a new interface sit1 @ismak 5: sit1@NONE: <POINTOPOINT,NOARP,UP> mtu 1480 qdisc noqueue @ismak inet6 fe80::c0a8:d05/10 scope link @ismak inet6 3ffe:b80:3:9678::2/128 scope global @ismak inet6 fe80::a00:5/10 scope link @ismak and we will have our network inteface (Ej: eth0) with our new IPv6 address assigned: @ismak 2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100 @ismak inet6 fe80::205:1cff:fe06:1d6a/10 scope link @ismak inet6 3ffe:b80:3:23b:1::1/64 scope global @ismak We have a 6bone test addresses. Let's try to probe: @ismak ping6 www.kame.net @ismak PING www.kame.net(orange.kame.net) 56 data bytes @ismak 64 bytes from orange.kame.net: icmp_seq=1 ttl=54 time=821 ms @ismak 64 bytes from orange.kame.net: icmp_seq=2 ttl=54 time=753 ms @ismak Congratulations!! we are connected to the 6bone ;-) @ismak You can try to connect to the web page of kame (you have to use an IPv6 compatible web browser, like Mozilla), to see the dancing kame (we will see an animated turtle only if we are connecting with IPv6). @ismak NOTE: Another example: www.ipv6.elmundo.es here you can find a lot of information about howo configure ipv6 @ismak Reverse DNS for prefix @ismak If we have added the option dns_server=fqdn.of.your.dns.server[:other-ns] in out tspc.conf, we can do the following steps to delegate the Reverse DNS to our dns server. @ismak Reverse DNS allows host to map IP addresses to hostnames. @ismak To delegate the reverse DNS of our /48 or /64 to our dns server, we have to do the following: @ismak * Edit our named.conf and add the following line (you have to change the value 1.2.3.4 with you real values) @ismak zone "4.3.2.1.0.8.b.0.e.f.f.3.ip6.int" { @ismak type master; @ismak file "reverse-3ffe-b80-1234.ip6.int"; @ismak allow-transfer {none;}; @ismak }; @ismak # Create the reverse-3ffe-b80-1234.ip6.int file (adjust the values to your real case) and fill it with something like this: @ismak $TTL 3D @ismak re, too much info :-) @ismak flooded :-) @ismak ok, i continue @ismak @ IN SOA ipv6.nowhere.net. postmaster.nowhere.net. ( @ismak 2001110500 ; serial @ismak 3H ; refresh @ismak 15M ; retry @ismak 1W ; expiry @ismak 1D ) ; mininum @ismak IN NS ns.nowhere.net. @ismak $ORIGIN 1.0.0.0.4.3.2.1.0.8.b.0.e.f.f.3.ip6.int. @ismak 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 in ptr first.ipv6.nowhere.net. @ismak # Restart bind and check if there is some error in the log file. @ismak # Try it. Teste the delegation: @ismak dig 4.3.2.1.0.8.b.0.e.f.f.3.ip6.int NS @ismak and now test your dns: @ismak dig 4.3.2.1.0.8.b.0.e.f.f.3.ip6.int SOA @ismak remember to change 4.3.2.1 with your values @ismak If it works well, reverse DNS should now be delegated to your server. @ismak Ok, that's all. Now you can start to play with IPv6, try if your tools are IPv6 compatible and amuse with it. @ismak yiucan get more info in: @ismak * http://www.bieringer.de/linux/IPv6/Linux IPv6 HOWTO, Peter Bieringer @ismak # Linux Kernel Documentation @ismak * http://www.freenet6.netFreenet6 Project @ismak usagi web page : http://www.linux-ipv6.org/ @ismak tjank to all of you, to the traduction man, and the infosec and uninet people @ismak thanks Generated by irclog2html.pl 2.1 by Jeff Waugh - find it at freshmeat.net!

`@jose_n`	`it is my great honor to introduce Ismael Briones of InkaTel, located in Espana. he is one of the organizers of infosec.`
`@jose_n`	`he is a technical information engineer, the webmaster for infosec, and has been working on www.elmundo.es and www.inkatel.com, his own server.`
`@jose_n`	`and an all around very nice guy.`
`@jose_n`	`his talk today is "Playing with IPv6 at home (ADSL/CABLE)"`
`@jose_n`	`you can follow along in his notes at http://www.inkatel.com/new/textos/infosec/2003/ipv6-infosec2003.pdf`
`@jose_n`	`and now, i'll pass the microphne to ismak`
`@ismak`	`hello all`
`@ismak`	`ok, you can download the original document from http://www.inkatel.com/new/textos/infosec/2003/`
`@ismak`	`in pdf and html format`
`@ismak`	`i want to remember you translations in #resdes and questions in #qc`
`@ismak`	`ok?`
`@ismak`	`ok, lets go`
`@ismak`	`In order to allow all the people to "play" with IPv6 i decide to develop an easy introduction of how to use IPv6 at home with our ADSL or CABLE internet connection`
`@ismak`	`The linux kernel (2.4.x version) support IPv6, and is easy to configure, but we need some special tunnels to use IPv6 with the actual IPv4 model. For this reason we are going to use the http://www.freenet6.netFreenet6 project.`
`@ismak`	`I - IPv6-ready kernel. Enable IPv6 in the kernel`
`@ismak`	`We can start checking for IPv6 support in the current running kernel. To check if our running kernel support IPv6 we have to look into /proc/net/ and look if there is a file named if_inet6. If this file doesn't exists the IPv6 module isn't loaded. We can try to load the module with the command modprobe IPv6. If we receive the message modprobe: Can't locate module IPv6, the IPv6 module isn't compiled, so we have to recompile the kernel t`
`@ismak`	`hans: sorry you have to access to /new/textos/`
`@ismak`	`http://www.inkatel.com/new/textos/`
`@ismak`	`We can use the native IPv6 kernel iomplemetation of the linux kernel or try the http://www.linux-ipv6.org/USAGI patches (in this document i am going to use the linux kernel implentation, but i recommend you to use the USAGI patches. I wanted to describe the installation of the USAGI patches, but i didn't have got enought time, sorry) You should use kernel series 2.4.x or above (in this example i use 2.4.20), because the IPv6 support in`
`@ismak`	`and enable the following options:`
`@ismak`	`Loadable module support --->`
`@ismak`	`[*] Enable loadable module support`
`@ismak`	`[ ] Set version information on all module symbols`
`@ismak`	`[*] Kernel module loader`
`@ismak`	`Note: I have to uncheck the second option, because when i tried to insert`
`@ismak`	`the module i get unresolved Symbol errors. To avoid these errors`
`@ismak`	`unset the "Set version information on all module symbols"`
`@ismak`	`i cant have enought time to see what wass the problem, sorry`
`@ismak`	`Networking options --->`
`@ismak`	`<M> The IPv6 protocol (EXPERIMENTAL)`
`@ismak`	`Note: You can select it as a module or directly compiled inside the kernel`
`@ismak`	`Save the changes and compile the kernel:`
`@ismak`	`make dep, make bzImage, make modules, make modules_install`
`@ismak`	`Install the new kernel, add a line to lilo.conf, install lilo and reboot (all of you know how to make this ;-) ) The next time we reboot we will have an IPv6-ready kernel (if we have compiled IPv6 as module we have to insert this in the kernel: modprobe IPv6). To check if our intefaces have an IPv6 direction associated, we can use the command ifconfig -a (This tool may be able to support IPv6, we will going to see it in the next subsecti`
`@ismak`	`net-tools and iproute`
`@ismak`	`The net-tools package includes tools like ifconfig and route, which will help us to configure IPv6 on an interface. First of all, we have to check if the net-tools package we have installed support IPv6. We have to look the output of ifconfig -? or route -? and look for something like inet6 or IPv6:`
`@ismak`	`/sbin/ifconfig -? 2>& 1\|grep -qw 'inet6' && echo "utility 'ifconfig' is IPv6-ready"`
`@ismak`	`If we don't see the message utility 'ifconfig' is IPv6-ready the net-tools package doesn't support IPv6. We need to upgrade to a more recent version.`
`@ismak`	`We can see the IPv6 address of our network interfaces:`
`@ismak`	`eth0 Link encap:Ethernet HWaddr 00:05:1C:06:1D:6A`
`@ismak`	`.....`
`@ismak`	`inet6 addr: fe80::205:1cff:fe06:1d6a/10 Scope:Link`
`@ismak`	`.....`
`@ismak`	`This is first time we use IPv6 and we can see the link local address of our network interface (eth0). These are special addresses and if we use this address as destination the packet would never pass through a router. These addresses are used to communications like:`
`@ismak`	`* anyone else here on this link`
`@ismak`	`* looking for special addresses, like routers`
`@ismak`	`These addresses begin with:`
`@ismak`	`fe8x`
`@ismak`	`fe9x`
`@ismak`	`feax`
`@ismak`	`febx`
`@ismak`	`but actually only the first range is in use (fe8x).`
`@ismak`	`The host part of the address is computed by converting the MAC address of an interface (if available), with the http://standards.ieee.org/regauth/oui/tutorials/EUI64.htmlEUI-64 method, to a unique IPv6 address. If no MAC address is available for this device (virtual devices), something else (the IPv4 address or the MAC address of a physical interface) is used instead. So in our example:`
`@ismak`	`fe80::205:1cff:fe06:1d6a/10`
`@ismak`	`the value:`
`@ismak`	`205:1cff:fe06:1d6a`
`@ismak`	`is the host part and computed from the NIC's MAC address:`
`@ismak`	`00:05:1C:06:1D:6A`
`@ismak`	`Now we only have this IPv6 address in this network interface. When we setup our tunnel with Freenet6, we will have a global address provided by the Freenet6 server (in our case it will be a 6bone test addresses. It will begin with 3ffe prefix).`
`@ismak`	`-- a little time to the translation`
`@ismak`	`we can use iproute too, like you can see in the pdf document( i am going to star with the Freenet6 Project)`
`@ismak`	`we dont have enought time and the iproute chapter isnt too much important`
`@ismak`	`II - Freenet6 Project`
`@ismak`	`Now we have to configure our tunnel with Freenet6 to use IPv6 over IPv4`
`@ismak`	`In the web page of this project (http://www.freenet6.net) you can read something about the project`
`@ismak`	`freenet6 provide us with configured tunnels to use`
`@ismak`	`IPv6 in coexistence with IPv4 by encapsulating IPv6 packets over IPv4`
`@ismak`	`If our ISP doesn't provide us with IPv6, we have to use a "third party provider", like Freenet6 that allow to create configured tunnels to use IPv6 over IPv4.`
`@ismak`	`freenet6 use a model based on a client/server`
`@ismak`	`a protocol is used to request a single IPv6 address to a full IPv6 prefix from a client to a tunnel server. We can use Freenet6 as an anonymous user or as an authenticated user:`
`@ismak`	`an anonymous users will not have a static IPv6 assigned to them`
`@ismak`	`the address will change when we run again the TSP client`
`@ismak`	`so if we want to have our own single address and a /48 IPv6 prefix everytime we tun the client we have to create our account in the web form http://www.freenet6.net/cgi-bin/new_account.pl`
`@ismak`	`enter an userid and an email address (to receive the password that Freenet6 will randomly be generated).`
`@ismak`	`Configuring Freenet6`
`@ismak`	`First, we have to download the TSP client from http://www.freenet6.net. Then compile and install it.`
`@ismak`	`Now we are going to configure the tspc.conf file.`
`@ismak`	`When we install the tsp client, we have a tspc.conf file. We have to modufy some prameters:`
`@ismak`	`client_v4=OUR_REAL_IPv4_IP`
`@ismak`	`Here we have to put the real ip of our ADSL/CABLE internet connection.`
`@ismak`	`We need to specify the logical interface name that will be used to establish the configured tunnel (IPv6 over IPv4).`
`@ismak`	`Under any Linux platform including the USAGI stack:`
`@ismak`	`if_tunnel=sit1`
`@ismak`	`Add our userid and password to create the tunnel as authenticated user:`
`@ismak`	`userid=USERID`
`@ismak`	`passwd=PASSWORD`
`@ismak`	`To configure our system and our interface, TSP client will run a configuration script, depending on the OS. By default, when we install the TSP client it detect the system and select this parameter:`
`@ismak`	`template=linux`
`@ismak`	`If template is set to checktunnel (template=checktunnel) only displays the values passed to the template.`
`@ismak`	`The next variables describes parameters to use in order to request /48 or /64 IPv6 prefixes to the server. Before requesting an IPv6 prefix, it is mandatory to have valid userid and password in the server.`
`@ismak`	`If we want to use our computer as an IPv6 router, we have to informs the template to enable the ipv6_forwarding on your computer:`
`@ismak`	`host_type=router`
`@ismak`	`with this command the tscp client will enable the ipv6_forwarding in our computer.`
`@ismak`	`We can request a /48 or a /64 IPv6 prefixes to the server. The /48 is recommanded for large site with multiple subnets while the /64 is for network with only one subnet. We will select this with the following parameter:`
`@ismak`	`prefixlen=64`
`@ismak`	`or`
`@ismak`	`prefixlen=48`
`@ismak`	`If we want all IPv6 nodes connected on the same subnet will be able to autoconfigure their IPv6 addresses by themselves, we have to enable automatically Router Advertisement on a network interface of the computer. With this option, one /64 of the prefix gotten will be advertised on a network interface. The syntax is:`
`@ismak`	`if_prefix=eth0`
`@ismak`	`NOTE: We have to have the radvd binary installe in our system. (Debian GNU/Linux users: apt-get install radvd)`
`@ismak`	`And finally the dns_server parameter. This parameter is used to specify the DNS servers that should be used for reverse DNS delagation of the prefix allocated. Only if we have a dns server:`
`@ismak`	`dns_server=NAME_NAMESERVER1:NAME_NAMESERVER2`
`@ismak`	`NOTE: Never use an ip address as a DNS server name.`
`@ismak`	`we can put one or two nameservers`
`@ismak`	`its the matter`
`@ismak`	`You can see more options in the tscp.conf man page.http://www.freenet6.net/tspc.conf.shtmltscp.conf(5)`
`@ismak`	`I have to modify thing in the template used by the TSP client (in my case the file template/linux.sh):`
`@ismak`	`Search te text "Default route" and Add the line:`
`@ismak`	`ExecNoCheck $route -A inet6 del 2000::/3 2>/dev/null # delete old 2000::/3 route`
`@ismak`	`after the line:`
`@ismak`	`ExecNoCheck $route -A inet6 del ::/0 2>/dev/null # delete old default route`
`@ismak`	`If we don't delete the old 2000::/3 route, if we relaunch the TSP client, it will fail when it try to add this route again.`
`@ismak`	`Other made changes are about Router Advertisement:`
`@ismak`	`First, create a user to execute radvd.`
`@ismak`	`(for security reasons, by this way radvd will not be executed as root`
`@ismak`	`Then update the line:`
`@ismak`	`Exec $rtadvd -u radvd -C $rtadvdconfigfile`
`@ismak`	`to`
`@ismak`	`Exec $rtadvd -u radvd -p /var/run/radvd/radvd.pid -C $rtadvdconfigfile`
`@ismak`	`We need to create the directory /var/run/radvd/ and chmod this to the user radvd.`
`@ismak`	`Run tspc`
`@ismak`	`Once we have installed the client and make the changes to the confige file, we can run tspc:`
`@ismak`	`PATH_TO_FREENET/bin/tspc -vf PATH_TO_CONF_FILE/tspc.conf`
`@ismak`	`If nothing happen and all has work well, now we will have a new interface sit1`
`@ismak`	`5: sit1@NONE: <POINTOPOINT,NOARP,UP> mtu 1480 qdisc noqueue`
`@ismak`	`inet6 fe80::c0a8:d05/10 scope link`
`@ismak`	`inet6 3ffe:b80:3:9678::2/128 scope global`
`@ismak`	`inet6 fe80::a00:5/10 scope link`
`@ismak`	`and we will have our network inteface (Ej: eth0) with our new IPv6 address assigned:`
`@ismak`	`2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100`
`@ismak`	`inet6 fe80::205:1cff:fe06:1d6a/10 scope link`
`@ismak`	`inet6 3ffe:b80:3:23b:1::1/64 scope global`
`@ismak`	`We have a 6bone test addresses. Let's try to probe:`
`@ismak`	`ping6 www.kame.net`
`@ismak`	`PING www.kame.net(orange.kame.net) 56 data bytes`
`@ismak`	`64 bytes from orange.kame.net: icmp_seq=1 ttl=54 time=821 ms`
`@ismak`	`64 bytes from orange.kame.net: icmp_seq=2 ttl=54 time=753 ms`
`@ismak`	`Congratulations!! we are connected to the 6bone ;-)`
`@ismak`	`You can try to connect to the web page of kame (you have to use an IPv6 compatible web browser, like Mozilla), to see the dancing kame (we will see an animated turtle only if we are connecting with IPv6).`
`@ismak`	`NOTE: Another example: www.ipv6.elmundo.es here you can find a lot of information about howo configure ipv6`
`@ismak`	`Reverse DNS for prefix`
`@ismak`	`If we have added the option dns_server=fqdn.of.your.dns.server[:other-ns] in out tspc.conf, we can do the following steps to delegate the Reverse DNS to our dns server.`
`@ismak`	`Reverse DNS allows host to map IP addresses to hostnames.`
`@ismak`	`To delegate the reverse DNS of our /48 or /64 to our dns server, we have to do the following:`
`@ismak`	`* Edit our named.conf and add the following line (you have to change the value 1.2.3.4 with you real values)`
`@ismak`	`zone "4.3.2.1.0.8.b.0.e.f.f.3.ip6.int" {`
`@ismak`	`type master;`
`@ismak`	`file "reverse-3ffe-b80-1234.ip6.int";`
`@ismak`	`allow-transfer {none;};`
`@ismak`	`};`
`@ismak`	`# Create the reverse-3ffe-b80-1234.ip6.int file (adjust the values to your real case) and fill it with something like this:`
`@ismak`	`$TTL 3D`
`@ismak`	`re, too much info :-)`
`@ismak`	`flooded :-)`
`@ismak`	`ok, i continue`
`@ismak`	`@ IN SOA ipv6.nowhere.net. postmaster.nowhere.net. (`
`@ismak`	`2001110500 ; serial`
`@ismak`	`3H ; refresh`
`@ismak`	`15M ; retry`
`@ismak`	`1W ; expiry`
`@ismak`	`1D ) ; mininum`
`@ismak`	`IN NS ns.nowhere.net.`
`@ismak`	`$ORIGIN 1.0.0.0.4.3.2.1.0.8.b.0.e.f.f.3.ip6.int.`
`@ismak`	`1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 in ptr first.ipv6.nowhere.net.`
`@ismak`	`# Restart bind and check if there is some error in the log file.`
`@ismak`	`# Try it. Teste the delegation:`
`@ismak`	`dig 4.3.2.1.0.8.b.0.e.f.f.3.ip6.int NS`
`@ismak`	`and now test your dns:`
`@ismak`	`dig 4.3.2.1.0.8.b.0.e.f.f.3.ip6.int SOA`
`@ismak`	`remember to change 4.3.2.1 with your values`
`@ismak`	`If it works well, reverse DNS should now be delegated to your server.`
`@ismak`	`Ok, that's all. Now you can start to play with IPv6, try if your tools are IPv6 compatible and amuse with it.`
`@ismak`	`yiucan get more info in:`
`@ismak`	`* http://www.bieringer.de/linux/IPv6/Linux IPv6 HOWTO, Peter Bieringer`
`@ismak`	`# Linux Kernel Documentation`
`@ismak`	`* http://www.freenet6.netFreenet6 Project`
`@ismak`	`usagi web page : http://www.linux-ipv6.org/`
`@ismak`	`tjank to all of you, to the traduction man, and the infosec and uninet people`
`@ismak`	`thanks`