Home / ubuntu / Questions / 50424
Accepted
Kelley
Asked: 2011-06-25 13:38:38 +0800 CST

How can I find and remove 6to4 from my system?

  • 772

Last week I installed Miredo and configured my system to handle IPv6 through 6to4 tunneling. It was easy and it worked well.

So I decided I'd give Hurricane Electric's IPv6 connection a try. I've had a lot to learn, and I thought I had it all running (with a great deal of help from a very patient person at Hurricane: my LinkSys E3200 didn't like IPv6).

But now, when all should be good, after I uninstalled Miredo and Teredo and whatever else, I find that there is "6to4 tunneling - another automatic tunneling," which I need to remove from my box. But I have no idea where or what it might be.

Connected to my computer are a couple printers, an external hard drive, and a router (which has no settings for IPv6). All of these are, I think, innocent in this matter.

$ ifconfig
eth0      Link encap:Ethernet  HWaddr 00:21:9b:1c:26:bb  
          inet addr:192.168.1.104  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: 2002:42db:c22c:0:221:9bff:fe1c:26bb/64 Scope:Global
          inet6 addr: fe80::221:9bff:fe1c:26bb/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1427 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1342 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1152240 (1.1 MB)  TX bytes:177497 (177.4 KB)
          Interrupt:20 Memory:fdfc0000-fdfe0000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:12 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:720 (720.0 B)  TX bytes:720 (720.0 B)

$ ip -6 route show
2002:42db:c22c::/64 dev eth0  proto kernel  metric 256  expires 24sec
fe80::/64 dev eth0  proto kernel  metric 256 
default via fe80::c2c1:c0ff:fec6:3308 dev eth0  proto kernel  metric 1024  
expires   1794sec hoplimit 64

So, how can I get rid of 6to4 tunneling, when I don't even know where it is? Is there someplace to look and find out what's going on? I'm pretty new to Linux and Ubuntu.

So it looks like Miredo isn't running, yet I'm getting IPv6 addresses in eth0. It was that, I think, that a guy at Hurricane Electric was seeing and that caused him to see "6to4 tunneling - another automatic tunneling." Is that just a feature of Ubuntu?

He told me this:

"Look for a machine that has 6to4 tunneling configured and announcing 6to4 prefix to your linux box.

Here's the clue: According to your IPv6 route table, fe80::XXXX:XXXX:XXXX:XXXX is a link local address for your default gateway. Can you check and see which device has a MAC address of XX-XX-XX-XX-XX?"

It turns out that the device with that MAC address is my LinkSys router! (Which has NO IPv6 support!) I don't understand that.

ipv6

1 Answers

  1. Best Answer

    To get a grip on what is happening with your networking, ifconfig is a great tool. It shows you all the interfaces on your computer and what addresses they have. Another good tool is ip -6 route show (IPv4 version: ip route show).

    6to4 addresses always start with '2002:xxxx:xxxx:' (for example 2002:40b8:f37f:). In comparison, a teredo address will always start with '2002:0:' (or 2002:0000: which is the same). Don't confuse 6to4 with a configured HE tunnel. A HE tunnel uses 6in4 and it's address will start with '2001:470:'.

    From your updated question, I can see that there is no 6to4 tunneling on your system. Your router is tunneling all IPv6 traffic that goes through it using '2002:42db:c22c:0:' addresses through a 6to4 tunnel. It is giving out addresses from its tunnel to the local network. Apparently your router supports IPv6 that much.

    So, how does your computer have an IPv6 6to4 address without a 6to4 tunnel? Well, your computer is using that address it gets from the router to do native IPv6 on your home network. When it has internet bound IPv6 traffic, it sends it to your router which sends it inside the 6to4 tunnel.

    So, your whole network currently has IPv6 and you have a choice. You can let your router do the IPv6 for the network, which will give you a different IPv6 address every time you IPv4 address changes. Or, you can have your Ubuntu do the IPv6 for your network and have static addresses from HE. I think it might also be possible to do both.

    To ignore the IPv6 addresses advertised by the router, click on the network manager icon and click Edit connections. (Non-Unity:Right click instead to open menu). On the wired tab, double Click the the Auto eth0 connection. Go to the IPv6 tab. Select Ignore instead of Automatic.

    I've written a how to for setting up HE tunnels on Ubuntu at https://erikbandersen.com/wordpress/?p=28. I copied some of it here.

    Let’s set up our IPv6 tunnel connection. Run

    gksudo gedit /etc/network/interfaces

    and add the following:

    auto he-ipv6
iface he-ipv6 inet6 v4tunnel
     endpoint 216.218.226.238
     address  2001:470:a:d29f::2
     netmask  64
     ttl 64
     up ip -6 route add default dev he-ipv6
     down ip -6 route del default dev he-ipv6

    Replace the endpoint setting (216.218.226.238) with the Server IPv4 address field from the tunnel details page and the address setting (2001:470:a:d29f::2) with Client IPv6 address field from the tunnel details page. Save the file. Ok, now let’s start the tunnel connection: run gksudo ifup he-ipv6 .

    (From here on is to advertise your tunnel addresses to the rest of the network.)

    Ok, now lets set the computer to allow IPv6 through itself, instead of accepting only traffic to itself. Open /etc/sysctl.conf. Look for the lines

    net.ipv6.conf.default.forwarding=0

    and

    net.ipv6.conf.all.forwarding=0

    and change them both from 0 to 1, adding the lines (with an =1) if they don’t exist. Save the file and then run

    gksudo sysctl -p

    Right click on the network manager icon in the tray and click Edit Connections. Select the connection to your local network and click Edit. Go to the IPv6 Settings tab and set the Method to Manual. Click Add. For the address put the first address in your Routed 64. (In this example it would be 2001:470:b:d29f::1 .) For the prefix put in 64 . For the gateway, put in the address from the “Client IPv6 address” of the tunnel details page (in this example it would be 2001:470:a:d29f::2). Click apply.

    Ok, now install the radvd package which lets other hosts automatically set up an IPv6 address from the block Hurricane Electric assigned you. Make a new text file and put in the following text, editing as directed by the comments:

    interface eth0  #change this to the interface that connects to the local network
       {
              AdvSendAdvert on;
              AdvHomeAgentFlag off;
              MinRtrAdvInterval 30;
              MaxRtrAdvInterval 100;

              prefix 2001:470:b:d29f::/64  #change this to the "Routed 64" from the tunnel details page
              {
                     AdvOnLink on;
                     AdvAutonomous on;
                     #AdvRouterAddr on; #We don't have dhcpv6 on. Only uncomment this if you want clients to look for a dhcpv6 server.
               };
       };

    Save the file as “/etc/radvd.conf”

    If you the UFW firewall running, open /etc/default/ufw in the text editor you have open and change

    IPv6=no

    to

    IPv6=yes

    and change

    DEFAULT_FORWARD_POLICY="DROP"

    to

    DEFAULT_FORWARD_POLICY="ACCEPT"

    and then save the file.

    To finish up, start the router advertising daemon by running

    /etc/init.d/radvd start
    • 4