0

I have a linux router(dd-wrt w/o ipv6 module, no space for that) and a linux PC(Arch linux). I'm trying to setup my router to forward 6to4 packets(protocol 41) to my PC and setup the tunnel on it.

What I've done so far on router is:

iptables -t nat -A POSTROUTING -p 41 -d ! 192.168.1.0/24 -j SNAT --to _WANIP_
iptables -t nat -A PREROUTING -p 41 --dst _WANIP_ -j DNAT --to-destination _LANDEST_

where _WANIP_ is my 'outside' ipv4 address and _LANDEST_ is computer with 6to4 setup. The 6to4 setup is done like that:

export IPV4_ADDRESS=_WANIP_
export OUR_IPV6_GW=`printf "2002:%02x%02x:%02x%02x::1" \`echo $IPV4_ADDRESS | tr '.' ' '\``
ip tunnel add tun6to4 mode sit ttl 32 remote any local $IPV4_ADDRESS
ip link set dev tun6to4 up
ip -6 addr add $OUR_IPV6_GW/16 dev tun6to4
ip -6 route add 2000::/3 via ::192.88.99.1 dev tun6to4 metric 1

OUR_IPV6_GW contains one of 6to4 addresses. After doing all this steps for test I do ping6 ipv6.google.com to see if the setup works and I get error messages Destination unreachable: Address unreachable

I can ping(IPv4) to 192.88.99.1, ip -6 route looks fine. I've also tried running iptables -I [...] for NAT setup to be sure that no rule shadows inserted ones.

I used some resources from http://www.wtfm.org/ip6to4

Magik6k
  • 1

1 Answers1

1

You cannot use 6to4 through NAT. The IPv6 addresses depend on the public IPv4 address, which your 6to4 box doesn't have.

Besides, 6to4 is a obsolete/deprecated protocol. If you want IPv6 connectivity and your ISP doesn't provide it then you're better off using a managed 6in4 tunnel to e.g. Hurricane Electric our SixXS.

Sander Steffann
  • 4,802