IPv6-HE-to-Tomato

Get connected with IPv6

 

The Internet 2.0

Internet Service Providers like AT&T are slowly providing IPv6 service to their customers, but if your ISP doesn’t currently assign your household a public IPv6 address then you’ll need the help of a tunnel broker to get you connected. Why is getting connected to the IPv6 internet that important?  Honestly, for casual users, its not.  But geeks know that some things are only available if your home network has an IPv6 address.  Whether you just want to finally see the dancing kame, or you want access to some of the IPv6-only goodies like free usenet servers, the following guide will get you started creating your first 6in4 or protocol 41 tunnels.  Read more to find out how to get your home network off the IPv4 island and connected to the internet 2.0.

Got Tomato?

Not all home routers support IPv6.  Before you can start sharing IPv6 internet to your home network, be sure your router supports it.  Sixxs.net has provided this short list of hardware that supports IPv6 out of the box.  If your make/model of router isn’t on the list, then no worries, you still have options.  Any good geek knows most routers can be upgraded to support IPv6 by flashing with 3rd party firmware like DD-WRT or TomatoUSB. Flashing a router replaces the factory software with custom firmware.  It has the added benefit of possibly improving your router performance and unlocking loads of new capabilities including IPv6!   Find the make and model of your router and crosscheck it on this list from tomato or this list from DD-WRT.  Flashing a router is beyond the scope of this guide, but a simple Google search will yield plenty of how-to tutorials [1][2][3][4].  The best advice I can give to first time flashers is be sure you download the right firmware before you attempt to install it on your router!  If your hardware supports it, I highly recommend Toastman’s TomatoUSB packages.  Once you are sure your router supports IPv6, then move on to creating your first tunnel.

Creating an IPv6 Tunnel

Setting up a tunnel broker isn’t a requirement for IPv6, but it is the best solution.  For instance some routers can use 6to4 anycast relays but they are typically slower/less reliable depending on your ISP.  The best results come from a dedicated tunnel broker.  One example of a tunnel broker is the well-established all volunteer group over at sixxs.net.  However, by far the easiest to setup is Hurricane Electric’s tunnelbroker.net.  The only requirement is a valid email address. Ready to sign up?  Head over to their site and register.

After filing out the form above and clicking Register, an email will be sent to the address you supplied. Check your email inbox for an email from tunnelbroker.net.  Inside should be your login information. Write it down and return to the tunnelbroker.net website and Login with your username and password.

After logging in, you will be greeted with your profile page.  To get started, click the link on the left hand side that says Create Regular Tunnel.

On the next screen you can pick closest Tunnel server from a list, or just go with what Hurricane Electric automatically suggests.  The key piece of information you must supply on this page is your public IP address.

Your public IP is a unique address assigned by your ISP to identify the relative location of household on the internet.  You can find it by connecting to your home modem from inside your own network.  Looking for something called your WAN IP.  Hint: your Public/WAN IP is unique and will NOT start with 192.168 or 10.0.  As a shortcut, you always visit whatsmyip and write down the number at the top of the page.

Static VS Dynamic

Since the tunnel we are about to create needs to know where your home network is at all times, it will be a big help if your home network always has the same IP address. Many services such as AT&T DSL assign their customers new IPs every so often. This type of internet connection is called a dynamic IP.  Unfortunately, this means that the tunnel you are about to create between Hurricane Electric and your household will break whenever your home network is assigned a new address!  AT&T Uverse customers are in luck, because they typically have defacto static IPs.  Since no one relishes the thought of calling an ISP tech support hotline, you can unplug your internet modem, wait a minute, plug it back in.  Its not foolproof, but if the number on the whatsmyip website changes between power cycles then you have a dynamic IP.  If you are lucky enough to have a static IP you can skip the next section.

The Dynamic Workaround

Those with dynamic IPs will need to sign up for a free Dynamic DNS service.  For general tips on how to configure your router with a DDNS service look here. In short, DDNS service helps customers with dynamic IPs behave as if they were static.  This is done by configuring your home router to constantly update a website (yourname.dyndns.org) with your current home IP address.  The IP assigned to your house may change, but the domain name of the website will always be the same.  This is how you can make public place that always has your newest dynamic IP.   Hurricane Electric just so happens to offer a compatible Dynamic DNS service.  Once your comfortable you have a  public IP that can be reached all the time move onto the next step. Update: There is an illustrated guide on the Linksys Forums that covers How To Dynamic DNS + IPv6 + TomatoUSB!

ICMP Echo

Finally to ensure that tunnelbroker can see your home network, you must allow your modem to respond to ICMP echo requests.  Please be sure to turn that feature on.  Once you are ready go ahead and enter your Public IP and click Create Tunnel.

For security, be sure to turn off ICMP ping response right after you have successfully created your first tunnel. You won’t need it to maintain the tunnel connection.The next screen will display your newly created tunnel and all of its associated information.

And now the fun part!  It can be a bit overwhelming deciding which of the numbers above to enter into your home router.  So, I’ve given an example using for those using a tomato router.  Click on the picture below to enlarge.

Once you are done entering the information into your router, save your settings and reboot your router and PC for good measure, and thats it! You should now be connected to the IPv6 Internet! Most modern operating systems natively support IPv6, so you shouldn’t need to configure TCP/IP settings on your Windows 7 or newer Mac OSX/Linux PC.    For troubleshooting purposes, you can head over to test-ipv6.com to check your IPv6 connected status.  Finally, run an IPv4 VS IPv6 speedtest to see how fast your new IPv6 tunnel is running. If your interested in free usenet, feel free to can check this up/down status list see if your favorite free newsserver is up and running.  Enjoy!

 

10 thoughts on “Get connected with IPv6”

  1. Toastman builds allow you to configure Tomato to automatically update tunnelbroker.net when your Dynamic IP changes. It’s on the list of DDNS services under the DDNS menu. I have both DynDNS and HE/Tunnelbroker configured under DDNS to auto-update.

    1. Toastman’s TomatoUSB is a great build. Since I am lucky enough to have a static IP, I didn’t investigate the DDNS section in of the build in detail. However, the how to linked in my DDNS section above gives a detailed example for those with Toastman’s TomatoUSB and dynamic IPs. Toastman’s native support of HE.net dynamic DNS makes it a great choice!

  2. Thank you – people like you make us better

    Tomato Firmware RAF1.28.9006 MIPSR2_RAF K26 USB VPN-NOCA

    run on rt n16

    works like a charm for me

    1. Part of TomatoUSB’s appeal is the ability to take older under-powered hardware and unlock its potential. So, the best answer is check the model of the router you already have! If you are going to purchase new, then I’m partial to Cisco or Asus hardware. For thorough reviews including comparative router round-ups and showdowns, then nothing beats the empirical research done by crew over at SmallNetBuilder.

  3. Hi Troy, I completed the tunnel with toastman’s tomatousb 1.28 (on a Netgear WNR3500L/U/v2), the test-ipv6.com test works but gives these warnings:
    Your browser is blocking the test urls. We will try alternate methods, but they may fail to show your IP address; and may affect the quality of the advice given.

    The most likely cause is NoScript or AdBlock+. NoScript can be told to permit all scripts on this page (you may need to do this more than once). At minimum, permit the urls listed below.

    Your browser blocked http://ipv6.test-ipv6.com/ip/?callback=?&size=1600&fill=xxx…xxx

    strange thing is: I’m using firefox (on ubuntu) with no extensions and iptables is off and still, the postscan on HE is not able to ping any of the two global addresses assigned to my wlan0, so it seems like I can go out but cannot connect back. Is the tunnel two-ways? if not, is there any way to make it two-way with tomatoUSB ?
    if it is two-ways, what should I be testing/trying/checking?
    thanks in advance.

    1. This guide was simply what worked for me. I haven’t experienced the issue you are describing. But it sounds like your IPv6 tunnel is successful, and your browser is simply having issues running the pages scripts. This same guide was successful on Ubuntu 11.04 and chrome, so perhaps give Chrome a shot. Let me know if you resolve this. Thanks.

Leave a Reply

Your email address will not be published. Required fields are marked *