4
self-answer from the crazy ideas dept.
My ISP does not support IPv6; I could use a tunnel, but the only an always-on computer I have is a generic desktop PC that runs Windows XP/Vista/7/8. (I don't have a Raspberry Pi or anything such, and cannot obtain one.)
I've configured a Hurricane Electric IPv6 tunnel on Windows. Can I use that to provide IPv6 connectivity to other devices on my LAN?
user1686
Posted 2015-03-01T21:01:25.530
Reputation: 283 655
4
Yes. Windows XP SP2 and later can act as an IPv6 router. (Can't say I would recommend it, but I'm sure your firewall is properly configured, right?)
You just need a /64-sized IPv6 address range to assign to your LAN. Hurricane Electric assigns one to each tunnel – look for "Routed /64" in the configuration page.
So, assuming your HE tunnel interface is called "he0", and your Ethernet card is called "eth0":
Run netsh in an elevated Command Prompt. Go to interface ipv6.
Route your /64 network through your local Ethernet interface, and make sure to publish it:
add route your-prefix/64 "eth0" publish=yes valid=1d preferred=1h
(For example, add route 2001:470:1f0b:123::/64 …)
The "publish" option means that Win7 will include this route in "Router Advertisement" packets it broadcasts to the LAN. Since it's a /64 prefix, other devices will automatically configure their own IP addresses for it.
The "valid" and "preferred" timers aren't strictly required, they just tell all other devices to forget that IPv6 route if it hasn't been advertised for a day.
Also publish the existing "default" ::/0 route:
set route ::/0 "he0" publish=yes valid=1d preferred=1h
Finally, actually enable the IPv6 routing features.
You must enable packet forwarding on both the "WAN" (tunnel) and LAN interfaces, but router advertisement on the LAN interface only.
set interface "eth0" forwarding=enable advertise=enable set interface "he0" forwarding=enable
Windows will begin sending "Router Advertisements" on all interfaces that have advertise=enable. In a few seconds, all devices on your LAN will have generated their own IPv6 addresses based on those advertisements. Go to http://test-ipv6.com/ or http://ipv6-test.com/ and try it out.
If you want to tear it down:
Disable routing: set interface ... forwarding=disable advertise=disable
Delete routes: del route ...
Delete the tunnel: del interface "he0"
user1686
Posted 2015-03-01T21:01:25.530
Reputation: 283 655
That works very fine. This way I could even get me IPv6 in virtualbox guests. "eth0" and "he0" are Linux-notations, though. To figure out the correct interface names, do a "show interfaces" in step 1 (I edited the above post now) – TJJ – 2016-03-22T10:46:15.963
1Just want to add that this will enable IPv6 in an otherwise IPv4-only network. Did this at my IPv4 university network and now my machine is handing out IPv6-addresses to all clients. Meaning all IPv6-traffic will run through my machine (e.g. google searches)! Be aware of that when bringing your machine to public networks! – TJJ – 2016-03-22T11:23:42.960
@TJJ: Well obviously if you make it act like a router, it will act like a router... Has the wrath of your university sysadmins come yet? – user1686 – 2016-03-22T12:50:12.973
That said, you can turn off "advertise" on the LAN interface, and only use manual IP configuration, then it will not affect others. – user1686 – 2016-03-22T12:52:24.247
No, because I immediately noticed this after enabling the forwarding. Though I am not sure if they will notice at all, since they don't do IPv6 (and so I guess no monitoring as well). Also, not many internet services support IPv6, so it's mostly google and facebook. – TJJ – 2016-03-22T12:56:33.170
Ok, but how do I set it up? I can't seem to figure out the correct gateway. It looks different in "route" if I look at IPv6 compared to IPv4. – TJJ – 2016-04-08T12:27:14.890
@TJJ: The "gateway" would still be the router's IP address on that interface; the only visual difference is that IPv6 routers tend to use their "link-local" fe80:… address instead of the global one. (But both work equally well, if you want to manually configure it.) That said, most of the time you shouldn't have to configure hosts at all – "advertise=enable" turns on SLAAC which does everything automagically. – user1686 – 2016-04-08T15:23:25.137
But I don't want to advertise all the time to all the network. So SLAAC is not a good option. But if I assign address and gateway manually, do I have to tell this also to the router (my Win10 Host)? – TJJ – 2016-04-08T16:12:02.620
I ended up adding an additional "VirtualBox Host Network Interface", and then added a second network interface using this "Host Network" to all my VMs. So I could configure forwarding etc. separately for VMs and physical eth-interface. In the end I left SLAAC turned on on the physical interface, and installed "dibbler" to support stateless DHCPv6 for the VMs. However, now that Microsoft killed HE-tunnels with the Windows 10 April 2018 update, I have to find a new method. – TJJ – 2018-06-12T13:23:11.233
1They did what ? – user1686 – 2018-06-12T14:04:21.103
1Microsoft removed the ability to create/start 6in4 tunnels with the April 2018 feature upgrade (already did so in the insider builds before release). The netsh-command with v6v4tunnel doesn't work anymore. The relevant nettun.inf has been purged. And since in the same move MS declared that IPv6 transition technologies are deprecated and won't be developed any further ("use native IPv6") this probably won't be resolved. So, Windows is no good anymore to set a tunnel up. You'll need some additional device. – TJJ – 2018-06-13T07:48:24.890
1Fixed in 1809 insider build 17711. Probably won't be backported to 1803, though. – TJJ – 2018-07-09T20:41:19.793