You have probably heard of IPv6 and that it is the future Internet Protocol. But like most of us, you are probably connected to the net via an ISP that does not yet support IPv6 addresses. Most ISPs do not yet support IPv6 to their clients because their infrastructure does not support it. Overhauling that infrastructure is a costly and daunting process which takes time, effort, and money. However, most do support 6to4 translation, as does the FreeBSD operating system.

6to4 is an IPv6 tunneling and translation mechanism. It allows your computer (or private network) to have an externally facing IPv4 address but send IPv6 traffic over it. Basically it takes the IPv6 traffic, encapsulates it in an IPv4 packet, and sends the new IPv4 packet to your ISP. Your ISP has a special server which accepts this packet and forwards the original IPv6 packet along on the Internet.
This translation mechanism must be supported by your ISP. If your ISP does not support 6to4, you can still get IPv6 going with a 6over4 tunnel. More on that in a future article. Once the packet is sent along on the Internet it follows the usual routes to its target. If the target needs to respond it must know where to return the data to. Since the IPv6 packet was actually sent by your ISP, the target needs a way of finding your computer again. To accomplish this IPv6 has a set of addresses reserved for 6to4, there is an initial prefix of 2002: followed by your external IPv4 address encoded into the IPv6 address. Doing this encoding by hand is difficult and error prone, so I suggest using an online calculator, such as this one.

Manual Configuration

The quickest way to test out 6to4 is to manually configure your FreeBSD box.

Get the prefix for your "network" from an online prefix calculator. The prefix used in the following examples is based on 192.168.0.1 and is completely invalid for actual use.

1. Create the 6to4 interface. This will load the if_stf kernel module if it is not built in.

   root@aislynn# ifconfig stf0 create
   

2. Assign the interface an IPv6 address based on the prefix you got from the calculator.

   root@aislynn# ifconfig stf0 inet6 2002:c0a8:1:ffff::1/16
   

   I'm using the prefix "2002:c0a8:1::/48" for this example. I am also appending a subnet ID of "ffff" to this; this is not strictly necessary and will depend on how your intend to use 6to4 as well as your IPv6 address schema preferences. Finally the address for this interface within that subnet will simply be "1".
3. Add a default IPv6 route to the RFC 3068 Anycast address.

   root@aislynn# route add -inet6 default 2002:c058:6301::
   

   This is where the support from your ISP comes into play. They have to have a 6to4 relay that accepts the RFC 3068 address and routing configured to get traffic there.

If you are running a firewall (as any computer connected to the Internet should be) you may have to poke some new holes for IPv6 traffic. Otherwise, that is all there is to getting 6to4 working. The next time your computer reboots however, you'll lose the configuration.

Semi-Automatic Configuration

This configuration section is "semi-automatic" because there currently is no full-automatic 6to4 mechanism in FreeBSD. One of these days I'll write a script to do full-automatic, but until that time it still requires a bit of manual intervention. FreeBSD can calculate your prefix automatically for you, it will not add a subnet ID if you choose to use one as I did above. You do not have to use FreeBSD's automatic calculation however.

To setup with FreeBSD's prefix calculation, add to your /etc/rc.conf file:

ipv6_enable="YES"
stf_interface_ipv4addr="1.2.3.4"	# your external IP here
ipv6_defaultrouter="2002:c058:6301::"

To setup with manually calculated prefix, add to your /etc/rc.conf file:

ipv6_enable="YES"
ipv6_ifconfig_stf0="2002:c0a8:1:ffff::1/16"
ipv6_defaultrouter="2002:c058:6301::"
network_interfaces="auto"

If your external IP is assigned by DHCP, as almost all residential connections are, you have to manually change your IPv6 configuration every time your external IP changes. This is what I meant by "semi-automatic". Grafting the functionality to change the 6to4 address - when the DHCP IP changes - into FreeBSD is no easy task.

Routing 6to4 for Your Network

Part of the reason I put the 6to4 interface in the "ffff" subnet was to allow my internal network to use another subnet for IPv6 traffic which would be run externally through the 6to4 interface.

Once the above configuration is done it's easy to configure the computer as a gateway. First the computer will need IPv6 addresses on any interfaces that it will route traffic over, this is pretty much the same process as IPv4; unless you have a compelling reason to do otherwise, I recommend following a substantially similar scheme as your IPv4 deployment.

Manually configuring an IPv6 address on a network interface:

root@aislynn# ifconfig lan0 inet6 2002:c0a8:1::1/64

The same configuration added to rc.conf:

ipv6_ifconfig_lan0="2002:c0a8:1::1/64"

Then enable IPv6 packet forwarding (so the computer will act as a router/gateway).
My network interfaces are renamed at startup to lan0, wan0, etc. The names of your network interfaces may be different depending on your configuration. Manually enabling IPv6 forwarding:

root@aislynn# sysctl net.inet6.ip6.forwarding=1

The same configuration added to rc.conf:

ipv6_gateway_enable="YES"

Once this is completed assign IPv6 addresses to the other computers in your network and point their default gateway to the server you just setup. There are three different ways of configuring the IPv6 addresses on other computer in your network, which is outside the scope of this article, but will be the topic of a future article.