Results tagged “tunnelbroker” from Nothing new here
As a follow up to my earlier teredo howto, here i want to show you how to use the Tunnelbroker provided by Hurricane Electric on OS X 10.5, Leopard, behind a NAT Router that passes protocol41 (e.g. Fritz!box Fon WLAN 7170).
I did not want to make rocket-science out of this, so i did the easiest and simpliest possible way to achieve my goal, which means that it might not be the 100% correct way to do things. Also, it's not going in to details about IPv6, so if you are new to this topic, the tutorial may be a bit difficult for you.How all this will work: Once you have finished this tutorial, you will have a Launchd script checking every 30 mins for IP changes, if your IP has changed, it will reset your IPv6 configuration. That means, in worst case, your IPv6 will be down for 30 minutes, but in best case you won't notice the script at all.
Step 1, Register with Hurricane Electric's tunnelbroker.netJust go to http://tunnelbroker.net and get your free account.
Step 2, Create a new tunnel
Click on Create Regular Tunnel, and enter your current public IPv4 there (see You are viewing from IP: <that's your ip>)
Next, pick the closest location to you. You can also ping each of the IPs shown there and pick the fastest one, since - at least in Germany - the closest geographical location not always is the fastest one.
When you are finished, you will get your tunnel details displayed, which should be similar to the screenshot below. You will need some values from this screen and the account overview screen in the script in the next step.
Step 3, The IPv6 ScriptThis is the IPv6 script, it is documented inside, so follow the steps there and then come back here :-)
#!/bin/bash[download]
#######################################################################
# Update the HE (Hurricane Electric) ipv6-tunnel
#######################################################################
# Interface to use: en1 = Airport, en0 = Ethernet
MYIF="en1"
# leave as is
IPCACHE="/Library/Caches/ipv6scriptIP"
# Your Tunnel settings start here
# 1. get HEUSER hash from the website, "UserID"
# 2. get HEPASS hash: echo -n YourPass|md5
# 3. get HETUNNEL from the website, "Global Tunnel ID"
# 4. get other settings from the website
HEUSER=fb3f06c821388858cafe95cea24895d3
HEPASS=420cc447758fe38e9df69a3a17c77c33
HETUNNEL=123456
HETUNEND=216.66.00.00
HEYOUR6END=2001:0123:123a:1234::2
HETHEIR6END=2001:0123:123a:1234::1
HEPREFIX=64
# This is some IP from the "Routed /64" pool, used for outgoing connections from your Mac.
# Should it get blocked by anyone, you can simply change it to any other IP from the pool
# without having to apply for a new tunnel. e.g. if your Routed /64 pool is
# 2001:0123:123b:1234::/64, you can use this for your IP:
HEMY64IP=2001:0123:123b:1234::0bad:cafe
#######################################################################
# Config end
#######################################################################
# sometimes this script will get executed twice at the same time, not good, so:
if [ -f $IPCACHE.lock ] ; then
echo A copy already running!
exit 0
else
touch $IPCACHE.lock
fi
# This is faster if your router sets a dyndns entry:
#NEW_IP=`dig mycomp.myvnc.com|grep "^mycomp"| grep -Eo "\<[[:digit:]]{1,3}(\.[[:digit:]]{1,3}){3}\>"`
NEW_IP=`curl -s "http://www.networksecuritytoolkit.org/nst/cgi-bin/ip.cgi"`
# Wait for the network...
while [ ! -n "$NEW_IP" ]
do
sleep 10
#NEW_IP=`dig mycomp.myvnc.com|grep "^mycomp"| grep -Eo "\<[[:digit:]]{1,3}(\.[[:digit:]]{1,3}){3}\>"`
NEW_IP=`curl -s "http://www.networksecuritytoolkit.org/nst/cgi-bin/ip.cgi"`
done
OLD_IP=`cat $IPCACHE`
if [ "$NEW_IP" = "$OLD_IP" ] ; then
CURCONF=`ifconfig |grep $HETUNEND`
if [ -n "$CURCONF" ] ; then
echo Nothing to do
rm $IPCACHE.lock
exit 0
fi
fi
echo -n $NEW_IP > $IPCACHE
# if you need to use your public ip address, use LOCAL_IP=$NEW_IP instead
LOCAL_IP=`ifconfig $MYIF |grep -E 'inet.[0-9]' | grep -v '127.0.0.1' | awk '{ print $2}'`
# let's delete a pre-existing gif0, ignore any errors
ifconfig gif0 deletetunnel
ifconfig gif0 down
ifconfig gif0 inet6 delete $HEYOUR6END
ifconfig gif0 inet6 delete $HEMY64IP
route delete -inet6 default -interface gif0
# update the tunnel
curl -k -s "https://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=$NEW_IP&pass=$HEPASS&user_id=$HEUSER&tunnel_id=$HETUNNEL"
echo " "
sleep 1
ifconfig gif0 tunnel $LOCAL_IP $HETUNEND
ifconfig gif0 inet6 $HEMY64IP/64 alias
ifconfig gif0 inet6 $HEYOUR6END $HETHEIR6END prefixlen /$HEPREFIX
route -n add -inet6 default $HETHEIR6END
rm $IPCACHE.lock
exit 0
After adapting the values to your needs, you need to save it in the right place:
sudo vi /usr/local/bin/ipv6script
Paste your script, and save it with :wq
Make it executable by typing
sudo chmod +x /usr/local/bin/ipv6script
Now we need to create a LaunchDaemon in Launchd, to do so:
sudo vi /Library/LaunchDaemons/net.pugio.myipv6script.plist
Paste:
<?xml version="1.0" encoding="UTF-8"?>[download]
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>net.pugio.myipv6script</string>
<key>ProgramArguments</key>
<array>
<string>/Users/pk/Applications/ipv6script</string>
</array>
<key>RunAtLoad</key>
<true/>
<key>StartInterval</key>
<integer>1800</integer>
<key>WatchPaths</key>
<array>
<string>/Library/Preferences/SystemConfiguration/com.apple.network.identification.plist</string>
</array>
</dict>
</plist>
This will tell Launchd to execute the script on Login, all network changes and every 30 minutes, in case your router gets a new IP. If you are on static IPs, you can remove that timer, just delete these two lines from the file: <key>StartInterval</key>
<integer>1800</integer>
Finally you have to activate your Lauchd Agent by executing following:sudo launchctl load /Library/LaunchDaemons/net.pugio.myipv6script.plist
You should now be able to ping6 pugio.net - congratulations.
Should something go wrong, execute the script by hand:sudo /usr/local/bin/ipv6script
If you find this howto useful, or have anything to contribute to it, please leave a comment or link to this tutorial, thank you :-)
