Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Prior name: Tornevall Networks RaspTunnel.

What is it?

Tornevall Networks RaspTunnel is was an experimental project where we're adding micro servers into in a DMZ-controlled environment is hosting the primary IPv6 connectivity. Main purpose is ipv6 GRE-tunneling with the help from your primary router, which should be configured to route traffic to a DMZ-address, where this micro server, known as Raspberry pi, are the tunnel gateway.

...

For the moment, to create more stability, we instead build all solutions on OpenVPN which also gives the possibility to aquire local IPv4 addresses if necessary . Or if you like, LAN access.

What is the goal?

There are a few top providers that support IPv6 connectivity already. For example Spacedump AB and Hurricane Electric. Many providers offers connectivity through SIT/GRE/TUN/TAP drivers. One of the goals is to be a in-between layer of the regular tunnels, as they are required to be (like described above) located un-NAT'ed to work. Besides, we offer a reverse-PTR-DNS editor at https://auth.tornevall.net, specifically written to make DNS editing easier.

How does it work?

No prior configuration or ip rule settings are required anymore. You only need OpenVPN and permission. Then it is up to you how your local endpoint are configured. Either we give you a simple IPv4/32 or IPv6/128 address, or we give you a /64 IPv6 subnet, as this is the smalles required size of a IPv6 subnet for DHCPv6 to work properly.

IPv6 Networks

DHCP delegation is normally installed clientside. It is also recommended to run dhcp on a /64-prefix. On prefixes higher (65 and up), it may not work properly.

Hurricane electric assigns prefixes by automation. The tunnel types there are based on the SIT-protocol. By requesting directly from them, there won't be any slowdowns in the routing.

Protocols

Supporting GRE but prefers OpenVPN. See below.

Remote Servers

Remote HostDescription
tunnel-prd.tornevall.netRound robin based remote server
tunnel02.tornevall.net
tunnel03.tornevall.net

Networks

Network/PrfLenHost PrflenPrefix/Length*Inbound AddressOpenVPN Tunnel AssignmentsLocal Prflen DelegationsLocationif-gw

2a01:299:a0::/48

Status
colourGreen
title48

Status
colourGreen
titlelocal

Status
colourGreen
titlelocal

Status
subtletrue
colourGreen
title64+

Status
colourGreen
title64

Status
colourGreen
titlePrimary

Status
colourBlue
titleSP

2001:470:dcb5::/48

Status
colourGreen
title48

Status
colourGreen
titleLocal

Status
colourGreen
titlelocal

Status
subtletrue
colourGreen
title>64

Status
colourGreen
title64

Status
colourGreen
titleSE


Status
colourBlue
titlehe

2001:470:83e7::/48

Status
colourGreen
title48

Status
colourGreen
titleLocal

Status
colourGreen
titlelocal

Status
subtletrue
colourGreen
title>64

Status
colourGreen
title64

Status
colourGreen
titlefremont/US


Status
colourBlue
titlehe

2607:5500:3000:78a::2/48

Status
colourGreen
title64

Status
colourGreen
title68

2607:5500:3000:78a:2000::1/68

Status
colourRed
title80

Status
colourBlue
titleTX/US

Status
colourBlue
titlehw

2a02:348:83:cc06::1/48

Status
colourGreen
title64

Status
colourGreen
title68

2a02:348:83:cc06:2000::1/68

Status
colourRed
title80

Status
colourBlue
titlenl

Status
colourBlue
titleti

2a01:4f9:c010:3142::1/64

Status
colourGreen
title64

Status
colourGreen
title68

2a01:4f9:c010:3142:2000::1/68

Status
subtletrue
colourYellow
title96+

2a02:c207:2042:5731:2a01:21a0:35ff::/112

Status
colourYellow
title96

Status
colourBlue
titlefi

Status
colourBlue
titlehz

2a02:c207:2042:5731::1/64

Status
colourGreen
title64

Status
colourGreen
title68

2a02:c207:2042:5731:2000::1/68

Status
colourYellow
title80

Status
colourBlue
titlede

Status
colourBlue
titlecb

* If prefix/length is set to 

Status
colourGreen
titlelocal
, the uplink is assigned directly at Tornevall Networks. If the networks are defined other ways for example 
Status
colourGreen
title68
, the entry point assignment is not set at Tornevall Networks SE-level. It is probably assigned elsewhere as a tunnel or similar.

Red marked ip ranges is networks that is not ready for assignments yet.

Visual view

Gliffy Diagram
nametornevall-openvpn
pagePin23