Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 29 Next »

Prior name: Tornevall Networks RaspTunnel.

What is it?

Tornevall Networks RaspTunnel was an experimental project where micro servers in a DMZ-controlled environment is hosting the primary IPv6 connectivity. Main purpose is ipv6 GRE-tunneling with the help from your primary router, which should be configured to route traffic to a DMZ-address, where this micro server, known as Raspberry pi, are the tunnel gateway.

The Tornevall Tunneling is a semi-production project where we were adding microservers into a DMZ-controller environments. The main purpose was to get full IPv6 connectivity through GRE tunneling. The backside of GRE tunneling usually is that it is REQUIRED to put such tunnels primarily as an external first-connection device (by means: The device hosting the GRE tunnel must be your primary inbound connection, which is where the DMZ comes in).

For the moment, to create more stability, we instead build all solutions on OpenVPN which also gives the possibility to aquire local IPv4 addresses if necessary . Or if you like, LAN access.

What is the goal?

There are a few top providers that support IPv6 connectivity already. For example Spacedump AB and Hurricane Electric. Many providers offers connectivity through SIT/GRE/TUN/TAP drivers. One of the goals is to be a in-between layer of the regular tunnels, as they are required to be (like described above) located un-NAT'ed to work. Besides, we offer a reverse-PTR-DNS editor at https://auth.tornevall.net, specifically written to make DNS editing easier.

How does it work?

No prior configuration or ip rule settings are required anymore. You only need OpenVPN and permission. Then it is up to you how your local endpoint are configured. Either we give you a simple IPv4/32 or IPv6/128 address, or we give you a /64 IPv6 subnet, as this is the smalles required size of a IPv6 subnet for DHCPv6 to work properly.

IPv6 Networks

DHCP delegation is normally installed clientside. It is also recommended to run dhcp on a /64-prefix. On prefixes higher (65 and up), it may not work properly.

Hurricane electric assigns prefixes by automation. The tunnel types there are based on the SIT-protocol. By requesting directly from them, there won't be any slowdowns in the routing.

Network/PrfLenLocal Uplink PrefixDelegatable prefixesLocation

2a01:299:a0::/48
48

LOCAL

64

PRIMARY

2001:470:dcb5::/48
48

LOCAL

64

SE

2001:470:83e7::/48
48

LOCAL

64

FREMONT/US

2607:5500:3000:78a::2/48
64

NOT YET SET

80

TX/US

2a02:348:83:cc06::1/48
64

NOT YET SET

80

NL

2a01:4f9:c010:3142::1/64
64

2a01:4f9:c010:3142:2a01::/68

80

FI

2a02:c207:2042:5731::1/64
64

2a02:c207:2042:5731:2a01::/68

80

DE


Visual view

tornevall-openvpn


  • No labels