中文网站
  Advanced Search
Read the latest Blogs from IT professionals in the field. Read and write community created documents. Need IT help? Ask our staff. Connect with your peers. Check our Tech Shop for posters, books and software tools. Home
HomeNetworking TechnologiesNetworking TCP/IPAn IPv6 Deployment Guide Chapter 5: Integration and Transition

5.5.1.9 FreeBSD, NetBSD and Darwin/Mac OS X(1)

Tunnels are configured via the “ifconfig” command with little to no variation on all operating systems that have incorporated the KAME project’s IPv6 stack, including FreeBSD, NetBSD and Darwin/Mac OS X (OpenBSD could most likely be added to this list as the same instructions would most likely work on it, too, but this has not yet been verified by the authors).

The next installation steps should be followed in case of using ifconfig:

1. Check whether a “gif” interface exists using ifconfig:

# ifconfig gif0

The result is either:

ifconfig: interface gif0 does not exist

or

gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280

2. Create the interface:

# ifconfig gif0 create

and audit its state:

# ifconfig gif0
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280

This method works in FreeBSD and NetBSD, but not on Mac OS X even though it is documented in the manual pages for ifconfig on Darwin 6.8/Mac OS X 10.2.8 (aka Jaguar) as well as on Darwin 7.2.0/Mac OS X 10.3.2 (aka Panther) and in the usage information printed by the ifconfig command itself. However, Mac OS X comes with gif0 created as standard so if only a single tunnel is needed this poses no problem.

3. Assign the two (remote and local) IPv4 addresses of the tunnel endpoints, e.g.:

# ifconfig gif0 tunnel 130.1.2.3 134.5.6.7

4. Assign the local IPv6 addresses of the tunnel:

# ifconfig gif0 inet6 alias <Local_IPv6_TUNNEL_ ADDR> \
prefixlen <Length of prefix for tunnel address>

For example:

# ifconfig gif0 inet6 alias 2001:DEAD:BEAF:ABBA::1 prefixlen 64

Note that the “alias” keyword is not necessary on all BSD OSes, but it never hurts to include it. The prefix length may be omitted when it its equal to 64 since 64 is the default. When the user has only one or a few tunnels, it is recommended to use a 64 bit prefix length as that will typically also be used for other (less virtual) interfaces. However, longer (more specific) prefix lengths are not a problem and may be an attractive choice for tunnel brokers hosting many tunnels from a limited address space. It is wise to avoid prefixes longer than 126 bits as some implementations have reportedly had problems with 127 and 128 bit long prefixes, even though the authors are not currently aware of any such problems in recent releases of any operating system. Still, taking a prefix of 120, 126 or even 112 bits in length barely wastes address space and may be worthwhile to avoid any potential problems. For more details on this please refer to RFC 3627 [RFC3627].

In the above commands it is also possible to specify both the source and destination IPv6 addresses of the tunnel but it is not necessary as the routing subsystem does not need to know the remote end’s global address (it is enough to be able to talk to the next hop using link-local addressing). Though for administrative reasons it may be attractive to assign the destination address too. Some non KAME derived implementations even require the global IPv6 addresses of both tunnel endpoints to be set. This is accomplished by substituting the above command with, for example:

# ifconfig gif0 inet6 alias 2001:DEAD:BEAF:ABBA::1 \
2001:DEAD:BEAF:ABBA::2 prefixlen 128
‹ 5.5.1.8 Configure a tunnel interface on a Solaris 8 workstationup5.5.1.9 FreeBSD, NetBSD and Darwin/Mac OS X(2) ›