HOWTO Configure FreeBSD with Freenet6 TSP

Easy way to get an IPv6 Address
Freenet6 is a brilliantly easy way to get an IPv6 address and the system is designed so that you don't have to do too much to get it all set up. It works like this, visit their web site at www.freenet6.net and click on User account registration. You do not need to register, but it allows you to keep the same IPv6 address even if your IPv4 address changes and it also allows you to be able to register a large pool of addresses so that you can give IPv6 addresses to all of your networks via a your router. So register.

Once you register your username and email address, you'll get an email with your password and you'll need this to configure the TSP (Tunnel Setup Protocol) client.

Installing tspc from the FreeBSD Ports
This is the easiest way to install, as long as you have the ports installed. Follow the example:

# cd /usr/ports/net/freenet6
# make install
===> freenet6-0.9.7 May not be automatically fetched due to licensing restrictions. You MUST manually fetch the version after reading and agreeing to the license at: http://www.freenet6.net/cgi-bin/download.cgi?fn=freenet6-0.9.7.tgz Once it has been downloaded, move it to /usr/ports/distfiles and then restart this build. You also can register to use this service at http://www.freenet6.net/cgi-bin/new_account.pl.

Okay, fine, it's not as easy as most ports to install, but it tells you what do to, so if you've got a web browser (such as lynx) installed on your FreeBSD machine, open it up to the address above, either that or download it on a different machine and then put the file into /usr/ports/distfiles

# cd /usr/ports/distfiles
# lynx http://www.freenet6.net/cgi-bin/download.cgi?fn=freenet6-0.9.7.tgz
lynx: No match
# lynx http://www.freenet6.net/cgi-bin/download.cgi\?fn=freenet6-0.9.7.tgz

Be sure to escape the question mark if you are going to use lynx, because those pesky question marks can get in the way from the command line. Now that I've got it downloaded, let's actually get to installing this thing.

# cd /usr/ports/net/freenet6
# make install
<!-- >8 -->
===> Checking if net/freenet6 already installed
Now that the package is installed, please finish it with the following steps:

- Copy /usr/local/etc/tspc.conf.sample to /usr/local/etc/tspc.conf
- Check the values of /usr/local/etc/tspc.conf. If you have registered at
  the website, fill in your userid and password there.
- Run /usr/local/etc/rc.d/freenet6.sh to start the tunnel.
- Try to ping a IPv6 host, for example: ping6 www.jp.freebsd.org

*** NOTE FOR UPGRADERS:
The configuration file has changed, please change "tsp_version" to
"1.0.1" and add "retry_delay=1800" to it. See tspc.conf.sample for
more information. If you don't add this, the tunnel will not be
setup.
<!-- 8< -->

All done, continue with Configuring Freenet6 tspc.

Installing tspc without the FreeBSD Ports
Odds are that if you don't have the ports installed, you know what you're doing and you don't want them. Change to a building directory (I use /usr/build) and get the latest source distribution. At the time of writing 1.0 just came out. Check http://www.freenet6.net/download.shtml for the link.

# cd /usr/build
# wget -O freenet6-client-1.0.tgz http://www.freenet6.net/cgi-bin/download.cgi\?fn=freenet6-client-1.0.tgz\&ref=http://www.freenet6.net/download.shtml\&IAGREE=+Yes+
<!-- 8< (downloading) >8 -->
10:11:02 (1.33 KB/s) - `freenet6-client-1.0.tgz' saved [330953]
# tar -zxvf freenet6-client-1.0.tgz
<!-- 8< (extracting) >8 -->
# cd freenet6-client-1.0

After reading the README file, which you always do, you will see the instructions to compile read:

To build the freenet6 client, just type make all target=os-type
where os-type is one of the following :

   freebsd4     for FreeBSD 4.x up to 4.3.
   freebsd44    for FreeBSD 4.4 and up.
   netbsd       for NetBSD 1.4 and up.
   openbsd      for OpenBSD 2.7 and up.
   solaris8     for Solaris 8 and up.
   linux        for Linux.
   windows2000  for Windows 2000 based systems.
   windowsXP    for windows XP.
   windows2003  for windows server 2003.
   darwin       for Darwin 6.0 (Mac OS X 10.2) and up.

I'm installing on FreeBSD 5.1, so freebsd44 it is.

# make all target=freebsd44
<!-- 8< (compiling) >8 -->
# make install target=freebsd44 installdir=/usr/local/tsp

Since I like things to run out of /usr/local/bin and config files to stay in /usr/local/etc, I did this:

# ln -s /usr/local/tsp/bin/tspc /usr/local/bin/
# ln -s /usr/local/tsp/bin/tspc.conf /usr/local/etc/

Configuring Freenet6 tspc on FreeBSD
Now that we've got the program installed, let's configure the tspc.conf file so that we can use it. First, we have to plug in our username and password which we were emailed. Open the /usr/local/etc/tspc.conf file and locate the userid= line. Change it to userid=youruserid. Change the password line to passwd=yourpassword. The rest of the defaults should serve you well, the only other major one you should look at is if you have a few valid network ip addresses on your computer, you want your external one to be running the tunnel. So change the client_v4=auto line from auto to your external IP address. You can now start the client and it will request your IP address for you and automatically set up the tunnel.

# tspc -vf /usr/local/etc/tspc.conf
tspc - Tunnel Server Protocol Client

Loading configuration file

Connecting to server

Using [externalIP] as source IPv4 address.
Send request

Process response from server

TSP_HOST_TYPE                    host
TSP_TUNNEL_INTERFACE             gif0
TSP_HOME_INTERFACE
TSP_CLIENT_ADDRESS_IPV4          externalIP
TSP_CLIENT_ADDRESS_IPV6          3ffe:0bc0:8000:0000:0000:0000:0000:13b3
TSP_SERVER_ADDRESS_IPV4          206.123.31.115
TSP_SERVER_ADDRESS_IPV6          3ffe:0bc0:8000:0000:0000:0000:0000:13b2
TSP_TUNNEL_PREFIXLEN             128
TSP_VERBOSE                      1
TSP_HOME_DIR                     /usr/local/tsp
--- Start of configuration script. ---
Script: freebsd44.sh
Setting up interface gif0
Adding default route to 3ffe:0bc0:8000:0000:0000:0000:0000:13b2
delete net default
add net default: gateway 3ffe:0bc0:8000:0000:0000:0000:0000:13b2
--- End of configuration script. ---
Exiting with return code : 0 (0 = no error)

So that's it, I'm connected and I've got a live IPv6 IP address. It's 3ffe:0bc0:8000:0000:0000:0000:0000:13b3 or 3ffe:0bc0:8000::13b3 for short. That's all well and good, but what if I want to set up sub-networks and give them IPv6 addresses from this machine which is my gateway? Well, here's what we do, we get ourselves a /48 (you only need a /64 for each network and a /48 contains 65,536 /64s but since freenet6 gives out /48s, we'll take one of those). In our configuration file, we have to change a couple of settings. First, now we're not just a host, we're also a router, so change or add host_type=router to the file. Then change or add prefixlen=48 to the file because we want a /48. Now, we have to tell the server which network card has the network that we'll be routing to on it. Add or change if_prefix=interface to the file. Then if we want to reverse lookups for our IPv6 IPs, we have to add dns_server=servername to the file. This is covered in another document.

Now that we've changed the config file, we re-run the program so that the server sees that we have changes for it.

# tspc -vf /usr/local/etc/tspc.conf
tspc - Tunnel Server Protocol Client

Loading configuration file

Connecting to server

Using [externalIP] as source IPv4 address.
Send request

Process response from server

TSP_HOST_TYPE                    router
TSP_TUNNEL_INTERFACE             gif0
TSP_HOME_INTERFACE               vr0
TSP_CLIENT_ADDRESS_IPV4          externalIP
TSP_CLIENT_ADDRESS_IPV6          3ffe:0bc0:8000:0000:0000:0000:0000:13b3
TSP_SERVER_ADDRESS_IPV4          206.123.31.115
TSP_SERVER_ADDRESS_IPV6          3ffe:0bc0:8000:0000:0000:0000:0000:13b2
TSP_TUNNEL_PREFIXLEN             128
TSP_PREFIX                       3ffe:0bc0:052d
TSP_PREFIXLEN                    48
TSP_VERBOSE                      1
TSP_HOME_DIR                     /usr/local/tsp
--- Start of configuration script. ---
Script: freebsd44.sh
Setting up interface gif0
Adding default route to 3ffe:0bc0:8000:0000:0000:0000:0000:13b2
route: writing to routing socket: No such process
delete net default: not in table
add net default: gateway 3ffe:0bc0:8000:0000:0000:0000:0000:13b2
Router configuration
Kernel setup
route: writing to routing socket: File exists
add net 3ffe:0bc0:052d::: gateway lo0: File exists
Error while executing /sbin/route
Command: /sbin/route add -inet6 3ffe:0bc0:052d:: -prefixlen 48 -interface lo0
Exiting with return code : 0 (0 = no error)

Okay, so now, not only are we connected with our IPv6 address, now on my internal interface (vr0) we're serving out addresses on our /48 which is 3ffe:bc0:52d::. This is where you should stop reading if everything worked and you're happy with what you've got going on.

To the next level

For me, the freenet6 system works well, but I don't like the way the configuration does everything. The changes I made on my router are as follows...

I decided that the scripts that set everything up don't let me work the way I want to, because I have two internal networks, one public IPs, one private IPs. To set that up with the scripts that come with freenet6 isn't really easily done. Also, I didn't like leaving all of the routing up the scripts either. The first change I made was to my configuration file, I commented out the line that says template=freebsd44 and uncommented the one that read # template=checktunnel This makes it so that it doesn't do anything other than confirm that yes, your configuration exists. Then to do the routing I wrote this script:

#!/bin/sh
PREFIX=/usr/local

case "$1" in
start)
   /sbin/ifconfig gif0 create
   /sbin/ifconfig gif0 tunnel myexternalIP 206.123.31.115
   /sbin/ifconfig gif0 inet6 3ffe:bc0:8000::13b3 3ffe:bc0:8000::13b2 prefixlen 128
   /sbin/ifconfig gif0 up

   /sbin/route -n add -inet6 default 3ffe:bc0:8000::13b2 > /dev/null
   echo ' IPv6 Tunnel and Route Made'
   ;;
stop)
   /sbin/route delete -inet6 default > /dev/null

   /sbin/ifconfig gif0 down
   /sbin/ifconfig gif0 destroy

   echo ' IPv6 Tunnel and Route Dropped'
   ;;
*)
   echo "Usage: `basename $0` {start|stop|startroute|stoproute}" >&2
   ;;
esac

exit 0

I called this file ipv6.sh made sure to chmod 700 it (rwx------) and put it in /usr/local/etc/rc.d/ so that it would get started and stoped on startup and shutdown of my machine.

The default freenet6 script create your first /64 of your /48 as ffff:ffff:ffff:1:: but I wanted to easily be able to refer to my networks as a and b. The default configuration file that radvd (Router Advertizement Daemon) uses is /etc/rtadvd.conf. So I created that file and it looks like this:

default:\
   :raflags#0:rltime#3600:\
   :pinfoflags#64:vltime#360000:pltime#360000:mtu#1500:
ether:\
   :mtu#1280:tc=default:

# interfaces.
vr0:\
   :addrs#1:\
   :addr="3ffe:bc0:52d:a::":prefixlen#64:tc=ether:
vr1:\
   :addrs#1:\
   :addr="3ffe:bc0:52d:b::":prefixlen#64:tc=ether:
   # You could add another line if this interface were to have more than one
   # /64 prefix to use.
   # :addrs#2:\
   # :addr="2001:432:1F0:b2::":prefixlen#64:tc=ether:

Also, I need to add the following to /etc/rc.conf so that rtadvd is started automatically.

rtadvd_enable="YES"
rtadvd_interfaces="vr0 vr1"

So now that I've got tspc initializing my networks' existance with the freenet6 server, and a configuration script to set up my routing and my ips, and now a customized rtadvd.conf file, I have to start it all up manually, or reboot the machine. To start up manually, use the following commands:

# /usr/local/bin/tspc -vf /usr/local/etc/tspc.conf
# /usr/local/etc/rc.d/ipv6.sh start # /usr/sbin/rtadvd vr0 vr1

Now my networks are advertising IPv6 addresses to all clients within those networks that request them and it starts and stops when my computer starts and stops.

HOWTO Configure Your Name Server for Reverse Lookups with IPv6