| IPv6 Network - Faith on FreeBSD |
IPv6 Network - Faith on FreeBSD
Probably the first implementation of TRT is faith in the KAME IPv6 stack, which is the basis of the IPv6 implementation in FreeBSD and other members of the BSD family. The faith TRT consists of two parts: a faith network interface, and the faithd daemon. FreeBSD normally has a faith0 interface, and new faith interfaces can be created with ifconfig faith create. For the interface to do any useful work, it’s necessary to enable it by using a sysctl setting, and the TRT prefix must be routed to the interface. This is accomplished in Listing 7-7.
Listing 7-7. Enabling the faith Interface
# sysctl -w net.inet6.ip6.keepfaith=1
# ifconfig faith0 inet6 2001:db8:31:6464::127.0.0.1/96
Because FreeBSD lacks a more direct way to route a prefix toward an interface, it’s easiest to configure an address in the TRT prefix on the faith interface. The localhost address is a good choice, as it’s unlikely that this will get in the way of anything. The next step is running the faithd daemon. Before starting the daemon, it’s important to set up access restrictions to keep the rest of the IPv6 Internet from using your relay. This is done in the /etc/faithd.conf file, as shown in Listing 7-8.
Listing 7-8. Restricting Access to faithd
2001:db8:31::/48 permit 0.0.0.0/0
This line instructs faithd to allow relaying from any address in 2001:db8:31::/48 toward any IPv4 address. See the faithd man page for more details. The easiest way to run faithd is to start it with the port number that will be relayed as an argument. (The daemon can also be run from inetd, but this is more complex.) Each TCP port that must be relayed requires a separate instance of faithd, and it’s not possible to relay a port with TRT if there is service running locally on that port. As a result, faithd has only limited usability as a general-purpose transition mechanism.
| Users' Comments (0) |
|
No comment posted
