Difference between pages "Funtoo Linux Installation" and "IPv6 Networking"

From Funtoo
(Difference between pages)
Jump to: navigation, search
(/proc/mtab was a workaround to by-pass mount-boot.eclass failure, not required now)
 
(ISPs who currently have IPv6 enabled for residential customers)
 
Line 1: Line 1:
== Introduction ==
+
= Introduction =
  
This document was written to help you install Funtoo Linux as concisely as possible, with a minimum number of distracting options regarding system configuration.  
+
[[wikipedia:IPv6|IPv6]] is an redesigned and improved version of the IPv4 protocol, and is intended to start replacing IPv4 in 2011 and beyond as the [[wikipedia:IPv4_address_exhaustion|IPv4 global address space becomes exhausted]]. IPv6 includes a number of improvements over IPv4, including most notably 128-bit addressing, simplified protocol header, integrated IPSec and Multicast implementations, improved discovery, flexibility and router interaction, and improved facilities for auto-configuration. IPv6 also marks the end of [[wikipedia:Network_address_translation|Network Address Translation]] (NAT), which is not recommended or necessary with IPv6. While it's possible to use non-routable addresses with IPv6, this is not a requirement and it is possible for any IPv6 device to have its own globally routable IP address if desired.
  
These docs assume you have a "PC compatible" computer system with a standard PC BIOS. Many new computers support UEFI for booting, which is a new firmware interface that replaces the old-fashioned MBR-based BIOS. If you have a system with UEFI, you will want to use this documentation along with the [[UEFI Install Guide]], which will augment these instructions and explain how to get your system to boot. You may need to change your PC BIOS settings to enable or disable UEFI booting. The [[UEFI Install Guide]] has more information on this, and steps on how to determine if your system supports UEFI.
+
== Addressing ==
  
We also offer a [[ZFS Install Guide]], which augment the instructions on this page for those who want to install Funtoo Linux on ZFS. If you are installing Funtoo Linux on [[Funtoo Linux Installation on ARM|ARM]] architecture, please see [[Funtoo Linux Installation on ARM]] for notable differences regarding ARM support. An experimental Funtoo Linux build also exists for [[Funtoo Linux Installation on SPARC|SPARC]] platforms. See [[Funtoo Linux Installation on SPARC]].
+
IPv6 addresses consist of 128 bits. The first 64 bits are used for the network and subnet portion of the address, while the remaining 64 bits are used for the host portion of the address. For more information on how to represent IPv6 addresses, please see the Presentation section of the [[wikipedia:IPv6_address|IPv6 address]] page on Wikipedia.  
  
If you've had previous experience installing Gentoo Linux then a lot of steps will be familiar, but you should still read through as there are a few differences.
+
=== Network Masks ===
  
== Installation Overview ==
+
IPv6 addresses also have an associated network mask, which is typically written as a trailing "/64" or "/48" at the end of the address, which specifies what bits of the address are used for network and subnet parts. For example, a "/48" mask specifies that addresses use a 48-bit network part, followed by a 16-bit subnet part (allowing for 2^16 subnets), followed by a 64-bit host part (allowing for up to 2<sup>64</sup> hosts for each of the 2<sup>16</sup> subnets to be specified.) In contrast, a "/64" mask specifies that addresses use a 64-bit network part, no subnet part, and a 64-bit host part (allowing up to 2<sup>64</sup> hosts total to be specified.) This means that if you are issued a "/64" set of addresses, you will not be able to define any subnets, but if you are issued a "/48" set of addresses, you will be able to define up to 2<sup>16</sup> subnets.
  
This is a basic overview of the Funtoo installation process:
+
=== Address Space and Security ===
  
# [[#Live CD|Download and boot the live CD of your choice]].
+
IPv6 also uses a global, flat address space. IPv6 is designed so that any device that needs to communicate on the Internet is able to have a unique globally-routable address. With IPv6, there is no need for using [[wikipedia:Network_address_translation|Network Address Translation]] (NAT). With IPv4, NAT is often used as a means of protecting systems from being accessed by malicious users. With IPv6, firewalls are typically used instead of NAT for restricting access to systems. With IPv6, it is normal for all machines on your home network to have "globally routable" addresses, the equivalent of a "public IP" in the world of IPv4. It is important to understand that this is the way that IPv6 is intended to be used for the majority of users, and that an IPv6-enabled router will no longer be performing NAT for you.
# [[#Prepare Hard Disk|Prepare your disk]].
+
# [[#Creating filesystems|Create]] and [[#Mounting filesystems|mount]] filesystems.
+
# [[#Installing the Stage 3 tarball|Install the Funtoo stage tarball]] of your choice.
+
# [[#Chroot into Funtoo|Chroot into your new system]].
+
# [[#Downloading the Portage tree|Download the Portage tree]].
+
# [[#Configuring your system|Configure your system]] and [[#Configuring your network|network]].
+
# [[#Configuring and installing the Linux kernel|Install a kernel]].
+
# [[#Installing a Bootloader|Install a bootloader]].
+
# [[#Finishing Steps|Complete final steps]].
+
# [[#Restart your system|Reboot and enjoy]].
+
  
=== Live CD ===
+
=== Using IPv6 ===
  
Funtoo doesn't provide an "official" Funtoo Live CD, but there are plenty of good ones out there to choose from. A great choice is the Gentoo-based [http://www.sysresccd.org/ SystemRescueCd] as it contains lots of tools and utilities and supports both 32-bit and 64-bit systems.
+
There are several ways to use IPv6 with Funtoo Linux. Here are some possibilities:
  
It is also possible to install Funtoo Linux using many other Linux-based live CDs. Generally, any modern bootable Linux live CD or live USB media will work. See [[Requirements|requirements]] for an overview of what the Live Media must provide to allow a problem-free install of Funtoo Linux.
+
* Participating in an existing IPv6 network
 +
* Creating a local IPv6 over IPv4 tunnel
 +
* Enabling IPv6 on your router, possibly via a tunnel (several ISP uses '''6rd'''...)
 +
* Unique Local IPv6 Unicast Addresses (site local)
  
To begin a Funtoo Linux installation, download SystemRescueCD from:
+
==== Participating in IPv6 Network ====
  
* Main US mirror: [http://ftp.osuosl.org/pub/funtoo/distfiles/sysresccd/sysresccd-3.7.1_zfs_0.6.2.iso The Oregon State University Open Source Lab]
+
The first approach is an option if your Funtoo Linux system happens to be on an IPv6 network, or you desire to set up an IPv6 network. In this case, the Funtoo Linux system simply needs to be configured to participate in this IPv6 network -- and can also participate in an IPv4 network simultaneously. If you will be configuring an IPv6-compatible router, then you will simply configure your Funtoo Linux system to participate in this network.
* Main EU mirror: [http://ftp.heanet.ie/mirrors/funtoo/distfiles/sysresccd/sysresccd-3.7.1_zfs_0.6.2.iso HEAnet] or use your preferred live media. Insert it into your disc drive, and boot from it. If using an older version of SystemRescueCD, '''be sure to select the <tt>rescue64</tt> kernel at the boot menu if you are installing a 64-bit system'''. By default, SystemRescueCD used to boot in 32-bit mode though the latest version attempts to automatically detect 64-bit processors.
+
  
=== Prepare Hard Disk ===
+
==== Local IPv6 over IPv4 Tunnel ====
==== Partitions ====
+
  
Funtoo Linux fully supports traditional MBR partitions, as well as newer GPT/GUID partition formats. Funtoo Linux recommends the use of the GPT partitioning scheme, since it is newer and more flexible. Here are the various trade-offs between each partitioning scheme:
+
Another approach for using IPv6 is to configure an IPv6 over IPv4 tunnel locally on your Funtoo Linux system, in cooperation with a tunnel provider. This will allow you to use an existing IPv4 network to connect a single Funtoo Linux system to IPv6. It is also possible to configure this system to serve as an IPv6 router.
  
===== GPT Partitions =====
+
==== Enabling IPv6 on Your Router ====
  
* Newer, preferred format for Linux systems
+
If you have a router that is capable of supporting IPv6, then it is possible to configure your router so that an IPv6 network is available, at which point you can simply configure your Funtoo Linux system to participate in it. Note that many popular home/office routers can be configured to use an IPv6 over IPv4 tunnel, which provides a convenient option for home networks or smaller organizations to participate in IPv6. Using this approach, your computer systems behind the router are simply configured to participate in an IPv6 network, and your router handles tunneling the IPv6 traffic back and forth between your tunnel provider. This is typically the most flexible option for exploring IPv6 as it allows you to have multiple computer systems in your home or office to participate in an IPv6 network while your router takes care of everything transparently.
* Supports 2 TB+ hard drives for booting
+
* Supports hundreds of partitions per disk of any size
+
* Requires legacy BIOS boot partition (~32 MB) to be created if system does not use EFI
+
* Requires bootloader with support for GPT such as GRUB 2, EXTLINUX, or a patched version of GRUB Legacy
+
  
===== MBR Partitions =====
+
==== Using Unique Local IPv6 Unicast Addresses ====
  
* Legacy, DOS partitioning scheme
+
If you don't have public IPv6 connectivity or you don't wish to open an IPv6 tunnel over an IPv4 network, you can use a mechanism similar to IPv4 private addresses ranges. This mechanism consists of concatenating the prefix FC00::/7 with a globally unique identifier and a subnet identifier to form the upper 64 bits of the IPv6 address. Details of the mechanisms to forge a unique local IPv6 unicast address are documented in [http://tools.ietf.org/html/rfc4193 RFC 4193], however unique local IPv6 unicast addresses are made of the following components:
* Only 4 primary partitions per disk; after that, you must use "logical" partitions
+
* Does not support 2 TB+ disks for booting
+
* Compatible with certain problematic systems (such as the HP ProBook 4520)
+
* Dual-boot with Windows for BIOS systems (Windows handle GPT only on true EFI systems, whatever version it is)
+
* Multiple boot loader options, e.g. GRUB 2, GRUB Legacy, lilo
+
  
{{fancyimportant|If you plan to use partitions of 2 TB or greater, you ''must'' partition using the GPT/GUID format. Also note that there are small percentage of PCs that will not boot properly with GPT. For these systems, using MBR partitions or a primary drive with an MBR partition may be required in order to boot.}}
+
<pre>
 +
      | 7 bits |1|  40 bits  |  16 bits  |          64 bits          |
 +
      +--------+-+------------+-----------+----------------------------+
 +
      | Prefix |L| Global ID  | Subnet ID |        Interface ID        |
 +
      +--------+-+------------+-----------+----------------------------+
 +
</pre>
  
==== Partitioning Using gdisk ====
+
* Prefix (7 bits): always FC00::/7
 +
* L (1 bits): must be set to 1 (1 = prefix is locally assigned, 0 is undefined so far and must not be used)
 +
* Global ID: A random identifier (see [http://tools.ietf.org/html/rfc4193 RFC 4193] for details about the generation algorithm
 +
* Interface ID: Host interface ID as defined in [http://tools.ietf.org/html/rfc3513 RFC 3513]
  
===== Notes Before We Begin =====
+
{{fancynote|Just like with private IPv4 addresses, an IPv6 router must not route a unique local IPv6 unicast address outside the organization local network.}}
  
These install instructions assume you are installing Funtoo Linux to an empty hard disk using GUID partition tables (GPT). If you are installing Funtoo Linux on a machine where another OS is installed, or there is an existing Linux distribution on your system that you want to keep, then you will need to adapt these instructions to suit your needs.
+
= Requirements =
 
+
If you are going to create a legacy MBR partition table instead of GUID/GPT, you will use the <tt>fdisk</tt> command instead of <tt>gdisk</tt>, and you will not need to create the GRUB boot loader partition. See the table under [[#Partitioning Recommendations|Partitioning Recommendations]], in particular the
+
'''MBR Block Device (<tt>fdisk</tt>)''' and '''MBR Code''' columns. <tt>fdisk</tt> works just like <tt>gdisk</tt>, but creates legacy MBR partition tables instead of the newer GPT/GUID partition tables.
+
 
+
Advanced users may be interested in the following topics:
+
 
+
* [[GUID Booting Guide]]
+
* [[Rootfs over encrypted lvm]]
+
* [[Rootfs over encrypted lvm over raid-1 on GPT]]
+
* '''NEW!''' '''[[ZFS Install Guide]] (Also contains instructions for Rootfs over Encrypted ZFS!)'''
+
 
+
===== Using gdisk =====
+
 
+
The first step after booting SystemRescueCd is to use <tt>gdisk</tt> to create GPT (also known as GUID) partitions, specifying the disk you want to use, which is typically <tt>/dev/sda</tt>, the first disk in the system:
+
 
+
<console># ##i##gdisk /dev/sda</console>
+
You should find <tt>gdisk</tt> very similar to <tt>fdisk</tt>. Here is the partition table we want to end up with:
+
 
+
<console>Command (? for help): ##i##p
+
Disk /dev/sda: 234441648 sectors, 111.8 GiB
+
Logical sector size: 512 bytes
+
Disk identifier (GUID): A4E5208A-CED3-4263-BB25-7147DC426931
+
Partition table holds up to 128 entries
+
First usable sector is 34, last usable sector is 234441614
+
Partitions will be aligned on 2048-sector boundaries
+
Total free space is 2014 sectors (1007.0 KiB)
+
 
+
Number  Start (sector)    End (sector)  Size      Code  Name
+
  1            2048          206847  500.0 MiB  8300  Linux filesystem
+
  2          206848          272383  32.0 MiB    EF02  BIOS boot partition
+
  3          272384        8660991  4.0 GiB    8200  Linux swap
+
  4        8660992      234441614  107.7 GiB  8300  Linux filesystem
+
 
+
Command (? for help): </console>
+
 
+
Above, you'll see that we have a 500 MiB boot partition, a 32 MiB "BIOS boot partition" (also known as the GRUB boot loader partition), 4 GiB of swap, and the remaining disk used by a 107.7 GiB root partition.
+
 
+
===== For new <tt>gdisk</tt> users =====
+
 
+
These partitions were created using the "<tt>n</tt>" command from within <tt>gdisk</tt>. The <tt>gdisk</tt> commands to create the partition table above are as follows. Adapt sizes as necessary, although these defaults will work for most users. The partition codes entered below can be found in the [[#Partitioning Recommendations|Partitioning Recommendations]] table below, in the GPT Code column.
+
 
+
Within <tt>gdisk</tt>, follow these steps:
+
 
+
'''Create a new empty partition table''' (This ''will'' erase all data on the disk when saved):
+
  
 +
IPv6 requires CONFIG_IPV6 to be enabled in your kernel (either compiled in or as a module). If compiled as a module (e.g. if your kernel was compiled by genkernel), ensure the module is loaded.
 
<console>
 
<console>
Command: ##i##o ↵
+
###i## lsmod | grep ipv6
This option deletes all partitions and creates a new protective MBR.
+
Proceed? (Y/N): ##i##y ↵
+
 
</console>
 
</console>
  
'''Create Partition 1''' (boot):
+
If this returns nothing, load the module with:
 
+
 
<console>
 
<console>
Command: ##i##n ↵
+
###i## modprobe ipv6
Partition Number: ##i##1 ↵
+
First sector: ##i##↵
+
Last sector: ##i##+500M ↵
+
Hex Code: ##i##
+
 
</console>
 
</console>
  
'''Create Partition 2''' (GRUB):
+
= Commands =
  
<console>
+
; ping6
Command: ##i##n ↵
+
: IPv6 ping command
Partition Number: ##i##2 ↵
+
; route -6
First sector: ##i##↵
+
: show IPv6 routes
Last sector: ##i##+32M ↵
+
; ip -6 neigh show
Hex Code: ##i##EF02 ↵
+
: show all IPv6 neighbors on the local LAN
</console>
+
  
'''Create Partition 3''' (swap):
+
= Configuration =
  
<console>
+
== Participating in an Existing IPv6 Network ==
Command: ##i##n ↵
+
Partition Number: ##i##3 ↵
+
First sector: ##i##↵
+
Last sector: ##i##+4G ↵
+
Hex Code: ##i##8200 ↵
+
</console>
+
  
'''Create Partition 4''' (root):
+
If your local network already supports IPv6, then you can simply configure Funtoo Linux to participate in this IPv6 network. Here is a sample configuration that might be used to configure an ethernet interface (netif.eth0) to participate in both an IPv4 and IPv6 network:
  
<console>
+
{{File
Command: ##i##n ↵
+
|/etc/netif.d/netif.eth0|<pre>
Partition Number: ##i##4 ↵
+
template="interface"
First sector: ##i##↵
+
ipaddr="10.0.1.200/24 2001:470:d:c2c:218:51ff:feea:ee21/64"
Last sector: ##i##↵##!i## (for rest of disk)
+
gateway="10.0.1.1"
Hex Code: ##i##↵
+
nameservers="10.0.1.1 2001:470:20::2"
</console>
+
domain="funtoo.org"
 +
multicast="yes"
 +
routes="2000::/3 via fe80::daa2:5eff:fe7a:83de dev eth0"
 +
</pre>}}
  
Along the way, you can type "<tt>p</tt>" and hit Enter to view your current partition table. If you make a mistake, you can type "<tt>d</tt>" to delete an existing partition that you created. When you are satisfied with your partition setup, type "<tt>w</tt>" to write your configuration to disk:
+
Above, we use the <tt>interface</tt> template, and specify both an IPv4 and IPv6 address (with network mask) for <tt>ipaddr</tt>. In addition, an IPv4 and IPv6 nameserver is specified. For routing, we use the <tt>gateway</tt> command to specify an IPv4 gateway, while we use the <tt>routes</tt> command to specify a route to our router, which in this case has address <tt>fe80::daa2:5eff:fe7a:83de</tt> and is reachable on device eth0.
  
'''Write Partition Table To Disk''':
+
Note that we specify a route for "2000::/3" rather than "::/0" or "default", and this is a bit unusual. This is to work around a bug in many Linux kernels that prevents the default route from being handled properly. "2000::/3" maps to all routable IP addresses and has the benefit of being compatible with all Linux kernels.
  
<console>
+
=== Many Addresses and Stateless Autoconfiguration ===
Command: ##i##w ↵
+
Do you want to proceed? (Y/N): ##i##Y ↵
+
</console>
+
  
The partition table will now be written to disk and <tt>gdisk</tt> will close.
+
Also note that if we did not specify an IPv6 address in the <tt>ipaddr</tt> variable, then eth0 would still get at least one IPv6 address anyway. First, it would get a link-local address, starting in <tt>fe80::/16</tt>, and it would also automatically use ''stateless autoconfiguration'' to grab an unused IPv6 address from the range used by your IPv6 router. This works similarly to the way a DHCP client works with IPv4, but is built-in to the IPv6 protocol and does not require a DHCP server to function. It works because with IPv6, routers send out ICMP packets to advertise themselves to systems on your network, and your Funtoo Linux system can use this information to automatically grab an unused address. It is important to understand this behavior because it means that by default, your Funtoo Linux system will grab a globally-routable ("public") IPv6 address from your router with no steps necessary on your part and thus may be accessible from the Internet if no firewall is in place. However, in most cases the default IPv6 route must be specified in the <tt>routes</tt> variable for IPv6 to function properly, so this auto-configuration isn't completely automatic at this time.
  
Now, your GPT/GUID partitions have been created, and will show up as the following ''block devices'' under Linux:
+
== Local IPv6 over IPv4 Tunnelling ==
  
* <tt>/dev/sda1</tt>, which will be used to hold the <tt>/boot</tt> filesystem,  
+
Tunnelling is the process of encapsulating IPv6 packets within an IPv4 packet so that it can be transmitted over an IPv4 network. This process happens at a local ''tunnel entry point'', which can be a Linux machine or a router, such as an Apple AirPort. The packet then traverses the IPv4 network, until reaches the ''tunnel endpoint'', which ''de-encapsulates'' the packet and places it on an IPv6 network. There are several different types of IPv6 tunnels. There are also several IPv6 tunnel providers that offer free tunnelling services, making it convenient to start using IPv6, even on your home network.
* <tt>/dev/sda2</tt>, which will be used directly by the new GRUB,
+
* <tt>/dev/sda3</tt>, which will be used for swap space, and
+
* <tt>/dev/sda4</tt>, which will hold your root filesystem.
+
  
===== For Previous fdisk users =====
+
Note that if you want configure an IPv6 over IPv4 tunnel on your router, such as an Apple AirPort, then you will simply need to sign up with one of the tunnel providers and use their instructions to configure your router. At this point, your router will be IPv6 enabled and you can then configure your Funtoo Linux system to participate in an existing IPv6 network using the instructions in the previous section. If this is not an option for you, then it is also possible to set up the IPv6 over IPv4 tunnel directly on your Funtoo Linux system. This means that only your Funtoo Linux system will be able to participate in IPv6, at least to start (later, you could configure your Funtoo Linux system to route IPv6 for other machines on your network) Follow the instructions in this section to set up local tunneling on your Funtoo Linux system.
  
If you have installed Gentoo Linux before, the one thing that is likely new to you here is the GRUB boot loader partition, which is listed as "BIOS boot partition" within <tt>gdisk</tt>. This partition is required for GRUB 2 to boot GPT/GUID boot disks. What is it? In GRUB-speak, this partition is essentially the location of the meat of GRUB's boot loading code. If you've used GRUB Legacy in the past, this partition is where the new GRUB stores the equivalent of the <tt>stage1_5</tt> and <tt>stage2</tt> files in legacy GRUB. Since GPT-based partition tables have less dead space at the beginning of the disk than their MBR equivalents, an explicitly defined partition of code <tt>EF02</tt> is required to hold the guts of the boot loader.
+
=== Tunnel providers ===
 +
; [http://gogonet.gogo6.com/page/freenet6-tunnelbroker freenet6]
 +
: Supports anonymous tunnels and works behind NAT. You can connect to with your login or as anonymous from anywhere. This can be configured under Funtoo Linux by emerging the '''net-misc/gogoc''' ebuild.
 +
; [http://tunnelbroker.net/ Hurricane Electric]
 +
: Configured '''6in4''' tunnel, with support for dynamic IPv4 addresses, and Apple AirPorts can be configured to use this tunnel - see [http://www.nedprod.com/Niall_stuff/addingIPv6toyourhome.html this link]. Also see [http://ipv6.he.net/certification/faq.php ipv6.he.net FAQ] You can setup this tunnel with ifconfig and iproute2, or configure your router to be the tunnel entry point  -- the point at which IPv6 traffic is encapsulated/de-encapsulated.
 +
; [http://en.wikipedia.org/wiki/Teredo_tunneling Teredo]/[http://www.remlab.net/miredo/ Miredo]
 +
: [http://tools.ietf.org/html/rfc4380 RFC4380] mandated transition mechanism. Works behind NAT. Assigns one "/128" per host.
  
In all other respects, the partition table is similar to that which you might create for an MBR-based disk during a Gentoo Linux installation. We have a boot and a root partition with code <tt>0700</tt>, and a Linux swap partition with code <tt>8200</tt>.
+
=== Getting Started with gogoc ===
  
===== Partitioning Recommendations =====
+
Freenet6 is a free IPv6 access service provided by gogo6 via the [http://en.wikipedia.org/wiki/Tunnel_Setup_Protocol TSP tunnelling protocol].
 +
<code>gogoc</code> supports any TSP tunnel; perhaps one is provided by your ISP. We will focus on an anonymous tunnel via freenet6.
  
Below are our partitioning recommendations in table form. For GPT-based partitions, use the GPT Block Device and GPT Code columns with <tt>gdisk</tt>. For legacy MBR-based partitions, use the MBR Block Device and MBR code columns with <tt>fdisk</tt>:
+
You need ipv6 to be enabled in your kernel as well as the TUN module.
 
+
{| {{table}}
+
!Partition
+
!Size
+
!MBR Block Device (<tt>fdisk</tt>)
+
!GPT Block Device (<tt>gdisk</tt>)
+
!Filesystem
+
!MBR Code
+
!GPT Code
+
|-
+
|<tt>/boot</tt>
+
|500 MB
+
|<tt>/dev/sda1</tt>
+
|<tt>/dev/sda1</tt>
+
|ext2
+
|83
+
|8300
+
|-
+
|GRUB boot loader partition
+
|32 MB
+
| ''not required for MBR''
+
|<tt>/dev/sda2</tt>
+
|For GPT/GUID only, skip for MBR - no filesystem.
+
|''N/A''
+
|EF02
+
|-
+
|swap
+
|2x RAM for low-memory systems and production servers; otherwise 2GB.
+
|<tt>/dev/sda2</tt>
+
|<tt>/dev/sda3</tt>
+
|swap (default)
+
|82
+
|8200
+
|-
+
|<tt>/</tt> (root)
+
|Rest of the disk, minimum of 10GB.
+
|<tt>/dev/sda3</tt>
+
|<tt>/dev/sda4</tt>
+
|XFS recommended, alternatively ext4
+
|83
+
|8300
+
|-
+
|<tt>/home</tt> (optional)
+
|User storage and media. Typically most of the disk.
+
|<tt>/dev/sda4</tt> (if created)
+
|<tt>/dev/sda5</tt> (if created)
+
|XFS recommended, alternatively ext4
+
|83
+
|8300
+
|-
+
| LVM (optional)
+
| If you want to create an LVM volume.
+
| <tt>/dev/sda4</tt> (PV, if created)
+
| <tt>/dev/sda5</tt> (PV, if created)
+
| LVM PV
+
| 8E
+
| 8E00
+
|}
+
 
+
==== Creating filesystems ====
+
 
+
Before your newly-created partitions can be used, the block devices need to be initialized with filesystem ''metadata''. This process is known as ''creating a filesystem'' on the block devices. After filesystems are created on the block devices, they can be mounted and used to store files.
+
 
+
You will not create a filesystem on your swap partition, but will initialize it using the <tt>mkswap</tt> command so that it can be used as disk-based virtual memory. Then we'll run the <tt>swapon</tt> command to make your newly-initialized swap space active within the live CD environment, in case it is needed during the rest of the install process.
+
 
+
Note that we will not create a filesystem on the GRUB boot loader partition, as GRUB writes binary data directly to that partition when the boot loader is installed, which we'll do later.
+
 
+
You can see the commands you will need to type below. Like the rest of this document, it assumes that you are using a GPT partitioning scheme. If you are using MBR, your root filesystem will likely be created on <tt>/dev/sda3</tt> instead and you will need to adjust the target block devices. If you are following our recommendations, then simply do this:
+
  
 +
You can quickly get started by emerging {{Package|net-misc/gogoc}}, adding <code>gogoc</code> to your startup scripts and starting it.
 +
{{Package|net-misc/gogoc}} is currently keyworded unstable (on some architectures, see [https://bugs.gentoo.org/362549 gentoo bug #362549]). If you are running stable Funtoo, you may want to put an entry into your package.keywords/package.accept_keywords file.
 
<console>
 
<console>
# ##i##mke2fs -t ext2 /dev/sda1
+
###i## emerge gogoc
# ##i##mkfs.xfs /dev/sda4
+
###i## bzcat /usr/share/doc/gogoc-*/gogoc.conf.sample.bz2 >/etc/gogoc/gogoc.conf
# ##i##mkswap /dev/sda3
+
###i## rc-update add gogoc default
# ##i##swapon /dev/sda3
+
###i## /etc/init.d/gogoc start
 
</console>
 
</console>
  
==== Mounting filesystems ====
+
{{Note}}By default, <code>gogoc</code> will use an anonymous tunnel. If you wish to authenticate yourself, read and edit <code>/etc/gogoc/gogoc.conf</code>.
  
Mount the newly-created filesystems as follows, creating <tt>/mnt/funtoo</tt> as the installation mount point:
+
=== Getting started with Teredo ===
 
+
<console>
+
# ##i##mkdir /mnt/funtoo
+
# ##i##mount /dev/sda4 /mnt/funtoo
+
# ##i##mkdir /mnt/funtoo/boot
+
# ##i##mount /dev/sda1 /mnt/funtoo/boot
+
</console>
+
  
Optionally, if you have a separate filesystem for <tt>/home</tt> or anything else:
+
While this mechanism is officially called Teredo, the implementation of the Teredo service we will be using is called Miredo.
 +
{{Note}}{{Package|net-misc/miredo}} is currently keyworded unstable. If you are running stable Funtoo, you may want to put an entry into your package.keywords/package.accept_keywords file.}}
  
 +
Emerge <tt>net-misc/miredo</tt> and start it up (you can add it to your default runlevel if you wish):
 
<console>
 
<console>
# ##i##mkdir /mnt/funtoo/home
+
###i## emerge net-misc/miredo
# ##i##mount /dev/sda5 /mnt/funtoo/home
+
###i## /etc/init.d/miredo start
 
</console>
 
</console>
  
If you have <tt>/tmp</tt> or <tt>/var/tmp</tt> on a separate filesystem, be sure to change the permissions of the mount point to be globally-writeable after mounting, as follows:
+
{{Note}}Miredo requires <code>CONFIG_TUN</code> enabled in your kernel. If it is compiled as a module, ensure the <tt>tun</tt> module is loaded.
  
 +
If all goes well, you can check the assignment of an IPv6 address using <tt>/sbin/ip</tt>, for example:
 
<console>
 
<console>
# ##i##chmod 1777 /mnt/funtoo/tmp
+
###i## /sbin/ip addr show dev teredo
 +
4: teredo: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc pfifo_fast state UNKNOWN qlen 500
 +
    link/none
 +
    inet6 2001:0:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/32 scope global
 +
      valid_lft forever preferred_lft forever
 +
    inet6 fe80::ffff:ffff:ffff/64 scope link
 +
      valid_lft forever preferred_lft forever
 
</console>
 
</console>
  
=== Installing the Stage 3 tarball ===
+
=== Tunnelling 6to4 ===
==== Stage 3 tarball ====
+
  
After creating filesystems, the next step is downloading the initial Stage 3 tarball. The Stage 3 is a pre-compiled system used as a starting point to install Funtoo Linux. Visit the [[Download]] page and copy the URL to the Stage 3 tarball you want to use. We will download it soon.
+
6to4 is an Internet transition mechanism for migrating from IPv4 to IPv6, a system that allows IPv6 packets to be transmitted over an IPv4 network (generally the IPv4 Internet) without the need to configure explicit tunnels.
 +
When using 6to4 your IPv6 golablly addressable IP is generated from you IPv4 IP address.
  
{{fancyimportant|If your system's date and time are too far off (typically by months or years,) then it may prevent Portage from properly downloading source tarballs. This is because some of our sources are downloaded via HTTPS, which use SSL certificates and are marked with an activation and expiration date.}}
+
The anycast address of 192.88.99.1 has been allocated for the purpose of sending packets to a 6to4 relay router. Note that when converted to a 6to4 IPv6 address with the subnet and hosts fields set to zero this IPv4 address (192.88.99.1) becomes the IPv6 address 2002:c058:6301::.
  
Now is a good time to verify the date and time are correctly set to UTC. Use the <tt>date</tt> command to verify the date and time:
+
To use the funtoo network template method, write the config file for the interface /etc/conf.d/netif.6to4 (which will also handle the converting of your IPv4 address to your IPv6 address). Make sure you change "WAN" to your correct internet facing interface.
 
+
<console>
+
# ##i##date
+
Fri Jul 15 19:47:18 UTC 2011
+
</console>
+
 
+
If the date and/or time need to be corrected, do so using <tt>date MMDDhhmmYYYY</tt>, keeping in mind <tt>hhmm</tt> are in 24-hour format. The example below changes the date and time to "July 16th, 2011 @ 8:00PM" UTC:
+
 
+
<console>
+
# ##i##date 071620002011
+
Fri Jul 16 20:00:00 UTC 2011
+
</console>
+
 
+
Once you are in your Funtoo Linux root filesystem, use <tt>wget</tt> to download the Stage 3 tarball you have chosen from the [[Download]] page to use as the basis for your new Funtoo Linux system. It should be saved to the <tt>/mnt/funtoo</tt> directory as follows:
+
 
+
<console># ##i##cd /mnt/funtoo
+
# ##i##wget http://ftp.osuosl.org/pub/funtoo/funtoo-current/x86-64bit/generic_64/stage3-latest.tar.xz
+
</console>
+
 
+
 
+
Note that 64-bit systems can run 32-bit or 64-bit stages, but 32-bit systems can only run 32-bit stages. Make sure that you select a Stage 3 build that is appropriate for your CPU. If you are not certain, it is a safe bet to choose the <tt>generic_64</tt> or <tt>generic_32</tt> stage. Consult the [[Download]] page for more information.
+
 
+
Once the stage is downloaded, extract the contents with the following command, substituting in the actual name of your stage 3 tarball:
+
<console>
+
# ##i##tar xJpf stage3-latest.tar.xz
+
</console>
+
 
+
{{fancyimportant|It is very important to use <tt>tar</tt>'s "<tt>p</tt>" option when extracting the Stage 3 tarball - it tells <tt>tar</tt> to ''preserve'' any permissions and ownership that exist within the archive. Without this option, your Funtoo Linux filesystem permissions will be incorrect.}}
+
 
+
=== Chroot into Funtoo ===
+
Before chrooting into your new system, there's a few things that need to be done first. You will need to mount /proc and /dev inside your new system. Use the following commands:
+
<console>
+
# ##i##cd /mnt/funtoo
+
# ##i##mount -t proc none proc
+
# ##i##mount --rbind /sys sys
+
# ##i##mount --rbind /dev dev
+
</console>
+
 
+
You'll also want to copy over <tt>resolv.conf</tt> in order to have proper DNS name resolution from inside the chroot:
+
<console>
+
# ##i##cp /etc/resolv.conf etc
+
</console>
+
 
+
Now you can chroot into your new system. Use <tt>env</tt> before <tt>chroot</tt> to ensure that no environment variables from the installation media are used by your new system:
+
 
+
<console>
+
# ##i##env -i HOME=/root TERM=$TERM chroot . bash -l
+
</console>
+
 
+
{{fancynote|Users of live CDs with 64-bit kernels: Some software may use <tt>uname -r</tt> to check whether the system is 32 or 64-bit. You may want append linux32 to the chroot command as a workaround, but it's generally not needed.}}
+
{{fancyimportant|If you receive the error "<tt>chroot: failed to run command `/bin/bash': Exec format error</tt>", it is probably because you are running a 32-bit kernel and trying to execute 64-bit code. SystemRescueCd boots with a 32-bit kernel by default.}}
+
 
+
It's also a good idea to change the default command prompt while inside the chroot. This will avoid confusion if you have to change terminals. Use this command:
+
<console>
+
# ##i##export PS1="(chroot) $PS1"
+
</console>
+
 
+
Congratulations! You are now chrooted inside a Funtoo Linux system. Now it's time to get Funtoo Linux properly configured so that Funtoo Linux will boot successfully when your system is restarted.
+
 
+
=== Downloading the Portage tree ===
+
 
+
{{fancynote|For an alternative way to do this, see [[Installing Portage From Snapshot]].}}
+
Now it's time to install a copy of the Portage repository, which contains package scripts (ebuilds) that tell portage how to build and install thousands of different software packages. To create the Portage repository, simply run <tt>emerge --sync</tt> from within the chroot. This will automatically clone the portage tree from [http://github.com/ GitHub]:
+
 
+
<console>
+
(chroot) # ##i##emerge --sync
+
</console>
+
 
+
{{fancyimportant|If you receive the error with initial <tt>emerge --sync</tt> due to git protocol restrictions, change <tt>SYNC</tt> variable in <tt>/etc/portage/make.conf</tt>}}
+
 
<pre>
 
<pre>
SYNC="https://github.com/funtoo/ports-2012.git"
+
template=ipv6-tunnel
 +
WAN="eth0"
 +
MTU="1280"
 +
ipv4=`ifconfig $WAN | sed -ne 's/[[:space:]]*inet addr:\([0-9.]*\).*/\1/p'`
 +
ipv6=`printf "2002:%02x%02x:%02x%02x::1" \`echo $ipv4 | tr "." " "\``
 +
remote=192.88.99.1
 +
local="$ipv4/24"
 +
ipaddr="$ipv6/48"
 +
routes="2000::/3 via 2002:c058:6301:: dev $WAN"
 
</pre>
 
</pre>
  
 
+
Then create the netif.6to4 symlink and add it to the default runlevel
=== Configuring your system ===
+
As is expected from a Linux distribution, Funtoo Linux has its share of configuration files. The one file you are absolutely required to edit in order to ensure that Funtoo Linux boots successfully is <tt>/etc/fstab</tt>. The others are optional. Here are a list of files that you should consider editing:
+
 
+
{| {{table}}
+
!File
+
!Do I need to change it?
+
!Description
+
|-
+
|<tt>/etc/fstab</tt>
+
|'''YES - required'''
+
|Mount points for all filesystems to be used at boot time. This file must reflect your disk partition setup. We'll guide you through modifying this file below.
+
|-
+
|<tt>/etc/localtime</tt>
+
|''Maybe - recommended''
+
|Your timezone, which will default to UTC if not set. This should be a symbolic link to something located under /usr/share/zoneinfo (e.g. /usr/share/zoneinfo/America/Montreal)
+
|-
+
|<tt>/etc/make.conf<br/>/etc/portage/make.conf&nbsp;(new&nbsp;location)</tt>
+
|''Maybe - recommended''
+
|Parameters used by gcc (compiler), portage, and make. It's a good idea to set MAKEOPTS. This is covered later in this document.
+
|-
+
|<tt>/etc/conf.d/hostname</tt>
+
|''Maybe - recommended''
+
|Used to set system hostname. Set to the fully-qualified (with dots) name. Defaults to <tt>localhost</tt> if not set.
+
|-
+
|<tt>/etc/hosts</tt>
+
|''No''
+
| You no longer need to manually set the hostname in this file. This file is automatically generated by <tt>/etc/init.d/hostname</tt>.
+
|-
+
|<tt>/etc/conf.d/keymaps</tt>
+
|Optional
+
|Keyboard mapping configuration file (for console pseudo-terminals). Set if you have a non-US keyboard. See [[Funtoo Linux Localization]].
+
|-
+
|<tt>/etc/conf.d/hwclock</tt>
+
|Optional
+
|How the time of the battery-backed hardware clock of the system is interpreted (UTC or local time). Linux uses the battery-backed hardware clock to initialize the system clock when the system is booted.
+
|-
+
|<tt>/etc/conf.d/modules</tt>
+
|Optional
+
|Kernel modules to load automatically at system startup. Typically not required. See [[Additional Kernel Resources]] for more info.
+
|-
+
|<tt>profiles</tt>
+
|Optional
+
|Some useful portage settings that may help speed up intial configuration.
+
|}
+
 
+
If you're installing an English version of Funtoo Linux, you're in luck as most of the configuration files can be used as-is. If you're installing for another locale, don't worry. We will walk you through the necessary configuration steps on the [[Funtoo Linux Localization]] page, and if needed, there's always plenty of friendly, helpful support. (See [[#Community portal|Community]])
+
 
+
Let's go ahead and see what we have to do. Use <tt>nano -w <name_of_file></tt> to edit files -- the "<tt>-w</tt>" disables word-wrapping, which is handy when editing configuration files. You can copy and paste from the examples.
+
 
+
{{fancywarning|It's important to edit your <tt>/etc/fstab</tt> file before you reboot! You will need to modify both the "fs" and "type" columns to match the settings for your partitions and filesystems that you created with <tt>gdisk</tt> or <tt>fdisk</tt>. Skipping this step may prevent Funtoo Linux from booting successfully.}}
+
 
+
==== /etc/fstab ====
+
 
+
<tt>/etc/fstab</tt> is used by the <tt>mount</tt> command which is ran when your system boots. Statements of this file inform <tt>mount</tt> about partitions to be mounted and how they are mounted. In order for the system to boot properly, you must edit <tt>/etc/fstab</tt> and ensure that it reflects the partition configuration you used earlier:
+
 
+
 
<console>
 
<console>
(chroot) # ##i##nano -w /etc/fstab
+
###i## ln -s /etc/init.d/netif.tmpl /etc/init.d/netif.6to4
 +
###i## rc-update add netif.6to4 default
 +
###i## /etc/init.d/netif.6to4 start
 
</console>
 
</console>
  
You can use arrow keys to move around and hit Control-X to exit. If you want to save your changes, type "<tt>Y</tt>" when asked if you want to save the modified buffer, or hit Control-O before closing <tt>nano</tt>. Otherwise your changes will be discarded.
+
You should now be capable of connecting via IPv6:
 
+
<pre>
+
# The root filesystem should have a pass number of either 0 or 1.
+
# All other filesystems should have a pass number of 0 or greater than 1.
+
#
+
# NOTE: If your BOOT partition is ReiserFS, add the notail option to opts.
+
#
+
# See the manpage fstab(5) for more information.
+
#
+
# <fs>     <mountpoint>  <type>  <opts>        <dump/pass>
+
 
+
/dev/sda1    /boot        ext2    noatime        1 2
+
/dev/sda3    none          swap    sw            0 0
+
/dev/sda4    /            ext4    noatime        0 1
+
#/dev/cdrom  /mnt/cdrom    auto    noauto,ro      0 0
+
</pre>
+
 
+
==== /etc/localtime ====
+
 
+
<tt>/etc/localtime</tt> is used to specify the timezone that your machine is in, and defaults to UTC. If you would like your Funtoo Linux system to use local time, you should replace <tt>/etc/localtime</tt> with a symbolic link to the timezone that you wish to use.
+
 
+
 
<console>
 
<console>
(chroot) # ##i##ln -sf /usr/share/zoneinfo/America/Montreal /etc/localtime
+
###i## ping6 ipv6.google.com
 
</console>
 
</console>
  
The above sets the timezone to Eastern Time Canada. Go to <tt>/usr/share/zoneinfo</tt> to see which values to use.
+
To allow this host to be a router, a modified template is required:
 +
{{File
 +
|/etc/netif.d/ipv6-tunnel|<pre>
 +
#!/bin/sh
  
==== /etc/make.conf ====
+
netif_pre_up() {
 +
        require local remote
 +
        try ip tunnel add $interface mode sit remote $remote local $local ttl 255
 +
        try ip addr add $ipaddr dev $interface
 +
        try ip addr add $ipaddr4 dev $interface
 +
}
  
{{fancynote|This file is the symlink to /etc/portage/make.conf, new default location, edit /etc/portage/make.conf.}}
+
netif_post_up() {
 +
        try ip route add ::/0 dev $interface
 +
}
  
MAKEOPTS can be used to define how many parallel compilations should occur when you compile a package, which can speed up compilation significantly. A rule of thumb is the number of CPUs (or CPU threads) in your system plus one. If for example you have a dual core processor without [[wikipedia:Hyper-threading|hyper-threading]], then you would set MAKEOPTS to 3:
+
netif_pre_down() {
 
+
        ip route del ::/0 dev $interface
<pre>
+
MAKEOPTS="-j3"
+
</pre>
+
 
+
If you are unsure about how many processors/threads you have then use /proc/cpuinfo to help you.
+
<console>
+
(chroot) # ##i##grep "processor" /proc/cpuinfo | wc -l
+
16
+
</console>
+
 
+
Set MAKEOPTS to this number plus one:
+
 
+
<pre>
+
MAKEOPTS="-j17"
+
</pre>
+
 
+
USE flags define what functionality is enabled when packages are built. It is not recommended to add a lot of them during installation; you should wait until you have a working, bootable system before changing your USE flags. A USE flag prefixed with a minus ("<tt>-</tt>") sign tells Portage not to use the flag when compiling.  A Funtoo guide to USE flags will be available in the future. For now, you can find out more information about USE flags in the [http://www.gentoo.org/doc/en/handbook/handbook-amd64.xml?part=2&chap=2 Gentoo Handbook].
+
 
+
LINGUAS tells Portage which local language to compile the system and applications in (those who use LINGUAS variable like OpenOffice). It is not usually necessary to set this if you use English. If you want another language such as French (fr) or German (de), set LINGUAS appropriately:
+
 
+
<pre>
+
LINGUAS="fr"
+
</pre>
+
 
+
==== /etc/conf.d/hwclock ====
+
If you dual-boot with Windows, you'll need to edit this file and change '''clock''' to '''local''', because Windows will set your hardware clock to local time every time you boot Windows. Otherwise you normally wouldn't need to edit this file.
+
<console>
+
(chroot) # ##i##nano -w /etc/conf.d/hwclock
+
</console>
+
 
+
==== Localization ====
+
 
+
By default, Funtoo Linux is configured with Unicode (UTF-8) enabled, and for the US English locale and keyboard. If you would like to configure your system to use a non-English locale or keyboard, see [[Funtoo Linux Localization]].
+
 
+
==== Profiles ====
+
 
+
[[Funtoo 1.0 Profile|Funtoo profiles]] are used to define defaults for Portage specific to your needs. There are 4 basic profile types: arch, build, [[Flavors and Mix-ins|flavor, and mix-ins]]:
+
 
+
;arch: typically <tt>x86-32bit</tt> or <tt>x86-64bit</tt>, this defines the processor type and support of your system. This is defined when your stage was built and should not be changed.
+
;build: defines whether your system is a <tt>current</tt>, <tt>stable</tt> or <tt>experimental</tt> build. <tt>current</tt> systems will have newer packages unmasked than <tt>stable</tt> systems.
+
;flavor: defines the general type of system, such as <tt>server</tt> or <tt>desktop</tt>, and will set default USE flags appropriate for your needs.
+
;mix-ins: define various optional settings that you may be interested in enabling.
+
 
+
One arch, build and flavor must be set for each Funtoo Linux system, while mix-ins are optional and you can enable more than one if desired.
+
 
+
Remember that profiles can often be inherited. For example, the <tt>desktop</tt> flavor inherits the <tt>workstation</tt> flavor settings, which in turn inherits the <tt>X</tt> and <tt>audio</tt> mix-ins. You can view this by using eselect:
+
 
+
<console>
+
(chroot) # ##i##eselect profile show
+
Currently set profiles:
+
    arch: gentoo:funtoo/1.0/linux-gnu/arch/x86-64bit
+
  build: gentoo:funtoo/1.0/linux-gnu/build/current
+
  flavor: gentoo:funtoo/1.0/linux-gnu/flavor/desktop
+
mix-ins: gentoo:funtoo/1.0/linux-gnu/mix-ins/kde
+
 
+
Automatically enabled profiles:
+
mix-ins: gentoo:funtoo/1.0/linux-gnu/mix-ins/print
+
mix-ins: gentoo:funtoo/1.0/linux-gnu/mix-ins/X
+
mix-ins: gentoo:funtoo/1.0/linux-gnu/mix-ins/audio
+
mix-ins: gentoo:funtoo/1.0/linux-gnu/mix-ins/dvd
+
mix-ins: gentoo:funtoo/1.0/linux-gnu/mix-ins/media
+
mix-ins: gentoo:funtoo/1.0/linux-gnu/mix-ins/console-extras
+
 
+
 
+
</console>
+
 
+
To view installed profiles:
+
<console>
+
(chroot) # ##i##eselect profile list
+
</console>
+
 
+
To change the profile flavor:
+
<console>
+
(chroot) # ##i##eselect profile set-flavor 7
+
</console>
+
 
+
To add a mix-in:
+
 
+
<console>
+
(chroot) # ##i##eselect profile add 10
+
</console>
+
 
+
=== Configuring and installing the Linux kernel ===
+
 
+
Now it's time to build and install a Linux kernel, which is the heart of any Funtoo Linux system. In the past, the process of creating a kernel that actually booted your system could be time-consuming and require a great deal of trial and error. Fortunately, Funtoo Linux offers an option to automatically build a kernel for you that will boot nearly all systems.
+
 
+
If you are unfamiliar with how to manually configure your own kernel, or you simply want to get your system up and running quickly, you can emerge <tt>debian-sources</tt> with the <tt>binary</tt> USE flag set, which will automatically build the kernel and an initrd that will boot nearly all Funtoo Linux systems. This kernel is based on a linux-3.2 LTS official debian kernel package and is an easy way to get your system up and running relatively quickly.
+
 
+
Click [http://wiki.debian.org/DebianKernel here] for a list of all architectures the Debian kernel supports.
+
 
+
{{fancyimportant|<tt>debian-sources</tt> with <tt>binary</tt> USE flag requires at least 12GB in /var/tmp}}
+
 
+
<console>
+
(chroot) # ##i##echo "sys-kernel/debian-sources binary" >> /etc/portage/package.use
+
(chroot) # ##i##emerge debian-sources</console>
+
 
+
All done!
+
 
+
{{fancynote|NVIDIA card users: the <tt>binary</tt> USE flag installs the Nouveau drivers which cannot be loaded at the same time as the proprietary drivers, and cannot be unloaded at runtime because of KMS. You need to blacklist it under <tt>/etc/modprobe.d/</tt>.}}
+
{{fancynote|For an overview of other kernel options for Funtoo Linux, see [[Funtoo Linux Kernels]]. There maybe modules that the Debian kernel doesn't include, a situation where [http://www.funtoo.org/wiki/Funtoo_Linux_Kernels#Using_Debian-Sources_with_Genkernel genkernel] would be useful. Also be sure to see [[:Category:Hardware Compatibility|hardware compatibility]] information. We have compiled a very good reference for [[Dell PowerEdge 11G Servers]] that includes kernel compatibility information as well..}}
+
 
+
 
+
The next step is to configure your boot loader so that your new kernel loads when the system boots.
+
 
+
=== Installing a Bootloader ===
+
 
+
==== Installing Grub ====
+
 
+
The boot loader is responsible for loading the kernel from disk when your computer boots. For new installations, GRUB 2 and Funtoo's boot-update tool should be used as a boot loader. GRUB supports both GPT/GUID and legacy MBR partitioning schemes.
+
 
+
To use this recommended boot method, first emerge <tt>boot-update</tt>. This will also cause <tt>grub-2</tt> to be merged, since it is a dependency of <tt>boot-update</tt>.
+
 
+
<console>
+
(chroot) # ##i##emerge boot-update
+
</console>
+
 
+
Then, edit <tt>/etc/boot.conf</tt> and specify "<tt>Funtoo Linux genkernel</tt>" as the <tt>default</tt> setting at the top of the file, replacing <tt>"Funtoo Linux"</tt>.
+
 
+
<tt>/etc/boot.conf</tt> should now look like this:
+
 
+
<pre>
+
boot {
+
        generate grub
+
        default "Funtoo Linux genkernel"
+
        timeout 3
+
 
}
 
}
  
"Funtoo Linux" {
+
netif_post_down() {
         kernel bzImage[-v]
+
         ip tunnel del $interface
        # params += nomodeset
+
 
}
 
}
 +
</pre>}}
  
"Funtoo Linux genkernel" {
+
Then add the following line to <tt>/etc/conf.d/netif.6to4</tt>:
        kernel kernel[-v]
+
{{File
        initrd initramfs[-v]
+
|/etc/conf.d/netif.6to4|<pre>
        params += real_root=auto
+
ipaddr4="$ipv4/24"
        # params += nomodeset
+
</pre>}}
}
+
</pre>
+
+
Please read <tt>man boot.conf</tt> for further details.
+
 
+
===== Running grub-install and boot-update =====
+
 
+
Finally, we will need to actually install the GRUB boot loader to your disk, and also run <tt>boot-update</tt> which will generate your boot loader configuration file:
+
  
 +
After restarting the 6to4 interface radvd can be started:
 
<console>
 
<console>
(chroot) # ##i##grub-install --no-floppy /dev/sda
+
###i## /etc/init.d/netif.6to4 restart
(chroot) # ##i##boot-update
+
###i## /etc/init.d/radvd start
 
</console>
 
</console>
  
You only need to run <tt>grub-install</tt> when you first install Funtoo Linux, but you need to re-run <tt>boot-update</tt> every time you modify your <tt>/etc/boot.conf</tt> file, so your changes are applied on next boot.
+
== Optimization ==
  
OK - your system should be ready to boot! Well, there are a few more loose ends...
+
=== Prefer IPv4 over IPv6 ===
  
==== Installing Syslinux/Extlinux ====
+
Generally if your IPv6 connection is through a tunnel, it will be slower than an IPv4 connection. For this reason, if you are using an IPv6 tunnel, it can be best to configure your systems to ''prefer'' IPv4 if an IPv4 version of the site is available, and use IPv6 only when necessary. This way, you will avoid unnecessary encapsulation and de-encapsulation of IPv4 traffic. Here's how to do this for a number of operating systems:
  
An alternate boot loader called extlinux can be used instead of GRUB if you desire. See the [[Extlinux|extlinux Guide]] for information on how to do this.
+
==== Linux ====
  
=== Configuring your network ===
+
Linux will prefer IPv6 if IPv6 support is enabled in the kernel. To prefer IPv4, edit <tt>/etc/gai.conf</tt> and add this line:
 +
{{File
 +
|/etc/gai.conf|<pre>
 +
precedence ::ffff:0:0/96 100
 +
</pre>}}
  
It's important to ensure that you will be able to connect to your local-area network after you reboot into Funtoo Linux. There are three approaches you can use for configuring your network: NetworkManager, dhcpcd, and the [[Funtoo Linux Networking]] scripts. Here's how to choose which one to use based on the type of network you want to set up.
+
==== Windows 7, Server 2008, Vista ====
  
==== Wi-Fi ====
+
These operating systems prefer IPv6 by default. See [http://msdn.microsoft.com/en-us/library/bb756941.aspx this link]. To prefer IPv4, use the following steps:
 
+
For laptop/mobile systems where you will be using Wi-Fi and connecting to various networks, NetworkManager is strongly recommended. The Funtoo version of NetworkManager is fully functional even from the command-line, so you can use it even without X or without the Network Manager applet. Here are the steps involved in setting up NetworkManager:
+
 
+
<console>
+
# ##i##emerge linux-firmware
+
# ##i##emerge networkmanager
+
# ##i##rc-update add NetworkManager default
+
</console>
+
 
+
Above, we installed linux-firmware which contains a complete collection of available firmware for many hardware devices including Wi-Fi adapters, plus NetworkManager to manage our network connection. Then we added NetworkManager to the <tt>default</tt> runlevel so it will start when Funtoo Linux boots.
+
 
+
After you reboot into Funtoo Linux, you will be able to add a Wi-Fi connection this way:
+
 
+
<console>
+
# ##i##addwifi -S wpa -K 'wifipassword' mywifinetwork
+
</console>
+
 
+
The <tt>addwifi</tt> command is used to configure and connect to a WPA/WPA2 Wi-Fi network named <tt>mywifinetwork</tt> with the password <tt>wifipassword</tt>. This network configuration entry is stored in <tt>/etc/NetworkManager/system-connections</tt> so that it will be remembered in the future. You should only need to enter this command once for each Wi-Fi network you connect to.
+
 
+
==== Desktop (Wired Ethernet) ====
+
 
+
For a home desktop or workstation with wired Ethernet that will use DHCP, the simplest and most effective option to enable network connectivity is to simply add <tt>dhcpcd</tt> to the default runlevel:
+
 
+
<console>
+
# ##i##rc-update add dhcpcd default
+
</console>
+
 
+
When you reboot, <tt>dhcpcd</tt> will run in the background and manage all network interfaces and use DHCP to acquire network addresses from a DHCP server.
+
 
+
==== Server (Static IP) ====
+
 
+
For servers, the [[Funtoo Linux Networking]] scripts are recommended. They are optimized for static configurations and things like virtual ethernet bridging for virtualization setups. See [[Funtoo Linux Networking]] for information on how to use Funtoo Linux's template-based network configuration system.
+
 
+
=== Finishing Steps ===
+
 
+
==== Set your root password ====
+
It's imperative that you set your root password before rebooting so that you can log in.
+
<console>
+
(chroot) # ##i##passwd
+
</console>
+
 
+
===Restart your system ===
+
 
+
Now is the time to leave chroot, to unmount Funtoo Linux partitions and files and to restart your computer. When you restart, the GRUB boot loader will start, load the Linux kernel and initramfs, and your system will begin booting.
+
 
+
Leave the chroot, change directory to /, unmount your Funtoo partitions, and reboot.
+
<console>
+
(chroot) # ##i##exit
+
# ##i##cd /
+
# ##i##umount -l /mnt/funtoo/boot /mnt/funtoo/dev /mnt/funtoo/proc /mnt/funtoo/sys /mnt/funtoo
+
# ##i##reboot
+
</console>
+
  
You should now see your system reboot, the GRUB boot loader appear for a few seconds, and then see the Linux kernel and initramfs loading. After this, you should see Funtoo Linux itself start to boot, and you should be greeted with a <tt>login:</tt> prompt. Funtoo Linux has been successfully installed!
+
# Start <tt>regedit</tt>.
 +
# Navigate to <tt>HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TCPIP6\Parameters</tt>.
 +
# Create a new DWORD named <tt>DisabledComponents</tt>. Edit this new DWORD and set it to HEX value of <tt>20</tt> or a DECIMAL value of <tt>32</tt>.
 +
# Restart your computer.
  
===Next Steps===
+
== ISPs who currently have IPv6 enabled for residential customers ==
  
If you are brand new to Funtoo Linux and Gentoo Linux, please check out [[Funtoo Linux First Steps]], which will help get you acquainted with your new system.
+
* Canada:
 +
** '''Videotron''': Videotron has a [http://support.videotron.com/residential/internet/ipv6/videotron-ipv6 beta-program] for residential customers who want to test IPv6 (no official technical support, it is possible they don't have enabled it in your area so check first before investing in new hardware). Although  at date of writing, a large part of their networks are IPv6, '''you must go through a 6rd tunnel''' because they still need to upgrade some of their equipments and '''your router must support the 6rd protocol''' (this requirement is documented). Videotron sells you a D-Link DIR-825 with a modified firmware however this model has a weird gotcha: it does not support IPv6 firewalling.''' This is not a Videotron specific issue''' (even the genuine firmwares coming  from the manufacturer has no support for IPv6 firewalling as of June 2011). A good alternative to recommend is the CISCO/LinkSYS E4200, more expensive (MSRP ~$180 US/CDN) but has IPv6 firewalling support.  Once the E4200 firmware has been upgraded go in Setup/IPv6 Setup disable "IPv6 - Automatic" (you should then see an IPv6 address in the DUID field) and leave "automatic" for the 6rd configuration. You should be in business and see all of the hosts on your network with an IPv6 stack enabled being assigned a public IPv6 address starting with 2607:f048.
 +
** '''Teksavvy''' : TekSavvy has a [http://teksavvy.com/ipv6 IPv6 beta-program] for residential customers who use their DSL service (no statement found for cable connections). Just ask them to enable IPv6 to your subscription and it should be available within the next 24 hours. Their IPv6 connectivity is native so you don't need to setup a tunnel.
 +
** '''Shaw''' (?)
 +
** '''Cogeco cable''' (?)
 +
** '''Telus''' (?)
 +
** '''Bell''' : Bell appears to have an official IPv6 support especially for its business subscribers (See http://ipv6.bell.ca) via a toolkit and various web pages on the subject.
  
We also have a number of pages dedicated to setting up your system, which you can find below. If you are interested in adding a page to this list, add it to the "First Steps" MediaWiki category.
+
* France
 +
** '''Free'''
 +
** '''Nerim'''
 +
** '''the French Data Network (FDN)'''
 +
* United States:
 +
** '''Comcast''' (limited pilot in some areas only)
  
{{#ask: [[Category:First Steps]] | format=category }}
+
== Home routers compatible with IPv6 ==
  
If your system did not boot correctly, see [[Installation Troubleshooting]] for steps you can take to resolve the problem.
+
A few residential routers have support for IPv6 at date of writing and many more home networking devices will have robust IPv6 support in a more or less near futures. The following does not pretend to be exhaustive:
 +
* '''D-Link DIR-825 rev. 1B''' (June 2011): Has IPv6 support out of the box, however for somewhat reason the router has no support for IPv6 firewalling even with teh 2.05N revision of the firmware. Consequence for you is you have to deploy an IPv6 firewall on each of hosts concerned with a public IPv6 connectivity. The canadian ISP Videotron is selling a DIR-825 with a customized firmware as unfortunately, like with the genuine manufacturer firmware, no IPv6 firewalling possible :( .
 +
* '''CISCO/LinkSys E4200''' (June 2011): Advertised as being IPv6 compatible with a firmware update (available as of June 14th 2011 -> check for the version tagged 1.0.02 build 13 or later on the manufacturer website). The device supports native IPv6 and IPv6 through a 6rd tunnel (no support for any other tunneling protocol).
  
 +
== Resources ==
 +
*[http://ipv6.he.net/certification/cert-main.php free ipv6 certification program]
 +
*[http://ipv6-test.com/ Test ipv6 (ipv6-test.com)]
 +
*[http://test-ipv6.com/ Test ipv6 (test-ipv6.com)]
 +
*[http://www.comcast6.net/ Comcast's IPv6 page]
 +
*[http://tunnelbroker.net/ Hurricane Electric Tunnel Broker ]
 +
*[http://www.gentoo-wiki.info/HOWTO_IPv6 Gentoo Wiki IPv6 ]
 +
*[http://www.gentoo.org/doc/en/ipv6.xml Gentoo IPv6 Guide]
 +
with Apple airport extreme, etc:
 +
*[http://www.tunnelbroker.net/forums/index.php?topic=680.0 tunnelbroker.net forums post - airport config ]
 +
*[http://www.nedprod.com/Niall_stuff/addingIPv6toyourhome.html Adding IPv6 Support To Your Home]
 +
*[http://www.tunnelbroker.net/forums/index.php?topic=273.0 tunnelbroker.net forums post - Gentoo config (won't work in Funtoo)]
 +
Nice Overview over IPv6
 +
* [http://www.linux.com/learn/tutorials/428331-ipv6-crash-course-for-linux IPv6 Crash Course for Linux] and page 2 [http://www.linux.com/learn/tutorials/432537:another-ipv6-crash-course-for-linux-real-ipv6-addresses-routing-name-services IPv6 Crash Course for routing name services]
 +
* [http://livre.g6.asso.fr/index.php/Accueil IPv6 Théorie et Pratique (in french only)] revised online version of the O'Reilly book published in 2005 by a collective researchers and IT actors.
 
[[Category:HOWTO]]
 
[[Category:HOWTO]]
[[Category:Install]]
+
[[Category:Networking]]
 +
[[Category:Featured]]

Revision as of 17:08, 24 January 2014

Contents

Introduction

IPv6 is an redesigned and improved version of the IPv4 protocol, and is intended to start replacing IPv4 in 2011 and beyond as the IPv4 global address space becomes exhausted. IPv6 includes a number of improvements over IPv4, including most notably 128-bit addressing, simplified protocol header, integrated IPSec and Multicast implementations, improved discovery, flexibility and router interaction, and improved facilities for auto-configuration. IPv6 also marks the end of Network Address Translation (NAT), which is not recommended or necessary with IPv6. While it's possible to use non-routable addresses with IPv6, this is not a requirement and it is possible for any IPv6 device to have its own globally routable IP address if desired.

Addressing

IPv6 addresses consist of 128 bits. The first 64 bits are used for the network and subnet portion of the address, while the remaining 64 bits are used for the host portion of the address. For more information on how to represent IPv6 addresses, please see the Presentation section of the IPv6 address page on Wikipedia.

Network Masks

IPv6 addresses also have an associated network mask, which is typically written as a trailing "/64" or "/48" at the end of the address, which specifies what bits of the address are used for network and subnet parts. For example, a "/48" mask specifies that addresses use a 48-bit network part, followed by a 16-bit subnet part (allowing for 2^16 subnets), followed by a 64-bit host part (allowing for up to 264 hosts for each of the 216 subnets to be specified.) In contrast, a "/64" mask specifies that addresses use a 64-bit network part, no subnet part, and a 64-bit host part (allowing up to 264 hosts total to be specified.) This means that if you are issued a "/64" set of addresses, you will not be able to define any subnets, but if you are issued a "/48" set of addresses, you will be able to define up to 216 subnets.

Address Space and Security

IPv6 also uses a global, flat address space. IPv6 is designed so that any device that needs to communicate on the Internet is able to have a unique globally-routable address. With IPv6, there is no need for using Network Address Translation (NAT). With IPv4, NAT is often used as a means of protecting systems from being accessed by malicious users. With IPv6, firewalls are typically used instead of NAT for restricting access to systems. With IPv6, it is normal for all machines on your home network to have "globally routable" addresses, the equivalent of a "public IP" in the world of IPv4. It is important to understand that this is the way that IPv6 is intended to be used for the majority of users, and that an IPv6-enabled router will no longer be performing NAT for you.

Using IPv6

There are several ways to use IPv6 with Funtoo Linux. Here are some possibilities:

  • Participating in an existing IPv6 network
  • Creating a local IPv6 over IPv4 tunnel
  • Enabling IPv6 on your router, possibly via a tunnel (several ISP uses 6rd...)
  • Unique Local IPv6 Unicast Addresses (site local)

Participating in IPv6 Network

The first approach is an option if your Funtoo Linux system happens to be on an IPv6 network, or you desire to set up an IPv6 network. In this case, the Funtoo Linux system simply needs to be configured to participate in this IPv6 network -- and can also participate in an IPv4 network simultaneously. If you will be configuring an IPv6-compatible router, then you will simply configure your Funtoo Linux system to participate in this network.

Local IPv6 over IPv4 Tunnel

Another approach for using IPv6 is to configure an IPv6 over IPv4 tunnel locally on your Funtoo Linux system, in cooperation with a tunnel provider. This will allow you to use an existing IPv4 network to connect a single Funtoo Linux system to IPv6. It is also possible to configure this system to serve as an IPv6 router.

Enabling IPv6 on Your Router

If you have a router that is capable of supporting IPv6, then it is possible to configure your router so that an IPv6 network is available, at which point you can simply configure your Funtoo Linux system to participate in it. Note that many popular home/office routers can be configured to use an IPv6 over IPv4 tunnel, which provides a convenient option for home networks or smaller organizations to participate in IPv6. Using this approach, your computer systems behind the router are simply configured to participate in an IPv6 network, and your router handles tunneling the IPv6 traffic back and forth between your tunnel provider. This is typically the most flexible option for exploring IPv6 as it allows you to have multiple computer systems in your home or office to participate in an IPv6 network while your router takes care of everything transparently.

Using Unique Local IPv6 Unicast Addresses

If you don't have public IPv6 connectivity or you don't wish to open an IPv6 tunnel over an IPv4 network, you can use a mechanism similar to IPv4 private addresses ranges. This mechanism consists of concatenating the prefix FC00::/7 with a globally unique identifier and a subnet identifier to form the upper 64 bits of the IPv6 address. Details of the mechanisms to forge a unique local IPv6 unicast address are documented in RFC 4193, however unique local IPv6 unicast addresses are made of the following components:

       | 7 bits |1|  40 bits   |  16 bits  |          64 bits           |
       +--------+-+------------+-----------+----------------------------+
       | Prefix |L| Global ID  | Subnet ID |        Interface ID        |
       +--------+-+------------+-----------+----------------------------+
  • Prefix (7 bits): always FC00::/7
  • L (1 bits): must be set to 1 (1 = prefix is locally assigned, 0 is undefined so far and must not be used)
  • Global ID: A random identifier (see RFC 4193 for details about the generation algorithm
  • Interface ID: Host interface ID as defined in RFC 3513
Note: Just like with private IPv4 addresses, an IPv6 router must not route a unique local IPv6 unicast address outside the organization local network.

Requirements

IPv6 requires CONFIG_IPV6 to be enabled in your kernel (either compiled in or as a module). If compiled as a module (e.g. if your kernel was compiled by genkernel), ensure the module is loaded.

# lsmod | grep ipv6

If this returns nothing, load the module with:

# modprobe ipv6

Commands

ping6
IPv6 ping command
route -6
show IPv6 routes
ip -6 neigh show
show all IPv6 neighbors on the local LAN

Configuration

Participating in an Existing IPv6 Network

If your local network already supports IPv6, then you can simply configure Funtoo Linux to participate in this IPv6 network. Here is a sample configuration that might be used to configure an ethernet interface (netif.eth0) to participate in both an IPv4 and IPv6 network:

template="interface"
ipaddr="10.0.1.200/24 2001:470:d:c2c:218:51ff:feea:ee21/64"
gateway="10.0.1.1"
nameservers="10.0.1.1 2001:470:20::2"
domain="funtoo.org"
multicast="yes"
routes="2000::/3 via fe80::daa2:5eff:fe7a:83de dev eth0"

Above, we use the interface template, and specify both an IPv4 and IPv6 address (with network mask) for ipaddr. In addition, an IPv4 and IPv6 nameserver is specified. For routing, we use the gateway command to specify an IPv4 gateway, while we use the routes command to specify a route to our router, which in this case has address fe80::daa2:5eff:fe7a:83de and is reachable on device eth0.

Note that we specify a route for "2000::/3" rather than "::/0" or "default", and this is a bit unusual. This is to work around a bug in many Linux kernels that prevents the default route from being handled properly. "2000::/3" maps to all routable IP addresses and has the benefit of being compatible with all Linux kernels.

Many Addresses and Stateless Autoconfiguration

Also note that if we did not specify an IPv6 address in the ipaddr variable, then eth0 would still get at least one IPv6 address anyway. First, it would get a link-local address, starting in fe80::/16, and it would also automatically use stateless autoconfiguration to grab an unused IPv6 address from the range used by your IPv6 router. This works similarly to the way a DHCP client works with IPv4, but is built-in to the IPv6 protocol and does not require a DHCP server to function. It works because with IPv6, routers send out ICMP packets to advertise themselves to systems on your network, and your Funtoo Linux system can use this information to automatically grab an unused address. It is important to understand this behavior because it means that by default, your Funtoo Linux system will grab a globally-routable ("public") IPv6 address from your router with no steps necessary on your part and thus may be accessible from the Internet if no firewall is in place. However, in most cases the default IPv6 route must be specified in the routes variable for IPv6 to function properly, so this auto-configuration isn't completely automatic at this time.

Local IPv6 over IPv4 Tunnelling

Tunnelling is the process of encapsulating IPv6 packets within an IPv4 packet so that it can be transmitted over an IPv4 network. This process happens at a local tunnel entry point, which can be a Linux machine or a router, such as an Apple AirPort. The packet then traverses the IPv4 network, until reaches the tunnel endpoint, which de-encapsulates the packet and places it on an IPv6 network. There are several different types of IPv6 tunnels. There are also several IPv6 tunnel providers that offer free tunnelling services, making it convenient to start using IPv6, even on your home network.

Note that if you want configure an IPv6 over IPv4 tunnel on your router, such as an Apple AirPort, then you will simply need to sign up with one of the tunnel providers and use their instructions to configure your router. At this point, your router will be IPv6 enabled and you can then configure your Funtoo Linux system to participate in an existing IPv6 network using the instructions in the previous section. If this is not an option for you, then it is also possible to set up the IPv6 over IPv4 tunnel directly on your Funtoo Linux system. This means that only your Funtoo Linux system will be able to participate in IPv6, at least to start (later, you could configure your Funtoo Linux system to route IPv6 for other machines on your network) Follow the instructions in this section to set up local tunneling on your Funtoo Linux system.

Tunnel providers

freenet6
Supports anonymous tunnels and works behind NAT. You can connect to with your login or as anonymous from anywhere. This can be configured under Funtoo Linux by emerging the net-misc/gogoc ebuild.
Hurricane Electric
Configured 6in4 tunnel, with support for dynamic IPv4 addresses, and Apple AirPorts can be configured to use this tunnel - see this link. Also see ipv6.he.net FAQ You can setup this tunnel with ifconfig and iproute2, or configure your router to be the tunnel entry point -- the point at which IPv6 traffic is encapsulated/de-encapsulated.
Teredo/Miredo
RFC4380 mandated transition mechanism. Works behind NAT. Assigns one "/128" per host.

Getting Started with gogoc

Freenet6 is a free IPv6 access service provided by gogo6 via the TSP tunnelling protocol. gogoc supports any TSP tunnel; perhaps one is provided by your ISP. We will focus on an anonymous tunnel via freenet6.

You need ipv6 to be enabled in your kernel as well as the TUN module.

You can quickly get started by emerging net-misc/gogoc, adding gogoc to your startup scripts and starting it. net-misc/gogoc is currently keyworded unstable (on some architectures, see gentoo bug #362549). If you are running stable Funtoo, you may want to put an entry into your package.keywords/package.accept_keywords file.

# emerge gogoc
# bzcat /usr/share/doc/gogoc-*/gogoc.conf.sample.bz2 >/etc/gogoc/gogoc.conf
# rc-update add gogoc default
# /etc/init.d/gogoc start

Note Note: By default, gogoc will use an anonymous tunnel. If you wish to authenticate yourself, read and edit /etc/gogoc/gogoc.conf.

Getting started with Teredo

While this mechanism is officially called Teredo, the implementation of the Teredo service we will be using is called Miredo. Note Note: net-misc/miredo is currently keyworded unstable. If you are running stable Funtoo, you may want to put an entry into your package.keywords/package.accept_keywords file.}}

Emerge net-misc/miredo and start it up (you can add it to your default runlevel if you wish):

# emerge net-misc/miredo
# /etc/init.d/miredo start

Note Note: Miredo requires CONFIG_TUN enabled in your kernel. If it is compiled as a module, ensure the tun module is loaded.

If all goes well, you can check the assignment of an IPv6 address using /sbin/ip, for example:

# /sbin/ip addr show dev teredo
4: teredo: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc pfifo_fast state UNKNOWN qlen 500
    link/none 
    inet6 2001:0:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/32 scope global 
       valid_lft forever preferred_lft forever
    inet6 fe80::ffff:ffff:ffff/64 scope link 
       valid_lft forever preferred_lft forever

Tunnelling 6to4

6to4 is an Internet transition mechanism for migrating from IPv4 to IPv6, a system that allows IPv6 packets to be transmitted over an IPv4 network (generally the IPv4 Internet) without the need to configure explicit tunnels. When using 6to4 your IPv6 golablly addressable IP is generated from you IPv4 IP address.

The anycast address of 192.88.99.1 has been allocated for the purpose of sending packets to a 6to4 relay router. Note that when converted to a 6to4 IPv6 address with the subnet and hosts fields set to zero this IPv4 address (192.88.99.1) becomes the IPv6 address 2002:c058:6301::.

To use the funtoo network template method, write the config file for the interface /etc/conf.d/netif.6to4 (which will also handle the converting of your IPv4 address to your IPv6 address). Make sure you change "WAN" to your correct internet facing interface.

template=ipv6-tunnel
WAN="eth0"
MTU="1280" 
ipv4=`ifconfig $WAN | sed -ne 's/[[:space:]]*inet addr:\([0-9.]*\).*/\1/p'`
ipv6=`printf "2002:%02x%02x:%02x%02x::1" \`echo $ipv4 | tr "." " "\``
remote=192.88.99.1
local="$ipv4/24"
ipaddr="$ipv6/48"
routes="2000::/3 via 2002:c058:6301:: dev $WAN"

Then create the netif.6to4 symlink and add it to the default runlevel

# ln -s /etc/init.d/netif.tmpl /etc/init.d/netif.6to4
# rc-update add netif.6to4 default
# /etc/init.d/netif.6to4 start

You should now be capable of connecting via IPv6:

# ping6 ipv6.google.com

To allow this host to be a router, a modified template is required:

#!/bin/sh

netif_pre_up() {
        require local remote
        try ip tunnel add $interface mode sit remote $remote local $local ttl 255
        try ip addr add $ipaddr dev $interface
        try ip addr add $ipaddr4 dev $interface
}

netif_post_up() {
        try ip route add ::/0 dev $interface
}

netif_pre_down() {
        ip route del ::/0 dev $interface
}

netif_post_down() {
        ip tunnel del $interface
}

Then add the following line to /etc/conf.d/netif.6to4:

ipaddr4="$ipv4/24"

After restarting the 6to4 interface radvd can be started:

# /etc/init.d/netif.6to4 restart
# /etc/init.d/radvd start

Optimization

Prefer IPv4 over IPv6

Generally if your IPv6 connection is through a tunnel, it will be slower than an IPv4 connection. For this reason, if you are using an IPv6 tunnel, it can be best to configure your systems to prefer IPv4 if an IPv4 version of the site is available, and use IPv6 only when necessary. This way, you will avoid unnecessary encapsulation and de-encapsulation of IPv4 traffic. Here's how to do this for a number of operating systems:

Linux

Linux will prefer IPv6 if IPv6 support is enabled in the kernel. To prefer IPv4, edit /etc/gai.conf and add this line:

precedence ::ffff:0:0/96 100

Windows 7, Server 2008, Vista

These operating systems prefer IPv6 by default. See this link. To prefer IPv4, use the following steps:

  1. Start regedit.
  2. Navigate to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TCPIP6\Parameters.
  3. Create a new DWORD named DisabledComponents. Edit this new DWORD and set it to HEX value of 20 or a DECIMAL value of 32.
  4. Restart your computer.

ISPs who currently have IPv6 enabled for residential customers

  • Canada:
    • Videotron: Videotron has a beta-program for residential customers who want to test IPv6 (no official technical support, it is possible they don't have enabled it in your area so check first before investing in new hardware). Although at date of writing, a large part of their networks are IPv6, you must go through a 6rd tunnel because they still need to upgrade some of their equipments and your router must support the 6rd protocol (this requirement is documented). Videotron sells you a D-Link DIR-825 with a modified firmware however this model has a weird gotcha: it does not support IPv6 firewalling. This is not a Videotron specific issue (even the genuine firmwares coming from the manufacturer has no support for IPv6 firewalling as of June 2011). A good alternative to recommend is the CISCO/LinkSYS E4200, more expensive (MSRP ~$180 US/CDN) but has IPv6 firewalling support. Once the E4200 firmware has been upgraded go in Setup/IPv6 Setup disable "IPv6 - Automatic" (you should then see an IPv6 address in the DUID field) and leave "automatic" for the 6rd configuration. You should be in business and see all of the hosts on your network with an IPv6 stack enabled being assigned a public IPv6 address starting with 2607:f048.
    • Teksavvy : TekSavvy has a IPv6 beta-program for residential customers who use their DSL service (no statement found for cable connections). Just ask them to enable IPv6 to your subscription and it should be available within the next 24 hours. Their IPv6 connectivity is native so you don't need to setup a tunnel.
    • Shaw (?)
    • Cogeco cable (?)
    • Telus (?)
    • Bell : Bell appears to have an official IPv6 support especially for its business subscribers (See http://ipv6.bell.ca) via a toolkit and various web pages on the subject.
  • France
    • Free
    • Nerim
    • the French Data Network (FDN)
  • United States:
    • Comcast (limited pilot in some areas only)

Home routers compatible with IPv6

A few residential routers have support for IPv6 at date of writing and many more home networking devices will have robust IPv6 support in a more or less near futures. The following does not pretend to be exhaustive:

  • D-Link DIR-825 rev. 1B (June 2011): Has IPv6 support out of the box, however for somewhat reason the router has no support for IPv6 firewalling even with teh 2.05N revision of the firmware. Consequence for you is you have to deploy an IPv6 firewall on each of hosts concerned with a public IPv6 connectivity. The canadian ISP Videotron is selling a DIR-825 with a customized firmware as unfortunately, like with the genuine manufacturer firmware, no IPv6 firewalling possible :( .
  • CISCO/LinkSys E4200 (June 2011): Advertised as being IPv6 compatible with a firmware update (available as of June 14th 2011 -> check for the version tagged 1.0.02 build 13 or later on the manufacturer website). The device supports native IPv6 and IPv6 through a 6rd tunnel (no support for any other tunneling protocol).

Resources

with Apple airport extreme, etc:

Nice Overview over IPv6