inamerrata

For no good reason I’ve got IPv6 working on my laptop now. It’s not directly via Internode, unfortunately, because for some reason it wouldn’t seem to authenticate. But Aarnet’s broker service seems to work easily enough, and is almost as good. My setup involved installing the tspc package, setting userid, passwd, server, if_prefix and a couple of other settings in tspc.conf and crossing my fingers. And as a result, I’ve now got a personal, routable, public /64 and I can see the bouncing logo at ipv6.google.com. Beyond that, it’s not really very interesting. There are two things I’d like to do with it, but at the moment haven’t quite figured out.

The first is to use it for tunneling. It would be quite nice to be able to say “setup my encrypted tunipv6.google.comnel” and then be able to ssh/vnc directly to machines behind a firewall. Unfortunately IPv6 doesn’t buy much there — it just means I don’t have to worry about my private subnets clashing, I still have to have firewalls and tunnels and setup and teardown. And worse, I don’t actually run IPv6 on the other network, so I’d really rather have what I see as a VNC connection to an IPv6 host end up making an IPv4 connection. Which I think is going to involve having a dozen IPv6 addresses on the private subnet’s IPv6 router/firewall, and using 6tunnel to redirect an IPv6 VNC connection on those addresses to an IPv4 VNC connection to one of the actual computers. And I’m not really sure that’s going to be worth the effort, but hey.

The second is a bit pie in the sky too. I think it’d be interesting to have an IPv6-only wireless network at home — rather than handing out private, NATed IPv4 addresses, just handout public IPv6 addresses. That’s no fun if you can’t do anything useful, of course, but at least in theory you ought to be able to do something about it. Having a web proxy with an IPv4 address might get you most of the way, and perhaps you could use ssh’s ProxyCommand option to get ssh to IPv4 working too. I had thought there was supposed to be enough IPv6 addresses to make the entire IPv4 Internet addressable by IPv6 hosts, but apparently all the interoperability mechanisms keep getting deprecated, because a requirement for using IPv6 is apparently thinking NAT is evil.

So yeah, bouncing google logos is pretty much it for the moment.