Setting up a Raspberry Pi as an IPv6 gateway using Hurricane Electric.

First thing you’ll need to do is register at the Hurricane Electric Website and create your own tunnel. I’m not going to go over that since there’s a lot of help on the Hurricane Electric Website about it. These instructions only apply to you, after you’ve registered as a user, and set up your tunnel on their website.

Take a note of your Tunnel details from the Hurricane Electric website, you’ll need them to set up your Linux IPv6 Gateway. The IPv6 addresses are used for documentation purposes only, see RFC 3849 (no point showing everyone on the Internet my home IPv6 address range).

HE Server IPv4 Endpoint 216.66.80.26
Static IPv6 assignment from my routable range 2001:DB8:8:7aa::1
Client IPv6 Endpoint 2001:DB8:7:7aa::2

Ok first thing to do is enable IPv6 support on your raspberry pi, at the prompt type.

sudo modprobe ipv6

To make the change permanent, you will have to edit the modules file and have your pi load it at start-up (reboot). To do this edit the modules file, type the following.

sudo nano /etc/modules

Your modules file should look similar to this after to append the “ipv6″ line at the end.

#/etc/modules: kernel modules to load at boot time.
#
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.
# Parameters can be specified after the module name.

snd-bcm2835
ipv6

You need to edit /etc/network/interfaces and add your own data to the bottom of the file. Two bits of data, the first bit goes after your own network adaptor (usually eth0). and the second part after that.

sudo nano /etc/network/interfaces
  • Adding static IPv6 address from my routable range.
  • Adding the Hurricane Electric Tunnel interface (called he-ipv6)
  • Please note that the IP’s are on different networks.
# Adding an IPv6 address to the eth0 interface.
# Interface up
up ip -6 addr add 2001:DB8:8:7aa::1/64 dev eth0

# Interface down
down ip -6 addr del 2001:DB8:8:7aa::1/64 dev eth0

The IPv6 and IPv4 setting below will of course be yours and not the ones I’ve made up for the purpose of showing how it’s done :-)

# IPv6 via Hurricane Electric Tunnel
auto he-ipv6
iface he-ipv6 inet6 v4tunnel
address 2001:DB8:7:7aa::1
netmask 64
endpoint 216.66.80.26
gateway 2001:DB8:7:7aa::2
ttl 255

# The MTU set on my router "negotiated via my ISP" is
# 1492. So 1492 - 20 = 1472.
# If your routers MTU is 1500, then you can just leave
# the following line out as it will default to 1480.
mtu 1472

Now we’ll deal with DNS, you have two options, you can either use your ISP’s DNS server and hope that it’s set up to deal with IPv6 resolution, or you can use free public recursive DNS servers. I’m going to use Google’s public recursive DNS servers which I know work.

To set this up, you’ll need to edit the /etc/resolv.conf file and add the DNS servers in. Type the following at the prompt.

sudo nano /etc/resolv.conf

Add the following and save.

nameserver 8.8.8.8
nameserver 8.8.4.4

Testing the Tunnel

Before we go any further, were going to bring the tunnel up and test it.

At the prompt, type the following.

sudo ifup he-ipv6

To test, type the following.

ping6 -c 5 ipv6.google.com

You should get similar results to me.

ping6 -c 5 ipv6.google.com
PING ipv6.google.com(we-in-x68.1e100.net) 56 data bytes
64 bytes from we-in-x68.1e100.net: icmp_seq=1 ttl=57 time=31.2 ms
64 bytes from we-in-x68.1e100.net: icmp_seq=2 ttl=57 time=30.7 ms
64 bytes from we-in-x68.1e100.net: icmp_seq=3 ttl=57 time=30.9 ms
64 bytes from we-in-x68.1e100.net: icmp_seq=4 ttl=57 time=31.3 ms
64 bytes from we-in-x68.1e100.net: icmp_seq=5 ttl=57 time=31.3 ms

--- ipv6.google.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4007ms
rtt min/avg/max/mdev = 30.780/31.119/31.358/0.297 ms

If your results are similar to above then your raspberrypi is connected to the IPv6 Internet (Hurrah!) :-). If not then check your IPv6 settings and ask for help on the HE forum here.

Now we need to bring the interface down, we’ll bring it back up again after we’ve firewalled it.

sudo ifdown he-ipv6

References:

Continue reading

Setting up your Raspberry Pi (headless)

Raspberry Pi Hardware List


Continue reading

Billion 7800N SNMP OID’s

I’ve decided to graph my small home network, so I thought I would see if I could find the OID’s for my Billion 7800n Router, first I tried the Billion website, I was surprised not to find them there. I managed to find some information on other websites (not a huge lot), but it seems that Billion have changed the format of the information between firmware revision.

Billion 7800n SNMP Page

Billion 7800n SNMP Page

Assuming you’ve set up your router and installed snmp tools on your Linux workstation, this command will give you a list of all the OID’s.

If you can’t be bothered to install SNMP tools then feel free to grab the zip file of the results from the following Software Version 1.06e

snmpwalk -v1 -c public 192.168.1.254

As it happens, I’ll only be graphing a few of the salient attributes of the router, using either Cacti or Nagios in a home environment.

ADSL Status.

Upstream Speed (Gauge32): .1.3.6.1.2.1.10.94.1.1.2.1.8.3
Downstream Seed (Gauge32): .1.3.6.1.2.1.10.94.1.1.3.1.8.3

Upstream SNR (Integer): .1.3.6.1.2.1.10.94.1.1.2.1.4.3
Downstream SNR (Integer): .1.3.6.1.2.1.10.94.1.1.3.1.4.3

Upstream Line Attenuation (Gauge32): .1.3.6.1.2.1.10.94.1.1.2.1.5.3
Downstream Line Attenuation (Gauge32): .1.3.6.1.2.1.10.94.1.1.3.1.5.3

System Uptime (Timeticks): .1.3.6.1.2.1.25.1.1.0

Interface Statistics.

Ethernet interface eth0
String: “eth0″ .1.3.6.1.2.1.2.2.1.2.6
RX bytes (String): .1.3.6.1.2.1.2.2.1.10.6
TX bytes (String): .1.3.6.1.2.1.2.2.1.16.6

Ethernet interface eth1
String: “eth1″ .1.3.6.1.2.1.2.2.1.2.7
RX bytes (String): .1.3.6.1.2.1.2.2.1.10.7
TX bytes (String): .1.3.6.1.2.1.2.2.1.16.7

Ethernet interface eth2
String: “eth2″ .1.3.6.1.2.1.2.2.1.2.8
RX bytes (String): .1.3.6.1.2.1.2.2.1.10.8
TX bytes (String): .1.3.6.1.2.1.2.2.1.16.8

Ethernet interface eth3
String: “eth3″ .1.3.6.1.2.1.2.2.1.2.9
RX bytes (String): .1.3.6.1.2.1.2.2.1.10.9
TX bytes (String): .1.3.6.1.2.1.2.2.1.16.9

Wireless interface ra0
String: “ra0″ .1.3.6.1.2.1.2.2.1.2.8
RX bytes (String): .1.3.6.1.2.1.2.2.1.10.8
TX bytes (String): .1.3.6.1.2.1.2.2.1.16.8

Bridge interface br0
String: “br0″ .1.3.6.1.2.1.2.2.1.2.9
RX bytes (String): .1.3.6.1.2.1.2.2.1.10.9
TX bytes (String): .1.3.6.1.2.1.2.2.1.16.9

Backing up your wordpress mysql file and encrypting it for offsite storage.

This is reminder to myself (but if it’s usefull, then feel free).

Forgot the name of the database (Duh!) :-D

mysql -u root -p

Enter password:

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 887
Server version: 5.1.63-0ubuntu0.10.04.1 (Ubuntu)

Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| billy_wordpress    |
| mysql              |
+--------------------+
3 rows in set (0.01 sec)

mysql> quit
Bye

Backup wordpress MySQL database

mysqldump -u root -p billy_wordpress > wordpress.sql

Encrypt using gpg for offsite storage, remember your not using your (or someone’s) public key to encrypt the file, your using a specific password so…

Hint: Keep a note of the password. :-D

gpg -c wordpress.sql

The encryted file will have a gpg extension, so in my case it’s called “wordpress.sql.gpg”.

How to Decrypt the file

gpg wordpress.sql.gpg

Will give you 2 files, the original encrypted wordpress.sql.gpg file, and the unencryped wordpress.sql file.

References:
Encrypting and decrypting documents
Backup and Restore MySQL Databases

Installing Wireshark on Ubuntu 12.04 LTS

Installing wireshark on Ubuntu 12.04 LTD and limiting packet capture to one group, in this case the group wireshark. I’m sure you can use these instructions for other debian based distributions.

Although you’ll have to take it as read that I’ve only tested it on Ubuntu, feel free to let me know if it doesn’t and I’ll amend the instructions to suit.

First, we install Wireshark from the terminal.

Continue reading

Installing FreeNX server on 12.04 Precise Pangolin

I’m making the assumption that you have a working 12.04 installation that’s connected to the internet. :-)

First, your going to add the freenx repository, then update. Followed by installing the freenx software.

sudo add-apt-repository ppa:freenx-team/ppa
sudo apt-get update
sudo apt-get install freenx-server

Now tht you have the Freenx server installed, you will want to configure it to use the ubuntu-2d session for any Freenx clients. The ubuntu-3d session doesn’t work with  Freenx and will give you an error message “Failed to load session “gnome-fallback””.

sudo echo -e "\n#Use unity 2d for client sessions\nCOMMAND_START_GNOME='gnome-session --session=ubuntu-2d'"|sudo tee -a /etc/nxserver/node.conf

All done, you should be able to connect using NoMachine’s free client. :-)

References:
Installation of FreeNX Server on Ubuntu 12.04 Precise Pangolin
How to Install FreeNX Server on Ubuntu 12.04 Precise Pangolin

Setting up dnsmasq with Ubuntu 10.04 for home networking

What is DNSMASQ?

A caching DNS forwarder. Dnsmasq is lightweight, easy to configure DNS forwarder designed to provide DNS (domain name) services to a small network where using BIND would be overkill. It can be have its upstream DNS servers automatically configured by PPP or DHCP and it can serve the names of local machines which are not in the global DNS. It can integrate with the ISC DHCP daemon to serve the names of local machines which are configured using DHCP. Dnsmasq is ideal for networks behind NAT routers and connected via modem, ISDN, ADSL, or cable-modem. Continue reading