IPv6 Setup
Patrick Haller
These are static IPv6 addresses, so you'll always get the same globally
routeable IPv6 address when you connect to the hackerspace wireless. [1]
Periodically, the M1 public IP address will change, and the cisco has an
EEM script that while it looks correct, has not been tested. Testing
involves blowing up our Internet access, so that's why it's untested.
Any problems with remote IPv6 connectivity while local works are most
likely to be caused by this script's failure. Just email me and I'll be
able to use the cisco's logs to fix it. Please do NOT power cycle the
cisco, that will not fix the situation.
Thanks,
Patrick
[1] As long as you use the same MAC address
Luther Goh Lu Feng
>________________________________
> From: Patrick Haller <patrick...@gmail.com>
>To: hacker...@googlegroups.com
>Sent: Tuesday, April 10, 2012 2:15 PM
>Subject: [HackerspaceSG] IPv6 Setup
May I suggest putting clear label on the router to ensure that the right people get the message? Maybe with a bit.ly link to this thread as well?
Alvin Jiang
at home?
Patrick Haller
> cool, is there a tutorial on how i can do this on an 800 or 1800
> series at home?
The Hurricane Electric example configs work well. The only things
they're missing are:
ipv6 unicast-routing
which enables the ipv6 router advertisements
and the EEM TCL script, which looks like:
::cisco::eem::event_register_syslog pattern "DHCP" priority all
namespace import ::cisco::eem::*
namespace import ::cisco::lib::*
set url "http://ipv4.tunnelbroker.net"
set php "ipv4_end.php"
set ip "ipv4b=AUTO"
set user ""
set md5pass ""
set tid ""
append url "\/$php\?$ip\&pass=$md5pass\&user_id=$user\&tunnel_id=$tid"
after 5000
if {[catch {http::geturl $url -queryblocksize 50 -type "text/plain" } token]} {
action_syslog priority info msg "http request failed"
} else {
action_syslog priority info msg "Response: [http::data $token]"
}
exit 0
Kai Hendry
Is your Cisco router configured with DHCPv6 (stateful config) or with
router advertisements (stateless autoconfiguration) for IPv6 address
propagation?
Still attempting to configure the openwrt... now as a bridge:
https://forum.openwrt.org/viewtopic.php?pid=163969#p163969
On 10 April 2012 14:15, Patrick Haller <patrick...@gmail.com> wrote:
> [1] As long as you use the same MAC address
Yes I noticed my ipv6 is different between interfaces. That kinda
sucks. Sometime I switch to wired if I want to use skype or ssh to a
foreign server to eek out slightly better performance.
Kai Hendry
> May I suggest putting clear label on the router to ensure that the right people get the message? Maybe with a bit.ly link to this thread as well?
Where does the label printer live?
Patrick Haller
> Is your Cisco router configured with DHCPv6 (stateful config) or with
> router advertisements (stateless autoconfiguration) for IPv6 address
> propagation?
router advertisements (stateless autoconfiguration)
> Yes I noticed my ipv6 is different between interfaces. That kinda
> sucks. Sometime I switch to wired if I want to use skype or ssh to a
> foreign server to eek out slightly better performance.
Since you never use simultaneously, set them to be the same?
Kai Hendry
http://www.flickr.com/photos/hendry/7063953725/
Not sure what to do about the mess of cables still below. Most
important one (don't know which) is going to the Mac Airport.
Since we never managed to establish the ipv6 tunnel with the openwrt,
I'm now wondering what use it could be (if any)
https://forum.openwrt.org/viewtopic.php?id=35970
Tbh after doing a few tests, I'm kinda glad we have that Cisco because
pumping a 100mbit line through an embedded router, even a good one
like the TL-WR1043ND, is actually a bit on the high load side of
things. Especially if you want to do anything else with it.
What comes to mind is
1) Webcam server are people OK being watched ? It has one USB port
plugged into a Logitech C200 which is a bit low end. I've yet to get
it all working.
2) Another wireless AP. I think the Mac Airport does a really good job
here (except for hard to type password :) already and so far I've kept
with wifi interface disabled
3) Some sort of network bridge for network debugging? seems like a tall order
openwrt does have some nice traffic summary tools I quite like the
look of. for example if everyone connected to this AP, you could work
out who was transferring the most data for example
4) i give it to my sister since her wireless AP sucks and take it out
of hackerspace
Patrick Haller
> I've moved the Cisco with the help of James ontop the side table:
> http://www.flickr.com/photos/hendry/7063953725/
Awesome!
> Since we never managed to establish the ipv6 tunnel with the openwrt,
> I'm now wondering what use it could be (if any)
Maybe delegate DNS for ppl.hackerspace.sg to it? Then people could
register dyndns addresses, e.g.
Then we can just ping6 ruiwen.ppl.hackerspace.sg to see whether he's
online, IM/email him directly at that IP, view his personal website,
etc. all at that IP.
Patrick
Martin Bähr
> Then we can just ping6 ruiwen.ppl.hackerspace.sg to see whether he's
> online, IM/email him directly at that IP, view his personal website,
> etc. all at that IP.
... hack his computer ;-)
who is running any servers on their laptops?
at best you get to see someones development work if they are running a
test server.
greetings, martin.
--
cooperative communication with sTeam - caudium, pike, roxen and unix
services: debugging, programming, training, linux sysadmin, web development
--
pike programmer working in china societyserver.(org|net)
foresight developer community.gotpike.org foresightlinux.org
unix sysadmin (open-steam|www.caudium).org realss.com
Martin B�hr http://societyserver.org/mbaehr/
Patrick Haller
> who is running any servers on their laptops?
The infrastructure of the Internet matters. Just because you don't want
to run postfix or ejabberd on your laptop, doesn't mean that everyone
should be prevented from doing so.
Since the mid-90's, consumer Internet has had the characteristics of
dialup: IP addresses that change periodically, and filters on which
services you can access.
Since IPv6s are currently functionally limitless, there's no need to
rotate addresses or force people to share addresses. At the same time,
many providers do not filter IPv6.
So now we're all getting a chance to see what the Internet was like
"back in the day". ;)
What are the implications? Beyond DNS, you don't need centralized
services anymore. Your mac/linux laptop comes with a secure and free
email server, and a secure IM server is just an install away.
Want to securely send a file to someone? Just email it to them at their
machine address (your mail server will keep retrying until they're
online), or install nginx and move the file to your secure link
directory and email the link to them.
I think this just accelerates the trend towards Apps and App Stores.
Patrick
Martin Baehr
> > who is running any servers on their laptops?
> The infrastructure of the Internet matters. Just because you don't want
> to run postfix or ejabberd on your laptop, doesn't mean that everyone
> should be prevented from doing so.
oh, of course not, i don't mean to imply anything of that sort.
> Since the mid-90's, consumer Internet has had the characteristics of
> dialup: IP addresses that change periodically, and filters on which
> services you can access.
did it ever have other characteristics? (i mean consumer internet
specifically, i'd say what you got as internet in the very early days
wasn't consumer internet. the static ip i had came from a business
account, because consumer service didn't offer that.)
> What are the implications? Beyond DNS, you don't need centralized
> services anymore. Your mac/linux laptop comes with a secure and free
> email server, and a secure IM server is just an install away.
indeed.
incidentially, one of the projects i am working on is to provide a
server that can cover this sort of use space. (small, easy to maintain,
handles email, IM, file transfer, etc...)
> Want to securely send a file to someone? Just email it to them at their
> machine address (your mail server will keep retrying until they're
> online)
that is, if my mailserver keeps running. if we are both on laptops then
it'll depend on us both being online at the same time.
> , or install nginx and move the file to your secure link
> directory and email the link to them.
then i need to be online when they read the email...
> I think this just accelerates the trend towards Apps and App Stores.
how? i don't quite see the connection. please elaborate.
Patrick Haller
> did it ever have other characteristics? (i mean consumer internet
> specifically, i'd say what you got as internet in the very early days
> wasn't consumer internet. the static ip i had came from a business
> account, because consumer service didn't offer that.)
You usually connected via serial to a unix box and lived on it. That
shell account was your home because machines with TCP/IP stacks were not
so easy to find. (all praise linux/freebsd for fixing this in '93/'94)
> then i need to be online when they read the email...
When is your phone not online?[0] ;)
> > I think this just accelerates the trend towards Apps and App Stores.
This is a story about costs.
First, it's easier to leave the content you create where it originates,
i.e. on your phone/laptop, and serve it from there.[1]
Second, the UX for apps is generally better than that of webapps: native
feel, response time, layout, etc.
Third, apps can just plain do more, so the range of innovation is
larger than what webapps can offer.
Those are the big ones, there are others related to the pricing of
personal data[2] and its control that really haven't been ironed out,
and so no one cares yet.
Patrick
[0] Always connected is here to stay.
[1] If it goes viral, you post it to a place where you get paid per
million views like youtube or flickr, set up the HTTP redirect and watch
the money roll in, or if it gets really huge, update your dyndns to a
host in the cloud.
But those people are lottery winners, not normal people. We just chat
back and forth, share photos, small time stuff.
[2] Go talk with Thomas Gorissen for a bit on how web advertising bidding
systems work. High value consumers are leaving money on the table....
Kai Hendry
> On Tue, Apr 10, 2012 at 11:29:18PM +0800, Patrick Haller wrote:
>> Then we can just ping6 ruiwen.ppl.hackerspace.sg to see whether he's
>> online, IM/email him directly at that IP, view his personal website,
>> etc. all at that IP.
Like this idea.
> who is running any servers on their laptops?
I always run a httpd.
> at best you get to see someones development work if they are running a
> test server.
And this is a good thing. For example now you can develop a site
locally and test it on a iPhone without have some some sort of deploy
stage. Schweet.