2002:c058:6301::
which is a
special magic anycast address for the nearest (in BGP terms, anyhow)
Relay Router.
6to4 is a transitional scheme. It uses encapsulation, meaning that it "wraps" IPv6 packets inside of an IPv4 shell to move them between networks over the current Internet. During the transition to an IPv6 internet, encapsulation will have to be used to connect "islands" of IPv6 networks together across the vast ocean of IPv4. 6to4 is one such technique.
6to4 uses a special IPv6 prefix: 2002::/16. The IANA has set aside this address space just for 6to4. The 6to4 specification states that the 32 bits after 2002::/16 are the IPv4 address of the gateway machine for the network in question. This is how the packets know to find their way to your network -- the IPv4 address of your gateway is right in them! For example, if your gateway machine's IPv4 address is 192.168.2.199 (it obviously wouldn't be since that address is unroutable, but just for example), your IPv6 prefix would be 2002:c0a8:2c7::/48. Inside of that space, you have 80 bits of address space to do with as you please. Normally each subnet gets a 2^64 netmask, so that leaves 16 bits of site-local network addressing -- or 65,536 subnets.
To set up 6to4, you start with a machine that has both IPv4 and IPv6. I
will use FreeBSD as an example, mostly because it's the one I know
best. FreeBSD has a special pseudo-device that can be used to set up
6to4 called stf
. Make sure you put pseudo-device
stf
in your kernel configuration. After you have a kernel set up
for both IPv4 and IPv6, and you have stf0
available, and your IPv4
configuration is set up, add this to your rc.conf
file:
ipv6_enable="YES" ipv6_network_interfaces="auto" ipv6_gateway_enable="YES" ipv6_prefix_nn0="2002:xxxx:xxxx" stf_interface_ipv4addr="xxx.xxx.xxx.xxx"Replace the
x
s with your machine's IPv4 address, and
nn0
with your interface's name.This setup presumes you have a static IPv4 address. It is possible to use 6to4 with a dynamic address, but this means that your IPv6 prefix will change everytime your IPv4 address does.
Having done this much, you can now exchange packets with anyone else using 6to4 anywhere on the net. But what about folks not using 6to4 - sites on the 6bone or in other IPv6 address spaces? To get to non-6to4 addresses, you need to use a relay router. That is a machine that is set up both for 6to4 and a connection to some other address space. If you set such a machine as your default route, it will pass your packets on to the rest of the IPv6 universe.
Add this line to your rc.conf file to specify your default route (its commented-out form is in /etc/default/rc.conf):
ipv6_defaultrouter="2002:c058:6301::" # Use this for 6to4 (RFC 3068)Lastly, you will want to set up a reverse-DNS zone for your 6to4 network. To do this, set up two name servers (a master and a slave) that serve the zone "0.0.0.0.h.g.f.e.d.c.b.a.2.0.0.2.ip6.arpa", where the letters a through h represent the hex digits of your 6to4 zone backwards (this assumes that you're not going to set up multiple networks behind your 6to4 gateway). That is, for the example above of 2002:c0a8:2c7, the reverse zone would be "0.0.0.0.7.c.2.0.8.a.0.c.2.0.0.2.ip6.arpa". The contents of this zone should be PTR records for your hosts just like an in-addr.arpa zone for IPv4, but the left hand side should be the hex digits of the IPv6 address backwards, separated by dots. For example, the 6to4 host will have a ::1 suffix for the 6to4 interface, so a reverse DNS record would look like this:
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR 6to4.example.com.With that record inside the above zone, the full record would be
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.c.2.0.8.a.0.c.2.0.0.2.ip6.arpa. PTR 6to4.example.com.Lastly, you need to register this zone and its servers with the 6to4 reverse zone authority. Note that when you visit that site, you'll get an SSL certificate warning. This is normal. You need to visit this site using IPv6 from the actual 6to4 zone you're trying to register. Follow the form to set up the nameservers for the zone and that's it!