Linux & IPv6: Connecting to the 6bone through PPP with a dynamically-allocated IPv4 address

Version: 1.17 from 2003-03-16
Copyright 1997-2001 by Peter Bieringer <pb@bieringer.de>, original site of publishing: http://www.bieringer.de/linux/IPv6/
Unlimited non-commercial distribution of this document in its entirety is encouraged - please contact the author prior to commercial publication.

Suggestions, comments and improvements are welcome!
You can find more info to Linux and IPv6 at http://www.bieringer.de/linux/IPv6
Look also at the IPv6-HowTo

Changes to


Decisson matrix

Here is shown a matrix which kind of method should be used to connect automatically to the IPv6 backbone in case of dial-up with dynamically assigned local IPv4 addresses:
Scenario Subscenario Method
Dial-up host a private IPv4 address is assigned to the local PPP interface no working method is available
Singe dial-up host no unique IPv6 address space is assigned 6to4 (easy)
Singe dial-up host unique IPv6 address space is assigned and should be used sitctrl (static tunnel server required)
Dial-up host, also IPv6 connectivity for the LAN no unique IPv6 address space assigned 6to4subnetrouting (easy)
Dial-up host, also IPv6 connectivity for the LAN unique IPv6 address space is assigned and should be used sitctrl (static tunnel server required)


This toolset is made for following reasons: Global Requirements: Static tunnelendpoint requirements Tunnelendpoint requirements


You need the following files, described also in the following text:

Static tunnelendpoint server (controlled tunnel server)

Secure shell (ssh)


Server configuraton

Server testing

Dynamic tunnelendpoint client (controlled tunnel client)

Secure shell (ssh)

Client configuraton

Client testing

Client automatic trigger setup

This works only with a trusted ssh setup (authorized keys, see further up for details)

Deleting tunnel before hangup

In the past I forgot, that the tunnels are existing further on, even though the client endpoint isn't up still. This can cause confusion by another (new) host, which gets the IPv4 address of the previous tunnel host during the dynamic allocation. The new host gets IPv6 packets, which do not belong to it.
Therefore a hint for an already built-in server method, which should be called before the link is going down (before hangup).
Like the example in /etc/ppp/ip-up.local.diff you have only to call the script triggersit-ip6 with the remote command "del": It's recommend to insert the upper line in a given script, which is called before triggering the hangup, like following example:
# Delete tunnel at the IPv6 tunnelserver
echo "First delete IPv6 tunnel"
/usr/local/bin/triggersit-ip6 -u peter -c del -p /etc/ppp/.passwd.tunnel.peter >/dev/console
echo "Hang Up ISDN Device $DIALDEVICE"
# HangUp
isdnctrl hangup $DIALDEVICE
BTW: Unlike the ip-up script (executed by the [i]pppd) I don't know a way that [i]pppd execute a script before hangup a device. ip-down is executed after the IP connection is down. If someone knows a solution, please contact me.

Deleting down tunnels (server triggered) NEW

For dial-on-demand links with a specified hangup timeout it's not possible (AFAIK) to run a script before the IPv4 connection is down (ip-down is triggered after IPv4 is down). Therefore the client can never trigger a tunnel removing in this case.
Solution: a new option (deldowntun) is added to ctrlsit-ip6 which tests existing (with triggersit-ip6 created) tunnels whether they are still working.
1) Ping to the given IPv4 address of the tunnelendpoint on client side
If also an IPv6 address was specified:
2) Ping to a given IPv6 address (should be also of the tunnelendpoint on client side, mostly the global address of eth0)
If 1) is not successful, the tunnel will be deleted, also in the case of 2)

Related commands:

See additional options via help (-h|-?)

Changing locations of the files

Here is a table of dependencies:
File/Directory/Variable Specified in By
/var/log/ctrlsit-ip6.log /usr/local/sbin/ctrlsit-ip6 IP6TUNNEL_LOG=
/etc/sysconfig/ctrlsit-ip6.conf /usr/local/sbin/ctrlsit-ip6 IP6TUNNEL_USERCONF=
/var/lock /usr/local/sbin/ctrlsit-ip6 IP6TUNNEL_LOCK=
IPv4 tunnel address /usr/local/bin/triggersit-ip6 DEFAULT_TUNNEL=
Dial-up device /usr/local/bin/triggersit-ip6 DEFAULT_DEVNAME=
Server script name /usr/local/bin/triggersit-ip6 CONTROLSIT=
/etc/ppp/ip-up [i]pppd Source code


Your connection is via: IPv4
Your address:
IPv6 Ready www.bieringer.de
is maintained by
webmaster at bieringer dot de
powered by Apache HTTP server powered by Linux IPv4 connectivity is provided by