Pick a Free OS

User login


Routing Windows 2000 IPv6 traffic

Note that I've written most of this document from memory. It appears to be

correct; if I've missed something or if you have any questions or comments,

feel free to

href="mailto:rjmooney@aboveground.cx">drop me a note


Described Network

Here's my network setup:

(( Internet ))



| OpenBSD firewall |



( Windows 2000 )

I will describe the setup on the OpenBSD firewall, and the Windows 2000 desktop


Initial Setup

To start, make sure you are running a recent version of OpenBSD. The latest available

at the time of this writing is 2.9-current. OpenBSD natively supports IPv6 and

the generic interface ( gif(4) ), required for tunneling.

You'll need to download and install the IPv6 Technology Preview from Microsoft

for Windows:


Remember to bind the IPv6 protocol to the NIC. This is discussed in the Technology

Preview install docs.

For the purposes of this discussion, the router's external addresses are

and 1:1:1:1::2, and the internal addresses are and 1:2:1:1::1. The

Windows external addresses will be and 1:2:1:1::2.

Turning on IPv6 Routing

Make sure the router will forward IPv6 packets:

sysctl -w net.inet6.ip6.forwarding=1

You can turn this option on permanently by adding "net.inet6.ip6.forwarding=1"

to /etc/sysctl.conf.

Requesting a Tunnel

There are a number of IPv6 brokers. See


for a list. I use

href="http://ipv6tb.he.net/">Hurricane Electric

. Most require you to register

for an account.

When prompted, enter your firewall's external IP. Hurricane will provide you

with information similar to the following:

Broker IPv4 tunnel address:

Broker IPv6 link address: 1:1:1:1::1/127

Your IPv4 tunnel address:

Your IPv6 link address: 1:1:1:1::2/127

Next, you'll want to request a /64. This is a bit of an overkill, but it's fun

to look at.