119 lines
5.2 KiB
XML
119 lines
5.2 KiB
XML
<?xml version="1.0" encoding="UTF-8" ?>
|
|
<heIPv6 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xmlns="https://tunnelbroker.net/"
|
|
xsi:schemaLocation="https://tunnelbroker.net/ http://schema.xml.r00t2.io/projects/he_ipv6.xsd">
|
|
<!--
|
|
This is a sample XML configuration file to use with he_ipv6.py.
|
|
If you do not yet have an IPv6 Tunnelbroker.net allocation, you can get one (for free!) at:
|
|
https://www.tunnelbroker.net/tunnel_detail.php?tid=584532
|
|
I highly recommend their (free) certification as well if you're brand-new to IPv6:
|
|
https://ipv6.he.net/certification/
|
|
-->
|
|
<creds>
|
|
<!--
|
|
Credentials are kept separate from tunnel configuration because you can have multiple (up to 5) tunnels per user.
|
|
You can find the updateKey in the "Advanced" tab of your tunnel's configuration on your tunnelbroker.net panel.
|
|
-->
|
|
<cred id="ipv6user">
|
|
<user>ipv6user</user>
|
|
<password>someSecretPassword</password>
|
|
<updateKey>xXxXxXxXxXxXxXXX</updateKey>
|
|
</cred>
|
|
<cred id="anotheruser">
|
|
<user>someotheruser</user>
|
|
<password>anotherPassword</password>
|
|
<updateKey>0000000000000000</updateKey>
|
|
</cred>
|
|
</creds>
|
|
<tunnels>
|
|
<!--
|
|
Each tunnel MUST have an "id" and a "creds" attribute. The "creds" attribute should reference an "id" of a
|
|
creds/cred object.
|
|
The tunnel ID can be found by logging into your tunnelbroker.net panel, clicking on the tunnel you wish to use, and
|
|
looking at the URL in your browser.
|
|
It is in the format of https://www.tunnelbroker.net/tunnel_detail.php?tid=[TUNNEL ID]
|
|
So if it takes you to e.g. https://www.tunnelbroker.net/tunnel_detail.php?tid=12345, your tunnel ID would
|
|
be "12345".
|
|
-->
|
|
<tunnel id="12345" creds="ipv6user">
|
|
<!--
|
|
The "server" element is the remote SIT endpoint.
|
|
Section: IPv6 Tunnel Endpoints
|
|
Value Name: Server IPv4 Address
|
|
-->
|
|
<server>192.0.2.1</server>
|
|
<!--
|
|
The "client" element is the local SIT endpoint.
|
|
Section: IPv6 Tunnel Endpoints
|
|
Value Name: Client IPv6 Address
|
|
-->
|
|
<client prefix="64">2001:DB8:3::2</client>
|
|
<!--
|
|
Allocations that are handed to your tunnel.
|
|
Section: Routed IPv6 Prefixes
|
|
-->
|
|
<allocations>
|
|
<!--
|
|
Each alloc has the following attributes:
|
|
* "prefix" - the prefix size specified by your tunnelbroker.
|
|
* "id" - an identifier for each allocation to be used in assignments/assign items.
|
|
Value Name: Routed /64
|
|
-->
|
|
<alloc prefix="64" id="lan">2001:DB8:1:2::</alloc>
|
|
<!--
|
|
You may not have a /48 as it's opt-in. It's highly recommended, though, so you can provide global IPv6 addresses
|
|
to the rest of your LAN(s).
|
|
Value Name: Routed /48
|
|
-->
|
|
<alloc prefix="48" id="multilan">2001:DB8:2::</alloc>
|
|
</allocations>
|
|
<!--
|
|
Where to assign the allocations. The default allocation prefix is a /64 (prefix="64"), since that's what SLAAC
|
|
recommends.
|
|
Note that if you use your /64 allocation, and don't specify a longer prefix to it, you can only have one
|
|
assignment.
|
|
It has two optional attributes:
|
|
* "radvd" - a boolean; if true, /etc/radvd.conf will be automatically.
|
|
* "radvdDns" - a boolean, only used if radvd is true; if true, will specify the server's IP as an RDSS.
|
|
generated and restarted.
|
|
-->
|
|
<assignments radvd="true" radvdDns="true">
|
|
<!--
|
|
Each assignment has the following required attributes:
|
|
* "prefix" - the size of the subnet, "64" (/64) by default since that's what SLAAC recommends. Note that if
|
|
you use your /64 allocation and don't specify a longer prefix, you can only have one assignment
|
|
for that allocation.
|
|
* "alloc" - this should match an "id" attribute of an allocations/alloc item.
|
|
* "iface" - which network interface on the machine that the allocation should be added to.
|
|
Sections of the alloc referenced in the "alloc" attribute will then be carved out. Make sure you don't exceed
|
|
your allocation size! (A /48 has 65536 /64s in it.)
|
|
The interface will be assigned :1 (the first host in the subnet) as well, so it is recommended that you do not
|
|
assign a /128.
|
|
-->
|
|
<assign prefix="64" alloc="lan" iface="eth0"/>
|
|
<assign prefix="64" alloc="multilan" iface="eth0"/>
|
|
<assign prefix="64" alloc="multilan" iface="eth1"/>
|
|
<assign prefix="64" alloc="multilan" iface="eth2"/>
|
|
</assignments>
|
|
</tunnel>
|
|
<!--
|
|
And you can, of course, specify multiple tunnels.
|
|
-->
|
|
<tunnel id="54321" creds="ipv6user">
|
|
<server>192.0.2.1</server>
|
|
<client prefix="64">2001:DB8:6::2</client>
|
|
<allocations>
|
|
<alloc prefix="64" id="lan">2001:DB8:4:2:</alloc>
|
|
<alloc prefix="48" id="biglan">2001:DB8:5::</alloc>
|
|
</allocations>
|
|
<assignments>
|
|
<!-- Uses the default prefix of /64 each. -->
|
|
<assign alloc="lan" iface="eth0"/>
|
|
<assign alloc="biglan" iface="eth1"/>
|
|
<assign alloc="biglan" iface="eth1"/>
|
|
<assign alloc="biglan" iface="eth1"/>
|
|
</assignments>
|
|
</tunnel>
|
|
</tunnels>
|
|
</heIPv6>
|