Home > How-To > Getting your desktop Mac on the IPv6 Internet

Getting your desktop Mac on the IPv6 Internet

It’s easy, and it’s free, but it can be confusing. Chances are that your current Internet provider, especially a residential provider, doesn’t offer direct IPv6 connectivity. That’s no barrier to getting hooked up, though: you can use one of a number of free “tunnel broker” services to sign up for a tunnel through the IPv4 miasma to the IPv6 new world.

The service I use and recommend is Huricane Electric’s TunnelBroker.net (http://TunnelBroker.net). They have nice step-by-step procedures that will get you hooked up in a jiffy. But getting started is not Mac-intuitive. So let me outline the steps here to smooth your way:

1. You have to first register for a free TunnelBroker.net account. TB asks for the usual things — name, email, etc. Nothing onerous, but consider that because you’re getting a free bandwidth service — a very nice benefit from TB — you should give them legitimate contact info. Once you a TB account, the rest of TunnelBroker.net gets unlocked for you.

2. Next, you have to go register a new tunnel within TB. I’d have expected some kind of instructions from TB by this point, but you don’t get any until you create a tunnel. For example, you can’t get to TB’s example configurations until you do this. TB should change that, providing at least a minimal roadmap. On the TB page after you log in click “Create Regular Tunnel”. You’ll be prompted for your public IP address. If you have a static one, great. If you don’t, well, there are ways around that we’ll talk about in a future post.

3. Once the tunnel is created, you’ll be assigned a bunch of IP addresses: a public IPv4 address for TB’s server-end of the tunnel, a pair of IPv6 addresses in a /64 subnet that you’ll configure as the IPv6 tunnel endpoints, and a separate /64 IPv6 subnet that will be your own personal IPv6 address space.

You need not write any of this down; you can get to it later at any time just by logging into your TB account. TB will even fill in most of the IP address information in its customer-generated scripts, so you won’t need to even copy and paste these addresses to get up and running.

4. You’ll see a pop-up list under Example OS Configurations. Choose NetBSD/MacOSX. A list of four shell commands will appear, which you’ll eventually copy and paste into a Terminal window. BUT NOT YET! What TB leaves out is that each of these commands must be prefixed with the command “sudo” to execute each in super-user mode (sudo means “super-user do”). So first paste the commands into your favorite text editor, then paste “sudo” on the front of each line in your text edit window. Here’s an example:

sudo ifconfig gif0 create
sudo ifconfig gif0 tunnel 72.xxx.xxx.xx
sudo ifconfig gif0 inet6 2001:470:x:x::2 2001:470:x:x::1 prefixlen 128
sudo route -n add -inet6 default 2001:470:x:y::1

Pay close attention to the TB note that says:

“*NOTE* When behind a firewall appliance that passes protocol41, instead of using the IPv4 endpoint you provided to our broker, use the IPv4 address you get from your appliance’s DHCP service.

What this means is that if you’re behind a NAT firewall you must replace your public IP in the commands above (in the second command) with your Mac’s private IP address. Everyone seems to miss this point, so be forewarned. If you need to make this change (you likely do), alter the second command in the list, replacing the public IP that TB filled in for you automatically with your pirvate IP.

With that caveat observed,  you’re ready to start pasting the commands, one at a time, into a Terminal window. Open Terminal (it’s in Applications>Utilities) and paste the first command line. You’ll be prompted for your Mac login user ID and password once on the first command; the other commands won’t prompt you again. As you paste each command line and hit return, you should get no output. However, if you get an error message on the first line this is usually not serious – just go ahead with the rest of the commands and likely it will all just work.

5. Now open Safari and go to WhatIsMyIPv6.com. If you’ve done everything right, you’ll see your shiny new IPv6 address in great big characters, rather than that rusty old IPv4 address. If it doesn’t work, check to make sure your firewall will pass Protocol 41, which is used by IPv6 tunnels. Note that this isn’t TCP or UDP port 41, it’s IP protocol 41. Not all firewalls can do this, but mine (a Sonicwall TZ190 running Enhanced version software) can.

Last but not least, note that none of these commands take permanent effect. They’ll be lost the next time you reboot, and you’ll have to run them again to get your IPv6 connection re-established. In a future post I’ll explain how to make them permanent.

Congratulations! You’re on the IPv6 Internet! You’ll find a growing number of companies moving to IPv6, so explore and see who you can reach with your own personal IPv6 address block. And take comfort in the fact that your little IPv6 island has 4,294,967,295 times the number of addresses in the entire IPv4 Internet.

Categories: How-To Tags:
  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.