Vyatta support for AYIYA tunnels configured via TIC (i.e. what sixxs.net uses)
Shell
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
debian
scripts
templates-cfg/interfaces/aiccu
.gitignore
AUTHORS
COPYING
ChangeLog
NEWS
README
README.md
install.sh
package-release.sh
package-snapshot.sh

README.md

Introduction

vyatta-aiccu provides support for establishing AYIYA tunnels with AICCU.

Installation

First, add the debian APT repositories and the repository of this project

configure
set system package repository squeeze components 'main contrib non-free'
set system package repository squeeze distribution squeeze
set system package repository squeeze url http://http.us.debian.org/debian

set system package repository squeeze-security components main
set system package repository squeeze-security distribution squeeze/updates
set system package repository squeeze-security url http://security.debian.org

set system package repository vyatta-aiccu components contrib
set system package repository vyatta-aiccu distribution squeeze
set system package repository vyatta-aiccu url https://github.com/fgp/vyatta-aiccu/raw/gh-pages/debian/
commit

Then install the package with

sudo apt-get update
sudo apt-get install vyatta-aiccu

NOTE: If the aiccu package isn't already installed on your system, it will be installed as a dependency of vyatta-aiccu. The aicuu package will then asks for your SIXXS username and password. Simply hit ENTER when it does that!. The actual configuration of aiccu will happen from the EdgeOS CLI. If you do enter a username or password during installation, the aiccu package will attempt to configure the aiccu daemon to be launched by the init system, which will fail because of a dependency issue! The EdegeOS integration provided by vyatta-aiccu takes care of launching aiccu once per configured aiccu interface, and at the right time during the boot proccess. Having the init system launch aiccu is neither necessary nor desirable!

You then need to configure a aiccu interface using the EdgeOS CLI. Assuming that you want to establish a tunnel provided by sixxs.net, you only need to set your account's username, password, and the ID of the tunnel you want to establish. To avoid store your sixxs.net password unencrypted in the EdgeOS configuration, consider setting a tunnel-specific password in the sixxs.net webinterface! Then set <username> to <sixxs handle>/<tunnel id> and <password> to the tunnel-specific you specified in the webinterface. Note that you still need to set <tunnel> to the <tunnel id> as well.

Here is an example.

configure
set interfaces aiccu aiccu0 tic tunnel <TIC Tunnel ID>
set interfaces aiccu aiccu0 tic username <TIC username>
set interfaces aiccu aiccu0 tic password <TIC password>
commit

This should bring up the aiccu0 interface. You can check that by doing run show interfaces (or just show interfaces if you have already exited configuration mode). To access the IPv6 internet via your tunnel, you'll need to an IPv6 default route, which you can do with

set protocols static interface-route6 ::/0 next-hop-interface aiccu0
commit

You should now be able to ping arbitrary IPv6 hosts. Try doing run ping6 www.google.com to verify that things work as expected.

Firewalling for incoming, outgoing and local packets is enables as for any other IPv6 interface on EdgeOS, i.e. by doing

set interfaces aiccu aiccu0 firewall in ipv6-name <ruleset>
set interfaces aiccu aiccu0 firewall local ipv6-name <ruleset>
set interfaces aiccu aiccu0 firewall out ipv6-name <ruleset>

If your tunnel provider isn't sixxs.net, you will need to specify the hostname of the tic server to use with

set interfaces aiccu aiccu0 tic server <TIC server>

and set

set interfaces aiccu aiccu0 tic requiretls false

if your TIC server does not support TLS.