[Systems] IPv6 connectivity for Sugar Labs foundation

Daniel Clark dclark at pobox.com
Tue Aug 11 15:39:00 EDT 2009

As long as there would be no cost impact on the FSF or GNAPS, and no
impact to the FSF's IPv4 service, and GNAPS is fine with it, I don't see
why the FSF (who hosts the Sugar Labs foundation server) would have any
objection to that.

Daniel JB Clark   | Sys Admin, Free Software Foundation
pobox.com/~dclark | http://www.fsf.org/about/staff#danny

James Jun wrote:
> Hi folks,
> We should be able to pump native v6 down the VLAN from Towardex router,
> since FSF is a customer circuit.  Let me know if you want to move forward
> with that I'll get the IMT info for v6 on that vlan.
> James
>> -----Original Message-----
>> From: Daniel Jared Domínguez [mailto:danjared at MIT.EDU]
>> Sent: Tuesday, August 11, 2009 1:36 PM
>> To: Daniel Clark
>> Cc: Bernie Innocenti; James Jun; pubservices at occaid.org; 'Sugar Labs
>> Systems'; noc at occaid.org; dan at gnaps.com; Peter Olson
>> Subject: Re: IPv6 connectivity for Sugar Labs foundation
>> Yes, we were able to get to 6to4 working, although that's certainly
>> suboptimal for various reasons compared to native connectivity.
>> I looked at the FSF core router, and it is running a recent enough
>> version of quagga to do v6.
>> The FSF's router has a virtual interface running an IPv4 BGP session
>> with a TowardEX router (remote router ID is I believe
>> it to be doing this on VLAN 1575. I don't know if this can be reused
>> for
>> the v6 link. This physical interface is at least the one we'd probably
>> be using since it is going to the MXP. Sorry that I don't have a
>> circuit
>> ID for you.
>> --Jared
>> On Tue, Aug 11, 2009 at 10:21:12AM -0400, Daniel Clark wrote:
>>> Bernie Innocenti wrote:
>>>> El Fri, 07-08-2009 a las 13:38 -0400, James Jun escribió:
>>>>> OCCAID will be happy to assist.  Where do you need the v6
>>>>> service delivered at, at FSF location or MIT?  If your v6
>>>>> termination equipment is hosted at FSF which is GNAPS
>>>>> facility in Quincy, ask them to run a cross-connect for
>>>>> you to Boston MXP. We can then shoot a vlan across MXP
>>>>> switch fabric from OCCAID POP in Boston/1 Summer Street
>>>>> and hand off v6 to you natively.
>>>> I'm quite unfamiliar with the FSF network equipment at GNAPs, to
>> the
>>>> point that I haven't yet even seen the physical box which hosts the
>>>> main Sugar Labs machine.
>>>> I've been talking with Dan Benson of GNAPs (on cc) to figure out
>>>> what needs to be done.  Danny Clark and Dan Jared of the FSF are
>>>> going to get in contact with him to get the BGP router connected.
>>>> Thanks to everybody for being very helpful.
>>> FYI danjared and bernie got tun6to4 working last night; we had just
>>> missed the need to add a line to iptables on the FSF's BGP router,
>>> ge-core1.qcy.gnu.org [1].
>>> I think they are still looking at OCCAID, which danjared, who seems
>> to
>>> have the most clue in this area, thinks is a much better long-term
>> solution.
>>> [1] /etc/default/iptables-rules change
>>> --- iptables-rules.aug10.from-filesystem	2009-08-10
>> 23:20:16.000000000 -0400
>>> +++ iptables-rules	2009-08-10 23:21:18.000000000 -0400
>>> @@ -28,6 +28,9 @@
>>>  -A input_block -p icmp -m icmp --icmp-type 8 -m limit --limit 5/sec
>> -j
>>> +# bernie and danjared (w/ dclark): allow incoming 6to4 packets
>>> +-A input_block -p ipv6 -j ACCEPT
>>> +
>>>  # Blacklisted hosts
>>>  -A input_block -p tcp -m tcp --dport 80 --src -j DROP
>>> Cheers and thanks to everyone for the assistance,
>>> --
>>> Daniel JB Clark   | Sys Admin, Free Software Foundation
>>> pobox.com/~dclark | http://www.fsf.org/about/staff#danny
>> --
>> Daniel Jared Domínguez
>> email/jabber: danjared at mit.edu
>> pots phone: 617.368.0509

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
Url : http://lists.sugarlabs.org/private/systems/attachments/20090811/af743151/attachment-0001.pgp 

More information about the Systems mailing list