New on LowEndTalk? Please Register and read our Community Rules.
Any tutorials for setting up wireguard ipv6 tunnel broker?
Hello all,
I had a routed /48 IPv6 from WH24 vps (A) and recently had another vps (B) only has ipv4 available. So, I would like to set up a wireguard tunnel to provide a /64 ipv6 to vps (B). Had tried a few times but never got any success. Any helps or tutorials are appreciated.
Thanked by 1BasToTheMax
Comments
https://github.com/oneclickvirt/6in4
Use this as an alternate option? Refer to the implementation here?
Any reason(s) for not using HE's Tunnel Broker?
something in one of my vps can not use sit interface (VZ7) ... or for OP maybe limited tunnel bandwith from HE ?
HE's sit tunnel works perfectly. Just want to learn how to setup a wireguard tunnel as I saw route48 used wireguard when I had an account there.
Assuming A has routed prefix 2001:db8:b4e3::/48 and IPv4 192.0.2.1, and B has IPv4 192.0.2.2.
A side
[Interface]
Address=2001:db8:b4e3:9400::/56
PrivateKey=pvtA
ListenPort=51820
MTU=1420
[Peer]
PublicKey=pubB
AllowedIPs=2001:db8:b4e3:9406::/64
Endpoint=192.0.2.2:51820
B side
[Interface]
Address=2001:db8:b4e3:9406::1/64
PrivateKey=pvtB
ListenPort=51820
MTU=1420
[Peer]
PublicKey=pubA
AllowedIPs=2000::/3
Endpoint=192.0.2.1:51820
My best push-up king! Can you also recommend a provider with routed /48? I was told by Limewave their /48 is not routed. I have a WH24 but currently it's used for another project. Any other suggestion with similar prices (less than $15/y)?
This might help, although just to note, make sure they offer /48 as this list only requires /64:
https://lowendtalk.com/discussion/comment/3720306#Comment_3720306
August Internet is free
but they require ASN...
WireGuard tunnel takes very little resources, so that you can pack it into the same server.
Just follow your way to setup two wireguard in both VPSes. But had an issue. From server VPS A, I can ping 2001:db8:b4e3:9406::1 which assigned to client VPS B. I added 2001:db8:b4e3:9406::2 in client VPS B and I'm able to ping 2001:db8:b4e3:9406::2 from server VPS A as well. Both ping's are about 150ms so I think the tunnel had been established.
However, I found I still cannot doing any IPv6 related things from client VPS B. Cannot ping6 to google.com (but I'm able to get the IPv6 address of google.com). Cannot catch my IPv6 address via curl -6 ip.sb
Can you please explain a little bit more on my issue?
Thank you my push-up king.
A side needs another instruction to enable forwarding:
[Interface]
PostUp=sysctl net.ipv6.conf.all.forwarding=1
I forgot about this because Docker does this automatically in my servers.
Hello, the issue happened when I enabled ipv6 forwarding in /etc/sysctl.conf. I tried to add it to A side as you mentioned but the issue looks like same.
Does ipv6 tunnel using the sit/gre/ipip protocol do what you need?
Hello, I'd prefer wireguard for learning purpose. I believe I missed some iptables rules so the traffic cannot be forwarded.
https://blog.frehi.be/2022/06/11/setting-up-wireguard-vpn-with-ipv6/
Hope it helps you