分类 默认分类 下的文章

  • 最近看到相关的信息居多,然后很多机器没有IPV6的地址
  • 然后兴趣使然,研究了一个上午,顺便把教程给写了出来
  • 大家有兴趣的话可以来看看,我看看还有哪些内容需要进行补充的
  • 因为是刚写完的教程,了解的不多,有错误点帮忙指正一下

奇怪的想法[待测试]

  • 国内自建Moon节点
  • 然后自己家的移动是带/64的PD的
  • 那我是不是就可以把自己的家的IPV6下发给国内的VPS了呢!!!

文章大纲

  • 创建HE账户、就近创建隧道
  • 机器设置HE Tunnel、创建对应的网卡
  • 创建Zerotier One账户,并且设置对应的IPV4+IPV6地址
  • 机器加入Zerotier Network自动分发地址
  • docker-compose 启动Zerotier-cli客户端
  • 一个HE账户
  • 一台Linux系统,文章为Debian11
  • 一个可用的 /48 `/64` PD的IPV6,文章使用HE免费IPV6

设置机器的sysctl.conf

echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
echo "net.ipv4.conf.all.forwarding = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.default.forwarding = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.forwarding = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.proxy_ndp = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.accept_ra = 2" >> /etc/sysctl.conf

sysctl -p

使用HE 创建隧道

创建完成之后,会获得一个IPV6 /64的网络块
只有热门的地区才能申请/48的网络块

IPv6 Tunnel Block
这里获取到了一个IPV6的地址
Routed IPv6 Prefixes : 2001:470:36:826::/64

IPv6 Tunnel Endpoints
Server IPv4 Address:216.218.221.42
Server IPv6 Address:2001:470:35:826::1/64
Client IPv6 Address:2001:470:35:826::2/64

机器设置IPV6地址

  • 将显示出来的内容复制下来,下面需要用到

连接到自己的debian系统

  • vim /etc/network/interfaces
  • local 10.10.201.213 修改为自己机器的外网网卡的IP,建议显示什么就填什么
  • 建议将IPV4的 allow-hotplug 设置为 auto 否则重启网卡概率会失联

重启网卡

方法一 [基本] [建议使用]

/etc/init.d/networking restart

方法二 [简单]

![](https://www.gcore.icu/wp-content/uploads/2024/01/image-1705045526945.png)

**借助itdog查询地址**
查询地址 : https://www.itdog.cn/ping_ipv6/2001:470:35:826::2
![](https://www.gcore.icu/wp-content/uploads/2024/01/image-1705045535706.png)

**成功获取到可用IPV6**
**因为有延迟返回,所以该地址是成功设置上的了**

## 使用Zerotier One来广播IPV6

 - 只要连接上zerotier one的所有机器,都可以获得一个ipv6的公网地址
 - 建议国内用户不要这么操作,体验很差,国外的机器没有ipv6都可以获得一个不错的体验
 - 创建 [Zerotier One
   账户](https://www.nodeseek.com/jump?to=https%3A%2F%2Fmy.zerotier.com%2F)
 - 创建网络,由下图可见 Network ID为 `856127940cf3995d`
![](https://www.gcore.icu/wp-content/uploads/2024/01/image-1705045552453.png)
**提前规划好 内网 IPV4 + IPV6 以及公网IPV6
内网IPV4**
> 我这边使用的是
> 100.64.251.1~100.64.251.254
> 你们可以自行设置,无需和我一样,任意设置即可
![](https://www.gcore.icu/wp-content/uploads/2024/01/image-1705045585829.png)
**内网IPV6**
 - 两个选项默认打开,无需修改任何
 - 记住`ZeroTier RFC4193`这个后续路由需要用到

ZeroTier 6PLANE (/80 routable for each device)

公网IPV6 HE Tunnel

  • 回到HE找到Routed IPv6 Prefixes的地址 本文以/64 作为演示
  • Routed IPv6 Prefixes : 2001:470:36:826::/64

借助IPV6在线计算器

信息地址
第一个IP地址2001:0470:0036:0826:0000:0000:0000:0000
最后的IP地址2001:0470:0036:0826:ffff:ffff:ffff:ffff
子网掩码中的位数64

路由设置

目标地址类型路由地址备注
100.64.251.0/24(LAN) 默认存在
::/0Viafd85:6127:940c:f399:5d99:934e:16b3:f508下文会提及这个地址
2001:470:36:826::/64(LAN)

HE Tunnel机器加入Zerotier

  • 856127940cf3995d 是自己创建的Network ID上文有提及
curl -s https://install.zerotier.com | sudo bash
sudo zerotier-cli join 856127940cf3995d
sudo zerotier-cli set 856127940cf3995d allowGlobal=true
sudo zerotier-cli set 856127940cf3995d allowDefault=1

查看Zerotier Webui的机器信息

  • 会自动两个内网的IPV6地址
  • 会自动分配一个内网的IPV4地址
  • 会分配一个HE Tunnel /64 的地址

请注意下图红框的地址

  • 红框的地址为 ZeroTier RFC4193 (/128 for each device) 的地址
  • 在路由设置的 Via中需要用到,自行替换

配置IPV6广播
安装 ndppd
apt-get -y install ndppd
/etc/ndppd.conf

  • ens18 替换为自己的外网网卡地址
route-ttl 30000

address-ttl 30000

proxy ens18 {
   router yes
   timeout 500
   autowire no
   keepalive yes
   retries 3
   promiscuous no
   ttl 30000
   rule 2001:470:36:826::/64 {
      auto
      autovia no
   }
}

重启服务,验证

sudo systemctl restart ndppd
sudo systemctl status ndppd

你会发现有Error 不要慌,再重启一次

正常了

其他的机器加入zerotier one 测试IPV6

以亚马逊AWS Debian为例

curl -s https://install.zerotier.com | sudo bash
sudo zerotier-cli join 856127940cf3995d
sudo zerotier-cli set 856127940cf3995d allowGlobal=true
sudo zerotier-cli set 856127940cf3995d allowDefault=1

查看信息

root@ip-172-31-2-228:~# ifconfig
ens5: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 9001
        inet 172.31.2.228  netmask 255.255.240.0  broadcast 172.31.15.255
        inet6 fe80::87b:d8ff:fee5:87d6  prefixlen 64  scopeid 0x20<link>
        ether 0a:7b:d8:e5:87:d6  txqueuelen 1000  (Ethernet)
        RX packets 33376  bytes 38576966 (38.5 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 11951  bytes 1224372 (1.2 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 258  bytes 26489 (26.4 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 258  bytes 26489 (26.4 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ztcfw5idkr: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 2800
        inet 100.64.251.215  netmask 255.255.255.0  broadcast 100.64.251.255
        inet6 2001:470:36:826:0:c2:a026:26f5  prefixlen 64  scopeid 0x0<global>
        inet6 fc89:92be:c9c2:a026:26f5::1  prefixlen 40  scopeid 0x0<global>
        inet6 fd85:6127:940c:f399:5d99:93c2:a026:26f5  prefixlen 88  scopeid 0x0<global>
        inet6 fe80::5c5b:53ff:fe2a:b2d2  prefixlen 64  scopeid 0x20<link>
        ether 5e:5b:53:2a:b2:d2  txqueuelen 1000  (Ethernet)
        RX packets 1948  bytes 2811480 (2.8 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 871  bytes 85221 (85.2 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

可以看到已经获取到了IPV6
地址为 2001:470:36:826:0:c2:a026:26f5

借助ITdog进行测试

aws机器安装nginx测试IPV6访问情况

apt-get -y install nginx

借助ITdog进行测试 Nginx

zerotier docker容器内运行

docker-compose.yaml
version: '3'
services:
  zerotier-one:
    image: henrist/zerotier-one
    container_name: zerotier-one
    restart: unless-stopped
    network_mode: host
    cap_add:
      - NET_ADMIN
      - SYS_ADMIN
    devices:
      - /dev/net/tun
    volumes:
      - ./zerotier-one:/var/lib/zerotier-one
  • 剩下的内容懂得都懂了!
  • 不建议国内的机器这么玩,体验一定不好
  • 别问我ipv6有什么用,问就是没啥用,就是玩

完美结束

感谢下列网站提供的资料

A New Beginning of Freedom, Equality, and Love

On January 11, 2024, a new force emerged in the digital realm - the 369' Blog. Founded on the principles of freedom, equality, and love, the establishment of the 369' Blog signifies the birth of a new online community, a platform that gathers individuals from all walks of life, igniting sparks of thought.

Freedom is the cornerstone of the 369' Blog. Here, people can express their thoughts freely, share viewpoints without constraints of any ideological shackles. Whether you're an ordinary individual, scholar, artist, or entrepreneur, the 369 Blog welcomes your participation, providing you with a space to speak your mind openly.

Equality is the core value of the 369' Blog. Here, everyone is equal, regardless of background or status, finding their place on this platform. At 369' Blog, every voice is valued, every viewpoint respected, striving for genuine equality and inclusivity.

Love is the soul of the 369' Blog. Here, people not only share their thoughts but also care about others' feelings, actively engaging in community building and development. The 369' Blog is not just an information dissemination platform but also a warm and caring family, where every member finds a sense of belonging and warmth.

The establishment of the 369' Blog marks a new beginning in the digital world. On this platform, people can unleash their creativity, explore unknown realms, and make like-minded friends. Freedom, equality, and love are not just slogans of the 369' Blog but also the shared beliefs and pursuits of every participant.

Let's join hands and witness the growth of the 369' Blog together, building a more free, equal, and loving online community!