So far I've made it through the professional cert with a score so far of 585. To get there I had to set up my tunnel, prove I had IPv6 connectivity to the world, configure DNS entries (AAAA, PTR, MX), a web server, and a mail server and they all had to work. The next step in the cert process is "guru" and I believe I have to create subdomains, etc. What a great program, and it's free!!
I have one little problem yet to figure out that isn't really related to the Hurricane Electric cert process. I got a /48 route-able network and I peeled off a /64 from it hoping to use that in my DMZ. I configured radvd to issue addresses on my DMZ interface on my firewall in addition to the LAN interface but have yet been able to get my DMZ boxes to auto-configure an address. It's gotta be something with my shorewall configuration on my router but I can't quite pin it down.
Oh, I also created a script to update my tunnel end point on HE and bring up my tunnel after starting shorewall.
- Code: Select all
IPV4ADDR=`cat /var/run/shorewall.ip | tr -d '\n'`
wget --no-check-certificate -O - "https://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=$IPV4ADDR&pass=$MD5PASS&user_id=$USERID&tunnel_id=$GTUNID" 2> /dev/null > /tmp/he.net
ip tunnel add he-ipv6 mode sit remote 22.214.171.124 local $IPV4ADDR ttl 255
ip link set he-ipv6 up
ip addr add 2001:a:b:c::2/64 dev he-ipv6
ip route add ::/0 dev he-ipv6
Go here for explanation of the variables:https://ipv4.tunnelbroker.net/ipv4_end.php