Technical data

ManualsBrandsSamsung ManualsFlat Panel TVPC680-ZA

131

132

133

134

135

136

137

138

139

140

4. Packages

IPV6_TUNNEL_x_PASSWORD This variable contains the password for the username above.

It can’t contain spaces.

Example: IPV6_TUNNEL_1_PASSWORD='passwort'

IPV6_TUNNEL_x_TUNNELID This variable contains the identiﬁcator for the tunnel. The

name of a SixXS tunnel always starts with a capital ‘T’.

Example: IPV6_TUNNEL_1_TUNNELID='T1234'

IPV6_TUNNEL_x_TIMEOUT (optional) This variable contains the maximum waiting time

in seconds for the tunnel to establish. The default setting depends on the tunnel provider.

Example: IPV6_TUNNEL_1_TIMEOUT='30'

Route Conﬁguration

Routes are paths for IPv6 packets. To know the direction in which it should send an incoming

packet the router does rely on a routing table in which this information can be found. In the

case of IPv6 it is important to know where IPv6 packets have to be sent that are not bound

to the local network. A default route is automatically conﬁgured that sends all packets to the

other end of an IPv6 tunnel if IPV6_TUNNEL_x_DEFAULT is set for the relevant tunnel. Other

routes can be conﬁgured here (i.e. to interconnect parallel IPv6 subnets).

IPV6_ROUTE_N This variable sets the number of IPv6 routes to deﬁne. Usually additional

IPv6 routes are not needed.

Default setting: IPV6_ROUTE_N='0'

IPV6_ROUTE_x This variable holds the route in form of ‘target-net gateway’. The target

net has to be speciﬁed in CIDR-notation. For the default route the target net has to

be ::/0. It is not necessary to conﬁgure default routes here that cross a tunnel (see

introduction on this paragraph).

Example: IPV6_ROUTE_1='2001:db8:1743:44::/64␣2001:db8:1743:44::1'

IPv6 Firewall

As for IPv4 a ﬁrewall is needed for IPv6 networks in order to avoid that everyone can reach

each machine in the local network from outside. This is even more important because every

computer in IPv6 normally has a globally unique address which can be permanently assigned

to the machine since it is computed from the MAC address of the network card.

Therefore

the ﬁrewall blocks all requests from outside at ﬁrst and can then be opened by corresponding

entries in this section bit by bit as needed.

The conﬁguration of an IPv6 ﬁrewall corresponds widely to that of an IPv4 ﬁrewall. Special

features and diﬀerences will be explained separately.

PF6_LOG_LEVEL For all chains following the protocol setting in PF6_LOG_LEVEL is active.

Possible values are: debug, info, notice, warning, err, crit, alert, emerg.

An exception exists if the LAN hosts have activated so-called “Privacy Extensions” because then a part of

the IPv6 address is generated randomly. These addresses are by deﬁnition not known outside and thus only

partially or not at all relevant for the ﬁrewall conﬁguration.

139