6IN4(8)                                                   6IN4(8)

     NAME
          6in4, ayiya - configure and run automatic or manual tunnel
          of IPv6 through IPv4

     SYNOPSIS
          ip/6in4 [ -ag ] [ -x netmtpt ] [ -o outnetmtpt ]  [ -i
          local4 ] [ local6[/mask] [ remote4 [ remote6 ] ] ]
          ip/ayiya [ -g ] [ -x netmtpt ] [ -k secret ] local6[/mask]
          remote4 remote6

     DESCRIPTION
          6in4 sets up and maintains a 6to4 tunnel of IPv6 traffic
          through an IPv4 connection.  Ayiya is similar, but uses the
          UDP based Anything In Anything protocol to tunnel IPv6 traf-
          fic.

          Local6 and mask define the IPv6 address and subnet of the
          near end of the tunnel (mask defaults to `/128' for a
          single-host tunnel).  If local6 is missing or `-', it
          defaults to

               2002:aabb:ccdd::1/48

          where aa, bb, cc and dd are the hexadecimal equivalents of
          the bytes a.b.c.d in this host's primary IPv4 address.

          Remote4 is the IPv4 address of the far end of the tunnel
          (must be given explicitly for a configured tunnel, or
          defaults to the anycast address 192.88.99.1 for 6to4).

          Remote6 is the IPv6 address of the far end of the tunnel
          (used as the point-to-point destination for routing, and
          defaults to a link-local address constructed from remote4).

          The program forks a pair of background processes to copy
          packets to and from the tunnel.

          Options are:

          -a  for 6in4, permit any remote IPv4 address as the far end
              of a tunnel.  This is likely to be useful for the server
              side of a tunnel.
          -i  for 6in4, define what is the local IPv4 address, other-
              wise it takes the first non-loopback address of the out-
              side IP stack.
          -g  use the tunnel as the default route for global IPv6
              addresses
          -x  use the network mounted at netmtpt instead of `/net' for
              binding the tunnel interface and sending/receiving IPv4
              packets.

     6IN4(8)                                                   6IN4(8)

          -o  for 6in4, use outnetmtpt for the IPv4 packets but bind
              the IPv6 interface on `/net' or netmtpt when specified
              by a previous -x option.
          -k  for ayiya, use the shared secret key secret to authenti-
              cate messages on the tunnel.

     EXAMPLES
          If your primary IPv4 address is public, you can start a 6to4
          tunnel simply with

               ip/6in4 -g

          Similarly, you can start a server for 6to4 tunnels with

               ip/6in4 -ag

          If you use a tunnel broker at address `5.6.7.8', configured
          to give you a `/64' subnet with address
          `2001:1122:3344:5566::', you can start the tunnel with

               ip/6in4 -g 2001:1122:3344:5566::/64 5.6.7.8

     FILES
          /net/ipmux  access to IPv6-in-IPv4 packets
          /net/ipifc  packet interface to IPv6 network

     SEE ALSO
          bridge(3), ipmux in ip(3), linklocal in ipconfig(8)
          /lib/rfc/rfc3056
          /lib/rfc/rfc3068
          http://tools.ietf.org/id/draft-massar-v6ops-ayiya-02.txt

     BUGS
          Needs a kernel with an ipmux driver.

          The tunnel client filters addresses fairly conservatively in
          both directions.  However it's not watertight, and may be
          flakey in other ways so don't put too much trust in it.