IPv6 in Ubuntu 12.04

I have been exploring IPv6 for a couple months now. It’s a very interesting subject and will quickly become inevitable. IPv6 is coming and it’s here to stay. I have learned a lot about IPv6 in Ubuntu and Windows. Consider this the first article in a series I’ll be publishing as I learn more. I will not give an introduction to IPv6 here. There are lot of good places to learn about it

IPv6 is enabled by default in Ubuntu 12.04 Precise Pangolin. A Local Link Unicast (link-local) address is configured automatically. If you have Router Advertisement (RA) enabled on a switch or router on your network then Ubuntu will autoconfigure its own Global Unicast Address as well. But how does your /etc/network/interfaces file look? Something similar to below.

auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp

See how you didn’t have to do anything on Ubuntu to get IPv6 working? But let’s dig deeper.

If you still want to be explicit for Ubuntu to use autoconfiguration for IPv6 then edit /etc/network/interfaces.

sudo vim /etc/network/interfaces

And add a line for IPv6 to make the file look similar to below:

auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
iface eth0 inet6 auto

Bring down eth0 and bring it back up.

sudo ifdown eth0

sudo ifup eth0

Static IPv6 Address

What if you wanted to use a static IPv6 address? Just edit your /etc/network/interfaces file and make it look similar to below.

auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
iface eth0 inet6 static
    address 2999:abcd:1234:5678::a157
    netmask 64
    gateway 2999:abcd:1234:5678::1
    dns-nameservers 2999:abcd:1234:5678::20
    dns-search codeghar.com

Privacy Extension

Let’s say you want to enable privacy extension. That’s also quite easy to do.

sudo vim /etc/sysctl.d/10-ipv6-privacy.conf

In this file, make sure you have the following two lines. This will enable privacy extension on all interfaces. By default Ubuntu already has privacy enabled (I think).

net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2

Save the file and exit vim. Now run the following command to enable these settings.

sudo service procps restart

If that doesn’t work then you can restart your computer.

Look at your IPs and you’ll notice something interesting.

ip addr show

1: lo:  mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc pfifo_fast state UP ql en 1000
    link/ether 00:05:06:07:08:09 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.100/24 brd 198.168.1.255 scope global eth0
    inet6 2789:1234:cdef:9876:395e:c9fd:78b4:d863/64 scope global temporary dynamic
       valid_lft 604349sec preferred_lft 85349sec
    inet6 2789:1234:cdef:9876:205:06ff:fe07:0809/64 scope global dynamic
       valid_lft 2591921sec preferred_lft 604721sec
    inet6 fe80::205:06ff:fe07:0809/64 scope link
       valid_lft forever preferred_lft forever

For eth0 you’ll notice two IPv6 addresses with scope global: “scope global temporary dynamic” and “scope global dynamic”. The term “temporary” means that this is a disposable address generated because of privacy extension. It will expire when “preferred_lft” seconds expire and new temporary address will be generated.

Since we chose value 2 in file /etc/sysctl.d/10-ipv6-privacy.conf, these temporary addresses will be used when connecting to other computers.

Security

Do not forget that you now need to maintain two firewalls, one for IPv4 and one for IPv6. I’ll write another post about ip6tables, the firewall for IPv6.

Disable IPv6

I highly recommend to NOT disable IPv6 in Ubuntu. But if you still want to you can.

sudo vim /etc/sysctl.conf

Add three lines to the file.

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

Save the file and exit vim. Now run the following command to enable these settings.

sudo service procps restart

If that doesn’t work then you can restart your computer.

Hat Tips

IPv6 privacy extensions on Linux; Make curl download using non-Privacy extension IPv6 address?; How to be anonymous on IPV6 protocol by not using MAC address in EUI-64?; Disable IPv6 If your Internet is Working Slow in Ubuntu 12.04 Precise Pangolin/Linux Mint 13; IPV6 auto configuration not working

Get Broadcom BCM4311 Working in Ubuntu 12.04

I have had the best luck following Jorge Castro’s steps on getting BCM4311 to work in Ubuntu. The steps are simple.

1. Open Additional Drivers application
2. Remove ‘Broadcom STA Driver’
3. Open Ubuntu Software Center
4. Search ‘bcm’
5. Install ‘Installer Package for firmware for the b43 driver’ (firmware-b43-installer)
6. Reboot your computer

Make sure if there’s a physical switch for Wifi that it’s enabled and after rebooting your machine your wireless should work fine.

I tested this on a Dell Latitude D630. lspci showed the following results for wireless.

0c:00.0 Network controller: Broadcom Corporation BCM4311 802.11b/g WLAN (rev 01)

Ubuntu 12.04 IPv4 NAT Gateway and DHCP Server

Before I begin this post, I want to thank Internet Connection Sharing – Ubuntu 10.04 NAT Gateway Setup (Abridged Version) for providing the bulk of the tutorial. I have made some modifications for Ubuntu 12.04.

The setup is simple: a single Ubuntu server will act as a gateway and DHCP server for a local network. All other machines on the local network will receive their IPs from the DHCP server. To make things easier, I’ll call this Ubuntu server “Skyray” for the rest of the post.

Skyray has two network interfaces, eth0 and eth1. eth0 is on the 10.20.30.0/24 subnet and this is the Internet facing interface. eth1 is on the 172.22.22.0/24 subnet, where all other machines are also present. Basically, eth0 will connect to the Internet and eth1 will serve DHCP requests and act as the gateway.

/etc/network/interfaces

First you need to configure eth0 and eth1 for Skyray. Edit the file and make sure it has at least the following settings (or whatever settings are appropriate for your environment).

sudo vim /etc/network/interfaces

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 10.20.30.77
    netmask 255.255.255.0
    gateway 10.20.30.1
    network 10.20.30.0
    broadcast 10.20.30.255
    dns-nameservers 10.20.30.15 10.20.30.16
    dns-search codeghar.com

auto eth1
iface eth1 inet static
    address 172.22.22.1
    netmask 255.255.255.0
    network 172.22.22.0
    broadcast 172.22.22.255

/etc/sysctl.conf

You need to enable IPv4 forwarding. To do so, edit this file.

sudo vim /etc/sysctl.conf

And uncomment the line

# net.ipv4.ip_forward=1

so that it now appears as

net.ipv4.ip_forward=1

Save the file and run the following command to make the change effective without a reboot.

sudo sysctl -w net.ipv4.ip_forward=1

/etc/rc.local

You’ll need to allow iptables rules for NAT to work. Edit the file and save it.

sudo vim /etc/rc.local

Make sure the following two lines appear before the exit 0 line in the file.

/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE

To make these iptables rules active without rebooting, run the following commands:

sudo iptables -P FORWARD ACCEPT

sudo iptables –-table nat -A POSTROUTING -o eth0 -j MASQUERADE

Install DHCP server

sudo aptitude install isc-dhcp-server

/etc/dhcp/dhcpd.conf

Configure your newly installed DHCP server. Edit the file and save.

sudo vim /etc/dhcp/dhcpd.conf

The file is very well commented and you can learn a lot reading it. Just make sure it has at least the following configuration.

ddns-update-style none;

# option definitions common to all supported networks...
option domain-name "codeghar.com";
option domain-name-servers 10.20.30.15, 10.20.30.16;

default-lease-time 3600;
max-lease-time 7200;

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;

# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;

# This is a very basic subnet declaration.

subnet 172.22.22.0 netmask 255.255.255.0 {
  range 172.22.22.21 172.22.22.250;
  option subnet-mask 255.255.255.0;
  option broadcast-address 172.22.22.255;
  option routers 172.22.22.1;
}

/etc/default/isc-dhcp-server

We want to serve DHCP only on eth1 interface to we need to configure it that way. Edit the file and save it.

sudo vim /etc/default/isc-dhcp-server

The line will look like this before you change it

INTERFACES=""

And after you change it, it will look like this:

INTERFACES="eth1"

Now you should stop and start the DHCP server.

sudo service isc-dhcp-server stop (if the service is already running; skip if it’s not running)

sudo service isc-dhcp-server start

Conclusion

Now any machines you have on the 172.22.22.0/24 network will get their IP address from Skyray if they are set to DHCP. And Skyray will also serve as their gateway.

Politics and Pragmatism in Using Linux Distributions

Recently I’ve been making decisions on which Linux distribution deserves my support when I write how-to or similar articles. I started my journey with Ubuntu. Out of all, this is the distribution closest to my heart and may be it always will be. I ventured into CentOS for work-related reasons and found it to be a workhorse. I forayed into Fedora on a netbook with some success. I have had to use a bit of SLES for more work-related stuff. And I have been attracted to, used, and migrated businesses to Debian. Both politics and pragmatism have played a part each time I used a distribution. And thus this post.

You can see from my recent posts that I have made a decision to go with Fedora. It was mostly for political (philosophical) reasons but also for pragmatism (cutting-edge technology, etc.). When the time came for me to choose something other than Debian or Ubuntu, I chose Fedora over openSUSE mainly for philosophical reasons. And I’ve been re-evaluating my decision ever since.

I am very happy I picked Fedora. It’s making bold decisions in the future direction of a Linux distribution, especially with the two most controversial and highly-debated steps: /usr unification and systemd. I have started using Fedora 17 alpha and find systemd a joy to use. I only care about systemctl enable/disable or systemctl start/stop as a user (or sysadmin) and it does exactly what I want it to. Much better than chkconfig, service or invoke-rc.d. The /usr unification hasn’t affected me so much so far. Package availability has also been excellent for the server use cases to which I have put Fedora 17.

Fedora seems like a good fit for me for now. But a second question still remains: which distribution should I recommend to others for home/workstation use when asked? My gut feeling is Ubuntu because they do a lot of good work for this sort of user. I’m also well-versed in it so I can provide ample support if required. But I also want to provide a different answer for users who don’t want to use Ubuntu. A very valid answer for this would be Linux Mint but it’s so similar to Ubuntu that it might not be an option in some cases. This leaves a few distributions that I would really like others to use (if only because they’ll come to me for answers most of the time).

The first distribution is openSUSE. Yes, I have some misgivings about the whole openSUSE, SUSE, and Microsoft triangle. But purely on technical merits is openSUSE good enough to replace Ubuntu as my default recommendation for others? This is a question I have asked myself and the one I’ll try to answer over the next few months. I’ve decided to be pragmatic about this particular case rather than political. I’m willing to be pragmatic if openSUSE can bring in new users to Linux like Ubuntu has done for a while. It’s a tall order but openSUSE looks like a good candidate from where I stand.

The other distribution I may recommend is Mageia. It’s on its way to the second release. These people have a very pragmatic, user-centric approach to their distribution and them being a community allays many misgivings I have about openSUSE. Technically they also appear to be sure-footed and thus deserve the support of people like me. Maybe Mageia can serve Ubuntu’s role of bring new users to Linux.

I wouldn’t recommend Fedora because of two things: (a) hardware support can mean using other repositories (such as RPMfusion); and (b) it’s too bleeding-edge to keep users on it for a while without too many issues.

Now that I have to give up my moral high ground, how does it feel? Very liberating, actually. When I use FreeBSD license instead of GPL, I consider the freedom of people over freedom of code. So why should I take such hard stances when it comes to Linux? People should matter more than code or a distribution. If Ubuntu or openSUSE are not ideal Linux ecosystem participants, they are productive and willing participants nonetheless. It may be about time I gave up on idealism and focus more on doing good for more people.

Ubuntu is Not Evil

Ubuntu is certainly not evil or sinister. Nor, by extension, is Canonical. Sure they have a different approach that may not fit into everyone’s ideal way of doing things. But the things they are doing are not bad, bad stuff.

The biggest issue I feel with Ubuntu is that they take a ‘my way or the highway’ approach. To some extent this is necessary when it’s time to focus on a goal. Take Unity, for example. With each iteration things have become better, decisions have been reversed, and new ideas explored. If its project leaders, designers, programmers, etc. had been disheartened at the negative feedback, they didn’t show it outright and kept on working. People may not like it (I certainly have a hard time using it) but the work continues to this day, providing an alternative desktop environment with a different set of goals. This focus and dedication can only be achieved with a ‘my way or the highway’ approach. Others, like KDE and GNOME, have done the same and made some revolutionary changes in the process. But giving more control to the community (like Fedora), they can solve this issue.

I also feel that most Ubuntu’s work does not get adopted by a wider community beyond Ubuntu. Other distributions rarely use Ubuntu’s code within their ecosystems. I see an example of Ubuntu working with Cobbler (from Fedora) and using it as part of their Orchestra ecosystem but I don’t see Orchestra being adopted by OpenSUSE in turn. There doesn’t seem to be an effort on Ubuntu’s part to champion their technology to become a part of the Linux distribution community.

Another issue I have with Ubuntu is that their focus is too wide and not deep enough. I really can’t tell if Ubuntu wants to be a consumer OS (phones, tablets, TVs, etc.), a desktop OS (home, business, etc.), or a server OS (home, enterprise). There are certainly people working on all these things simultaneously and they are doing a fantastic job. But when I recommend Ubuntu to someone I really don’t know if their focus on consumers affects Ubuntu as an enterprise server OS. Ubuntu is trying too hard to be something for everyone and sometimes that doesn’t work out.

Of course, all these issues are my perception and it might be because I don’t closely follow the Ubuntu universe. But as a partially involved user this is how I feel. These issues do not make Ubuntu or Canonical evil but they do make it harder for me to adopt Ubuntu as my first choice when picking distributions (although more often than not I default to Ubuntu anyways).

I have deployed Ubuntu (pre-Unity) on the desktop for myself and others. I have used it as a server for different web applications. My own VPS is currently running Ubuntu 11.10 server and has been since Ubuntu 10.10. So I have nothing against Ubuntu as such.

I love Ubuntu’s pragmatism. I would love for only open source and free software to be the dominant way of writing code but it’s not practical. You can’t have $400 billion companies based only on open source or free software. So when Ubuntu recognizes this and provides non-free firmware proprietary drivers and applications, I just love it. They also focus on building on the hard work of others (Debian, Fedora, etc.) and making things easier for certain people.

Canonical is not Red Hat, and I believe they shouldn’t even try to be. Red Hat decided some time ago that to become a billion dollar company they would have to charge for the compiled binaries while giving access to the source code for free; perfectly valid and follows the free software and open source principles. Ubuntu, not yet a billion dollar company, has decided that source code and compiled binaries should be accessible without any charge. No one doubts the contribution of Red Hat to the Linux distribution community while Canonical has yet to gain that respect. If Canonical can take care of the three issues mentioned in this post, I believe they can go a long way toward becoming another billion dollar (and beyond) Linux distribution company. It may also help get Ubuntu and Canonical a more positive image within the community, getting more users and contributors on board.

Install Freeswitch on Ubuntu Server

I have started learning Freeswitch today and will document all the thing which I need to run the Freeswitch in this way I can keep track of my learning path and at the same time have reference guide for myself and others.

Freeswitch can be installed on Linux and Windows. It is up to the user which platform he is comfortable with. I personally prefer linux. I have choose Ubuntu Server 10.04 32-bit to run on my VirtualBox.

Let get start with the Installation.

Step 1.
Download Ubuntu Server 10.04 from “http://www.ubuntu.com/download/server/download” and and install the base system with ssh only to manage it remotely.

Step 2.
Install Freeswitch from repository.
For Ubuntu Server version 10+ run this command first.
2.a. freeswitch@localhost~: sudo apt-get install pkg-config
2.b. Run following command from linux prompt
sudo apt-get install python-software-properties
sudo add-apt-repository ppa:freeswitch-drivers/freeswitch-nightly-drivers
sudo apt-get update
sudo apt-get install freeswitch freeswitch-lang-en freeswitch-sounds-en-us-callie-8000
Freeswitch installed at /opt/freeswitch/

Step 3.
Fix the permissions
chown -R user:group /opt/freeswitch

Step 4.
Enable the freeswitch by editing the file called freeswitch located at /etc/default to true
FREESWITCH_ENABLED=”true”

Step 5.
To run Freeswitch use this command.
Goto directory /opt/freeswitch/bin/ and run
./freeswitch
you will get the prompt
freeswitch@user>
Run some command to test such as
>version
>status

Thanks,
Sh
Reference: www.freeswitch.org