IPV6 tunneling on vpsfree: Difference between revisions

vpsFree.cz operates its own tunneling server, through which it is possible to obtain an IPv6 tunnel to places where IPv6 has not yet been introduced.

On June 6, 2017, the operation of the SixXS tunneling platform was terminated. It was the only one that provided a tunneling server in Prague that could be used even without a public IPv4 address. Although SixXS's argument is understandable, there are situations where it is simply not possible to ask a provider for IPv6 connectivity, and often it is not even possible to change providers.

If a public IPv4 address is available, it is possible to arrange a tunnel from HE.net, which works quickly and reliably. Our service therefore mainly focuses on situations where there is not even a public IPv4 address in the place. Unfortunately, the sixxsd software, which formed the server part of the SixXS tunneling platform and was able to efficiently handle hundreds of tunnels, was never released as Open Source and was not published for a long time. So it was necessary to look for another solution.

It is possible to use the modern WireGuard tunneling protocol. It offers encryption and authentication, but also great performance compared to OpenVPN. UDP traffic on port 51820 is used. Each client authenticates with a pair of public and private keys. Each client is statically assigned one connecting IPv6 address and a subnet with a prefix length of /48.

Each tunnel will have an expiration date set for one year after establishment, after which it is deconfigured. Therefore, an extension must be requested for uninterrupted operation. The intention of this inconvenient measure is for every user to write to their connection provider at least once a year about the status of IPv6 support. Note: this feature is not yet implemented. Any deconfiguration in the future will be preceded by several email warnings.