Linux - Red Hat
The Machines are installed with the latest version of Cern's standard Linux operating system [Linux 2.4.9-31.1.cern] and the latest version of Cern's standard Red Hat [Red Hat Release 7.2.1]. Hereafter follows a detailed list of recommendations in how to install correctly the operating systems and how to enable the IPv6 compatible services.
The Following Steps have to be Performed to Configure a Red Had Linux System
o Linux & Red Hat Installation
o Patch the Linux Kernel
o Compile the Linux Kernel
o Customize the Boot Sequence
o Enable the IPv6 Capabilities
o Disabling IPv4 Capabilities
o Checking & Troubleshooting
Linux & Red Hat Installation
Install Cern's standard Linux operating system according to the recommendations explained in the web pages provided by Cern's Linux Support team. The boot sequence of Cern's PCs is controlled by 'Grub' instead of 'LILO'.
Patch the Linux Kernel
The Linux kernel should be patched with the 'addconf.c.diff' patch introduced by 'Stig Venaas'. The purpose of the patch is to improve the decision making by the kernel on which source address to use when transmitting IPv6 packets over the network. The patch introduces two new criteria: (1) try to avoid 6to4 source addresses when the destination is not a 6to4 address and (2) if several valid source addresses exist, use the source address with the longest common prefix with the destination address.
To be able to install the path in the Linux kernel, one needs to obtain the source code of the Linux kernel 2.4.19 that is available on the Linux Kernel Archives web site. To install this new Linux kernel in your machine, perform the following steps:
Expand the Linux Kernel's Source Files prompt> cd /usr/src/ prompt> gunzip linux-2.4.19.tar.gz prompt> tar xvf linux-2.4.19.tar Rename the Just Created Directory prompt> mv linux-2.4.19 linux-2.4.19-ipv6 Create the Symbolic Link '/usr/src/linux' prompt> ln -s linux-2.4.19-ipv6 linux Install the Patch for IPv6 prompt> cd /usr/src/linux/net/ipv6/ prompt> cp -p addrconf.c addrconf.c.orig prompt> patch addrconf.c addrconf.c.diff
Compile the Linux Kernel
The 'Makefile' script in the '/usr/src/linux/' top-directory should be slightly modified before issuing any of the subsequent "make" commands. The value of the "KERNELRELEASE" variable should be unique for each specific configured kernel. This is to avoid that kernels with different configurations do not use overlapping directories [such as the loadable modules directories in '/lib/modules/']. It is also a good practice to give it a sensible name as it will appear in the output of the "uname -a" command.
Change the Variable in the 'Makefile' |EXTRAVERSION = -ipv6 Make the Installation Clean prompt> cd /usr/src/linux/ prompt> make mrproperConfigure the Kernel
Before compiling the new kernel, one needs to customize the '.config' file. This can be done via an interactive screen customization program using X11 by executing the "make xconfig" command, or via a terminal menu-oriented program by executing the "make menuconfig" or at last, via an interactive line oriented question/response program by executing the "make config" command. One can also copy the '.config' file from another systen that was already configured in the correct way.
The following configuration changes are mandatory. In the "Code maturity level options" menu select the "Prompt for development and/or incomplete code/drivers" sub-menu item. Next, in the "Networking options" menu select "The IPv6 protocol (experimental)" sub-menu item, the "Network packet filtering (replaces ipchains)" sub-menu item [not mandatory] and under "Network testing" select the "Packet Generator (use with caution)" sub- sub-menu item [also not mandatory]. This will set the following directives in the '.config' file:
|CONFIG_EXPERIMENTAL=y [Mandatory] |CONFIG_IPV6=y [Mandatory] |CONFIG_NETFILTER=y |CONFIG_NET_PKTGEN=y
Important Note: In case one wants to install DSTM (Dual Stack Transition Mechanism) on the system, one needs to run a kernel in which "IPv6" is implemented as a module! Thus the value of the 'CONFIG_IPV6' variable should be mandatory changed from 'y' [yes] to 'm' [which stands for 'module'].
Examples of Typical '.config' Files:
o
IPv6 Compiled in the Kernel Code
o
IPv6 Available as a Loadable Module
Create All Dependencies prompt> make dep Compile & Link the Kernel prompt> make bzImage
The "make install" command compiles and links all loadable modules. The "make modules_install" command copies all the newly made modules into sub-directories of the '/lib/modules/2.4.19-ipv6/' main loadable module directory. Note that the name of the latter sub-directory is nothing else than the value associated to the "KERNELRELEASE" variable in the 'Makefile', as modified accordingly before issuing any of the above "make" commands [see first chapter in this section].
Compile, Link & Install Loadable Modules prompt> make modules prompt> make modules_install
Customize the Boot Sequence
Copy the Kernel to the Boot Directory prompt> cp -p arch/i386/boot/bzImage /boot/vmlinuz-2.4.19-ipv6
Finally change the 'Grub' configuration appropriately. The 'Grub' configuration can be found in the "/boot/grub/grub.conf" file. An example of the lines to be added to the 'Grub' configuration is given below. Note also that you should deposit an appropriate 'initrd' image in the '/boot' directory.
title Red Hat Linux (2.4.19-ipv6)
root (hd0,0)
kernel /vmlinuz-2.4.19-ipv6 ro root=/dev/sda2
initrd /initrd-2.4.19-ipv6.img
Enable the IPv6 Capabilities
System files have to be modified such to enable the IPv6 capabilities. Enabling IPv6 networking is performed by modifying the 'hosts' file and the 'network' file. Enabling IPv6 address resolution is performed by changing the 'resolv.conf' file.
Enabling IPv6 Networking
The IPv6 'localhost' address should be added in the 'hosts' file. IPv6 specific directives have to be added into the 'network' file to make IPv6 initialisation to happen at boot time. Note that the 'NETWORKING' directive is mandatory for IPv4 and IPv6. If omitted, no networking will be started at all, nor for IPv4, nor for IPv6!
'/etc/hosts' |::1 localhost.localdomain localhost |127.0.0.1 localhost.localdomain localhost '/etc/sysconfig/network' |NETWORKING=yes |NETWORKING_IPV6=yes |IPV6INIT=yes
Enabling IPv6 Address Resolution
IPv6 specific name-servers have to be added for the IPv6 address resolution to work. Note that it is possible to configure a name-server such that it simultaneously deals with IPv4 and IPv6 address resolution requests. Refer to the 'BIND' service for more details on this particular aspect.
'/etc/resolv.conf' |search <ipv6-domain-name> <ipv4-domain-name> |nameserver <1st-nameserver> |nameserver <2nd-nameserver> |nameserver <3rd-nameserver>
Disabling IPv4 Capabilities
If one wants that the machine becomes an IPv6-Only machine, then one needs to disable the IPv4 networking while maintaining the IPv6 networking. This can be obtained by removing various directive statements from files that control the initial networking capabilities at boot time.
Disabling IPv4 networking is performed by modifying the 'hosts' file, the 'network' file and the multiple interface related files 'ifcfg-<intfce>'. Disabling IPv4 address resolution is performed by changing the 'resolv.conf' file.
Disabling IPv4 Networking
The 'host-name' should be removed from the 'hosts' file as well as the IPv4 'localhost' entry. The 'gateway' and the 'netmask' must be removed from the 'network' file. The 'ip-address' and 'netmask' must be removed from the multiple interface related files.
'/etc/hosts' |::1 localhost.localdomain localhost |# 127.0.0.1 localhost.localdomain localhost |# <IPv4-Addr> <mach-name>.<domain-name> <mach-name> '/etc/sysconfig/network' |HOSTNAME=<host-name>.<domain-name> |# GATEWAY=<gw-add> |# GATEWAYDEV=<gw-dev> |# NETMASK=<mask> '/etc/sysconfig/network-scripts/ifcfg-<intfce>' |# IPADDR=<ipv4-addr> |# NETMASK=<net-mask>
Disabling IPv4 Address Resolution
Remove all IPv4 specific nameservers from the 'resolv.conf' file, as well as the search for the IPv4 domains. Refer to the 'BIND' service for more details on this particular aspect.
'/etc/resolv.conf' |search <ipv6-domain-name> |nameserver <1st-ipv6-nameserver> |nameserver <2rd-ipv6-nameserver>
Checking & Troubleshooting
Reboot the machine with the new IPv6 capable kernel and its customized IPv6 environment. During the boot sequence one will observe the IPv6 related informational messages appear on the console screen.
One can check if the machine has started its IPv6 initialisation by checking the related process-files in the "/proc/net/" directory and if one is able to ping the loopback using the IPv6 specific 'ping6' and 'traceroute6' commands:
prompt> ls /proc/net/*6* /proc/net/anycast6 /proc/net/ipv6_route /proc/net/sockstat6 /proc/net/if_inet6 /proc/net/raw6 /proc/net/tcp6 /proc/net/igmp6 /proc/net/rt6_stats /proc/net/udp6 /proc/net/ip6_flowlabel /proc/net/snmp6 prompt>ping6 ::1 PING ::1(::1) from ::1 : 56 data bytes 64 bytes from ::1: icmp_seq=. ttl=64 time=... ms prompt>traceroute6 ::1 traceroute to ::1 (::1) from ::1, 30 hops max, 16 byte packets 1 localhost.localdomain (::1) ... ms ... ms ... ms