[isf-wifidog] [Authpuppy Development] ipv6 hack day

Geneviève Bastien gbastien at versatic.net
Lun 30 Mai 12:37:48 EDT 2011

Actually, we spent most of the day just understanding the implications 
of ipv6 and what we have to do to support it.  We had one of ipv6 guru 
with us whose input was really helpful.

For our group, île sans fil, we have a 3 phase ipv6 deployment plan.  
Here's a short resume:

Phase 1: For june 8th, to offer our users ipv6 experience without 
hitting our heads on the wall
- Just have some routers provide ipv6
- Make sure security of the network behind our gateway is still 
protected like it was in ipv4
- We do not touch wifidog, so all ipv6 traffic should pass-through and 
an eventual ipv4 request will pop the login screen
- Nothing more

Phase 2: Auth server still only has ipv4 url, wifidog redirects ipv6 to auth
- Make sure wifidog http server answers ipv6 request
- Modify wifidog to block unauthenticated ipv6 request and redirect to 
ipv4 auth server
- When successfully logged in, add the ipv6 firewall rule to allow 
traffic to pass through
- Make sure incoming and outgoing traffic is still calculated ok

Phase 3: Full ipv6 support
- Modifs on gateway:
   + Ipv4 firewall is fully replicated for ipv4
   + Wifidog acts the same whether the request comes with ipv6 or ipv4
- Auth server
   + Auth server now has a ipv6 dns record
   + Auth server can keep all ipv4 and ipv6 info on the user

So that's it, we'll do one thing at a time and get familiar with the 
whole ipv6 thing instead of trying to do it all at the same time!  We 
should start working on phase 2 this summer.


On 11-05-30 10:08 AM, Robin Jones wrote:
> How did it go?
> -----Original Message-----
> From: dev-bounces at authpuppy.org [mailto:dev-bounces at authpuppy.org] On Behalf Of Geneviève Bastien
> Sent: 21 May 2011 10:18 PM
> To: WiFiDog Captive Portal; AuthPuppy mailing list
> Subject: [Authpuppy Development] ipv6 hack day
> Hi All,
> In prevision of the IPv6 world day of June 8 (http://isoc.org/wp/worldipv6day/), groups in Quebec are planning a hack day to work of the full ipv6 support for our hotspots.
> Date: May 28, 2011
> Hour:  10h-17h, Montreal Time
> Where:  Notman House, Montreal (http://notman.org)
> Objective:  At the end of the day, we hope to have fully ipv6 compatible access points running wifidog with an authpuppy server, even if it is just experimental and with lots of hack.
> For those interested in those themes but who cannot be physically present, we'll be on irc at freenode.net #wifidog, and from there we may organize skype conferences with people on site, or just chats and discussions.
> We'll [try to] make a wiki page at the end of the day to post our results and findings.
> Thanks,
> Geneviève
> _______________________________________________
> Dev mailing list
> Dev at authpuppy.org
> http://www.authpuppy.org/cgi-bin/mailman/listinfo/dev
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog

Plus d'informations sur la liste de diffusion WiFiDog