info_i_25x25.png See important information about Ubiquiti Devices and KRACK Vulnerability in this article. We will update this document as more information becomes available.

EdgeRouter - SIXXS Connectivity Without AICCU with Minimum System Modification

AICCU is very hard to bring up at boot since the clock will not be within tolerances at that time. It also can't be told to do heartbeat only since it is apparently buggy.

Provided you have a static ipv4 address, you can already connect to SIXXS without doing anything, you just have to setup a sit tunnel like this:

 tunnel tun0 {
 address (your tunnel endpoint ipv6 address a:b:c:d::2/64)
 encapsulation sit
 local-ip (local ipv4)
 remote-ip (sixxs PoP ipv4)
 }

and set the route to it:

protocols {
 static {
 route6 ::/0 {
 next-hop a:b:c:d::1 {
 }
 }
 }
 }

 

That doesn't work without a static ipv4 since the SIXXS PoP will not know your endpoint address.

SIXXS also supports dynamic 6in4 heartbeat tunnels. Since we already can do the sit part, the only thing missing is getting a heartbeat to work, preferably without aiccu.

Thanks to a guy named Oliver Walter, we have such an alternative heartbeat script, which I converted to python, so we do not have to install the netcat package.

localv6 is your ipv6 tunnel endpoint address, usually something like a:b:c:d::2/64

remotev6 is the ipv6 tunnel remote address, usually something like a:b:c:d::1/64

remotev4 is the SIXXS PoP ipv4

password is the heartbeat password of this tunnel, not your sixxs password

#!/usr/bin/python
#
import time,hashlib,subprocess,socket,os
localv6=""
password=""
remotev4=""
remotev6=""
while 1:
 hbBase="HEARTBEAT TUNNEL " + localv6 + " sender " + str(int(time.time()))
 hbToSend=hbBase + " " + hashlib.md5(hbBase + " " + password).hexdigest()
 sock = socket.socket(socket.AF_INET,socket.SOCK_DGRAM)
 sock.sendto(hbToSend, (remotev4, 3740))
 sock.close()
 with open(os.devnull, "w") as fnull:
 subprocess.call(["/bin/ping6", "-s", "8", "-c", "1", "-q", remotev6], stdout=fnull, stderr=fnull)
 time.sleep(60)

Put that with login data in /config/scripts/heartbeat.py.

Additionally, the following script /config/scripts/post-config.d/heartbeat.sh is needed to start the above python script:

#!/bin/bash
#

start-stop-daemon --start --background --exec /config/scripts/heartbeat.py

 The reason is that with version 1.5, start scripts have to terminate, and the python heartbeat scripts itself does not.