How to: Setting up OpenVPN with individual public ipv6 for clients

You should already have a OpenVPN server that works with IPv4, before using this guide.

First signup at tunnelbroker.net

Then login with your username and password you received in the mail from Hurricane Electric

Click create regular tunnel, enter your server ipv4 address and select the server that is closest to you.

Now click request a routed /48

then remember these things:

In the code where my ip addresses are, you need to change them to your own.

Run the following commands to setup the tunnelbroker tun interface creator and enable IPv6 forwarding


wget https://tb-tun.googlecode.com/files/tb-tun_r18.tar.gz

tar xzf tb-tun_r18.tar.gz
gcc tb_userspace.c -l pthread -o tb_userspace
mv tb_userspace /sbin
chmod +x /sbin/tb_userspace
echo "net.ipv6.conf.all.forwarding=1" >> /etc/sysctl.conf
sysctl -p

Add the following to /etc/rc.local before “exit 0” to auto setup the tunnel at boot


setsid /sbin/tb_userspace tb0 216.66.80.30 46.101.229.221 sit > /dev/null &
sleep 3s
ifconfig tb0 up
ifconfig tb0 inet6 add 2001:470:7248::/48
ifconfig tb0 mtu 1480
route -A inet6 add ::/0 dev tb0

Add the following to /etc/openvpn/server.conf


tun-ipv6

push tun-ipv6

server-ipv6 2001:470:7248:100::/64

push "redirect-gateway-ipv6 def1 bypass-dhcp-ipv6"
push "route-ipv6 2001:470:7248:100::/64"
push "route-ipv6 2000::/3"

Since OpenVPN needs a /64 subnet, you need to change your IP like this:

2001:470:7248::/48

add “:100” before “::” and change “48” to “64”

now it should look like this:

2001:470:7248:100::/64

lastly reboot your server.

You should now be able to connect to all your VPN clients from 2001:470:7248:100::something, and your clients should be able to access the awesome world of IPv6 😀

I had been struggling with this for 2 months, but then i found a great guide on how to do it here:

https://wiki.nyr.es/ipv6_tunnel_broker_openvpn_openvz

But he is missing the part on compiling tb_userspace