Feed on
Posts
Comments

I realized Airport Extreme isn’t as expensive as I thought it once was, so bought one today. I wanted a dual-stack router that was smaller and quieter than the Cisco 2620 under my desk in the bedroom. While the bedroom is certainly quieter now, the AE is pretty annoying to configure. The actual setup is pretty straightforward, but making the smallest change requires a reboot of the unit. Change SNMP community? reboot.

As a bonus I saw that I could hook up a hard drive via USB and use Time Machine remotely. Ever since I sprung my MacBook from the roots it had grown from my desk, Time Machine happily tells me it’s been 90, 120, 180 days since my last backup. It took 6-7 hours to backup 140 GB across wired gigabit ethernet, which isn’t great. I’m puzzled as to why TM insists on using IPv4. I can definately mount the disk on the AE via AFP over IPv6, but TM either refuses to recognize it or makes a second mount then spews IPv4 across the network. I haven’t tried disabling IPv4 completely on the Mac to see what it does.

So at some point I’d like to have my home network purely IPv6 and proxy all of my IPv4 traffic. My first thought was to throw everything at a Squid proxy. This isn’t very effcient, because it obviously proxies IPv6 requests too, which we have direct connectivity for. I wanted IPv6 to go directly and all IPv4 requests to be proxied to my squid box via IPv6. I figured out I can use a proxy auto-configuration (PAC) file to do this. PAC files allow intelligent lookups using Javascript functions. So, I came up with this:

function FindProxyForURL(url, host) {

// For debugging; Firefox displays in error console; IE in popup
//alert(
//  "My addr: " + myIpAddress()
//  + "\nURL: " + url
//  + "\nHost: " + host
//  + "\nResolved: " + dnsResolve( host )
//);

// Siphon off work-related requests to my SOCKS server
  if ( shExpMatch( url, "*.example.com/*" ) ) {
    return "SOCKS localhost:1080";
  }
  if ( shExpMatch( url, "*.example.net/*" ) )  {
    return "SOCKS localhost:1080";
  }

// Lookup the IP address for the host, if it's a colon, then it surely has
// to be a v6 host.  Yes, this causes a second DNS request, but what else
// are you going to do?
  if ( shExpMatch( dnsResolve( host ), "*:*") ) {
    return "DIRECT";
  }

// Catch-all for everything else; if we're here, we either failed DNS
// or it's IPv4.  Interestingly, at least FF doesn't like bracketed
// address:ports, but works with a hostname that only has a AAAA record.
  //return "PROXY [2001:470:1f0f:624::32]:3128; DIRECT";
  return "PROXY proxy.ipv6.wann.net:3128; DIRECT";
}

Unfortunately I don’t know why it doesn’t work as the system Web Proxy (i.e. Safari) as configured in System Preferences. I can’t even tell how you debug the friggin thing; Console is no help. Yahoo Messenger for Mac doesn’t seem to like it either. Actually, I can’t tell what sort of proxy YIM is expecting. With its firewall transversal turned on (which says it’ll use HTTP requests) it’s hitting port 80 but refuses to connect.

Leave a Reply