IPv6 Der Debian Router: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| (7 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 9: | Zeile 9: | ||
* cat /etc/network/interfaces | * cat /etc/network/interfaces | ||
<pre> | <pre> | ||
| − | auto | + | auto ens3 |
| − | iface | + | iface ens3 inet static |
| + | address 172.30.34.2/24 | ||
| + | gateway 172.30.34.1 | ||
| + | |||
| + | iface ens3 inet6 static | ||
address 2a02:24d8:71:2441::2/64 | address 2a02:24d8:71:2441::2/64 | ||
gateway 2a02:24d8:71:2441::1 | gateway 2a02:24d8:71:2441::1 | ||
| + | |||
| + | auto ens4 | ||
iface ens4 inet static | iface ens4 inet static | ||
| − | |||
| − | |||
| − | |||
| − | |||
address 192.168.44.1/24 | address 192.168.44.1/24 | ||
post-up ip -4 route add 192.168.45.0/24 via 192.168.44.2 | post-up ip -4 route add 192.168.45.0/24 via 192.168.44.2 | ||
post-up ip -4 route add 192.168.46.0/24 via 192.168.44.2 | post-up ip -4 route add 192.168.46.0/24 via 192.168.44.2 | ||
| − | |||
| − | + | ||
| − | iface | + | iface ens4 inet6 static |
address 2a02:24d8:71:2444::1/64 | address 2a02:24d8:71:2444::1/64 | ||
post-up ip -6 route add 2a02:24d8:71:2445::0/64 via 2a02:24d8:71:2444::2 | post-up ip -6 route add 2a02:24d8:71:2445::0/64 via 2a02:24d8:71:2444::2 | ||
post-up ip -6 route add 2a02:24d8:71:2446::0/64 via 2a02:24d8:71:2444::2 | post-up ip -6 route add 2a02:24d8:71:2446::0/64 via 2a02:24d8:71:2444::2 | ||
| − | |||
</pre> | </pre> | ||
;Hochfahren | ;Hochfahren | ||
| Zeile 36: | Zeile 36: | ||
=Namerver= | =Namerver= | ||
*cat /etc/resolv.conf | *cat /etc/resolv.conf | ||
| − | nameserver | + | nameserver 2001:4860:4860::8888 |
nameserver 8.8.8.8 | nameserver 8.8.8.8 | ||
search linuggs.de | search linuggs.de | ||
| + | |||
=Forwarding= | =Forwarding= | ||
| − | *cat / | + | *cat /etc/sysctl.conf |
net.ipv6.conf.all.forwarding = 1 | net.ipv6.conf.all.forwarding = 1 | ||
net.ipv4.ip_forward=1 | net.ipv4.ip_forward=1 | ||
;Aktivkieren | ;Aktivkieren | ||
*sysctl -p | *sysctl -p | ||
| − | |||
=Firewall= | =Firewall= | ||
| + | *cat /etc/nftables.conf | ||
| + | |||
<pre> | <pre> | ||
#!/usr/sbin/nft -f | #!/usr/sbin/nft -f | ||
| Zeile 68: | Zeile 70: | ||
chain postrouting { | chain postrouting { | ||
type nat hook postrouting priority 100; | type nat hook postrouting priority 100; | ||
| − | oif | + | oif ens3 masquerade |
} | } | ||
} | } | ||
</pre> | </pre> | ||
;aktivieren | ;aktivieren | ||
| − | *nft -f /etc/ | + | *nft -f /etc/nftables.conf |
Aktuelle Version vom 17. September 2024, 11:56 Uhr
Wir werden am Anfang 3 Dinge machen
- IPv6 und IPv4 für WAN und LAN setzen
- Default IPv6 und IPv4 Route setzen
- IPv6 Forwarding einschalten
- IPv4 Forwarding einschalten
- Routen hinter unseren Switch setzen
- Firewall anpassen
Netzwerk
- cat /etc/network/interfaces
auto ens3 iface ens3 inet static address 172.30.34.2/24 gateway 172.30.34.1 iface ens3 inet6 static address 2a02:24d8:71:2441::2/64 gateway 2a02:24d8:71:2441::1 auto ens4 iface ens4 inet static address 192.168.44.1/24 post-up ip -4 route add 192.168.45.0/24 via 192.168.44.2 post-up ip -4 route add 192.168.46.0/24 via 192.168.44.2 iface ens4 inet6 static address 2a02:24d8:71:2444::1/64 post-up ip -6 route add 2a02:24d8:71:2445::0/64 via 2a02:24d8:71:2444::2 post-up ip -6 route add 2a02:24d8:71:2446::0/64 via 2a02:24d8:71:2444::2
- Hochfahren
- ifup -va
Namerver
- cat /etc/resolv.conf
nameserver 2001:4860:4860::8888 nameserver 8.8.8.8 search linuggs.de
Forwarding
- cat /etc/sysctl.conf
net.ipv6.conf.all.forwarding = 1 net.ipv4.ip_forward=1
- Aktivkieren
- sysctl -p
Firewall
- cat /etc/nftables.conf
#!/usr/sbin/nft -f
flush ruleset
table inet filter {
chain input {
type filter hook input priority filter;
}
chain forward {
type filter hook forward priority filter;
}
chain output {
type filter hook output priority filter;
}
}
table ip nat {
chain postrouting {
type nat hook postrouting priority 100;
oif ens3 masquerade
}
}
- aktivieren
- nft -f /etc/nftables.conf