IPv6 Der Debian Router

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen

Wir werden am Anfang 3 Dinge machen

  • IPv6 und IPv4 für WAN und LAN setzen
  • Default IPv6 und IPv4 Route setzen
  • IPv6 Forwarding einschalten
  • IPv4 Forwarding einschalten
  • Routen hinter unseren Switch setzen
  • Firewall anpassen

Netzwerk

  • cat /etc/network/interfaces
auto ens4
iface ens4 inet6 static
 address 2a02:24d8:71:2441::2/64
 gateway 2a02:24d8:71:2441::1

iface ens4 inet static
 address 194.59.156.163/27 
 gateway 194.59.156.161

iface ens5 inet static
 address 192.168.44.1/24
 post-up ip -4 route add 192.168.45.0/24 via 192.168.44.2 
 post-up ip -4 route add 192.168.46.0/24 via 192.168.44.2 
 post-up ip -4 route add 192.168.47.0/24 via 192.168.44.2 

auto ens5
iface ens5 inet6 static
 address 2a02:24d8:71:2444::1/64
 post-up ip -6 route add 2a02:24d8:71:2445::0/64 via 2a02:24d8:71:2444::2
 post-up ip -6 route add 2a02:24d8:71:2446::0/64 via 2a02:24d8:71:2444::2
 post-up ip -6 route add 2a02:24d8:71:2447::0/64 via 2a02:24d8:71:2444::2
Hochfahren
  • ifup -va

Namerver

  • cat /etc/resolv.conf
nameserver  2a01:4f8:c17:2cc5::1
nameserver  8.8.8.8
search linuggs.de

Forwarding

  • cat /ets/sysconfig
net.ipv6.conf.all.forwarding = 1
net.ipv4.ip_forward=1
cat /etc/nftables.conf
Aktivkieren
  • sysctl -p

Firewall

#!/usr/sbin/nft -f

flush ruleset

table inet filter {
	chain input {
		type filter hook input priority filter;
	}
	chain forward {
		type filter hook forward priority filter;
	}
	chain output {
		type filter hook output priority filter;
	}
}

table ip nat {
	chain postrouting {
		type nat hook postrouting priority 100;
		oif ens4 masquerade
	 }
}
aktivieren
  • nft -f /etc/nft.conf
Abgerufen von „http://wiki.ixheim.de/index.php?title=IPv6_Der_Debian_Router&oldid=51082