Ipv6: Difference between revisions
From Federal Burro of Information
Jump to navigationJump to search
No edit summary |
|||
| (17 intermediate revisions by the same user not shown) | |||
| Line 44: | Line 44: | ||
| rDNS Delegated NS5: | | rDNS Delegated NS5: | ||
|} | |} | ||
fortigate config: | |||
<pre> | |||
config system sit-tunnel | |||
edit "HE" | |||
set destination 216.66.38.58 | |||
set ip6 2001:470:1c:907::2/64 | |||
set source 69.165.169.40 | |||
next | |||
end | |||
config router static6 | |||
edit 1 | |||
set device "HE" | |||
next | |||
end | |||
</pre> | |||
=== march 2017 update === | |||
had to recreate tunnel | |||
tunnel id: 394438 | |||
<pre> | |||
ipv6 Tunnel Endpoints | |||
Server IPv4 Address:216.66.38.58 | |||
Server IPv6 Address:2001:470:1c:766::1/64 | |||
Client IPv4 Address:69.165.169.40 | |||
Client IPv6 Address:2001:470:1c:766::2/64 | |||
Routed IPv6 Prefixes | |||
Routed /64:2001:470:1d:766::/64 | |||
</pre> | |||
<pre> | |||
DNS Resolvers | |||
Anycast IPv6 Caching Nameserver:2001:470:20::2 | |||
Anycast IPv4 Caching Nameserver: | |||
</pre> | |||
<pre> | |||
config system sit-tunnel | |||
edit "HE" | |||
set destination 216.66.38.58 | |||
set ip6 2001:470:1c:766::2/64 | |||
set source 69.165.169.40 | |||
next | |||
end | |||
config router static6 | |||
edit 1 | |||
set device "HE" | |||
next | |||
end | |||
</pre> | |||
== Dailies == | == Dailies == | ||
| Line 67: | Line 124: | ||
ip6tables http://www.sixxs.net/wiki/IPv6_Firewalling | ip6tables http://www.sixxs.net/wiki/IPv6_Firewalling | ||
lots of | lots of sample config: http://blackundertone.wordpress.com/2012/04/ | ||
testing: http://ipv6-test.com/ | testing: http://ipv6-test.com/ | ||
port scan: https://www.tunnelbroker.net/portscan.php | |||
remove an ipv6 address from one interface: | |||
ip addr del 2001:470:1d:907::64/64 dev enp3s0 | |||
== nets / hosts == | == nets / hosts == | ||
| Line 82: | Line 145: | ||
** 2001:0470:001d:0907:0000::/80 - internal net | ** 2001:0470:001d:0907:0000::/80 - internal net | ||
*** 2001:470:1d:907::64/64 - athena | *** 2001:470:1d:907::28/64 - deluxe | ||
*** 2001:470:1d:907::64/64 - keres | |||
*** 2001:470:1d:907::100/64 - eris | |||
*** 2001:470:1d:907::64/64 - athena defunct | |||
*** 2001:470:1d:907:21c:c0ff:fe5d:6c1a - SLAAC althena - defunt | *** 2001:470:1d:907:21c:c0ff:fe5d:6c1a - SLAAC althena - defunt | ||
*** 2001:470:1d:907::99/64 - tuxedo | *** 2001:470:1d:907::99/64 - tuxedo - defunt | ||
** 2001:0470:001d:0907:0001::/80 - wireless net | ** 2001:0470:001d:0907:0001::/80 - wireless net | ||
| Line 101: | Line 168: | ||
IPv6 /64: 2607:f2c0:a000:15a::/64 | WAN IPv6 /64: 2607:f2c0:a000:15a::/64 | ||
IPv6 /56: 2607:f2c0:f00e:5300::/56 | LAN IPv6 /56: 2607:f2c0:f00e:5300::/56 | ||
deluxe lan 2607:f2c0:f00e:5300::1 | |||
keres enp3s0 2607:f2c0:f00e:5300::2 | |||
DNSMASQ on kere hands out range: | |||
2607:f2c0:f00e:5300::6 | |||
... | |||
2607:f2c0:f00e:5300::20 | |||
<table border="0" cellpadding="2"> | |||
<tr bgcolor="#e7e7e7"><td nowrap>IP address</td><td><b>2607:f2c0:a000:15a::/64</b></td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>type</td><td>GLOBAL-UNICAST</td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>network</td><td>2607:f2c0:a000:15a::</td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>Prefix length</td><td>64</td></tr> | |||
<tr bgcolor="#e7e7e7"><td>network range</td><td>2607:f2c0:a000:015a:0000:0000:0000:0000-<br>2607:f2c0:a000:015a:ffff:ffff:ffff:ffff</td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>total IP addresses</td><td>18446744073709551616</td></tr> | |||
<tr><td><br></td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>IP address (full)</td><td>2607:f2c0:a000:015a:0000:0000:0000:0000</td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>integer ID</td><td>50551933522285441360728455459677143040</td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>hexadecimal ID</td><td>0x2607f2c0a000015a0000000000000000</td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>dotted decimal ID</td><td>38.7.242.192.160.0.1.90.0.0.0.0.0.0.0.0</td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>base 85 ID</td><td>b7q{QiT}V=-k`l0oSm=O</td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap valign="top">binary ID</td><td></td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>ip6.arpa Format</td><td>0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.5.1.0.0.0.0.a.0.c.2.f.7.0.6.2.ip6.arpa</td></tr> | |||
</table> | |||
<hr> | |||
<table border="0" cellpadding="2"> | |||
<tr bgcolor="#e7e7e7"><td nowrap>IP address</td><td><b>2607:f2c0:f00e:5300::/56</b></td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>type</td><td>GLOBAL-UNICAST</td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>network</td><td>2607:f2c0:f00e:5300::</td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>Prefix length</td><td>56</td></tr> | |||
<tr bgcolor="#e7e7e7"><td>network range</td><td>2607:f2c0:f00e:5300:0000:0000:0000:0000-<br>2607:f2c0:f00e:53ff:ffff:ffff:ffff:ffff</td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>total IP addresses</td><td>4722366482869645213696</td></tr> | |||
<tr><td><br></td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>IP address (full)</td><td>2607:f2c0:f00e:53:00:0000:0000:0000:0000</td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>integer ID</td><td>50551933547061552681755294443153391616</td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>hexadecimal ID</td><td>0x2607f2c0f00e53000000000000000000</td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>dotted decimal ID</td><td>38.7.242.192.240.14.83.0.0.0.0.0.0.0.0.0</td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>base 85 ID</td><td>b7q{QG%g(3?WUN*B42IP</td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap valign="top">binary ID</td><td> 00100110000001111111001011000000...</td></tr> | |||
<tr bgcolor="#e7e7e7"><td nowrap>ip6.arpa Format</td><td>0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.5.e.0.0.f.0.c.2.f.7.0.6.2.ip6.arpa</td></tr> | |||
</table> | |||
== Notes == | |||
traceroute 6 on fortigate: | |||
execute tracert6 2001:470:0:76::2 | |||
compare linux command line: | |||
traceroute6 he.net | |||
linux setup: | |||
http://www.dickson.me.uk/2011/03/08/setting-up-a-ipv6-gateway-on-hurricane-electric-using-ubuntu-lucid-lynx-10-04-2/ | |||
presnetation: | |||
https://www.ripe.net/participate/meetings/regional-meetings/ipv6-day-denmark/presentations/4-tomasz-ipv6_day_kopenhagen_v4.pdf | |||
Latest revision as of 20:03, 3 October 2019
Hurricane Electric notes
HE Tunnel
| Tunnel ID: | 177988 |
| Creation Date: | Oct 1, 2012 |
| Description: | |
| IPv6 Tunnel Endpoints | |
| Server IPv4 Address: | 216.66.38.58 |
| Server IPv6 Address: | 2001:470:1c:907::1/64 |
| Client IPv4 Address: | 69.165.169.40 |
| Client IPv6 Address: | 2001:470:1c:907::2/64 |
| Available DNS Resolvers | |
| Anycasted IPv6 Caching Nameserver: | 2001:470:20::2 |
| Anycasted IPv4 Caching Nameserver: | 74.82.42.42 |
| Routed IPv6 Prefixes | |
| Routed /64: | 2001:470:1d:907::/64 |
| Routed /48: | 2001:470:b2a5::/48 |
| rDNS DelegationsEdit | |
| rDNS Delegated NS1: | |
| rDNS Delegated NS2: | |
| rDNS Delegated NS3: | |
| rDNS Delegated NS4: | |
| rDNS Delegated NS5: |
fortigate config:
config system sit-tunnel
edit "HE"
set destination 216.66.38.58
set ip6 2001:470:1c:907::2/64
set source 69.165.169.40
next
end
config router static6
edit 1
set device "HE"
next
end
march 2017 update
had to recreate tunnel
tunnel id: 394438
ipv6 Tunnel Endpoints Server IPv4 Address:216.66.38.58 Server IPv6 Address:2001:470:1c:766::1/64 Client IPv4 Address:69.165.169.40 Client IPv6 Address:2001:470:1c:766::2/64 Routed IPv6 Prefixes Routed /64:2001:470:1d:766::/64
DNS Resolvers Anycast IPv6 Caching Nameserver:2001:470:20::2 Anycast IPv4 Caching Nameserver:
config system sit-tunnel
edit "HE"
set destination 216.66.38.58
set ip6 2001:470:1c:766::2/64
set source 69.165.169.40
next
end
config router static6
edit 1
set device "HE"
next
end
Dailies
bwwhois -h whois.arin.net 2001:470:1d:907::64
dig athena.quadratic.net AAAA
References
DNS: http://www.dummies.com/how-to/content/network-basics-assigning-ipv6-addresses.html
Calculator: http://www.ipv6calculator.net/
apps: http://www.tldp.org/HOWTO/Linux+IPv6-HOWTO/x811.html
routing: http://www.tldp.org/HOWTO/Linux+IPv6-HOWTO/x1068.html
ntp: http://www.sixxs.net/tools/ntp/
ip6tables http://www.sixxs.net/wiki/IPv6_Firewalling
lots of sample config: http://blackundertone.wordpress.com/2012/04/
testing: http://ipv6-test.com/
port scan: https://www.tunnelbroker.net/portscan.php
remove an ipv6 address from one interface:
ip addr del 2001:470:1d:907::64/64 dev enp3s0
nets / hosts
HE Nets
Old , move off.
- stub net for tunnel 2001:470:1c:907::2/128 - single address
- 2001:470:1d:907::/64 - Net 1
- 2001:0470:001d:0907:0000::/80 - internal net
- 2001:470:1d:907::28/64 - deluxe
- 2001:470:1d:907::64/64 - keres
- 2001:470:1d:907::100/64 - eris
- 2001:0470:001d:0907:0000::/80 - internal net
- 2001:470:1d:907::64/64 - athena defunct
- 2001:470:1d:907:21c:c0ff:fe5d:6c1a - SLAAC althena - defunt
- 2001:470:1d:907::99/64 - tuxedo - defunt
- 2001:0470:001d:0907:0001::/80 - wireless net
- 2001:0470:001d:0907:0001::
- 2001:0470:001d:0907:0001::1/80
- 2001:0470:001d:0907:0001::99/80 - tuxedo
- 2001:0470:001d:0907:0001::/80 - wireless net
- 2001:0470:001d:0907:0002::/80 - dmz
- 2001:0470:001d:0907:0002::99/80
- 2001:0470:001d:0907:0003::/80
- 2001:0470:001d:0907:0002::/80 - dmz
Teksavvy nets
2607:f2c0:a000:15a::/64 2607:f2c0:a000:15a::1/64 - tuxedo internet interface.
WAN IPv6 /64: 2607:f2c0:a000:15a::/64 LAN IPv6 /56: 2607:f2c0:f00e:5300::/56 deluxe lan 2607:f2c0:f00e:5300::1 keres enp3s0 2607:f2c0:f00e:5300::2
DNSMASQ on kere hands out range:
2607:f2c0:f00e:5300::6
...
2607:f2c0:f00e:5300::20
| IP address | 2607:f2c0:a000:15a::/64 |
| type | GLOBAL-UNICAST |
| network | 2607:f2c0:a000:15a:: |
| Prefix length | 64 |
| network range | 2607:f2c0:a000:015a:0000:0000:0000:0000- 2607:f2c0:a000:015a:ffff:ffff:ffff:ffff |
| total IP addresses | 18446744073709551616 |
| IP address (full) | 2607:f2c0:a000:015a:0000:0000:0000:0000 |
| integer ID | 50551933522285441360728455459677143040 |
| hexadecimal ID | 0x2607f2c0a000015a0000000000000000 |
| dotted decimal ID | 38.7.242.192.160.0.1.90.0.0.0.0.0.0.0.0 |
| base 85 ID | b7q{QiT}V=-k`l0oSm=O |
| binary ID | |
| ip6.arpa Format | 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.5.1.0.0.0.0.a.0.c.2.f.7.0.6.2.ip6.arpa |
| IP address | 2607:f2c0:f00e:5300::/56 |
| type | GLOBAL-UNICAST |
| network | 2607:f2c0:f00e:5300:: |
| Prefix length | 56 |
| network range | 2607:f2c0:f00e:5300:0000:0000:0000:0000- 2607:f2c0:f00e:53ff:ffff:ffff:ffff:ffff |
| total IP addresses | 4722366482869645213696 |
| IP address (full) | 2607:f2c0:f00e:53:00:0000:0000:0000:0000 |
| integer ID | 50551933547061552681755294443153391616 |
| hexadecimal ID | 0x2607f2c0f00e53000000000000000000 |
| dotted decimal ID | 38.7.242.192.240.14.83.0.0.0.0.0.0.0.0.0 |
| base 85 ID | b7q{QG%g(3?WUN*B42IP |
| binary ID | 00100110000001111111001011000000... |
| ip6.arpa Format | 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.5.e.0.0.f.0.c.2.f.7.0.6.2.ip6.arpa |
Notes
traceroute 6 on fortigate:
execute tracert6 2001:470:0:76::2
compare linux command line:
traceroute6 he.net
linux setup:
http://www.dickson.me.uk/2011/03/08/setting-up-a-ipv6-gateway-on-hurricane-electric-using-ubuntu-lucid-lynx-10-04-2/
presnetation:
https://www.ripe.net/participate/meetings/regional-meetings/ipv6-day-denmark/presentations/4-tomasz-ipv6_day_kopenhagen_v4.pdf
