Difference between revisions of "IPv6Tunnels/ExampleConfigs"
Jump to navigation
Jump to search
Line 54: | Line 54: | ||
route-map external-out deny 20 | route-map external-out deny 20 | ||
! | ! | ||
</pre> | |||
== bird == | |||
This is /etc/bird/bird6.conf: | |||
<pre> | |||
# Configure logging | |||
#log syslog { | |||
#log stderr all; | |||
#log "tmp" all; | |||
log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug }; | |||
listen bgp v6only; | |||
# Write your router id here, any ipv4 address that you have will do | |||
router id 46.233.38.1; | |||
# The direct protocol automatically generates device routes to | |||
# all network interfaces. Can exist in as many instances as you wish | |||
# if you want to populate multiple routing tables with device routes. | |||
protocol direct { | |||
interface "*"; | |||
} | |||
# This pseudo-protocol performs synchronization between BIRD's routing | |||
# tables and the kernel. If your kernel supports multiple routing tables | |||
# (as Linux 2.2.x does), you can run multiple instances of the kernel | |||
# protocol and synchronize different kernel tables with different BIRD tables. | |||
protocol kernel { | |||
learn; | |||
persist; | |||
scan time 20; | |||
export all; | |||
} | |||
# This pseudo-protocol watches all interface up/down events. | |||
protocol device { | |||
scan time 10; | |||
} | |||
filter ext_originate_ip6 { | |||
# REPLACE WITH YOUR NET HERE | |||
if (net = 2001:67c:21bc:4::/64 ) then accept; | |||
else reject; | |||
} | |||
template bgp t_ext_ip6 { | |||
# replace ASN here! | |||
local as 65532; | |||
export filter ext_originate_ip6; | |||
} | |||
# REPLACE NEIGHBOR IPs HERE | |||
# Ipv6 bgp link to marla | |||
protocol bgp marla_tbc_ip6 from t_ext_ip6 { | |||
description "uplink to marla/tbc over ipv6"; | |||
neighbor 2001:67c:21bc:7fff:1:9:0:1 as 200533; | |||
} | |||
# Ipv6 bgp link to marla | |||
protocol bgp tyler_tbc_ip6 from t_ext_ip6 { | |||
description "uplink to tyler/tbc over ipv6"; | |||
neighbor 2001:67c:21bc:7fff:2:9:0:1 as 200533; | |||
} | |||
</pre> | </pre> |
Revision as of 18:20, 6 July 2015
Example configs
Linux
Tunnel interface
auto marla-ipv6-spn iface marla-ipv6-spn inet6 v4tunnel mode ipip ttl 225 address 2001:67c:21bc:7fff:0001:2:0:2 netmask 120 local USER-IP-ADDRESS endpoint 79.98.105.18 gateway 2001:67c:21bc:7fff:0001:2:0:1
quagga
In this example, 2001:67c:21bc:7fff:2:1:0:1 and 2001:67c:21bc:7fff:2:1:1:1 are the remote end-points of the tunnels, 2001:67c:21bc:4::/62 is the assigned network, and 65535 is the ASN delegated to this peer.
Basically, this configuration says "connect to the two peers, and filter what I announce to them to be just my own network".
(this is actually the live configuration of initLab)
bgpd.conf:
! router bgp 65535 bgp router-id 192.168.232.1 no bgp default ipv4-unicast neighbor 2001:67c:21bc:7fff:2:1:0:1 remote-as 200533 neighbor 2001:67c:21bc:7fff:2:1:0:1 interface lab-ipv6-od neighbor 2001:67c:21bc:7fff:2:1:0:1 timers 3 10 neighbor 2001:67c:21bc:7fff:2:1:1:1 remote-as 200533 neighbor 2001:67c:21bc:7fff:2:1:1:1 interface lab-ipv6-tbc neighbor 2001:67c:21bc:7fff:2:1:1:1 timers 3 10 ! address-family ipv6 network 2001:67c:21bc:4::/62 neighbor 2001:67c:21bc:7fff:2:1:0:1 activate neighbor 2001:67c:21bc:7fff:2:1:0:1 route-map external-out out neighbor 2001:67c:21bc:7fff:2:1:1:1 activate neighbor 2001:67c:21bc:7fff:2:1:1:1 route-map external-out out exit-address-family ! ipv6 prefix-list mine seq 5 permit 2001:67c:21bc:4::/62 ipv6 prefix-list mine seq 15 deny any ! route-map external-out permit 10 match ipv6 address prefix-list mine ! route-map external-out deny 20 !
bird
This is /etc/bird/bird6.conf:
# Configure logging #log syslog { #log stderr all; #log "tmp" all; log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug }; listen bgp v6only; # Write your router id here, any ipv4 address that you have will do router id 46.233.38.1; # The direct protocol automatically generates device routes to # all network interfaces. Can exist in as many instances as you wish # if you want to populate multiple routing tables with device routes. protocol direct { interface "*"; } # This pseudo-protocol performs synchronization between BIRD's routing # tables and the kernel. If your kernel supports multiple routing tables # (as Linux 2.2.x does), you can run multiple instances of the kernel # protocol and synchronize different kernel tables with different BIRD tables. protocol kernel { learn; persist; scan time 20; export all; } # This pseudo-protocol watches all interface up/down events. protocol device { scan time 10; } filter ext_originate_ip6 { # REPLACE WITH YOUR NET HERE if (net = 2001:67c:21bc:4::/64 ) then accept; else reject; } template bgp t_ext_ip6 { # replace ASN here! local as 65532; export filter ext_originate_ip6; } # REPLACE NEIGHBOR IPs HERE # Ipv6 bgp link to marla protocol bgp marla_tbc_ip6 from t_ext_ip6 { description "uplink to marla/tbc over ipv6"; neighbor 2001:67c:21bc:7fff:1:9:0:1 as 200533; } # Ipv6 bgp link to marla protocol bgp tyler_tbc_ip6 from t_ext_ip6 { description "uplink to tyler/tbc over ipv6"; neighbor 2001:67c:21bc:7fff:2:9:0:1 as 200533; }
Mikrotik
TODO: explain config
/interface 6to4 add comment="initlab ipv6" local-address=46.47.81.47 mtu=1480 name=\ marla-ipv6-bsc remote-address=79.98.105.18 add comment="initlab ipv6" local-address=46.47.81.47 mtu=1480 name=\ tyler-ipv6-bst remote-address=78.128.1.18 /routing bgp instance set default as=65531 /ipv6 address add address=2001:67c:21bc:7fff:1:4:0:2/120 advertise=no comment=uplink-marla \ interface=marla-ipv6-bsc add address=2001:67c:21bc:2:4e5e:cff:feb5:3e93 comment="lan" eui-64=\ yes interface=bridge-lan add address=2001:67c:21bc:7fff:2:4:1:2/120 advertise=no comment=uplink-tyler \ interface=tyler-ipv6-bst /routing bgp network add network=2001:67c:21bc:2::/64 synchronize=no /routing bgp peer add address-families=ipv6 name=tyler remote-address=\ 2001:67c:21bc:7fff:2:4:1:1 remote-as=200533 ttl=default add address-families=ipv6 name=marla remote-address=\ 2001:67c:21bc:7fff:1:4:0:1 remote-as=200533 ttl=default