Mark drafts

content/u/blog/DRAFT-how-to-route-ipv4-via-ipv6/contents.lr

@@ -0,0 +1,87 @@
+title: How to route IPv4 via IPv6
+---
+pub_date: 2019-12-10
+---
+author: ungleich network
+---
+twitter_handle: ungleich
+---
+_hidden: yes
+---
+_discoverable: no
+---
+abstract:
+Bringing IPv4 into the IPv6 world
+---
+body:
+
+Imagine the following: you are running an IPv6 only network. And now
+someone asks you to pass IPv4 traffic through it, without tunneling
+it. Was sounds crazy at first, is actually quite feasible.
+
+## A short routing recap
+
+Routers have routing tables. The routing tables basically say
+"if you receive a packet for this host, send it to that router".
+
+![IP routing](/u/image/ip-routing.png)
+
+The important thing about this process is that the information on
+where to send it to, is **not in the packet**.
+
+## How to send IPv4 packets via IPv6
+
+Because the next hop is not written into the IPv4 packet, the router
+is free to forward the packet via any method it thinks is the
+best. And if that happens to be IPv6 - well, it will forward the IPv4
+packet via an IPv6 neighbour.
+
+## A practical example!
+
+```
+[root@diamond ~]# ip -6 r
+::1 dev lo proto kernel metric 256 pref medium
+2a0a:e5c1:137::/48 dev wgungleich proto kernel metric 256 pref medium
+fe80::/64 dev wlp0s20f3 proto kernel metric 256 pref medium
+[root@diamond ~]# ip r
+default via 192.168.84.1 dev wlp0s20f3 proto dhcp src 192.168.84.7 metric 302
+192.168.84.0/22 dev wlp0s20f3 proto dhcp scope link src 192.168.84.7 metric 302
+[root@diamond ~]# ip route add 10.0.0.0/8 via inet6 2a0a:e5c1:137::22
+[root@diamond ~]# ip -6 route
+::1 dev lo proto kernel metric 256 pref medium
+2a0a:e5c1:137::/48 dev wgungleich proto kernel metric 256 pref medium
+fe80::/64 dev wlp0s20f3 proto kernel metric 256 pref medium
+[root@diamond ~]# ip r
+default via 192.168.84.1 dev wlp0s20f3 proto dhcp src 192.168.84.7 metric 302
+10.0.0.0/8 via inet6 2a0a:e5c1:137::22 dev wgungleich
+192.168.84.0/22 dev wlp0s20f3 proto dhcp scope link src 192.168.84.7 metric 302
+[root@diamond ~]#
+```
+
+## More in the cloud
+
+Actually, what happens behind the scenes is that the VM is running VNC
+(we are also experimenting with XRDP), so I have actually full access
+to a remote Linux desktop via browser and can even run applications
+like libreoffice, blender or gimp remotely.
+
+Because I think it's a cool thing to have, our team at ungleich added
+it as an offer to our [Black IPv6 Friday
+Crowdfunding](https://swiss-crowdfunder.com/campaigns/black-ipv6-friday?locale=en).
+
+Below you can actually see how it looks like:
+
+
+root@beebox ~ # route add 192.168.0.0/16 2a0a:e5c1:100::1
+add net 192.168.0.0/16: gateway 2a0a:e5c1:100::1
+root@beebox ~ # route -n get 192.168.1.2
+   route to: 192.168.1.2
+destination: 192.168.0.0
+       mask: 255.255.0.0
+    gateway: 2a0a:e5c1:100::1
+  interface: tun3
+ if address: 2a0a:e5c1:11e::1
+   priority: 8 (static)
+      flags: <UP,GATEWAY,DONE,STATIC>
+     use       mtu    expire
+       2         0         0

content/u/blog/DRAFT-how-to-run-lxc-containers-with-ipv6-only/contents.lr

@@ -0,0 +1,58 @@
+title: How to run LXC containers in IPv6 networks
+---
+pub_date: 2019-12-20
+---
+author: ungleich virtualisation team
+---
+twitter_handle: ungleich
+---
+_hidden: yes
+---
+_discoverable: no
+---
+abstract:
+
+---
+body:
+
+## Assumptions
+
+You have a computer with at least a /64 network routed to it.
+
+
+
+## Architecture
+
+bridge, radvd,
+
+
+## Configure LXC
+
+
+[root@diamond ~]# cat /etc/lxc/default.conf
+#lxc.net.0.type = empty
+lxc.net.0.type = veth
+lxc.net.0.link = brlxc
+lxc.net.0.flags = up
+
+
+## Create a bridge
+
+
+## Configuring radvd
+
+```
+interface brlxc
+{
+  AdvSendAdvert on;
+  MinRtrAdvInterval 3;
+  MaxRtrAdvInterval 5;
+  AdvDefaultLifetime 10;
+
+  prefix 2a0a:e5c1:137:cafe::/64 {
+  };
+
+  RDNSS 2a0a:e5c0:2:1::5 2a0a:e5c0:2:1::6  { AdvRDNSSLifetime 6000; };
+  DNSSL nicotest.ungleich.ch {  AdvDNSSLLifetime 6000; } ;
+};
+```