Mark drafts

This commit is contained in:
Nico Schottelius 2019-12-31 11:02:30 +01:00
parent ba432fc257
commit e34e6d8598
7 changed files with 145 additions and 0 deletions

View file

@ -0,0 +1,87 @@
title: How to route IPv4 via IPv6
---
pub_date: 2019-12-10
---
author: ungleich network
---
twitter_handle: ungleich
---
_hidden: yes
---
_discoverable: no
---
abstract:
Bringing IPv4 into the IPv6 world
---
body:
Imagine the following: you are running an IPv6 only network. And now
someone asks you to pass IPv4 traffic through it, without tunneling
it. Was sounds crazy at first, is actually quite feasible.
## A short routing recap
Routers have routing tables. The routing tables basically say
"if you receive a packet for this host, send it to that router".
![IP routing](/u/image/ip-routing.png)
The important thing about this process is that the information on
where to send it to, is **not in the packet**.
## How to send IPv4 packets via IPv6
Because the next hop is not written into the IPv4 packet, the router
is free to forward the packet via any method it thinks is the
best. And if that happens to be IPv6 - well, it will forward the IPv4
packet via an IPv6 neighbour.
## A practical example!
```
[root@diamond ~]# ip -6 r
::1 dev lo proto kernel metric 256 pref medium
2a0a:e5c1:137::/48 dev wgungleich proto kernel metric 256 pref medium
fe80::/64 dev wlp0s20f3 proto kernel metric 256 pref medium
[root@diamond ~]# ip r
default via 192.168.84.1 dev wlp0s20f3 proto dhcp src 192.168.84.7 metric 302
192.168.84.0/22 dev wlp0s20f3 proto dhcp scope link src 192.168.84.7 metric 302
[root@diamond ~]# ip route add 10.0.0.0/8 via inet6 2a0a:e5c1:137::22
[root@diamond ~]# ip -6 route
::1 dev lo proto kernel metric 256 pref medium
2a0a:e5c1:137::/48 dev wgungleich proto kernel metric 256 pref medium
fe80::/64 dev wlp0s20f3 proto kernel metric 256 pref medium
[root@diamond ~]# ip r
default via 192.168.84.1 dev wlp0s20f3 proto dhcp src 192.168.84.7 metric 302
10.0.0.0/8 via inet6 2a0a:e5c1:137::22 dev wgungleich
192.168.84.0/22 dev wlp0s20f3 proto dhcp scope link src 192.168.84.7 metric 302
[root@diamond ~]#
```
## More in the cloud
Actually, what happens behind the scenes is that the VM is running VNC
(we are also experimenting with XRDP), so I have actually full access
to a remote Linux desktop via browser and can even run applications
like libreoffice, blender or gimp remotely.
Because I think it's a cool thing to have, our team at ungleich added
it as an offer to our [Black IPv6 Friday
Crowdfunding](https://swiss-crowdfunder.com/campaigns/black-ipv6-friday?locale=en).
Below you can actually see how it looks like:
root@beebox ~ # route add 192.168.0.0/16 2a0a:e5c1:100::1
add net 192.168.0.0/16: gateway 2a0a:e5c1:100::1
root@beebox ~ # route -n get 192.168.1.2
route to: 192.168.1.2
destination: 192.168.0.0
mask: 255.255.0.0
gateway: 2a0a:e5c1:100::1
interface: tun3
if address: 2a0a:e5c1:11e::1
priority: 8 (static)
flags: <UP,GATEWAY,DONE,STATIC>
use mtu expire
2 0 0

View file

@ -0,0 +1,58 @@
title: How to run LXC containers in IPv6 networks
---
pub_date: 2019-12-20
---
author: ungleich virtualisation team
---
twitter_handle: ungleich
---
_hidden: yes
---
_discoverable: no
---
abstract:
---
body:
## Assumptions
You have a computer with at least a /64 network routed to it.
## Architecture
bridge, radvd,
## Configure LXC
[root@diamond ~]# cat /etc/lxc/default.conf
#lxc.net.0.type = empty
lxc.net.0.type = veth
lxc.net.0.link = brlxc
lxc.net.0.flags = up
## Create a bridge
## Configuring radvd
```
interface brlxc
{
AdvSendAdvert on;
MinRtrAdvInterval 3;
MaxRtrAdvInterval 5;
AdvDefaultLifetime 10;
prefix 2a0a:e5c1:137:cafe::/64 {
};
RDNSS 2a0a:e5c0:2:1::5 2a0a:e5c0:2:1::6 { AdvRDNSSLifetime 6000; };
DNSSL nicotest.ungleich.ch { AdvDNSSLLifetime 6000; } ;
};
```