Questions about IPv6 - dual stack access point.
by ludist from LinuxQuestions.org on (#6K7JC)
Hello,
My Slackware-15.0 computer is serving the wifi for IPv4. I updated with IPv6.
On computer I have created a bridge (brwifi) and I attached there eth0 and wlan1. MAC of brwifi is MAC address of eth0 + 1. All network adapters have different mac. I have success but several questions.
My setup is:
hostapd
radvd
dnsmasq
The script I wrote:
Code:#!/bin/bash
# Script to share internet connection via eth0 with bridge method.
# After hibernate or standby you have to restart this.
BRIDGE=brwifi
BRIDGEMAC=00:ff:ff:ff:ff:fe # change with your ETH MAC address + 1
BRIDGEIP=192.168.1.162
GW=192.168.1.1
SLEEP=3
ETH=eth0
WLAN=wlan1
# kernel options to make sure the settings are sane
for NETDEV in $BRIDGE $ETH $WLAN
do
sysctl -w net.ipv6.conf.$NETDEV.forwarding=0
sysctl -w net.ipv6.conf.$NETDEV.accept_ra=1
done
# reset network interfaces
ip link set $ETH down
rfkill unblock wifi
ip link set $WLAN down
iwconfig $WLAN txpower 3 #optional
killall dhclient
# not all wifi cards support access point mode.
# Use `iw list` and check if reports *AP for your wifi adapter.
# hostapd shutdown all the network intefaces. First thing to run.
bash /etc/rc.d/rc.hostapd restart
# create bridge
ip link add name $BRIDGE address $BRIDGEMAC type bridge
ip link set dev $BRIDGE address $BRIDGEMAC
ip link set $ETH up
# attach eth to bridge. hostapd attaches wlan to bridge.
ip link set $ETH master $BRIDGE
ip link set dev $BRIDGE up
sleep $SLEEP
bash /etc/rc.d/rc.radvd restart
# radvd enables forwarding on eth0. But if forwarding is enabled RA
# is not working.
# Disable forwarding so we cat get IPv6 from RA
sysctl -w net.ipv6.conf.$ETH.forwarding=0
sysctl -w net.ipv6.conf.$BRIDGE.forwarding=0
bash /etc/rc.d/rc.dnsmasq restart
# Get ip via dhcp if we don't have RA
# dhclient -6 brwifi
# dhclient brwifi # ipv4
ip -6 r add default via fe80::1 dev brwifi
# Dual Stack baby (IPv4 enabled).
ip a add $BRIDGEIP/24 dev brwifi
ip r add default via $GW dev brwifiThe questions:
1. My setup is valid?
2. My eth0 does not get IPv6 via RA. Why? This is a serious problem. Since if my router has new IPv6 I have to restart radvd to change the prefix. To my understanding radvd gives is the advertiser.
3. My IPv6 ports are firewalled from my ISP router. But if one day the ISP also exposes the IPv6 ports I have to block traffic to internal devices with global ipv6's with ip6tables. Right?
4. While I was trying to setup the network interfaces I managed to have IPv6 internet access WITHOUT IPv6's on any network interfaces. Yes, I know what I am writing. Probaly some caching / bug from kernel or userspace programs?
5. I can't ping my internal ipv4 network if I eth0 has ip with `ping INTERNAL_IP -I eth0`. Why? I remove the IPv4 from eth0 and I can ping my internal network with `ping INTERNAL_IP`. I thought that brwifi is like a switch and eth0 has the same access as the brwifi.
Thanks to AWS for the crazy price on IPv4. Now I am somewhat prepared for IPv6.
Code:ip -6 a ludist: Sat Mar 9 08:05:38 2024
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fe80::XX/64 scope link
valid_lft forever preferred_lft forever
33: wlan1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fe80::ZZ/64 scope link
valid_lft forever preferred_lft forever
34: brwifi: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2a02:85f:WW/128 scope global dynamic
valid_lft 84252sec preferred_lft 1452sec
inet6 fe80::WW/64 scope link
valid_lft forever preferred_lft foreverCode:ip r
default via 192.168.1.1 dev brwifi
127.0.0.0/8 dev lo scope link
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.162
192.168.1.0/24 dev brwifi proto kernel scope link src 192.168.1.163Code:ip -6 r
::1 dev lo proto kernel metric 256 pref medium
2a02:xx:yy:xx::/64 dev brwifi proto kernel metric 256 expires 86396sec pref medium
fe80::/64 dev wlan1 proto kernel metric 256 pref medium
fe80::/64 dev brwifi proto kernel metric 256 pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
default via fe80::1 dev brwifi metric 1024 pref mediumThank you for reading this.
My Slackware-15.0 computer is serving the wifi for IPv4. I updated with IPv6.
On computer I have created a bridge (brwifi) and I attached there eth0 and wlan1. MAC of brwifi is MAC address of eth0 + 1. All network adapters have different mac. I have success but several questions.
My setup is:
hostapd
radvd
dnsmasq
The script I wrote:
Code:#!/bin/bash
# Script to share internet connection via eth0 with bridge method.
# After hibernate or standby you have to restart this.
BRIDGE=brwifi
BRIDGEMAC=00:ff:ff:ff:ff:fe # change with your ETH MAC address + 1
BRIDGEIP=192.168.1.162
GW=192.168.1.1
SLEEP=3
ETH=eth0
WLAN=wlan1
# kernel options to make sure the settings are sane
for NETDEV in $BRIDGE $ETH $WLAN
do
sysctl -w net.ipv6.conf.$NETDEV.forwarding=0
sysctl -w net.ipv6.conf.$NETDEV.accept_ra=1
done
# reset network interfaces
ip link set $ETH down
rfkill unblock wifi
ip link set $WLAN down
iwconfig $WLAN txpower 3 #optional
killall dhclient
# not all wifi cards support access point mode.
# Use `iw list` and check if reports *AP for your wifi adapter.
# hostapd shutdown all the network intefaces. First thing to run.
bash /etc/rc.d/rc.hostapd restart
# create bridge
ip link add name $BRIDGE address $BRIDGEMAC type bridge
ip link set dev $BRIDGE address $BRIDGEMAC
ip link set $ETH up
# attach eth to bridge. hostapd attaches wlan to bridge.
ip link set $ETH master $BRIDGE
ip link set dev $BRIDGE up
sleep $SLEEP
bash /etc/rc.d/rc.radvd restart
# radvd enables forwarding on eth0. But if forwarding is enabled RA
# is not working.
# Disable forwarding so we cat get IPv6 from RA
sysctl -w net.ipv6.conf.$ETH.forwarding=0
sysctl -w net.ipv6.conf.$BRIDGE.forwarding=0
bash /etc/rc.d/rc.dnsmasq restart
# Get ip via dhcp if we don't have RA
# dhclient -6 brwifi
# dhclient brwifi # ipv4
ip -6 r add default via fe80::1 dev brwifi
# Dual Stack baby (IPv4 enabled).
ip a add $BRIDGEIP/24 dev brwifi
ip r add default via $GW dev brwifiThe questions:
1. My setup is valid?
2. My eth0 does not get IPv6 via RA. Why? This is a serious problem. Since if my router has new IPv6 I have to restart radvd to change the prefix. To my understanding radvd gives is the advertiser.
3. My IPv6 ports are firewalled from my ISP router. But if one day the ISP also exposes the IPv6 ports I have to block traffic to internal devices with global ipv6's with ip6tables. Right?
4. While I was trying to setup the network interfaces I managed to have IPv6 internet access WITHOUT IPv6's on any network interfaces. Yes, I know what I am writing. Probaly some caching / bug from kernel or userspace programs?
5. I can't ping my internal ipv4 network if I eth0 has ip with `ping INTERNAL_IP -I eth0`. Why? I remove the IPv4 from eth0 and I can ping my internal network with `ping INTERNAL_IP`. I thought that brwifi is like a switch and eth0 has the same access as the brwifi.
Thanks to AWS for the crazy price on IPv4. Now I am somewhat prepared for IPv6.
Code:ip -6 a ludist: Sat Mar 9 08:05:38 2024
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fe80::XX/64 scope link
valid_lft forever preferred_lft forever
33: wlan1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fe80::ZZ/64 scope link
valid_lft forever preferred_lft forever
34: brwifi: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2a02:85f:WW/128 scope global dynamic
valid_lft 84252sec preferred_lft 1452sec
inet6 fe80::WW/64 scope link
valid_lft forever preferred_lft foreverCode:ip r
default via 192.168.1.1 dev brwifi
127.0.0.0/8 dev lo scope link
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.162
192.168.1.0/24 dev brwifi proto kernel scope link src 192.168.1.163Code:ip -6 r
::1 dev lo proto kernel metric 256 pref medium
2a02:xx:yy:xx::/64 dev brwifi proto kernel metric 256 expires 86396sec pref medium
fe80::/64 dev wlan1 proto kernel metric 256 pref medium
fe80::/64 dev brwifi proto kernel metric 256 pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
default via fe80::1 dev brwifi metric 1024 pref mediumThank you for reading this.