• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

1 x Gentoo server and 1000s gentoo clients

Started by bede, March 07, 2011, 12:12:22 PM

Previous topic - Next topic

bede

Hello

I am not good with routing so please bare with me.

The configuration of the sytem we looks like this

1 x hardened gentoo server (with iproute2 enabled and ipv6 support in the kernel)
1 x test client again hardened gentoo (this time ifconfig only but ipv6 enabled too)

The client level is set and we cant have iproute2.

we are building a shield service for user that currenyl have ipv4 ips

there are to connect through there client gentoo pc up to the server via sslvpn Open vpn.

the idea is to randomly choose one of the /64 ips provided.

so each user is to have a gentoo system.

the setup would be good to assign 2 ips , on to the user and one on the server.

i would guess there would be a way to make it random via a script


any clarity on what im trying to do and how would a big help.

we know its possible, just havent figure out the way yet

thanks in advance for reading and any time you can spare

cholzhauer

Do you want to choose a random address or a random /64 subnet?

bede

thank you very much for your quick reponse, its brilliant to know there is an active forum.

i fogot to mention i have a tunnle set up on he.

i also got a /64 assigned by my server provider which come with 1 for the server.


i want to be to access for example 5000 of the available ips and randomly assign one of these.

externel ip endpoints for the open vpn tunnels on the server so we can hide the users ip so it must be externel and must be able to see it when we look at site like "whats my ip6"

as for your question i dont undertstand subnets other than i was told the /64 would give us a really larg amount of ips to play with and as yet i can even get one to work


thanks again

cholzhauer

If you just want to assign random addresses, you can use DHCP for that.

bede

well the randomness is the least important thing at the moment i need to the ipv6 endpoints up and pingable so we can do the randomness later.

im struggleing at the first stage , what do with the 2 lots of ipv6 and how to configure these on the server for use


cholzhauer

Then we're going to need some more information.

Is your tunnel up? If not, what commands did you try and use?

If it is, that's half the battle.  We just use RA & DHCP and go.

Are all of these systems going to be on the same network (eg all on 192.168.1.0/24 and not strewn about between 192.168.1.0/24 and 192.168.2.0/24)

bede

well my he tunnel is up

and i have server assigned ipv6 x1 (assinged to the ipv4 server) and 1x  /64

cholzhauer

Tunnel is UP, ok.

Now you need to advertise your addresses to the rest of your subnet....by the way, you still didn't tell me if they were all on one subnet

Set up Router Advertisements to advertise your default route and if you want random addressing, set up DHCP to assign addresses

bede

"Now you need to advertise your addresses to the rest of your subnet....by the way, you still didn't tell me if they were all on one subnet"

thats because i dont know the answer   :-[

Set up Router Advertisements to advertise your default route and if you want random addressing, set up DHCP to assign addresses

i just went to the page on he.net copied and pasted the linux inet details into ssh and its now pinging out.

sorry to be so confusing, i have had it explained a few times and each time its a little differnt..

could you help me understand what it is i am trying to do please


bede

if i post what ihave on here and delete later would that help ?

cholzhauer

I can't help you decide what you need to do if you don't know yourself ;)

Your tunnel is up, good.

It seems like you just need to get IPv6 addresses shared with the rest of your hosts...am I right?

cholzhauer

It's not saved.

I don't use gentoo, (I think JimB does...if he sees this post, he'll help you)

You need to add those commands to a startup file so they get run on a server reboot.

You need to enable the Router Advertisements on your router.  Look through Google...I'm sure it's out there somewhere.

bede

https://www.zagbot.com/openvpn_ipv6_tunnel.html

I had wanted to to this and send an ip0v6 ip to each user.

doe what ihave look right compapred to this please

cholzhauer

I don't know.

It's the same idea as what you want to do, but if you're asking if the same commands will work, I don't know.