IPv6 related configuration updates.

- 6to4(stf) interface configuration.
  - Static route configuration.
  - Comment additions.
  - Replaced a still existed '@' to '%' in IPv6 scoped addr format.
    (This became necessary as previous IPv6 scoped addr format change.)

Much thanks to ume, who helped me reviewing, testing, and finding problems
with these changes.

Approved by: jkh

Reviewed by: ume
This commit is contained in:
shin 2000-03-12 20:35:54 +00:00
parent 88c7b24d55
commit 57ee4edb87
3 changed files with 148 additions and 7 deletions

View File

@ -191,6 +191,10 @@ icmp_bmcastecho="NO" # respond to broadcast ping packets
### IPv6 options: ###
ipv6_enable="NO" # Set to YES to set up for IPv6.
ipv6_network_interfaces="auto" # List of network interfaces (or "auto").
ipv6_static_routes="" # Set to static route list (or leave empty).
#ipv6_static_routes="xxx" # An example to set fec0:0000:0000:0006::/64
# route toward loopback interface.
#ipv6_route_xxx="fec0:0000:0000:0006:: -prefixlen 64 ::1"
ipv6_gateway_enable="NO" # Set to YES if this host will be a gateway.
ipv6_router_enable="NO" # Set to YES to enable an IPv6 routing daemon.
ipv6_router="/usr/sbin/route6d" # Name of IPv6 routing daemon.
@ -206,7 +210,9 @@ ipv6_default_interface="" # Default output interface for scoped addrs.
# multicast addrs.
prefixcmd_enable="YES" # Use prefix command to assign router prefix.
rtadvd_enable="YES" # Set to YES to enable an IPv6 router
# advertisement daemon.
# advertisement daemon. If set to YES,
# this router becomes a possible candidate
# IPv6 default router for local subnets.
mroute6d_enable="NO" # Do IPv6 multicast routing.
mroute6d_program="/usr/sbin/pim6dd" # Name of IPv6 multicast routing
# daemon.
@ -216,6 +222,15 @@ gif_interfaces="NO" # List of GIF tunnels (or "NO").
# Choose correct tunnel addrs.
#gifconfig_gif0="10.1.1.1 10.1.2.1" # Examples typically for a router.
#gifconfig_gif1="10.1.1.2 10.1.2.2" # Examples typically for a router.
stf_interface_ipv4addr="" # Local IPv4 addr for 6to4 IPv6 over IPv4
# tunneling interface. Specify this entry
# to enable 6to4 interface.
stf_interface_ipv4plen="0" # Prefix length for 6to4 IPv4 addr,
# to limit peer addr range. Effective value
# is 0-31.
stf_interface_ipv6_ifid="0:0:0:1" # IPv6 interface id for stf0.
# If you like, you can set "AUTO" for this.
stf_interface_ipv6_slaid="0000" # IPv6 Site Level Aggregator for stf0
##############################################################
### System console options #################################

View File

@ -77,7 +77,7 @@ network6_pass1() {
| head -1 | awk '{print $2}'`
hostid=`echo ${laddr} | sed \
-e 's/fe80:[0-9a-fA-F]+::/fe80::/' \
-e 's/fe80:://' -e 's/@.*//'`
-e 's/fe80:://' -e 's/%.*//'`
address=$j\:${hostid}
eval hostid_$i=${hostid}
@ -120,10 +120,16 @@ network6_pass1() {
# gifconfig
network6_gif_setup
# 6to4 setup
network6_stf_setup
# install the "default interface" to kernel, which will be used
# as the default route when there's no router.
network6_default_interface_setup
# setup static routes
network6_static_routes_setup
# ipv6_router
case ${ipv6_router_enable} in
[Yy][Ee][Ss])
@ -193,10 +199,16 @@ network6_pass1() {
# gifconfig
network6_gif_setup
# 6to4 setup
network6_stf_setup
# install the "default interface" to kernel, which will be used
# as the default route when there's no router.
# ndp -I ${ipv6_default_interface}
network6_default_interface_setup
# setup static routes
network6_static_routes_setup
;;
esac
@ -227,10 +239,61 @@ network6_gif_setup() {
esac
}
network6_stf_setup() {
case ${stf_interface_ipv4addr} in
[Nn][Oo] | '')
;;
*)
# setup outer IPv4 addrs
gifconfig stf0 ${stf_interface_ipv4addr} 255.255.255.255
# assign IPv6 addr and interface route for 6to4 interface
stf_prefixlen=$((16+${stf_interface_ipv4plen:-0}))
ipv4_in_hexformat=`echo ${stf_interface_ipv4addr} | \
sed -e s/"\."/" "/g | \
awk '{$5 = $1*256 + $2; $6 = $3*256 + $4; \
printf "%x:%x\n", $5, $6}'`
case ${stf_interface_ipv6_ifid} in
[Aa][Uu][Tt][Oo] | '')
laddr=`ifconfig stf0 inet6 | grep 'inet6 fe80:' \
| head -1 | awk '{print $2}'`
stf_interface_ipv6_ifid=`echo ${laddr} | sed \
-e 's/fe80:[0-9a-fA-F]+::/fe80::/' \
-e 's/fe80:://' -e 's/%.*//'`
case ${stf_interface_ipv6_ifid} in
'')
stf_interface_ipv6_ifid=0:0:0:1
;;
esac
;;
esac
ifconfig stf0 inet6 2002:${ipv4_in_hexformat}:${stf_interface_ipv6_slaid:-0}:${stf_interface_ipv6_ifid} \
prefixlen ${stf_prefixlen}
# disallow packets to malicious 6to4 prefix
route add -inet6 2002:7f00:0000:: -prefixlen 24 ::1 -reject
route add -inet6 2002:0000:0000:: -prefixlen 48 ::1 -reject
route add -inet6 2002:ffff:ffff:: -prefixlen 48 ::1 -reject
;;
esac
}
network6_static_routes_setup() {
# Set up any static routes.
case ${ipv6_static_routes} in
[Nn][Oo] | '')
;;
*)
for i in ${ipv6_static_routes}; do
eval ipv6_route_args=\$ipv6_route_${i}
route add -inet6 ${ipv6_route_args}
done
;;
esac
}
network6_default_interface_setup() {
# Choose IPv6 default interface if it is not clearly specified.
case ${ipv6_default_interface} in
'')
[Nn][Oo] | '')
for i in ${ipv6_network_interfaces}; do
laddr=`ifconfig $i inet6 2>/dev/null \
| grep 'inet6 fe80:' | \
@ -250,7 +313,7 @@ network6_default_interface_setup() {
# Disallow unicast packets without outgoing scope identifiers,
# or route such packets to a "default" interface, if it is specified.
case ${ipv6_default_interface} in
'')
[Nn][Oo] | '')
route add -inet6 fe80:: -prefixlen 10 ::1 -reject
route add -inet6 ff02:: -prefixlen 16 ::1 -reject
;;

View File

@ -77,7 +77,7 @@ network6_pass1() {
| head -1 | awk '{print $2}'`
hostid=`echo ${laddr} | sed \
-e 's/fe80:[0-9a-fA-F]+::/fe80::/' \
-e 's/fe80:://' -e 's/@.*//'`
-e 's/fe80:://' -e 's/%.*//'`
address=$j\:${hostid}
eval hostid_$i=${hostid}
@ -120,10 +120,16 @@ network6_pass1() {
# gifconfig
network6_gif_setup
# 6to4 setup
network6_stf_setup
# install the "default interface" to kernel, which will be used
# as the default route when there's no router.
network6_default_interface_setup
# setup static routes
network6_static_routes_setup
# ipv6_router
case ${ipv6_router_enable} in
[Yy][Ee][Ss])
@ -193,10 +199,16 @@ network6_pass1() {
# gifconfig
network6_gif_setup
# 6to4 setup
network6_stf_setup
# install the "default interface" to kernel, which will be used
# as the default route when there's no router.
# ndp -I ${ipv6_default_interface}
network6_default_interface_setup
# setup static routes
network6_static_routes_setup
;;
esac
@ -227,10 +239,61 @@ network6_gif_setup() {
esac
}
network6_stf_setup() {
case ${stf_interface_ipv4addr} in
[Nn][Oo] | '')
;;
*)
# setup outer IPv4 addrs
gifconfig stf0 ${stf_interface_ipv4addr} 255.255.255.255
# assign IPv6 addr and interface route for 6to4 interface
stf_prefixlen=$((16+${stf_interface_ipv4plen:-0}))
ipv4_in_hexformat=`echo ${stf_interface_ipv4addr} | \
sed -e s/"\."/" "/g | \
awk '{$5 = $1*256 + $2; $6 = $3*256 + $4; \
printf "%x:%x\n", $5, $6}'`
case ${stf_interface_ipv6_ifid} in
[Aa][Uu][Tt][Oo] | '')
laddr=`ifconfig stf0 inet6 | grep 'inet6 fe80:' \
| head -1 | awk '{print $2}'`
stf_interface_ipv6_ifid=`echo ${laddr} | sed \
-e 's/fe80:[0-9a-fA-F]+::/fe80::/' \
-e 's/fe80:://' -e 's/%.*//'`
case ${stf_interface_ipv6_ifid} in
'')
stf_interface_ipv6_ifid=0:0:0:1
;;
esac
;;
esac
ifconfig stf0 inet6 2002:${ipv4_in_hexformat}:${stf_interface_ipv6_slaid:-0}:${stf_interface_ipv6_ifid} \
prefixlen ${stf_prefixlen}
# disallow packets to malicious 6to4 prefix
route add -inet6 2002:7f00:0000:: -prefixlen 24 ::1 -reject
route add -inet6 2002:0000:0000:: -prefixlen 48 ::1 -reject
route add -inet6 2002:ffff:ffff:: -prefixlen 48 ::1 -reject
;;
esac
}
network6_static_routes_setup() {
# Set up any static routes.
case ${ipv6_static_routes} in
[Nn][Oo] | '')
;;
*)
for i in ${ipv6_static_routes}; do
eval ipv6_route_args=\$ipv6_route_${i}
route add -inet6 ${ipv6_route_args}
done
;;
esac
}
network6_default_interface_setup() {
# Choose IPv6 default interface if it is not clearly specified.
case ${ipv6_default_interface} in
'')
[Nn][Oo] | '')
for i in ${ipv6_network_interfaces}; do
laddr=`ifconfig $i inet6 2>/dev/null \
| grep 'inet6 fe80:' | \
@ -250,7 +313,7 @@ network6_default_interface_setup() {
# Disallow unicast packets without outgoing scope identifiers,
# or route such packets to a "default" interface, if it is specified.
case ${ipv6_default_interface} in
'')
[Nn][Oo] | '')
route add -inet6 fe80:: -prefixlen 10 ::1 -reject
route add -inet6 ff02:: -prefixlen 16 ::1 -reject
;;