Difference between revisions of "IPv6: Router Ubuntu"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
Line 66: | Line 66: | ||
ip6tables -t nat -A POSTROUTING -i enp3s0 -o teredo -s fec0:1234::/64 -j MASQUERADE | ip6tables -t nat -A POSTROUTING -i enp3s0 -o teredo -s fec0:1234::/64 -j MASQUERADE | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | ===Skenario 2: 6project dan Alokasi Stateless untuk LAN lokal=== | ||
+ | |||
+ | '''GATEWAY / Router ke Internet''' | ||
+ | |||
+ | Install radvd | ||
+ | |||
+ | openvpn --config usernameanda-di-6project.ovpn | ||
+ | echo 1 > /proc/sys/net/ipv6/conf/all/forwarding | ||
+ | ip addr add fec0:1234::dead/64 dev enp0s3 | ||
+ | sudo apt install radvd | ||
+ | |||
+ | Edit /etc/radvd.conf | ||
+ | |||
+ | interface enp0s3 { | ||
+ | AdvSendAdvert on; | ||
+ | prefix fec0:1234::/64 { | ||
+ | }; | ||
+ | }; | ||
+ | |||
+ | Restart | ||
+ | |||
+ | /etc/init.d/radvd restart | ||
+ | |||
+ | NAT ke IPv6 Global | ||
+ | |||
+ | ip6tables -t nat -A POSTROUTING -i enp3s0 -o teredo -s fec0:1234::/64 -j MASQUERADE | ||
===Skenario 2: Routing Statik untuk LAN Lokal=== | ===Skenario 2: Routing Statik untuk LAN Lokal=== |
Revision as of 12:45, 5 February 2019
Berikut adalah langkah yang perlu dilakukan untuk membuat sebuah router IPv6 sederhana menggunakan Ubuntu.
Akses ke IPv6 Internet
Perhitungan Subnet IPv6
NAT IPv6
Jika dibutuhkan, maka netfilter6 dapat digunakan sebagai NAT IPv6.
IPv6 Masquerading
Seperti layaknya client IPv4, maka client dapat di sembunyikan di belakang router dengan IPv6 masquerading (hide/overlap NAT), seperti
ip6tables -t nat -A POSTROUTING -o tun0 -s fec0::/64 -j MASQUERADE ip6tables -t nat -A POSTROUTING -o teredo -s 2001:0:53aa:64c:20a7:659c:4b0c:e8d7 -j MASQUERADE
IPv6 Destination NAT
Sebuah dedicated IPv6 address global dapat di forward ke internal IPv6 address, seperti,
ip6tables -t nat -A PREROUTING -d 2001:db8:0:1:5054:ff:fe01:2345 -i tun0 -j DNAT --to-destination fec0::5054:ff:fe01:2345
IPv6 Port Forwarding
Sebuah port yang spesifik dapat di forward ke jaringan internal, seperti,
ip6tables -t nat -A PREROUTING -i tun0 -p tcp --dport 8080 -j DNAT --to-destination [fec0::1234]:80
Siapkan OS Ubuntu
Skenario 1: teredo dan Alokasi Stateless untuk LAN lokal
GATEWAY / Router ke Internet
Install radvd
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding ip addr add fec0:1234::dead/64 dev enp0s3 sudo apt install radvd
Edit /etc/radvd.conf
interface enp0s3 { AdvSendAdvert on; prefix fec0:1234::/64 { }; };
Restart
/etc/init.d/radvd restart
NAT ke IPv6 Global
ip6tables -t nat -A POSTROUTING -i enp3s0 -o teredo -s fec0:1234::/64 -j MASQUERADE
Skenario 2: 6project dan Alokasi Stateless untuk LAN lokal
GATEWAY / Router ke Internet
Install radvd
openvpn --config usernameanda-di-6project.ovpn echo 1 > /proc/sys/net/ipv6/conf/all/forwarding ip addr add fec0:1234::dead/64 dev enp0s3 sudo apt install radvd
Edit /etc/radvd.conf
interface enp0s3 { AdvSendAdvert on; prefix fec0:1234::/64 { }; };
Restart
/etc/init.d/radvd restart
NAT ke IPv6 Global
ip6tables -t nat -A POSTROUTING -i enp3s0 -o teredo -s fec0:1234::/64 -j MASQUERADE
Skenario 2: Routing Statik untuk LAN Lokal
GATEWAY
Kondisi Gateway
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
- Interface tun0 IPv4 10.8.0.21/24 dan IPv6 2a07:1c44:212:c0ca:87e8::/80
echo 1 > /proc/sys/net/ipv6/conf/tun0/forwarding ip route add ::/0 dev tun0
- Interface enp3s0
echo 1 > /proc/sys/net/ipv6/conf/enp3s0/forwarding ip addr add 2a07:1c44:212:c0ca:87e8:1000::1/84 dev enp3s0 ip -6 route add 2a07:1c44:212:c0ca:87e8:2000::/84 via 2a07:1c44:212:c0ca:87e8:1000::100
CLIENT di VirtualBox
- Set IPv6 Static (enp0s3)
echo 0 > /proc/sys/net/ipv6/conf/all/forwarding ip addr add 2a07:1c44:212:c0ca:87e8:1000::100/84 dev enp0s3 ip addr add 2a07:1c44:212:c0ca:87e8:2000::100/84 dev enp0s3 ip -6 route add 2a07:1c44:212:c0ca:87e8::/84 enp0s3 ip -6 route add 2a07:1c44:212:c0ca:87e8::/84 via 2a07:1c44:212:c0ca:87e8::2/84 ip -6 route add ::/0 via 2a07:1c44:212:c0ca:87e8::2/84
atau eth0
echo 0 > /proc/sys/net/ipv6/conf/all/forwarding ip addr add 2a07:1c44:212:c0ca:87e8:1000::100/84 dev eth0 ip addr add 2a07:1c44:212:c0ca:87e8:2000::100/84 dev eth0 ip -6 route add 2a07:1c44:212:c0ca:87e8::/84 eth0 ip -6 route add 2a07:1c44:212:c0ca:87e8::/84 via 2a07:1c44:212:c0ca:87e8::2/84 ip -6 route add ::/0 via 2a07:1c44:212:c0ca:87e8::2/84
Skenario 3: Alokasi subnet untuk salah satu PC / Router di LAN
- Aktifkan IPv6 Address Forwarding
- Set IPv6 Static