Difference between revisions of "IPv6: Router Ubuntu"

From OnnoWiki
Jump to navigation Jump to search
Line 13: Line 13:
  
 
* [[IPv6 Address : Perhitungan subnetting IPv6]]
 
* [[IPv6 Address : Perhitungan subnetting IPv6]]
 +
 +
 +
==NAT IPv6==
 +
 +
Jika dibutuhkan, maka netfilter6 dapat digunakan sebagai NAT IPv6.
 +
 +
 +
====IPv6 Masquerading====
 +
 +
Seperti layaknya client IPv4, maka client dapat di sembunyikan di belakang router dengan IPv6 masquerading (hide/overlap NAT), seperti
 +
 +
ip6tables -t nat -A POSTROUTING -o sixxs -s fec0::/64 -j MASQUERADE
 +
 +
====IPv6 Destination NAT====
 +
 +
Sebuah dedicated IPv6 address global dapat di forward ke internal IPv6 address, seperti,
 +
 +
ip6tables -t nat -A PREROUTING -d 2001:db8:0:1:5054:ff:fe01:2345 -i sixxs -j DNAT --to-destination fec0::5054:ff:fe01:2345
 +
 +
====IPv6 Port Forwarding====
 +
 +
Sebuah port yang spesifik dapat di forward ke jaringan internal, seperti,
 +
 +
ip6tables -t nat -A PREROUTING -i sixxs -p tcp --dport 8080 -j DNAT --to-destination [fec0::1234]:80
  
 
==Siapkan OS Ubuntu==
 
==Siapkan OS Ubuntu==

Revision as of 05:23, 5 February 2019

IPv6-router-ubuntu.jpeg

Berikut adalah langkah yang perlu dilakukan untuk membuat sebuah router IPv6 sederhana menggunakan Ubuntu.


Akses ke IPv6 Internet

Perhitungan Subnet IPv6


NAT IPv6

Jika dibutuhkan, maka netfilter6 dapat digunakan sebagai NAT IPv6.


IPv6 Masquerading

Seperti layaknya client IPv4, maka client dapat di sembunyikan di belakang router dengan IPv6 masquerading (hide/overlap NAT), seperti

ip6tables -t nat -A POSTROUTING -o sixxs -s fec0::/64 -j MASQUERADE

IPv6 Destination NAT

Sebuah dedicated IPv6 address global dapat di forward ke internal IPv6 address, seperti,

ip6tables -t nat -A PREROUTING -d 2001:db8:0:1:5054:ff:fe01:2345 -i sixxs -j DNAT --to-destination fec0::5054:ff:fe01:2345

IPv6 Port Forwarding

Sebuah port yang spesifik dapat di forward ke jaringan internal, seperti,

ip6tables -t nat -A PREROUTING -i sixxs -p tcp --dport 8080 -j DNAT --to-destination [fec0::1234]:80

Siapkan OS Ubuntu

Skenario 1: Alokasi Stateless untuk LAN lokal

GATEWAY

Install radvd

sudo aptitude install radvd
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding 
interface enp3s0 {
        AdvSendAdvert on;
        prefix 2a07:1c44:0212:c0ca:87e8::/80 {
        };
};

Restart

/etc/init.d/radvd restart


  • Aktifkan IPv6 Address Forwarding
  • Aktifkan Router Advertisement

Skenario 2: Routing Statik untuk LAN Lokal

GATEWAY

Kondisi Gateway

echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
  • Interface tun0 IPv4 10.8.0.21/24 dan IPv6 2a07:1c44:212:c0ca:87e8::/80
echo 1 > /proc/sys/net/ipv6/conf/tun0/forwarding
ip route add ::/0 dev tun0
  • Interface enp3s0
echo 1 > /proc/sys/net/ipv6/conf/enp3s0/forwarding
ip addr add 2a07:1c44:212:c0ca:87e8:1000::1/84 dev enp3s0
ip -6 route add 2a07:1c44:212:c0ca:87e8:2000::/84 via 2a07:1c44:212:c0ca:87e8:1000::100


CLIENT di VirtualBox

  • Set IPv6 Static (enp0s3)
echo 0 > /proc/sys/net/ipv6/conf/all/forwarding
ip addr add 2a07:1c44:212:c0ca:87e8:1000::100/84 dev enp0s3
ip addr add 2a07:1c44:212:c0ca:87e8:2000::100/84 dev enp0s3
ip -6 route add 2a07:1c44:212:c0ca:87e8::/84 enp0s3
ip -6 route add 2a07:1c44:212:c0ca:87e8::/84 via 2a07:1c44:212:c0ca:87e8::2/84
ip -6 route add ::/0 via 2a07:1c44:212:c0ca:87e8::2/84

atau eth0

echo 0 > /proc/sys/net/ipv6/conf/all/forwarding
ip addr add 2a07:1c44:212:c0ca:87e8:1000::100/84 dev eth0
ip addr add 2a07:1c44:212:c0ca:87e8:2000::100/84 dev eth0
ip -6 route add 2a07:1c44:212:c0ca:87e8::/84 eth0
ip -6 route add 2a07:1c44:212:c0ca:87e8::/84 via 2a07:1c44:212:c0ca:87e8::2/84
ip -6 route add ::/0 via 2a07:1c44:212:c0ca:87e8::2/84

Skenario 3: Alokasi subnet untuk salah satu PC / Router di LAN

  • Aktifkan IPv6 Address Forwarding
  • Set IPv6 Static

Pranala Menarik