From 7759238f9108c86e9938661a3ac6ade01f653840 Mon Sep 17 00:00:00 2001 From: Jon Sands Date: Wed, 16 Oct 2019 03:00:19 -0400 Subject: [PATCH] add 64nix docu --- documentation/64nix.md | 87 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 87 insertions(+) create mode 100644 documentation/64nix.md diff --git a/documentation/64nix.md b/documentation/64nix.md new file mode 100644 index 0000000..d8b60c7 --- /dev/null +++ b/documentation/64nix.md @@ -0,0 +1,87 @@ +# Assigning tons of /64s to *nix machines (telehouse-NY) + +### Get a /125 transit net for the connection to the server: +`2620:57:e000:e::10/125` + +### give the first IP in transit subnet to the ICX7750: +``` +enable +conf t +int ve 2000 +ipv6 addr 2620:57:e000:e::11/125 +ipv6 nd suppress-ra +``` +The next IP after this, `2620:57:e000:e::12`, will be given to the server. + +### Choose a /56 to give to the server: +`2620:57:e000:400::/56` + +### Tell the ICX7750 the entire /56 is accessible over previous transit link: +``` +enable +conf t +ipv6 route 2620:57:e000:400::/56 2620:57:e000:e::12 +``` + +The destination is your chosen `2620:57:e000:400::/56` subnet, the next-hop is the server end of the transit subnet, `2620:57:e000:e::12` + +### On server, give it it's own address in the transit subnet: +**Note**: this should be one address up from what the router (ICX7750) has. + +``` +nano /etc/network/interfaces + +auto eth1 +iface eth1 inet6 static + address 2620:57:e000:e::12 + netmask 125 + gateway 2620:57:e000:e::11 + autoconf 0 +``` +Now run the below command to assign the entire /56 to the server's loopback interface: +**Note:** this uses Linux's [AnyIP](https://blog.widodh.nl/2016/04/anyip-bind-a-whole-subnet-to-your-linux-machine/) feature. + +`ip -6 route add local 2620:57:e000:400::/56 dev lo` + +Your server will now respond to any address in the entire /56 - however most applications and daemons will complain when you try to bind them to an address in this block, since they're not *technically* assigned to any real linux interface. To solve this, enable the `net.ipv6.ip_nonlocal_bind` sysctl: + +`sysctl -w net.ipv6.ip_nonlocal_bind=1` + +Applications can now bind to any IP address in the /56. To make this permanent so it persists reboots, you need to edit `/etc/sysctl.conf`: + +```nano /etc/sysctl.conf``` + +Add the following line and then save it: + +`net.ipv6.ip_nonlocal_bind = 1` + +The `ip -6 route` command we ran earlier to assign the /56 will also disappear on reboot, to make it persist reboots, add it as a `pre-up` command to our network interfaces file, under your transit subnet interface: + +``` +nano /etc/network/interfaces + +auto eth1 +iface eth1 inet6 static + address 2620:57:e000:e::12 + netmask 125 + gateway 2620:57:e000:e::11 + autoconf 0 + pre-up ip -6 route add local 2620:57:e000:400::/56 dev lo +``` + +### Finding all the /64s to bind to +If your application needs to be bound to each /64, stick our `2620:57:e000:400::/56` subnet into [this calculator](https://subnettingpractice.com/ipv6_subnetting.html), and choose /64s from the dropdown then press calculate: + +![eeprom](../../data/other/64nix-1.png) + +Then simply bind each of your application instances to the first address in each /64 - For instance: + +``` +Instance 1 - 2620:57:e000:400::1/64 +Instance 2 - 2620:57:e000:401::2/64 +Instance 3 - 2620:57:e000:402::/64 +etc etc etc +``` + + +