lab-docu/documentation/64nix.md
2019-10-16 03:17:32 -04:00

2.9 KiB

Assigning tons of /64s to *nix machines (telehouse-NY)

Get a /125 transit net for the connection to the server:

2620:57:e000:e::10/125

give the first IP in transit subnet to the ICX7750:

enable
conf t
int ve 2000
ipv6 addr 2620:57:e000:e::11/125
ipv6 nd suppress-ra

The next IP after this, 2620:57:e000:e::12, will be given to the server.

Choose a /56 to give to the server:

2620:57:e000:400::/56

enable
conf t
ipv6 route 2620:57:e000:400::/56 2620:57:e000:e::12

The destination is your chosen 2620:57:e000:400::/56 subnet, the next-hop is the server end of the transit subnet, 2620:57:e000:e::12

Give the server its own address in the transit subnet:

Note: this should be one address up from what the router (ICX7750) has.

nano /etc/network/interfaces

auto eth1
iface eth1 inet6 static
        address 2620:57:e000:e::12
        netmask 125
        gateway 2620:57:e000:e::11
        autoconf 0

Now run the below command to assign the entire /56 to the server's loopback interface:
Note: this uses Linux's AnyIP feature

ip -6 route add local 2620:57:e000:400::/56 dev lo

Your server will now respond to any address in the entire /56 - however most applications and daemons will complain when you try to bind them to an address in this block, since they're not technically assigned to any real linux interface. To solve this, enable the net.ipv6.ip_nonlocal_bind sysctl:

sysctl -w net.ipv6.ip_nonlocal_bind=1

Applications can now bind to any IP address in the /56. To make this permanent so it persists reboots, you need to edit /etc/sysctl.conf:

nano /etc/sysctl.conf

Add the following line and then save it:

net.ipv6.ip_nonlocal_bind = 1

The ip -6 route command we ran earlier to assign the /56 will also disappear on reboot, to make it persist reboots, add it as a pre-up command to our network interfaces file, under your transit subnet interface:

nano /etc/network/interfaces

auto eth1
iface eth1 inet6 static
        address 2620:57:e000:e::12
        netmask 125
        gateway 2620:57:e000:e::11
        autoconf 0
        pre-up ip -6 route add local 2620:57:e000:400::/56 dev lo

Finding all the /64s to bind to

If your application needs to be bound to each /64, stick our 2620:57:e000:400::/56 subnet into this calculator, and choose /64s from the dropdown then press calculate:

calculator

Then simply bind each of your application instances to the first address in each /64 - For instance:

Instance 1 - 2620:57:e000:400::1/64
Instance 2 - 2620:57:e000:401::1/64
Instance 3 - 2620:57:e000:402::1/64
etc etc etc