After install, make the system a little bit more user friendly. Add following lines to the .profile file:
PKG_PATH=http://ftp.hostserver.de/pub/OpenBSD/6.1/packages/amd64/ export PKG_PATH alias 'll=ls -l'Logout and in again, now install three packages. Joe is a nice editor (I'm not a fan of vi). Wget is always a good helper to download something and we need programs from the wide-dhcpv6 package:
pkg_add joe wget wide-dhcpv6Now patch everything so the system is up to date:
cd /usr cvs -qd anoncvs@ftp.hostserver.de:/cvs checkout -rOPENBSD_6_1 -P srcSee errata page for installation details.
Now create all the required files:
inet 0.0.0.0 255.255.255.255 NONE \ pppoedev vlan7 authproto pap \ authname AAAAAAAAAAAAAAAAAATTTTTTTTT0001@t-online.de authkey passwort \ up dest 0.0.0.1 inet6 eui64 !/sbin/route add default -ifp pppoe0 0.0.0.1 !/sbin/route delete -inet6 default !/sbin/route add -inet6 default -ifp pppoe0 fe80::%pppoe0 !/sbin/ifconfig pppoe0 inet6 autoconf -autoconfprivacy !/etc/rc.d/wait300seconds !/etc/rc.d/dhcp6c restart !/etc/rc.d/wait5seconds !/etc/rc.d/rtadvd restartThe problem is that it takes up to 2-3 minutes before the PPPoE session is up. So we wait 5 minutes before we start dhcp6c and rtadvd.
#!/bin/sh sleep 300
#!/bin/sh sleep 5
chmod 500 /etc/rc.d/wait*
inet 10.0.0.1 255.255.255.0 NONE inet6 eui64 mediaopt hostap nwid PennyGetYourOwnWLAN wpakey EinPasswort12345 wpaprotos wpa2 up
inet 192.168.44.2 255.255.255.0 192.168.44.255 inet6 eui64
up
vlan 7 vlandev re1 upTelekom VDSL expect the PPPoE session in VLAN 7, so we must create this.
search fritz.box nameserver 217.237.148.70 nameserver 217.237.150.115 nameserver 2003:180:2:1000::53 nameserver 2003:180:2:5000::53
net.inet.ip.forwarding=1 net.inet6.ip6.forwarding=1
dhcpd_flags=re0 rum0 rtadvd_flags=re0 rum0 dhcp6c_flags=pppoe0
rum0:\ :rdnss="2003:180:2:1000::53,2003:180:2:5000::53":\ :raflags#64: re0:\ :rdnss="2003:180:2:1000::53,2003:180:2:5000::53":\ :raflags#64:My Windows 7 box only accepted the RA with prefix length /64, everything else like a /60 is ignored.
interface pppoe0 { send ia-pd 0; send domain-name-servers; send rapid-commit; }; id-assoc pd { prefix-interface rum0 { sla-id 0; sla-len 8; }; prefix-interface re0 { sla-id 4; sla-len 8; }; };Here too, sla-len 8 mean that a /64 prefix is announced.
#!/bin/sh daemon="/usr/local/sbin/dhcp6c" . /etc/rc.d/rc.subr rc_reload=NO rc_check() { kill -0 $(cat /var/run/dhcp6c.pid) } rc_stop() { kill -TERM $( cat /var/run/dhcp6c.pid rm -f /var/run/dhcp6c.pid 2> /dev/null > /dev/null ) } rc_cmd $1
chmod 500 /etc/rc.d/dhcp6c
option domain-name "fritz.box"; option domain-name-servers 217.237.148.70, 217.237.150.115; default-lease-time 43200; max-lease-time 86400; subnet 10.0.0.0 netmask 255.255.255.0 { option routers 10.0.0.1; range 10.0.0.10 10.0.0.20; } subnet 192.168.44.0 netmask 255.255.255.0 { option routers 192.168.44.2; range 192.168.44.50 192.168.44.254; }
set skip on lo match in all scrub (no-df random-id) match on pppoe0 scrub (max-mss 1440) match out on egress inet from !(egress:network) to any nat-to (egress:0) # RFC 4890, section 4.4 pass quick inet6 proto icmp6 to { (self) ff02::/16 } icmp6-type \ { 133 143 135 136 141 142 130 131 132 143 148 149 151 152 153 } # RFC 4890, section 4.3 pass quick inet6 proto icmp6 icmp6-type { 1 2 3 4 128 129 144 145 146 147 } # DHCPv6 client: receive responses to IA_PD requests pass quick inet6 proto udp to (self) port dhcpv6-client # Pass all outbound IPv6 traffic pass out quick inet6 from { (self) (rum0:network) } pass out quick inet6 from { (self) (re0:network) } block return # block stateless traffic pass # establish keep-state # By default, do not permit remote connections to X11 block return in on ! lo0 proto tcp to port 6000:6010
zurück zur OpenBSD-Übersicht
Letzte Aktualisierung dieser Seite: 22. Mai 2017