Tuesday, March 24, 2026

Where in the contract does it say you can't NAT IPv6?

Here's a quick and dirty way to multihome your house:

  • connect to two different ISPs
  • number your network in non-unique space (RFC1918 gives you a list!)
  • setup NAT (PAT) to each ISP
  • setup defaults to each, with different metrics (floating routes)
  • if your first choice ISP is failing, go pull the plug facing them and the floating routes do the rest
But that only works for IPv4 right?

Well, no. It works just fine for IPv6 as well. It's just not standardized well...


 
I've been running my house for a while using this type of config that NATs both IPv4 and IPv6.  It isn't standards compliant, but every host can reach the IPv4 and the IPv6 internet.

I've also thrown a recursing name server into the mix so you can seehost get their DNS setup via DHCP and via RA.

Have fun!

Here's my topology:

Here's a VyOS 1.4.3 config that should get you started if you want to try it out.






# The local LAN
# RFC-1918 for IPv4 and an IPv6 ULA /64
set interfaces ethernet eth1 address '10.11.12.1/24'
set interfaces ethernet eth1 address 'fd89:f9a4:7a42::1/64'
set interfaces ethernet eth1 description 'Guest LAN'

#
# Upstream with a local ISP with static addresses
set interfaces ethernet eth2 description 'Static IP WAN'
set interfaces ethernet eth2 address '2001:db8::2/126'
set interfaces ethernet eth2 address '192.0.2.138/29'

#
# upstream with Xfinity (dhcp, rather than SLAAC + DHCP-PD)
set interfaces ethernet eth3 description 'Xfinity WAN'
set interfaces ethernet eth3 address 'dhcp'
set interfaces ethernet eth3 address 'dhcpv6'
#
#  depref the IPv4 default route
set interfaces ethernet eth3 dhcp-options default-route-distance '200'


#
# setup IPv4 Masquerade NAT
set nat source rule 100 outbound-interface name 'eth3'
set nat source rule 100 source address '10.11.12.0/24'
set nat source rule 100 translation address 'masquerade'
set nat source rule 101 outbound-interface name 'eth2'
set nat source rule 101 source address '10.11.12.0/24'
set nat source rule 101 translation address 'masquerade'


#
# setup IPv6 Masquerade NAT
set nat66 source rule 100 outbound-interface name 'eth3'
set nat66 source rule 100 source prefix 'fd89:f9a4:7a42::/64'
set nat66 source rule 100 translation address 'masquerade'
set nat66 source rule 101 outbound-interface name 'eth2'
set nat66 source rule 101 source prefix 'fd89:f9a4:7a42::/64'
set nat66 source rule 101 translation address 'masquerade'


#
# Ensure the IPv4 default route has a prefernce above that
# on the DHCP derived route
set protocols static route 0.0.0.0/0 next-hop 192.0.2.137 distance '100'


#
# Set default route preferences in IPv6
set protocols static route6 ::/0 interface eth3 distance '200'
set protocols static route6 ::/0 next-hop 2001:db8::1 distance '100'


#
# setup caching DNS
set service dns forwarding allow-from '10.11.12.0/24'
set service dns forwarding allow-from 'fd89:f9a4:7a42::/48'
set service dns forwarding allow-from '::1/128'
set service dns forwarding allow-from '127.0.0.1/32'

set service dns forwarding listen-address '110.11.12.1'
set service dns forwarding listen-address 'fd89:f9a4:7a42::1'
set service dns forwarding listen-address '::1'
set service dns forwarding listen-address '127.0.0.1'

#
# Make sure SLAAC works
set service router-advert interface eth1 dnssl 'arpa.home'
set service router-advert interface eth1 name-server 'fd89:f9a4:7a42::1'
set service router-advert interface eth1 prefix fd89:f9a4:7a42::/64

#
# setup a DHCP service for IPv4
set service dhcp-server listen-address '10.11.12.1'
set service dhcp-server shared-network-name Guest-IPv4 authoritative
set service dhcp-server shared-network-name Guest-IPv4 name-server '10.11.12.1'
set service dhcp-server shared-network-name Guest-IPv4 subnet 10.11.12.0/24 default-router '10.11.12.1'
set service dhcp-server shared-network-name Guest-IPv4 subnet 10.11.12.0/24 domain-search 'home.arpa'
set service dhcp-server shared-network-name Guest-IPv4 subnet 10.11.12.0/24 lease '3600'
set service dhcp-server shared-network-name Guest-IPv4 subnet 10.11.12.0/24 range 0 start '10.11.12.101'
set service dhcp-server shared-network-name Guest-IPv4 subnet 10.11.12.0/24 range 0 stop '10.11.12.200'

#
# setup home.arpa so it has at least one host
set system static-host-mapping host-name router.home.arpa inet '10.11.12.1'
set system static-host-mapping host-name router.home.arpa inet 'fd89:f9a4:7a42::1'
Posted by at No comments:

Saturday, February 28, 2026

There's a new Sheriff in Town -- How a sprinkler system helped me recognize the future

Ever since arduinos and other cheap microcontrollers have been available, I've thought about building a sprinkler system.  On a raspberry Pi it would be so simple:
  • build a schedule composed of CSVs: "day of week", "start time", and "stop time" as the only values
  • build a script to start/stop a zone by turning relays on/off
  • drive the whole thing via cron after parsing the CSV

The piece that kept me back was the schedule builder.  Simple schedules would be easy, but I kept finding other projects that would be rather complex.  What I really wanted was a week long calendar view with UI elements I could drag around and resize.

I've done enough programming to know this was a simple, but intricate job.  I could likely built it with some existing libraries, and a very small amount of logic.  Heck, it's been innumerable times in the past by lots of people.  I could likely find a implementation somewhere if I dedicated some time to it.

Since the existing system performed adequately, the time required to research, build, and test any such system simply wasn't worth it.

Today the idea hit me again, and I decided that I'd let some AI engines help me.  I gave three different readily available LLMs the following:

I want an app that runs completely within a web browser as a single HTML file. The goal is to use a graphic interface to produce a schedule for turning a sprinkler system on/off.

It should allow the graphical construction of a schedule, much like any calendaring program. Mimic google calendaring for UI ideas.

The display should show a week of days horizontally, and a gird of hours midight to midnight from top to bottom.

Blocks should be moveable -- both horizontally and vertically with a drag mouse movement

There should be a button that converts the current week into CSV with each line showing: day of week, time, action (start/stop)

The ability to import an existing CSV should exist too

Every one of them gave me a usable GUI within 3 minutes.  Click, drag, edit times, it all works.

We are in a very different world.

Posted by at No comments:
Subscribe to: Comments (Atom)