- connect to two different ISPs
- number your network in non-unique space (RFC1918 gives you a list!)
- setup NAT (PAT) to each ISP
- setup defaults to each, with different metrics (floating routes)
- if your first choice ISP is failing, go pull the plug facing them and the floating routes do the rest
Well, no. It works just fine for IPv6 as well. It's just not standardized well...
I've been running my house for a while using this type of config that NATs both IPv4 and IPv6. It isn't standards compliant, but every host can reach the IPv4 and the IPv6 internet.
I've also thrown a recursing name server into the mix so you can seehost get their DNS setup via DHCP and via RA.
Have fun!
Here's my topology:
Here's a VyOS 1.4.3 config that should get you started if you want to try it out.
# The local LAN # RFC-1918 for IPv4 and an IPv6 ULA /64 set interfaces ethernet eth1 address '10.11.12.1/24' set interfaces ethernet eth1 address 'fd89:f9a4:7a42::1/64' set interfaces ethernet eth1 description 'Guest LAN' # # Upstream with a local ISP with static addresses set interfaces ethernet eth2 description 'Static IP WAN' set interfaces ethernet eth2 address '2001:db8::2/126' set interfaces ethernet eth2 address '192.0.2.138/29' # # upstream with Xfinity (dhcp, rather than SLAAC + DHCP-PD) set interfaces ethernet eth3 description 'Xfinity WAN' set interfaces ethernet eth3 address 'dhcp' set interfaces ethernet eth3 address 'dhcpv6' # # depref the IPv4 default route set interfaces ethernet eth3 dhcp-options default-route-distance '200' # # setup IPv4 Masquerade NAT set nat source rule 100 outbound-interface name 'eth3' set nat source rule 100 source address '10.11.12.0/24' set nat source rule 100 translation address 'masquerade' set nat source rule 101 outbound-interface name 'eth2' set nat source rule 101 source address '10.11.12.0/24' set nat source rule 101 translation address 'masquerade' # # setup IPv6 Masquerade NAT set nat66 source rule 100 outbound-interface name 'eth3' set nat66 source rule 100 source prefix 'fd89:f9a4:7a42::/64' set nat66 source rule 100 translation address 'masquerade' set nat66 source rule 101 outbound-interface name 'eth2' set nat66 source rule 101 source prefix 'fd89:f9a4:7a42::/64' set nat66 source rule 101 translation address 'masquerade' # # Ensure the IPv4 default route has a prefernce above that # on the DHCP derived route set protocols static route 0.0.0.0/0 next-hop 192.0.2.137 distance '100' # # Set default route preferences in IPv6 set protocols static route6 ::/0 interface eth3 distance '200' set protocols static route6 ::/0 next-hop 2001:db8::1 distance '100' # # setup caching DNS set service dns forwarding allow-from '10.11.12.0/24' set service dns forwarding allow-from 'fd89:f9a4:7a42::/48' set service dns forwarding allow-from '::1/128' set service dns forwarding allow-from '127.0.0.1/32' set service dns forwarding listen-address '110.11.12.1' set service dns forwarding listen-address 'fd89:f9a4:7a42::1' set service dns forwarding listen-address '::1' set service dns forwarding listen-address '127.0.0.1' # # Make sure SLAAC works set service router-advert interface eth1 dnssl 'arpa.home' set service router-advert interface eth1 name-server 'fd89:f9a4:7a42::1' set service router-advert interface eth1 prefix fd89:f9a4:7a42::/64 # # setup a DHCP service for IPv4 set service dhcp-server listen-address '10.11.12.1' set service dhcp-server shared-network-name Guest-IPv4 authoritative set service dhcp-server shared-network-name Guest-IPv4 name-server '10.11.12.1' set service dhcp-server shared-network-name Guest-IPv4 subnet 10.11.12.0/24 default-router '10.11.12.1' set service dhcp-server shared-network-name Guest-IPv4 subnet 10.11.12.0/24 domain-search 'home.arpa' set service dhcp-server shared-network-name Guest-IPv4 subnet 10.11.12.0/24 lease '3600' set service dhcp-server shared-network-name Guest-IPv4 subnet 10.11.12.0/24 range 0 start '10.11.12.101' set service dhcp-server shared-network-name Guest-IPv4 subnet 10.11.12.0/24 range 0 stop '10.11.12.200' # # setup home.arpa so it has at least one host set system static-host-mapping host-name router.home.arpa inet '10.11.12.1' set system static-host-mapping host-name router.home.arpa inet 'fd89:f9a4:7a42::1'
No comments:
Post a Comment