Some LXD containers on a hidden net, others on your lan

Back in November I wrote about Converting eth0 to br0 and getting all your LXC or LXD onto your LAN

It works, but you might not want ALL of your LXD on your LAN.

You’ll still need your LAN interface to be a br0 instead of a device that isn’t a bridge. Go follow the Bridge your interface section of that post to convert your eth0 to br0.

I’ve fully converted to using LXD. I don’t even remember if LXC supports profiles. I think it does, so I think the same idea could be applied to LXC, but I’m only showing this for LXD.

First, copy the default profile:

lxc profile copy default lanbridge

Second, edit the new profile to use br0 instead of lxdbr0:

lxc profile device set lanbridge eth0 parent br0

Third and finally, start instances with that profile:

lxc launch ubuntu-xenial -p lanbridge

In my case, this instance is on my local lan AND on public ipv6 space (thanks Comcast).

heritable-gale    | RUNNING | 192.168.15.172 (eth0) | 2601:400:8000:5ab3:216:3eff:fe73:d242 (eth0)

 

OpenWRT 10.03.1-rc2 and Comcast IPv6

After documenting the IPv6 goodness for the old kamikaze release of openwrt, I wanted to play with something a little newer. I also wanted newer iptables so I could play with the tee module.

Some notes:

  • Still no 6rd support on OpenWRT AFAIK
  • rc2 and rc3 are the same for the brcm-2.4 version of Openwrt 10.03.1
  • brcm4700 doesn’t work well at all with my WRT54GL. I think the open source broadcom drivers still aren’t as stable as the proprietary ones that ship with 2.4
  • nearly the same config scripts as the old kamikaze work

Once you flash the router with the firmware you will need to install some extra packages.

  1. opkg update
  2. opkg install ip kmod-ipv6 kmod-sit radvd
  3. paste this code into a new startup script at /etc/init.d/comcast6to4
  4. #!/bin/sh /etc/rc.common

    inetip=`ip -4 addr show dev eth0.1 | awk ‘/inet / {print $2}’ | cut -d/ -f 1`
    inetipspaced=`echo $inetip | tr . ‘ ‘`
    local6prefix=`printf 2002:%02x%02x:%02x%02x $inetipspaced`

    start() {
    ip tunnel add c6to4 mode sit ttl 255 remote any local $inetip
    ip link set c6to4 up
    ip -6 addr add $local6prefix:0::1/64 dev c6to4
    ip -6 addr add $local6prefix:1::1/64 dev br-lan
    ip -6 route add 2000::/3 via ::192.88.99.1 dev c6to4
    sysctl -w net.ipv6.conf.all.forwarding=1 > /dev/null
    cat > /etc/radvd.conf <<EOF
    interface br-lan
    {
    AdvSendAdvert on;
    MinRtrAdvInterval 3;
    MaxRtrAdvInterval 10;
    prefix $local6prefix:1::/64
    {
    AdvOnLink on;
    AdvAutonomous on;
    AdvRouterAddr on;
    AdvValidLifetime 86400;
    AdvPreferredLifetime 86400;
    };
    };
    EOF
    }

    stop() {
      ip tunnel del c6to4
      ip -6 addr del $local6prefix:1::1/64 dev br-lan
    }

  5. pushd /etc/rc.d ; ln –s ../init.d/comcast6to4 S42comcast6to4

Then be glad you have ipv6.

 

This will actually work for ANY provider which uses the standard IPv6 6to4 address of 192.88.99.1, not just Comcast.

Now if only Comcast would open back up their trial so I could join my work to the ipv6 network.

Comcast IPv6 on an old Kamikaze 8.09 Openwrt via 6to4

I’m an openwrt novice, but I know enough about linux and iptables to usually get done what I want. When Comcast announced they were trialing IPv6, I jumped at the opportunity to migration from my trusty Hurricane Electric tunnel to something more direct.

I’m running Kamikaze 8.09.1 brcm-2.4 on my Linksys WRT54GL these instructions probably won’t work elsewhere. I’m guessing that IPv6 is a little different in a 2.6 kernel with a new iptables. If you have very new stuff you should be using 6rd instead of 6to4.

I’m writing this because much of the information I found out there for 6to4 on Linux didn’t work for me, or was only partly correct and I had to piece together suggestions from different sources.

make a script in /etc/rc.d with this content. I called mine comcast6to4

inetip=`ip -4 addr show dev eth0.1 | awk ‘/inet / {print $2}’ | cut -d/ -f 1`
inetipspaced=`echo $inetip | tr . ‘ ‘`
local6prefix=`printf 2002:%02x%02x:%02x%02x $inetipspaced`
ip tunnel add c6to4 mode sit ttl 255 remote any local $inetip
ip link set c6to4 up
ip -6 addr add $local6prefix:0::1/64 dev c6to4
ip -6 addr add $local6prefix:1::1/64 dev br-lan
ip -6 route add 2000::/3 via ::192.88.99.1 dev c6to4

Make your /etc/radvd.conf look like this:

interface br-lan
{
AdvSendAdvert on;
MinRtrAdvInterval 3;
MaxRtrAdvInterval 10;
prefix $local6prefix:1::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr on;
AdvValidLifetime 86400;
AdvPreferredLifetime 86400;
};
};

That is it. I’m not going to explain it. Read the links below for all of that.

Sorry this isn’t a complete solution. You’ll have to fill in that $local6prefix in radvd.conf yourself.

Works Cited:

http://www.reddit.com/r/linux/comments/dbobx/

http://www.comcast6.net/

http://wiki.debian.org/DebianIPv6#IPv66to4Configuration

http://tldp.org/HOWTO/Linux+IPv6-HOWTO/configuring-ipv6to4-tunnels.html

http://en.wikipedia.org/wiki/6to4

http://www.dslreports.com/forum/r24972279-IPv6-via-6in4

http://www.anyweb.co.nz/tutorial/v6Linux6to4

I still like wired networks

I needed to archive 472MB of photos onto the home file server so that my wife could access them.

Over wifi, I got an estimate of 35minutes. Yes this is horribly slow, even for a 54Mbit “G” speed network.

So I plugged in the CAT5 cable, I disabled wifi on my laptop and I pressed refresh in windows explorer so that SMB2 was now talking on the wired network.

I performed the exact same drag and drop to copy the files and it was done in 5 seconds, almost faster than I could expand the Windows 7 copy dialog and see the transfer rate of > 50MBytes/second.