Created
April 29, 2016 22:16
-
-
Save dpino/76b0bf7f522bd0d2e442eca06ae9db76 to your computer and use it in GitHub Desktop.
Create Network Namespace with IPv6 connectivity via Hurricane Electric tunnel
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -x | |
| if [[ $EUID -ne 0 ]]; then | |
| echo "You must run this script as root." | |
| exit 1 | |
| fi | |
| VETH1_IPV6=fd00::1 | |
| VPEER1_IPV6=fd00::2 | |
| # Clean up. | |
| ip netns del ns-ipv6 &>/dev/null | |
| ip li del veth1 &> /dev/null | |
| # Create network namespace. | |
| ip netns add ns-ipv6 | |
| # Create veth pair. | |
| ip li add name veth1 type veth peer name vpeer1 | |
| # Setup veth1 (host). | |
| ip -6 addr add ${VETH1_IPV6}/64 dev veth1 | |
| ip li set dev veth1 up | |
| # Setup vpeer1 (network namespace). | |
| ip li set dev vpeer1 netns ns-ipv6 | |
| ip netns exec ns-ipv6 ip li set dev lo up | |
| ip netns exec ns-ipv6 ip -6 addr add ${VPEER1_IPV6}/64 dev vpeer1 | |
| ip netns exec ns-ipv6 ip li set vpeer1 up | |
| # Direct external traffic to VETH1 through VPEER1 (default gw). | |
| ip netns exec ns-ipv6 ip -6 route add default dev vpeer1 via ${VETH1_IPV6} | |
| # IP Forwarding. | |
| sysctl -w net.ipv6.conf.all.forwarding=1 | |
| # Source NAT (he-ipv6 is the name of the SIT tunnel). | |
| ip6tables -t nat --flush | |
| ip6tables -t nat -A POSTROUTING -o he-ipv6 -j MASQUERADE | |
| # Get into ns-ipv6. | |
| ip netns exec ns-ipv6 /bin/bash --rcfile <(echo "PS1=\"ns-ipv6> \"") |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment