Last active
July 31, 2022 02:32
-
-
Save larstobi/a9e0aecf3ed0cc3c452139bf123140d3 to your computer and use it in GitHub Desktop.
IPv6 Rapid Deployment for Altibox
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/vbash | |
# https://sosdg.org/edgerouter/6rd | |
# https://community.ubnt.com/t5/EdgeMAX/Edgerouter-Lite-on-Centurylink-1-Gbit-fiber/td-p/1124318/page/2 | |
export SBIN="/opt/vyatta/sbin/my_" | |
export DESCRIPTION="Altibox IPv6 6rd tunnel" | |
export WAN_DEV="eth2" | |
export LAN_DEV="eth1" | |
export TUN_DEV="tun0" | |
export WAN_6_PREFIX_LEN="64" | |
# These settings are specific to your ISP | |
export IP6_6RD_PREFIX="2a01:79c::" | |
export IP6_6RD_PREFIX_LEN="30" | |
export IP6_6RD_ROUTER="213.167.115.92" | |
export IP6_NAMESERVERS="2a01:798:0:8012::4" | |
# Cloudflare: 2606:4700:4700::1111,1001 | |
get_ip4() | |
{ | |
IP4=$(ip -4 -o addr list "$1" | awk '{print $4}' | cut -d/ -f1) | |
echo "IPv4 address we got is: $IP4" | |
if [ -z "$IP4" ]; then | |
echo "Unable to determine IPv4 address" | |
exit 2 | |
fi | |
echo "$IP4" | |
} | |
get_ip6() | |
{ | |
ip -6 -o addr show up "$1" | \ | |
grep $IP6_6RD_PREFIX | grep -v fe80 | \ | |
awk '{print $4}' | cut -f1 -d/ | head -n1 | |
} | |
get_derived_ip6() | |
{ | |
# shellcheck disable=2046 | |
echo DERIVED $IP6_6RD_PREFIX | |
echo DERIVED 2nd $1 | |
echo printf "$IP6_6RD_PREFIX:%02x:%02x%02x:%02x00::1\n" $(echo "$1" | tr . ' ') | |
printf "$IP6_6RD_PREFIX:%02x:%02x%02x:%02x00::1\n" $(echo "$1" | tr . ' ') | |
} | |
apply_config() | |
{ | |
if [ -n "$TUN_STATUS" ]; then | |
# delete the existing tunnel interface | |
${SBIN}delete interfaces tunnel $TUN_DEV | |
fi | |
${SBIN}set interfaces tunnel $TUN_DEV description "$DESCRIPTION" | |
${SBIN}set interfaces tunnel $TUN_DEV 6rd-prefix "${IP6_6RD_PREFIX}/${IP6_6RD_PREFIX_LEN}" | |
${SBIN}set interfaces tunnel $TUN_DEV 6rd-default-gw "::${IP6_6RD_ROUTER}" | |
${SBIN}set interfaces tunnel $TUN_DEV local-ip "$WAN_4_ADDR" | |
${SBIN}set interfaces tunnel $TUN_DEV encapsulation sit | |
${SBIN}set interfaces tunnel $TUN_DEV multicast disable | |
${SBIN}set interfaces tunnel $TUN_DEV ttl 255 | |
${SBIN}set interfaces tunnel $TUN_DEV mtu 1472 | |
${SBIN}set interfaces tunnel $TUN_DEV firewall in ipv6-name WANv6_IN | |
${SBIN}set interfaces tunnel $TUN_DEV firewall local ipv6-name WANv6_LOCAL | |
${SBIN}set interfaces tunnel $TUN_DEV firewall out ipv6-name WANv6_OUT | |
${SBIN}set interfaces ethernet $LAN_DEV address ${WAN_6_NEW}/${WAN_6_PREFIX_LEN} | |
${SBIN}delete interfaces ethernet $LAN_DEV ipv6 | |
${SBIN}set interfaces ethernet $LAN_DEV ipv6 dup-addr-detect-transmits 1 | |
${SBIN}set interfaces ethernet $LAN_DEV ipv6 router-advert cur-hop-limit 64 | |
${SBIN}set interfaces ethernet $LAN_DEV ipv6 router-advert managed-flag false | |
${SBIN}set interfaces ethernet $LAN_DEV ipv6 router-advert max-interval 300 | |
${SBIN}set interfaces ethernet $LAN_DEV ipv6 router-advert other-config-flag false | |
${SBIN}set interfaces ethernet $LAN_DEV ipv6 router-advert prefix "${WAN_6_NEW}/${WAN_6_PREFIX_LEN}" autonomous-flag true | |
${SBIN}set interfaces ethernet $LAN_DEV ipv6 router-advert prefix "${WAN_6_NEW}/${WAN_6_PREFIX_LEN}" on-link-flag true | |
${SBIN}set interfaces ethernet $LAN_DEV ipv6 router-advert prefix "${WAN_6_NEW}/${WAN_6_PREFIX_LEN}" valid-lifetime 3600 | |
${SBIN}set interfaces ethernet $LAN_DEV ipv6 router-advert reachable-time 0 | |
${SBIN}set interfaces ethernet $LAN_DEV ipv6 router-advert retrans-timer 0 | |
${SBIN}set interfaces ethernet $LAN_DEV ipv6 router-advert send-advert true | |
for ns in $IP6_NAMESERVERS; | |
do | |
${SBIN}set interfaces ethernet $LAN_DEV ipv6 router-advert name-server "$ns" | |
done | |
} | |
if [ -n "$PPP_IFACE" ] && [ -n "$PPP_LOCAL" ]; then | |
# called by ppp-up script | |
WAN_DEV="" | |
else | |
WAN_4_ADDR=$(get_ip4 "$WAN_DEV") | |
echo "Found public IPv4 $WAN_4_ADDR on $WAN_DEV" | |
fi | |
# shellcheck disable=1091 | |
source /opt/vyatta/etc/functions/script-template | |
configure | |
TUN_STATUS=$(show interfaces tunnel "$TUN_DEV") | |
WAN_6_NEW=$(get_derived_ip6 "$WAN_4_ADDR") | |
if [ -n "$TUN_STATUS" ]; then | |
WAN_6_OLD=$(get_ip6 "$LAN_DEV") | |
if [ "$WAN_6_OLD" = "$WAN_6_NEW" ]; then | |
echo "Public IPv6 on $LAN_DEV unchanged: $WAN_6_OLD" | |
exit | |
fi | |
fi | |
if [ -n "$WAN_6_OLD" ]; then | |
echo "Updating IPv6 $WAN_6_OLD -> $WAN_6_NEW" | |
else | |
echo "Setting IPv6 $WAN_6_NEW" | |
fi | |
apply_config && commit && save | |
exit |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment