IPv6

Anycast IPv6 - YourSelf

How to Build your own AnyCast Network you’re using anycast every day. all public resolvers (1.1.1.1, 8.8.8.8, 9.9.9.9) for example are anycast ip’s and hence, many servers distributed around the world which listen and announce the same ip address. we can build a proof of concept, how to build such a network, for a few $. Requirements AS Number Anycast heavily depends on BGP. So, you need a own AS Number.

Docker - IPv6

got Docker running with Traefik as ingress Loadbalancer ? Just enable IPv6 like this. daemon.json cat << EOF > /etc/docker/daemon.json { "ipv6": true, "fixed-cidr-v6": "2001:db8:1::/64" } EOF Restart Services systemctl reload docker Check Netstat # netstat -tulpen |grep docker tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 0 15788 977/docker-proxy tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 0 17495 952/docker-proxy tcp6 0 0 :::80 :::* LISTEN 0 15791 984/docker-proxy tcp6 0 0 :::443 :::* LISTEN 0 15773 963/docker-proxy Any Comments ?

IPv6 Reverse DNS

IPv6 is fun, if you know how to handle it ! As a “sponsor LIR”, i got my own AS and a small /44 IP Space. So, as we all do “forward” DNS with our Domains, i’d like to have Reverse DNS as well. And as i don’t have a legacy IP Range, i like todo it with my v6 Space. Special thanks to Christian for his remote Hands/Tips. Appreciate it!

Regex IPv4 & IPv6

Regex is cool. But have you ever tried to grep IPv4 / IPv6 Adresses from a File or extract from a bunch of data ? Did you use Google Search and found lot of Links, Tip’s and Examples ? And non of them worked well ? I can highly recommend CyberChef for stuff like that … https://gchq.github.io/CyberChef/ Regex from CyberChef If you wanna use Regex in your own Scripts, here is a little Extract from Cyberchef.

Wireguard with Public IP behind NAT

… or how to host a Dualstacked Public Website behind a IPv4 NAT Box without Reverse Proxy, Portforwarding and other ugly stuff … inspired by the following Post, i started a little project and redesigned the connectifity for my Hamster’s Webserver :) i wrote a mail to the guys from tetaneutral.net and asked them for the wireguard vpn service with public ipv4/ipv6 adresses for my server. as i didn’t get any feedback, i had to implement the “Server” on my own.

Smokeping Debian Nginx

Smokeping in 5min, with Dual Stack on Nginx All in one Installer Run it at your own risk … wget https://blog.stoege.net/scripts/smokeping_debian3.sh chmod 700 smokeping_debian3.sh ./smokeping_debian3.sh or Setup by Hand Install Packages apt-get install borgbackup curl echoping fcgiwrap fping hping3 htop lynx mlocate mtr nginx rsync smokeping tmate tree tshark unzip vim vnstat wget zip Configure Nginx export MYSITENAME="smokeping.planet.world" wget "https://github.com/vazhnov/smokeping_nginx/raw/master/best.conf" sed -i -- s/smokeping\.example\.com/${MYSITENAME}/g best.conf chown root: best.conf mv best.conf /etc/nginx/sites-available/${MYSITENAME}.

Smokeping with IPv4 / IPv6

How to install Smokeping on Debian in 5 Minutes with Dualstack, IPv4 and IPv6 All in one Installer Run it at your own risk … wget https://blog.stoege.net/scripts/smokeping_debian2.sh chmod 700 smokeping_debian2.sh ./smokeping_debian2.sh or Setup by Hand Set Hostname root@smokeping:~# cat /etc/hostname smokeping.planet Install Packages apt-get install apache2 borgbackup curl echoping fping hping3 htop ipcalc jq lftp lynx mlocate mtr nmap pwgen rsync sipcalc smokeping tmate tree tshark unzip vim vnstat wget zip Enable Smokeping in Apache cd /etc/apache2/conf-enabled ln -s .

Gluerecords

https://serverfault.com/questions/142344/how-to-test-dns-glue-record Check GlueRecords host:~ $ dig +short ch. NS c.nic.ch. a.nic.ch. h.nic.ch. f.nic.ch. g.nic.ch. b.nic.ch. e.nic.ch. host:~ $ dig +norec @a.nic.ch. noflow.ch. NS ; <<>> DiG 9.10.6 <<>> +norec @a.nic.ch. noflow.ch. NS ; (2 servers found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29211 ;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: 4 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;noflow.

Tunnel IPv4 over IPv6

let’s do the opposite. you have some ipv6 connectifity and need to transport ipv4 Host A (IPv6 only) root@hosta ~# ifconfig vio0 vio0: flags=208843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,AUTOCONF6> mtu 1500 lladdr 56:00:02:e7:9d:e5 index 1 priority 0 llprio 3 groups: egress media: Ethernet autoselect status: active inet6 fe80::5400:2ff:fee7:9de5%vio0 prefixlen 64 scopeid 0x1 inet6 2a05:f480:1400:7b6:a9e0:6a15:217:cc5c prefixlen 64 autoconf pltime 604627 vltime 2591827 inet6 2a05:f480:1400:7b6:446d:acb7:5fe4:450f prefixlen 64 autoconf autoconfprivacy pltime 86046 vltime 172537 root@hosta ~# i3 IPv4: !

Tunnel IPv6 over IPv4

let’s assume you need ipv6 connectifity somewhere … You can use some Tunnelbrokers or your run OpenBSD on your Boxes and want todo it on your own. Here some hints. Server with DualStack you need a Maschine out in the Internet which is DualStacked stoege@dualstack$ i3 IPv4: 11.22.33.44 IPv6: 2001:db8:100::100 Host with IPv4 only stoege@ipv4 host ~# i3 IPv4: 55.66.77.88 IPv6: !NETWORK and you want to bring IPv4 to the second host