Project

General

Profile

Actions
Copy link

Administration #13

closed

Administration #292: Migration auf Babel

DNS auf web.md.freifunk.net umziehen

Added by tux over 5 years ago. Updated over 4 years ago.

Status:
Done
Priority:
Bald
Assignee:
tux
Category:
-
Start date:
2019-06-29
Due date:
% Done:

100%

Estimated time:

Description

Related issues 2 (1 open1 closed)

Blocks FFMD - Administration #303: Firmware bereitstellenNewfreifunk

Actions
Follows FFMD - Administration #398: web.md.freifunk.net in das Babel-Netz einbindenDoneklausdieter

Actions
Actions
Copy link
 #1

Updated by tux about 5 years ago

  • % Done changed from 0 to 20
Actions
Copy link
 #2

Updated by tux almost 5 years ago

  • Parent task set to #292
Actions
Copy link
 #3

Updated by tux over 4 years ago

Image wurde getestet und funttioniert, wenn man es korrekt aufruft …

Actions
Copy link
 #4

Updated by tux over 4 years ago

  • Status changed from New to In Progress
Actions
Copy link
 #5

Updated by tux over 4 years ago

  • Description updated (diff)
Actions
Copy link
 #6

Updated by tux over 4 years ago

  • Description updated (diff)
Actions
Copy link
 #7

Updated by tux over 4 years ago

  • Description updated (diff)
Actions
Copy link
 #8

Updated by tux over 4 years ago

Actions
Copy link
 #9

Updated by tux over 4 years ago

Actions
Copy link
 #10

Updated by tux over 4 years ago

Actions
Copy link
 #11

Updated by tux over 4 years ago

  • Description updated (diff)
Actions
Copy link
 #12

Updated by tux over 4 years ago

https://www.puzzle.ch/de/blog/articles/2017/06/13/docker-container-mit-ipv6-anbinden

docker network create --driver=bridge --subnet=fda9:26e:5805:bab1::0/64 ffmd
docker run -d --restart always -p 53:53/tcp -p 53:53/udp --network ffmd --ip6 fda9:26e:5805:bab1::53:ff --name bind9-ffmd ffmd/bind9-ffmd
Actions
Copy link
 #13

Updated by tux over 4 years ago

Actions
Copy link
 #14

Updated by tux over 4 years ago

  • % Done changed from 20 to 30
Actions
Copy link
 #15

Updated by tux over 4 years ago

Actions
Copy link
 #16

Updated by tux over 4 years ago

  • Subject changed from DNS auf web1 umziehen to DNS auf web.md.freifunk.net umziehen
Actions
Copy link
 #17

Updated by tux over 4 years ago

Adresse des web.md ist da9:26e:5805:bab1:aaaa::6

Actions
Copy link
 #18

Updated by tux over 4 years ago

Actions
Copy link
 #20

Updated by tux over 4 years ago 

docker network create --driver=bridge --subnet=fda9:26e:5805:bab1:d0c::/64 ffmd

docker run -d --restart always --ip6 fda9:26e:5805:bab1:d0c::6:1 --network ffmd --name bind9-ffmd ffmd/bind9-ffmd
Actions
Copy link
 #21

Updated by tux over 4 years ago

Folgendes legt einen passenden Docker-Container an:

fda9:26e:5805:bab1:aeb::1/64


DOCKER_OPTS="--dns 9.9.9.9 --dns 8.8.4.4 --ipv6 --fixed-cidr-v6='fda9:26e:5805:bab1::/64'"

ip -6 route add fda9:26e:5805:bab1:aeb:d0c0::/96 dev docker0

sysctl net.ipv6.conf.default.forwarding=1
sysctl net.ipv6.conf.all.forwarding=1

systemctl restart docker

docker network create --driver=bridge --ipv6 --subnet=fda9:26e:5805:bab1:aeb:d0c0::/96 doc0

docker run -d --restart always --ip6 fda9:26e:5805:bab1:aeb:d0c0::53 --network doc0 --name bind9-ffmd ffmd/bind9-ffmd
Actions
Copy link
 #22

Updated by tux over 4 years ago

  • % Done changed from 30 to 80
Actions
Copy link
 #23

Updated by tux over 4 years ago

Offenbar ist nur folgendes notwendig:

docker network create --driver=bridge --ipv6 --subnet=fda9:26e:5805:bab1:aeb:d0c0::/96 doc0

docker run -d --restart always --ip6 fda9:26e:5805:bab1:aeb:d0c0::53 --network doc0 --name bind9-ffmd ffmd/bind9-ffmd

Docker richtet die Route und das Forwarding selbständig ein.

Folgendes geht dann auf dem Host:

dig @fda9:26e:5805:bab1:aeb:d0c0::53 -t AAAA stable-babel.updates.firmware.ffmd
Actions
Copy link
 #24

Updated by tux over 4 years ago 

ip6tables -t nat -A PREROUTING  -d fda9:26e:5805:bab1:53::1 -j DNAT --to-destination fda9:26e:5805:bab1:aeb:d0c0::53

ip6tables -t nat -A OUTPUT -d fda9:26e:5805:bab1:53::1 -j DNAT --to-destination fda9:26e:5805:bab1:aeb:d0c0::53

ip6tables -A FORWARD -d fda9:26e:5805:bab1:53::1 -j ACCEPT

für z.B. gw01:

ip -6 r a fda9:26e:5805:bab1:53::1 via fd43:c813:cf00:5ed5::6 t local
Actions
Copy link
 #25

Updated by tux over 4 years ago

  • % Done changed from 80 to 90

Der Container ist angelegt, Firewallregeln sind aktiv.
Dokumentation: https://www.netz39.de/wiki/freifunk:server:web#dns

Die Korrektheit von ip6tables -A FORWARD -d fda9:26e:5805:bab1:53::1 -j ACCEPT muss noch einmal untersucht werden.

Es wurden noch keine Routing-Regeln angelegt.

Actions
Copy link
 #26

Updated by tux over 4 years ago

Remote-Aufrufe funktionieren nicht (hatten wir schon mal gelöst ...)

Actions
Copy link
 #27

Updated by tux over 4 years ago

  • Status changed from In Progress to Done
  • % Done changed from 90 to 100
Actions
Copy link

Also available in: Atom PDF