Actions
Administration #13
closed
TU
TU
Administration #292: Migration auf Babel
DNS auf web.md.freifunk.net umziehen
Administration #13:
DNS auf web.md.freifunk.net umziehen
Start date:
2019-06-29
Due date:
% Done:
100%
Estimated time:
Description
- Einrichtung als Docker-Container auf web.md.freifunk.net mit Adresse fda9:26e:5805:bab1::53:ff
- Forwarders auf https://github.com/christf/docker-dns64/blob/master/docker-entry.sh anpassen
TU Updated by tux about 6 years ago
- % Done changed from 0 to 20
TU Updated by tux almost 6 years ago
- Parent task set to #292
TU Updated by tux almost 6 years ago
Image wurde getestet und funttioniert, wenn man es korrekt aufruft …
TU Updated by tux almost 6 years ago
- Status changed from New to In Progress
TU Updated by tux over 5 years ago
- Description updated (diff)
TU Updated by tux over 5 years ago
- Description updated (diff)
TU Updated by tux over 5 years ago
- Description updated (diff)
TU Updated by tux over 5 years ago
- Follows Administration #307: neue web-VM anlegen added
TU Updated by tux over 5 years ago
- Follows deleted (Administration #307: neue web-VM anlegen)
TU Updated by tux over 5 years ago
- Follows Administration #470: Docker-Installation IPv6-fähig machen added
TU Updated by tux over 5 years ago
- Description updated (diff)
TU Updated by tux over 5 years ago
https://www.puzzle.ch/de/blog/articles/2017/06/13/docker-container-mit-ipv6-anbinden
docker network create --driver=bridge --subnet=fda9:26e:5805:bab1::0/64 ffmd
docker run -d --restart always -p 53:53/tcp -p 53:53/udp --network ffmd --ip6 fda9:26e:5805:bab1::53:ff --name bind9-ffmd ffmd/bind9-ffmd
TU Updated by tux over 5 years ago
- Follows Administration #398: web.md.freifunk.net in das Babel-Netz einbinden added
TU Updated by tux over 5 years ago
- % Done changed from 20 to 30
TU Updated by tux over 5 years ago
- Blocks Administration #303: Firmware bereitstellen added
TU Updated by tux over 5 years ago
- Subject changed from DNS auf web1 umziehen to DNS auf web.md.freifunk.net umziehen
TU Updated by tux over 5 years ago
Adresse des web.md ist da9:26e:5805:bab1:aaaa::6
TU Updated by tux over 5 years ago
- Follows deleted (Administration #470: Docker-Installation IPv6-fähig machen)
TU Updated by tux over 5 years ago
docker network create --driver=bridge --subnet=fda9:26e:5805:bab1:d0c::/64 ffmd
docker run -d --restart always --ip6 fda9:26e:5805:bab1:d0c::6:1 --network ffmd --name bind9-ffmd ffmd/bind9-ffmd
TU Updated by tux over 5 years ago
Folgendes legt einen passenden Docker-Container an:
fda9:26e:5805:bab1:aeb::1/64
DOCKER_OPTS="--dns 9.9.9.9 --dns 8.8.4.4 --ipv6 --fixed-cidr-v6='fda9:26e:5805:bab1::/64'"
ip -6 route add fda9:26e:5805:bab1:aeb:d0c0::/96 dev docker0
sysctl net.ipv6.conf.default.forwarding=1
sysctl net.ipv6.conf.all.forwarding=1
systemctl restart docker
docker network create --driver=bridge --ipv6 --subnet=fda9:26e:5805:bab1:aeb:d0c0::/96 doc0
docker run -d --restart always --ip6 fda9:26e:5805:bab1:aeb:d0c0::53 --network doc0 --name bind9-ffmd ffmd/bind9-ffmd
TU Updated by tux over 5 years ago
- % Done changed from 30 to 80
TU Updated by tux over 5 years ago
Offenbar ist nur folgendes notwendig:
docker network create --driver=bridge --ipv6 --subnet=fda9:26e:5805:bab1:aeb:d0c0::/96 doc0
docker run -d --restart always --ip6 fda9:26e:5805:bab1:aeb:d0c0::53 --network doc0 --name bind9-ffmd ffmd/bind9-ffmd
Docker richtet die Route und das Forwarding selbständig ein.
Folgendes geht dann auf dem Host:
dig @fda9:26e:5805:bab1:aeb:d0c0::53 -t AAAA stable-babel.updates.firmware.ffmd
TU Updated by tux over 5 years ago
ip6tables -t nat -A PREROUTING -d fda9:26e:5805:bab1:53::1 -j DNAT --to-destination fda9:26e:5805:bab1:aeb:d0c0::53
ip6tables -t nat -A OUTPUT -d fda9:26e:5805:bab1:53::1 -j DNAT --to-destination fda9:26e:5805:bab1:aeb:d0c0::53
ip6tables -A FORWARD -d fda9:26e:5805:bab1:53::1 -j ACCEPT
für z.B. gw01:
ip -6 r a fda9:26e:5805:bab1:53::1 via fd43:c813:cf00:5ed5::6 t local
TU Updated by tux over 5 years ago
- % Done changed from 80 to 90
Der Container ist angelegt, Firewallregeln sind aktiv.
Dokumentation: https://www.netz39.de/wiki/freifunk:server:web#dns
Die Korrektheit von ip6tables -A FORWARD -d fda9:26e:5805:bab1:53::1 -j ACCEPT muss noch einmal untersucht werden.
Es wurden noch keine Routing-Regeln angelegt.
TU Updated by tux over 5 years ago
Remote-Aufrufe funktionieren nicht (hatten wir schon mal gelöst ...)
TU Updated by tux over 5 years ago
- Status changed from In Progress to Done
- % Done changed from 90 to 100
Dokumentation: https://www.netz39.de/wiki/freifunk:server:web#dns
Actions