Linux policy based routing and lots of VPNs.
I am currently experimenting running an IPv6 only WLAN at work, so thought I'd try experimenting at home. Whereas at work we have a CSR1000v to perform the NAT64 and a separate Linux VM for DNS64, the config below details combining both functions on a Raspberry Pi (RPi). The topology looks like this: apt-get install... Continue Reading →
A recent issue with a Linux IPv6 firewall which saw on-link hosts appear to be flapping according to monitoring tools, highlighting a IPv6 ND table overflow problem. The short version of the solution required: net.ipv6.neigh.default.gc_thresh1 = 256 net.ipv6.neigh.default.gc_thresh2 = 1024 net.ipv6.neigh.default.gc_thresh3 = 2048 To keep an eye on the neighbor table I created a series... Continue Reading →