Here’s how to create a site-to-site VPN between StrongSwan and SonicWall. This has been tested with Ubuntu 14.04 and StrongSwan 5.1.2, and SonicWall with SonicOS 5.9 at the other end. Continue reading VPN between StrongSwan and SonicWall
If an IPv6 address is unreachable, but you can reach the IPv4 one, you can set the preference to IPv4 for that particular address by adding a line such as this in /etc/gai.conf:
precedence ::ffff:184.108.40.206/128 100
That will set the preference for host 220.127.116.11 to IPv4.
See gai.conf(5) for details.
Unlike IPv4, which uses DHCP for configuration, IPv6 uses the Neighbor Discovery Protocol to configure addresses and gateways. Unfortunately, originally the protocol had no means of providing addresses of DNS servers to clients, making it necessary to use DHCPv6 for that purpose. Modern Linux and Mac OS X machines are able to use the IPv6 Router Advertisement Options for DNS Configuration (RFC 6106), but to my knowledge, Windows clients are not able at the moment. Here’s how to configure a Linux router using radvd and the ISC DHCP daemon. Continue reading Linux IPv6 Router: RADVD + DHCPv6
Here are simple instructions on how to configure network interface bonding on Red Hat based distros. The thing I always forget. There’s also a little script which will create a bonding interface bond0 between eth0 and eth1 and migrate existing IP settings from eth0. You can find it in the bottom of this post.
Continue reading NIC bonding with Red Hat/CentOS
Here’s how to make dynamic IPv6 routing work between a Cisco IOS router and an OpenWRT Linux Quagga router. I couldn’t find a similar howto anywhere, so I decided to write my own.
I am using OpenWRT Kamikaze 7.09 (kernel 2.4) on an ASUS WL-500gP wireless router. Any IPv6 enabled Cisco router should do.
I assume you have already installed the IPV6 kernel modules and userland tools, and set up static addresses for your interfaces (if you haven’t check out the OpenWRT IPv6 Howto).
I am using SixXS for tunneling an IPv6 /48 prefix over IPv4. Continue reading Dynamic IPv6 routing with Cisco IOS and Quagga on OpenWRT
Network interfaces can be bonded to provide fault-tolerant operation. Here’s how to do it in Ubuntu. I will assume the interfaces to be bonded are eth0 and eth1.
A backup server was saturating the DSL links of remote offices every time the backups were running. To prevent this, I had to limit the incoming bandwidth of the TCP-connections that were used to back up the remote hosts, but not touch the ones that were used to connect to the servers in the local network. Here’s how to do it.
I had a chance to configure an HP ProCurve 4208vl switch the other day. The first impression was that the command line interface is heavily influenced by, if not directly copied from, the Cisco IOS command line interface. So if you have experience with IOS, you will probably feel almost at home on an HP switch. There are some differences, though.
The first thing I wanted to do was to enable ssh access and authentication, and disable telnet. Here’s a quick howto.
When my Linux firewall box died a couple of months ago, I finally decided to by a Cisco router for my Internet connection. Before the Linux box I had an OpenBSD firewall, and I decided it was time to learn yet another platform.