Network setup stumbling block

Issues related to configuring your network
Post Reply
cmpsalvestrini
Posts: 5
Joined: 2018/11/18 18:47:32

Network setup stumbling block

Post by cmpsalvestrini » 2018/11/18 19:25:32

Right I'll try and be as concise as I can.

I have a 2-port NIC on my CentOS 7 box, which I intend to deploy as gateway/firewall for my home network. The NIC ports in my system are called enp2s0f0 and enp2s0f1.

My goal is to achieve IPv6 connectivity at enp2s0f1 so it serves both of my dual stack LANs, and Internet access is handed down from enp2s0f0. My ISP is serving me a /56 prefix (2001:818:d9d9:ba00/56) for me to play with, so I have done the following:

* Enabled IPv4 forwarding
* Enabled ipv6 forwarding
* Set enp2s0f0 to a static IPv4 and self-configured IPv6, and serve a Class C IPv4 DHCP spread (192.168.0.0/24) with dhcpd. I need to do this because I have IPTV boxes that need to work with DHCP and the ISP's router, and since I don't particularly trust my ISP's router I'd rather have my server do it instead of a little black box with unknown memory and capabilities.
* Set enp2s0f1 to static IPv4 address(172.16.0.0/16) and IPv6 (2001:818:d9d9:ba01::1/64.)
* Set DHCPv4 server to spread a Class B IPv4 spread and DHCPv6-PD (I want to deploy an Unifi USG PRO and since it appears that it prefers to work with DHCP-PD, and since my ISP doesn't serve up DHCPv6-PD, I have to do it myself).

The dhcpd configuration is as follows:

Code: Select all

option domain-name "amc202d.net";
default-lease-time 600;
max-lease-time 7200;
ddns-update-style none;
authoritative;
log-facility local7;

subnet 192.168.0.0 netmask 255.255.255.0 {
	authoritative;
	interface enp2s0f0;
	range 192.168.0.11 192.168.0.249;
	option domain-name-servers 192.168.0.1, 1.1.1.1;
	option routers 192.168.0.1;	

	host UniFi-CloudKey {
		hardware ethernet fe:ec:da:04:f9:a2;
		fixed-address 192.168.0.2;
	}

	host sw1 {
		hardware ethernet 78:8a:20:bf:1f:ce;
		fixed-address 192.168.0.3;
	}


	host sw2 {
		hardware ethernet fc:ec:da:05:20:68;
		fixed-address 192.168.0.4;
	}

	host ap1 {
		hardware ethernet fc:ec:da:a0:66:fb;
		fixed-address 192.168.0.5;
	}

	host ap2 {
	        hardware ethernet fc:ec:da:a0:68:2e;
	        fixed-address 192.168.0.6;
	} 

	host ap3 {
	        hardware ethernet fc:ec:da:a0:6b:aa;
	        fixed-address 192.168.0.7;
	}


	host athenea {
		hardware ethernet 24:5e:be:1e:8b:45;
		fixed-address 192.168.0.253;
	}


	host c410 {
		hardware ethernet 30:cd:a7:99:2d:73;
		fixed-address 192.168.0.250;
	}

}

subnet 172.16.0.0 netmask 255.255.0.0 {
	authoritative;
	interface enp2s0f1;
	range 172.16.0.10 172.16.255.224;
	option domain-name-servers 192.168.0.1 , 1.1.1.1;
	option routers 172.16.0.1;
	}
The dhcpd6 configurations is as follows:

Code: Select all

allow leasequery;
option dhcp6.name-servers 2001:818:d9d9:ba00::1, 2606:4700:4700::1111;
option dhcp6.domain-search "amc202d.net";
option dhcp6.rapid-commit;
option dhcp6.info-refresh-time 21600;
dhcpv6-lease-file-name "/var/lib/dhcpd/dhcpd6.leases";

subnet6 2001:818:d9d9:ba00::/56 {
	range6 2001:818:d9d9:ba00::2 2001:818:d9d9:ba0f::2fff;
	prefix6 2001:818:d9d9:ba30::  2001:818:d9d9:ba3f:: / 64;
}
* Set radvd as follows:

Code: Select all

interface enp2s0f0 
{
	AdvSendAdvert on;
	MinRtrAdvInterval 60;
	MaxRtrAdvInterval 180;
	AdvManagedFlag on;
	AdvOtherConfigFlag on;
	prefix 2001:818:d9d9:ba00::/64
	{
		AdvOnLink on;
		AdvAutonomous on;
	};
	route fe80::1/64 {};
};

interface enp2s0f1
{
	AdvSendAdvert on;
	MinRtrAdvInterval 60;
	MaxRtrAdvInterval 180;
	AdvManagedFlag on;
	AdvOtherConfigFlag on;
	prefix 2001:818:d9d9:ba01::/64 
	{
		AdvOnLink on;
		AdvAutonomous on;
	};
	route fe80::1/64 {};
};
network port configuration is as follows:

ifcfg-enp2s0f0

Code: Select all

IPV6_DEFAULTGW=fe80::1
GATEWAY=192.168.0.1
DNS5=2606:4700:4700::1111
PEERDNS=no
IPV6INIT=yes
BROWSER_ONLY=no
DNS3=1.1.1.1
DNS2=192.168.0.1
PROXY_METHOD=none
DNS4=2001:818:d9d9:ba00::1
DNS1=192.168.0.254
UUID=89748339-413e-4992-be9f-afc346ec4863
IPV6_DOMAIN=amc202d.net
IPV6_ADDR_GEN_MODE=stable-privacy
BOOTPROTO=none
NAME=enp2s0f0
IPV6_PRIVACY=no
TYPE=Ethernet
IPV6_FAILURE_FATAL=no
PREFIX=24
DEVICE=enp2s0f0
IPV6_AUTOCONF=no
IPV6_DEFROUTE=yes
IPV6ADDR=2001:818:d9d9:ba00::1000/64
IPADDR=192.168.0.254
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
DOMAIN=amc202d.net
ONBOOT=yes
ZONE=public
ifcfg-enp2s0f1

Code: Select all

GATEWAY=172.16.0.1
DNS5=2606:4700:4700::1111
IPV6INIT=yes
BROWSER_ONLY=no
DNS3=1.1.1.1
DNS2=192.168.0.1
PROXY_METHOD=none
DNS4=2001:818:d9d9:ba00::1
DNS1=192.168.0.254
UUID=ec2ffe9b-bb68-40ce-a369-4dbdb8a68e75
IPV6_DOMAIN=amc202d.net
IPV6_ADDR_GEN_MODE=stable-privacy
BOOTPROTO=none
NAME=enp2s0f1
IPV6_PRIVACY=no
TYPE=Ethernet
IPV6_FAILURE_FATAL=no
DEVICE=enp2s0f1
PREFIX=16
IPV6_AUTOCONF=no
IPV6_DEFROUTE=yes
DEFROUTE=yes
IPADDR=172.16.0.1
IPV4_FAILURE_FATAL=no
DOMAIN=amc202d.net
ONBOOT=yes
ZONE=public
IPV6ADDR=2001:818:d9d9:ba01::1/64
Results:

When I ping6 from a computer from the "internal" net I get 100% packet loss. Ping4 works like a charm.

I feel that there is a routing issue here, that or it's me being a dolt and missing something. I would appreciate any help / advice.

TIA for any assistance.
Top
cmpsalvestrini
Posts: 5
Joined: 2018/11/18 18:47:32

Re: Network setup stumbling block

Post by cmpsalvestrini » 2018/11/20 11:34:49

Bump
Top
Post Reply

Return to “CentOS 7 - Networking Support”