-
-
Save 0x6b7966/5362a73cdb2705d90b04710a9729dd70 to your computer and use it in GitHub Desktop.
Create Network Namespace with IPv6 connectivity via Hurricane Electric tunnel (no NAT66 needed)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -x | |
| if [[ $EUID -ne 0 ]]; then | |
| echo "You must run this script as root." | |
| exit 1 | |
| fi | |
| # Fill up IPv6 addresses for the veth pair. Addresses must belong to the | |
| # IPv6 block leased by Hurricane Electric. For instance: 2001:XXXX::101/64. | |
| VETH1_IPV6= # IPv6 address for the host side. | |
| VPEER1_IPV6= # IPv6 address for the network namespace side. | |
| # Clean up. | |
| ip netns del ns-ipv6 &>/dev/null | |
| ip li del veth1 &> /dev/null | |
| # Create network namespace. | |
| ip netns add ns-ipv6 | |
| # Create veth pair. | |
| ip li add name veth1 type veth peer name vpeer1 | |
| # Setup veth1 (host). | |
| ip -6 addr add ${VETH1_IPV6} dev veth1 | |
| ip -6 route add ${VPEER1_IPV6}/128 dev veth1 | |
| ip li set dev veth1 up | |
| # Setup vpeer1 (network namespace). | |
| ip li set dev vpeer1 netns ns-ipv6 | |
| ip netns exec ns-ipv6 ip li set dev lo up | |
| ip netns exec ns-ipv6 ip -6 addr add ${VPEER1_IPV6} dev vpeer1 | |
| ip netns exec ns-ipv6 ip -6 route add ${VETH1_IPV6}/128 dev vpeer1 | |
| ip netns exec ns-ipv6 ip li set vpeer1 up | |
| # Direct external traffic to VETH1 through VPEER1 (default gw). | |
| ip netns exec ns-ipv6 ip -6 route add default dev vpeer1 via ${VETH1_IPV6} | |
| # IP Forwarding. | |
| sysctl -w net.ipv6.conf.all.forwarding=1 | |
| # Get into ns-ipv6. | |
| ip netns exec ns-ipv6 /bin/bash --rcfile <(echo "PS1=\"ns-ipv6> \"") |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment