> On Jul 11, 2018, at 1:14 PM, Sam Nicholson <sam...@ogt11.com> wrote:
>
> What's the (an) accepted way of making an ipv6-to-4 tunnel persist across
> reboots?
> This config works for me:
>
> ifconfig ip.tun0 inet6 plumb
> ifconfig ip.tun0 inet6 tsrc ${myIPV4) tdst ${remoteIPV4) up
> ifconfig ip.tun0 inet6 addif $(myIPV6) ${remoteIPV6) up
> route add -inet6 default ${remoteIPV6)
>
>
> I can create a local service, surely, and call the above from a script.
Yeah. I do this (/etc/rc3.d/S99ipsec) for IPsec tunnels I maintain one some
SmartOS instances. SmartOS zones don't keep dladm persistent state.
[root@danmcd-ipsec0 ~]# more /etc/rc3.d/S99ipsec
# KEBE SAYS do horrible hacks here.
# Plumb the tunnels, as SmartOS doesn't help here at all.
dladm create-iptun -t -T ipv4 -a local=A.B.C.D -a remote=w.x.y.z kebetun0
ifconfig kebetun0 plumb `cat /etc/hostname.kebetun0` up
dladm create-iptun -t -T ipv4 -a local=A.B.C.D -a remote=a.b.c.d jpctun0
ifconfig jpctun0 plumb `cat /etc/hostname.jpctun0` up
# Then, make net0 able to forward packets.
ifconfig net0 router
# Establish routing, because the SmartOS networking won't let you.
route add E.F.G.0/24 E.F.G.1
route add H.I.J.0/24 H.I.J.1
# Next, get IPsec and IKE to initiate, since we're behind the NAT here.
#ping -n E.F.G.1
/opt/kebe/sbin/refresh-ipsec
[root@danmcd-ipsec0 ~]#
Dan
-------------------------------------------
smartos-discuss
Archives: https://www.listbox.com/member/archive/184463/=now
Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125
Powered by Listbox: https://www.listbox.com
