%20pero%20obtiene%20IP.png)
Tengo tres servidores que ahora también deberían tener conectividad IPv6 además de IPv4. Servidores:
- Pi4 (sistema operativo Raspberry Pi)
- Nextcloud (Debian 10; Nextcloud como complemento)
- Servidor de correo (Debian 10; mailcow como ventana acoplable, que también usa IPv6)
Están conectados directamente al firewall (pfSense actualizado) y residen en su propia subred/VLAN. Mi plan es usar DCHPv6 para poder darles una IP fija, desde donde puedo usar DNS y reglas de firewall. De mi ISP obtuve la subred /56 mediante ligación de prefijos y en mi red cada subred obtiene una parte /64 de esa. La configuración del servidor DHCP es la misma para todos los servidores y es la siguiente: RA-Advertisment -> Rango administrado -> de ::d:000 a ::d:ffff
Servidor 1. - Pi4: Obtiene la IP v6 deseada del firewall (entrada estática) -> xxxxxxx::d:1. Puede hacer ping al firewall y el firewall puede hacer ping al host.
$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether dc:a6:32:ba:a6:40 brd ff:ff:ff:ff:ff:ff
inet 192.168.7.2/24 brd 192.168.7.255 scope global dynamic noprefixroute eth0
valid_lft 5564sec preferred_lft 4664sec
inet6 2a02:8106:26:c207::d:1/128 scope global dynamic noprefixroute
valid_lft 6268sec preferred_lft 3568sec
inet6 2a02:8106:26:c207:4f5b:7339:9f6f:6b9e/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 86394sec preferred_lft 14394sec
inet6 fe80::3958:1364:8c6e:21ca/64 scope link
valid_lft forever preferred_lft forever
$ ip r
default via 192.168.7.1 dev eth0 proto dhcp src 192.168.7.2 metric 202
192.168.7.0/24 dev eth0 proto dhcp scope link src 192.168.7.2 metric 202
$ cat nano /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
# Please note that this file is written to be used with dhcpcd
# For static IP, consult /etc/dhcpcd.conf and 'man dhcpcd.conf'
# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d
Servidor 2. - Nextcloud: No obtiene la IP v6 deseada del firewall (entrada estática) -> xxxxxxx::d:1. No sé por qué, pero obtiene uno fuera del rango DHCP -> ::d:3066 sin la entrada estática. Puede hacer ping al firewall y el firewall puede hacer ping al host. Se puede acceder al servidor según se desee.
$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether d0:50:99:76:7d:6b brd ff:ff:ff:ff:ff:ff
inet 192.168.5.2/24 brd 192.168.5.255 scope global dynamic eth0
valid_lft 6796sec preferred_lft 6796sec
inet6 2a02:8106:26:c205::d:3066/128 scope global
valid_lft forever preferred_lft forever
inet6 fe80::d250:99ff:fe76:7d6b/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:44:56:66:5e brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:44ff:fe56:665e/64 scope link
valid_lft forever preferred_lft forever
5: veth16f1c55@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 76:f8:c2:66:64:c2 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::74f8:c2ff:fe66:64c2/64 scope link
valid_lft forever preferred_lft forever
7: veth624ab49@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether f2:88:68:74:9b:a7 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::f088:68ff:fe74:9ba7/64 scope link
valid_lft forever preferred_lft forever
$ ip r
default via 192.168.5.1 dev eth0
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1
192.168.5.0/24 dev eth0 proto kernel scope link src 192.168.5.2
$ cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug eth0
iface eth0 inet dhcp
# This is an autoconfigured IPv6 interface
iface eth0 inet6 dhcp
Servidor 3. - Mailcow: No obtiene la IP v6 deseada del firewall (entrada estática) -> xxxxxxx::d:1. No sé por qué, pero obtiene uno fuera del rango DHCP -> 2a02:8106:26:c206::d:1fd7 sin la entrada estática. No puedo hacer ping al firewall
$ ping 2a02:8106:26:c206:ec4:7aff:feac:791a
connect: network is not reachable
y el firewall no puede hacer ping al host. No se puede acceder al servidor en absoluto.
$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0b:ab:9c:b3:40 brd ff:ff:ff:ff:ff:ff
inet 192.168.6.2/24 brd 192.168.6.255 scope global dynamic enp0s25
valid_lft 6115sec preferred_lft 6115sec
inet6 2a02:8106:26:c206::d:1fd7/128 scope global
valid_lft forever preferred_lft forever
inet6 fe80::20b:abff:fe9c:b340/64 scope link
valid_lft forever preferred_lft forever
3: ens36: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether 00:0b:ab:9c:b3:41 brd ff:ff:ff:ff:ff:ff
4: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:86:52:78:26 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:86ff:fe52:7826/64 scope link
valid_lft forever preferred_lft forever
inet6 fe80::1/64 scope link
valid_lft forever preferred_lft forever
5: br-mailcow: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:98:71:e4:00 brd ff:ff:ff:ff:ff:ff
inet 172.22.1.1/24 brd 172.22.1.255 scope global br-mailcow
valid_lft forever preferred_lft forever
inet6 fe80::42:98ff:fe71:e400/64 scope link
valid_lft forever preferred_lft forever
inet6 fe80::1/64 scope link
valid_lft forever preferred_lft forever
7: veth9d1c8e9@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-mailcow state UP group default
link/ether 92:69:ae:5f:16:94 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::9069:aeff:fe5f:1694/64 scope link
valid_lft forever preferred_lft forever
9: veth8c82697@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether ea:dd:2f:06:a8:ac brd ff:ff:ff:ff:ff:ff link-netnsid 3
inet6 fe80::e8dd:2fff:fe06:a8ac/64 scope link
valid_lft forever preferred_lft forever
11: vethe900989@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-mailcow state UP group default
link/ether ee:45:28:e8:f8:65 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::ec45:28ff:fee8:f865/64 scope link
valid_lft forever preferred_lft forever
13: vethfca3d8a@if12: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-mailcow state UP group default
link/ether 72:0e:57:52:f6:8c brd ff:ff:ff:ff:ff:ff link-netnsid 2
inet6 fe80::700e:57ff:fe52:f68c/64 scope link
valid_lft forever preferred_lft forever
15: veth047f50f@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-mailcow state UP group default
link/ether 32:d4:40:15:0c:7f brd ff:ff:ff:ff:ff:ff link-netnsid 4
inet6 fe80::30d4:40ff:fe15:c7f/64 scope link
valid_lft forever preferred_lft forever
17: vethf6245fe@if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-mailcow state UP group default
link/ether 26:53:8b:26:c9:38 brd ff:ff:ff:ff:ff:ff link-netnsid 7
inet6 fe80::2453:8bff:fe26:c938/64 scope link
valid_lft forever preferred_lft forever
19: veth21a6fa3@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-mailcow state UP group default
link/ether 5a:a7:a7:e2:86:5b brd ff:ff:ff:ff:ff:ff link-netnsid 6
inet6 fe80::58a7:a7ff:fee2:865b/64 scope link
valid_lft forever preferred_lft forever
21: vethd2d1e06@if20: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-mailcow state UP group default
link/ether 8e:79:e5:0e:a6:f1 brd ff:ff:ff:ff:ff:ff link-netnsid 10
inet6 fe80::8c79:e5ff:fe0e:a6f1/64 scope link
valid_lft forever preferred_lft forever
23: vethc10d2bc@if22: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-mailcow state UP group default
link/ether 76:99:da:1d:cd:0e brd ff:ff:ff:ff:ff:ff link-netnsid 9
inet6 fe80::7499:daff:fe1d:cd0e/64 scope link
valid_lft forever preferred_lft forever
25: veth201bcfc@if24: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-mailcow state UP group default
link/ether 46:d4:93:82:4b:6b brd ff:ff:ff:ff:ff:ff link-netnsid 8
inet6 fe80::44d4:93ff:fe82:4b6b/64 scope link
valid_lft forever preferred_lft forever
27: vethad8e436@if26: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-mailcow state UP group default
link/ether da:24:e6:37:3a:8c brd ff:ff:ff:ff:ff:ff link-netnsid 5
inet6 fe80::d824:e6ff:fe37:3a8c/64 scope link
valid_lft forever preferred_lft forever
29: vethbaf78e4@if28: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-mailcow state UP group default
link/ether 9e:01:7b:70:9a:31 brd ff:ff:ff:ff:ff:ff link-netnsid 15
inet6 fe80::9c01:7bff:fe70:9a31/64 scope link
valid_lft forever preferred_lft forever
31: veth7eada94@if30: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-mailcow state UP group default
link/ether 2a:bd:24:d6:e9:8a brd ff:ff:ff:ff:ff:ff link-netnsid 13
inet6 fe80::28bd:24ff:fed6:e98a/64 scope link
valid_lft forever preferred_lft forever
33: vethd1e707c@if32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-mailcow state UP group default
link/ether 7a:71:37:59:58:43 brd ff:ff:ff:ff:ff:ff link-netnsid 16
inet6 fe80::7871:37ff:fe59:5843/64 scope link
valid_lft forever preferred_lft forever
35: veth6d78c43@if34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-mailcow state UP group default
link/ether 42:f1:b5:53:f5:5c brd ff:ff:ff:ff:ff:ff link-netnsid 14
inet6 fe80::40f1:b5ff:fe53:f55c/64 scope link
valid_lft forever preferred_lft forever
37: vethd1a9600@if36: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-mailcow state UP group default
link/ether 52:15:e7:eb:3e:ea brd ff:ff:ff:ff:ff:ff link-netnsid 11
inet6 fe80::5015:e7ff:feeb:3eea/64 scope link
valid_lft forever preferred_lft forever
39: veth621f244@if38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-mailcow state UP group default
link/ether 1e:af:a7:76:8e:c8 brd ff:ff:ff:ff:ff:ff link-netnsid 12
inet6 fe80::1caf:a7ff:fe76:8ec8/64 scope link
valid_lft forever preferred_lft forever
41: veth4284cea@if40: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-mailcow state UP group default
link/ether 32:ee:4d:9c:fb:6c brd ff:ff:ff:ff:ff:ff link-netnsid 17
inet6 fe80::30ee:4dff:fe9c:fb6c/64 scope link
valid_lft forever preferred_lft forever
$ ip r
default via 192.168.6.1 dev enp0s25
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1
172.22.1.0/24 dev br-mailcow proto kernel scope link src 172.22.1.1
192.168.6.0/24 dev enp0s25 proto kernel scope link src 192.168.6.2
$ cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug enp0s25
iface enp0s25 inet dhcp
# This is an autoconfigured IPv6 interface
iface enp0s25 inet6 dhcp
¿Por qué no se puede acceder al servidor 3, ya que tiene las mismas configuraciones que el servidor 2? ¿No debería estar disponible también una dirección IPv6 en las rutas?
atentamente