Web lists-archives.com

Re: [Samba] Specifying an IPv6 wildcard in the interfaces directive?




If you really really dont need/want ipv6 and your using a systemd os, then configure it correctly,
I'll show the systemd setup. 

It gives ipv6 on localhost [::1] for compatibily but no ipv6 on the interface configured. 
None! 

By example. 

# ( Tested on Debian 9/10 and Ubuntu 18.04 )
#/etc/systemd/network/20-wired-dev.network
[Match]
# Define you interace name here.
Name=eth0
# Optional MAC Address
#MACAddress=

[Network]
#DHCP=yes  # Link is configured when either DHCPv4 or DHCPv6 succeed
#DHCP=ipv4 # Link is configured only when DHCPv4 succeeds
#DHCP=ipv6 # Link is configured only when DHCPv6 succeeds
#DHCP=no   # Neither DHCPv4 or DHCPv6 is attempted
# we disablel DHCP completely.
DHCP=no

# networkd supports disabling IPv6 on a per-interface basis.
#LinkLocalAddressing=no or ipv4 and networkd will not try to configure IPv6 on the matching interfaces.
#Default : LinkLocalAddressing=ipv6
# This avoids the dynamicly configured ipv6. 
LinkLocalAddressing=no

# Networkd will still be expecting to receive router advertisements if IPv6 is not disabled globally.
# If IPv6 traffic is not being received by the interface (e.g. due to sysctl or ip6tables settings),
# it will remain in the configuring state and potentially cause timeouts for services waiting
# for the network to be fully configured.
IPv6AcceptRA=no

# Note, ip 192.168.0.1 and .2 are the DC's (DNS and NTP) in this example.
# The search line in resolv.conf
Domains=your_primary.dnsdomain.tld
# The nameserver lines in resolv.conf
DNS=192.168.0.1
DNS=192.168.0.2

# ! Members and stand alone for use of systemd-timedate 
NTP=192.168.0.1
NTP=192.168.0.2

# The primary ip and subnet mask of this server.
[Address]
Address=192.168.0.100/24

# Some routes to define, the first here is the default route. 
[Route]
Destination=0.0.0.0/0
Gateway=192.168.0.1

# optional other routes.
#[Route]
#Destination=192.168.100.0/24
#Gateway=192.168.0.1

After setting this run : 
Backup the old interfaces file. 
mv /etc/network/interfaces /etc/network/interfaces.backup

# unmask and enable then start the network. 
systemctl unmask systemd-networkd
systemctl enable systemd-networkd
systemctl restart systemd-networkd

And this: 
systemctl status systemd-networkd
Should show the loging like this : 
Apr 18 13:12:21 srv-a1 systemd[1]: Starting Network Service...
Apr 18 13:12:22 srv-a1 systemd-networkd[440]: Enumeration completed
Apr 18 13:12:22 srv-a1 systemd[1]: Started Network Service.
Apr 18 13:12:22 srv-a1 systemd-networkd[440]: eth0: IPv6 successfully disabled
Apr 18 13:12:22 srv-a1 systemd-networkd[440]: eth0: Gained carrier
Apr 18 13:12:22 srv-a1 systemd-networkd[440]: eth0: Configured


networkctl status eth0
You MUST see:     State: routable (configured)
And note, wait about 30 sec before you check it. 
If the state does not show configured, then something's off. 
Its key to have the correct! 


Or... Be lazy and use : 
https://raw.githubusercontent.com/thctlo/debian-scripts/master/setup-systemd-networkd.sh 
That converts a DHCP setup to static, just note, it only creates the files 

Please be take note also of this. 

You will have 2 ! Ipv6 ipnumbers, normaly. 
The one assigned dynamicly ( which is a conversion of you ipv4 number to ipv6) 
And a real ipv6 number. 

My setup aims on the real ipv4 and real ipv6. 
I disable the dynamicly assinged ipv6 numbers. 

Good luck, questions, just ask. 

Louis


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces@xxxxxxxxxxxxxxx] Namens 
> Manfred via samba
> Verzonden: zondag 21 april 2019 16:39
> Aan: samba@xxxxxxxxxxxxxxx
> Onderwerp: Re: [Samba] Specifying an IPv6 wildcard in the 
> interfaces directive?
> 
> 
> 
> On 4/21/19 1:04 AM, Jeff Morris via samba wrote:
> > On 4/20/2019 1:08 PM, Nico Kadel-Garcia wrote:
> >> On Sat, Apr 20, 2019 at 3:32 PM Jeff Morris via samba
> >> <samba@xxxxxxxxxxxxxxx> wrote:
> >>> My network uses reserved IPv4 addresses (192.168.2.0/24) 
> behind a NAT
> >>> firewall, but public IPv6 addresses behind a filtering firewall.
> >>>
> >>> My ISP (Comcast) assigns both IPv4 and IPv6 addresses dynamically.
> >>>
> >>> As a result, the IPv4 address of my internal Samba server 
> is statically
> >>> assigned, but its IPv6 address is dynamically assigned.
> >> Why can't your internal DHCP server assign reserved IP addresses,
> >> suitable to a non-routable address space?
> > 
> > Well, of course it *can*, and indeed that's what I'm doing 
> for IPv4. 
> > However, best practices recommend not using NAT for IPv6. 
> One of the 
> > main driving factors toward the global migration to IPv6 is 
> so we can 
> > have a "flat"  Internet again, with enough address space to 
> allow all 
> > devices to be individually addressable, like we did years 
> ago with IPv4 
> > (yes, I'm old enough to remember) :-), and get away from NAT, 
> > port-forwarding, and all the other horrible kludges that have been 
> > implemented over the years to try to compensate for the 
> exhaustion of 
> > the IPv4 address space.
> 
> In the ideal world where all is IPV6 without NAT, how would you 
> configure your server with its two addresses (which must expose 
> different services), while delegating all address assignments 
> to your ISP?
> To my understanding NAT is not only meant to "compensate for the 
> exhaustion of the IPv4 address space", but also (and possibly more 
> importantly) to separate the architecture of public and 
> private networks.
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
> 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba