From 20b76ac80c2aa64128fef505c774ffda166b2a3c Mon Sep 17 00:00:00 2001 From: Bill Nottingham Date: Fri, 10 Sep 2004 15:40:18 +0000 Subject: fix IPv6 6to4 & NAT (#118928, , ) --- sysconfig/network-scripts/ifdown-ipv6 | 20 ++++++++++----- sysconfig/network-scripts/ifup-ipv6 | 23 +++++++++++------ sysconfig/network-scripts/network-functions-ipv6 | 32 ++++++++++++++++-------- 3 files changed, 51 insertions(+), 24 deletions(-) (limited to 'sysconfig/network-scripts') diff --git a/sysconfig/network-scripts/ifdown-ipv6 b/sysconfig/network-scripts/ifdown-ipv6 index 8feabb71..b9120134 100755 --- a/sysconfig/network-scripts/ifdown-ipv6 +++ b/sysconfig/network-scripts/ifdown-ipv6 @@ -4,14 +4,14 @@ # # # Taken from: -# (P) & (C) 2000-2002 by Peter Bieringer +# (P) & (C) 2000-2004 by Peter Bieringer # -# You will find more information in the IPv6-HowTo for Linux at -# http://www.bieringer.de/linux/IPv6/ +# You will find more information on the initscripts-ipv6 homepage at +# http://www.deepspace6.net/projects/initscripts-ipv6.html # # RHL integration assistance by Pekka Savola # -# Version 2002-10-30 +# Version 2004-09-02 # # Note: if called as (like normally) by /etc/sysconfig/network-scripts/ifdown # exit codes aren't handled by "ifdown" @@ -84,6 +84,13 @@ fi if [ -n "$IPV6TO4_IPV4ADDR" ]; then # Take special configured from config file (precedence 1) ipv4addr="$IPV6TO4_IPV4ADDR" + + # Get IPv4 address from interface first + ipv4addrlocal="`ipv6_get_ipv4addr_of_device $DEVICE`" + if [ -z "$ipv4addrlocal" ]; then + # Take configured from config file + ipv4addrlocal="$IPADDR" + fi else # Get IPv4 address from interface first (has precedence 2) ipv4addr="`ipv6_get_ipv4addr_of_device $DEVICE`" @@ -91,17 +98,18 @@ else # Take configured from config file (precedence 3) ipv4addr="$IPADDR" fi + ipv4addrlocal="$ipv4addr" fi # Get local IPv4 address of dedicated tunnel ipv4addr6to4local="`ipv6_get_ipv4addr_of_tunnel tun6to4 local`" -if [ -z "$ipv4addr" -o -z "$ipv4addr6to4local" ]; then +if [ -z "$ipv4addrlocal" -o -z "$ipv4addr6to4local" ]; then # no IPv4 addresses given, 6to4 sure not configured valid6to4config="no" else # Check against configured 6to4 tunnel to see if this interface was used before - if [ "$ipv4addr" != "$ipv4addr6to4local" ]; then + if [ "$ipv4addrlocal" != "$ipv4addr6to4local" ]; then # IPv4 address of interface does't match local tunnel address, interface was not used for current 6to4 setup valid6to4config="no" fi diff --git a/sysconfig/network-scripts/ifup-ipv6 b/sysconfig/network-scripts/ifup-ipv6 index c5b3c6d5..8422234b 100755 --- a/sysconfig/network-scripts/ifup-ipv6 +++ b/sysconfig/network-scripts/ifup-ipv6 @@ -4,14 +4,14 @@ # # # Taken from: -# (P) & (C) 2000-2002 by Peter Bieringer +# (P) & (C) 2000-2004 by Peter Bieringer # -# You will find more information in the IPv6-HowTo for Linux at -# http://www.bieringer.de/linux/IPv6/ +# You will find more information on the initscripts-ipv6 homepage at +# http://www.deepspace6.net/projects/initscripts-ipv6.html # # RHL integration assistance by Pekka Savola # -# Version 2002-11-14 +# Version 2004-03-21 # # Note: if called (like normally) by /etc/sysconfig/network-scripts/ifup # exit codes aren't handled by "ifup" @@ -173,10 +173,17 @@ if [ "$IPV6TO4INIT" = "yes" ]; then exit 1 fi - # Get IPv4 address for local 6to4 prefix calculation + # Get IPv4 address for global 6to4 prefix calculation if [ -n "$IPV6TO4_IPV4ADDR" ]; then # Take special configured from config file (precedence 1) ipv4addr="$IPV6TO4_IPV4ADDR" + + # Get local IPv4 address from interface + ipv4addrlocal="`ipv6_get_ipv4addr_of_device $DEVICE`" + if [ -z "$ipv4addrlocal" ]; then + # Take configured from config file + ipv4addrlocal="$IPADDR" + fi else # Get IPv4 address from interface first (has precedence 2) ipv4addr="`ipv6_get_ipv4addr_of_device $DEVICE`" @@ -184,7 +191,9 @@ if [ "$IPV6TO4INIT" = "yes" ]; then # Take configured from config file (precedence 3) ipv4addr="$IPADDR" fi + ipv4addrlocal="$ipv4addr" fi + if [ -n "$ipv4addr" ]; then if ! ipv6_test_ipv4_addr_global_usable $ipv4addr; then echo $"Given IPv4 address '$ipv4addr' is not globally usable" @@ -221,7 +230,7 @@ if [ "$IPV6TO4INIT" = "yes" ]; then fi fi - ipv6_add_6to4_tunnel tun6to4 $ipv4addr "" $tunnelmtu || exit 1 + ipv6_add_6to4_tunnel tun6to4 $ipv4addr "" $tunnelmtu $ipv4addrlocal || exit 1 # Add route to for compatible addresses (removed later again) ipv6_add_route "::/96" "::" tun6to4 @@ -260,7 +269,7 @@ if [ "$IPV6TO4INIT" = "yes" ]; then # Cleanup autmatically generated autotunnel (not needed for 6to4) ipv6_del_route "::/96" "::" tun6to4 - ipv6_del_addr_on_device tun6to4 "::$ipv4addr/128" + ipv6_del_addr_on_device tun6to4 "::$ipv4addrlocal/128" if [ "$IPV6_CONTROL_RADVD" = "yes" ]; then # RADVD is in use, so forwarding of IPv6 packets should be enabled, display warning diff --git a/sysconfig/network-scripts/network-functions-ipv6 b/sysconfig/network-scripts/network-functions-ipv6 index e5284411..677bafa0 100644 --- a/sysconfig/network-scripts/network-functions-ipv6 +++ b/sysconfig/network-scripts/network-functions-ipv6 @@ -3,12 +3,15 @@ # network-functions-ipv6 # # Taken from: network-functions-ipv6 -# (P) & (C) 1997-2002 by Peter Bieringer +# (P) & (C) 1997-2004 by Peter Bieringer # -# Version: 2002-11-12 +# You will find more information on the initscripts-ipv6 homepage at +# http://www.deepspace6.net/projects/initscripts-ipv6.html +# +# Version: 2004-03-21 # # Extended address detection is enabled, if 'ipv6calc' is installed -# Available here: http://www.bieringer.de/linux/IPv6/ipv6calc/ +# see here for more: http://www.deepspace6.net/projects/ipv6calc.html # # @@ -1004,25 +1007,27 @@ ipv6_create_6to4_relay_address() { ## Configure 6to4 tunneling up # $1: : only "tun6to4" is supported -# $2: : global address of local interface +# $2: : global IPv4 address of interface (will be used to generate 6to4 prefix) # $3: [] : for 6to4 prefix (optional, default is "::1") # $4: [] : MTU of tunnel device (optional, default is automatic) +# $5: [] : local IPv4 address of tunnel interface (required in case of 6to4 behind NAT) # return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem ipv6_add_6to4_tunnel() { local fn="ipv6_add_6to4_tunnel" local device=$1 - local localipv4=$2 - local localipv6to4suffix=$3 + local globalipv4=$2 + local globalipv6to4suffix=$3 local mtu=$4 + local localipv4=$5 if [ -z "$device" ]; then ipv6_log $"Missing parameter 'device' (arg 1)" err $fn return 1 fi - if [ -z "$localipv4" ]; then - ipv6_log $"Missing parameter 'local IPv4 address' (arg 2)" err $fn + if [ -z "$globalipv4" ]; then + ipv6_log $"Missing parameter 'global IPv4 address' (arg 2)" err $fn return 1 fi @@ -1032,18 +1037,23 @@ ipv6_add_6to4_tunnel() { return 1 fi + # Copy global IPv4 address to local if last one is not given + if [ -z "$localipv4" ]; then + localipv4="$globalipv4" + fi + ipv6_test || return 2 # Generate 6to4 address - local prefix6to4="`ipv6_create_6to4_prefix $localipv4`" + local prefix6to4="`ipv6_create_6to4_prefix $globalipv4`" if [ $? -ne 0 -o -z "$prefix6to4" ]; then return 3 fi - if [ -z "$localipv6to4suffix" ]; then + if [ -z "$globalipv6to4suffix" ]; then local address6to4="${prefix6to4}::1/16" else - local address6to4="${prefix6to4}::${localipv6to4suffix}/16" + local address6to4="${prefix6to4}::${globalipv6to4suffix}/16" fi ipv6_add_tunnel_device tun6to4 0.0.0.0 $address6to4 $localipv4 -- cgit v1.2.1