Ideal way to Enable IPv6 in Debian Squeeze for Mandos Deployment
Zenny
garbytrash at gmail.com
Tue Dec 4 17:48:46 CET 2012
Hi:
I have been trying to deploy Mandos server-client pair which
authenticates between each other while rendering mandos client
services to other clients in the network.
I have installed debian squeeze (6.0.6) in two qemu instances behind
NAT which can talk to each other. I use a script from
http://wiki.qemu.org/Documentation/Networking/NAT#Script which
broadcast IPv4 addresses using a br0 device and qemu starts with a tap
device.
However, I was recently told that Mandos requires IPv6 enabled.
So far I did the following to enable it:
# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 52:54:00:12:34:56
inet addr:192.168.53.160 Bcast:192.168.53.255 Mask:255.255.255.0
inet6 addr: fe80::5054:ff:fe12:3456/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:268 errors:0 dropped:0 overruns:0 frame:0
TX packets:201 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:22377 (21.8 KiB) TX bytes:26734 (26.1 KiB)
Interrupt:11 Base address:0xc000
IPv6 enabled in avahi:
# cat /etc/avahi/avahi-daemon.conf | grep ipv6
use-ipv6=yes
##publish-a-on-ipv6=no
Prioritized ipv6 in nsswitch.conf:
# cat /etc/nsswitch.conf | grep mdns
##hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
hosts: files mdns_minimal [NOTFOUND=return] dns
Installed rdnssd:
#aptitude install rdnssd
To filter network flow:
# aptitude install iptables iptables-persistent radvd
Appended IPv6 forward in sysctl.conf
#echo "net.ipv6.conf.default.forwarding=1" >> /etc/sysctl.conf
Can anyone tell me what else that I need to configure to make the pair
work? Whether this should be done both in the server running
mandos-server and mandos-client or only in mandos-server?
Still not working. :-(
Any help will be appreciated!
/zenny
More information about the Mandos-Dev
mailing list