diff options
Diffstat (limited to 'content/writeups/wireguard_and_ipv6.md')
-rw-r--r-- | content/writeups/wireguard_and_ipv6.md | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/content/writeups/wireguard_and_ipv6.md b/content/writeups/wireguard_and_ipv6.md new file mode 100644 index 0000000..8d00cd9 --- /dev/null +++ b/content/writeups/wireguard_and_ipv6.md @@ -0,0 +1,56 @@ ++++ +title = "Wireguard and IPV6" +date = 2020-08-26 ++++ + +<section> + +## Preambule + +I decided to connect all my services and servers behind my domain controller, +which has a dedicated IPv4 and IPv6 address, and which basically host that +website. This would allow me to remotely manage and enjoy my infrastructure +when I'm away from my homelab. +</section> + +<section> + +## IPv6 journey + +When I first used WireGuard with my new OpenBSD vm on all my devices, i noticed +that my some of my requests towards specific services were not working anymore. +For instance, I spent some time trying to reach : + +- gitlab.com +- github.com +- ungleich.ch + +In fact, I had hard times accessing these services only when I was connected to +my WireGuard server (which has IPv4 and IPv6, with some default wireguard +settings I carried with me for six months), and only through my system dns. + +In fact I figured out that it happened only when I was under an IPv6 capable +router. + +### Solution ? + +Adding IPv6 subnet to server and clients configuration files. + +### Next ? + +Enable IPv6 routing in the domain controller, for a single-ip usage. +</section> + +<section> + +## *BSD routing +The default routing configuration does not allow my domain controller to reach +the **ungleich's infrastructure and services**. + +```bash +echo "\!/sbin/route add -inet 185.203.112/24 185.203.114.1" >> /etc/hostname.vio1 +``` + +Then I want to be able to access IPv6 only services when I'm using my wireguard +server (right now it only allows to force IPv4 to the client). +</section> |