blob: 8d00cd9770de2f41a42d5456c5f285b989840c82 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
+++
title = "Wireguard and IPV6"
date = 2020-08-26
+++
<section>
## Preambule
I decided to connect all my services and servers behind my domain controller,
which has a dedicated IPv4 and IPv6 address, and which basically host that
website. This would allow me to remotely manage and enjoy my infrastructure
when I'm away from my homelab.
</section>
<section>
## IPv6 journey
When I first used WireGuard with my new OpenBSD vm on all my devices, i noticed
that my some of my requests towards specific services were not working anymore.
For instance, I spent some time trying to reach :
- gitlab.com
- github.com
- ungleich.ch
In fact, I had hard times accessing these services only when I was connected to
my WireGuard server (which has IPv4 and IPv6, with some default wireguard
settings I carried with me for six months), and only through my system dns.
In fact I figured out that it happened only when I was under an IPv6 capable
router.
### Solution ?
Adding IPv6 subnet to server and clients configuration files.
### Next ?
Enable IPv6 routing in the domain controller, for a single-ip usage.
</section>
<section>
## *BSD routing
The default routing configuration does not allow my domain controller to reach
the **ungleich's infrastructure and services**.
```bash
echo "\!/sbin/route add -inet 185.203.112/24 185.203.114.1" >> /etc/hostname.vio1
```
Then I want to be able to access IPv6 only services when I'm using my wireguard
server (right now it only allows to force IPv4 to the client).
</section>
|
