Bering-uClibc 5.x - User Guide - IPv4 Networking

From bering-uClibc
Jump to: navigation, search
IPv4 Networking
Prev Bering-uClibc 5.x - User Guide Next

IPv4 Networking Overview

A default installation of Bering-uClibc 5.x has IPv4 networking enabled and configured as follows:

  • External Ethernet interface eth0 with an IPv4 address obtained using DHCP.
  • Internal Ethernet interface eth1 with static IPv4 address
  • Linux kernel iptables firewall code loaded.
  • Shorewall utility installed, for managing the iptables configuration.
  • Dnsmasq utility installed, providing DNS forwarding and a DHCP server.
  • Dropbear utility installed, providing an SSH server.
  • A small HTTP server installed, providing a web-based administration interface.

More information on configuring some of these features can be found in the Sub-Chapters.

Note that Bering-uClibc 5.x network configuration is almost identical to other Debian-based systems, so standard Debian documentation like might be useful.

IPv4 Networking Sub-Chapters

IPv6 Notes for IPv4 Users

By default, Bering-uClibc 5.x has some limited IPv6 features enabled. Specifically:

  • The ipv6.ko kernel Module is loaded automatically.
    • This means that every network interface will be given a "link local" IPv6 address (except for the loopback interface, lo, which is given a "host local" IPv6 address).
    • In addition, if an IPv6 router is configured on an interface (such as eth0) then that will be used to assign a "global" IPv6 address to the interface.
  • The ip6tables.lrp Package is installed, and Shorewall uses this to specify that IPv6 traffic should be DROPped.
    • This is if DISABLE_IPv6=Yes is specified in /etc/shorewall/shorewall.conf.
  • The shorwall6.lrp Package is installed (starting with LEAF Bering-uClibc 5.2.7).

In order to completely disable IPv6 it is necessary to prevent the ipv6.ko.gz kernel Module from being loaded. If required, the recommended way of doing that is to create the file /etc/modprobe.d/blacklist and add the following line:

blacklist ipv6

You also may remove shorwall6.lrp from leaf.cfg to save RAM and avoid error messages during boot.

Further information on configuring IPv6 can be found in the Next Chapter.

Prev Up Next