Bering-uClibc 5.x - User Guide - IPv4 Networking
IPv4 Networking | ||
---|---|---|
Prev | Bering-uClibc 5.x - User Guide | Next |
IPv4 Networking Overview
A default installation of Bering-uClibc 5.x has IPv4 networking enabled and configured as follows:
- External Ethernet interface eth0 with an IPv4 address obtained using DHCP.
- Internal Ethernet interface eth1 with static IPv4 address 192.168.1.254.
- Linux kernel iptables firewall code loaded.
- Shorewall utility installed, for managing the iptables configuration.
- Dnsmasq utility installed, providing DNS forwarding and a DHCP server.
- Dropbear utility installed, providing an SSH server.
- A small HTTP server installed, providing a web-based administration interface.
More information on configuring some of these features can be found in the Sub-Chapters.
Note that Bering-uClibc 5.x network configuration is almost identical to other Debian-based systems, so standard Debian documentation like http://wiki.debian.org/NetworkConfiguration might be useful.
IPv4 Networking Sub-Chapters
- External Network Connections
- Internal Network Connections
- Configure Shorewall
- Configure Traffic Management
- Configure Dnsmasq
- Configure 802.1Q VLANs
IPv6 Notes for IPv4 Users
By default, Bering-uClibc 5.x has some limited IPv6 features enabled. Specifically:
- The
ipv6.ko
kernel Module is loaded automatically.- This means that every network interface will be given a "link local" IPv6 address (except for the loopback interface, lo, which is given a "host local" IPv6 address).
- In addition, if an IPv6 router is configured on an interface (such as eth0) then that will be used to assign a "global" IPv6 address to the interface.
- The
ip6tables.lrp
Package is installed, and Shorewall uses this to specify that IPv6 traffic should be DROPped.- This is if DISABLE_IPv6=Yes is specified in
/etc/shorewall/shorewall.conf
.
- This is if DISABLE_IPv6=Yes is specified in
- The
shorwall6.lrp
Package is installed (starting with LEAF Bering-uClibc 5.2.7).
In order to completely disable IPv6 it is necessary to prevent the ipv6.ko.gz
kernel Module from being loaded.
If required, the recommended way of doing that is to create the file /etc/modprobe.d/blacklist
and add the following line:
blacklist ipv6
You also may remove shorwall6.lrp
from leaf.cfg
to save RAM and avoid error messages during boot.
Further information on configuring IPv6 can be found in the Next Chapter.
Prev | Up | Next |