HI.
On Fri, Nov 23, 2018 at 03:07:01PM +0100, tony wrote:
> Thanks for your quick response, Reco,
>
> On 23/11/2018 13:33, Reco wrote:
> > Hi.
> >
> > On Fri, Nov 23, 2018 at 01:18:45PM +0100, tony wrote:
> >> Hi,
> >>
> >> I have a Stretch VPServer with a /64 netbloch, of which only the first 2
> >> addresses are used. I've been struggling for some time to get the right
> >> stanza to split that into two /65s, using the upper half for openvpn.
> >
> > I'd check first that some other addresses from this /64 range are routed
> > by your VPS provider.
> >
> I'm not sure I understand what you mean. As far as I'm aware, my VPS
> provider furnishes a full native /64 netblock for my exclusive use.
> They'll provide more, at a cost, but I see no point in that.
> >
> [snip]
Assign some other IPv6 address from your range to your VPS.
Ensure that it's reachable from the outside world.
For instance, I do not get any response from your gateway while I'm
pinging 2a03:9800:10:54::dead (which you do not have), and get a reply
from 2a03:9800:10:54::2 (which belongs to your VPS).
> > Ad-hoc configuration:
> >
> > ### check this on your OS!
> > # ip a d igb0 2001:db8:0:123::/64
> > # ip a a igb0 2001:db8:0:123::/65
> > ###
> > ### re-assign the other aliases previously set under the /64 block
> > # ip a a igb0 2001:db8:0:123::dead/128
> > # ip a a igb0 2001:db8:0:123::ea:beef/128
> >
> I'm not using any addresses other than the ::1 and ::2 in the /64 block,
> so presumably the last two lines are redundant.
Yes, you do not need them.
> > As for the persistent configuration, that depends on the contents of
> > /etc/network/interfaces. Can be static (it's straightforward then),
> > DHCPv6 (you won't be able to do the split) or RA (ditto).
> >
> No, it's all static:
That simplifies things greatly.
Replace this:
iface eth0 inet6 static
address 2a03:9800:10:54::2
netmask 64
gateway 2a03:9800:10:54::1
with this:
iface eth0 inet6 static
address 2a03:9800:10:54::2
netmask 65
gateway 2a03:9800:10:54::1
Leave all the other entries intact.
Then invoke this as root (one-time only):
ip a d dev eth0 2a03:9800:10:54::2/64
ip a a dev eth0 2a03:9800:10:54::2/65
ip ro d default via 2a03:9800:10:54::1
> So what is igb0?
A name of interface that's used in OpenVPN documentation. Yours is called eth0.
> What do you mean by ad-hoc and persistent configuration?
ad-hoc means that you're using certain OS binaries (in this case - ip)
to create a network configuration that does not survive the reboot.
persistent means the opposite - you're trying to create a configuration
that should reproduce itself after the reboot (in this case - e/n/i).
Reco
