I decided to finally jump in to IPv6 with my devil-linux firewall. Using
latest stable version of 1.6.2 with the free IPv6 tunneling service from
Hurricane Electric where they will assign up to five /64 IPv6 networks.
I was not able to configure the LAN interface with an IPv6 address using
/etc/sysconfig/nic/ifcfg-ethX. Found that configuring the IPv6 address
using the IPV6ADDR variable did not work at boot. When one or more
addresses were configured, I received "RTNETLINK Operation not
permitted". However running same command after boot (ip -6 addr add
$v6addr dev $DEVICE) worked fine. Found problem due to "ipv6" module
was not loaded prior to configuring interface addresses.
The ipv6 module is loaded later on in /etc/init.d/network if
START_IPV6_ROUTING is turned on in master config. However, that is done
after the section to add IPv6 addresses (and routes) from the interface
config files.
I applied a workaround in boot.local to load ipv6 module in advance of
running network rc script. A better solution might be for the network
script to make sure ipv6 module is loaded prior to adding any IPv6
addresses or routes from the interface config files (similar to
START_IPV6_ROUTING section).
Let me know if I overlooked something that prevented me from having to
preload ipv6 module with boot.local. Be glad to assist with any
changes/testing.
- Rick
P.S. Appreciate efforts in maintaining devil-linux firewall. Been a
fan/content user for quite some time.
|
