├── LICENSE ├── README.md ├── ipv6-dhclient-script.sh └── templates ├── CentOS6 └── etc_init.d_ipv6-dhclient ├── CentOS7 └── etc_systemd_system_ipv6-dhclient.service ├── Debian ├── etc_network_interfaces └── etc_sysctl.conf └── etc_dhcp_dhclient6.conf /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2015 Rubén Díaz 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | 23 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ipv6-dhclient-script 2 | Simple IPv6 configuration script for Debian (Ubuntu...) and RedHat (CentOS, Fedora...) based distros, mainly for [Online.net](http://www.online.net/) servers but valid for any network that provides IPv6 access through prefix delegation i.e. the static address is configured by the client and an identifier (DUID) is sent to the DHCP server in order to get functional routes. 3 | 4 | Dedicated servers provided by [Online.net](http://www.online.net/) won't come with IPv6 enabled by default so this makes things a bit easier specially when owning multiple servers and IPv6 needs to be enabled by hand in each one. 5 | 6 | The script has been successfully tested under: 7 | 8 | * Ubuntu Server 14.04 & 16.04 9 | * Debian 7 & 8 10 | * CentOS 6 & 7 11 | * Some Proxmox VE setups (see issue [#1](https://github.com/outime/ipv6-dhclient-script/issues/1) and [#2](https://github.com/outime/ipv6-dhclient-script/issues/2)) 12 | 13 | Just run the script and follow the instructions: 14 | 15 | `$ ./ipv6-dhclient-script.sh` 16 | 17 | You can also pass parameters straight away: 18 | 19 | `$ ./ipv6-dhclient-script.sh
` 20 | 21 | Some questions were answered [in a LowEndTalk thread](http://www.lowendtalk.com/discussion/40695/ipv6-dhclient-auto-configuration-script-online-net) although I really encourage you to open an issue [here](https://github.com/outime/ipv6-dhclient-script/issues/new) instead of posting there. 22 | -------------------------------------------------------------------------------- /ipv6-dhclient-script.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # ipv6-dhclient-script - https://github.com/outime/ipv6-dhclient-script/ 3 | 4 | INTERFACE=$1 5 | BLOCK_ADDR=$2 6 | BLOCK_SUBNET=$3 7 | BLOCK_DUID=$4 8 | 9 | DEFAULT_INTERFACE=`ip route get 8.8.8.8 | awk '{print $5; exit}'` 10 | 11 | write_from_template () { 12 | sed -e "s/{{INTERFACE}}/$INTERFACE/g" -e "s/{{BLOCK_ADDR}}/$BLOCK_ADDR/g" -e "s/{{BLOCK_SUBNET}}/$BLOCK_SUBNET/g" -e "s/{{BLOCK_DUID}}/$BLOCK_DUID/g" templates/$1 >> $2 13 | } 14 | 15 | err_exit () { 16 | echo "$1" >&2 17 | exit 1 18 | } 19 | 20 | if [[ "$(id -u)" != 0 ]]; then 21 | err_exit "Sorry, you need to run this as root." 22 | fi 23 | 24 | if [[ -e /etc/debian_version ]]; then 25 | RELEASE=$(cat /etc/debian_version) 26 | DISTRO="Debian" 27 | elif [[ -f /etc/centos-release ]]; then 28 | RELEASE=$(rpm -q --queryformat '%{VERSION}' centos-release) 29 | DISTRO="CentOS${RELEASE}" 30 | else 31 | err_exit "This distribution type or version is not supported." 32 | fi 33 | 34 | while : 35 | do 36 | clear 37 | if ! [[ -f /proc/net/if_inet6 ]]; then 38 | err_exit "Seems that IPv6 is not supported by your kernel or the module is not loaded (is it blacklisted?)." 39 | fi 40 | 41 | echo "WARNING: Network will restart at the end of this script so any existing connections will be dropped!" 42 | 43 | while [[ $INTERFACE = "" ]]; do 44 | read -e -p "Interface where IPv6 will be enabled: " -i $DEFAULT_INTERFACE INTERFACE 45 | done 46 | 47 | CURRENT_IPV6=$(ip addr show dev $INTERFACE | sed -e's/^.*inet6 \([^ ]*\)\/.*$/\1/;t;d') 48 | if [[ $? -eq 0 ]]; then 49 | echo "You have the following IPv6 addreses configured for $INTERFACE:" 50 | echo "$CURRENT_IPV6" 51 | read -e -p "Continue? [Y/n]: " -i "Y" SKIP 52 | if ! [[ $SKIP =~ ^([yY][eE][sS]|[yY])$ ]]; then 53 | exit 1 54 | fi 55 | fi 56 | 57 | while [[ $BLOCK_ADDR = "" ]]; do # to be replaced with regex 58 | read -p "Your IPv6 block address (e.g. 2001:bb8:3e23:200::): " BLOCK_ADDR 59 | done 60 | 61 | while ! [[ $BLOCK_SUBNET =~ ^[0-9]+$ ]]; do 62 | read -p "Subnet for your block (e.g. if it's /56, input 56): " BLOCK_SUBNET 63 | done 64 | 65 | while [[ $BLOCK_DUID = "" ]]; do # to be replaced with regex 66 | read -p "Associated DUID (e.g. 00:03:00:00:34:b0:0c:47:4a:0e): " BLOCK_DUID 67 | done 68 | 69 | echo "Working..." 70 | 71 | if [[ $DISTRO = "Debian" ]]; then 72 | write_from_template Debian/etc_network_interfaces /etc/network/interfaces 73 | elif [[ $DISTRO = "CentOS6" ]]; then 74 | write_from_template CentOS6/etc_init.d_ipv6-dhclient /etc/init.d/ipv6-dhclient 75 | chmod +x /etc/init.d/ipv6-dhclient 76 | elif [[ $DISTRO = "CentOS7" ]]; then 77 | write_from_template CentOS7/etc_systemd_system_ipv6-dhclient.service /etc/systemd/system/ipv6-dhclient.service 78 | fi 79 | 80 | write_from_template etc_dhcp_dhclient6.conf /etc/dhcp/dhclient6.conf 81 | 82 | if [[ $DISTRO = "Debian" ]]; then 83 | sysctl -w net.ipv6.conf.$INTERFACE.autoconf=0 84 | write_from_template Debian/etc_sysctl.conf /etc/sysctl.conf 85 | ifdown $INTERFACE && ifup $INTERFACE 86 | if [ $? -ne 0 ]; then 87 | ifup $INTERFACE # see https://git.io/vbKYM 88 | fi 89 | elif [[ $DISTRO = "CentOS6" ]]; then 90 | chkconfig --add ipv6-dhclient 91 | service ipv6-dhclient start 92 | elif [[ $DISTRO = "CentOS7" ]]; then 93 | systemctl enable ipv6-dhclient 94 | systemctl restart ipv6-dhclient 95 | fi 96 | 97 | if [[ $DISTRO != "Debian" ]] || [[ $DISTRO = "Debian" && $VERSION != "6*" ]]; then # TODO: Support for loading IPv6 rules on boot for Debian Squeeze 98 | echo "Would you like to limit DHCP client traffic to prevent accidental UDP flood towards your provider?" 99 | echo "This will enable iptables, add a few rules and load them on boot along with other existing rules." 100 | if [[ $DISTRO = "Debian" ]]; then echo "This will install an additional package (iptables-persistent)."; fi 101 | read -e -p "Limit traffic? [Y/n]: " -i "Y" SKIP 102 | if [[ $SKIP =~ ^([yY][eE][sS]|[yY])$ ]]; then 103 | ip6tables -A OUTPUT -p udp --dport 547 -m limit --limit 10/min --limit-burst 5 -j ACCEPT 104 | ip6tables -A OUTPUT -p udp --dport 547 -j DROP 105 | if [[ $DISTRO = "Debian" ]]; then 106 | ip6tables-save > /etc/iptables/rules.v6 107 | apt update -q && apt install -y iptables-persistent 108 | elif [[ $DISTRO = "CentOS*" ]]; then 109 | ip6tables-save > /etc/sysconfig/ip6tables 110 | chkconfig iptables on 111 | fi 112 | fi 113 | fi 114 | 115 | echo "Testing IPv6 connectivity..." 116 | IPV6_TEST=$(ping6 -c 8 ipv6.google.com | grep 'received' | awk -F',' '{ print $2 }' | awk '{ print $1 }') 117 | if [[ $IPV6_TEST > 0 ]]; then 118 | echo "Success!" 119 | else 120 | err_exit "Something went wrong :(" 121 | fi 122 | done 123 | -------------------------------------------------------------------------------- /templates/CentOS6/etc_init.d_ipv6-dhclient: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # ipv6-dhclient Created by https://github.com/outime/ipv6-dhclient-script 4 | # chkconfig: 2345 11 89 5 | # description: ipv6-dhclient startup script 6 | 7 | # Source function library. 8 | . /etc/init.d/functions 9 | 10 | RETVAL=0 11 | prog="ipv6-dhclient" 12 | LOCKFILE=/var/lock/subsys/$prog 13 | 14 | INTERFACE={{INTERFACE}} 15 | BLOCK_ADDR={{BLOCK_ADDR}} 16 | BLOCK_SUBNET={{BLOCK_SUBNET}} 17 | 18 | start() { 19 | echo -n "Starting $prog: " 20 | /sbin/dhclient -cf /etc/dhcp/dhclient6.conf -pf /var/run/dhclient6.$INTERFACE.pid -6 -P $INTERFACE && \ 21 | /sbin/ifconfig $INTERFACE inet6 add $BLOCK_ADDR/$BLOCK_SUBNET && \ 22 | success || failure 23 | RETVAL=$? 24 | [ $RETVAL -eq 0 ] && touch $LOCKFILE 25 | echo 26 | return $RETVAL 27 | } 28 | 29 | stop() { 30 | echo -n "Shutting down $prog: " 31 | /usr/bin/killall dhclient && \ 32 | /sbin/ifconfig $INTERFACE inet6 del $BLOCK_ADDR/$BLOCK_SUBNET && \ 33 | success || failure 34 | RETVAL=$? 35 | [ $RETVAL -eq 0 ] && rm -f $LOCKFILE 36 | echo 37 | return $RETVAL 38 | } 39 | 40 | case "$1" in 41 | start) 42 | start 43 | ;; 44 | stop) 45 | stop 46 | ;; 47 | status) 48 | ;; 49 | restart) 50 | stop 51 | start 52 | ;; 53 | *) 54 | echo "Usage: $prog {start|stop|status|restart}" 55 | exit 1 56 | ;; 57 | esac 58 | exit $RETVAL 59 | -------------------------------------------------------------------------------- /templates/CentOS7/etc_systemd_system_ipv6-dhclient.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description={{INTERFACE}} IPv6 3 | After=network.target 4 | 5 | [Service] 6 | Type=oneshot 7 | RemainAfterExit=yes 8 | ExecStart=/usr/sbin/dhclient -cf /etc/dhcp/dhclient6.conf -pf /run/dhclient6.{{INTERFACE}}.pid -6 -P {{INTERFACE}} 9 | ExecStart=/usr/sbin/ifconfig {{INTERFACE}} inet6 add {{BLOCK_ADDR}}/{{BLOCK_SUBNET}} 10 | 11 | ExecStop=/usr/bin/killall dhclient 12 | ExecStop=/usr/sbin/ifconfig {{INTERFACE}} inet6 del {{BLOCK_ADDR}}/{{BLOCK_SUBNET}} 13 | 14 | [Install] 15 | WantedBy=multi-user.target 16 | -------------------------------------------------------------------------------- /templates/Debian/etc_network_interfaces: -------------------------------------------------------------------------------- 1 | 2 | iface {{INTERFACE}} inet6 static 3 | address {{BLOCK_ADDR}} 4 | netmask {{BLOCK_SUBNET}} 5 | accept_ra 1 6 | pre-up dhclient -cf /etc/dhcp/dhclient6.conf -pf /run/dhclient6.{{INTERFACE}}.pid -6 -P {{INTERFACE}} 7 | pre-down dhclient -x -pf /run/dhclient6.{{INTERFACE}}.pid 8 | -------------------------------------------------------------------------------- /templates/Debian/etc_sysctl.conf: -------------------------------------------------------------------------------- 1 | net.ipv6.conf.{{INTERFACE}}.autoconf=0 2 | net.ipv6.conf.{{INTERFACE}}.accept_ra=2 3 | net.ipv6.conf.default.forwarding=1 4 | net.ipv6.conf.all.forwarding=1 5 | net.ipv6.conf.default.proxy_ndp=1 6 | net.ipv6.conf.all.proxy_ndp=1 7 | -------------------------------------------------------------------------------- /templates/etc_dhcp_dhclient6.conf: -------------------------------------------------------------------------------- 1 | interface "{{INTERFACE}}" { 2 | send dhcp6.client-id {{BLOCK_DUID}}; 3 | request; 4 | } 5 | --------------------------------------------------------------------------------